[ubuntu/disco-security] openjdk-8 8u222-b10-1ubuntu1~19.04.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Jul 30 23:09:59 UTC 2019

openjdk-8 (8u222-b10-1ubuntu1~19.04.1) disco-security; urgency=medium

  * Backport from Eoan.

openjdk-8 (8u222-b10-1ubuntu2) eoan; urgency=medium

  * Improve and fix build tests and autopkgtests:
    - Update debian/tests/hotspot,jdk,langtools to ignore
      jtreg-autopkgtest.sh return code.
    - Create debian/tests/jtdiff-autopkgtest.in as it depends
      on debian/rules variables.
    - debian/tests/jtreg-autopkgtest.sh:
      + Enable retry of failed tests to trim out flaky tests.
      + Fix unbound variable.
      + Force JT_JAVA otherwise jtreg will look for
        /usr/lib/jvm/default-java which might not be installed
        or be the right JVM to use.
      + Keep .jtr files from failed tests only.
    - debian/tests/jtdiff-autopkgtest.sh:
      + Fail only if an actual regression is detected.
      + Force JT_JAVA otherwise jtreg will look for
        /usr/lib/jvm/default-java which might not be installed
        or be the right JVM to use.
      + Add the super-diff comparison from jtdiff.
    - debian/rules:
      + Preserve all JTreport directories in the test output
      + Use JDK_DIR instead of JDK_TO_TEST for autopkgtest
      + Package all .jtr files from JTwork as jtreg-autopkgtest.sh
        makes sure it contains only failing tests.

openjdk-8 (8u222-b10-1) unstable; urgency=high

  * Update to 8u222-b10 (except for AArch32, updated to b08).
    - Security fixes:
      - S8191073: JpegImageReader throws IndexOutOfBoundsException when
        trying to read image data from tables-only image.
      - S8208698, CVE-2019-2745: Improved ECC Implementation.
      - S8212328, CVE-2019-2762: Exceptional throw cases.
      - S8213431, CVE-2019-2766: Improve file protocol handling.
      - S8213432, CVE-2019-2769: Better copies of CopiesList.
      - S8216381, CVE-2019-2786: More limited privilege usage.
      - S8217563: Improve realm maintenance.
      - S8218863: Better endpoint checks.
      - S8218873: Improve JSSE endpoint checking.
      - S8218876, CVE-2019-7317: Improve PNG support options.
      - S8219018: Adjust positions of glyphs.
      - S8219020: Table alternate substitutions.
      - S8219775: Certificate validation improvements.
      - S8220192: Better outlook for SecureRandom.
      - S8220517: Enhanced GIF support.
      - S8221518, CVE-2019-2816: Normalize normalization.
      - S8223511, CVE-2019-2842: Extended AES support.

  [ Matthias Klose ]
  * Bump standards version.

  [ Tiago Stürmer Daitx ]
  * Backport fix for S8223511 for AArch32.

openjdk-8 (8u222-b07-3) unstable; urgency=medium

  * Upload to unstable.

openjdk-8 (8u222-b07-2) experimental; urgency=medium

  * Remove AArch32 patches, applied upstream.
  * Fix build dependencies for Ubuntu precise builds.

openjdk-8 (8u222-b07-1) experimental; urgency=medium

  * Update to 8u222-b07.

openjdk-8 (8u222-b05-1) experimental; urgency=medium

  [ Matthias Klose ]
  * Update to 8u222-b05 (except for AArch32).
  * Apply suggested hotspot fixes for AArch32.
  * Re-enable running the testsuite.

  [ Tiago Stürmer Daitx ]
  * Find any hs_err_pid files generated during the build and send to stdout.

openjdk-8 (8u222-b04-3) experimental; urgency=medium

  * Update ARM32 to jdk8u222-b04-aarch32-190603.
  * Regenerate the ppc64el patch.
  * Remove unused patches ppc64le-8036767 and zero-opt.

openjdk-8 (8u222-b04-1) experimental; urgency=medium

  * Update to 8u222-b04.
  * Update ARM32 to jdk8u212-b04-aarch32-190430.
  * Fix 32bit zero builds.

openjdk-8 (8u212-b03-3) UNRELEASED; urgency=medium

  * Use -a instead of -s for debhelper tools.

openjdk-8 (8u212-b03-2) unstable; urgency=medium

  * Don't apply the 8221355 fix for ARM builds.
  * Don't configure --with-vendor-name on stable releases.
  * Fix the jpeg runtime dependency for the build in unstable.

openjdk-8 (8u212-b03-1) unstable; urgency=medium

  [ Matthias Klose ]
  * Configure --with-vendor-name.
  * 8221355: Fix performance regression after JDK-8155635 backport into 8u.

  [ Tiago Stürmer Daitx ]
  * Update to 8u212-b03. LP: #1826001.
  * Security fixes:
    - S8211936, CVE-2019-2602: Better String parsing.
    - S8218453, CVE-2019-2684: More dynamic RMI interactions.
    - S8219066, CVE-2019-2698: Fuzzing TrueType fonts: setCurrGlyphID().
  * Revert to GTK2 as default since GTK3 still has padding and component
    - debian/rules: always Build-Depends on libgtk2.0-dev and Depends on
      libgtk2.0-0 instead of relying on gtk3 for some releases.
  * debian/control: add missing dependency on testng (required by the

  [ Andrej Shadura ]
  * debian/rules: check for nodoc instead of nodocs in DEB_BUILD_OPTIONS.
    Closes: 922757.

  [ Matthias Klose ]
  * debian/rules, debian/tests/jtdiff-autopkgtest.sh,
    debian/tests/jtreg-autopkgtest.in, debian/tests/jtreg-autopkgtest.sh:
    only set the JDK under test and allow jtreg to use its default JDK
    for running the tests.

  [ Thorsten Glaser ]
  * Improve compatibility with older releases. Closes: #925407.
    - debian/rules: determine source date using backwards-compatible
      dpkg-parsechangelog call.
    - debian/control.in: put @bd_cross@ onto same line as @bd_nss@ as
      it can be empty.

Date: 2019-07-18 20:11:13.749769+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list