Группа :: Разработка/Прочее
Пакет: java-1.8.0-openjdk
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
24 августа 2023 Andrey Cherepanov <cas at altlinux.org> 0:1.8.0.382.b05-alt0_1jpp8
- New version.
- Seciruty fixes:
+ CVE-2023-22045
+ CVE-2023-22049 - Removed implicit requirements.
- New version.
- Seciruty fixes:
+ CVE-2023-21930
+ CVE-2023-21937
+ CVE-2023-21938
+ CVE-2023-21939
+ CVE-2023-21954
+ CVE-2023-21967
+ CVE-2023-21968
- New version.
- Seciruty fixes:
+ CVE-2023-21830
+ CVE-2023-21843
- New version.
- Seciruty fixes:
+ JDK-8286526, CVE-2022-21619: Improve NTLM support
+ JDK-8286533, CVE-2022-21626: Key X509 usages
+ JDK-8286910, CVE-2022-21624: Improve JNDI lookups
+ JDK-8286918, CVE-2022-21628: Better HttpServer service
- New version.
- New version.
- New version.
- Seciruty fixes:
+ JDK-8281859, CVE-2022-21540: Improve class compilation
+ JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
+ JDK-8285407, CVE-2022-34169: Improve Xalan supports
- New version.
- New version.
- Seciruty fixes:
+ JDK-8270504, CVE-2022-21426: Better XPath expression handling
+ JDK-8275151, CVE-2022-21443: Improved Object Identification
+ JDK-8277672, CVE-2022-21434: Better invocation handler handling
+ JDK-8278008, CVE-2022-21476: Improve Santuario processing
+ JDK-8278972, CVE-2022-21496: Improve URL supports
- New version.
- New version.
- Security fixes:
+ JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
+ JDK-8268488: More valuable DerValues
+ JDK-8268494: Better inlining of inlined interfaces
+ JDK-8268512: More content for ContentInfo
+ JDK-8268795: Enhance digests of Jar files
+ JDK-8268801: Improve PKCS attribute handling
+ JDK-8268813, CVE-2022-21283: Better String matching
+ JDK-8269151: Better construction of EncryptedPrivateKeyInfo
+ JDK-8269944: Better HTTP transport redux
+ JDK-8270392, CVE-2022-21293: Improve String constructions
+ JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
+ JDK-8270492, CVE-2022-21282: Better resolution of URIs
+ JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
+ JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
+ JDK-8271962: Better TrueType font loading
+ JDK-8271968: Better canonical naming
+ JDK-8271987: Manifest improved manifest entries
+ JDK-8272014, CVE-2022-21305: Better array indexing
+ JDK-8272026, CVE-2022-21340: Verify Jar Verification
+ JDK-8272236, CVE-2022-21341: Improve serial forms for transport
+ JDK-8272272: Enhance jcmd communication
+ JDK-8272462: Enhance image handling
+ JDK-8273290: Enhance sound handling
+ JDK-8273748, CVE-2022-21349: Improve Solaris font rendering
+ JDK-8273756, CVE-2022-21360: Enhance BMP image support
+ JDK-8273838, CVE-2022-21365: Enhanced BMP processing
- FTBFS: fixed linking libraries.
- New version.
- New version.
- Ignore possible fail of %post scriptlet (ALT #41264).
- Optionally disable %check by default.
- New version.
- Security fixes:
+ CVE-2021-35588 InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0
+ CVE-2021-35550 Update the default enabled cipher suites preference
+ CVE-2021-35565 com.sun.net.HttpsServer spins on TLS session close
+ CVE-2021-35556 Richer Text Editors
+ CVE-2021-35559 Enhanced style for RTF kit
+ CVE-2021-35561 Better hashing support
+ CVE-2021-35564 Improve Keystore integrity
+ CVE-2021-35567 More Constrained Delegation
+ CVE-2021-35578 Improve TLS client handshaking
+ CVE-2021-35586 Better BMP support
+ CVE-2021-35603 Better session identification
- New version.
- New version.
- Remove nss-softokn mentions.
- New version.
- New version.
- New version
- FTBFS: disable LTO.
- New version
- Security fixes since 1.8.0.282.b08-alt1_0jpp8:
+ CVE-2021-2341: Improve file transfers
+ CVE-2021-2369: Better jar file validation
+ CVE-2021-2388: Enhance compiler validation
+ CVE-2021-2163: Enhance opening JARs
+ CVE-2021-2161: Less ambiguous processing - Remove accessibility packages
- New version (ALT #39635)
- Require ca-trust-java instead of ca-trust (ALT #35690)
- Package nss.cfg
- Security fixes since 1.8.0.212.b04-alt2_0jpp8:
+ JDK-8247619 Improve Direct Buffering of Characters
+ CVE-2020-14779 Enhance support of Proxy class.
