From bdb7f5498b84520982ff683795248e06f4c8f445 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 16 May 2023 18:46:50 +0300 Subject: [PATCH] Portable build --- SOURCES/NEWS | 2404 ++++++++ SOURCES/java-1.8.0-openjdk-portable.specfile | 9 +- .../jdk8186464-rh1433262-zip64_failure.patch | 283 + ...lite-libs_instead_of_pcsc-lite-devel.patch | 13 + SPECS/java-1.8.0-openjdk.spec | 5148 +---------------- 5 files changed, 2706 insertions(+), 5151 deletions(-) create mode 100644 SOURCES/NEWS create mode 100644 SOURCES/jdk8186464-rh1433262-zip64_failure.patch create mode 100644 SOURCES/rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch mode change 100644 => 120000 SPECS/java-1.8.0-openjdk.spec diff --git a/SOURCES/NEWS b/SOURCES/NEWS new file mode 100644 index 0000000..33e4199 --- /dev/null +++ b/SOURCES/NEWS @@ -0,0 +1,2404 @@ +Key: + +JDK-X - https://bugs.openjdk.java.net/browse/JDK-X +CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY + +New in release OpenJDK 8u372 (2023-04-18): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u372 + +* CVEs + - CVE-2023-21930 + - CVE-2023-21937 + - CVE-2023-21938 + - CVE-2023-21939 + - CVE-2023-21954 + - CVE-2023-21967 + - CVE-2023-21968 +* Security fixes + - JDK-8287404: Improve ping times + - JDK-8288436: Improve Xalan supports + - JDK-8294474: Better AES support + - JDK-8295304: Runtime support improvements + - JDK-8296496, JDK-8292652: Overzealous check in sizecalc.h prevents large memory allocation + - JDK-8296676, JDK-8296622: Improve String platform support + - JDK-8296684: Improve String platform support + - JDK-8296692: Improve String platform support + - JDK-8296700: Improve String platform support + - JDK-8296832: Improve Swing platform support + - JDK-8297371: Improve UTF8 representation redux + - JDK-8298191: Enhance object reclamation process + - JDK-8298310: Enhance TLS session negotiation + - JDK-8298667: Improved path handling + - JDK-8299129: Enhance NameService lookups +* New features + - JDK-8230305: Cgroups v2: Container awareness +* Other changes + - JDK-6734341: REGTEST fails: SelectionAutoscrollTest.html + - JDK-6829250: Reg test: java/awt/Toolkit/ScreenInsetsTest/ScreenInsetsTest.java fails in Windows + - JDK-7001973: java/awt/Graphics2D/CopyAreaOOB.java fails + - JDK-7124238: [macosx] Font in BasicHTML document is bigger than it should be + - JDK-7124381: DragSourceListener.dragDropEnd() never been called on completion of dnd operation + - JDK-8039888: [TEST_BUG] keyboard garbage after javax/swing/plaf/windows/WindowsRootPaneUI/WrongAltProcessing/WrongAltProcessing.java + - JDK-8042098: [TESTBUG] Test sun/java2d/AcceleratedXORModeTest.java fails on Windows + - JDK-8065422: Trailing dot in hostname causes TLS handshake to fail with SNI disabled + - JDK-8072770: [TESTBUG] Some Introspector tests fail with a Java heap bigger than 4GB + - JDK-8075964: Test java/awt/Mouse/TitleBarDoubleClick/TitleBarDoubleClick.html fails intermittently with timeout error + - JDK-8137101: [TEST_BUG] javax/swing/plaf/basic/BasicHTML/4251579/bug4251579.java failure due to timing + - JDK-8142540: [TEST_BUG] Test sun/awt/dnd/8024061/bug8024061.java fails on ubuntu + - JDK-8156579: Two JavaBeans tests failed + - JDK-8156581: Cleanup of ProblemList.txt + - JDK-8159135: [PIT] javax/swing/JMenuItem/8152981/MenuItemIconTest.java always fail + - JDK-8177560: @headful key can be removed from the tests for JavaSound + - JDK-8196196: Headful tests should not be run in headless mode + - JDK-8196467: javax/swing/JInternalFrame/Test6325652.java fails + - JDK-8197408: Bad pointer comparison and small cleanup in os_linux.cpp + - JDK-8203485: [freetype] text rotated on 180 degrees is too narrow + - JDK-8205959: Do not restart close if errno is EINTR + - JDK-8216366: Add rationale to PER_CPU_SHARES define + - JDK-8226236: win32: gc/metaspace/TestCapacityUntilGCWrapAround.java fails + - JDK-8228585: jdk/internal/platform/cgroup/TestCgroupMetrics.java - NumberFormatException because of large long values (memory limit_in_bytes) + - JDK-8229182: [TESTBUG] runtime/containers/docker/TestMemoryAwareness.java test fails on SLES12 + - JDK-8229202: Docker reporting causes secondary crashes in error handling + - JDK-8231111: Cgroups v2: Rework Metrics in java.base so as to recognize unified hierarchy + - JDK-8232207: Linux os::available_memory re-reads cgroup configuration on every invocation + - JDK-8233570: [TESTBUG] HTMLEditorKit test bug5043626.java is failing on macos + - JDK-8234484: Add ability to configure third port for remote JMX + - JDK-8237479: 8230305 causes slowdebug build failure + - JDK-8239559: Cgroups: Incorrect detection logic on some systems + - JDK-8239785: Cgroups: Incorrect detection logic on old systems in hotspot + - JDK-8239827: The test OpenByUNCPathNameTest.java should be changed to be manual + - JDK-8240189: [TESTBUG] Some cgroup tests are failing after JDK-8231111 + - JDK-8241087: Build failure with VS 2019 (16.5.0) due to C2039 and C2873 + - JDK-8242468: VS2019 build missing vcruntime140_1.dll + - JDK-8243543: jtreg test security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java fails + - JDK-8244500: jtreg test error in test/hotspot/jtreg/containers/docker/TestMemoryAwareness.java + - JDK-8245543: Cgroups: Incorrect detection logic on some systems (still reproducible) + - JDK-8245654: Add Certigna Root CA + - JDK-8247676: vcruntime140_1.dll is not needed on 32-bit Windows + - JDK-8248899: security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java fails, Certificate has been revoked + - JDK-8252359: HotSpot Not Identifying it is Running in a Container + - JDK-8252957: Wrong comment in CgroupV1Subsystem::cpu_quota + - JDK-8253435: Cgroup: 'stomping of _mount_path' crash if manually mounted cpusets exist + - JDK-8253714: [cgroups v2] Soft memory limit incorrectly using memory.high + - JDK-8253727: [cgroups v2] Memory and swap limits reported incorrectly + - JDK-8253797: [cgroups v2] Account for the fact that swap accounting is disabled on some systems + - JDK-8253939: [TESTBUG] Increase coverage of the cgroups detection code + - JDK-8254001: [Metrics] Enhance parsing of cgroup interface files for version detection + - JDK-8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards + - JDK-8254997: Remove unimplemented OSContainer::read_memory_limit_in_bytes + - JDK-8257620: Do not use objc_msgSend_stret to get macOS version + - JDK-8262379: Add regression test for JDK-8257746 + - JDK-8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec + - JDK-8266391: Replace use of reflection in jdk.internal.platform.Metrics + - JDK-8270317: Large Allocation in CipherSuite + - JDK-8275535: Retrying a failed authentication on multiple LDAP servers can lead to users blocked + - JDK-8275650: Problemlist java/io/File/createTempFile/SpecialTempFile.java for Windows 11 + - JDK-8275713: TestDockerMemoryMetrics test fails on recent runc + - JDK-8278951: containers/cgroup/PlainRead.java fails on Ubuntu 21.10 + - JDK-8280048: Missing comma in copyright header + - JDK-8282398: EndingDotHostname.java test fails because SSL cert expired + - JDK-8282511: Use fixed certificate validation date in SSLExampleCert template + - JDK-8282947: JFR: Dump on shutdown live-locks in some conditions + - JDK-8283277: ISO 4217 Amendment 171 Update + - JDK-8283606: Tests may fail with zh locale on MacOS + - JDK-8284102: [TESTBUG] [11u] Retroactively add regression test for JDK-8272124 + - JDK-8284690: [macos] VoiceOver : Getting java.lang.IllegalArgumentException: Invalid location on Editable JComboBox + - JDK-8284756: [11u] Remove unused isUseContainerSupport in CgroupV1Subsystem + - JDK-8284977: MetricsTesterCgroupV2.getLongValueEntryFromFile fails when named value doesn't exist + - JDK-8286624: Regression Test CoordinateTruncationBug.java fails on OL8.3 + - JDK-8287107: CgroupSubsystemFactory.setCgroupV2Path asserts with freezer controller + - JDK-8287109: Distrust.java failed with CertificateExpiredException + - JDK-8287463: JFR: Disable TestDevNull.java on Windows + - JDK-8287741: Fix of JDK-8287107 (unused cgv1 freezer controller) was incomplete + - JDK-8289549: ISO 4217 Amendment 172 Update + - JDK-8289695: [TESTBUG] TestMemoryAwareness.java fails on cgroups v2 and crun + - JDK-8291570: [TESTBUG] Part of JDK-8250984 absent from 11u + - JDK-8292083: Detected container memory limit may exceed physical machine memory + - JDK-8292541: [Metrics] Reported memory limit may exceed physical machine memory + - JDK-8293472: Incorrect container resource limit detection if manual cgroup fs mounts present + - JDK-8293540: [Metrics] Incorrectly detected resource limits with additional cgroup fs mounts + - JDK-8293767: AWT test TestSinhalaChar.java has old SCCS markings + - JDK-8294307: ISO 4217 Amendment 173 Update + - JDK-8294767: 8u contains two copies of test/../FileUtils.java, one uses JDK9+ features + - JDK-8295322: Tests for JDK-8271459 were not backported to 11u + - JDK-8295952: Problemlist existing compiler/rtm tests also on x86 + - JDK-8295982: Failure in sun/security/tools/keytool/WeakAlg.java - ks: The process cannot access the file because it is being used by another process + - JDK-8296239: ISO 4217 Amendment 174 Update + - JDK-8296480: java/security/cert/pkix/policyChanges/TestPolicy.java is failing + - JDK-8296485: BuildEEBasicConstraints.java test fails with SunCertPathBuilderException + - JDK-8296632: Write a test to verify the content change of TextArea sends TextEvent + - JDK-8296957: One more cast in SAFE_SIZE_NEW_ARRAY2 + - JDK-8297329: [8u] hotspot needs to recognise VS2019 + - JDK-8297739: Bump update version of OpenJDK: 8u372 + - JDK-8297996: [8u] generated images are broken due to renaming of MSVC runtime DLL's + - JDK-8298027: Remove SCCS id's from awt jtreg tests + - JDK-8298307: Enable hotspot/tier1 for 32-bit builds in GHA for 8u + - JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR + - JDK-8299445: EndingDotHostname.java fails because of compilation errors + - JDK-8299483: ProblemList java/text/Format/NumberFormat/CurrencyFormat.java + - JDK-8299548: Fix hotspot/test/runtime/Metaspace/MaxMetaspaceSizeTest.java in 8u + - JDK-8299804: Fix non-portable code in hotspot shell tests in 8u + - JDK-8300014: Some backports placed the tests in the wrong location + - JDK-8300119: CgroupMetrics.getTotalMemorySize0() can report invalid results on 32 bit systems + - JDK-8301122: [8u] Fix unreliable vs2010 download link + - JDK-8301143: [TESTBUG] jfr/event/sampling/TestNative was backported to JDK8u without proper native wrapper + - JDK-8301246: NPE in FcFontManager.getDefaultPlatformFont() on Linux without installed fontconfig + - JDK-8301332: [8u] Fix writing of test files after the cgroups v2 backport + - JDK-8301550: [8u] Enable additional linux build testing in GitHub + - JDK-8301620: [8u] some shell tests are passed but have unexpected operator errors + - JDK-8301760: Fix possible leak in SpNegoContext dispose + - JDK-8303408: [AIX] Broken jdk8u build after JDK-8266391 + - JDK-8303828: [Solaris] Broken jdk8u build after JDK-8266391 + - JDK-8304053: Revert os specific stubs for SystemMetrics + - JDK-8305113: (tz) Update Timezone Data to 2023c + +Notes on individual issues: +=========================== + +hotspot: +core-libs: + +JDK-8305562: Cgroups v2: Container awareness +============================================ +The HotSpot runtime code as well as the core libraries code in the JDK +has been updated in order to detect a cgroup v2 host system when +running OpenJDK within a Linux container. + +Since the 8u202 release of OpenJDK, the container detection code +recognized cgroup v1 (legacy) host Linux systems. With 8u372 and later +releases, both versions of the underlying cgroups pseudo filesystem +will be detected and corresponding container limits applied to the +OpenJDK runtime. + +Without this enhancement, OpenJDK would not apply container resource +limits when running on a cgroup v2 Linux host system, but would use +the underlying hosts' resource limits instead. + +client-libs/javax.swing: + +JDK-8296832: Improve Swing platform support +=========================================== +Earlier OpenJDK releases would always render HTML object tags embedded in +Swing HTML components. With this release, rendering only occurs when the +new system property "swing.html.object" is set to true. By default, it +is set to false. + +core-svc/javax.management: + +JDK-8234484: Added Ability to Configure Third Port for Remote JMX +================================================================= +A local access port can now be configured for JMX connections by +setting the property `com.sun.management.jmxremote.local.port`. This +local port was previously selected at random, which could lead to port +collisions. The property works in the same way as the existing +properties for configuring the remote access port +(`com.sun.management.jmxremote.port`) and the RMI port +(`com.sun.management.jmxremote.rmi.port`) + +security-libs/java.security: + +JDK-8245654: Added Certigna(Dhimyotis) Root CA Certificate +========================================================== +The following root certificate has been added to the cacerts truststore: + +Name: Certigna (Dhimyotis) +Alias Name: certignarootca +Distinguished Name: CN=Certigna, O=Dhimyotis, C=FR + +New in release OpenJDK 8u362 (2023-01-17): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u362 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u362.html + +* CVEs + - CVE-2023-21830 + - CVE-2023-21843 +* Security fixes + - JDK-8285021: Improve CORBA communication + - JDK-8286496: Improve Thread labels + - JDK-8288516: Enhance font creation + - JDK-8289350: Better media supports + - JDK-8293554: Enhanced DH Key Exchanges + - JDK-8293598: Enhance InetAddress address handling + - JDK-8293717: Objective view of ObjectView + - JDK-8293734: Improve BMP image handling + - JDK-8293742: Better Banking of Sounds + - JDK-8295687: Better BMP bounds +* Other changes + - JDK-6885993: Named Thread: introduce print() and print_on(outputStream* st) methods + - JDK-7124218: [TEST_BUG] [macosx] Space should select cell in the JTable + - JDK-8054066: com/sun/jdi/DoubleAgentTest.java fails with timeout + - JDK-8067941: [TESTBUG] Fix tests for OS with 64K page size. + - JDK-8071530: Update OS detection code to reflect Windows 10 version change + - JDK-8073464: GC workers do not have thread names + - JDK-8079255: [TEST_BUG] [macosx] Test closed/java/awt/Robot/RobotWheelTest/RobotWheelTest fails for Mac only + - JDK-8129827: [TEST_BUG] Test java/awt/Robot/RobotWheelTest/RobotWheelTest.java fails + - JDK-8148005: One byte may be corrupted by get_datetime_string() + - JDK-8159599: [TEST_BUG] java/awt/Modal/ModalInternalFrameTest/ModalInternalFrameTest.java + - JDK-8159720: Failure of C2 compilation with tiered prevents some C1 compilations + - JDK-8195607: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1 + - JDK-8197859: VS2017 Complains about UINTPTR_MAX definition in globalDefinitions_VisCPP.hpp + - JDK-8206456: [TESTBUG] docker jtreg tests fail on systems without cpuset.effective_cpus / cpuset.effective_mems + - JDK-8221529: [TESTBUG] Docker tests use old/deprecated image on AArch64 + - JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails with exitValue = 137 + - JDK-8233551: [TESTBUG] SelectEditTableCell.java fails on MacOS + - JDK-8241086: Test runtime/NMT/HugeArenaTracking.java is failing on 32bit Windows + - JDK-8253702: BigSur version number reported as 10.16, should be 11.nn + - JDK-8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() + - JDK-8265527: tools/javac/diags/CheckExamples.java fails after JDK-8078024 8u backport + - JDK-8269039: Disable SHA-1 Signed JARs + - JDK-8269850: Most JDK releases report macOS version 12 as 10.16 instead of 12.0 + - JDK-8270344: Session resumption errors + - JDK-8271459: C2: Missing NegativeArraySizeException when creating StringBuilder with negative capacity + - JDK-8273176: handle latest VS2019 in abstract_vm_version + - JDK-8274563: jfr/event/oldobject/TestClassLoaderLeak.java fails when GC cycles are not happening + - JDK-8274840: Update OS detection code to recognize Windows 11 + - JDK-8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled + - JDK-8280890: Cannot use '-Djava.system.class.loader' with class loader in signed JAR + - JDK-8283277: ISO 4217 Amendment 171 Update + - JDK-8283903: GetContainerCpuLoad does not return the correct result in share mode + - JDK-8284389: Improve stability of GHA Pre-submit testing by caching cygwin installer + - JDK-8284622: Update versions of some Github Actions used in JDK workflow + - JDK-8286582: Build fails on macos aarch64 when using --with-zlib=bundled + - JDK-8288928: Incorrect GPL header in pnglibconf.h (backport of JDK-8185041) + - JDK-8289549: ISO 4217 Amendment 172 Update + - JDK-8292762: Remove .jcheck directories from jdk8u subcomponents + - JDK-8293181: Bump update version of OpenJDK: 8u362 + - JDK-8293461: Add a test for JDK-8290832 + - JDK-8293828: JFR: jfr/event/oldobject/TestClassLoaderLeak.java still fails when GC cycles are not happening + - JDK-8294307: ISO 4217 Amendment 173 Update + - JDK-8294357: (tz) Update Timezone Data to 2022d + - JDK-8294863: Enable partial tier1 testing in GHA for JDK8 + - JDK-8295164: JDK 8 jdi tests should not use tasklist command on Windows + - JDK-8295173: (tz) Update Timezone Data to 2022e + - JDK-8295288: Some vm_flags tests associate with a wrong BugID + - JDK-8295714: GHA ::set-output is deprecated and will be removed + - JDK-8295723: security/infra/wycheproof/RunWycheproof.java fails with Assertion Error + - JDK-8295915: Problemlist compiler/rtm failures specific to 8u + - JDK-8295950: Enable langtools/tier1 in GHA for 8u + - JDK-8296108: (tz) Update Timezone Data to 2022f + - JDK-8296239: ISO 4217 Amendment 174 Update + - JDK-8296555: Enable hotspot/tier1 for 64-bit builds in GHA for 8u + - JDK-8296715: CLDR v42 update for tzdata 2022f + - JDK-8296959: Fix hotspot shell tests of 8u on multilib systems + - JDK-8297141: Fix hotspot/test/runtime/SharedArchiveFile/DefaultUseWithClient.java for 8u + - JDK-8297804: (tz) Update Timezone Data to 2022g + - JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR + - JDK-8299483: ProblemList java/text/Format/NumberFormat/CurrencyFormat.java + - JDK-8300178: JDK-8286496 causes build failure on older GCC + - JDK-8300225: JDK-8288516 causes build failure on Windows + VS2010 + +Notes on individual issues: +=========================== + +client-libs/javax.imageio: + +JDK-8295687: Better BMP bounds +============================== +Loading a linked ICC profile within a BMP image is now disabled by +default. To re-enable it, set the new system property +`sun.imageio.bmp.enabledLinkedProfiles` to `true`. This new property +replaces the old property, +`sun.imageio.plugins.bmp.disableLinkedProfiles`. + +client-libs/javax.sound: + +JDK-8293742: Better Banking of Sounds +===================================== +Previously, the SoundbankReader implementation, +`com.sun.media.sound.JARSoundbankReader`, would download a JAR +soundbank from a URL. This behaviour is now disabled by default. To +re-enable it, set the new system property `jdk.sound.jarsoundbank` to +`true`. + +hotspot/runtime: + +JDK-8274840: Release Now Recognises Windows 11 +============================================== +This release now correctly sets the `os.name` property to `Windows +11`, as would be expected. + +other-libs/corba:idl: + +JDK-8285021: Improve CORBA communication +======================================== +The JDK's CORBA implementation now refuses by default to deserialize +objects, unless they have the "IOR:" prefix. The previous behaviour +can be re-enabled by setting the new property +`com.sun.CORBA.ORBAllowDeserializeObject` to `true`. + +security-libs/java.security: + +JDK-8269039: Disabled SHA-1 Signed JARs +======================================= +JARs signed with SHA-1 algorithms are now restricted by default and +treated as if they were unsigned. This applies to the algorithms used +to digest, sign, and optionally timestamp the JAR. It also applies to +the signature and digest algorithms of the certificates in the +certificate chain of the code signer and the Timestamp Authority, and +any CRLs or OCSP responses that are used to verify if those +certificates have been revoked. These restrictions also apply to +signed JCE providers. + +To reduce the compatibility risk for JARs that have been previously +timestamped, there is one exception to this policy: + +- Any JAR signed with SHA-1 algorithms and timestamped prior to + January 01, 2019 will not be restricted. + +This exception may be removed in a future JDK release. To determine if +your signed JARs are affected by this change, run: + +$ jarsigner -verify -verbose -certs` + +on the signed JAR, and look for instances of "SHA1" or "SHA-1" and +"disabled" and a warning that the JAR will be treated as unsigned in +the output. + +For example: + + Signed by "CN="Signer"" + Digest algorithm: SHA-1 (disabled) + Signature algorithm: SHA1withRSA (disabled), 2048-bit key + + WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property: + + jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, SHA1 denyAfter 2019-01-01 + +JARs affected by these new restrictions should be replaced or +re-signed with stronger algorithms. + +Users can, *at their own risk*, remove these restrictions by modifying +the `java.security` configuration file (or override it by using the +`java.security.properties` system property) and removing "SHA1 usage +SignedJAR & denyAfter 2019-01-01" from the +`jdk.certpath.disabledAlgorithms` security property and "SHA1 +denyAfter 2019-01-01" from the `jdk.jar.disabledAlgorithms` security +property. + +New in release OpenJDK 8u352 (2022-10-18): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u352 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u352.txt + +* Security fixes + - JDK-8282252: Improve BigInteger/Decimal validation + - JDK-8285662: Better permission resolution + - JDK-8286511: Improve macro allocation + - JDK-8286519: Better memory handling + - JDK-8286526, CVE-2022-21619: Improve NTLM support + - JDK-8286533, CVE-2022-21626: Key X509 usages + - JDK-8286910, CVE-2022-21624: Improve JNDI lookups + - JDK-8286918, CVE-2022-21628: Better HttpServer service + - JDK-8288508: Enhance ECDSA usage +* Other changes + - JDK-7131823: bug in GIFImageReader + - JDK-7186258: InetAddress$Cache should replace currentTimeMillis with nanoTime for more precise and accurate + - JDK-8028265: Add legacy tz tests to OpenJDK + - JDK-8039955: [TESTBUG] jdk/lambda/LambdaTranslationTest1 - java.lang.AssertionError: expected [d:1234.000000] but found [d:1234,000000] + - JDK-8049228: Improve multithreaded scalability of InetAddress cache + - JDK-8071507: (ref) Clear phantom reference as soft and weak references do + - JDK-8087283: Add support for the XML Signature here() function to the JDK XPath implementation + - JDK-8130895: Test javax/swing/system/6799345/TestShutdown.java fails on Solaris11 Sparcv9 + - JDK-8136354: [TEST_BUG] Test java/awt/image/RescaleOp/RescaleAlphaTest.java with Bad action for script + - JDK-8139668: Generate README-build.html from markdown + - JDK-8143847: Remove REF_CLEANER reference category + - JDK-8147862: Null check too late in sun.net.httpserver.ServerImpl + - JDK-8150669: C1 intrinsic for Class.isPrimitive + - JDK-8155742: [Windows] robot.keyPress(KeyEvent.VK_ALT_GRAPH) throws java.lang.IllegalArgumentException in windows + - JDK-8173339: AArch64: Fix minimum stack size computations + - JDK-8173361: various crashes in JvmtiExport::post_compiled_method_load + - JDK-8175797: (ref) Reference::enqueue method should clear the reference object before enqueuing + - JDK-8178832: (ref) jdk.lang.ref.disableClearBeforeEnqueue property is ignored + - JDK-8183107: PKCS11 regression regarding checkKeySize + - JDK-8193780: (ref) Remove the undocumented "jdk.lang.ref.disableClearBeforeEnqueue" system property + - JDK-8194873: right ALT key hotkeys no longer work in Swing components + - JDK-8201793: (ref) Reference object should not support cloning + - JDK-8214427: probable bug in logic of ConcurrentHashMap.addCount() + - JDK-8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures. + - JDK-8233019: java.lang.Class.isPrimitive() (C1) returns wrong result if Klass* is aligned to 32bit + - JDK-8235218: Minimal VM is broken after JDK-8173361 + - JDK-8235385: Crash on aarch64 JDK due to long offset + - JDK-8245263: Enable TLSv1.3 by default on JDK 8u for Client roles + - JDK-8254178: Remove .hgignore + - JDK-8254318: Remove .hgtags + - JDK-8256722: handle VC++:1927 VS2019 in abstract_vm_version + - JDK-8260589: Crash in JfrTraceIdLoadBarrier::load(_jclass*) + - JDK-8280963: Incorrect PrintFlags formatting on Windows + - JDK-8282538: PKCS11 tests fail on CentOS Stream 9 + - JDK-8283849: AsyncGetCallTrace may crash JVM on guarantee + - JDK-8285400: Add '@apiNote' to the APIs defined in Java SE 8 MR 3 + - JDK-8285497: Add system property for Java SE specification maintenance version + - JDK-8287132: Retire Runtime.runFinalizersOnExit so that it always throws UOE + - JDK-8287508: The tests added to jdk-8 by 8235385 are to be ported to jdk-11 + - JDK-8287521: Bump update version of OpenJDK: 8u352 + - JDK-8288763: Pack200 extraction failure with invalid size + - JDK-8288865: [aarch64] LDR instructions must use legitimized addresses + - JDK-8290000: Bump macOS GitHub actions to macOS 11 + - JDK-8292579: (tz) Update Timezone Data to 2022c + - JDK-8292688: Support Security properties in security.testlibrary.Proc + +Notes on individual issues: +=========================== + +core-libs/java.lang: + +JDK-8201793: (ref) Reference object should not support cloning +============================================================== +`java.lang.ref.Reference::clone` method always throws +`CloneNotSupportedException`. `Reference` objects cannot be +meaningfully cloned. To create a new Reference object, call the +constructor to create a `Reference` object with the same referent and +reference queue instead. + +JDK-8175797: (ref) Reference::enqueue method should clear the reference object before enqueuing +=============================================================================================== +`java.lang.ref.Reference.enqueue` method clears the reference object +before it is added to the registered queue. When the `enqueue` method +is called, the reference object is cleared and `get()` method will +return null in OpenJDK 8u352. + +Typically when a reference object is enqueued, it is expected that the +reference object is cleared explicitly via the `clear` method to avoid +memory leak because its referent is no longer referenced. In other +words the `get` method is expected not to be called in common cases +once the `enqueue`method is called. In the case when the `get` method +from an enqueued reference object and existing code attempts to access +members of the referent, `NullPointerException` may be thrown. Such +code will need to be updated. + +JDK-8071507: (ref) Clear phantom reference as soft and weak references do +========================================================================= +This enhancement changes phantom references to be automatically +cleared by the garbage collector as soft and weak references. + +An object becomes phantom reachable after it has been finalized. This +change may cause the phantom reachable objects to be GC'ed earlier - +previously the referent is kept