[ubuntu/jammy-updates] openjdk-17 17.0.12+7-1ubuntu2~22.04 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Jul 31 04:34:45 UTC 2024
openjdk-17 (17.0.12+7-1ubuntu2~22.04) jammy-security; urgency=medium
* Upload to Ubuntu 22.04.
openjdk-17 (17.0.12+7-1ubuntu2) oracular; urgency=medium
* OpenJDK 17.0.12 release, build 7. Release notes:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-July/035798.html
- CVEs:
+ CVE-2024-21147: 8323231, RangeCheckElimination array index overflow.
+ CVE-2024-21145: 8324559, Out-of-bounds access in 2D image handling.
+ CVE-2024-21140: 8320548, Range Check Elimination (RCE) pre-loop limit
overflow.
+ CVE-2024-21131: 8314794, potential UTF8 size overflow.
+ CVE-2024-21138: 8319859, Excessive symbol length can lead to infinite loop.
- Security Fixes:
+ JDK-8303466: C2: failed: malformed control flow. Limit type made precise
with MaxL/MinL.
+ JDK-8314794: Improve UTF8 String supports.
+ JDK-8319859: Better symbol storage.
+ JDK-8320097: Improve Image transformations.
+ JDK-8320548: Improved loop handling.
+ JDK-8323231: Improve array management.
+ JDK-8323390: Enhance mask blit functionality.
+ JDK-8324559: Improve 2D image handling.
+ JDK-8325600: Better symbol storage.
+ JDK-8327413: Enhance compilation efficiency.
* No-Change upload to include upstream release notes.
openjdk-17 (17.0.12+7-1ubuntu1) oracular; urgency=medium
* OpenJDK 17.0.12 release, build 7.
- CVEs:
+ CVE-2024-21147
+ CVE-2024-21145
+ CVE-2024-21140
+ CVE-2024-21131
+ CVE-2024-21138
- Security Fixes:
+ JDK-8316138: Added GlobalSign R46 and E46 Root CA Certificates.
+ JDK-8256660: Disabled DTLS 1.0.
+ JDK-8326891: Native Executables and Libraries on Linux Use
RPATH Instead of RUNPATH.
* d/p/jdk-8312488.patch: add upstream patch to resolve jpackage crash.
* d/copyright: regenerate copyright.
* d/rules, d/t/*: collate all excluded tests into d/t/problemlist.csv.
* d/rules: enable fallback linker for Foreign Function and Memory API
on i386 and armhf.
* d/watch: use fixed googletest version.
* d/p/jdk-8336529-proposed.patch: fix time_t migration issue on armhf
openjdk is unable to set file last modified timestamp.
* d/p/jdk-8334895-proposed.patch: refresh patch.
* d/rules: relax jtreg7 version condition for backports.
openjdk-17 (17.0.12+7-1) unstable; urgency=medium
* OpenJDK 17.0.12 release, build 7.
openjdk-17 (17.0.12~6ea-1) unstable; urgency=medium
* OpenJDK 17.0.12 early access, build 6.
[ Vladimir Petko ]
* d/p/8295111.patch: Apply upstream patch to resolve jpackage failure
to create a deb package.
* d/t/problems-i386.txt: Update i386 test exclusions.
* d/t/problems-armhf.txt: Update armhf test exclusions.
* d/p/jdk-8307977.patch: Rename patch.
* d/p/jdk-8334502-proposed.patch: Add proposed fix for iso8601 time format
on ARM32.
* d/p/jdk-8334895-proposed.patch: Add proposed fix for configuration failure
when CDS is disabled on arm64.
* d/control: Regenerate control.
* d/rules: Enable early access release.
* d/rules: Enable jtreg tests.
* d/rules: Include /usr/share/dpkg/buildflags.mk to avoid configure failure
due to the undefined variables.
* d/p/jdk-8325567.patch: jspawnhelper without args fails with segfault.
LP: #2055280.
* d/p/jdk-8331541.patch: Add fix for the link failure against libjvm.so on
i386. Closes: #1057715.
[ Matthias Klose ]
* Build using GCC 10 for focal.
openjdk-17 (17.0.11+9-1) unstable; urgency=high
* OpenJDK 17.0.11 release, build 9.
- CVE-2024-21011, 8319851: Improve exception logging.
- CVE-2024-21068, 8322122: Enhance generation of addresses.
- 8318340: Improve RSA key implementations.
- CVE-2024-21012, 8315708: Enhance HTTP/2 client usage.
* CVE-2024-21094, 8317507: Already fixed in November 2023:
C2 compilation fails with "Exceeded _node_regs array".
Date: 2024-07-21 21:01:07.038511+00:00
Changed-By: Vladimir Petko <vladimir.petko at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-17/17.0.12+7-1ubuntu2~22.04
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list