[ubuntu/eoan-proposed] openjdk-lts 11.0.3+7-1ubuntu2 (Accepted)

[Tiago Stürmer Daitx]

openjdk-lts (11.0.3+7-1ubuntu2) eoan; urgency=medium

  * Security fixes:
    - S8211936, CVE-2019-2602: Better String parsing
    - S8218453, CVE-2019-2684: More dynamic RMI interactions
    - S8214809: CDS storage improvements
  * debian/control, debian/control.in: add breaks clause to prevent
    openjdk-11-jre-headless from being updated when jetty9, netbeans,
    tomcat8, or visualvm are being hold back in unattended-upgrades
    due to local conffiles changes.
  * Add support for automatic updates:
    - debian/watch: upstream has started releasing tarballs and signatures at
      https://openjdk-sources.osci.io/openjdk11/ which allows us to track new
      releases and check signatures by using uscan. For now it is using the
      unmodified upstream tarball while previously the use of get-orig from
      the debian/rules file would remove a few files from it - this can be
      replicated by either providing a repack script or by adding the
      exclusions directly to debian/copyright.
    - debian/upstream/signing-key.asc: public signing key used by upstream
      to sign their tarball releases.

Date: Tue, 23 Apr 2019 02:17:15 +0000
Changed-By: Tiago Stürmer Daitx <tiago.daitx at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-lts/11.0.3+7-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 23 Apr 2019 02:17:15 +0000
Source: openjdk-lts
Architecture: source
Version: 11.0.3+7-1ubuntu2
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tiago Stürmer Daitx <tiago.daitx at ubuntu.com>
Changes:
 openjdk-lts (11.0.3+7-1ubuntu2) eoan; urgency=medium
 .
   * Security fixes:
     - S8211936, CVE-2019-2602: Better String parsing
     - S8218453, CVE-2019-2684: More dynamic RMI interactions
     - S8214809: CDS storage improvements
   * debian/control, debian/control.in: add breaks clause to prevent
     openjdk-11-jre-headless from being updated when jetty9, netbeans,
     tomcat8, or visualvm are being hold back in unattended-upgrades
     due to local conffiles changes.
   * Add support for automatic updates:
     - debian/watch: upstream has started releasing tarballs and signatures at
       https://openjdk-sources.osci.io/openjdk11/ which allows us to track new
       releases and check signatures by using uscan. For now it is using the
       unmodified upstream tarball while previously the use of get-orig from
       the debian/rules file would remove a few files from it - this can be
       replicated by either providing a repack script or by adding the
       exclusions directly to debian/copyright.
     - debian/upstream/signing-key.asc: public signing key used by upstream
       to sign their tarball releases.
Checksums-Sha1:
 e52674563d3515541e0e5763e699f2e26b1d7201 4814 openjdk-lts_11.0.3+7-1ubuntu2.dsc
 a57f67f50940f7b12d3683c94e43f66c94d208bc 177092 openjdk-lts_11.0.3+7-1ubuntu2.debian.tar.xz
 75dac3ecd5eff30fb968758bfe200b0787d06d80 16315 openjdk-lts_11.0.3+7-1ubuntu2_source.buildinfo
Checksums-Sha256:
 ab22abca8ec284f53a9c7f99044d673685161036aa96f7d7f515c336d24f2f39 4814 openjdk-lts_11.0.3+7-1ubuntu2.dsc
 0972286e1a0a0e3f58a61b181a53b150ab7bd9a56f6a8ecb0fe42ffc33fbf7ae 177092 openjdk-lts_11.0.3+7-1ubuntu2.debian.tar.xz
 c942b4cc69ad8bebbfd1248ad8569d388ec5e2f14b4583dc179c09259c55d0ea 16315 openjdk-lts_11.0.3+7-1ubuntu2_source.buildinfo
Files:
 a68fbe9f872898db13a9ac5951c0b664 4814 java optional openjdk-lts_11.0.3+7-1ubuntu2.dsc
 0e831dd9131f3b5e5b565ae9986541f8 177092 java optional openjdk-lts_11.0.3+7-1ubuntu2.debian.tar.xz
 a2987e9351672bef61f89097e5b6446a 16315 java optional openjdk-lts_11.0.3+7-1ubuntu2_source.buildinfo
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

-----BEGIN PGP SIGNATURE-----

iQJLBAEBCgA1FiEE+JEitvb+Hru9UiZmnDJEJjvUHeAFAly+oPoXHHRpYWdvLmRh
aXR4QHVidW50dS5jb20ACgkQnDJEJjvUHeCxOA/7BkeAse1FD26FMWjomcald/QX
rOQ0Jt8nIQPKh+l13dpkljncD6sQe3xipWuRF0GygsGHffRui9ElUfn4E2FNL1As
5rTNtyMpd6QptNd5Gq4UFuORaBs2yYk6/iIQnm0mKAj1cr4yRAVcTs4kTd6q7bHm
7rLqFX53mVb80JdjCMqcsRObqaJTSTzMpmNitGJxQhes9UXXjaGinlVGEgdS8ZG5
29aWoHPJtGAAqEb7AeYG3WrPsthPoOtx7YIwPmuMEPrctPYZT3jaeHbPpo2Au1bY
BimdA3WMfR1nSGaNslek0tWhXzsnPL1g7tKw9gDBwD14oYJ7Mhi0KasiByRIDjYK
LCrG/RBPzSCUULyTRHq4kHcBzhEdEcsrplPit0x5H3k1fiS8Ud1IcdAeQHY33HP7
piKyxXCDD/aq8wdFhcyE24ZGQhpYZHI4MXYp52TOzIUOB4rq65Pis5ToGvyPWCgN
oMbbWpWBrjl50M4LXpT/7F8TGserLUKMLLrzIHaL4C/KqgSxT2uT/nTVFlSQbH2h
vs7yLACdfyXDSBN4EDx5etJpIa/TgOlCoHqzU/4Q1nOPqh9quTpHGd2v0yPkt2Oo
Z41PzfAy4GwDcUEgNWs/92cgac+/3hovC6wMkMulkzrxLwsrI1PkQHqncx5Vtth4
9UwDRZPaBeyzeLfLyvs=
=7Frv
-----END PGP SIGNATURE-----