alive until PhantomReference objects +are GC'ed or cleared by the application. This potential behavioral +change might only impact existing code that would depend on +PhantomReference being enqueued rather than when the referent be freed +from the heap. + +core-libs/java.net: + +JDK-8286918: Better HttpServer service +====================================== +The HttpServer can be optionally configured with a maximum connection +limit by setting the jdk.httpserver.maxConnections system property. A +value of 0 or a negative integer is ignored and considered to +represent no connection limit. In the case of a positive integer +value, any newly accepted connections will be first checked against +the current count of established connections and, if the configured +limit has been reached, then the newly accepted connection will be +closed immediately. + +security-libs/javax.net.ssl: + +JDK-8282859: Enable TLSv1.3 by Default on JDK 8 for Client Roles +================================================================ +The TLSv1.3 implementation is now enabled by default for client roles +in 8u352. It has been enabled by default for server roles since 8u272. + +Note that TLS 1.3 is not directly compatible with previous +versions. Enabling it on the client may introduce compatibility issues +on either the server or the client side. Here are some more details on +potential compatibility issues that you should be aware of: + +* TLS 1.3 uses a half-close policy, while TLS 1.2 and prior versions + use a duplex-close policy. For applications that depend on the + duplex-close policy, there may be compatibility issues when + upgrading to TLS 1.3. + +* The signature_algorithms_cert extension requires that pre-defined + signature algorithms are used for certificate authentication. In + practice, however, an application may use non-supported signature + algorithms. + +* The DSA signature algorithm is not supported in TLS 1.3. If a server + is configured to only use DSA certificates, it cannot upgrade to TLS + 1.3. + +* The supported cipher suites for TLS 1.3 are not the same as TLS 1.2 + and prior versions. If an application hard-codes cipher suites which + are no longer supported, it may not be able to use TLS 1.3 without + modifying the application code. + +* The TLS 1.3 session resumption and key update behaviors are + different from TLS 1.2 and prior versions. The compatibility should + be minimal, but it could be a risk if an application depends on the + handshake details of the TLS protocols. + +The TLS 1.3 protocol can be disabled by using the jdk.tls.client.protocols +system property: + +java -Djdk.tls.client.protocols="TLSv1.2" ... + +Alternatively, an application can explicitly set the enabled protocols +with the javax.net.ssl APIs e.g. + +sslSocket.setEnabledProtocols(new String[] {"TLSv1.2"}); + +or: + +SSLParameters params = sslSocket.getSSLParameters(); +params.setProtocols(new String[] {"TLSv1.2"}); +sslSocket.setSSLParameters(params); + +New in release OpenJDK 8u345 (2022-08-01): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u345 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u345.txt + +* Other changes + - JDK-8290832: It is no longer possible to change "user.dir" in the JDK8 + - JDK-8291568: Bump update version of OpenJDK: 8u345 + +Notes on individual issues: +=========================== + +core-libs/java.io: + +JDK-8290832: It is no longer possible to change "user.dir" in the JDK8 +====================================================================== +A change, JDK-8194154, was introduced in the 8u342 release of OpenJDK +causing the JDK to ignore attempts to set the `user.dir` property. +While this change is suitable for a major release (it was originally +introduced in the initial release of OpenJDK 11), changing the +behaviour of such a property in an update release creates +compatibility issues in software that relies on the behaviour in prior +versions of OpenJDK 8. As a result, we have reverted this change in +8u345. + +New in release OpenJDK 8u342 (2022-07-19): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u342 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u342.txt + +* Security fixes + - JDK-8272243: Improve DER parsing + - JDK-8272249: Better properties of loaded Properties + - JDK-8277608: Address IP Addressing + - JDK-8281859, CVE-2022-21540: Improve class compilation + - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations + - JDK-8283190: Improve MIDI processing + - JDK-8284370: Improve zlib usage + - JDK-8285407, CVE-2022-34169: Improve Xalan supports +* Other changes + - JDK-8031567: Better model for storing source revision information + - JDK-8076190: Customizing the generation of a PKCS12 keystore + - JDK-8129572: Cleanup usage of getResourceAsStream in jaxp + - JDK-8132256: jaxp: Investigate removal of com/sun/org/apache/bcel/internal/util/ClassPath.java + - JDK-8168926: C2: Bytecode escape analyzer crashes due to stack overflow + - JDK-8170385: JDK-8031567 broke source bundles + - JDK-8170392: JDK-8031567 broke builds from source bundles + - JDK-8170530: bash configure output contains a typo in a suggested library name + - JDK-8190753: (zipfs): Accessing a large entry (> 2^31 bytes) leads to a negative initial size for ByteArrayOutputStream + - JDK-8194154: System property user.dir should not be changed + - JDK-8202142: jfr/event/io/TestInstrumentation is unstable + - JDK-8209771: jdk.test.lib.Utils::runAndCheckException error + - JDK-8221988: add possibility to build with Visual Studio 2019 + - JDK-8223396: [TESTBUG] several jfr tests do not clean up files created in /tmp + - JDK-8230865: [TESTBUG] jdk/jfr/event/io/EvilInstrument.java fails at-run shell MakeJAR.sh target + - JDK-8235211: serviceability/attach/RemovingUnixDomainSocketTest.java fails with AttachNotSupportedException: Unable to open socket file + - JDK-8244973: serviceability/attach/RemovingUnixDomainSocketTest.java fails "stderr was not empty" + - JDK-8248876: LoadObject with bad base address created for exec file on linux + - JDK-8253424: Add support for running pre-submit testing using GitHub Actions + - JDK-8253865: Pre-submit testing using GitHub Actions does not detect failures reliably + - JDK-8254054: Pre-submit testing using GitHub Actions should not use the deprecated set-env command + - JDK-8254173: Add Zero, Minimal hotspot targets to submit workflow + - JDK-8254175: Build no-pch configuration in debug mode for submit checks + - JDK-8254282: Add Linux x86_32 builds to submit workflow + - JDK-8255239: The timezone of the hs_err_pid log file is corrupted in Japanese locale + - JDK-8255305: Add Linux x86_32 tier1 to submit workflow + - JDK-8255352: Archive important test outputs in submit workflow + - JDK-8255373: Submit workflow artifact name is always "test-results_.zip" + - JDK-8255895: Submit workflow artifacts miss hs_errs/replays due to ZIP include mismatch + - JDK-8256127: Add cross-compiled foreign architectures builds to submit workflow + - JDK-8256277: Github Action build on macOS should define OS and Xcode versions + - JDK-8256354: Github Action build on Windows should define OS and MSVC versions + - JDK-8256393: Github Actions build on Linux should define OS and GCC versions + - JDK-8256414: add optimized build to submit workflow + - JDK-8256747: GitHub Actions: decouple the hotspot build-only jobs from Linux x64 testing + - JDK-8257056: Submit workflow should apt-get update to avoid package installation errors + - JDK-8259924: GitHub actions fail on Linux x86_32 with "Could not configure libc6:i386" + - JDK-8260460: GitHub actions still fail on Linux x86_32 with "Could not configure libc6:i386" + - JDK-8261107: ArrayIndexOutOfBoundsException in the ICC_Profile.getInstance(InputStream) + - JDK-8263667: Avoid running GitHub actions on branches named pr/* + - JDK-8266187: Memory leak in appendBootClassPath() + - JDK-8274658: ISO 4217 Amendment 170 Update + - JDK-8274751: Drag And Drop hangs on Windows + - JDK-8278138: OpenJDK8 fails to start on Windows 8.1 after upgrading compiler to VS2017 + - JDK-8279669: test/jdk/com/sun/jdi/TestScaffold.java uses wrong condition + - JDK-8281814: Debuginfo.diz contains redundant build path after backport JDK-8025936 + - JDK-8282225: GHA: Allow one concurrent run per PR only + - JDK-8282458: Update .jcheck/conf file for 8u move to git + - JDK-8282552: Bump update version of OpenJDK: 8u342 + - JDK-8283350: (tz) Update Timezone Data to 2022a + - JDK-8284620: CodeBuffer may leak _overflow_arena + - JDK-8284772: 8u GHA: Use GCC Major Version Dependencies Only + - JDK-8285445: cannot open file "NUL:" + - JDK-8285523: Improve test java/io/FileOutputStream/OpenNUL.java + - JDK-8285591: [11] add signum checks in DSA.java engineVerify + - JDK-8285727: [11u, 17u] Unify fix for JDK-8284920 with version from head + - JDK-8286989: Build failure on macOS after 8281814 + - JDK-8287537: 8u JDK-8284620 backport broke AArch64 build + +Notes on individual issues: +=========================== + +security-libs/java.security: + +JDK-8215293: Customizing PKCS12 keystore Generation +=================================================== +New system and security properties have been added to enable users to +customize the generation of PKCS #12 keystores. This includes +algorithms and parameters for key protection, certificate protection, +and MacData. The detailed explanation and possible values for these +properties can be found in the "PKCS12 KeyStore properties" section of +the `java.security` file. + +Also, support for the following SHA-2 based HmacPBE algorithms has +been added to the SunJCE provider: + +* HmacPBESHA224 +* HmacPBESHA256 +* HmacPBESHA384 +* HmacPBESHA512 +* HmacPBESHA512/224 +* HmacPBESHA512/256 + +core-libs/java.io: + +JDK-8285660: Enable Windows Alternate Data Streams by default +============================================================= +The Windows implementation of `java.io.File` has been changed so that +strict validity checks are **not** performed by default on file +paths. This includes allowing colons (':') in the path other than only +immediately after a single drive letter. It also allows paths that +represent NTFS Alternate Data Streams (ADS), such as +"filename:streamname". This restores the default behavior of +`java.io.File` to what it was prior to the April 2022 CPU in which +strict validity checks were not performed by default on file paths on +Windows. To re-enable strict path checking in `java.io.File`, the +system property `jdk.io.File.enableADS` should be set to `false` (case +ignored). This might be preferable, for example, if Windows special +device paths such as `NUL:` are *not* used. + +New in release OpenJDK 8u332 (2022-04-22): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u332 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u332.txt + +* Security fixes + - JDK-8269938: Enhance XML processing passes redux + - JDK-8270504, CVE-2022-21426: Better XPath expression handling + - JDK-8272255: Completely handle MIDI files + - JDK-8272261: Improve JFR recording file processing + - JDK-8272594: Better record of recordings + - JDK-8274221: More definite BER encodings + - JDK-8275151, CVE-2022-21443: Improved Object Identification + - JDK-8277227: Better identification of OIDs + - JDK-8277672, CVE-2022-21434: Better invocation handler handling + - JDK-8278008, CVE-2022-21476: Improve Santuario processing + - JDK-8278356: Improve file creation + - JDK-8278449: Improve keychain support + - JDK-8278805: Enhance BMP image loading + - JDK-8278972, CVE-2022-21496: Improve URL supports + - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo +* Other changes + - JDK-8033980: Xerces Update: datatype XMLGregorianCalendarImpl and DurationImpl + - JDK-8035437: Xerces Update: xml/serialize/DOMSerializerImpl + - JDK-8035577: Xerces Update: impl/xpath/regex/RangeToken.java + - JDK-8037259: xerces update: xpointer update + - JDK-8041523: Xerces Update: Serializer improvements from Xalan + - JDK-8141508: java.lang.invoke.LambdaConversionException: Invalid receiver type + - JDK-8162572: Update License Header for all JAXP sources + - JDK-8167014: jdeps: Missing message: warn.skipped.entry + - JDK-8198411: [TEST_BUG] Two java2d tests are unstable in mach5 + - JDK-8202822: Add .git to .hgignore + - JDK-8205540: test/hotspot/jtreg/vmTestbase/nsk/jdb/trace/trace001/trace001.java fails with Debuggee did not exit after 15 commands + - JDK-8209178: Proxied HttpsURLConnection doesn't send BODY when retrying POST request + - JDK-8210283: Support git as an SCM alternative in the build + - JDK-8218682: [TEST_BUG] DashOffset fails in mach5 + - JDK-8225690: Multiple AttachListener threads can be created + - JDK-8227738: jvmti/DataDumpRequest/datadumpreq001 failed due to "exit code is 134" + - JDK-8227815: Minimal VM: set_state is not a member of AttachListener + - JDK-8240633: Memory leaks in the implementations of FileChooserUI + - JDK-8241768: git needs .gitattributes + - JDK-8247766: [aarch64] guarantee(val < (1U << nbits)) failed: Field too big for insn + - JDK-8253147: The javax/swing/JPopupMenu/7154841/bug7154841.java fail on big screens + - JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node + - JDK-8266749: AArch64: Backtracing broken on PAC enabled systems + - JDK-8270290: NTLM authentication fails if HEAD request is used + - JDK-8273229: Update OS detection code to recognize Windows Server 2022 + - JDK-8273341: Update Siphash to version 1.0 + - JDK-8273575: memory leak in appendBootClassPath(), paths must be deallocated + - JDK-8274524: SSLSocket.close() hangs if it is called during the ssl handshake + - JDK-8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE + - JDK-8277488: Add expiry exception for Digicert (geotrustglobalca) expiring in May 2022 + - JDK-8279077: JFR crashes on Linux ppc due to missing crash protector in signal handler + - JDK-8280060: The sun/rmi/server/Activation.java class use Thread.dumpStack() + - JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972 + - JDK-8282397: createTempFile method of java.io.File is failing when called with suffix of spaces character + - JDK-8284548: Invalid XPath expression causes StringIndexOutOfBoundsException + - JDK-8284920: Incorrect Token type causes XPath expression to return empty result + - JDK-8284936: Fix Java 7 bootstrap breakage due to use of Arrays.stream +* Shenandoah + - JDK-8260632: Build failures after JDK-8253353 + - JDK-8282458: Update .jcheck/conf file for sh-jdk8u move to git + +New in release OpenJDK 8u322 (2022-01-18): +=========================================== +Live versions of these release notes can be found at: + * https://bit.ly/openjdk8u322 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u322.txt + +* Security fixes + - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization + - JDK-8268488: More valuable DerValues + - JDK-8268494: Better inlining of inlined interfaces + - JDK-8268512: More content for ContentInfo + - JDK-8268795: Enhance digests of Jar files + - JDK-8268801: Improve PKCS attribute handling + - JDK-8268813, CVE-2022-21283: Better String matching + - JDK-8269151: Better construction of EncryptedPrivateKeyInfo + - JDK-8269944: Better HTTP transport redux + - JDK-8270392, CVE-2022-21293: Improve String constructions + - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps + - JDK-8270492, CVE-2022-21282: Better resolution of URIs + - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management + - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities + - JDK-8271962: Better TrueType font loading + - JDK-8271968: Better canonical naming + - JDK-8271987: Manifest improved manifest entries + - JDK-8272014, CVE-2022-21305: Better array indexing + - JDK-8272026, CVE-2022-21340: Verify Jar Verification + - JDK-8272236, CVE-2022-21341: Improve serial forms for transport + - JDK-8272272: Enhance jcmd communication + - JDK-8272462: Enhance image handling + - JDK-8273290: Enhance sound handling + - JDK-8273748, CVE-2022-21349: Improve Solaris font rendering + - JDK-8273756, CVE-2022-21360: Enhance BMP image support + - JDK-8273838, CVE-2022-21365: Enhanced BMP processing +* Other changes + - JDK-6801613: Cross-platform pageDialog and printDialog top margin entry broken + - JDK-8011541: [TEST_BUG] closed/javax/swing/plaf/metal/MetalUtils/bug6190373.java fails NPE since 7u25b03 + - JDK-8025430: [TEST_BUG] javax/swing/JEditorPane/5076514/bug5076514.java failed since jdk8b108 + - JDK-8041928: MouseEvent.getModifiersEx gives wrong result + - JDK-8042199: The build of J2DBench via makefile is broken after the JDK-8005402 + - JDK-8044365: (dc) MulticastSendReceiveTests.java failing with ENOMEM when joining group (OS X 10.9) + - JDK-8048021: Remove @version tag in jaxp repo + - JDK-8049348: compiler/intrinsics/bmi/verifycode tests on lzcnt and tzcnt use incorrect assumption about REXB prefix usage + - JDK-8060027: Tests java/beans/XMLEncoder/Test4903007.java and java/beans/XMLEncoder/java_awt_GridBagLayout.java + - JDK-8066588: javax/management/remote/mandatory/connection/RMIConnector_NPETest.java fails to compile + - JDK-8066652: Default TimeZone is GMT not local if user.timezone is invalid on Mac OS + - JDK-8069034: gc/g1/TestEagerReclaimHumongousRegionsClearMarkBits.java nightly failure + - JDK-8077590: windows_i586_6.2-product-c2-runThese8_Xcomp_vm failing after win compiler upgrade + - JDK-8080287: The image of BufferedImage.TYPE_INT_ARGB and BufferedImage.TYPE_INT_ARGB_PRE is blank + - JDK-8140329: [TEST_BUG] test FullScreenAfterSplash.java failed because image was not generated + - JDK-8140472: java/net/ipv6tests/TcpTest.java failed intermittently with java.net.BindException: Address already in use: NET_Bind + - JDK-8147051: StaxEntityResolverWrapper should create StaxXMLInputSource with a resolver indicator + - JDK-8148915: Intermittent failures of bug6400879.java + - JDK-8176837: SunPKCS11 provider needs to check more details on PKCS11 Mechanism + - JDK-8177393: Result of RescaleOp for 4BYTE_ABGR images may be 25% black + - JDK-8177536: Avoid Apple Peer-to-Peer interfaces in networking tests + - JDK-8182036: Load from initializing arraycopy uses wrong memory state + - JDK-8183369: RFC unconformity of HttpURLConnection with proxy + - JDK-8183543: Aarch64: C2 compilation often fails with "failed spill-split-recycle sanity check" + - JDK-8187450: JNI local refs exceeds capacity warning in NetworkInterface::getAll + - JDK-8187649: ArrayIndexOutOfBoundsException in java.util.JapaneseImperialCalendar + - JDK-8190482: InnocuousThread creation should not require the caller to possess enableContextClassLoaderOverride + - JDK-8190793: Httpserver does not detect truncated request body + - JDK-8196572: Tests ColConvCCMTest.java and MTColConvTest.java fail + - JDK-8202788: Explicitly reclaim cached thread-local direct buffers at thread exit + - JDK-8210058: Algorithmic Italic font leans opposite angle in Printing + - JDK-8220150: macos10.14 Mojave returns anti-aliased glyphs instead of aliased B&W glyphs + - JDK-8225082: Remove IdenTrust certificate that is expiring in September 2021 + - JDK-8225083: Remove Google certificate that is expiring in December 2021 + - JDK-8226806: [macOS 10.14] Methods of Java Robot should be called from appropriate thread + - JDK-8231254: (fs) Add test for macOS Catalina changes to protect system software + - JDK-8231438: [macOS] Dark mode for the desktop is not supported + - JDK-8232178: MacVolumesTest failed after upgrade to MacOS Catalina + - JDK-8232226: [macos 10.15] test/jdk/java/awt/color/EqualityTest/EqualityTest.java may fail + - JDK-8235153: [TESTBUG] [macos 10.15] java/awt/Graphics/DrawImageBG/SystemBgColorTest.java fails + - JDK-8236897: Fix the copyright header for pkcs11gcm2.h + - JDK-8237499: JFR: Include stack trace in the ThreadStart event + - JDK-8239886: Minimal VM build fails after JDK-8237499 + - JDK-8261397: Try Catch Method Failing to Work When Dividing An Integer By 0 + - JDK-8262731: [macOS] Exception from "Printable.print" is swallowed during "PrinterJob.print" + - JDK-8272342: [TEST_BUG] java/awt/print/PrinterJob/PageDialogMarginTest.java catches all exceptions + - JDK-8273308: PatternMatchTest.java fails on CI + - JDK-8273342: Null pointer dereference in classFileParser.cpp:2817 + - JDK-8273826: Correct Manifest file name and NPE checks + - JDK-8273968: JCK javax_xml tests fail in CI + - JDK-8274407: (tz) Update Timezone Data to 2021c + - JDK-8274467: TestZoneInfo310.java fails with tzdata2021b + - JDK-8274468: TimeZoneTest.java fails with tzdata2021b + - JDK-8274595: DisableRMIOverHTTPTest failed: connection refused + - JDK-8274779: HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST + - JDK-8275766: (tz) Update Timezone Data to 2021e + - JDK-8275849: TestZoneInfo310.java fails with tzdata2021e + - JDK-8276536: Update TimeZoneNames files to follow the changes made by JDK-8275766 + +Notes on individual issues: +=========================== + +security-libs/java.security: + +JDK-8271434: Removed IdenTrust Root Certificate +=============================================== +The following root certificate from IdenTrust has been removed from +the `cacerts` keystore: + +Alias Name: identrustdstx3 [jdk] +Distinguished Name: CN=DST Root CA X3, O=Digital Signature Trust Co. + +JDK-8272535: Removed Google's GlobalSign Root Certificate +========================================================= +The following root certificate from Google has been removed from the +`cacerts` keystore: + +Alias Name: globalsignr2ca [jdk] +Distinguished Name: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 + +core-libs/java.time: + +JDK-8274857: Update Timezone Data to 2021c +=========================================== +IANA Time Zone Database, on which JDK's Date/Time libraries are based, +has been updated to version 2021c +(https://mm.icann.org/pipermail/tz-announce/2021-October/000067.html). Note +that with this update, some of the time zone rules prior to the year +1970 have been modified according to the changes which were introduced +with 2021b. For more detail, refer to the announcement of 2021b +(https://mm.icann.org/pipermail/tz-announce/2021-September/000066.html) + +New in release OpenJDK 8u312 (2021-10-19): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u312 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u312.txt + +* Security fixes + - JDK-8130183, CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0 + - JDK-8161016: Strange behavior of URLConnection with proxy + - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites preference + - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close + - JDK-8263314: Enhance XML Dsig modes + - JDK-8265167, CVE-2021-35556: Richer Text Editors + - JDK-8265574: Improve handling of sheets + - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit + - JDK-8265776: Improve Stream handling for SSL + - JDK-8266097, CVE-2021-35561: Better hashing support + - JDK-8266103: Better specified spec values + - JDK-8266109: More Resilient Classloading + - JDK-8266115: More Manifest Jar Loading + - JDK-8266137, CVE-2021-35564: Improve Keystore integrity + - JDK-8266689, CVE-2021-35567: More Constrained Delegation + - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic + - JDK-8267712: Better LDAP reference processing + - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking + - JDK-8267735, CVE-2021-35586: Better BMP support + - JDK-8268193: Improve requests of certificates + - JDK-8268199: Correct certificate requests + - JDK-8268506: More Manifest Digests + - JDK-8269618, CVE-2021-35603: Better session identification + - JDK-8269624: Enhance method selection support + - JDK-8270398: Enhance canonicalization + - JDK-8270404: Better canonicalization +* Other changes + - JDK-6847157: java.lang.NullPointerException: HDC for component at sun.java2d.loops.Blit.Blit + - JDK-7146776: deadlock between URLStreamHandler.getHostAddress and file.Handler.openconnection + - JDK-7188942: Remove support of pbuffers in OGL Java2d pipeline + - JDK-8004148: NPE in sun.awt.SunToolkit.getWindowDeactivationTime + - JDK-8022323: [JavaSecurityScanner] review package com.sun.management.