java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9.src
[130 KiB] |
Changelog
by JoungKyun.Kim (2024-01-07):
- update 1.8.0.392
https://www.oracle.com/java/technologies/javase/8u391-relnotes.html
-Security issues
https://www.oracle.com/security-alerts/cpuoct2023.html
. CVE-2023-22067 CORBA 5.3 Network
. CVE-2023-22081 HTTPS 5.3 Network
. CVE-2023-22025 Multiple 3.7 Network
|
java-1.8.0-openjdk-1.8.0.382.b05-1.el7_9.src
[129 KiB] |
Changelog
by JoungKyun.Kim (2023-08-26):
- update 1.8.0.382
https://www.oracle.com/java/technologies/javase/8u381-relnotes.html
-Security issues
https://www.oracle.com/security-alerts/cpuapr2023.html
https://www.oracle.com/security-alerts/cpujul2023.html
. CVE-2023-21930 JSSE 7.4 Network
. CVE-2023-21967 JSSE 5.9 Network
. CVE-2023-21954 Hotspot 5.9 Network
. CVE-2023-21939 Swing 5.3 Network
. CVE-2023-21938 Libraries 3.7 Network
. CVE-2023-21968 Libraries 3.7 Network
. CVE-2023-21937 Networking 3.7 Network
. CVE-2023-22043 JavaFX 5.9 Network
. CVE-2023-22041 Hotspot 5.1 Local
. CVE-2023-22051 Compiler 3.7 Network
. CVE-2023-25193 2D (Harfbuzz) 3.7 Network
. CVE-2023-22044 Hotspot 3.7 Network
. CVE-2023-22045 Hotspot 3.7 Network
. CVE-2023-22049 Libraries 3.7 Network
. CVE-2023-22036 Utility 3.7 Network
. CVE-2023-22006 Networking 3.1 Network
|
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src
[129 KiB] |
Changelog
by JoungKyun.Kim (2023-02-08):
- update 1.8.0.332
https://www.oracle.com/java/technologies/javase/8u331-relnotes.html
https://www.oracle.com/java/technologies/javase/8u331-bugfixes.html
-Security issues
https://www.oracle.com/security-alerts/cpujan2023.html
. JDK-8272243: Improve DER parsing
. JDK-8272249: Better properties of loaded Properties
. JDK-8277608: Address IP Addressing
. JDK-8281859, CVE-2022-21540: Improve class compilation
. JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
. JDK-8283190: Improve MIDI processing
. JDK-8284370: Improve zlib usage
. JDK-8285407, CVE-2022-34169: Improve Xalan supports
. JDK-8282252: Improve BigInteger/Decimal validation
. JDK-8285662: Better permission resolution
. JDK-8286511: Improve macro allocation
. JDK-8286519: Better memory handling
. JDK-8286526, CVE-2022-21619: Improve NTLM support
. JDK-8286533, CVE-2022-21626: Key X509 usages
. JDK-8286910, CVE-2022-21624: Improve JNDI lookups
. JDK-8286918, CVE-2022-21628: Better HttpServer service
. JDK-8288508: Enhance ECDSA usage
. JDK-8285021: Improve CORBA communication
. JDK-8286496: Improve Thread labels
. JDK-8288516: Enhance font creation
. JDK-8289350: Better media supports
. JDK-8293554: Enhanced DH Key Exchanges
. JDK-8293598: Enhance InetAddress address handling
. JDK-8293717: Objective view of ObjectView
. JDK-8293734: Improve BMP image handling
. JDK-8293742: Better Banking of Sounds
. JDK-8295687: Better BMP bounds
. CVE-2022-43548 Node Remote 8.1
. CVE-2023-21835 JSSE Remote 5.3
. CVE-2023-21830 Serialization Remote 5.3
. CVE-2023-21843 Sound Remote 3.7
|
java-1.8.0-openjdk-1.8.0.332.b09-1.el7_9.src
[131 KiB] |
Changelog
by JoungKyun.Kim (2022-04-18):
- update 1.8.0.332
https://www.oracle.com/java/technologies/javase/8u331-relnotes.html
https://www.oracle.com/java/technologies/javase/8u331-bugfixes.html
- Security fixes
https://www.oracle.com/security-alerts/cpuapr2022.html
. JDK-8269938: Enhance XML processing passes redux
. JDK-8270504, CVE-2022-21426: Better XPath expression handling
. JDK-8272255: Completely handle MIDI files
. JDK-8272261: Improve JFR recording file processing
. JDK-8272594: Better record of recordings
. JDK-8274221: More definite BER encodings
