[ubuntu/focal-security] openjdk-8 8u342-b07-0ubuntu1~20.04 (Accepted)
Eduardo Barretto
eduardo.barretto at canonical.com
Thu Aug 4 15:40:52 UTC 2022
openjdk-8 (8u342-b07-0ubuntu1~20.04) focal-security; urgency=medium
* Backport upstream releases 8u342 and 8u332 to 20.04 LTS.
* Security fixes in 8u342:
- JDK-8272243: Improve DER parsing
- JDK-8272249: Better properties of loaded Properties
- JDK-8277608: Address IP Addressing
- JDK-8281859, CVE-2022-21540: Improve class compilation
- JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
- JDK-8283190: Improve MIDI processing
- JDK-8284370: Improve zlib usage
- JDK-8285407, CVE-2022-34169: Improve Xalan supports
* Security fixes in 8u332:
- JDK-8269938: Enhance XML processing passes redux
- JDK-8270504, CVE-2022-21426: Better XPath expression handling
- JDK-8272255: Completely handle MIDI files
- JDK-8272261: Improve JFR recording file processing
- JDK-8272594: Better record of recordings
- JDK-8274221: More definite BER encodings
- JDK-8275151, CVE-2022-21443: Improved Object Identification
- JDK-8277227: Better identification of OIDs
- JDK-8277672, CVE-2022-21434: Better invocation handler handling
- JDK-8278008, CVE-2022-21476: Improve Santuario processing
- JDK-8278356: Improve file creation
- JDK-8278449: Improve keychain support
- JDK-8278805: Enhance BMP image loading
- JDK-8278972, CVE-2022-21496: Improve URL supports
- JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo
openjdk-8 (8u342-b07-1) unstable; urgency=medium
* New upstream release
* Security fixes:
- JDK-8272243: Improve DER parsing
- JDK-8272249: Better properties of loaded Properties
- JDK-8277608: Address IP Addressing
- JDK-8281859, CVE-2022-21540: Improve class compilation
- JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
- JDK-8283190: Improve MIDI processing
- JDK-8284370: Improve zlib usage
- JDK-8285407, CVE-2022-34169: Improve Xalan supports
* Other changes see
https://mail.openjdk.org/pipermail/jdk8u-dev/2022-July/015254.html
* Add patch to undo user.dir change prohibition; this breaks legacy
software like Gradle
* Upload sponsored by ⮡ tarent
openjdk-8 (8u342~b06-1) unstable; urgency=low
* Upload 8u342-b06 for pre-release testing (b05 for hotspot-aarch32
but the only difference is elsewhere)
openjdk-8 (8u332-ga-1) unstable; urgency=medium
* Upload to unstable: final tested release
* Otherwise, see below for diff from 8u312/8u322
* Upload sponsored by ⮡ tarent
openjdk-8 (8u332~b09-2) experimental; urgency=low
* Upload to experimental, with arm64 but see below
* Security fixes:
- JDK-8269938: Enhance XML processing passes redux
- JDK-8270504, CVE-2022-21426: Better XPath expression handling
- JDK-8272255: Completely handle MIDI files
- JDK-8272261: Improve JFR recording file processing
- JDK-8272594: Better record of recordings
- JDK-8274221: More definite BER encodings
- JDK-8275151, CVE-2022-21443: Improved Object Identification
- JDK-8277227: Better identification of OIDs
- JDK-8277672, CVE-2022-21434: Better invocation handler handling
- JDK-8278008, CVE-2022-21476: Improve Santuario processing
- JDK-8278356: Improve file creation
- JDK-8278449: Improve keychain support
- JDK-8278805: Enhance BMP image loading
- JDK-8278972, CVE-2022-21496: Improve URL supports
- JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo
* Other changes: see
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2022-April/014839.html
* Use stock jdk8u on arm64 instead of aarch64-shenandoah hotspot+GC
* Upload sponsored by ⮡ tarent
openjdk-8 (8u332~b09-1) experimental; urgency=low
* Upload to experimental
* New upstream release but without arm64 as it’s not yet ported
* Upload sponsored by ⮡ tarent
openjdk-8 (8u322-ga-1) unstable; urgency=low