* Native methods should be private + - JDK-8027154: [TESTBUG] Test java/awt/Mouse/GetMousePositionTest/GetMousePositionWithPopup.java fails + - JDK-8035001: TEST_BUG: the retry logic in RMID.start() should check that the subprocess hasn't terminated + - JDK-8035424: (reflect) Performance problem in sun.reflect.generics.parser.SignatureParser + - JDK-8042557: compiler/uncommontrap/TestSpecTrapClassUnloading.java fails with: GC triggered before VM initialization completed + - JDK-8054118: java/net/ipv6tests/UdpTest.java failed intermittently + - JDK-8065215: Print warning summary at end of configure + - JDK-8072767: DefaultCellEditor for comboBox creates ActionEvent with wrong source object + - JDK-8079891: Store configure log in $BUILD/configure.log + - JDK-8080082: configure fails if you create an empty directory and then run configure from it + - JDK-8086003: Test fails on OSX with java.lang.RuntimeException 'Narrow klass base: 0x0000000000000000, Narrow klass shift: 3' missing + - JDK-8131062: aarch64: add support for GHASH acceleration + - JDK-8134869: AARCH64: GHASH intrinsic is not optimal + - JDK-8134989: java/net/MulticastSocket/TestInterfaces.java failed due to unexpected IP address + - JDK-8156584: Initialization race in sun.security.x509.AlgorithmId.get + - JDK-8157404: Unable to read certain PKCS12 keystores from SequenceInputStream + - JDK-8166673: The new implementation of Robot.waitForIdle() may hang + - JDK-8170467: (reflect) Optimize SignatureParser's use of StringBuilders + - JDK-8194246: JVM crashes when calling getStackTrace if stack contains a method that is a member of a very large class + - JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails + - JDK-8202837: PBES2 AlgorithmId encoding error in PKCS12 KeyStore + - JDK-8206189: sun/security/pkcs12/EmptyPassword.java fails with Sequence tag error + - JDK-8214418: half-closed SSLEngine status may cause application dead loop + - JDK-8214513: A PKCS12 keystore from Java 8 using custom PBE parameters cannot be read in Java 11 + - JDK-8220786: Create new switch to redirect error reporting output to stdout or stderr + - JDK-8222751: closed/test/jdk/sun/security/util/DerIndefLenConverter/IndefBerPkcs12.java fail + - JDK-8229243: SunPKCS11-Solaris provider tests failing on Solaris 11.4 + - JDK-8231222: fix pkcs11 P11_DEBUG guarded native traces + - JDK-8237495: Java MIDI fails with a dereferenced memory error when asked to send a raw 0xF7 + - JDK-8238567: SoftMainMixer.processAudioBuffers(): Wrong handling of stoppedMixers + - JDK-8240518: Incorrect JNU_ReleaseStringPlatformChars in Windows Print + - JDK-8241248: NullPointerException in sun.security.ssl.HKDF.extract(HKDF.java:93) + - JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 header files + - JDK-8247469: getSystemCpuLoad() returns -1 on linux when some offline cpus are present and cpusets.effective_cpus is not available + - JDK-8248901: Signed immediate support in .../share/assembler.hpp is broken. + - JDK-8259338: Add expiry exception for identrustdstx3 alias to VerifyCACerts.java test + - JDK-8262000: jdk/jfr/event/gc/detailed/TestPromotionFailedEventWithParallelScavenge.java failed with "OutOfMemoryError: Java heap space" + - JDK-8262829: Native crash in Win32PrintServiceLookup.getAllPrinterNames() + - JDK-8263311: Watch registry changes for remote printers update instead of polling + - JDK-8263382: java/util/logging/ParentLoggersTest.java failed with "checkLoggers: getLoggerNames() returned unexpected loggers" + - JDK-8264752: SIGFPE crash with option FlightRecorderOptions:threadbuffersize=30M + - JDK-8265238: [8u] [macos] build failure in OpenJDK8u after JDK-8211301 in older xcode + - JDK-8265836: OperatingSystemImpl.getCpuLoad() returns incorrect CPU load inside a container + - JDK-8265978: make test should look for more locations when searching for exit code + - JDK-8266206: Build failure after JDK-8264752 with older GCCs + - JDK-8268103: JNI functions incorrectly return a double after JDK-8265836 + - JDK-8268965: TCP Connection Reset when connecting simple socket to SSL server + - JDK-8269594: assert(_handle_mark_nesting > 1) failed: memory leak: allocating handle outside HandleMark + - JDK-8269763: The JEditorPane is blank after JDK-8265167 + - JDK-8269810: [8u] Update generated_configure.sh after JDK-8250876 backport + - JDK-8269851: OperatingSystemMXBean getProcessCpuLoad reports incorrect process cpu usage in containers + - JDK-8269859: BacktraceBuilder._cprefs needs to be accessed as unsigned short + - JDK-8269882: stack-use-after-scope in NewObjectA + - JDK-8269953: config.log is not in build directory after 8u backport of JDK-8079891 + - JDK-8270137: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup + - JDK-8271466: StackGap test fails on aarch64 due to "-m64" + - JDK-8272124: Cgroup v1 initialization causes NullPointerException when cgroup path contains colon + - JDK-8272214: [8u] Build failure after backport of JDK-8248901 + - JDK-8272714: [8u] Build failure after backport of JDK-8248901 with MSVC 2013 +* Shenandoah + - [backport] JDK-8269661: JNI_GetStringCritical does not lock char array + - Re-cast JNI critical strings patch to be Shenandoah-specific + +Notes on individual issues: +=========================== + +core-libs/java.net: + +JDK-8164200: Modified HttpURLConnection behavior when no suitable proxy is found +================================================================================ +The behavior of HttpURLConnection when using a ProxySelector has been +modified with this JDK release. HttpURLConnection used to fall back to +a DIRECT connection attempt if the configured proxy(s) failed to make +a connection. This release introduces a change whereby no DIRECT +connection will be attempted in such a scenario. Instead, the +HttpURLConnection.connect() method will fail and throw an IOException +which occurred from the last proxy tested. + +security-libs/javax.net.ssl: + +JDK-8219551: Updated the Default Enabled Cipher Suites Preference +================================================================= +The preference of the default enabled cipher suites has been +changed. The compatibility impact should be minimal. If needed, +applications can customize the enabled cipher suites and the +preference. For more details, refer to the SunJSSE provider +documentation and the JSSE Reference Guide documentation. + +New in release OpenJDK 8u302 (2021-07-20): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u302 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u302.txt + +* Security fixes + - JDK-8256157: Improve bytecode assembly + - JDK-8256491: Better HTTP transport + - JDK-8258432, CVE-2021-2341: Improve file transfers + - JDK-8260453: Improve Font Bounding + - JDK-8260960: Signs of jarsigner signing + - JDK-8260967, CVE-2021-2369: Better jar file validation + - JDK-8262380: Enhance XML processing passes + - JDK-8262403: Enhanced data transfer + - JDK-8262410: Enhanced rules for zones + - JDK-8262477: Enhance String Conclusions + - JDK-8262967: Improve Zip file support + - JDK-8264066, CVE-2021-2388: Enhance compiler validation + - JDK-8264079: Improve abstractions + - JDK-8264460: Improve NTLM support +* Other changes + - JDK-6878250: (so) IllegalBlockingModeException thrown when reading from a closed SocketChannel's InputStream + - JDK-6990210: [TEST_BUG] EventDispatchThread/HandleExceptionOnEDT/HandleExceptionOnEDT.java fails on gnome + - JDK-7059970: Test case: javax/imageio/plugins/png/ITXtTest.java is not closing a file + - JDK-7106851: Test should not use System.exit + - JDK-8019470: Changes needed to compile JDK 8 on MacOS with clang compiler + - JDK-8028618: [TEST BUG] javax/swing/JScrollBar/bug4202954/bug4202954.java fails + - JDK-8030123: java/beans/Introspector/Test8027648.java fails + - JDK-8032050: Clean up for java/rmi/activation/Activatable/shutdownGracefully/ShutdownGracefully.java + - JDK-8033289: clang: clean up unused function warning + - JDK-8034856: gcc warnings compiling src/solaris/native/sun/security/pkcs11 + - JDK-8034857: gcc warnings compiling src/solaris/native/sun/management + - JDK-8035000: clean up ActivationLibrary.DestroyThread + - JDK-8035054: JarFacade.c should not include ctype.h + - JDK-8035287: gcc warnings compiling various libraries files + - JDK-8036095: RMI tests using testlibrary.RMID and testlibrary.JavaVM do not pass through vmoptions + - JDK-8037825: Fix warnings and enable "warnings as errors" in serviceability native libraries + - JDK-8042891: Format issues embedded in macros for two g1 source files + - JDK-8043264: hsdis library not picked up correctly on expected paths + - JDK-8043646: libosxapp.dylib fails to build on Mac OS 10.9 with clang + - JDK-8047939: [TESTBUG] Rewrite test/runtime/8001071/Test8001071.sh + - JDK-8055754: filemap.cpp does not compile with clang + - JDK-8064909: FragmentMetaspace.java got OutOfMemoryError + - JDK-8066508: JTReg tests timeout on slow devices when run using JPRT + - JDK-8066807: langtools/test/Makefile should use -agentvm not -samevm + - JDK-8071374: -XX:+PrintAssembly -XX:+PrintSignatureHandlers crash fastdebug VM with assert(limit == __null || limit <= nm->code_end()) in RelocIterator::initialize + - JDK-8073446: TimeZone getOffset API does not return a dst offset between years 2038-2137 + - JDK-8074835: Resolve disabled warnings for libj2gss + - JDK-8074836: Resolve disabled warnings for libosxkrb5 + - JDK-8075071: [TEST_BUG] TimSortStackSize2.java: OOME: Java heap space: MaxHeap shrinked by MaxRAMFraction + - JDK-8077364: "if( !this )" construct prevents build on Xcode 6.3 + - JDK-8078855: [TEST_BUG] javax/swing/JComboBox/8032878/bug8032878.java fails in WindowsClassicLookAndFeel + - JDK-8081764: [TEST_BUG] Test javax/swing/plaf/aqua/CustomComboBoxFocusTest.java fails on Windows, Solaris Sparcv9 and Linux but passes on MacOSX + - JDK-8129511: PlatformMidi.c:83 uses malloc without malloc header + - JDK-8130308: Too low memory usage in TestPromotionFromSurvivorToTenuredAfterMinorGC.java + - JDK-8130430: [TEST_BUG] remove unnecessary internal calls from javax/swing/JRadioButton/8075609/bug8075609.java + - JDK-8132148: G1 hs_err region dump legend out of sync with region values + - JDK-8132709: [TESTBUG] gc/g1/TestHumongousShrinkHeap.java might fail on embedded + - JDK-8134672: [TEST_BUG] Some tests should check isDisplayChangeSupported + - JDK-8134883: C1 hard crash in range check elimination in Nashorn test262parallel + - JDK-8136592: [TEST_BUG] Fix 2 platform-specific closed regtests for jigsaw + - JDK-8138820: JDK Hotspot build fails with Xcode 7.0.1 + - JDK-8151786: [TESTBUG] java/beans/XMLEncoder/Test4625418.java timed out intermittently + - JDK-8159898: Negative array size in java/beans/Introspector/Test8027905.java + - JDK-8166046: [TESTBUG] compiler/stringopts/TestStringObjectInitialization.java fails with OOME + - JDK-8166724: gc/g1/TestHumongousShrinkHeap.java fails with OOME + - JDK-8172188: JDI tests fail due to "permission denied" when creating temp file + - JDK-8177809: File.lastModified() is losing milliseconds (always ends in 000) + - JDK-8178403: DirectAudio in JavaSound may hang and leak + - JDK-8180478: tools/launcher/MultipleJRE.sh fails on Windows because of extra-'' + - JDK-8183910: gc/arguments/TestAggressiveHeap.java fails intermittently + - JDK-8190332: PngReader throws NegativeArraySizeException/OOM error when IHDR width is very large + - JDK-8190679: java/util/Arrays/TimSortStackSize2.java fails with "Initial heap size set to a larger value than the maximum heap size" + - JDK-8191955: AArch64: incorrect prefetch distance causes an internal error + - JDK-8196092: javax/swing/JComboBox/8032878/bug8032878.java fails + - JDK-8199265: java/util/Arrays/TimSortStackSize2.java fails with OOM + - JDK-8200550: Xcode 9.3 produce warning -Wexpansion-to-defined + - JDK-8202299: Java Keystore fails to load PKCS12/PFX certificates created in WindowsServer2016 + - JDK-8203196: C1 emits incorrect code due to integer overflow in _tableswitch keys + - JDK-8205014: com/sun/jndi/ldap/DeadSSLLdapTimeoutTest.java failed with "Read timed out" + - JDK-8206243: java -XshowSettings fails if memory.limit_in_bytes overflows LONG.max + - JDK-8206925: Support the certificate_authorities extension + - JDK-8209996: [PPC64] Fix JFR profiling + - JDK-8214345: infinite recursion while checking super class + - JDK-8217230: assert(t == t_no_spec) failure in NodeHash::check_no_speculative_types() + - JDK-8217348: assert(thread->is_Java_thread()) failed: just checking + - JDK-8225081: Remove Telia Company CA certificate expiring in April 2021 + - JDK-8225116: Test OwnedWindowsLeak.java intermittently fails + - JDK-8228757: Fail fast if the handshake type is unknown + - JDK-8230428: Cleanup dead CastIP node code in formssel.cpp + - JDK-8231631: sun/net/ftp/FtpURLConnectionLeak.java fails intermittently with NPE + - JDK-8231841: AArch64: debug.cpp help() is missing an AArch64 line for pns + - JDK-8231949: [PPC64, s390]: Make async profiling more reliable + - JDK-8234011: (zipfs) Memory leak in ZipFileSystem.releaseDeflater() + - JDK-8239053: [8u] clean up undefined-var-template warnings + - JDK-8239400: [8u] clean up undefined-var-template warnings + - JDK-8241649: Optimize Character.toString + - JDK-8241829: Cleanup the code for PrinterJob on windows + - JDK-8242565: Policy initialization issues when the denyAfter constraint is enabled + - JDK-8243559: Remove root certificates with 1024-bit keys + - JDK-8247350: [aarch64] assert(false) failed: wrong size of mach node + - JDK-8249142: java/awt/FontClass/CreateFont/DeleteFont.sh is unstable + - JDK-8249278: Revert JDK-8226253 which breaks the spec of AccessibleState.SHOWING for JList + - JDK-8250876: Fix issues with cross-compile on macos + - JDK-8252883: AccessDeniedException caused by delayed file deletion on Windows + - JDK-8253375: OSX build fails with Xcode 12.0 (12A7209) + - JDK-8254631: Better support ALPN byte wire values in SunJSSE + - JDK-8255086: Update the root locale display names + - JDK-8255734: VM should ignore SIGXFSZ on ppc64, s390 too + - JDK-8256818: SSLSocket that is never bound or connected leaks socket resources + - JDK-8257039: [8u] GenericTaskQueue destructor is incorrect + - JDK-8257670: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java reports leaks + - JDK-8257884: Re-enable sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java as automatic test + - JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java again reports leaks after JDK-8257884 + - JDK-8257999: Parallel GC crash in gc/parallel/TestDynShrinkHeap.java: new region is not in covered_region + - JDK-8258419: RSA cipher buffer cleanup + - JDK-8258669: fastdebug jvm crashes when do event based tracing for monitor inflation + - JDK-8258753: StartTlsResponse.close() hangs due to synchronization issues + - JDK-8259271: gc/parallel/TestDynShrinkHeap.java still fails "assert(covered_region.contains(new_memregion)) failed: new region is not in covered_region" + - JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use condition is incorrect + - JDK-8259886: Improve SSL session cache performance and scalability + - JDK-8260029: aarch64: fix typo in verify_oop_array + - JDK-8260236: better init AnnotationCollector _contended_group + - JDK-8260255: C1: LoopInvariantCodeMotion constructor can leave some fields uninitialized + - JDK-8260484: CheckExamples.java / NoJavaLangTest.java fail with jtreg 4.2 + - JDK-8260704: ParallelGC: oldgen expansion needs release-store for _end + - JDK-8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding + - JDK-8261867: Backport relevant test changes & additions from JDK-8130125 + - JDK-8262110: DST starts from incorrect time in 2038 + - JDK-8262446: DragAndDrop hangs on Windows + - JDK-8262726: AArch64: C1 StubAssembler::call_RT can corrupt stack + - JDK-8262730: Enable jdk8u MacOS external debug symbols + - JDK-8262864: No debug symbols in image for Windows --with-native-debug-symbols=external + - JDK-8263061: copy wrong unpack200 debuginfo to bin directory after 8252395 + - JDK-8263504: Some OutputMachOpcodes fields are uninitialized + - JDK-8263600: change rmidRunning to a simple lookup + - JDK-8264509: jdk8u MacOS zipped debug symbols won't build + - JDK-8264562: assert(verify_field_bit(1)) failed: Attempting to write an uninitialized event field: type + - JDK-8264640: CMS ParScanClosure misses a barrier + - JDK-8264816: Weak handles leak causes GC to take longer + - JDK-8265462: Handle multiple slots in the NSS Internal Module from SunPKCS11's Secmod + - JDK-8265666: Enable AIX build platform to make external debug symbols + - JDK-8265832: runtime/StackGap/testme.sh fails to compile in 8u + - JDK-8265988: Fix sun/text/IntHashtable/Bug4170614 for JDK 8u + - JDK-8266191: Missing aarch64 parts of JDK-8181872 (C1: possible overflow when strength reducing integer multiply by constant) + - JDK-8266723: JFR periodic events are causing extra allocations + - JDK-8266929: Unable to use algorithms from 3p providers + - JDK-8267235: [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash + - JDK-8267426: MonitorVmStartTerminate test timed out on Embedded VM + - JDK-8267545: [8u] Enable Xcode 12 builds on macOS + - JDK-8267689: [aarch64] Crash due to bad shift in indirect addressing mode + - JDK-8268444: keytool -v -list print is incorrect after backport JDK-8141457 + - JDK-8269388: Default build of OpenJDK 8 fails on newer GCCs with warnings as errors on format-overflow + - JDK-8269468: JDK-8269388 breaks the build on older GCCs + - JDK-8270533: AArch64: size_fits_all_mem_uses should return false if its output is a CAS +* Shenandoah + - [backport] JDK-8259580: Shenandoah: uninitialized label in VerifyThreadGCState + - [backport] JDK-8259954: gc/shenandoah/mxbeans tests fail with -Xcomp + - [backport] JDK-8261251: Shenandoah: Use object size for full GC humongous + - [backport] JDK-8261413: Shenandoah: Disable class-unloading in I-U mode + - [backport] JDK-8265239: Shenandoah: Shenandoah heap region count could be off by 1 + - [backport] JDK-8266802: Shenandoah: Round up region size to page size unconditionally + - [backport] JDK-8267561: Shenandoah: Reference processing not properly setup for outside of cycle degenerated GC + - [backport] JDK-8268127: Shenandoah: Heap size may be too small for region to align to large page size + - [backport] JDK-8268699: Shenandoah: Add test for JDK-8268127 + - Shenandoah: Process weak roots during class unloading cycle + +Notes on individual issues: +=========================== + +security-libs/java.security: + +JDK-8256902: Removed Root Certificates with 1024-bit Keys +========================================================= +The following root certificates with weak 1024-bit RSA public keys +have been removed from the `cacerts` keystore: + +Alias Name: thawtepremiumserverca [jdk] +Distinguished Name: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA + +Alias Name: verisignclass2g2ca [jdk] +Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US + +Alias Name: verisignclass3ca [jdk] +Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US + +Alias Name: verisignclass3g2ca [jdk] +Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US + +Alias Name: verisigntsaca [jdk] +Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA + +JDK-8261361: Removed Telia Company's Sonera Class2 CA certificate +================================================================= + +The following root certificate have been removed from the cacerts truststore: + +Alias Name: soneraclass2ca +Distinguished Name: CN=Sonera Class2 CA, O=Sonera, C=FI + +security-libs/javax.net.ssl: + +JDK-8257548: Improve Encoding of TLS Application-Layer Protocol Negotiation (ALPN) Values +========================================================================================= +Certain TLS ALPN values couldn't be properly read or written by the +SunJSSE provider. This is due to the choice of Strings as the API +interface and the undocumented internal use of the UTF-8 Character Set +which converts characters larger than U+00007F (7-bit ASCII) into +multi-byte arrays that may not be expected by a peer. + +ALPN values are now represented using the network byte representation +expected by the peer, which should require no modification for +standard 7-bit ASCII-based character Strings. However, SunJSSE now +encodes/decodes String characters as 8-bit ISO_8859_1/LATIN-1 +characters. This means applications that used characters above +U+000007F that were previously encoded using UTF-8 may need to either +be modified to perform the UTF-8 conversion, or set the Java security +property `jdk.tls.alpnCharset` to "UTF-8" revert the behavior. + +See the updated guide at +https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/alpn.html +for more information. + +JDK-8244460: Support for certificate_authorities Extension +========================================================== +The "certificate_authorities" extension is an optional extension +introduced in TLS 1.3. It is used to indicate the certificate +authorities (CAs) that an endpoint supports and should be used by the +receiving endpoint to guide certificate selection. + +With this JDK release, the "certificate_authorities" extension is +supported for TLS 1.3 in both the client and the server sides. This +extension is always present for client certificate selection, while it +is optional for server certificate selection. + +Applications can enable this extension for server certificate +selection by setting the `jdk.tls.client.enableCAExtension` system +property to `true`. The default value of the property is `false`. + +Note that if the client trusts more CAs than the size limit of the +extension (less than 2^16 bytes), the extension is not enabled. Also, +some server implementations do not allow handshake messages to exceed +2^14 bytes. Consequently, there may be interoperability issues when +`jdk.tls.client.enableCAExtension` is set to `true` and the client +trusts more CAs than the server implementation limit. + +New in release OpenJDK 8u292 (2021-04-20): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u292 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u292.txt + +* Security fixes + - JDK-8227467: Better class method invocations + - JDK-8244473: Contextualize registration for JNDI + - JDK-8244543: Enhanced handling of abstract classes + - JDK-8249906, CVE-2021-2163: Enhance opening JARs + - JDK-8250568, CVE-2021-2161: Less ambiguous processing + - JDK-8253799: Make lists of normal filenames +* Other changes + - JDK-6345095: regression test EmptyClipRenderingTest fails + - JDK-6896810: TEST_BUG: java/lang/ref/SoftReference/Pin.java fails with OOME during System.out.println + - JDK-6949753: [TEST BUG]: java/awt/print/PageFormat/PDialogTest.java needs update by removing a infinite loop + - JDK-7107012: sun.jvm.hotspot.code.CompressedReadStream readDouble() conversion to long mishandled + - JDK-7112454: TEST_BUG: java/awt/Choice/PopdownGeneratesMouseEvents/PopdownGeneratesMouseEvents.html failed + - JDK-7131835: [TEST_BUG] Test does not consider that the rounded edges of the window in Mac OS 10.7 + - JDK-7185221: [macosx] Regtest should not throw exception if a suitable display mode found + - JDK-8031126: java/lang/management/ThreadMXBean/ThreadUserTime.java fails intermittently + - JDK-8035166: Remove dependency on EC classes from pkcs11 provider + - JDK-8035186: j2se_jdk/jdk/test/java/lang/invoke/lambda/LogGeneratedClassesTest.java - assertion error + - JDK-8038723: Openup some PrinterJob tests + - JDK-8041464: [TEST_BUG] CustomClassLoaderTransferTest does not support OS X + - JDK-8041561: Inconsistent opacity behaviour between JCheckBox and JRadioButton + - JDK-8061777: (zipfs) IllegalArgumentException in ZipCoder.toString when using Shitft_JIS + - JDK-8078024: javac, several incorporation steps are silently failing when an error should be reported + - JDK-8078450: Implement consistent process for quarantine of tests + - JDK-8078614: WindowsClassicLookAndFeel MetalComboBoxUI.getbaseLine fails with IllegalArgumentException + - JDK-8080953: [TEST_BUG]Test java/awt/FontClass/DebugFonts.java fails due to wrongly typed bugid + - JDK-8081547: Prepare client libs regression tests for running in a concurrent, headless jtreg environment + - JDK-8129626: G1: set_in_progress() and clear_started() needs a barrier on non-TSO platforms + - JDK-8141457: keytool default cert fingerprint algorithm should be SHA-256 + - JDK-8145051: Wrong parameter name in synthetic lambda method leads to verifier error + - JDK-8150204: (fs) Enhance java/nio/file/Files/probeContentType/Basic.java debugging output + - JDK-8158525: Update a few java/net tests to use the loopback address instead of the host address + - JDK-8160217: JavaSound should clean up resources better + - JDK-8167281: IIOMetadataNode bugs in getElementsByTagName and NodeList.item methods + - JDK-8168996: C2 crash at postaloc.cpp:140 : assert(false) failed: unexpected yanked node + - JDK-8171410: aarch64: long multiplyExact shifts by 31 instead of 63 + - JDK-8172404: Tools should warn if weak algorithms are used before restricting them + - JDK-8185934: keytool shows "Signature algorithm: SHA1withECDSA, -1-bit key" + - JDK-8191915: JCK tests produce incorrect results with C2 + - JDK-8198334: java/awt/FileDialog/8003399/bug8003399.java fails in headless mode + - JDK-8202343: Disable TLS 1.0 and 1.1 + - JDK-8209333: Socket reset issue for TLS 1.3 socket close + - JDK-8211301: [macos] support full window content options + - JDK-8211339: NPE during SSL handshake caused by HostnameChecker + - JDK-8216987: ciMethodData::load_data() unpacks MDOs with non-atomic copy + - JDK-8217338: [Containers] Improve systemd slice memory limit support + - JDK-8219991: New fix of the deadlock in sun.security.ssl.SSLSocketImpl + - JDK-8221408: Windows 32bit build build errors/warnings in hotspot + - JDK-8223186: HotSpot compile warnings from GCC 9 + - JDK-8225435: Upgrade IANA Language Subtag Registry to the latest for JDK14 + - JDK-8225805: Java Access Bridge does not close the logger + - JDK-8226899: Problemlist compiler/rtm tests + - JDK-8227642: [TESTBUG] Make docker tests podman compatible + - JDK-8228434: jdk/net/Sockets/Test.java fails after JDK-8227642 + - JDK-8229284: jdk/internal/platform/cgroup/TestCgroupMetrics.java fails for - memory:getMemoryUsage + - JDK-8230388: Problemlist additional compiler/rtm tests + - JDK-8233228: Disable weak named curves by default in TLS, CertPath, and Signed JAR + - JDK-8234727: sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3 + - JDK-8234728: Some security tests should support TLSv1.3 + - JDK-8235263: Revert TLS 1.3 change that wrapped IOExceptions + - JDK-8235311: Tag mismatch may alert bad_record_mac + - JDK-8235874: The ordering of Cipher Suites is not maintained provided through jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system property. + - JDK-8236500: Windows ucrt.dll should be looked up in versioned WINSDK subdirectory + - JDK-8238579: HttpsURLConnection drops the timeout and hangs forever in read + - JDK-8239091: Reversed arguments in call to strstr in freetype "debug" code. + - JDK-8240353: AArch64: missing support for -XX:+ExtendedDTraceProbes in C1 + - JDK-8240827: Downport SSLSocketImpl.java from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE" + - JDK-8242141: New System Properties to configure the TLS signature schemes + - JDK-8244621: [macos10.15] Garbled FX printing plus CoreText warnings on Catalina when building with Xcode 11 + - JDK-8248336: AArch64: C2: offset overflow in BoxLockNode::emit + - JDK-8249183: JVM crash in "AwtFrame::WmSize" method + - JDK-8249251: [dark_mode ubuntu 20.04] The selected menu is not highlighted in GTKLookAndFeel + - JDK-8249588: libwindowsaccessbridge issues on 64bit Windows + - JDK-8250582: Revert Principal Name type to NT-UNKNOWN when requesting TGS Kerberos tickets + - JDK-8250984: Memory Docker tests fail on some Linux kernels w/o cgroupv1 swap limit capabilities + - JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray + - JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/DisposeFrameOnDragTest.java fails on Windows + - JDK-8253368: TLS connection always receives close_notify exception + - JDK-8253476: TestUseContainerSupport.java fails on some Linux kernels w/o swap limit capabilities + - JDK-8253932: SSL debug log prints incorrect caller info + - JDK-8254854: [cgroups v1] Metric limits not properly detected on some join controller combinations + - JDK-8255880: UI of Swing components is not redrawn after their internal state changed + - JDK-8255908: ExceptionInInitializerError due to UncheckedIOException while initializing cgroupv1 subsystem + - JDK-8255937: Better cleanup for test/jdk/javax/imageio/stream/StreamFlush.java + - JDK-8256421: Add 2 HARICA roots to cacerts truststore + - JDK-8256642: [TEST_BUG] jdk/test/javax/sound/midi/MidiSystem/DefaultProperties.java failed + - JDK-8258079: Eliminate ParNew's use of klass_or_null() + - JDK-8256682: JDK-8202343 is incomplete + - JDK-8257746: Regression introduced with JDK-8250984 - memory might be null in some machines + - JDK-8258241: [8u] Missing doPrivileged() hunks from JDK-8226575 + - JDK-8258247: Couple of issues in fix for JDK-8249906 + - JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder.rotateDisk() + - JDK-8258430: 8u backport of JDK-8063107 missing test/javax/swing/JRadioButton/8041561/bug8041561.java changes + - JDK-8258833: Cancel multi-part cipher operations in SunPKCS11 after failures + - JDK-8258933: G1 needs klass_or_null_acquire + - JDK-8259048: (tz) Upgrade time-zone data to tzdata2020f + - JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert will + - JDK-8259384: CUP version wrong in THIRD_PARTY_README after JDK-8233548 + - JDK-8259428: AlgorithmId.getEncodedParams() should return copy + - JDK-8259568: PPC64 builds broken after JDK-8221408 8u backport + - JDK-8260349: Cannot programmatically retrieve Metaspace max set via JAVA_TOOL_OPTIONS + - JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a + - JDK-8260930: AARCH64: Invalid value passed to critical JNI function + - JDK-8261183: Follow on to Make lists of normal filenames + - JDK-8261231: Windows IME was disabled after DnD operation + - JDK-8261766: [8u] hotspot needs to recognise cl.exe 19.16 to build with VS2017 + - JDK-8262073: assert(allocates2(pc)) failed: not in CodeBuffer memory + - JDK-8262075: sun/security/krb5/auto/UseCacheAndStoreKey.java timed out intermittently + - JDK-8263008: AARCH64: Add debug info for libsaproc.so + - JDK-8264171: Missing aarch64 parts of JDK-8236179 (C1 register allocation failure with T_ADDRESS) +* Shenandoah + - Normalise whitespace in AArch64 sources prior to merge of upstreamed version in 8u292-b01. + - Revert differences against upstream 8u + - [backport] 8202976: Add C1 lea patching support for x86 + - [backport] 