[ubuntu/mantic-security] openjdk-8 8u402-ga-2ubuntu1~23.10.1 (Accepted)
Evan Caville
evan.caville at canonical.com
Mon Mar 18 03:53:32 UTC 2024
openjdk-8 (8u402-ga-2ubuntu1~23.10.1) mantic-security; urgency=medium
* Upload to Ubuntu 23.10
* Includes fixes to the following CVEs:
- CVE-2024-20918
- CVE-2024-20919
- CVE-2024-20921
- CVE-2024-20926
- CVE-2024-20945
- CVE-2024-20952
* Includes the following Security fixes:
- JDK-8308204: Enhanced certificate processing
- JDK-8314284: Enhance Nashorn performance
- JDK-8314295: Enhance verification of verifier
- JDK-8314307: Improve loop handling
- JDK-8314468: Improve Compiler loops
- JDK-8316976: Improve signature handling
- JDK-8317547: Enhance TLS connection support
openjdk-8 (8u402-ga-2ubuntu1) noble; urgency=medium
* Fix installation issue on i386 (LP: #2053110):
- d/rules: build without atk bridge on i386 for Ubuntu versions that
do not have it.
- d/JB-jre-headless.postinst.in: check that /usr/share/binfmts exists
before trying to delete it.
openjdk-8 (8u402-ga-2) unstable; urgency=low
* d/rules reliability fixes and extra checks
* Patch OpenJDK to pass errorlevel when configure fails
* Show config.log if present in such cases
* Do not install jexec alternative any more (unlike newer
versions it cannot run just any JAR), drop .jar binfmt
registration with it (LP#1775785); please use jarwrapper
* Restore M-A installability of focal/i386 package (LP#1916327)
by adding xenial, bionic, focal, jammy to the list of releases
built with the ATK bridge, but not enabling it by default;
keep jessie on, stretch and sid and mantic/noble off the list:
please report bugs for issues with the bridge, so sthibault
can find, debug, fix them
openjdk-8 (8u402-ga-1) unstable; urgency=low
[ Leslie Zhai ]
* Add openjdk-8 zero support for loong64 (Closes: #1060236)
[ Thorsten Glaser ]
* Merge 8u392-ga-1+sparc64
* Drop alpha-float-const.diff, seems no longer needed
* Use config.{guess,sub} from autotools-dev for the JDK as well
as icedtea-sound; autoreconf the latter; use sh explicitly
* Enable pulse for alpha and loong64
* New upstream release
* CVEs
- CVE-2024-20918
- CVE-2024-20919
- CVE-2024-20921
- CVE-2024-20926
- CVE-2024-20945
- CVE-2024-20952
* Security fixes
- JDK-8308204: Enhanced certificate processing
- JDK-8314284: Enhance Nashorn performance
- JDK-8314295: Enhance verification of verifier
- JDK-8314307: Improve loop handling
- JDK-8314468: Improve Compiler loops
- JDK-8316976: Improve signature handling
- JDK-8317547: Enhance TLS connection support
* Other changes see
https://mail.openjdk.org/pipermail/jdk8u-dev/2024-January/017883.html
* Upload sponsored by QVEST ⮡ dıgıtal
openjdk-8 (8u392-ga-1+sparc64) unreleased; urgency=medium
* Disable Hotspot on sparc64 as it is currently broken
(Closes: #1056570)
openjdk-8 (8u392-ga-1) unstable; urgency=low
[ Emmanuel Bourg ]
* Provide versioned java-runtime, java-runtime-headless, java-sdk
and java-sdk-headless virtual packages
[ Thorsten Glaser ]
* Link with -Wl,--no-as-needed like openjdk-11 in case 8u ever loses
the mapfiles (cf. #1031521)
* Depend on libasmtools-java on buster, bullseye as well
* New upstream release
* CVEs
- CVE-2023-22067
- CVE-2023-22081
* Security fixes
- JDK-8286503, JDK-8312367: Enhance security classes
- JDK-8297856: Improve handling of Bidi characters
- JDK-8303384: Improved communication in CORBA
- JDK-8305815, JDK-8307278: Update Libpng to 1.6.39
(not relevant, as we use the system libraries)
- JDK-8309966: Enhanced TLS connections
* Other changes see
https://mail.openjdk.org/pipermail/jdk8u-dev/2023-October/017616.html
* Use b07 for aarch32, patch it to b08/ga, aarch32-b08 doesn’t exist yet
* Update pathnames used by the embedded library removal code (repacking)
* Overhaul d/copyright using both upstream notices and diff review
* Upload sponsored by QVEST ⮡ dıgıtal
Date: 2024-02-28 14:40:10.679689+00:00
Changed-By: Pushkar Kulkarni <pushkar.kulkarni at canonical.com>
Signed-By: Evan Caville <evan.caville at canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-8/8u402-ga-2ubuntu1~23.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list