. JDK-8275151, CVE-2022-21443: Improved Object Identification
. JDK-8277227: Better identification of OIDs
. JDK-8277672, CVE-2022-21434: Better invocation handler handling
. JDK-8278008, CVE-2022-21476: Improve Santuario processing
. JDK-8278356: Improve file creation
. JDK-8278449: Improve keychain support
. JDK-8278805: Enhance BMP image loading
. JDK-8278972, CVE-2022-21496: Improve URL supports
. JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo
- Other changes
. JDK-8033980: Xerces Update: datatype XMLGregorianCalendarImpl and DurationImpl
. JDK-8035437: Xerces Update: xml/serialize/DOMSerializerImpl
. JDK-8035577: Xerces Update: impl/xpath/regex/RangeToken.java
. JDK-8037259: xerces update: xpointer update
. JDK-8041523: Xerces Update: Serializer improvements from Xalan
. JDK-8141508: java.lang.invoke.LambdaConversionException: Invalid receiver type
. JDK-8162572: Update License Header for all JAXP sources
. JDK-8167014: jdeps: Missing message: warn.skipped.entry
. JDK-8198411: [TEST_BUG] Two java2d tests are unstable in mach5
. JDK-8202822: Add .git to .hgignore
. JDK-8205540: test/hotspot/jtreg/vmTestbase/nsk/jdb/trace/trace001/trace001.java fails with Debuggee did not exit after 15 <cont> commands
. JDK-8209178: Proxied HttpsURLConnection doesn't send BODY when retrying POST request
. JDK-8210283: Support git as an SCM alternative in the build
. JDK-8218682: [TEST_BUG] DashOffset fails in mach5
. JDK-8225690: Multiple AttachListener threads can be created
. JDK-8227738: jvmti/DataDumpRequest/datadumpreq001 failed due to "exit code is 134"
. JDK-8227815: Minimal VM: set_state is not a member of AttachListener
. JDK-8240633: Memory leaks in the implementations of FileChooserUI
. JDK-8241768: git needs .gitattributes
. JDK-8247766: [aarch64] guarantee(val < (1U << nbits)) failed: Field too big for insn
. JDK-8253147: The javax/swing/JPopupMenu/7154841/bug7154841.java fail on big screens
. JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node
. JDK-8266749: AArch64: Backtracing broken on PAC enabled systems
. JDK-8270290: NTLM authentication fails if HEAD request is used
. JDK-8273229: Update OS detection code to recognize Windows Server 2022
. JDK-8273341: Update Siphash to version 1.0
. JDK-8273575: memory leak in appendBootClassPath(), paths must be deallocated
. JDK-8274524: SSLSocket.close() hangs if it is called during the ssl handshake
. JDK-8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE
. JDK-8277488: Add expiry exception for Digicert (geotrustglobalca) expiring in May 2022
. JDK-8279077: JFR crashes on Linux ppc due to missing crash protector in signal handler
. JDK-8280060: The sun/rmi/server/Activation.java class use Thread.dumpStack()
. JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972
. JDK-8282397: createTempFile method of java.io.File is failing when called with suffix of spaces character
. JDK-8284548: Invalid XPath expression causes StringIndexOutOfBoundsException
. JDK-8284920: Incorrect Token type causes XPath expression to return empty result
. JDK-8284936: Fix Java 7 bootstrap breakage due to use of Arrays.stream
- Shenandoah
. JDK-8260632: Build failures after JDK-8253353
. JDK-8282458: Update .jcheck/conf file for sh-jdk8u move to git
|
java-1.8.0-openjdk-1.8.0.322.b06-1.el7_9.src
[126 KiB] |
Changelog
by JoungKyun.Kim (2022-01-21):
- update 1.8.0.322
https://www.oracle.com/java/technologies/javase/8u321-relnotes.html
https://www.oracle.com/java/technologies/javase/8u321-bugfixes.html
- security issues
https://www.oracle.com/security-alerts/cpujan2022.html
. JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
. JDK-8268488: More valuable DerValues
. JDK-8268494: Better inlining of inlined interfaces
. JDK-8268512: More content for ContentInfo
. JDK-8268795: Enhance digests of Jar files
. JDK-8268801: Improve PKCS attribute handling
. JDK-8268813, CVE-2022-21283: Better String matching
. JDK-8269151: Better construction of EncryptedPrivateKeyInfo
. JDK-8269944: Better HTTP transport redux
. JDK-8270392, CVE-2022-21293: Improve String constructions
. JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
. JDK-8270492, CVE-2022-21282: Better resolution of URIs
. JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
. JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
. JDK-8271962: Better TrueType font loading
. JDK-8271968: Better canonical naming
. JDK-8271987: Manifest improved manifest entries
. JDK-8272014, CVE-2022-21305: Better array indexing
. JDK-8272026, CVE-2022-21340: Verify Jar Verification
. JDK-8272236, CVE-2022-21341: Improve serial forms for transport
. JDK-8272272: Enhance jcmd communication
. JDK-8272462: Enhance image handling
. JDK-8273290: Enhance sound handling
. JDK-8273748, CVE-2022-21349: Improve Solaris font rendering
. JDK-8273756, CVE-2022-21360: Enhance BMP image support
. JDK-8273838, CVE-2022-21365: Enhanced BMP processing
|
java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.src
[124 KiB] |
Changelog
by JoungKyun.Kim (2021-10-15):
- update 1.8.0.312
https://www.oracle.com/java/technologies/javase/8u311-relnotes.html
https://www.oracle.com/java/technologies/javase/8u311-bugfixes.html
- security issues
https://www.oracle.com/security-alerts/cpuoct2021.html
. CVE-2021-3517 JavaFX (libxml) Remote 8.6
. CVE-2021-35560 Deployment Remote 7.5
. CVE-2021-35567 Libraries Local 6.8
. CVE-2021-35550 JSSE Remote 5.9
. CVE-2021-3522 JavaFX (GStreamer) Local 5.5
. CVE-2021-35586 ImageIO Remote 5.3
. CVE-2021-35564 Keytool Remote 5.3
. CVE-2021-35556 Swing Remote 5.3
. CVE-2021-35559 Swing Remote 5.3
. CVE-2021-35561 Utility Remote 5.3
. CVE-2021-35565 JSSE Remote 5.3
. CVE-2021-35578 JSSE Remote 5.3
. CVE-2021-35603 JSSE Remote 3.7
. CVE-2021-35588 Hotspot Remote 3.1
|
java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.src
[120 KiB] |
Changelog
by JoungKyun.Kim (2021-09-04):
- update 1.8.0.302
https://www.oracle.com/java/technologies/javase/8u301-relnotes.html
https://www.oracle.com/java/technologies/javase/8u301-bugfixes.html
- security issues
https://www.oracle.com/security-alerts/cpujul2021.html
. CVE-2021-2388 Hotspot Remote 7.5
. CVE-2021-2369 Library Remote 4.3
. CVE-2021-2341 Networking Remote 3.1
|
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.src
[118 KiB] |
Changelog
by JoungKyun.Kim (2021-04-09):
- update 1.8.0.292
https://www.oracle.com/java/technologies/javase/8u291-relnotes.html
- security issues
https://www.oracle.com/security-alerts/cpujan2021.html
. CVE-2021-2161 Libraries Remote 5.9
. CVE-2021-2163 Libraries Remote 5.3
|
java-1.8.0-openjdk-1.8.0.282.b08-1.el7_9.src
[114 KiB] |
Changelog
by JoungKyun.Kim (2021-01-17):
- update 1.8.0.282
https://www.oracle.com/java/technologies/javase/8u281-relnotes.html
- Extend RH1750419 alt-java fix to include external debuginfo, following JDK-8252395 in 8u282-b01
- Resolves: rhbz#1901690
- security issues
https://www.oracle.com/security-alerts/cpujan2021.html
|
java-1.8.0-openjdk-1.8.0.275.b01-0.el7_9.src
[111 KiB] |
Changelog
by Andrew Hughes (2020-11-06):
- Update to aarch64-shenandoah-jdk8u275-b01 (GA)
- Update release notes for 8u275.
