[ubuntu/mantic-security] openjdk-8 8u402-ga-2ubuntu1~23.10.1 (Accepted)

Evan Caville evan.caville at canonical.com
Mon Mar 18 03:53:32 UTC 2024


openjdk-8 (8u402-ga-2ubuntu1~23.10.1) mantic-security; urgency=medium

  * Upload to Ubuntu 23.10
  * Includes fixes to the following CVEs:
    - CVE-2024-20918
    - CVE-2024-20919
    - CVE-2024-20921
    - CVE-2024-20926
    - CVE-2024-20945
    - CVE-2024-20952
  * Includes the following Security fixes:
    - JDK-8308204: Enhanced certificate processing
    - JDK-8314284: Enhance Nashorn performance
    - JDK-8314295: Enhance verification of verifier
    - JDK-8314307: Improve loop handling
    - JDK-8314468: Improve Compiler loops
    - JDK-8316976: Improve signature handling
    - JDK-8317547: Enhance TLS connection support

openjdk-8 (8u402-ga-2ubuntu1) noble; urgency=medium

  * Fix installation issue on i386 (LP: #2053110):
    - d/rules: build without atk bridge on i386 for Ubuntu versions that
      do not have it.
    - d/JB-jre-headless.postinst.in: check that /usr/share/binfmts exists
      before trying to delete it.

openjdk-8 (8u402-ga-2) unstable; urgency=low

  * d/rules reliability fixes and extra checks
  * Patch OpenJDK to pass errorlevel when configure fails
  * Show config.log if present in such cases
  * Do not install jexec alternative any more (unlike newer
    versions it cannot run just any JAR), drop .jar binfmt
    registration with it (LP#1775785); please use jarwrapper
  * Restore M-A installability of focal/i386 package (LP#1916327)
    by adding xenial, bionic, focal, jammy to the list of releases
    built with the ATK bridge, but not enabling it by default;
    keep jessie on, stretch and sid and mantic/noble off the list:
    please report bugs for issues with the bridge, so sthibault
    can find, debug, fix them

openjdk-8 (8u402-ga-1) unstable; urgency=low

  [ Leslie Zhai ]
  * Add openjdk-8 zero support for loong64 (Closes: #1060236)

  [ Thorsten Glaser ]
  * Merge 8u392-ga-1+sparc64
  * Drop alpha-float-const.diff, seems no longer needed
  * Use config.{guess,sub} from autotools-dev for the JDK as well
    as icedtea-sound; autoreconf the latter; use sh explicitly
  * Enable pulse for alpha and loong64
  * New upstream release
  * CVEs
    - CVE-2024-20918
    - CVE-2024-20919
    - CVE-2024-20921
    - CVE-2024-20926
    - CVE-2024-20945
    - CVE-2024-20952
  * Security fixes
    - JDK-8308204: Enhanced certificate processing
    - JDK-8314284: Enhance Nashorn performance
    - JDK-8314295: Enhance verification of verifier
    - JDK-8314307: Improve loop handling
    - JDK-8314468: Improve Compiler loops
    - JDK-8316976: Improve signature handling
    - JDK-8317547: Enhance TLS connection support
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2024-January/017883.html
  * Upload sponsored by QVEST ⮡ dıgıtal

openjdk-8 (8u392-ga-1+sparc64) unreleased; urgency=medium

  * Disable Hotspot on sparc64 as it is currently broken
    (Closes: #1056570)

openjdk-8 (8u392-ga-1) unstable; urgency=low

  [ Emmanuel Bourg ]
  * Provide versioned java-runtime, java-runtime-headless, java-sdk
    and java-sdk-headless virtual packages

  [ Thorsten Glaser ]
  * Link with -Wl,--no-as-needed like openjdk-11 in case 8u ever loses
    the mapfiles (cf. #1031521)
  * Depend on libasmtools-java on buster, bullseye as well
  * New upstream release
  * CVEs
    - CVE-2023-22067
    - CVE-2023-22081
  * Security fixes
    - JDK-8286503, JDK-8312367: Enhance security classes
    - JDK-8297856: Improve handling of Bidi characters
    - JDK-8303384: Improved communication in CORBA
    - JDK-8305815, JDK-8307278: Update Libpng to 1.6.39
      (not relevant, as we use the system libraries)
    - JDK-8309966: Enhanced TLS connections
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2023-October/017616.html
  * Use b07 for aarch32, patch it to b08/ga, aarch32-b08 doesn’t exist yet
  * Update pathnames used by the embedded library removal code (repacking)
  * Overhaul d/copyright using both upstream notices and diff review
  * Upload sponsored by QVEST ⮡ dıgıtal

Date: 2024-02-28 14:40:10.679689+00:00
Changed-By: Pushkar Kulkarni <pushkar.kulkarni at canonical.com>
Signed-By: Evan Caville <evan.caville at canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-8/8u402-ga-2ubuntu1~23.10.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the mantic-changes mailing list