8221507: Implement JFR Events for Shenandoah + - [backport] 8224573: Fix windows build after JDK-8221507 + - [backport] 8228369: Shenandoah: Refactor LRB C1 stubs + - [backport] 8229474: Shenandoah: Cleanup CM::update_roots() + - [backport] 8229709: x86_32 build and test failures after JDK-8228369 (Shenandoah: Refactor LRB C1 stubs) + - [backport] 8231087: Shenandoah: Self-fixing load reference barriers for C1/C2 + - [backport] 8232747: Shenandoah: Concurrent GC should deactivate SATB before processing weak roots + - [backport] 8232992: Shenandoah: Implement self-fixing interpreter LRB + - [backport] 8233021: Shenandoah: SBSC2::is_shenandoah_lrb_call should match all LRB shapes + - [backport] 8233165: Shenandoah:SBSA::gen_load_reference_barrier_stub() should use pointer register for address on aarch64 + - [backport] 8233574: Shenandoah: build is broken without jfr + - [backport] 8237837: Shenandoah: assert(mem == __null) failed: only one safepoint + - [backport] 8238153: CTW: C2 (Shenandoah) compilation fails with "Unknown node in get_load_addr: CreateEx" + - [backport] 8238851: Shenandoah: C1: Resolve into registers of correct type + - [backport] 8240315: Shenandoah: Rename ShLBN::get_barrier_strength() + - [backport] 8240751: Shenandoah: fold ShenandoahTracer definition + - [backport] 8241765: Shenandoah: AARCH64 need to save/restore call clobbered registers before calling keepalive barrier + - [backport] 8244510: Shenandoah: invert SHC2Support::is_in_cset condition + - [backport] 8244663: Shenandoah: C2 assertion fails in Matcher::collect_null_checks + - [backport] 8244721: CTW: C2 (Shenandoah) compilation fails with "unexpected infinite loop graph shape" + - [backport] 8251451: Shenandoah: Remark ObjectSynchronizer roots with I-U + - [backport] 8252660: Shenandoah: support manageable SoftMaxHeapSize option + - [backport] 8253224: Shenandoah: ShenandoahStrDedupQueue destructor calls virtual num_queues() + - [backport] 8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint should not access VMThread state from other threads + - [backport] 8255457: Shenandoah: cleanup ShenandoahMarkTask + - [backport] 8255760: Shenandoah: match constants style in ShenandoahMarkTask fallback + - [backport] 8256806: Shenandoah: optimize shenandoah/jni/TestPinnedGarbage.java test + - [backport] 8257641: Shenandoah: Query is_at_shenandoah_safepoint() from control thread should return false + - Fix register allocation for thread register is 32bit LRB + - Fix Shenandoah bindings in ADLC formssel + - Shenandoah: Backed out weak roots cleaning during full gc + +Notes on individual issues: +=========================== + +security-libs/java.security: + +JDK-8260597: Added 2 HARICA Root CA Certificates +================================================ + +The following root certificates have been added to the cacerts truststore: + +Alias Name: haricarootca2015 +Distinguished Name: CN=Hellenic Academic and Research Institutions RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR + +Alias Name: haricaeccrootca2015 +Distinguished Name: CN=Hellenic Academic and Research Institutions ECC RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR + +JDK-8236730: Weak Named Curves in TLS, CertPath, and Signed JAR Disabled by Default +=================================================================================== +Weak named curves are disabled by default by adding them to the +following `disabledAlgorithms` security properties: + +* jdk.tls.disabledAlgorithms +* jdk.certpath.disabledAlgorithms +* jdk.jar.disabledAlgorithms + +Red Hat has always disabled many of the curves provided by upstream, +so the only addition in this release is: + +* secp256k1 + +The curves that remain enabled are: + +* secp256r1 +* secp384r1 +* secp521r1 +* X25519 +* X448 + +When large numbers of weak named curves need to be disabled, adding +individual named curves to each `disabledAlgorithms` property would be +overwhelming. To relieve this, a new security property, +`jdk.disabled.namedCurves`, is implemented that can list the named +curves common to all of the `disabledAlgorithms` properties. To use +the new property in the `disabledAlgorithms` properties, precede the +full property name with the keyword `include`. Users can still add +individual named curves to `disabledAlgorithms` properties separate +from this new property. No other properties can be included in the +`disabledAlgorithms` properties. + +To restore the named curves, remove the `include +jdk.disabled.namedCurves` either from specific or from all +`disabledAlgorithms` security properties. To restore one or more +curves, remove the specific named curve(s) from the +`jdk.disabled.namedCurves` property. + +JDK-8244286: Tools Warn If Weak Algorithms Are Used +=================================================== +The `keytool` and `jarsigner` tools have been updated to warn users +when weak cryptographic algorithms are used in keys, certificates, and +signed JARs before they are disabled. The weak algorithms are set in +the `jdk.security.legacyAlgorithms` security property in the +`java.security` configuration file. In this release, the tools issue +warnings for the SHA-1 hash algorithm and 1024-bit RSA/DSA keys. + +security-libs/javax.net.ssl: + +JDK-8256490: Disable TLS 1.0 and 1.1 +==================================== +TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer +considered secure and have been superseded by more secure and modern +versions (TLS 1.2 and 1.3). + +These versions have now been disabled by default. If you encounter +issues, you can, at your own risk, re-enable the versions by removing +"TLSv1" and/or "TLSv1.1" from the `jdk.tls.disabledAlgorithms` +security property in the `java.security` configuration file. + +JDK-8242147: New System Properties to Configure the TLS Signature Schemes +========================================================================= +Two new system properties have been added to customize the TLS +signature schemes in JDK. `jdk.tls.client.SignatureSchemes` has been +added for the TLS client side, and `jdk.tls.server.SignatureSchemes` +has been added for the server side. + +Each system property contains a comma-separated list of supported +signature scheme names specifying the signature schemes that could be +used for the TLS connections. + +The names are described in the "Signature Schemes" section of the +*Java Security Standard Algorithm Names Specification*. + +tools/javac: + +JDK-8177368: Several incorporation steps are silently failing when an error should be reported +============================================================================================== +Reporting previously silent errors found during incorporation, JLS +8§18.3, was supposed to be a clean-up with performance only +implications. But consider the test case: + +import java.util.Arrays; +import java.util.List; + +class Klass { + public static List> foo(List... lists) { + return foo(Arrays.asList(lists)); + } + + public static List> foo(List> lists) { + return null; + } +} + +This code was not accepted before the patch for [1], but after this +patch the compiler is accepting it. Accepting this code is the right +behavior as not reporting incorporation errors was a bug in the +compiler. While determining the applicability of method: +List> foo(List> lists) for which +we have the constraints: b <: Object t <: List t<:Object +List <: t first, inference variable b is selected for +instantiation: b = CAP1 of ? extends A so this implies that: t <: +List t<: Object List <: t + +Now all the bounds are checked for consistency. While checking if +List is a subtype of List +a bound error is reported. Before the compiler was just swallowing +it. As now the error is reported while inference variable b is being +instantiated, the bound set is rolled back to it's initial state, 'b' +is instantiated to Object, and with this instantiation the constraint +set is solvable, the method is applicable, it's the only applicable +one and the code is accepted as correct. The compiler behavior in this +case is defined at JLS 8 §18.4 + +This fix has source compatibility impact, right now code that wasn't +being accepted is now being accepted by the javac compiler. Currently +there are no reports of any other kind of incompatibility. + +[1] https://bugs.openjdk.java.net/browse/JDK-8078024 + +New in release OpenJDK 8u282 (2021-01-19): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u282 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u282.txt + +* Security fixes + - JDK-8247619: Improve Direct Buffering of Characters +* Other changes + - JDK-6962725: Regtest javax/swing/JFileChooser/6738668/bug6738668.java fails under Linux + - JDK-8008657: JSpinner setComponentOrientation doesn't affect on text orientation + - JDK-8022535: [TEST BUG] javax/swing/text/html/parser/Test8017492.java fails + - JDK-8025936: Windows .pdb and .map files does not have proper dependencies setup + - JDK-8030350: Enable additional compiler warnings for GCC + - JDK-8031423: Test java/awt/dnd/DisposeFrameOnDragCrash/DisposeFrameOnDragTest.java fails by Timeout on Windows + - JDK-8036122: Fix warning 'format not a string literal' + - JDK-8039279: Move awt tests to openjdk repository + - JDK-8041592: [TEST_BUG] Move 42 AWT hw/lw mixing tests to jdk + - JDK-8043126: move awt automated functional tests from AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository + - JDK-8043131: Move ShapedAndTranslucentWindows and GC functional AWT tests to regression tree + - JDK-8043899: compiler/5091921/Test7005594.java fails if specified -Xmx is less than 1600m + - JDK-8044157: [TEST_BUG] Improve recently submitted AWT_Mixing tests + - JDK-8044172: [TEST_BUG] Move regtests for 4523758 and AltPlusNumberKeyCombinationsTest to jdk + - JDK-8044429: move awt automated tests for AWT_Modality to OpenJDK repository + - JDK-8044765: Move functional tests AWT_SystemTray/Automated to openjdk repository + - JDK-8046221: [TEST_BUG] Cleanup datatransfer tests + - JDK-8047180: Move functional tests AWT_Headless/Automated to OpenJDK repository + - JDK-8047367: move awt automated tests from AWT_Modality to OpenJDK repository - part 2 + - JDK-8048246: Move AWT_DnD/Clipboard/Automated functional tests to OpenJDK + - JDK-8049617: move awt automated tests from AWT_Modality to OpenJDK repository - part 3 + - JDK-8049694: Migrate functional AWT_DesktopProperties/Automated tests to OpenJDK + - JDK-8050885: move awt automated tests from AWT_Modality to OpenJDK repository - part 4 + - JDK-8051440: move tests about maximizing undecorated to OpenJDK + - JDK-8051853: new URI("x/").resolve("..").getSchemeSpecificPart() returns null! + - JDK-8052012: move awt automated tests from AWT_Modality to OpenJDK repository - part 5 + - JDK-8052408: Move AWT_BAT functional tests to OpenJDK (3 of 3) + - JDK-8053657: [TEST_BUG] move some 5 tests related to undecorated Frame/JFrame to JDK + - JDK-8054143: move awt automated tests from AWT_Modality to OpenJDK repository - part 6 + - JDK-8054358: move awt automated tests from AWT_Modality to OpenJDK repository - part 7 + - JDK-8054359: move awt automated tests from AWT_Modality to OpenJDK repository - part 8 + - JDK-8055360: Move the rest part of AWT ShapedAndTranslucent tests to OpenJDK + - JDK-8055664: move 14 tests about setLocationRelativeTo to jdk + - JDK-8055836: move awt tests from AWT_Modality to OpenJDK repository - part 9 + - JDK-8057694: move awt tests from AWT_Modality to OpenJDK repository - part 10 + - JDK-8058805: [TEST_BUG]Test java/awt/TrayIcon/SecurityCheck/NoPermissionTest/NoPermissionTest.java fails + - JDK-8062808: Turn on the -Wreturn-type warning + - JDK-8063102: Change open awt regression tests to avoid sun.awt.SunToolkit.realSync, part 1 + - JDK-8063104: Change open awt regression tests to avoid sun.awt.SunToolkit.realSync, part 2 + - JDK-8063106: Change open swing regression tests to avoid sun.awt.SunToolkit.realSync, part 1 + - JDK-8063107: Change open swing regression tests to avoid sun.awt.SunToolkit.realSync, part 2 + - JDK-8064573: [TEST_BUG] javax/swing/text/AbstractDocument/6968363/Test6968363.java is asocial pressing VK_LEFT and not releasing + - JDK-8064575: [TEST_BUG] javax/swing/JEditorPane/6917744/bug6917744.java 100 times press keys and never releases + - JDK-8064809: [TEST_BUG] javax/swing/JComboBox/4199622/bug4199622.java contains a lot of keyPress and not a single keyRelease + - JDK-8067441: Some tests fails with error: cannot find symbol getSystemMnemonicKeyCodes() + - JDK-8068228: Test closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest fails with GTKLookAndFeel + - JDK-8068275: Some tests failed after JDK-8063104 + - JDK-8069211: (zipfs) ZipFileSystem creates corrupted zip if entry output stream gets closed more than once + - JDK-8074807: Fix some tests unnecessary using internal API + - JDK-8076315: move 4 manual functional swing tests to regression suite + - JDK-8130772: Util.hitMnemonics does not work: getSystemMnemonicKeyCodes() returns ALT_MASK rather than VK_ALT + - JDK-8132664: closed/javax/swing/DataTransfer/DefaultNoDrop/DefaultNoDrop.java locks on Windows + - JDK-8134632: Mark javax/sound/midi/Devices/InitializationHang.java as headful + - JDK-8148854: Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalent + - JDK-8148916: Mark bug6400879.java as intermittently failing + - JDK-8148983: Fix extra comma in changes for JDK-8148916 + - JDK-8152545: Use preprocessor instead of compiling a program to generate native nio constants + - JDK-8156803: Turn StressLCM/StressGCM flags to diagnostic + - JDK-8160438: javax/swing/plaf/nimbus/8057791/bug8057791.java fails + - JDK-8160761: [TESTBUG] Several compiler tests fail with product bits + - JDK-8163161: [PIT][TEST_BUG] increase timeout in javax/swing/plaf/nimbus/8057791/bug8057791.java + - JDK-8165808: Add release barriers when allocating objects with concurrent collection + - JDK-8166015: [PIT][TEST_BUG] stray character in java/awt/Focus/ModalDialogActivationTest/ModalDialogActivationTest.java + - JDK-8166583: Add oopDesc::klass_or_null_acquire() + - JDK-8166663: Simplify oops_on_card_seq_iterate_careful + - JDK-8166862: CMS needs klass_or_null_acquire + - JDK-8168292: [TESTBUG] [macosx] Test java/awt/TrayIcon/DragEventSource/DragEventSource.java fails on OS X + - JDK-8168682: jdk/test/java/lang/ClassLoader/forNameLeak/ClassForNameLeak.java fails with -Xcomp + - JDK-8179083: Uninitialized notifier in Java Monitor Wait tracing event + - JDK-8185003: JMX: Add a version of ThreadMXBean.dumpAllThreads with a maxDepth argument + - JDK-8197981: Missing return statement in __sync_val_compare_and_swap_8 + - JDK-8202076: test/jdk/java/io/File/WinSpecialFiles.java on windows with VS2017 + - JDK-8205507: jdk/javax/xml/crypto/dsig/GenerationTests.java timed out + - JDK-8207766: [testbug] Adapt tests for Aix. + - JDK-8212070: Introduce diagnostic flag to abort VM on failed JIT compilation + - JDK-8213448: [TESTBUG] enhance jfr/jvm/TestDumpOnCrash + - JDK-8215727: Restore JFR thread sampler loop to old / previous behavior + - JDK-8217362: Emergency dump does not work when disk=false is set + - JDK-8217766: Container Support doesn't work for some Join Controllers combinations + - JDK-8219013: Update Apache Santuario (XML Signature) to version 2.1.3 + - JDK-8219562: Line of code in osContainer_linux.cpp L102 appears unreachable + - JDK-8220579: [Containers] SubSystem.java out of sync with osContainer_linux.cpp + - JDK-8220657: JFR.dump does not work when filename is set + - JDK-8221340: [TESTBUG] TestCgroupMetrics.java fails after fix for JDK-8219562 + - JDK-8221342: [TESTBUG] Generate Dockerfile for docker testing + - JDK-8221710: [TESTBUG] more configurable parameters for docker testing + - JDK-8223108: Test java/awt/EventQueue/NonComponentSourcePost.java is unstable + - JDK-8224502: [TESTBUG] JDK docker test TestSystemMetrics.java fails with access issues and OOM + - JDK-8225072: Add LuxTrust certificate that is expiring in March 2021 to list of allowed but expired certs + - JDK-8227006: [linux] Runtime.availableProcessors execution time increased by factor of 100 + - JDK-8229868: Update Apache Santuario TPRM version + - JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes() can be quicker for self thread + - JDK-8231968: getCurrentThreadAllocatedBytes default implementation s/b getThreadAllocatedBytes + - JDK-8232114: JVM crashed at imjpapi.dll in native code + - JDK-8233548: Update CUP to v0.11b + - JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect numbers for Compiler area + - JDK-8234339: replace JLI_StrTok in java_md_solinux.c + - JDK-8238448: RSASSA-PSS signature verification fail when using certain odd key sizes + - JDK-8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test + - JDK-8242335: Additional Tests for RSASSA-PSS + - JDK-8242480: Negative value may be returned by getFreeSwapSpaceSize() in the docker + - JDK-8244225: stringop-overflow warning on strncpy call from compile_the_world_in + - JDK-8245400: Upgrade to LittleCMS 2.11 + - JDK-8246648: issue with OperatingSystemImpl getFreeSwapSpaceSize in docker after 8242480 + - JDK-8248214: Add paddings for TaskQueueSuper to reduce false-sharing cache contention + - JDK-8249176: Update GlobalSignR6CA test certificates + - JDK-8249846: Change of behavior after JDK-8237117: Better ForkJoinPool behavior + - JDK-8250636: iso8601_time returns incorrect offset part on MacOS + - JDK-8250665: Wrong translation for the month name of May in ar_JO,LB,SY + - JDK-8250928: JFR: Improve hash algorithm for stack traces + - JDK-8251365: Build failure on AIX after 8250636 + - JDK-8251469: Better cleanup for test/jdk/javax/imageio/SetOutput.java + - JDK-8251840: Java_sun_awt_X11_XToolkit_getDefaultScreenData should not be in make/mapfiles/libawt_xawt/mapfile-vers + - JDK-8252384: [TESTBUG] Some tests refer to COMPAT provider rather than JRE + - JDK-8252395: [8u] --with-native-debug-symbols=external doesn't include debuginfo files for binaries + - JDK-8252497: Incorrect numeric currency code for ROL + - JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent + - JDK-8252904: VM crashes when JFR is used and JFR event class is transformed + - JDK-8252975: [8u] JDK-8252395 breaks the build for --with-native-debug-symbols=internal + - JDK-8253036: Support building the Zero assembler port on AArch64 + - JDK-8253284: Zero OrderAccess barrier mappings are incorrect + - JDK-8253550: [8u] JDK-8252395 breaks the build for make STRIP_POLICY=no_strip + - JDK-8253752: test/sun/management/jmxremote/bootstrap/RmiBootstrapTest.java fails randomly + - JDK-8253837: JFR 8u fix symbol and cstring hashtable equals implementaion + - JDK-8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate + - JDK-8254144: Non-x86 Zero builds fail with return-type warning in os_linux_zero.cpp + - JDK-8254166: Zero: return-type warning in zeroInterpreter_zero.cpp + - JDK-8254683: [TEST_BUG] jdk/test/sun/tools/jconsole/WorkerDeadlockTest.java fails + - JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c + - JDK-8255003: Build failures on Solaris + - JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d + - JDK-8255269: Unsigned overflow in g1Policy.cpp + - JDK-8255603: Memory/Performance regression after JDK-8210985 + - JDK-8255717: Fix JFR crash in WriteObjectSampleStacktrace due to object not initialized + - JDK-8256618: Zero: Linux x86_32 build still fails + - JDK-8256671: Incorrect assignment operator used in guarantee() in genCollectedHeap + - JDK-8256752: 8252395 incorrect copy rule for macos .dSYM folder + - JDK-8257397: [TESTBUG] test/lib/containers/docker/Common.java refers to -Xlog:os+container=trace + - JDK-8258630: Add expiry exception for QuoVadis root certificate +* AArch64 port + - Fix AArch64 build failure after JDK-8062808 backport +* Shenandoah + - Fix racy update of code roots + +Notes on individual issues: +=========================== + +security-libs/javax.xml.crypto: + +JDK-8230839: Updated XML Signature Implementation to Apache Santuario 2.1.3 +=========================================================================== +The XML Signature implementation in the `java.xml.crypto` module has +been updated to version 2.1.3 of Apache Santuario. New features +include: + +* Added support for embedding elliptic curve public keys in the + KeyValue element + +New in release OpenJDK 8u275 (2020-11-05): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u275 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u275.txt + +* Regression fixes + - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate" + - JDK-8223940: Private key not supported by chosen signature algorithm + - JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding + - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) + +New in release OpenJDK 8u272 (2020-10-20): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u272 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt + +* New features + - JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7 +* Security fixes + - JDK-8233624: Enhance JNI linkage + - JDK-8236196: Improve string pooling + - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class + - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts + - JDK-8237995, CVE-2020-14782: Enhance certificate processing + - JDK-8240124: Better VM Interning + - JDK-8241114, CVE-2020-14792: Better range handling + - JDK-8242680, CVE-2020-14796: Improved URI Support + - JDK-8242685, CVE-2020-14797: Better Path Validation + - JDK-8242695, CVE-2020-14798: Enhanced buffer support + - JDK-8243302: Advanced class supports + - JDK-8244136, CVE-2020-14803: Improved Buffer supports + - JDK-8244479: Further constrain certificates + - JDK-8244955: Additional Fix for JDK-8240124 + - JDK-8245407: Enhance zoning of times + - JDK-8245412: Better class definitions + - JDK-8245417: Improve certificate chain handling + - JDK-8248574: Improve jpeg processing + - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit + - JDK-8253019: Enhanced JPEG decoding +* Other changes + - JDK-6574989: TEST_BUG: javax/sound/sampled/Clip/bug5070081.java fails sometimes + - JDK-8006205: [TESTBUG] NEED_TEST: please JTREGIFY test/compiler/7177917/Test7177917.java + - JDK-8023697: failed class resolution reports different class name in detail message for the first and subsequent times + - JDK-8025886: replace [[ and == bash extensions in regtest + - JDK-8026236: Add PrimeTest for BigInteger + - JDK-8031625: javadoc problems referencing inner class constructors + - JDK-8035493: JVMTI PopFrame capability must instruct compilers not to prune locals + - JDK-8036088: Replace strtok() with its safe equivalent strtok_s() in DefaultProxySelector.c + - JDK-8039082: [TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java fails + - JDK-8046274: Removing dependency on jakarta-regexp + - JDK-8048933: -XX:+TraceExceptions output should include the message + - JDK-8057003: Large reference arrays cause extremely long synchronization times + - JDK-8060721: Test runtime/SharedArchiveFile/LimitSharedSizes.java fails in jdk 9 fcs new platforms/compiler + - JDK-8061616: HotspotDiagnosticMXBean.getVMOption() throws IllegalArgumentException for flags of type double + - JDK-8062947: Fix exception message to correctly represent LDAP connection failure + - JDK-8064319: Need to enable -XX:+TraceExceptions in release builds + - JDK-8075774: Small readability and performance improvements for zipfs + - JDK-8076151: [TESTBUG] Test java/awt/FontClass/CreateFont/fileaccess/FontFile.java fails + - JDK-8078334: Mark regression tests using randomness + - JDK-8078880: Mark a few more intermittently failuring security-libs + - JDK-8080462: Update SunPKCS11 provider with PKCS11 v2.40 support + - JDK-8132206: move ScanTest.java into OpenJDK + - JDK-8132376: Add @requires os.family to the client tests with access to internal OS-specific API + - JDK-8132745: minor cleanup of java/util/Scanner/ScanTest.java + - JDK-8137087: [TEST_BUG] Cygwin failure of java/awt/appletviewer/IOExceptionIfEncodedURLTest/IOExceptionIfEncodedURLTest.sh + - JDK-8144539: Update PKCS11 tests to run with security manager + - JDK-8145808: java/awt/Graphics2D/MTGraphicsAccessTest/MTGraphicsAccessTest.java hangs on Win. 8 + - JDK-8148754: C2 loop unrolling fails due to unexpected graph shape + - JDK-8148854: Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalent + - JDK-8151678: com/sun/jndi/ldap/LdapTimeoutTest.java failed due to timeout on DeadServerNoTimeoutTest is incorrect + - JDK-8151788: NullPointerException from ntlm.Client.type3 + - JDK-8151834: Test SmallPrimeExponentP.java times out intermittently + - JDK-8152077: (cal) Calendar.roll does not always roll the hours during daylight savings + - JDK-8153430: jdk regression test MletParserLocaleTest, ParserInfiniteLoopTest reduce default timeout + - JDK-8153583: Make OutputAnalyzer.reportDiagnosticSummary public + - JDK-8154313: Generated javadoc scattered all over the place + - JDK-8156169: Some sound tests rarely hangs because of incorrect synchronization + - JDK-8160768: Add capability to custom resolve host/domain names within the default JNDI LDAP provider + - JDK-8161973: PKIXRevocationChecker.getSoftFailExceptions() not working + - JDK-8163251: Hard coded loop limit prevents reading of smart card data greater than 8k + - JDK-8165936: Potential Heap buffer overflow when seaching timezone info files + - JDK-8165996: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite + - JDK-8166148: Fix for JDK-8165936 broke solaris builds + - JDK-8167300: Scheduling failures during gcm should be fatal + - JDK-8167615: Opensource unit/regression tests for JavaSound + - JDK-8168517: java/lang/ProcessBuilder/Basic.java failed + - JDK-8169925: PKCS #11 Cryptographic Token Interface license + - JDK-8172012: [TEST_BUG] delays needed in javax/swing/JTree/4633594/bug4633594.java + - JDK-8173300: [TESTBUG]compiler/tiered/NonTieredLevelsTest.java fails with compiler.whitebox.SimpleTestCaseHelper(int) must be compiled + - JDK-8177334: Update xmldsig implementation to Apache Santuario 2.1.1 + - JDK-8177628: Opensource unit/regression tests for ImageIO + - JDK-8183341: Better cleanup for javax/imageio/AllowSearch.java + - JDK-8183349: Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java and WriteAfterAbort.java + - JDK-8183351: Better cleanup for jdk/test/javax/imageio/spi/AppletContextTest/BadPluginConfigurationTest.sh + - JDK-8184762: ZapStackSegments should use optimized memset + - JDK-8191678: [TESTBUG] Add keyword headful in java/awt FocusTransitionTest test. + - JDK-8192953: sun/management/jmxremote/bootstrap/*.sh tests fail with error : revokeall.exe: Permission denied + - JDK-8193137: Nashorn crashes when given an empty script file + - JDK-8193234: When using -Xcheck:jni an internally allocated buffer can leak + - JDK-8194298: Add support for per Socket configuration of TCP keepalive + - JDK-8198004: javax/swing/JFileChooser/6868611/bug6868611.java throws error + - JDK-8200313: java/awt/Gtk/GtkVersionTest/GtkVersionTest.java fails + - JDK-8201633: Problems with AES-GCM native acceleration + - JDK-8203357: Container Metrics + - JDK-8209113: Use WeakReference for lastFontStrike for created Fonts + - JDK-8210147: adjust some WSAGetLastError usages in windows network coding + - JDK-8211049: Second parameter of "initialize" method is not used + - JDK-8211163: UNIX version of Java_java_io_Console_echo does not return a clean boolean + - JDK-8211714: Need to update vm_version.cpp to recognise VS2017 minor versions + - JDK-8214862: assert(proj != __null) at compile.cpp:3251 + - JDK-8216283: Allow shorter method sampling interval than 10 ms + - JDK-8217606: LdapContext#reconnect always opens a new connection + - JDK-8217647: JFR: recordings on 32-bit systems unreadable + - JDK-8217878: ENVELOPING XML signature no longer works in JDK 11 + - JDK-8218629: XML Digital Signature throws NAMESPACE_ERR exception on OpenJDK 11, works 8/9/10 + - JDK-8219566: JFR did not collect call stacks when MaxJavaStackTraceDepth is set to zero + - JDK-8219919: RuntimeStub name lost with PrintFrameConverterAssembly + - JDK-8220165: Encryption using GCM results in RuntimeException- input length out of bound + - JDK-8220313: [TESTBUG] Update base image for Docker testing to OL 7.6 + - JDK-8220555: JFR tool shows potentially misleading message when it cannot access a file + - JDK-8220674: [TESTBUG] MetricsMemoryTester failcount test in docker container only works with debug JVMs + - JDK-8221569: JFR tool produces incorrect output when both --categories and --events are specified + - JDK-8222079: Don't use memset to initialize fields decode_env constructor in disassembler.cpp + - JDK-8224217: RecordingInfo should use textual representation of path + - JDK-8225695: 32-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support) + - JDK-8226575: OperatingSystemMXBean should be made container aware + - JDK-8226697: Several tests which need the @key headful keyword are missing it. + - JDK-8226809: Circular reference in printed stack trace is not correctly indented & ambiguous + - JDK-8228835: Memory leak in PKCS11 provider when using AES GCM + - JDK-8229378: jdwp library loader in linker_md.c quietly truncates on buffer overflow + - JDK-8230303: JDB hangs when running monitor command + - JDK-8230711: ConnectionGraph::unique_java_object(Node* N) return NULL if n is not in the CG + - JDK-8231213: Migrate SimpleDateFormatConstTest to JDK Repo + - JDK-8231779: crash HeapWord*ParallelScavengeHeap::failed_mem_allocate + - JDK-8233097: Fontmetrics for large Fonts has zero width + - JDK-8233621: Mismatch in jsse.enableMFLNExtension property name + - JDK-8234617: C1: Incorrect result of field load due to missing narrowing conversion + - JDK-8235243: handle VS2017 15.9 and VS2019 in abstract_vm_version + - JDK-8235325: build failure on Linux after 8235243 + - JDK-8235687: Contents/MacOS/libjli.dylib cannot be a symlink + - JDK-8236645: JDK 8u231 introduces a regression with incompatible handling of XML messages + - JDK-8237951: CTW: C2 compilation fails with "malformed control flow" + - JDK-8238225: Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary + - JDK-8238380: java.base/unix/native/libjava/childproc.c "multiple definition" link errors with GCC10 + - JDK-8238386: (sctp) jdk.sctp/unix/native/libsctp/SctpNet.c "multiple definition" link errors with GCC10 + - JDK-8238388: libj2gss/NativeFunc.o "multiple definition" link errors with GCC10 + - JDK-8238898: Missing hash characters for header on license file + - JDK-8239385: KerberosTicket client name refers wrongly to sAMAccountName in AD + - JDK-8239819: XToolkit: Misread of screen information memory + - JDK-8240295: hs_err elapsed time in seconds is not accurate enough + - JDK-8240676: Meet not symmetric failure when running lucene on jdk8 + - JDK-8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one + - JDK-8242498: Invalid "sun.awt.TimedWindowEvent" object leads to JVM crash + - JDK-8242556: Cannot load RSASSA-PSS public key with non-null params from byte array + - JDK-8243138: Enhance BaseLdapServer to support starttls extended request + - JDK-8243320: Add SSL root certificates to Oracle Root CA program + - JDK-8243321: Add Entrust root CA - G4 to Oracle Root CA program + - JDK-8243489: Thread CPU Load event may contain wrong data for CPU time under certain conditions + - JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest release 1.8.26 + - JDK-8244818: Java2D Queue Flusher crash while moving application window to external monitor + - JDK-8245467: Remove 8u TLSv1.2 implementation files + - JDK-8245469: Remove DTLS protocol implementation + - JDK-8245470: Fix JDK8 compatibility issues + - JDK-8245471: Revert JDK-8148188 + - JDK-8245472: Backport JDK-8038893 to JDK8 + - JDK-8245473: OCSP stapling support + - JDK-8245474: Add TLS_KRB5 cipher suites support according to RFC-2712 + - JDK-8245476: Disable TLSv1.3 protocol in the ClientHello message by default + - JDK-8245477: Adjust TLS tests location + - JDK-8245653: Remove 8u TLS tests + - JDK-8245681: Add TLSv1.3 regression test from 11.0.7 + - JDK-8246193: Possible NPE in ENC-PA-REP search in AS-REQ + - JDK-8246310: Clean commented-out code about ModuleEntry andPackageEntry in JFR + - JDK-8246384: Enable JFR by default on supported architectures for October 2020 release + - JDK-8248643: Remove extra leading space in JDK-8240295 8u backport + - JDK-8248851: CMS: Missing memory fences between free chunk check and klass read + - JDK-8249158: THREAD_START and THREAD_END event posted in primordial phase + - JDK-8249610: Make sun.security.krb5.Config.getBooleanObject(String... keys) method public + - JDK-8249677: Regression in 8u after JDK-8237117: Better ForkJoinPool behavior + - JDK-8250546: Expect changed behaviour reported in JDK-8249846 + - JDK-8250627: Use -XX:+/-UseContainerSupport for enabling/disabling Java container metrics + - JDK-8250755: Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java + - JDK-8250875: Incorrect parameter type for update_number in JDK_Version::jdk_update + - JDK-8251117: Cannot check P11Key size in P11Cipher and P11AEADCipher + - JDK-8251120: [8u] HotSpot build assumes ENABLE_JFR is set to either true or false + - JDK-8251341: Minimal Java specification change + - JDK-8251478: Backport TLSv1.3 regression tests to JDK8u + - JDK-8251546: 8u backport of JDK-8194298 breaks AIX and Solaris builds + - JDK-8252084: Minimal VM fails to bootcycle: undefined symbol: AgeTableTracer::is_tenuring_distribution_event_enabled + - JDK-8252573: 8u: Windows build failed after 8222079 backport + - JDK-8252886: [TESTBUG] sun/security/ec/TestEC.java : Compilation failed + - JDK-8254673: Call to JvmtiExport::post_vm_start() was removed by the fix for JDK-8249158 + - JDK-8254937: Revert JDK-8148854 for 8u272 + +Notes on individual issues: +=========================== + +core-svc/java.lang.management: + +JDK-8236876: OperatingSystemMXBean Methods Inside a Container Return Container Specific Data +============================================================================================ +When executing in a container, or other virtualized operating +environment, the following `OperatingSystemMXBean` methods in this +release return container specific information, if +available. Otherwise, they return host specific data: + +* getFreePhysicalMemorySize() +* getTotalPhysicalMemorySize() +* getFreeSwapSpaceSize() +* getTotalSwapSpaceSize() +* getSystemCpuLoad() + +security-libs/java.security: + +JDK-8250756: Added Entrust Root Certification Authority - G4 certificate +======================================================================== +The Entrust root certificate has been added to the cacerts truststore: + +Alias Name: entrustrootcag4 +Distinguished Name: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US + +JDK-8250860: Added 3 SSL Corporation Root CA Certificates +========================================================= +The following root certificates have been added to the cacerts truststore for the SSL Corporation: + +Alias Name: sslrootrsaca +Distinguished Name: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US + +Alias Name: sslrootevrsaca +Distinguished Name: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US + +Alias Name: sslrooteccca +Distinguished Name: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US + +security-libs/javax.crypto:pkcs11: + +JDK-8221441: SunPKCS11 Provider Upgraded with Support for PKCS#11 v2.40 +======================================================================= +The SunPKCS11 provider has been updated with support for PKCS#11 +v2.40. This version adds support for more algorithms such as the +AES/GCM/NoPadding cipher, DSA signatures using SHA-2 family of message +digests, and RSASSA-PSS signatures when the corresponding PKCS11 +mechanisms are supported by the underlying PKCS11 library. + +security-libs/javax.security: + +JDK-8242059: Support for canonicalize in krb5.conf +================================================== +The 'canonicalize' flag in the [krb5.conf file][0] is now supported by +the JDK Kerberos implementation. When set to *true*, RFC 6806 [1] name +canonicalization is requested by clients in TGT requests to KDC +services (AS protocol). Otherwise, and by default, it is not +requested. + +The new default behavior is different from previous releases where +name canonicalization was always requested by clients in TGT requests +to KDC services (provided that support for RFC 6806[1] was not +explicitly disabled with the *sun.security.krb5.disableReferrals* +system or security properties). + +[0]: https://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html +[1]: https://tools.ietf.org/html/rfc6806 + +security-libs/javax.xml.crypto: + +JDK-8202891: Updated xmldsig Implementation to Apache Santuario 2.1.1 +===================================================================== +The XMLDSig provider implementation in the `java.xml.crypto` module has been updated to version 2.1.1 of Apache Santuario. + +New features include: + +1. Support for the SHA-224 and SHA-3 DigestMethod algorithms specified +in RFC 6931. +2. Support for the HMAC-SHA224, RSA-SHA224, ECDSA-SHA224, and +RSASSA-PSS family of SignatureMethod algorithms specified in RFC 6931. + +JDK-8238185: New OpenJDK-specific JDK 8 Updates System Property to fallback to legacy Base64 Encoding format +============================================================================================================ +The upgrade to the Apache Santuario libraries (see above) introduced +an issue where XML signature using Base64 encoding resulted in +appending ` ` or ` ` to the encoded output. This behavioural +change was made in the Apache Santuario codebase to comply with RFC +2045. The Santuario team has adopted a position of keeping their +libraries compliant with RFC 2045. + +Earlier versions of OpenJDK 8 using the legacy encoder returns encoded +data in a format without ` ` or ` `. + +Therefore a new system property, specific to the 8 update stream, +`com.sun.org.apache.xml.internal.security.lineFeedOnly` is made +available to fall back to the legacy Base64 encoded format. + +Users can set this flag in one of two ways: + +1. -Dcom.sun.org.apache.xml.internal.security.lineFeedOnly=true + +2. System.setProperty("com.sun.org.apache.xml.internal.security.lineFeedOnly", "true") + +This new system property is disabled by default. It has no effect on +default behaviour nor when +`com.sun.org.apache.xml.internal.security.ignoreLineBreaks` property +is set. + +Later JDK family versions will only support the recommended property: + +`com.sun.org.apache.xml.internal.security.ignoreLineBreaks` + +JDK-8254177: US/Pacific-New Zone name removed as part of tzdata2020b +==================================================================== +Following JDK's update to tzdata2020b, the long-obsolete files +pacificnew and systemv have been removed. As a result, the +"US/Pacific-New" zone name declared in the pacificnew data file is no +longer available for use. + +Information regarding the update can be viewed at +https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html + +New in release OpenJDK 8u265 (2020-07-27): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/openjdk8u265 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u265.txt + +* Bug fixes + - JDK-8249677: Regression in 8u after JDK-8237117: Better ForkJoinPool behavior + - JDK-8250546: Expect changed behaviour reported in JDK-8249846 + +New in release OpenJDK 8u262 (2020-07-14): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/oj8u262 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u262.txt + +* New features + - JDK-8223147: JFR Backport +* Security fixes + - JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) + - JDK-8028591, CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() + - JDK-8230613: Better ASCII conversions + - JDK-8231800: Better listing of arrays + - JDK-8232014: Expand DTD support + - JDK-8233255: Better Swing Buttons + - JDK-8234032: Improve basic calendar services + - JDK-8234042: Better factory production of certificates + - JDK-8234418: Better parsing with CertificateFactory + - JDK-8234836: Improve serialization handling + - JDK-8236191: Enhance OID processing + - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior + - JDK-8237592, CVE-2020-14577: Enhance certificate verification + - JDK-8238002, CVE-2020-14581: Better matrix operations + - JDK-8238804: Enhance key handling process + - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable + - JDK-8238843: Enhanced font handing + - JDK-8238920, CVE-2020-14583: Better Buffer support + - JDK-8238925: Enhance WAV file playback + - JDK-8240119, CVE-2020-14593: Less Affine Transformations + - JDK-8240482: Improved WAV file playback + - JDK-8241379: Update JCEKS support + - JDK-8241522: Manifest improved jar headers redux + - JDK-8242136, CVE-2020-14621: Better XML namespace handling +* Other changes + - JDK-4949105: Access Bridge lacks html tags parsing + - JDK-7147060: com/sun/org/apache/xml/internal/security/transforms/ClassLoaderTest.java doesn't run in agentvm mode + - JDK-8003209: JFR events for network utilization + - JDK-8030680: 292 cleanup from default method code assessment + - JDK-8035633: TEST_BUG: java/net/NetworkInterface/Equals.java and some tests failed on windows intermittently + - JDK-8037866: Replace the Fun class in tests with lambdas + - JDK-8041626: Shutdown tracing event + - JDK-8041915: Move 8 awt tests to OpenJDK regression tests tree + - JDK-8067796: (process) Process.waitFor(timeout, unit) doesn't throw NPE if timeout is less than, or equal to zero when unit == null + - JDK-8076475: Misuses of strncpy/strncat + - JDK-8130737: AffineTransformOp can't handle child raster with non-zero x-offset + - JDK-8141056: Erroneous assignment in HeapRegionSet.cpp + - JDK-8146612: C2: Precedence edges specification violated + - JDK-8148886: SEGV in sun.java2d.marlin.Renderer._endRendering + - JDK-8149338: JVM Crash caused by Marlin renderer not handling NaN coordinates + - JDK-8150986: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java failing because expects HPROF JAVA PROFILE 1.0.1 file format + - JDK-8151582: (ch) test java/nio/channels/AsyncCloseAndInterrupt.java failing due to "Connection succeeded" + - JDK-8165675: Trace event for thread park has incorrect unit for timeout + - JDK-8171934: ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() does not recognize OpenJDK's HotSpot VM + - JDK-8172559: [PIT][TEST_BUG] Move @test to be 1st annotation in java/awt/image/Raster/TestChildRasterOp.java + - JDK-8176182: 4 security tests are not run + - JDK-8178374: Problematic ByteBuffer handling in CipherSpi.bufferCrypt method + - JDK-8178910: Problemlist sample tests + - JDK-8181841: A TSA server returns timestamp with precision higher than milliseconds + - JDK-8183925: Decouple crash protection from watcher thread + - JDK-8191393: Random crashes during cfree+0x1c + - JDK-8195817: JFR.stop should require name of recording + - JDK-8195818: JFR.start should increase autogenerated name by one + - JDK-8195819: Remove recording=x from jcmd JFR.check output + - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE + - JDK-8199712: Flight Recorder + - JDK-8202578: Revisit location for class unload events + - JDK-8202835: jfr/event/os/TestSystemProcess.java fails on missing events + - JDK-8203287: Zero fails to build after JDK-8199712 (Flight Recorder) + - JDK-8203346: JFR: Inconsistent signature of jfr_add_string_constant + - JDK-8203664: JFR start failure after AppCDS archive created with JFR StartFlightRecording + - JDK-8203921: JFR thread sampling is missing fixes from JDK-8194552 + - JDK-8203929: Limit amount of data for JFR.dump + - JDK-8205516: JFR tool + - JDK-8207392: [PPC64] Implement JFR profiling + - JDK-8207829: FlightRecorderMXBeanImpl is leaking the first classloader which calls it + - JDK-8209960: -Xlog:jfr* doesn't work with the JFR + - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread() + - JDK-8210776: Upgrade X Window System 6.8.2 to the latest XWD 1.0.7 + - JDK-8211239: Build fails without JFR: empty JFR events signatures mismatch + - JDK-8212232: Wrong metadata for the configuration of the cutoff for old object sample events + - JDK-8213015: Inconsistent settings between JFR.configure and -XX:FlightRecorderOptions + - JDK-8213421: Line number information for execution samples always 0 + - JDK-8213617: JFR should record the PID of the recorded process + - JDK-8213734: SAXParser.parse(File, ..) does not close resources when Exception occurs. + - JDK-8213914: [TESTBUG] Several JFR VM events are not covered by tests + - JDK-8213917: [TESTBUG] Shutdown JFR event is not covered by test + - JDK-8213966: The ZGC JFR events should be marked as experimental + - JDK-8214542: JFR: Old Object Sample event slow on a deep heap in debug builds + - JDK-8214750: Unnecessary

tags in jfr classes + - JDK-8214896: JFR Tool left files behind + - JDK-8214906: [TESTBUG] jfr/event/sampling/TestNative.java fails with UnsatisfiedLinkError + - JDK-8214925: JFR tool fails to execute + - JDK-8215175: Inconsistencies in JFR event metadata + - JDK-8215237: jdk.jfr.Recording javadoc does not compile + - JDK-8215284: Reduce noise induced by periodic task getFileSize() + - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1) + - JDK-8215362: JFR GTest JfrTestNetworkUtilization fails + - JDK-8215771: The jfr tool should pretty print reference chains + - JDK-8216064: -XX:StartFlightRecording:settings= doesn't work properly + - JDK-8216486: Possibility of integer overflow in JfrThreadSampler::run() + - JDK-8216528: test/jdk/java/rmi/transport/runtimeThreadInheritanceLeak/RuntimeThreadInheritanceLeak.java failing with Xcomp + - JDK-8216559: [JFR] Native libraries not correctly parsed from /proc/self/maps + - JDK-8216578: Remove unused/obsolete method in JFR code + - JDK-8216995: Clean up JFR command line processing + - JDK-8217744: [TESTBUG] JFR TestShutdownEvent fails on some systems due to process surviving SIGINT + - JDK-8217748: [TESTBUG] Exclude TestSig test case from JFR TestShutdownEvent + - JDK-8218935: Make jfr strncpy uses GCC 8.x friendly + - JDK-8220293: Deadlock in JFR string pool + - JDK-8223689: Add JFR Thread Sampling Support + - JDK-8223690: Add JFR BiasedLock Event Support + - JDK-8223691: Add JFR G1 Region Type Change Event Support + - JDK-8223692: Add JFR G1 Heap Summary Event Support + - JDK-8224172: assert(jfr_is_event_enabled(id)) failed: invariant + - JDK-8224475: JTextPane does not show images in HTML rendering + - JDK-8225068: Remove DocuSign root certificate that is expiring in May 2020 + - JDK-8225069: Remove Comodo root certificate that is expiring in May 2020 + - JDK-8226253: JAWS reports wrong number of radio buttons when buttons are hidden. + - JDK-8226779: [TESTBUG] Test JFR API from Java agent + - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys + - JDK-8227011: Starting a JFR recording in response to JVMTI VMInit and / or Java agent premain corrupts memory + - JDK-8227269: Slow class loading when running with JDWP + - JDK-8227605: Kitchensink fails "assert((((klass)->trace_id() & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) failed: invariant" + - JDK-8229366: JFR backport allows unchecked writing to memory + - JDK-8229401: Fix JFR code cache test failures + - JDK-8229708: JFR backport code does not initialize + - JDK-8229873: 8229401 broke jdk8u-jfr-incubator + - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions + - JDK-8229899: Make java.io.File.isInvalid() less racy + - JDK-8230448: [test] JFRSecurityTestSuite.java is failing on Windows + - JDK-8230597: Update GIFlib library to the 5.2.1 + - JDK-8230707: JFR related tests are failing + - JDK-8230769: BufImg_SetupICM add ReleasePrimitiveArrayCritical call in early return + - JDK-8230782: Robot.createScreenCapture() fails if ?awt.robot.gtk? is set to false + - JDK-8230856: Java_java_net_NetworkInterface_getByName0 on unix misses ReleaseStringUTFChars in early return + - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout + - JDK-8230947: TestLookForUntestedEvents.java is failing after JDK-8230707 + - JDK-8231995: two jtreg tests failed after 8229366 is fixed + - JDK-8233197: Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing + - JDK-8233623: Add classpath exception to copyright in EventHandlerProxyCreator.java file + - JDK-8233880: Support compilers with multi-digit major version numbers + - JDK-8236002: CSR for JFR backport suggests not leaving out the package-info + - JDK-8236008: Some backup files were accidentally left in the hotspot tree + - JDK-8236074: Missed package-info + - JDK-8236174: Should update javadoc since tags + - JDK-8236996: Incorrect Roboto font rendering on Windows with subpixel antialiasing + - JDK-8238076: Fix OpenJDK 7 Bootstrap Broken by JFR Backport + - JDK-8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01 + - JDK-8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB + - JDK-8238589: Necessary code cleanup in JFR for JDK8u + - JDK-8238590: Enable JFR by default during compilation in 8u + - JDK-8239055: Wrong implementation of VMState.hasListener + - JDK-8239476: JDK-8238589 broke windows build by moving OrderedPair + - JDK-8239479: minimal1 and zero builds are failing + - JDK-8239852: java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed + - JDK-8239867: correct over use of INCLUDE_JFR macro + - JDK-8240375: Disable JFR by default for July 2020 release + - JDK-8240576: JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges + - JDK-8241444: Metaspace::_class_vsm not initialized if compressed class pointers are disabled + - JDK-8241638: launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set + - JDK-8241750: x86_32 build failure after JDK-8227269 + - JDK-8241902: AIX Build broken after integration of JDK-8223147 (JFR Backport) + - JDK-8242788: Non-PCH build is broken after JDK-8191393 + - JDK-8242883: Incomplete backport of JDK-8078268: backport test part + - JDK-8243059: Build fails when --with-vendor-name contains a comma + - JDK-8243474: [TESTBUG] removed three tests of 0 bytes + - JDK-8243539: Copyright info (Year) should be updated for fix of 8241638 + - JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a + - JDK-8244407: JVM crashes after transformation in C2 IdealLoopTree::split_fall_in + - JDK-8244461: [JDK 8u] Build fails with glibc 2.32 + - JDK-8244548: JDK 8u: sun.misc.Version.jdkUpdateVersion() returns wrong result + - JDK-8244777: ClassLoaderStats VM Op uses constant hash value + - JDK-8244843: JapanEraNameCompatTest fails + - JDK-8245167: Top package in method profiling shows null in JMC + - JDK-8246223: Windows build fails after JDK-8227269 + - JDK-8246703: [TESTBUG] Add test for JDK-8233197 + - JDK-8248399: Build installs jfr binary when JFR is disabled + - JDK-8248715: New JavaTimeSupplementary localisation for 'in' installed in wrong package + +Notes on individual issues: +=========================== + +hotspot/jfr: + +JDK-8240687: JDK Flight Recorder Integrated to OpenJDK 8u +========================================================= + +OpenJDK 8u now contains the backport of JEP 328: Flight Recorder +(https://openjdk.java.net/jeps/328) from later versions of OpenJDK. + +JFR is a low-overhead framework to collect and provide data helpful to +troubleshoot the performance of the OpenJDK runtime and of Java +applications. It consists of a new API to define custom events under +the jdk.jfr namespace and a JMX interface to interact with the +framework. The recording can also be initiated with the application +startup using the -XX:+FlightRecorder flag or via jcmd. JFR replaces +the +XX:EnableTracing feature introduced in JEP 167, providing a more +efficient way to retrieve the same information. For compatibility +reasons, +XX:EnableTracing is still accepted, however no data will be +printed. + +While JFR is not built by default upstream, it is included in Red Hat +binaries for supported architectures (x86_64, AArch64 & PowerPC 64) + +hotspot/runtime: + +JDK-8205622: JFR Start Failure After AppCDS Archive Created with JFR StartFlightRecording +========================================================================================= + +JFR will be disabled with a warning message if it is enabled during +CDS dumping. The user will see the following warning message: + +OpenJDK 64-Bit Server VM warning: JFR will be disabled during CDS dumping + +if JFR is enabled during CDS dumping such as in the following command +line: + +$ java -Xshare:dump -XX:StartFlightRecording=dumponexit=true + +security-libs/java.security: + +JDK-8244167: Removal of Comodo Root CA Certificate +================================================== + +The following expired Comodo root CA certificate was removed from the +`cacerts` keystore: + alias name "addtrustclass1ca [jdk]" + +Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE + +JDK-8244166: Removal of DocuSign Root CA Certificate +==================================================== + +The following expired DocuSign root CA certificate was removed from + the `cacerts` keystore: + alias name "keynectisrootca [jdk]" + +Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR + +security-libs/javax.crypto:pkcs11: + +JDK-8240191: Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database +============================================================================================================================ + +The SunPKCS11 security provider can now be initialized with NSS when +FIPS-enabled external modules are configured in the Security Modules +Database (NSSDB). Prior to this change, the SunPKCS11 provider would +throw a RuntimeException with the message: "FIPS flag set for +non-internal module" when such a library was configured for NSS in +non-FIPS mode. + +This change allows the JDK to work properly with recent NSS releases +on GNU/Linux operating systems when the system-wide FIPS policy is +turned on. + +Further information can be found in JDK-8238555. + +New in release OpenJDK 8u252 (2020-04-14): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/oj8u252 + * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u252.txt + +* Security fixes + - JDK-8223898, CVE-2020-2754: Forward references to Nashorn + - JDK-8223904, CVE-2020-2755: Improve Nashorn matching + - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs + - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues + - JDK-8225603: Enhancement for big integers + - JDK-8227542: Manifest improved jar headers + - JDK-8231415, CVE-2020-2773: Better signatures in XML + - JDK-8233250: Better X11 rendering + - JDK-8233410: Better Build Scripting + - JDK-8234027: Better JCEKS key support + - JDK-8234408, CVE-2020-2781: Improve TLS session handling + - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers + - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers + - JDK-8235274, CVE-2020-2805: Enhance typing of methods + - JDK-8236201, CVE-2020-2830: Better Scanner conversions + - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap +* Other changes + - JDK-8005819: Support cross-realm MSSFU + - JDK-8022263: use same Clang warnings on BSD as on Linux + - JDK-8038631: Create wrapper for awt.Robot with additional functionality + - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor is invalid + - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and some unit tests + - JDK-8068184: Fix for JDK-8032832 caused a deadlock + - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature + - JDK-8132130: some docs cleanup + - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit + - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods is not optimal + - JDK-8144446: Automate the Marlin crash test + - JDK-8144526: Remove Marlin logging use of deleted internal API + - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats + - JDK-8144654: Improve Marlin logging + - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with huge coordinates and round joins + - JDK-8166976: TestCipherPBECons has wrong @run line + - JDK-8167409: Invalid value passed to critical JNI function + - JDK-8181872: C1: possible overflow when strength reducing integer multiply by constant + - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT + - JDK-8191227: issues with unsafe handle resolution + - JDK-8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider + - JDK-8204152: SignedObject throws NullPointerException for null keys with an initialized Signature object + - JDK-8215756: Memory leaks in the AWT on macOS + - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win) + - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from mtInternal to mtThread + - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions + - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test + - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test + - JDK-8229022: BufferedReader performance can be improved by using StringBuilder + - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC + - JDK-8229872: (fs) Increase buffer size used with getmntent + - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception + - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type + - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64 + - JDK-8235904: Infinite loop when rendering huge lines + - JDK-8236179: C1 register allocation error with T_ADDRESS + - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read + - JDK-8240521: Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call + - JDK-8241296: Segfault in JNIHandleBlock::oops_do() + - JDK-8241307: Marlin renderer should not be the default in 8u252 + +Notes on individual issues: +=========================== + +hotspot/svc: + +JDK-8174881: Binary format for HPROF updated +============================================ + +When dumping the heap in binary format, HPROF format 1.0.2 is always +used now. Previously, format 1.0.1 was used for heaps smaller than +2GB. HPROF format 1.0.2 is also used by jhsdb jmap for the +serviceability agent. + +security-libs/java.security: + +JDK-8229518: Added Support for PKCS#1 v2.2 Algorithms Including RSASSA-PSS Signature +==================================================================================== + +The SunRsaSign and SunJCE providers have been enhanced with support +for more algorithms defined in PKCS#1 v2.2, such as RSASSA-PSS +signature and OAEP using FIPS 180-4 digest algorithms. New +constructors and methods have been added to relevant JCA/JCE classes +under the `java.security.spec` and `javax.crypto.spec` packages for +supporting additional RSASSA-PSS parameters. + +security-libs/javax.crypto: + +JDK-8205471: RSASSA-PSS Signature Support Added to SunMSCAPI +============================================================ + +The RSASSA-PSS signature algorithm support has been added to the SunMSCAPI provider. + +security-libs/javax.security: + +JDK-8227564: Allow SASL Mechanisms to Be Restricted +=================================================== + +A security property named `jdk.sasl.disabledMechanisms` has been added +that can be used to disable SASL mechanisms. Any disabled mechanism +will be ignored if it is specified in the `mechanisms` argument of +`Sasl.createSaslClient` or the `mechanism` argument of +`Sasl.createSaslServer`. The default value for this security property +is empty, which means that no mechanisms are disabled out-of-the-box. diff --git a/SOURCES/java-1.8.0-openjdk-portable.specfile b/SOURCES/java-1.8.0-openjdk-portable.specfile index 9197600..7c842a6 100644 --- a/SOURCES/java-1.8.0-openjdk-portable.specfile +++ b/SOURCES/java-1.8.0-openjdk-portable.specfile @@ -1,3 +1,4 @@ +%define _lto_cflags %{nil} # RPM conditionals so as to be able to dynamically produce # slowdebug/release builds. See: # http://rpm.org/user_doc/conditional_builds.html @@ -1163,8 +1164,8 @@ function packagejdk() { miscarchive=${packagesdir}/%{miscportablearchive} # Rename directories for packaging - mv %{jdkimage} ${jdkname} - mv %{jreimage} ${jrename} + cp -r %{jdkimage} ${jdkname} + cp -r %{jreimage} ${jrename} # Release images have external debug symbols if [ "x$suffix" = "x" ] ; then @@ -1209,8 +1210,8 @@ function packagejdk() { # Revert directory renaming so testing will run # TODO: testing should run on the packaged JDK - mv ${jdkname} %{jdkimage} - mv ${jrename} %{jreimage} + rm -rf ${jdkname} %{jdkimage} + rm -rf ${jrename} %{jreimage} popd #images } diff --git a/SOURCES/jdk8186464-rh1433262-zip64_failure.patch b/SOURCES/jdk8186464-rh1433262-zip64_failure.patch new file mode 100644 index 0000000..ed699a8 --- /dev/null +++ b/SOURCES/jdk8186464-rh1433262-zip64_failure.patch @@ -0,0 +1,283 @@ +# HG changeset patch +# User sherman +# Date 1505950914 25200 +# Wed Sep 20 16:41:54 2017 -0700 +# Node ID 723486922bfe4c17e3f5c067ce5e97229842fbcd +# Parent c8ac05bbe47771b3dafa2e7fc9a95d86d68d7c07 +8186464: ZipFile cannot read some InfoZip ZIP64 zip files +Reviewed-by: martin + +diff --git openjdk.orig/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java openjdk/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java +--- openjdk.orig/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java ++++ openjdk/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java +@@ -93,6 +93,7 @@ + private final boolean createNew; // create a new zip if not exists + private static final boolean isWindows = + System.getProperty("os.name").startsWith("Windows"); ++ private final boolean forceEnd64; + + ZipFileSystem(ZipFileSystemProvider provider, + Path zfpath, +@@ -109,12 +110,13 @@ + if (this.defaultDir.charAt(0) != '/') + throw new IllegalArgumentException("default dir should be absolute"); + ++ this.forceEnd64 = "true".equals(env.get("forceZIP64End")); + this.provider = provider; + this.zfpath = zfpath; + if (Files.notExists(zfpath)) { + if (createNew) { + try (OutputStream os = Files.newOutputStream(zfpath, CREATE_NEW, WRITE)) { +- new END().write(os, 0); ++ new END().write(os, 0, forceEnd64); + } + } else { + throw new FileSystemNotFoundException(zfpath.toString()); +@@ -1011,28 +1013,36 @@ + end.cenoff = ENDOFF(buf); + end.comlen = ENDCOM(buf); + end.endpos = pos + i; +- if (end.cenlen == ZIP64_MINVAL || +- end.cenoff == ZIP64_MINVAL || +- end.centot == ZIP64_MINVAL32) +- { +- // need to find the zip64 end; +- byte[] loc64 = new byte[ZIP64_LOCHDR]; +- if (readFullyAt(loc64, 0, loc64.length, end.endpos - ZIP64_LOCHDR) +- != loc64.length) { +- return end; +- } +- long end64pos = ZIP64_LOCOFF(loc64); +- byte[] end64buf = new byte[ZIP64_ENDHDR]; +- if (readFullyAt(end64buf, 0, end64buf.length, end64pos) +- != end64buf.length) { +- return end; +- } +- // end64 found, re-calcualte everything. +- end.cenlen = ZIP64_ENDSIZ(end64buf); +- end.cenoff = ZIP64_ENDOFF(end64buf); +- end.centot = (int)ZIP64_ENDTOT(end64buf); // assume total < 2g +- end.endpos = end64pos; ++ // try if there is zip64 end; ++ byte[] loc64 = new byte[ZIP64_LOCHDR]; ++ if (end.endpos < ZIP64_LOCHDR || ++ readFullyAt(loc64, 0, loc64.length, end.endpos - ZIP64_LOCHDR) ++ != loc64.length || ++ !locator64SigAt(loc64, 0)) { ++ return end; ++ } ++ long end64pos = ZIP64_LOCOFF(loc64); ++ byte[] end64buf = new byte[ZIP64_ENDHDR]; ++ if (readFullyAt(end64buf, 0, end64buf.length, end64pos) ++ != end64buf.length || ++ !end64SigAt(end64buf, 0)) { ++ return end; + } ++ // end64 found, ++ long cenlen64 = ZIP64_ENDSIZ(end64buf); ++ long cenoff64 = ZIP64_ENDOFF(end64buf); ++ long centot64 = ZIP64_ENDTOT(end64buf); ++ // double-check ++ if (cenlen64 != end.cenlen && end.cenlen != ZIP64_MINVAL || ++ cenoff64 != end.cenoff && end.cenoff != ZIP64_MINVAL || ++ centot64 != end.centot && end.centot != ZIP64_MINVAL32) { ++ return end; ++ } ++ // to use the end64 values ++ end.cenlen = cenlen64; ++ end.cenoff = cenoff64; ++ end.centot = (int)centot64; // assume total < 2g ++ end.endpos = end64pos; + return end; + } + } +@@ -1198,7 +1208,7 @@ + + // sync the zip file system, if there is any udpate + private void sync() throws IOException { +- //System.out.printf("->sync(%s) starting....!%n", toString()); ++ // System.out.printf("->sync(%s) starting....!%n", toString()); + // check ex-closer + if (!exChClosers.isEmpty()) { + for (ExChannelCloser ecc : exChClosers) { +@@ -1289,7 +1299,7 @@ + } + end.centot = elist.size(); + end.cenlen = written - end.cenoff; +- end.write(os, written); ++ end.write(os, written, forceEnd64); + } + if (!streams.isEmpty()) { + // +@@ -1727,8 +1737,8 @@ + long endpos; + int disktot; + +- void write(OutputStream os, long offset) throws IOException { +- boolean hasZip64 = false; ++ void write(OutputStream os, long offset, boolean forceEnd64) throws IOException { ++ boolean hasZip64 = forceEnd64; // false; + long xlen = cenlen; + long xoff = cenoff; + if (xlen >= ZIP64_MINVAL) { +@@ -1753,8 +1763,8 @@ + writeShort(os, 45); // version needed to extract + writeInt(os, 0); // number of this disk + writeInt(os, 0); // central directory start disk +- writeLong(os, centot); // number of directory entires on disk +- writeLong(os, centot); // number of directory entires ++ writeLong(os, centot); // number of directory entries on disk ++ writeLong(os, centot); // number of directory entries + writeLong(os, cenlen); // length of central directory + writeLong(os, cenoff); // offset of central directory + +diff --git a/src/share/native/javopenjdk.orig/jdk/util/zip/zip_util.c openjdk/jdk/src/share/native/java/util/zip/zip_util.c +--- openjdk.orig/jdk/src/share/native/java/util/zip/zip_util.c ++++ openjdk/jdk/src/share/native/java/util/zip/zip_util.c +@@ -383,6 +383,9 @@ + { + char loc64[ZIP64_LOCHDR]; + jlong end64pos; ++ if (endpos < ZIP64_LOCHDR) { ++ return -1; ++ } + if (readFullyAt(zip->zfd, loc64, ZIP64_LOCHDR, endpos - ZIP64_LOCHDR) == -1) { + return -1; // end64 locator not found + } +@@ -545,6 +548,7 @@ + { + /* Following are unsigned 32-bit */ + jlong endpos, end64pos, cenpos, cenlen, cenoff; ++ jlong cenlen64, cenoff64, centot64; + /* Following are unsigned 16-bit */ + jint total, tablelen, i, j; + unsigned char *cenbuf = NULL; +@@ -572,13 +576,20 @@ + cenlen = ENDSIZ(endbuf); + cenoff = ENDOFF(endbuf); + total = ENDTOT(endbuf); +- if (cenlen == ZIP64_MAGICVAL || cenoff == ZIP64_MAGICVAL || +- total == ZIP64_MAGICCOUNT) { +- unsigned char end64buf[ZIP64_ENDHDR]; +- if ((end64pos = findEND64(zip, end64buf, endpos)) != -1) { +- cenlen = ZIP64_ENDSIZ(end64buf); +- cenoff = ZIP64_ENDOFF(end64buf); +- total = (jint)ZIP64_ENDTOT(end64buf); ++ unsigned char end64buf[ZIP64_ENDHDR]; ++ if ((end64pos = findEND64(zip, end64buf, endpos)) != -1) { ++ // end64 candidate found, ++ cenlen64 = ZIP64_ENDSIZ(end64buf); ++ cenoff64 = ZIP64_ENDOFF(end64buf); ++ centot64 = ZIP64_ENDTOT(end64buf); ++ // double-check ++ if ((cenlen64 == cenlen || cenlen == ZIP64_MAGICVAL) && ++ (cenoff64 == cenoff || cenoff == ZIP64_MAGICVAL) && ++ (centot64 == total || total == ZIP64_MAGICCOUNT)) { ++ // to use the end64 values ++ cenlen = cenlen64; ++ cenoff = cenoff64; ++ total = (jint)centot64; + endpos = end64pos; + endhdrlen = ZIP64_ENDHDR; + } +diff --git a/test/javopenjdk.orig/jdk/util/zip/ZipFile/ReadZip.java openjdk/jdk/test/java/util/zip/ZipFile/ReadZip.java +--- openjdk.orig/jdk/test/java/util/zip/ZipFile/ReadZip.java ++++ openjdk/jdk/test/java/util/zip/ZipFile/ReadZip.java +@@ -22,7 +22,7 @@ + */ + + /* @test +- * @bug 4241361 4842702 4985614 6646605 5032358 6923692 6233323 8144977 8184993 ++ * @bug 4241361 4842702 4985614 6646605 5032358 6923692 6233323 8144977 8184993 8186464 + * @summary Make sure we can read a zip file. + @key randomness + * @run main/othervm ReadZip +@@ -30,12 +30,24 @@ + */ + + import java.io.*; ++import java.net.URI; + import java.nio.file.Files; ++import java.nio.file.FileSystem; ++import java.nio.file.FileSystems; ++import java.nio.file.Path; + import java.nio.file.Paths; + import java.nio.file.StandardCopyOption; + import java.nio.file.StandardOpenOption; ++import java.util.Collections; ++import java.util.HashMap; ++import java.util.List; ++import java.util.Map; + import java.util.zip.*; + ++import sun.misc.IOUtils; ++ ++import static java.nio.charset.StandardCharsets.US_ASCII; ++ + public class ReadZip { + private static void unreached (Object o) + throws Exception +@@ -143,8 +155,6 @@ + newZip.delete(); + } + +- +- + // Throw a FNF exception when read a non-existing zip file + try { unreached (new ZipFile( + new File(System.getProperty("test.src", "."), +@@ -152,5 +162,54 @@ + + String.valueOf(new java.util.Random().nextInt()) + + ".zip"))); + } catch (FileNotFoundException fnfe) {} ++ ++ // read a zip file with ZIP64 end ++ Path path = Paths.get(System.getProperty("test.dir", ""), "end64.zip"); ++ try { ++ URI uri = URI.create("jar:" + path.toUri()); ++ Map env = new HashMap<>(); ++ env.put("create", "true"); ++ env.put("forceZIP64End", "true"); ++ try (FileSystem fs = FileSystems.newFileSystem(uri, env)) { ++ Files.write(fs.getPath("hello"), "hello".getBytes()); ++ } ++ try (ZipFile zf = new ZipFile(path.toFile())) { ++ if (!"hello".equals(new String(IOUtils.readAllBytes(zf.getInputStream(new ZipEntry("hello"))), ++ US_ASCII))) ++ throw new RuntimeException("zipfile: read entry failed"); ++ } catch (IOException x) { ++ throw new RuntimeException("zipfile: zip64 end failed"); ++ } ++ try (FileSystem fs = FileSystems.newFileSystem(uri, Collections.emptyMap())) { ++ if (!"hello".equals(new String(Files.readAllBytes(fs.getPath("hello"))))) ++ throw new RuntimeException("zipfs: read entry failed"); ++ } catch (IOException x) { ++ throw new RuntimeException("zipfile: zip64 end failed"); ++ } ++ } finally { ++ Files.deleteIfExists(path); ++ } ++ ++ // read a zip file created via "echo hello | zip dst.zip -", which uses ++ // ZIP64 end record ++ if (Files.notExists(Paths.get("/usr/bin/zip"))) ++ return; ++ try { ++ Process zip = new ProcessBuilder("zip", path.toString().toString(), "-").start(); ++ OutputStream os = zip.getOutputStream(); ++ os.write("hello".getBytes(US_ASCII)); ++ os.close(); ++ zip.waitFor(); ++ if (zip.exitValue() == 0 && Files.exists(path)) { ++ try (ZipFile zf = new ZipFile(path.toFile())) { ++ if (!"hello".equals(new String(IOUtils.readAllBytes(zf.getInputStream(new ZipEntry("-")))))) ++ throw new RuntimeException("zipfile: read entry failed"); ++ } catch (IOException x) { ++ throw new RuntimeException("zipfile: zip64 end failed"); ++ } ++ } ++ } finally { ++ Files.deleteIfExists(path); ++ } + } + } \ No newline at end of file diff --git a/SOURCES/rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch b/SOURCES/rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch new file mode 100644 index 0000000..5e2b254 --- /dev/null +++ b/SOURCES/rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch @@ -0,0 +1,13 @@ +--- openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java 2013-03-01 10:48:12.038189968 +0100 ++++ openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java 2013-03-01 10:48:11.913188505 +0100 +@@ -48,8 +48,8 @@ + + private final static String PROP_NAME = "sun.security.smartcardio.library"; + +- private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so"; +- private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so"; ++ private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so.1"; ++ private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so.1"; + private final static String PCSC_FRAMEWORK = "/System/Library/Frameworks/PCSC.framework/Versions/Current/PCSC"; + + PlatformPCSC() { diff --git a/SPECS/java-1.8.0-openjdk.spec b/SPECS/java-1.8.0-openjdk.spec deleted file mode 100644 index 01d03d6..0000000 --- a/SPECS/java-1.8.0-openjdk.spec +++ /dev/null @@ -1,5147 +0,0 @@ -# RPM conditionals so as to be able to dynamically produce -# slowdebug/release builds. See: -# http://rpm.org/user_doc/conditional_builds.html -# -# Examples: -# -# Produce release, fastdebug *and* slowdebug builds on x86_64 (default): -# $ rpmbuild -ba java-1.8.0-openjdk.spec -# -# Produce only release builds (no debug builds) on x86_64: -# $ rpmbuild -ba java-1.8.0-openjdk.spec --without slowdebug --without fastdebug -# -# Only produce a release build on x86_64: -# $ rhpkg mockbuild --without slowdebug --without fastdebug -# -# Enable fastdebug builds by default on relevant arches. -%bcond_without fastdebug -# Enable slowdebug builds by default on relevant arches. -%bcond_without slowdebug -# Enable release builds by default on relevant arches. -%bcond_without release -# Remove build artifacts by default -%bcond_with artifacts -# Build a fresh libjvm.so for use in a copy of the bootstrap JDK -%bcond_without fresh_libjvm -# Build with system libraries -%bcond_with system_libs - -# Define whether to use the bootstrap JDK directly or with a fresh libjvm.so -%if %{with fresh_libjvm} -%global build_hotspot_first 1 -%else -%global build_hotspot_first 0 -%endif - -%if %{with system_libs} -%global system_libs 1 -%global link_type system -%global jpeg_lib |libjavajpeg[.]so.* -%else -%global system_libs 0 -%global link_type bundled -%global jpeg_lib |libjpeg[.]so.* -%endif - -# The -g flag says to use strip -g instead of full strip on DSOs or EXEs. -# This fixes detailed NMT and other tools which need minimal debug info. -# See: https://bugzilla.redhat.com/show_bug.cgi?id=1520879 -%global _find_debuginfo_opts -g - -# note: parametrized macros are order-sensitive (unlike not-parametrized) even with normal macros -# also necessary when passing it as parameter to other macros. If not macro, then it is considered a switch -# see the difference between global and define: -# See https://github.com/rpm-software-management/rpm/issues/127 to comments at "pmatilai commented on Aug 18, 2017" -# (initiated in https://bugzilla.redhat.com/show_bug.cgi?id=1482192) -%global debug_suffix_unquoted -slowdebug -%global fastdebug_suffix_unquoted -fastdebug -# quoted one for shell operations -%global debug_suffix "%{debug_suffix_unquoted}" -%global fastdebug_suffix "%{fastdebug_suffix_unquoted}" -%global normal_suffix "" - -%global debug_warning This package is unoptimised with full debugging. Install only as needed and remove ASAP. -%global fastdebug_warning This package is optimised with full debugging. Install only as needed and remove ASAP. -%global debug_on unoptimised with full debugging on -%global fastdebug_on optimised with full debugging on -%global for_fastdebug for packages with debugging on and optimisation -%global for_debug for packages with debugging on and no optimisation - -%if %{with release} -%global include_normal_build 1 -%else -%global include_normal_build 0 -%endif - -%if %{include_normal_build} -%global normal_build %{normal_suffix} -%else -%global normal_build %{nil} -%endif - -# We have hardcoded list of files, which is appearing in alternatives, and in files -# in alternatives those are slaves and master, very often triplicated by man pages -# in files all masters and slaves are ghosted -# the ghosts are here to allow installation via query like `dnf install /usr/bin/java` -# you can list those files, with appropriate sections: cat *.spec | grep -e --install -e --slave -e post_ -e alternatives -# TODO - fix those hardcoded lists via single list -# Those files must *NOT* be ghosted for *slowdebug* packages -# FIXME - if you are moving jshell or jlink or similar, always modify all three sections -# you can check via headless and devels: -# rpm -ql --noghost java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin -# == rpm -ql java-11-openjdk-headless-slowdebug-11.0.1.13-8.fc29.x86_64.rpm | grep bin -# != rpm -ql java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin -# similarly for other %%{_jvmdir}/{jre,java} and %%{_javadocdir}/{java,java-zip} - -%global aarch64 aarch64 arm64 armv8 -# we need to distinguish between big and little endian PPC64 -%global ppc64le ppc64le -%global ppc64be ppc64 ppc64p7 -# Set of architectures which support multiple ABIs -%global multilib_arches %{power64} sparc64 x86_64 -# Set of architectures for which we build slowdebug builds -%global debug_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} %{power64} -# Set of architectures for which we build fastdebug builds -%global fastdebug_arches x86_64 ppc64le aarch64 -# Set of architectures with a Just-In-Time (JIT) compiler -%global jit_arches %{aarch64} %{ix86} %{power64} sparcv9 sparc64 x86_64 -# Set of architectures which use the Zero assembler port (!jit_arches) -%global zero_arches %{arm} ppc s390 s390x -# Set of architectures which run a full bootstrap cycle -%global bootstrap_arches %{jit_arches} %{zero_arches} -# Set of architectures which support SystemTap tapsets -%global systemtap_arches %{jit_arches} -# Set of architectures which support the serviceability agent -%global sa_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} -# Set of architectures which support class data sharing -# See https://bugzilla.redhat.com/show_bug.cgi?id=513605 -# MetaspaceShared::generate_vtable_methods is not implemented for the PPC JIT -%global share_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} -# Set of architectures which support Java Flight Recorder (JFR) -%global jfr_arches %{jit_arches} -# Set of architectures for which alt-java has SSB mitigation -%global ssbd_arches x86_64 -# Set of architectures where we verify backtraces with gdb -%global gdb_arches %{jit_arches} %{zero_arches} -# Set of architectures for which we have a portable build -%global portable_build_arches %{aarch64} %{ix86} %{power64} s390x x86_64 - -# By default, we build a debug build during main build on JIT architectures -%if %{with slowdebug} -%ifarch %{debug_arches} -%global include_debug_build 1 -%else -%global include_debug_build 0 -%endif -%else -%global include_debug_build 0 -%endif - -# By default, we build a fastdebug build during main build only on fastdebug architectures -%if %{with fastdebug} -%ifarch %{fastdebug_arches} -%global include_fastdebug_build 1 -%else -%global include_fastdebug_build 0 -%endif -%else -%global include_fastdebug_build 0 -%endif - -%if %{include_debug_build} -%global slowdebug_build %{debug_suffix} -%else -%global slowdebug_build %{nil} -%endif - -%if %{include_fastdebug_build} -%global fastdebug_build %{fastdebug_suffix} -%else -%global fastdebug_build %{nil} -%endif - -# If you disable all builds, then the build fails -# Build and test slowdebug first as it provides the best diagnostics -%global build_loop %{slowdebug_build} %{fastdebug_build} %{normal_build} - -%if 0%{?flatpak} -%global bootstrap_build false -%else -%ifarch %{bootstrap_arches} -%global bootstrap_build true -%else -%global bootstrap_build false -%endif -%endif - -%global bootstrap_targets images -%global release_targets images docs-zip -# No docs nor bootcycle for debug builds -%global debug_targets images -# Target to use to just build HotSpot -%global hotspot_target hotspot - -# JDK to use for bootstrapping -# Use OpenJDK 7 where available (on RHEL) to avoid -# having to use the rhel-7.x-java-unsafe-candidate hack -%if ! 0%{?fedora} && 0%{?rhel} <= 7 -%global buildjdkver 1.7.0 -%else -%global buildjdkver 1.8.0 -%endif -%global bootjdk /usr/lib/jvm/java-%{buildjdkver}-openjdk - -# debugedit tool for rewriting ELF file paths -%global debugedit %{_rpmconfigdir}/debugedit - -# Filter out flags from the optflags macro that cause problems with the OpenJDK build -# We filter out -O flags so that the optimization of HotSpot is not lowered from O3 to O2 -# We filter out -Wall which will otherwise cause HotSpot to produce hundreds of thousands of warnings (100+mb logs) -# We replace it with -Wformat (required by -Werror=format-security) and -Wno-cpp to avoid FORTIFY_SOURCE warnings -# We filter out -fexceptions as the HotSpot build explicitly does -fno-exceptions and it's otherwise the default for C++ -%global ourflags %(echo %optflags | sed -e 's|-Wall|-Wformat -Wno-cpp|' | sed -r -e 's|-O[0-9]*||') -%global ourcppflags %(echo %ourflags | sed -e 's|-fexceptions||') -%global ourldflags %{__global_ldflags} - -# With disabled nss is NSS deactivated, so NSS_LIBDIR can contain the wrong path -# the initialization must be here. Later the pkg-config have buggy behavior -# looks like openjdk RPM specific bug -# Always set this so the nss.cfg file is not broken -%global NSS_LIBDIR %(pkg-config --variable=libdir nss) -%global NSS_LIBS %(pkg-config --libs nss) -%global NSS_CFLAGS %(pkg-config --cflags nss-softokn) -# see https://bugzilla.redhat.com/show_bug.cgi?id=1332456 -%global NSSSOFTOKN_BUILDTIME_NUMBER %(pkg-config --modversion nss-softokn || : ) -%global NSS_BUILDTIME_NUMBER %(pkg-config --modversion nss || : ) -# this is workaround for processing of requires during srpm creation -%global NSSSOFTOKN_BUILDTIME_VERSION %(if [ "x%{NSSSOFTOKN_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSSSOFTOKN_BUILDTIME_NUMBER}" ;fi) -%global NSS_BUILDTIME_VERSION %(if [ "x%{NSS_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSS_BUILDTIME_NUMBER}" ;fi) - -# In some cases, the arch used by the JDK does -# not match _arch. -# Also, in some cases, the machine name used by SystemTap -# does not match that given by _target_cpu -%ifarch x86_64 -%global archinstall amd64 -%global stapinstall x86_64 -%endif -%ifarch ppc -%global archinstall ppc -%global stapinstall powerpc -%endif -%ifarch %{ppc64be} -%global archinstall ppc64 -%global stapinstall powerpc -%endif -%ifarch %{ppc64le} -%global archinstall ppc64le -%global stapinstall powerpc -%endif -%ifarch %{ix86} -%global archinstall i386 -%global stapinstall i386 -%endif -%ifarch ia64 -%global archinstall ia64 -%global stapinstall ia64 -%endif -%ifarch s390 -%global archinstall s390 -%global stapinstall s390 -%endif -%ifarch s390x -%global archinstall s390x -%global stapinstall s390 -%endif -%ifarch %{arm} -%global archinstall arm -%global stapinstall arm -%endif -%ifarch %{aarch64} -%global archinstall aarch64 -%global stapinstall arm64 -%endif -# 32 bit sparc, optimized for v9 -%ifarch sparcv9 -%global archinstall sparc -%global stapinstall %{_target_cpu} -%endif -# 64 bit sparc -%ifarch sparc64 -%global archinstall sparcv9 -%global stapinstall %{_target_cpu} -%endif -# Need to support noarch for srpm build -%ifarch noarch -%global archinstall %{nil} -%global stapinstall %{nil} -%endif - -%ifarch %{systemtap_arches} -%global with_systemtap 1 -%else -%global with_systemtap 0 -%endif - -# New Version-String scheme-style defines -%global majorver 8 - -# Standard JPackage naming and versioning defines -%global origin openjdk -%global origin_nice OpenJDK -%global top_level_dir_name %{origin} - -# Settings for local security configuration -%global security_file %{top_level_dir_name}/jdk/src/share/lib/security/java.security-%{_target_os} -%global cacerts_file /etc/pki/java/cacerts - -# Define vendor information used by OpenJDK -%global oj_vendor Red Hat, Inc. -%global oj_vendor_url "https://www.redhat.com/" -# Define what url should JVM offer in case of a crash report -# order may be important, epel may have rhel declared -%if 0%{?epel} -%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20EPEL&component=%{name}&version=epel%{epel} -%else -%if 0%{?fedora} -# Does not work for rawhide, keeps the version field empty -%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=%{name}&version=%{fedora} -%else -%if 0%{?rhel} -%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%20%{rhel}&component=%{name} -%else -%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi -%endif -%endif -%endif - -# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there. -%global shenandoah_project openjdk -%global shenandoah_repo shenandoah-jdk8u -%global openjdk_revision jdk8u372-b07 -%global shenandoah_revision shenandoah-%{openjdk_revision} -# Define old aarch64/jdk8u tree variables for compatibility -%global project %{shenandoah_project} -%global repo %{shenandoah_repo} -%global revision %{shenandoah_revision} -# Define IcedTea version used for SystemTap tapsets and desktop files -%global icedteaver 3.15.0 -# Define current Git revision for the FIPS support patches -%global fipsver 6d1aade0648 -# Define current Git revision for the cacerts patch -%global cacertsver 8139f2361c2 - -# e.g. aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30 -> aarch64-shenandoah-jdk8u212-b04 -%global version_tag %(VERSION=%{revision}; echo ${VERSION%%-shenandoah-merge*}) -# eg # jdk8u60-b27 -> jdk8u60 or # aarch64-jdk8u60-b27 -> aarch64-jdk8u60 (dont forget spec escape % by %%) -%global whole_update %(VERSION=%{version_tag}; echo ${VERSION%%-*}) -# eg jdk8u60 -> 60 or aarch64-jdk8u60 -> 60 -%global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u}) -# eg jdk8u60-b27 -> b27 -%global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-}) -%global rpmrelease 4 -# Settings used by the portable build -%global portablerelease 2 -%global portablesuffix el8 -%global portablebuilddir /builddir/build/BUILD - -# Define milestone (EA for pre-releases, GA ("fcs") for releases) -# Release will be (where N is usually a number starting at 1): -# - 0.N%%{?extraver}%%{?dist} for EA releases, -# - N%%{?extraver}{?dist} for GA releases -%global is_ga 1 -%if %{is_ga} -%global milestone fcs -%global milestone_version %{nil} -%global extraver %{nil} -%global eaprefix %{nil} -%else -%global milestone ea -%global milestone_version "-ea" -%global extraver .