- Resolves: rhbz#1895062
|
java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.src
[111 KiB] |
Changelog
by JoungKyun.Kim (2020-10-20):
- update 1.8.0.272
https://www.oracle.com/java/technologies/javase/8u271-relnotes.html
- JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7
- update tzdata IANA 2020a
- security issues
https://www.oracle.com/security-alerts/cpuoct2020.html
. JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
. JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
. JDK-8237995, CVE-2020-14782: Enhance certificate processing
. JDK-8241114, CVE-2020-14792: Better range handling
. JDK-8242680, CVE-2020-14796: Improved URI Support
. JDK-8242685, CVE-2020-14797: Better Path Validation
. JDK-8242695, CVE-2020-14798: Enhanced buffer support
. JDK-8244136, CVE-2020-14803: Improved Buffer supports
|
java-1.8.0-openjdk-1.8.0.262.b10-0.el7_8.src
[104 KiB] |
Changelog
by JoungKyun.Kim (2020-07-12):
- update 1.8.0.262
https://www.oracle.com/java/technologies/javase/8u261-relnotes.html
- security issues
https://www.oracle.com/security-alerts/cpujul2020.html
. CVE-2020-14556: Better ForkJoinPool behavior
. CVE-2020-14577: Enhance certificate verification
. CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString()
. CVE-2020-14579: NullPointerException in DerValue.equals(DerValue)
. CVE-2020-14581: Better matrix operations
. CVE-2020-14583: Better Buffer support
. CVE-2020-14593: Less Affine Transformations
. CVE-2020-14621: Better XML namespace handling
|
java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src
[98 KiB] |
Changelog
by JoungKyun.Kim (2020-04-14):
- update 1.8.0.252
https://www.oracle.com/technetwork/java/javase/8u251-relnotes-5972664.html
- security issues
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA
. CVE-2020-2803 Libraries Remote 8.3
. CVE-2020-2805 Libraries Remote 8.3
. CVE-2019-18197 JavaFX(libxslt) Remote 8.1
. CVE-2020-2781 JSSE Remote 5.3
. CVE-2020-2830 Concurrency Remote 5.3
. CVE-2020-2800 Lightweight HTTP Server Remote 4.8
. CVE-2020-2754 Scripting Remote 3.7
. CVE-2020-2755 Scripting Remote 3.7
. CVE-2020-2773 Security Remote 3.7
. CVE-2020-2756 Serialization Remote 3.7
. CVE-2020-2757 Serialization Remote 3.7
|
java-1.8.0-openjdk-1.8.0.242.b08-0.el7_7.src
[96 KiB] |
Changelog
by JoungKyun.Kim (2020-03-12):
- update 1.8.0.242
https://www.oracle.com/technetwork/java/javase/8u241-relnotes-5813177.html
- security issues
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA
. CVE-2020-2604 Serialization Remote 8.1
. CVE-2019-16168 JavaFX (SQLite) Remote 7.5
. CVE-2019-13117 JavaFX (libxslt) Remote 7.5
. CVE-2019-13118 JavaFX (libxslt) Remote 7.5
. CVE-2020-2601 Security(Kerberos) Remote 6.8
. CVE-2020-2585 JavaFX Remote 5.9
. CVE-2020-2655 JSSE(HTTPS) Remote 4.8
. CVE-2020-2593 Networking Remote 4.8
. CVE-2020-2654 Libraries Remote 3.7
. CVE-2020-2590 Security(Kerberos) Remote 3.7
. CVE-2020-2659 Networking Remote 3.7
. CVE-2020-2583 Serialization Remote 3.7
|
java-1.8.0-openjdk-1.8.0.222.b03-1.el7.src
[89 KiB] |
Changelog
by Andrew Hughes (2019-05-22):
- Handle milestone as variables so we can alter it easily and set the docs zip filename appropriately.
- Drop unused use_shenandoah_hotspot variable.
- Resolves: rhbz#1705328
|
java-1.8.0-openjdk-1.8.0.232.b09-0.el7_7.src
[93 KiB] |
Changelog
by JoungKyun.Kim (2019-11-14):
- update 1.8.0.232
https://www.oracle.com/technetwork/java/javase/documentation/8u-relnotes-2225394.html
- security issues
https://www.oracle.com/security-alerts/cpuoct2019.html#AppendixJAVA
. CVE-2019-2949 Kerberos Remote 6.8
. CVE-2019-2989 Networking Remote 6.8
. CVE-2019-2958 Libraries Remote 5.9
. CVE-2019-11068 JavaFX (libxslt) Remote 5.6
. CVE-2019-2975 Scripting Remote 4.8
. CVE-2019-2999 Javadoc Remote 4.7
. CVE-2019-2996 Deployment Remote 4.2
. CVE-2019-2962 2D Remote 3.7
. CVE-2019-2988 2D Remote 3.7
. CVE-2019-2992 2D Remote 3.7
. CVE-2019-2964 Concurrency Remote 3.7