+ CVE-2020-14781 Enhanced LDAP contexts.
+ CVE-2020-14782 Enhance certificate processing.
+ CVE-2020-14792 Better range handling.
+ CVE-2020-14796 Improved URI Support.
+ CVE-2020-14797 Better Path Validation.
+ CVE-2020-14798 Enhanced buffer support.
+ CVE-2020-14803 Improved Buffer supports.
+ CVE-2020-14779 Enhance support of Proxy class
+ CVE-2020-14781 Enhanced LDAP contexts
+ CVE-2020-14782 Enhance certificate processing
+ CVE-2020-14792 Better range handling
+ CVE-2020-14796 Improved URI Support
+ CVE-2020-14797 Better Path Validation
+ CVE-2020-14798 Enhanced buffer support
+ CVE-2020-14803 Improved Buffer supports
+ CVE-2020-14579 NullPointerException in DerValue.equals(DerValue)
+ CVE-2020-14578 NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString()
+ CVE-2020-14556 Better ForkJoinPool behavior
+ CVE-2020-14577 Enhance certificate verification
+ CVE-2020-14581 Better matrix operations
+ CVE-2020-14583 Better Buffer support
+ CVE-2020-14593 Less Affine Transformations
+ CVE-2020-14621 Better XML namespace handling
+ CVE-2020-2754 Forward references to Nashorn
+ CVE-2020-2755 Improve Nashorn matching
+ CVE-2020-2756 Better mapping of serial ENUMs
+ CVE-2020-2757 Less Blocking Array Queues
+ CVE-2020-2773 Better signatures in XML
+ CVE-2020-2781 Improve TLS session handling
+ CVE-2020-2800 Better Headings for HTTP Servers
+ CVE-2020-2803 Enhance buffering of byte buffers
+ CVE-2020-2805 Enhance typing of methods
+ CVE-2020-2830 Better Scanner conversions
+ CVE-2019-2933 Windows file handling redux.
+ CVE-2019-2945 Better socket support.
+ CVE-2019-2949 Better Kerberos ccache handling.
+ CVE-2019-2958 Build Better Processes.
+ CVE-2019-2964 Better support for patterns.
+ CVE-2019-2962 Better Glyph Images.
+ CVE-2019-2973 Better pattern compilation.
+ CVE-2019-2975 Unexpected exception in jjs.
+ CVE-2019-2978 Improved handling of jar files.
+ CVE-2019-2981 Better Path supports.
+ CVE-2019-2983 Better serial attributes.
+ CVE-2019-2987 Better rendering of native glyphs.
+ CVE-2019-2988 Better Graphics2D drawing.
+ CVE-2019-2989 Improve TLS connection support.
+ CVE-2019-2992 Enhance font glyph mapping.
+ CVE-2019-2999 Commentary on Javadoc comments.
+ CVE-2019-2894 Enhance ECDSA operations.
+ CVE-2019-2745 Improved ECC Implementation.
+ CVE-2019-2762 Exceptional throw cases.
+ CVE-2019-2766 Improve file protocol handling.
+ CVE-2019-2769 Better copies of CopiesList.
+ CVE-2019-2786 More limited privilege usage.
+ CVE-2019-7317 Improve PNG support options.
+ CVE-2019-2816 Normalize normalization.
+ CVE-2019-2842 Extended AES support.
- Remove crypto policy support that disable TLS1.3 (ALT #38170)
- added alternatives for keytool, policytool, etc
- new version
- use zerg@'s hack for armh
- new version
- new alternatives layout
- new version
- added provides, cleaned up desktop files
- new version
- new version
- NMU: fixed build with gcc-8.
- new version
- require java-1.8.0-openjdk for build on all platforms
- built for aarch64
- merged e2k support
- removed obsolete exports in jvmjardir
- removed obsolete security policy alternatives in _jvmprivdir
- added java-1.x.0-openjdk alternative in jvmdir
- fixed /usr/bin/java provides (closes: #32531)
- new version
- Fixed build with gcc-6
- dropped dependency on maven-local in javadoc
- trimmed desktop names (closes: #32463)
- hack around mkimage
- cleaned parasyte dep on /usr/bin/java
- dropped dependency on maven-local
- new version
- TODO: add java8 support to tzdata and use system-wide tzdata-java
- new version