%{milestone} -%global eaprefix 0. -%endif -# priority must be 7 digits in total. The expression is workarounding tip -%global priority %(TIP=1800%{updatever}; echo ${TIP/tip/999}) - -%global javaver 1.%{majorver}.0 - -# parametrized macros are order-sensitive -%global compatiblename %{name} -%global fullversion %{compatiblename}-%{version}-%{release} -# output dir stub -%define installoutputdir() %{expand:install/jdk8.install%{?1}} -# we can copy the javadoc to not arched dir, or make it not noarch -%define uniquejavadocdir() %{expand:%{fullversion}%{?1}} -# main id and dir of this jdk -%define uniquesuffix() %{expand:%{fullversion}.%{_arch}%{?1}} - -# Fix for https://bugzilla.redhat.com/show_bug.cgi?id=1111349. -# See also https://bugzilla.redhat.com/show_bug.cgi?id=1590796 -# as to why some libraries *cannot* be excluded. In particular, -# these are: -# libjsig.so, libjava.so, libjawt.so, libjvm.so and libverify.so -%global _privatelibs libatk-wrapper[.]so.*|libattach[.]so.*|libawt_headless[.]so.*|libawt[.]so.*|libawt_xawt[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libhprof[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas_unix[.]so.*|libjava_crw_demo[.]so.*%{jpeg_lib}|libjdwp[.]so.*|libjli[.]so.*|libjsdt[.]so.*|libjsoundalsa[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libnpt[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsplashscreen[.]so.*|libsunec[.]so.*|libsystemconf[.]so.*|libunpack[.]so.*|libzip[.]so.*|lib[.]so\\(SUNWprivate_.* -%global __provides_exclude ^(%{_privatelibs})$ -%global __requires_exclude ^(%{_privatelibs})$ - -%global etcjavasubdir %{_sysconfdir}/java/java-%{javaver}-%{origin} -%define etcjavadir() %{expand:%{etcjavasubdir}/%{uniquesuffix -- %{?1}}} -# Standard JPackage directories and symbolic links. -%define sdkdir() %{expand:%{uniquesuffix -- %{?1}}} -%define jrelnk() %{expand:jre-%{javaver}-%{origin}-%{version}-%{release}.%{_arch}%{?1}} - -%define jredir() %{expand:%{sdkdir -- %{?1}}/jre} -%define sdkbindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin} -%define jrebindir() %{expand:%{_jvmdir}/%{jredir -- %{?1}}/bin} -%global alt_java_name alt-java - -%global rpm_state_dir %{_localstatedir}/lib/rpm-state/ - -# For flatpack builds hard-code /usr/sbin/alternatives, -# otherwise use %%{_sbindir} relative path. -%if 0%{?flatpak} -%global alternatives_requires /usr/sbin/alternatives -%else -%global alternatives_requires %{_sbindir}/alternatives -%endif - -%global family %{name}.%{_arch} -%global family_noarch %{name} - -%if %{with_systemtap} -# Where to install systemtap tapset (links) -# We would like these to be in a package specific sub-dir, -# but currently systemtap doesn't support that, so we have to -# use the root tapset dir for now. To distinguish between 64 -# and 32 bit architectures we place the tapsets under the arch -# specific dir (note that systemtap will only pickup the tapset -# for the primary arch for now). Systemtap uses the machine name -# aka target_cpu as architecture specific directory name. -%global tapsetroot /usr/share/systemtap -%global tapsetdirttapset %{tapsetroot}/tapset/ -%global tapsetdir %{tapsetdirttapset}/%{stapinstall} -%endif - -# not-duplicated scriptlets for normal/debug packages -%global update_desktop_icons /usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : - -%define save_alternatives() %{expand: - # warning! alternatives are localised! - # LANG=cs_CZ.UTF-8 alternatives --display java | head - # LANG=en_US.UTF-8 alternatives --display java | head - function nonLocalisedAlternativesDisplayOfMaster() { - LANG=en_US.UTF-8 alternatives --display "$MASTER" - } - function headOfAbove() { - nonLocalisedAlternativesDisplayOfMaster | head -n $1 - } - MASTER="%{?1}" - LOCAL_LINK="%{?2}" - FAMILY="%{?3}" - rm -f %{_localstatedir}/lib/rpm-state/"$MASTER"_$FAMILY > /dev/null - if nonLocalisedAlternativesDisplayOfMaster > /dev/null ; then - if headOfAbove 1 | grep -q manual ; then - if headOfAbove 2 | tail -n 1 | grep -q %{compatiblename} ; then - headOfAbove 2 > %{_localstatedir}/lib/rpm-state/"$MASTER"_"$FAMILY" - fi - fi - fi -} - -%define save_and_remove_alternatives() %{expand: - if [ "x$debug" == "xtrue" ] ; then - set -x - fi - upgrade1_uninstal0=%{?3} - if [ "0$upgrade1_uninstal0" -gt 0 ] ; then # removal of this condition will cause persistence between uninstall - %{save_alternatives %{?1} %{?2} %{?4}} - fi - alternatives --remove "%{?1}" "%{?2}" -} - -%define set_if_needed_alternatives() %{expand: - MASTER="%{?1}" - FAMILY="%{?2}" - ALTERNATIVES_FILE="%{_localstatedir}/lib/rpm-state/$MASTER"_"$FAMILY" - if [ -e "$ALTERNATIVES_FILE" ] ; then - rm "$ALTERNATIVES_FILE" - alternatives --set $MASTER $FAMILY - fi -} - - -%define post_script() %{expand: -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : -exit 0 -} - -%define alternatives_java_install() %{expand: -if [ "x$debug" == "xtrue" ] ; then - set -x -fi -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -ext=.gz -key=java -alternatives \\ - --install %{_bindir}/java $key %{jrebindir -- %{?1}}/java $PRIORITY --family %{family} \\ - --slave %{_jvmdir}/jre jre %{_jvmdir}/%{jredir -- %{?1}} \\ - --slave %{_bindir}/%{alt_java_name} %{alt_java_name} %{jrebindir -- %{?1}}/%{alt_java_name} \\ - --slave %{_bindir}/jjs jjs %{jrebindir -- %{?1}}/jjs \\ - --slave %{_bindir}/keytool keytool %{jrebindir -- %{?1}}/keytool \\ - --slave %{_bindir}/orbd orbd %{jrebindir -- %{?1}}/orbd \\ - --slave %{_bindir}/pack200 pack200 %{jrebindir -- %{?1}}/pack200 \\ - --slave %{_bindir}/rmid rmid %{jrebindir -- %{?1}}/rmid \\ - --slave %{_bindir}/rmiregistry rmiregistry %{jrebindir -- %{?1}}/rmiregistry \\ - --slave %{_bindir}/servertool servertool %{jrebindir -- %{?1}}/servertool \\ - --slave %{_bindir}/tnameserv tnameserv %{jrebindir -- %{?1}}/tnameserv \\ - --slave %{_bindir}/policytool policytool %{jrebindir -- %{?1}}/policytool \\ - --slave %{_bindir}/unpack200 unpack200 %{jrebindir -- %{?1}}/unpack200 \\ - --slave %{_mandir}/man1/java.1$ext java.1$ext \\ - %{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/%{alt_java_name}.1$ext %{alt_java_name}.1$ext \\ - %{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jjs.1$ext jjs.1$ext \\ - %{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \\ - %{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/orbd.1$ext orbd.1$ext \\ - %{_mandir}/man1/orbd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/pack200.1$ext pack200.1$ext \\ - %{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmid.1$ext rmid.1$ext \\ - %{_mandir}/man1/rmid-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmiregistry.1$ext rmiregistry.1$ext \\ - %{_mandir}/man1/rmiregistry-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/servertool.1$ext servertool.1$ext \\ - %{_mandir}/man1/servertool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/tnameserv.1$ext tnameserv.1$ext \\ - %{_mandir}/man1/tnameserv-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/policytool.1$ext policytool.1$ext \\ - %{_mandir}/man1/policytool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/unpack200.1$ext unpack200.1$ext \\ - %{_mandir}/man1/unpack200-%{uniquesuffix -- %{?1}}.1$ext - -%{set_if_needed_alternatives $key %{family}} - -for X in %{origin} %{javaver} ; do - key=jre_"$X" - alternatives --install %{_jvmdir}/jre-"$X" $key %{_jvmdir}/%{jredir -- %{?1}} $PRIORITY --family %{family} - %{set_if_needed_alternatives $key %{family}} -done - -key=jre_%{javaver}_%{origin} -alternatives --install %{_jvmdir}/jre-%{javaver}-%{origin} $key %{_jvmdir}/%{jrelnk -- %{?1}} $PRIORITY --family %{family} -%{set_if_needed_alternatives $key %{family}} -} - -%define post_headless() %{expand: -%ifarch %{share_arches} -%{jrebindir -- %{?1}}/java -Xshare:dump >/dev/null 2>/dev/null -%endif - -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : - -# see pretrans where this file is declared -# also see that pretrans is only for non-debug -if [ ! "%{?1}" == %{debug_suffix} ]; then - if [ -f %{_libexecdir}/copy_jdk_configs_fixFiles.sh ] ; then - sh %{_libexecdir}/copy_jdk_configs_fixFiles.sh %{rpm_state_dir}/%{name}.%{_arch} %{_jvmdir}/%{sdkdir -- %{?1}} - fi -fi - -exit 0 -} - -%define postun_script() %{expand: -update-desktop-database %{_datadir}/applications &> /dev/null || : -if [ $1 -eq 0 ] ; then - /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null - %{update_desktop_icons} -fi -exit 0 -} - - -%define postun_headless() %{expand: - if [ "x$debug" == "xtrue" ] ; then - set -x - fi - post_state=$1 # from postun, https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax - %{save_and_remove_alternatives java %{jrebindir -- %{?1}}/java $post_state %{family}} - %{save_and_remove_alternatives jre_%{origin} %{_jvmdir}/%{jredir -- %{?1}} $post_state %{family}} - %{save_and_remove_alternatives jre_%{javaver} %{_jvmdir}/%{jredir -- %{?1}} $post_state %{family}} - %{save_and_remove_alternatives jre_%{javaver}_%{origin} %{_jvmdir}/%{jrelnk -- %{?1}} $post_state %{family}} -} - -%define posttrans_script() %{expand: -%{update_desktop_icons} -} - - -%define alternatives_javac_install() %{expand: -if [ "x$debug" == "xtrue" ] ; then - set -x -fi -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -ext=.gz -key=javac -alternatives \\ - --install %{_bindir}/javac $key %{sdkbindir -- %{?1}}/javac $PRIORITY --family %{family} \\ - --slave %{_jvmdir}/java java_sdk %{_jvmdir}/%{sdkdir -- %{?1}} \\ - --slave %{_bindir}/appletviewer appletviewer %{sdkbindir -- %{?1}}/appletviewer \\ - --slave %{_bindir}/clhsdb clhsdb %{sdkbindir -- %{?1}}/clhsdb \\ - --slave %{_bindir}/extcheck extcheck %{sdkbindir -- %{?1}}/extcheck \\ - --slave %{_bindir}/hsdb hsdb %{sdkbindir -- %{?1}}/hsdb \\ - --slave %{_bindir}/idlj idlj %{sdkbindir -- %{?1}}/idlj \\ - --slave %{_bindir}/jar jar %{sdkbindir -- %{?1}}/jar \\ - --slave %{_bindir}/jarsigner jarsigner %{sdkbindir -- %{?1}}/jarsigner \\ - --slave %{_bindir}/javadoc javadoc %{sdkbindir -- %{?1}}/javadoc \\ - --slave %{_bindir}/javah javah %{sdkbindir -- %{?1}}/javah \\ - --slave %{_bindir}/javap javap %{sdkbindir -- %{?1}}/javap \\ - --slave %{_bindir}/jcmd jcmd %{sdkbindir -- %{?1}}/jcmd \\ - --slave %{_bindir}/jconsole jconsole %{sdkbindir -- %{?1}}/jconsole \\ - --slave %{_bindir}/jdb jdb %{sdkbindir -- %{?1}}/jdb \\ - --slave %{_bindir}/jdeps jdeps %{sdkbindir -- %{?1}}/jdeps \\ -%ifarch %{jfr_arches} - --slave %{_bindir}/jfr jfr %{sdkbindir -- %{?1}}/jfr \\ -%endif - --slave %{_bindir}/jhat jhat %{sdkbindir -- %{?1}}/jhat \\ - --slave %{_bindir}/jinfo jinfo %{sdkbindir -- %{?1}}/jinfo \\ - --slave %{_bindir}/jmap jmap %{sdkbindir -- %{?1}}/jmap \\ - --slave %{_bindir}/jps jps %{sdkbindir -- %{?1}}/jps \\ - --slave %{_bindir}/jrunscript jrunscript %{sdkbindir -- %{?1}}/jrunscript \\ - --slave %{_bindir}/jsadebugd jsadebugd %{sdkbindir -- %{?1}}/jsadebugd \\ - --slave %{_bindir}/jstack jstack %{sdkbindir -- %{?1}}/jstack \\ - --slave %{_bindir}/jstat jstat %{sdkbindir -- %{?1}}/jstat \\ - --slave %{_bindir}/jstatd jstatd %{sdkbindir -- %{?1}}/jstatd \\ - --slave %{_bindir}/native2ascii native2ascii %{sdkbindir -- %{?1}}/native2ascii \\ - --slave %{_bindir}/rmic rmic %{sdkbindir -- %{?1}}/rmic \\ - --slave %{_bindir}/schemagen schemagen %{sdkbindir -- %{?1}}/schemagen \\ - --slave %{_bindir}/serialver serialver %{sdkbindir -- %{?1}}/serialver \\ - --slave %{_bindir}/wsgen wsgen %{sdkbindir -- %{?1}}/wsgen \\ - --slave %{_bindir}/wsimport wsimport %{sdkbindir -- %{?1}}/wsimport \\ - --slave %{_bindir}/xjc xjc %{sdkbindir -- %{?1}}/xjc \\ - --slave %{_mandir}/man1/appletviewer.1$ext appletviewer.1$ext \\ - %{_mandir}/man1/appletviewer-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/extcheck.1$ext extcheck.1$ext \\ - %{_mandir}/man1/extcheck-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/idlj.1$ext idlj.1$ext \\ - %{_mandir}/man1/idlj-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jar.1$ext jar.1$ext \\ - %{_mandir}/man1/jar-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jarsigner.1$ext jarsigner.1$ext \\ - %{_mandir}/man1/jarsigner-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javac.1$ext javac.1$ext \\ - %{_mandir}/man1/javac-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javadoc.1$ext javadoc.1$ext \\ - %{_mandir}/man1/javadoc-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javah.1$ext javah.1$ext \\ - %{_mandir}/man1/javah-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javap.1$ext javap.1$ext \\ - %{_mandir}/man1/javap-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jcmd.1$ext jcmd.1$ext \\ - %{_mandir}/man1/jcmd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jconsole.1$ext jconsole.1$ext \\ - %{_mandir}/man1/jconsole-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jdb.1$ext jdb.1$ext \\ - %{_mandir}/man1/jdb-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jdeps.1$ext jdeps.1$ext \\ - %{_mandir}/man1/jdeps-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jhat.1$ext jhat.1$ext \\ - %{_mandir}/man1/jhat-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jinfo.1$ext jinfo.1$ext \\ - %{_mandir}/man1/jinfo-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jmap.1$ext jmap.1$ext \\ - %{_mandir}/man1/jmap-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jps.1$ext jps.1$ext \\ - %{_mandir}/man1/jps-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jrunscript.1$ext jrunscript.1$ext \\ - %{_mandir}/man1/jrunscript-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jsadebugd.1$ext jsadebugd.1$ext \\ - %{_mandir}/man1/jsadebugd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstack.1$ext jstack.1$ext \\ - %{_mandir}/man1/jstack-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstat.1$ext jstat.1$ext \\ - %{_mandir}/man1/jstat-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstatd.1$ext jstatd.1$ext \\ - %{_mandir}/man1/jstatd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/native2ascii.1$ext native2ascii.1$ext \\ - %{_mandir}/man1/native2ascii-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmic.1$ext rmic.1$ext \\ - %{_mandir}/man1/rmic-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/schemagen.1$ext schemagen.1$ext \\ - %{_mandir}/man1/schemagen-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/serialver.1$ext serialver.1$ext \\ - %{_mandir}/man1/serialver-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/wsgen.1$ext wsgen.1$ext \\ - %{_mandir}/man1/wsgen-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/wsimport.1$ext wsimport.1$ext \\ - %{_mandir}/man1/wsimport-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/xjc.1$ext xjc.1$ext \\ - %{_mandir}/man1/xjc-%{uniquesuffix -- %{?1}}.1$ext - -%{set_if_needed_alternatives $key %{family}} - -for X in %{origin} %{javaver} ; do - key=java_sdk_"$X" - alternatives --install %{_jvmdir}/java-"$X" $key %{_jvmdir}/%{sdkdir -- %{?1}} $PRIORITY --family %{family} - %{set_if_needed_alternatives $key %{family}} -done - -key=java_sdk_%{javaver}_%{origin} -alternatives --install %{_jvmdir}/java-%{javaver}-%{origin} $key %{_jvmdir}/%{sdkdir -- %{?1}} $PRIORITY --family %{family} -%{set_if_needed_alternatives $key %{family}} -} - -%define post_devel() %{expand: -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : - -exit 0 -} - -%define postun_devel() %{expand: - if [ "x$debug" == "xtrue" ] ; then - set -x - fi - post_state=$1 # from postun, https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax - %{save_and_remove_alternatives javac %{sdkbindir -- %{?1}}/javac $post_state %{family}} - %{save_and_remove_alternatives java_sdk_%{origin} %{_jvmdir}/%{sdkdir -- %{?1}} $post_state %{family}} - %{save_and_remove_alternatives java_sdk_%{javaver} %{_jvmdir}/%{sdkdir -- %{?1}} $post_state %{family}} - %{save_and_remove_alternatives java_sdk_%{javaver}_%{origin} %{_jvmdir}/%{sdkdir -- %{?1}} $post_state %{family}} - -update-desktop-database %{_datadir}/applications &> /dev/null || : - -if [ $1 -eq 0 ] ; then - /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null - %{update_desktop_icons} -fi -exit 0 -} - -%define posttrans_devel() %{expand: -%{alternatives_javac_install -- %{?1}} -%{update_desktop_icons} -} - -%define alternatives_javadoc_install() %{expand: -if [ "x$debug" == "xtrue" ] ; then - set -x -fi -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -key=javadocdir -alternatives --install %{_javadocdir}/java $key %{_javadocdir}/%{uniquejavadocdir -- %{?1}}/api $PRIORITY --family %{family_noarch} -%{set_if_needed_alternatives $key %{family_noarch}} -exit 0 -} - -%define postun_javadoc() %{expand: -if [ "x$debug" == "xtrue" ] ; then - set -x -fi - post_state=$1 # from postun, https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax - %{save_and_remove_alternatives javadocdir %{_javadocdir}/%{uniquejavadocdir -- %{?1}}/api $post_state %{family_noarch}} -exit 0 -} - -%define alternatives_javadoczip_install() %{expand: -if [ "x$debug" == "xtrue" ] ; then - set -x -fi -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi -key=javadoczip -alternatives --install %{_javadocdir}/java-zip $key %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip $PRIORITY --family %{family_noarch} -%{set_if_needed_alternatives $key %{family_noarch}} -exit 0 -} - -%define postun_javadoc_zip() %{expand: - if [ "x$debug" == "xtrue" ] ; then - set -x - fi - post_state=$1 # from postun, https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax - %{save_and_remove_alternatives javadoczip %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip $post_state %{family_noarch}} -exit 0 -} - -%define files_jre() %{expand: -%{_datadir}/icons/hicolor/*x*/apps/java-%{javaver}-%{origin}.png -%{_datadir}/applications/*policytool%{?1}.desktop -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libjsoundalsa.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libsplashscreen.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libawt_xawt.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libjawt.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/bin/policytool -} - - -%define files_jre_headless() %{expand: -%defattr(-,root,root,-) -%dir %{_sysconfdir}/.java/.systemPrefs -%dir %{_sysconfdir}/.java -%license %{_jvmdir}/%{jredir -- %{?1}}/ASSEMBLY_EXCEPTION -%license %{_jvmdir}/%{jredir -- %{?1}}/LICENSE -%license %{_jvmdir}/%{jredir -- %{?1}}/THIRD_PARTY_README -%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/NEWS -%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/README.md -%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/java-1.%{majorver}.0-openjdk-portable.specfile -%dir %{_jvmdir}/%{sdkdir -- %{?1}} -%{_jvmdir}/%{jrelnk -- %{?1}} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/cacerts -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/cacerts.upstream -%dir %{_jvmdir}/%{jredir -- %{?1}} -%dir %{_jvmdir}/%{jredir -- %{?1}}/bin -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib -%{_jvmdir}/%{jredir -- %{?1}}/bin/java -%{_jvmdir}/%{jredir -- %{?1}}/bin/%{alt_java_name} -%{_jvmdir}/%{jredir -- %{?1}}/bin/jjs -%{_jvmdir}/%{jredir -- %{?1}}/bin/keytool -%{_jvmdir}/%{jredir -- %{?1}}/bin/orbd -%{_jvmdir}/%{jredir -- %{?1}}/bin/pack200 -%{_jvmdir}/%{jredir -- %{?1}}/bin/rmid -%{_jvmdir}/%{jredir -- %{?1}}/bin/rmiregistry -%{_jvmdir}/%{jredir -- %{?1}}/bin/servertool -%{_jvmdir}/%{jredir -- %{?1}}/bin/tnameserv -%{_jvmdir}/%{jredir -- %{?1}}/bin/unpack200 -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/ -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/unlimited/US_export_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/unlimited/local_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/limited/US_export_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/limited/local_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/java.policy -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/java.security -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/blacklisted.certs -%config(noreplace) %{etcjavadir -- %{?1}}/lib/logging.properties -%config(noreplace) %{etcjavadir -- %{?1}}/lib/calendars.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/US_export_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/local_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/US_export_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/local_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/java.policy -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/java.security -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/blacklisted.certs -%{_jvmdir}/%{jredir -- %{?1}}/lib/logging.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/calendars.properties -%{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/orbd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmid-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmiregistry-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/servertool-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/tnameserv-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/unpack200-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/policytool-%{uniquesuffix -- %{?1}}.1* -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/nss.cfg -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/nss.fips.cfg -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/nss.cfg -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/nss.fips.cfg -%ifarch %{share_arches} -%attr(444, root, root) %ghost %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/server/classes.jsa -%attr(444, root, root) %ghost %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/client/classes.jsa -%endif -%dir %{etcjavasubdir} -%dir %{etcjavadir -- %{?1}} -%dir %{etcjavadir -- %{?1}}/lib -%dir %{etcjavadir -- %{?1}}/lib/security -%{etcjavadir -- %{?1}}/lib/security/cacerts -%dir %{etcjavadir -- %{?1}}/lib/security/policy -%dir %{etcjavadir -- %{?1}}/lib/security/policy/limited -%dir %{etcjavadir -- %{?1}}/lib/security/policy/unlimited -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/server/ -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/client/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jli -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jli/libjli.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jvm.cfg -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libattach.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libawt.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libawt_headless.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libdt_socket.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libfontmanager.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libhprof.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libinstrument.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2gss.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2pcsc.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2pkcs11.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjaas_unix.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjava.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjava_crw_demo.so -%if %{system_libs} -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjavajpeg.so -%else -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjpeg.so -%endif -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjdwp.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsdt.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsig.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsound.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/liblcms.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libmanagement.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libmlib_image.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnet.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnio.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnpt.so -%ifarch %{sa_arches} -%ifnarch %{zero_arches} -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsaproc.so -%endif -%endif -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsctp.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsunec.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsystemconf.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libunpack.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libverify.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libzip.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/charsets.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/classlist -%{_jvmdir}/%{jredir -- %{?1}}/lib/content-types.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/currency.data -%{_jvmdir}/%{jredir -- %{?1}}/lib/flavormap.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/hijrah-config-umalqura.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/images/cursors/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/jce.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jexec -%{_jvmdir}/%{jredir -- %{?1}}/lib/jsse.