. CVE-2019-2973 JAXP Remote 3.7
. CVE-2019-2981 JAXP Remote 3.7
. CVE-2019-2978 Networking Remote 3.7
. CVE-2019-2894 Security Remote 3.7
. CVE-2019-2983 Serialization Remote 3.7
. CVE-2019-2933 Libraries Remote 3.1
. CVE-2019-2945 Networking Remote 3.1
|
java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6.src
[90 KiB] |
Changelog
by JoungKyun.Kim (2019-07-11):
- update 1.8.0.222
https://www.oracle.com/technetwork/java/javase/8u221-relnotes-5480116.html
https://www.oracle.com/technetwork/java/javase/2col/8u221-bugfixes-5480117.html
- security issues
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
. CVE-2019-7317 AWT (libpng) Remote 6.8
. CVE-2019-2762 Utilities Remote 5.3
. CVE-2019-2769 Utilities Remote 5.3
. CVE-2019-2745 Security Local 5.1
. CVE-2019-2816 Networking Remote 4.8
. CVE-2019-2842 JCE Remote 3.7
. CVE-2019-2786 Security Remote 3.4
. CVE-2019-2766 Networking Remote 3.1
|
java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.src
[85 KiB] |
Changelog
by JoungKyun.Kim (2019-05-10):
- update 1.8.0.212
https://www.oracle.com/technetwork/java/javase/8u212-relnotes-5292913.html
https://www.oracle.com/technetwork/java/javase/2col/8u212-bugfixes-5292916.html
- security issues
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
. CVE-2018-11212 ImageIO (libjpeg) Remote 5.3
. CVE-2019-2426 Networking Remote 3.7
. CVE-2019-2449 Deployment Remote 3.1
. CVE-2019-2422 Libraries Remote 3.1
|
java-1.8.0-openjdk-1.8.0.201.b09-2.el7_6.src
[83 KiB] |
Changelog
by JoungKyun.Kim (2019-03-09):
- update 1.8.0.201
https://www.oracle.com/technetwork/java/javase/8u201-relnotes-5209271.html
https://www.oracle.com/technetwork/java/javase/2col/8u201-bugfixes-5209275.html
- security issues
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
. CVE-2018-11212 ImageIO (libjpeg) Remote 5.3
. CVE-2019-2426 Networking Remote 3.7
. CVE-2019-2449 Deployment Remote 3.1
. CVE-2019-2422 Libraries Remote 3.1
|
java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.src
[75 KiB] |
Changelog
by JoungKyun.Kim (2018-12-02):
- Update to aarch64-shenandoah-jdk8u191-b12.
|
java-1.8.0-openjdk-1.8.0.191.b12-0.el7_5.src
[75 KiB] |
Changelog
by JoungKyun.Kim (2018-10-20):
- update 1.8.0.191
https://www.oracle.com/technetwork/java/javase/8u191-relnotes-5032181.html
- security issues
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
. CVE-2018-3183 JRockit Remote 9.0
. CVE-2018-3209 JavaFX Remote 8.3
. CVE-2018-3169 Hotspot Remote 8.3
. CVE-2018-3149 JNDI Remote 8.3
. CVE-2018-3211 Serviceability No 6.6
. CVE-2018-3180 JSSE Remote 5.6
. CVE-2018-3214 Sound Remote 5.3
. CVE-2018-13785 Deployment (libpng) Remote 3.7
. CVE-2018-3136 Security Remote 3.4
. CVE-2018-3139 Networking Remote 3.1
|
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src
[71 KiB] |
Changelog
by JoungKyun.Kim (2018-07-28):
- security issues
. CVE-2018-2938 Java DB
. CVE-2018-2964 Deployment
. CVE-2018-2941 JavaFX
. CVE-2018-2942 Windows DLL
. CVE-2018-2972 Security
. CVE-2018-2973 JSSE SSL/TLS
. CVE-2018-2940 Libraries
. CVE-2018-2952 Concurrency
|
java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src
[65 KiB] |
Changelog
by Jiri Vanek (2018-05-16):
- added and applied 1566890_embargoed20180521.patch
- Resolves: rhbz#1578555
- security issues
. CVE-2018-3639 hw: cpu: speculative store bypass
|
java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src
[65 KiB] |
Changelog
by JoungKyun.Kim (2018-04-17):
- security issues
. CVE-2018-2814 Hotspot
. CVE-2018-2811 Install (Local)
. CVE-2018-2794 Security (Local)
. CVE-2018-2783 Security
. CVE-2018-2798 AWT
. CVE-2018-2796 Concurrency
. CVE-2018-2799 JAXP
. CVE-2018-2797 JMX
. CVE-2018-2795 Security
. CVE-2018-2815 Serialization
. CVE-2018-2800 RMI
. CVE-2018-2790 Security
|
java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4.src
[62 KiB] |
Changelog
by Andrew Hughes (2018-01-10):
- Update to b14 with updated Zero fix for 8174962 (S8194828)
