[ubuntu/lunar-security] openjdk-8 8u382-ga-1~23.04.1 (Accepted)

Eduardo Barretto eduardo.barretto at canonical.com
Mon Jul 31 12:35:20 UTC 2023

openjdk-8 (8u382-ga-1~23.04.1) lunar-security; urgency=medium

  * Upload to Ubuntu 23.04.
  * CVE-2023-22045, CVE-2023-22049.
  * Release notes:

openjdk-8 (8u382-ga-1) unstable; urgency=medium

  [ Thorsten Glaser ]
  * In Debian, stick with jtreg (5.x) since the plans to update
    that to 7 did not materialise (there’s now jtreg7), and the
    testng required by jtreg 7 for JDK 20 is too new for JDK 8.
    Keep jtreg6 (currently commented out until available) for
    Debian ELTS, because it’s so much better than the jtreg 4.x
    in jessie and stretch. Thanks Vladimir for the research!
  * Update sparc64 patch
  * Fix encoding in a documentation file
  * Refactor generation and use of GCC dependency to avoid
    surprises from unexpected gcc-defaults changes (sid just
    switched to 13, but that is too early to try for this month)

  [ Vincent Prat, Emmanuel Bourg ]
  * Change maintainer address mailing list address

  [ Thorsten Glaser ]
  * New upstream release
  * Upload sponsored by ⮡̶ ̶t̶a̶r̶e̶n̶t̶Qvest digital

openjdk-8 (8u382~b04-2) unstable; urgency=medium

  * Rewrite codename-based if(n)eqs, so they fail safer (Closes: #1040167)
  * Maybe fix sparc64 Linux build failure
  * Do not run check for nōn-Hotspot architectures (Closes: #1040181)

openjdk-8 (8u382~b04-1) unstable; urgency=low

  * Merge *buntu changes
    - limit the change to keep using jtreg to that distro
  * Update to latest prerelease, update d/copyright accordingly
  * Appease more lintian
  * Upload sponsored by ⮡ tarent

openjdk-8 (8u372-ga-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2019255). Remaining changes:
    - debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre
      is set up.
    - d/rules: remove IcedTeaPlugin.so reference (LP: #2016396).
  * New changes:
    - d/rules: use jtreg package instead of jtreg6.

openjdk-8 (8u372-ga-1) unstable; urgency=medium

  [ Thorsten Glaser ]
  * B-D and test-depend on libasmtools-java where applicable

  [ John Paul Adrian Glaubitz ]
  * Fix sh4 FTBFS

  [ Emilio Pozuelo Monfort ]
  * New upstream release.
  * Security fixes:
    - JDK-8287404: Improve ping times
    - JDK-8288436: Improve Xalan supports
    - JDK-8294474, CVE-2023-21930: Better AES support
    - JDK-8295304, CVE-2023-21938: Runtime support improvements
    - JDK-8296496, JDK-8292652: large memory allocation in sizecalc.h
    - JDK-8296676, JDK-8296622: Improve String platform support
    - JDK-8296684, JDK-8296692, JDK-8296700, CVE-2023-21937:
      Improve String platform support
    - JDK-8296832, CVE-2023-21939: Improve Swing platform support
    - JDK-8297371: Improve UTF8 representation redux
    - JDK-8298191, CVE-2023-21954: Enhance object reclamation process
    - JDK-8298310, CVE-2023-21967: Enhance TLS session negotiation
    - JDK-8298667, CVE-2023-21968: Improved path handling
    - JDK-8299129: Enhance NameService lookups
  * For other changes see

openjdk-8 (8u372-ga~us1-0ubuntu1) mantic; urgency=medium

  * OpenJDK 8u372 release, build 7.
    - CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
      CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
    - Release notes:
  * d/rules: remove IcedTeaPlugin.so reference (LP: #2016396).

Date: 2023-07-24 20:22:34.757785+00:00
Changed-By: Vladimir Petko <vladimir.petko at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list