[ubuntu/lunar-security] openjdk-8 8u392-ga-1~23.04 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Wed Nov 29 07:25:26 UTC 2023 

openjdk-8 (8u392-ga-1~23.04) lunar-security; urgency=low

  * Upload to Ubuntu 23.04.

openjdk-8 (8u392-ga-1) unstable; urgency=low

  [ Emmanuel Bourg ]
  * Provide versioned java-runtime, java-runtime-headless, java-sdk
    and java-sdk-headless virtual packages

  [ Thorsten Glaser ]
  * Link with -Wl,--no-as-needed like openjdk-11 in case 8u ever loses
    the mapfiles (cf. #1031521)
  * Depend on libasmtools-java on buster, bullseye as well
  * New upstream release
  * CVEs
    - CVE-2023-22067
    - CVE-2023-22081
  * Security fixes
    - JDK-8286503, JDK-8312367: Enhance security classes
    - JDK-8297856: Improve handling of Bidi characters
    - JDK-8303384: Improved communication in CORBA
    - JDK-8305815, JDK-8307278: Update Libpng to 1.6.39
      (not relevant, as we use the system libraries)
    - JDK-8309966: Enhanced TLS connections
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2023-October/017616.html
  * Use b07 for aarch32, patch it to b08/ga, aarch32-b08 doesn’t exist yet
  * Update pathnames used by the embedded library removal code (repacking)
  * Overhaul d/copyright using both upstream notices and diff review
  * Upload sponsored by QVEST ⮡ dıgıtal

openjdk-8 (8u382-ga-2) unstable; urgency=low

  * Update 8u382-ga-1 changelog entry
  * On releases that have it, switch to libjpeg-dev B-D so that
    certain derivatives can reuse d/control (Closes: #1042855)
  * Use default gcc-13 on trixie/sid, mantic

openjdk-8 (8u382-ga-1) unstable; urgency=medium

  [ Thorsten Glaser ]
  * In Debian, stick with jtreg (5.x) since the plans to update
    that to 7 did not materialise (there’s now jtreg7), and the
    testng required by jtreg 7 for JDK 20 is too new for JDK 8.
    Keep jtreg6 (currently commented out until available) for
    Debian ELTS, because it’s so much better than the jtreg 4.x
    in jessie and stretch. Thanks Vladimir for the research!
  * Update sparc64 patch
  * Fix encoding in a documentation file
  * Refactor generation and use of GCC dependency to avoid
    surprises from unexpected gcc-defaults changes (sid just
    switched to 13, but that is too early to try for this month)

  [ Vincent Prat, Emmanuel Bourg ]
  * Change maintainer address mailing list address

  [ Thorsten Glaser ]
  * New upstream release
  * CVEs
    - CVE-2023-22045
    - CVE-2023-22049
  * Security fixes
    - JDK-8298676: Enhanced Look and Feel
    - JDK-8300596: Enhance Jar Signature validation
    - JDK-8304468: Better array usages
    - JDK-8305312: Enhanced path handling
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2023-July/017285.html
  * Upload sponsored by ⮡̶ ̶t̶a̶r̶e̶n̶t̶Qvest digital

Date: 2023-10-23 08:40:14.122555+00:00
Changed-By: Vladimir Petko <vladimir.petko at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-8/8u392-ga-1~23.04
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list