- Resolves: rhbz#1528233
|
java-1.8.0-openjdk-1.8.0.151-5.b12.el7_4.src
[61 KiB] |
Changelog
by Jiri Vanek (2017-11-20):
- Backport "8180048: Interned string and symbol table leak memory during parallel unlinking" (gnu_andrew)
- Resolves: rhbz#1515212
|
java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.src
[60 KiB] |
Changelog
by JoungKyun.Kim (2017-10-21):
- security issues
CVE-2017-10346 Hotspot component. Enabled remote attack without auth
CVE-2017-10285 RMI component. Enabled remote attack without auth
CVE-2017-10388 Libraries component(Kerberos). Enabled remote attack without auth
CVE-2017-10309 Deployment component. Enabled remote attack without auth
CVE-2017-10274 Smart Card IO component. Enabled remote attack without auth
CVE-2017-10356 Security component. No
CVE-2017-10293 Javadoc component(HTTP). Enabled remote attack without auth
CVE-2017-10350 JAX-WS component. Enabled remote attack without auth
CVE-2017-10349 JAXP component. Enabled remote attack without auth
CVE-2017-10348 Libraries component. Enabled remote attack without auth
CVE-2017-10357 Serialization component. Enabled remote attack without auth
CVE-2016-9841 Util (zlib) component. Enabled remote attack without auth
CVE-2016-10165 2D (Little CMS 2) component. Enabled remote attack without auth
CVE-2017-10355 Networking component. Enabled remote attack without auth
CVE-2017-10281 Serialization component. Enabled remote attack without auth
CVE-2017-10347 Serialization component. Enabled remote attack without auth
CVE-2017-10295 Networking component(HTTP). Enabled remote attack without auth
CVE-2017-10345 Serialization component. Enabled remote attack without auth
|
java-1.8.0-openjdk-1.8.0.144-0.b01.el7_4.src
[55 KiB] |
Changelog
by Andrew Hughes (2017-08-15):
- Update to aarch64-jdk8u144-b01 and aarch64-shenandoah-jdk8u144-b01.
- Exclude 8175887 from Shenandoah builds as it has been included in that repo.
- Resolves: rhbz#1481947
|
java-1.8.0-openjdk-1.8.0.141-2.b16.el7_4.src
[55 KiB] |
Changelog
by Andrew Hughes (2017-07-14):
- Update to aarch64-jdk8u141-b16 and aarch64-shenandoah-jdk8u141-b16.
- Revert change to remove-intree-libraries.sh following backout of 8173207
- Resolves: rhbz#1466509
|
java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3.src
[55 KiB] |
Changelog
by JoungKyun.Kim (2017-07-28):
- update 1.8.0-141.b16
- security fix
. CVE-2017-10053
. CVE-2017-10067
. CVE-2017-10074
. CVE-2017-10078
. CVE-2017-10081
. CVE-2017-10087
. CVE-2017-10089
. CVE-2017-10090
. CVE-2017-10096
. CVE-2017-10101
. CVE-2017-10102
. CVE-2017-10107
. CVE-2017-10108
. CVE-2017-10109
. CVE-2017-10110
. CVE-2017-10111
. CVE-2017-10115
. CVE-2017-10116
. CVE-2017-10135
. CVE-2017-10193
. CVE-2017-10198
|
java-1.8.0-openjdk-1.8.0.131-3.b12.el7_3.src
[54 KiB] |
Changelog
by Andrew Hughes (2017-04-27):
- Update to aarch64-jdk8u131-b12 and aarch64-shenandoah-jdk8u131-b12 for AArch64 8168699 fix
- Resolves: rhbz#1449258
|
java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src
[53 KiB] |
Changelog
by JoungKyun.Kim (2017-04-30):
- update 1.8.0-131.b11
- security fix
. CVE-2017-3509
. CVE-2017-3511
. CVE-2017-3526
. CVE-2017-3533
. CVE-2017-3539
. CVE-2017-3544
|
java-1.8.0-openjdk-1.8.0.121-0.b13.el7_3.src
[52 KiB] |
Changelog
by JoungKyun.Kim (2017-01-22):
- update 1.8.0-121.b13
- security fix
. CVE-2016-5546
It was discovered that the Libraries component of OpenJDK accepted ECSDA
signatures using non-canonical DER encoding. This could cause a Java application
to accept signature in an incorrect format not accepted by other cryptographic
tools.
. CVE-2016-5547
It was discovered that the Libraries component of OpenJDK did not validate the
length of the object identifier read from the DER input before allocating memory
to store the OID. An attacker able to make a Java application decode a specially
crafted DER input could cause the application to consume an excessive amount of
memory.