* Synchronise versions of G++ used with current distro defaults
* Switch to github-based download workflow
* Refresh patches, d/copyright, packaging
* New upstream release
* Security fixes:
- JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
- JDK-8268488: More valuable DerValues
- JDK-8268494: Better inlining of inlined interfaces
- JDK-8268512: More content for ContentInfo
- JDK-8268795: Enhance digests of Jar files
- JDK-8268801: Improve PKCS attribute handling
- JDK-8268813, CVE-2022-21283: Better String matching
- JDK-8269151: Better construction of EncryptedPrivateKeyInfo
- JDK-8269944: Better HTTP transport redux
- JDK-8270392, CVE-2022-21293: Improve String constructions
- JDK-8270416, CVE-2022-21294: Enhance construction of
Identity maps
- JDK-8270492, CVE-2022-21282: Better resolution of URIs
- JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration
management
- JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
- JDK-8271962: Better TrueType font loading
- JDK-8271968: Better canonical naming
- JDK-8271987: Manifest improved manifest entries
- JDK-8272014, CVE-2022-21305: Better array indexing
- JDK-8272026, CVE-2022-21340: Verify Jar Verification
- JDK-8272236, CVE-2022-21341: Improve serial forms for transport
- JDK-8272272: Enhance jcmd communication
- JDK-8272462: Enhance image handling
- JDK-8273290: Enhance sound handling
- JDK-8273748, CVE-2022-21349: Improve Solaris font rendering
- JDK-8273756, CVE-2022-21360: Enhance BMP image support
- JDK-8273838, CVE-2022-21365: Enhanced BMP processing
* Other changes: see
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2022-January/014522.html
* Upload sponsored by ⮡ tarent
in preparation for a quick 8u332 once available
openjdk-8 (8u312-b07-1) unstable; urgency=medium
* New upstream release (GA)
* Security fixes:
- JDK-8130183, CVE-2021-35588: InnerClasses: VM permits wrong
Throw ClassFormatError if InnerClasses attribute's
inner_class_info_index is 0
- JDK-8161016: Strange behavior of URLConnection with proxy
- JDK-8163326, CVE-2021-35550: Update the default enabled cipher
suites preference
- JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on
TLS session close
- JDK-8263314: Enhance XML Dsig modes
- JDK-8265167, CVE-2021-35556: Richer Text Editors
- JDK-8265574: Improve handling of sheets
- JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit
- JDK-8265776: Improve Stream handling for SSL
- JDK-8266097, CVE-2021-35561: Better hashing support
- JDK-8266103: Better specified spec values
- JDK-8266109: More Resilient Classloading
- JDK-8266115: More Manifest Jar Loading
- JDK-8266137, CVE-2021-35564: Improve Keystore integrity
- JDK-8266689, CVE-2021-35567: More Constrained Delegation
- JDK-8267086: ArrayIndexOutOfBoundsException in
java.security.KeyFactory.generatePublic
- JDK-8267712: Better LDAP reference processing
- JDK-8267729, CVE-2021-35578: Improve TLS client handshaking
- JDK-8267735, CVE-2021-35586: Better BMP support
- JDK-8268193: Improve requests of certificates
- JDK-8268199: Correct certificate requests
- JDK-8268506: More Manifest Digests
- JDK-8269618, CVE-2021-35603: Better session identification
- JDK-8269624: Enhance method selection support
- JDK-8270398: Enhance canonicalization
- JDK-8270404: Better canonicalization
* Other changes: see
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-October/014373.html
* Policy 4.6.1, no relevant changes
* d/copyright: Apply changes since 8u302
* Upload sponsored by ⮡ tarent
Date: 2022-07-23 16:23:15.801387+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: Debian Java Team <debian-java at lists.debian.org>
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-8/8u342-b07-0ubuntu1~20.04
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list