. CVE-2016-5548
A covert timing channel flaw was found in the DSA implementation in the
Libraries component of OpenJDK. A remote attacker could possibly use this flaw
to extract certain information about the used key via a timing side channel.
. CVE-2016-5552
It was discovered that the Networking component of OpenJDK failed to properly
parse user info from the URL. A remote attacker could cause a Java application
to incorrectly parse an attacker supplied URL and interpret it differently from
other applications processing the same URL.
. CVE-2017-3231, CVE-2017-3261
Multiple flaws were found in the Networking components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass certain
Java sandbox restrictions.
. CVE-2017-3241
It was discovered that the RMI registry and DCG implementations in the RMI
component of OpenJDK performed deserialization of untrusted inputs. A remote
attacker could possibly use this flaw to execute arbitrary code with the
privileges of RMI registry or a Java RMI application.
. CVE-2017-3252
It was discovered that the JAAS component of OpenJDK did not use the correct
way to extract user DN from the result of the user search LDAP query. A
specially crafted user LDAP entry could cause the application to use an
incorrect DN.
. CVE-2017-3253
It was discovered that the 2D component of OpenJDK performed parsing of iTXt
and zTXt PNG image chunks even when configured to ignore metadata. An attacker
able to make a Java application parse a specially crafted PNG image could cause
the application to consume an excessive amount of memory.
. CVE-2017-3272, CVE-2017-3289
Multiple flaws were discovered in the Libraries and Hotspot components in
OpenJDK. An untrusted Java application or applet could use these flaws to
completely bypass Java sandbox restrictions.
. CVE-2016-2183
A flaw was found in the way the DES/3DES cipher was used as part of the
TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover
some plaintext data by capturing large amounts of encrypted traffic between
TLS/SSL server and client if the communication used a DES/3DES based
ciphersuite.
|
java-1.8.0-openjdk-1.8.0.111-2.b15.el7_3.src
[47 KiB] |
Changelog
by JoungKyun.Kim (2016-12-14):
- update 1.8.0.111-2.b15 with RHEL 7.3
|
java-1.8.0-openjdk-1.8.0.111-1.b15.el7_2.src
[47 KiB] |
Changelog
by Andrew Hughes (2016-10-11):
- update 1.8.0-111.b15
- Keep debug architecture set the same on RHEL 7.2
- Resolves: rhbz#1381990
- Bump release for rebuild.
- Resolves: rhbz#1381990
- Turn debug builds on for all JIT architectures. Always AssumeMP on RHEL.
- Resolves: rhbz#1381990
- Update to aarch64-jdk8u111-b15, with AArch64 fix for S8160591.
- Swap java.security md5sum for 7.2.z version with ECC patch.
- Resolves: rhbz#1381990
- Update to aarch64-jdk8u111-b14.
- Add latest md5sum for java.security file due to jar signing property addition.
- Drop S8157306 and the CORBA typo fix, both of which appear upstream in u111.
- Add LCMS 2 patch to fix Red Hat security issue RH1367357 in the local OpenJDK copy.
- Resolves: rhbz#1381990
- declared check_sum_presented_in_spec and used in prep and check
- it is checking that latest packed java.security is mentioned in listing
- Resolves: rhbz#1368440
- New variable, @prefix@, needs to be substituted in tapsets (rhbz1371005)
- Resolves: rhbz#1368440
- Update to aarch64-jdk8u102-b14.
- Drop 8140620, 8148752 and 6961123, all of which appear upstream in u102.
- Move 8159244 to 8u111 section as it only appears to be in unpublished u102 b31.
- Move 8158260 to 8u112 section following its backport to 8u.
- Resolves: rhbz#1368440
- Update to aarch64-jdk8u101-b15.
- Rebase SystemTap tarball on IcedTea 3.1.0 versions so as to avoid patching.
- Drop additional hunk for 8147771 which is now applied upstream.
- Resolves: rhbz#1368440
- security fix
. CVE-2016-5542
allows remote attackers to affect integrity via vectors related to Libraries.
. CVE-2016-5554
allows remote attackers to affect integrity via vectors related to JMX.
. CVE-2016-5573
allows remote attackers to affect confidentiality, integrity, and availability
via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
. CVE-2016-5582
allows remote attackers to affect confidentiality, integrity, and availability
via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
. CVE-2016-5597
allows remote attackers to affect confidentiality via vectors related to Networking.
|
java-1.8.0-openjdk-1.8.0.102-1.b14.el7_2.src
[44 KiB] |
Changelog
by Andrew Hughes (2016-09-16):
- update 1.8.0-102.b14
- Fix regression in SSL debug output when no ECC provider is available. (rhbz#1365618)
|
java-1.8.0-openjdk-1.8.0.101-3.b13.el7_2.src
[44 KiB] |
Changelog
by Andrew Hughes (2016-07-21):
- update 1.8.0-101.b13
- security fix
. CVE-2016-3458
. CVE-2016-3500
Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass certain
Java sandbox restrictions.
. CVE-2016-3508
. CVE-2016-3550
Multiple denial of service flaws were found in the JAXP component in OpenJDK.
A specially crafted XML file could cause a Java application using JAXP to
consume an excessive amount of CPU and memory when parsed.
. CVE-2016-3587
. CVE-2016-3598
. CVE-2016-3606
. CVE-2016-3610
Multiple flaws were discovered in the Hotspot and Libraries components in
OpenJDK. An untrusted Java application or applet could use these flaws to
completely bypass Java sandbox restrictions.
|
java-1.8.0-openjdk-1.8.0.91-1.b14.el7_2.src
[43 KiB] |
Changelog
by Andrew Hughes (2016-06-01):
- Add fix for PKCS#10 output regression, adding -systemlineendings option.
- Resolves: rhbz#1343832
|
java-1.8.0-openjdk-1.8.0.91-0.b14.el7_2.src
[43 KiB] |
Changelog
by Andrew Hughes (2016-04-12):
- security fix
. CVE-2016-0686, CVE-2016-0687
Multiple flaws were discovered in the Serialization and Hotspot components in
OpenJDK. An untrusted Java application or applet could use these flaws to
completely bypass Java sandbox restrictions.
. CVE-2016-3427
It was discovered that the RMI server implementation in the JMX component in
OpenJDK did not restrict which classes can be deserialized when deserializing
authentication credentials. A remote, unauthenticated attacker able to connect
to a JMX port could possibly use this flaw to trigger deserialization flaws.
. CVE-2016-3425
It was discovered that the JAXP component in OpenJDK failed to properly handle
Unicode surrogate pairs used as part of the XML attribute values. Specially
crafted XML input could cause a Java application to use an excessive amount of
memory when parsed.
. CVE-2016-3426
It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE
component in OpenJDK used a non-constant time comparison when comparing GCM
authentication tags. A remote attacker could possibly use this flaw to determine
the value of the authentication tag.
. CVE-2016-0695
It was discovered that the Security component in OpenJDK failed to check the
digest algorithm strength when generating DSA signatures. The use of a digest
weaker than the key strength could lead to the generation of signatures that
were weaker than expected.
- Update to u91b14.
Resolves: rhbz#1325422
- Enable a full bootstrap on JIT archs. Full build held back by Zero archs anyway.
Resolves: rhbz#1325422
- Add 8132051 port to AArch64.
Resolves: rhbz#1325422
- Turn on bootstrap build for all to ensure we are now good to go.
Resolves: rhbz#1325422
- Add additional fix to Zero patch to properly handle result on 64-bit big-endian
Resolves: rhbz#1325422
- Revert settings to production defaults so we can at least get a build.
Resolves: rhbz#1325422
- Switch to a slowdebug build to try and unearth remaining issue on s390x.
Resolves: rhbz#1325422
- Add missing comma in 8132051 patch.
Resolves: rhbz#1325422
- Add 8132051 port to Zero.
|
java-1.8.0-openjdk-1.8.0.77-0.b03.el7_2.src
[40 KiB] |
Changelog
by Andrew Hughes (2016-03-23):
- Remove what remains of the SunEC sources in the remove-intree-libraries script.
- Resolves: rhbz#1320664
- Update to u77b03.
- Drop 8146566 which is applied upstream.
- Replace s390 Java options patch with general version from IcedTea.
- Apply s390 patches unconditionally to avoid arch-specific patch failures.
- Remove fragment of s390 size_t patch that unnecessarily removes a cast, breaking ppc64le.
- Remove aarch64-specific suffix as update/build version are now the same as for other archs.
- Only use z format specifier on s390, not s390x.
- Adjust tarball generation script to allow ecc_impl.h to be included.
- Correct spelling mistakes in tarball generation script.
- Synchronise minor changes from Fedora.
- Use a simple backport for PR2462/8074839.
- Don't backport the crc check for pack.gz. It's not tested well upstream.
- Resolves: rhbz#1320664
|
java-1.8.0-openjdk-1.8.0.71-2.b15.el7_2.src
[38 KiB] |
Changelog
by Andrew Hughes (2016-01-15):
- Add md5sum for previous java.security file so it gets updated.
- Resolves: rhbz#1295753
|