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jvm.hprof.txt -%{_jvmdir}/%{jredir -- %{?1}}/lib/meta-index -%{_jvmdir}/%{jredir -- %{?1}}/lib/net.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/psfont.properties.ja -%{_jvmdir}/%{jredir -- %{?1}}/lib/psfontj2d.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/resources.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/rt.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/sound.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/tzdb.dat -%{_jvmdir}/%{jredir -- %{?1}}/lib/tzdb.dat.upstream -%{_jvmdir}/%{jredir -- %{?1}}/lib/management-agent.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/management/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/cmm/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/cldrdata.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/dnsns.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/jaccess.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/localedata.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/meta-index -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/nashorn.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunec.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunjce_provider.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunpkcs11.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/zipfs.jar -%ifarch %{jfr_arches} -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr/default.jfc -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr/profile.jfc -%endif - -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/images -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/images/cursors -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/management -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/cmm -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/ext -%ifarch %{jfr_arches} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/jfr -%endif -} - -%define files_devel() %{expand: -%defattr(-,root,root,-) -%license %{_jvmdir}/%{sdkdir -- %{?1}}/ASSEMBLY_EXCEPTION -%license %{_jvmdir}/%{sdkdir -- %{?1}}/LICENSE -%license %{_jvmdir}/%{sdkdir -- %{?1}}/THIRD_PARTY_README -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/bin -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/include -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/lib -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/appletviewer -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/clhsdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/extcheck -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/hsdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/idlj -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jar -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jarsigner -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/java -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/%{alt_java_name} -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javac -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javadoc -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javah -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javap -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/java-rmi.cgi -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jcmd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jconsole -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jdeps -%ifarch %{jfr_arches} -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jfr -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jhat -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jinfo -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jjs -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jmap -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jps -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jrunscript -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jsadebugd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstack -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstat -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstatd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/keytool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/native2ascii -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/orbd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/pack200 -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/policytool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmic -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmid -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmiregistry -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/schemagen -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/serialver -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/servertool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/tnameserv -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/unpack200 -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/wsgen -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/wsimport -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/xjc -%{_jvmdir}/%{sdkdir -- %{?1}}/include/* -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/%{archinstall} -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/ct.sym -%if %{with_systemtap} -%{_jvmdir}/%{sdkdir -- %{?1}}/tapset -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/ir.idl -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jconsole.jar -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/orb.idl -%ifarch %{sa_arches} -%ifnarch %{zero_arches} -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/sa-jdi.jar -%endif -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/dt.jar -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jexec -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/tools.jar -%{_datadir}/applications/*jconsole%{?1}.desktop -%{_mandir}/man1/appletviewer-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/extcheck-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/idlj-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jar-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jarsigner-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javac-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javadoc-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javah-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javap-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jconsole-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jcmd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jdb-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jdeps-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jhat-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jinfo-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jmap-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jps-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jrunscript-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jsadebugd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstack-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstat-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstatd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/native2ascii-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmic-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/schemagen-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/serialver-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/wsgen-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/wsimport-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/xjc-%{uniquesuffix -- %{?1}}.1* -%if %{with_systemtap} -%dir %{tapsetroot} -%dir %{tapsetdirttapset} -%dir %{tapsetdir} -%{tapsetdir}/*%{_arch}%{?1}.stp -%endif -} - -%define files_demo() %{expand: -%defattr(-,root,root,-) -%license %{installoutputdir -- %{?1}}/jre/LICENSE -} - -%define files_src() %{expand: -%defattr(-,root,root,-) -%{_jvmdir}/%{sdkdir -- %{?1}}/src.zip -} - -%define files_javadoc() %{expand: -%defattr(-,root,root,-) -%doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}} -%license %{installoutputdir -- %{?1}}/jre/LICENSE -} - -%define files_javadoc_zip() %{expand: -%defattr(-,root,root,-) -%doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip -%license %{installoutputdir -- %{?1}}/jre/LICENSE -} - -%define files_accessibility() %{expand: -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libatk-wrapper.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/java-atk-wrapper.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/accessibility.properties -} - -# not-duplicated requires/provides/obsoletes for normal/debug packages -%define java_rpo() %{expand: -Requires: fontconfig%{?_isa} -Requires: xorg-x11-fonts-Type1 -# Require libXcomposite explicitly since it's only dynamically loaded -# at runtime. Fixes screenshot issues. See JDK-8150954. -Requires: libXcomposite%{?_isa} -# Requires rest of java -Requires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# for java-X-openjdk package's desktop binding -%if 0%{?fedora} || 0%{?rhel} >= 8 -Recommends: gtk2%{?_isa} -%endif - -Provides: java-%{javaver}-%{origin} = %{epoch}:%{version}-%{release} - -# Standard JPackage base provides -Provides: jre = %{javaver}%{?1} -Provides: jre-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java%{?1} = %{epoch}:%{javaver} -} - -%define java_headless_rpo() %{expand: -# Require /etc/pki/java/cacerts -Requires: ca-certificates -# Require javapackages-filesystem for ownership of /usr/lib/jvm/ -Requires: javapackages-filesystem -# 2022g required as of JDK-8297804 -Requires: tzdata-java >= 2022g -# for support of kernel stream control -# libsctp.so.1 is being `dlopen`ed on demand -Requires: lksctp-tools%{?_isa} -%if ! 0%{?flatpak} -# tool to copy jdk's configs - should be Recommends only, but then only dnf/yum enforce it, -# not rpm transaction and so no configs are persisted when pure rpm -u is run. It may be -# considered as regression -Requires: copy-jdk-configs >= 4.0 -OrderWithRequires: copy-jdk-configs -%endif -# for printing support -Requires: cups-libs -# for system security properties -Requires: crypto-policies -# for FIPS PKCS11 provider -Requires: nss -# Post requires alternatives to install tool alternatives -Requires(post): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(post): chkconfig >= 1.7 -# Postun requires alternatives to uninstall tool alternatives -Requires(postun): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(postun): chkconfig >= 1.7 -# for optional support of kernel stream control, card reader and printing bindings -%if 0%{?fedora} || 0%{?rhel} >= 8 -Suggests: lksctp-tools%{?_isa}, pcsc-lite-devel%{?_isa} -%endif - -# Standard JPackage base provides -Provides: jre-headless%{?1} = %{epoch}:%{javaver} -Provides: jre-%{javaver}-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-headless%{?1} = %{epoch}:%{javaver} - -# https://bugzilla.redhat.com/show_bug.cgi?id=1312019 -Provides: /usr/bin/jjs - -} - -%define java_devel_rpo() %{expand: -# Requires base package -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# Post requires alternatives to install tool alternatives -Requires(post): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(post): chkconfig >= 1.7 -# Postun requires alternatives to uninstall tool alternatives -Requires(postun): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(postun): chkconfig >= 1.7 - -# Standard JPackage devel provides -Provides: java-sdk-%{javaver}-%{origin}%{?1} = %{epoch}:%{version} -Provides: java-sdk-%{javaver}%{?1} = %{epoch}:%{version} -Provides: java-sdk-%{origin}%{?1} = %{epoch}:%{version} -Provides: java-sdk%{?1} = %{epoch}:%{javaver} -Provides: java-%{javaver}-devel%{?1} = %{epoch}:%{version} -Provides: java-%{javaver}-%{origin}-devel%{?1} = %{epoch}:%{version} -Provides: java-devel-%{origin}%{?1} = %{epoch}:%{version} -Provides: java-devel%{?1} = %{epoch}:%{javaver} - -} - - -%define java_demo_rpo() %{expand: -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -Provides: java-demo%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-demo%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-demo%{?1} = %{epoch}:%{version}-%{release} - -} - -%define java_javadoc_rpo() %{expand: -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# Post requires alternatives to install javadoc alternative -Requires(post): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(post): chkconfig >= 1.7 -# Postun requires alternatives to uninstall javadoc alternative -Requires(postun): %{alternatives_requires} -# in version 1.7 and higher for --family switch -Requires(postun): chkconfig >= 1.7 - -# Standard JPackage javadoc provides -Provides: java-%{javaver}-javadoc%{?1}%{?2} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-javadoc%{?1}%{?2} = %{epoch}:%{version}-%{release} -Provides: java-javadoc%{?1}%{?2} = %{epoch}:%{version}-%{release} -} - -%define java_src_rpo() %{expand: -Requires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -# Standard JPackage sources provides -Provides: java-src%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-src%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-src%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_accessibility_rpo() %{expand: -Requires: java-atk-wrapper%{?_isa} -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -Provides: java-accessibility = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-accessibility = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-accessibility = %{epoch}:%{version}-%{release} - -} - -# Prevent brp-java-repack-jars from being run -%global __jar_repack 0 - -Name: java-%{javaver}-%{origin} -Version: %{javaver}.%{updatever}.%{buildver} -Release: %{?eaprefix}%{rpmrelease}%{?extraver}%{?dist} -# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons -# and this change was brought into RHEL-4. java-1.5.0-ibm packages -# also included the epoch in their virtual provides. This created a -# situation where in-the-wild java-1.5.0-ibm packages provided "java = -# 1:1.5.0". In RPM terms, "1.6.0 < 1:1.5.0" since 1.6.0 is -# interpreted as 0:1.6.0. So the "java >= 1.6.0" requirement would be -# satisfied by the 1:1.5.0 packages. Thus we need to set the epoch in -# JDK package >= 1.6.0 to 1, and packages referring to JDK virtual -# provides >= 1.6.0 must specify the epoch, "java >= 1:1.6.0". - -Epoch: 1 -Summary: %{origin_nice} %{majorver} Runtime Environment -Group: Development/Languages - -# HotSpot code is licensed under GPLv2 -# JDK library code is licensed under GPLv2 with the Classpath exception -# The Apache license is used in code taken from Apache projects (primarily JAXP & JAXWS) -# DOM levels 2 & 3 and the XML digital signature schemas are licensed under the W3C Software License -# The JSR166 concurrency code is in the public domain -# The BSD and MIT licenses are used for a number of third-party libraries (see THIRD_PARTY_README) -# The OpenJDK source tree includes the JPEG library (IJG), zlib & libpng (zlib), giflib and LCMS (MIT) -# The test code includes copies of NSS under the Mozilla Public License v2.0 -# The PCSClite headers are under a BSD with advertising license -# The elliptic curve cryptography (ECC) source code is licensed under the LGPLv2.1 or any later version -License: ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib -URL: http://openjdk.java.net/ - -# Shenandoah HotSpot -# aarch64-port/jdk8u-shenandoah contains an integration forest of -# OpenJDK 8u, the aarch64 port and Shenandoah -# To regenerate, use: -# VERSION=%%{shenandoah_revision} -# FILE_NAME_ROOT=%%{shenandoah_project}-%%{shenandoah_repo}-${VERSION} -# REPO_ROOT= generate_source_tarball.sh -# where the source is obtained from http://hg.openjdk.java.net/%%{project}/%%{repo} -Source0: %{shenandoah_project}-%{shenandoah_repo}-%{shenandoah_revision}-4curve.tar.xz - -# Use 'icedtea_sync.sh' to update the following -# They are based on code contained in the IcedTea project (3.x). -# Systemtap tapsets. Zipped up to keep it small. -Source8: tapsets-icedtea-%{icedteaver}.tar.xz - -# Desktop files. Adapted from IcedTea -Source9: jconsole.desktop.in -Source10: policytool.desktop.in - -# nss configuration file -Source11: nss.cfg.in - -# Removed libraries that we link instead -Source12: %{name}-remove-intree-libraries.sh - -# Ensure we aren't using the limited crypto policy -Source13: TestCryptoLevel.java - -# Ensure ECDSA is working -Source14: TestECDSA.java - -# Verify system crypto (policy) can be disabled via a property -Source15: TestSecurityProperties.java - -# Ensure vendor settings are correct -Source16: CheckVendor.java - -# nss fips configuration file -Source17: nss.fips.cfg.in - -# Ensure translations are available for new timezones -Source18: TestTranslations.java - -Source21: repackReproduciblePolycies.sh - -# New versions of config files with aarch64 support. This is not upstream yet. -Source100: config.guess -Source101: config.sub - -# Include portable spec and instructions on how to rebuild -Source19: README.md -Source20: java-1.%{majorver}.0-openjdk-portable.specfile - -# Setup variables to reference correct sources -%global releasezip %{_jvmdir}/%{name}-portable-%{version}-%{portablerelease}.portable.unstripped.jdk.%{_arch}.tar.xz -%global docszip %{_jvmdir}/%{name}-portable-%{version}-%{portablerelease}.portable.docs.%{_arch}.tar.xz -%global misczip %{_jvmdir}/%{name}-portable-%{version}-%{portablerelease}.portable.misc.%{_arch}.tar.xz -%global slowdebugzip %{_jvmdir}/%{name}-portable-%{version}-%{portablerelease}.portable.slowdebug.jdk.%{_arch}.tar.xz -%global fastdebugzip %{_jvmdir}/%{name}-portable-%{version}-%{portablerelease}.portable.fastdebug.jdk.%{_arch}.tar.xz - -############################################ -# -# RPM/distribution specific patches -# -# This section includes patches specific to -# Fedora/RHEL which can not be upstreamed -# either in their current form or at all. -############################################ - -# Accessibility patches -# Ignore AWTError when assistive technologies are loaded -Patch1: rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch -# Restrict access to java-atk-wrapper classes -Patch3: rh1648644-java_access_bridge_privileged_security.patch -# Turn on AssumeMP by default on RHEL systems -Patch534: rh1648246-always_instruct_vm_to_assume_multiple_processors_are_available.patch -# RH1648249: Add PKCS11 provider to java.security -Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch -# RH1582504: Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY -Patch1003: rh1582504-rsa_default_for_keytool.patch - -# Crypto policy and FIPS support patches -# Patch is generated from the fips tree at https://github.com/rh-openjdk/jdk8u/tree/fips -# as follows: git diff %%{openjdk_revision} common jdk > fips-8u-$(git show -s --format=%h HEAD).patch -# Diff is limited to src and make subdirectories to exclude .github changes -# Fixes currently included: -# PR3183, RH1340845: Support Fedora/RHEL8 system crypto policy -# PR3655: Allow use of system crypto policy to be disabled by the user -# RH1655466: Support RHEL FIPS mode using SunPKCS11 provider -# RH1760838: No ciphersuites available for SSLSocket in FIPS mode -# RH1860986: Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available -# RH1906862: Always initialise JavaSecuritySystemConfiguratorAccess -# RH1929465: Improve system FIPS detection -# RH1996182: Login to the NSS software token in FIPS mode -# RH1991003: Allow plain key import unless com.redhat.fips.plainKeySupport is set to false -# RH2021263: Resolve outstanding FIPS issues -# RH2052819: Fix FIPS reliance on crypto policies -# RH2052829: Detect NSS at Runtime for FIPS detection -# RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage -# RH2090378: Revert to disabling system security properties and FIPS mode support together -Patch1001: fips-8u-%{fipsver}.patch - -############################################# -# -# Upstreamable patches -# -# This section includes patches which need to -# be reviewed & pushed to the current development -# tree of OpenJDK. -############################################# -# PR2737: Allow multiple initialization of PKCS11 libraries -Patch5: pr2737-allow_multiple_pkcs11_library_initialisation_to_be_a_non_critical_error.patch -# Turn off strict overflow on IndicRearrangementProcessor{,2}.cpp following 8140543: Arrange font actions -Patch512: rh1649664-awt2dlibraries_compiled_with_no_strict_overflow.patch -# RH1337583, PR2974: PKCS#10 certificate requests now use CRLF line endings rather than system line endings -Patch523: pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch -# PR3083, RH1346460: Regression in SSL debug output without an ECC provider -Patch528: pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch -# PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts) -# PR3575, RH1567204: System cacerts database handling should not affect jssecacerts -# RH2055274: Revert default keystore to JAVA_HOME/jre/lib/security/cacerts in portable builds -# Must be applied after the FIPS patch as it also changes java.security -# Patch is generated from the cacerts tree at https://github.com/rh-openjdk/jdk8u/tree/cacerts -# as follows: git diff fips > pr2888-rh2055274-support_system_cacerts-$(git show -s --format=%h HEAD).patch -Patch539: pr2888-rh2055274-support_system_cacerts-%{cacertsver}.patch -# enable build of speculative store bypass hardened alt-java -Patch600: rh1750419-redhat_alt_java.patch -# JDK-8281098, PR3836: Extra compiler flags not passed to adlc build -Patch112: jdk8281098-pr3836-pass_compiler_flags_to_adlc.patch - -############################################# -# -# Arch-specific upstreamable patches -# -# This section includes patches which need to -# be reviewed & pushed upstream and are specific -# to certain architectures. This usually means the -# current OpenJDK development branch, but may also -# include other trees e.g. for the AArch64 port for -# OpenJDK 8u. -############################################# -# s390: PR3593: Use "%z" for size_t on s390 as size_t != intptr_t -Patch103: pr3593-s390_use_z_format_specifier_for_size_t_arguments_as_size_t_not_equals_to_int.patch -# x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround) -Patch105: jdk8199936-pr3533-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x.patch -# S390 ambiguous log2_intptr calls -Patch107: s390-8214206_fix.patch - -############################################# -# -# Patches which need backporting to 8u -# -# This section includes patches which have -# been pushed upstream to the latest OpenJDK -# development tree, but need to be backported -# to OpenJDK 8u. -############################################# -# S8074839, PR2462: Resolve disabled warnings for libunpack and the unpack200 binary -# This fixes printf warnings that lead to build failure with -Werror=format-security from optflags -Patch502: pr2462-resolve_disabled_warnings_for_libunpack_and_the_unpack200_binary.patch -# PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code -Patch571: jdk8199936-pr3591-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x_jdk.patch -# 8143245, PR3548: Zero build requires disabled warnings -Patch574: jdk8143245-pr3548-zero_build_requires_disabled_warnings.patch -# s390: JDK-8203030, Type fixing for s390 -Patch102: jdk8203030-zero_s390_31_bit_size_t_type_conflicts_in_shared_code.patch -# 8035341: Allow using a system installed libpng -Patch202: jdk8035341-allow_using_system_installed_libpng.patch -# 8042159: Allow using a system-installed lcms2 -Patch203: jdk8042159-allow_using_system_installed_lcms2-root.patch -Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch -# JDK-8257794: Zero: assert(istate->_stack_limit == istate->_thread->last_Java_sp() + 1) failed: wrong on Linux/x86_32 -Patch581: jdk8257794-remove_broken_assert.patch - -############################################# -# -# Patches appearing in 8u382 -# -# This section includes patches which are present -# in the listed OpenJDK 8u release and should be -# able to be removed once that release is out -# and used by this RPM. -############################################# -# JDK-8271199, RH2175317: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key -Patch2001: jdk8271199-rh2175317-custom_pkcs11_provider_support.patch - -############################################# -# -# Patches ineligible for 8u -# -# This section includes patches which are present -# upstream, but ineligible for upstream 8u backport. -############################################# -# 8043805: Allow using a system-installed libjpeg -Patch201: jdk8043805-allow_using_system_installed_libjpeg.patch - -############################################# -# -# Shenandoah fixes -# -# This section includes patches which are -# specific to the Shenandoah garbage collector -# and should be upstreamed to the appropriate -# trees. -############################################# - -############################################# -# -# Non-OpenJDK fixes -# -# This section includes patches to code other -# that from OpenJDK. -############################################# - -############################################# -# -# Dependencies -# -############################################# -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: alsa-lib-devel -BuildRequires: binutils -BuildRequires: cups-devel -BuildRequires: desktop-file-utils -# elfutils only are OK for build without AOT -BuildRequires: elfutils-devel -BuildRequires: fontconfig-devel -BuildRequires: freetype-devel -BuildRequires: gcc-c++ -BuildRequires: gdb -BuildRequires: libxslt -BuildRequires: libX11-devel -BuildRequires: libXext-devel -BuildRequires: libXi-devel -BuildRequires: libXinerama-devel -BuildRequires: libXrender-devel -BuildRequires: libXt-devel -BuildRequires: libXtst-devel -# Requirement for setting up nss.cfg and nss.fips.cfg -BuildRequires: nss-devel -# Requirement for system security property test -BuildRequires: crypto-policies -BuildRequires: pkgconfig -BuildRequires: xorg-x11-proto-devel -BuildRequires: zip -BuildRequires: unzip -# For definitions and macros like jvmdir -BuildRequires: javapackages-filesystem -%if %{include_normal_build} -BuildRequires: java-1.%{majorver}.0-openjdk-portable-unstripped = %{epoch}:%{version}-%{portablerelease}.%{portablesuffix} -%endif -%if %{include_fastdebug_build} -BuildRequires: java-1.%{majorver}.0-openjdk-portable-devel-fastdebug = %{epoch}:%{version}-%{portablerelease}.%{portablesuffix} -%endif -%if %{include_debug_build} -BuildRequires: java-1.%{majorver}.0-openjdk-portable-devel-slowdebug = %{epoch}:%{version}-%{portablerelease}.%{portablesuffix} -%endif -BuildRequires: java-1.%{majorver}.0-openjdk-portable-docs = %{epoch}:%{version}-%{portablerelease}.%{portablesuffix} -BuildRequires: java-1.%{majorver}.0-openjdk-portable-misc = %{epoch}:%{version}-%{portablerelease}.%{portablesuffix} -# Zero-assembler build requirement -%ifarch %{zero_arches} -BuildRequires: libffi-devel -%endif -# 2023c required as of JDK-8305113 -BuildRequires: tzdata-java >= 2023c -# Earlier versions have a bug in tree vectorization on PPC -BuildRequires: gcc >= 4.8.3-8 - -%if %{with_systemtap} -BuildRequires: systemtap-sdt-devel -%endif - -%if %{system_libs} -BuildRequires: giflib-devel -BuildRequires: lcms2-devel -BuildRequires: libjpeg-devel -BuildRequires: libpng-devel -%else -# Version in jdk/src/share/native/sun/awt/giflib/gif_lib.h -Provides: bundled(giflib) = 5.2.1 -# Version in jdk/src/share/native/sun/java2d/cmm/lcms/lcms2.h -Provides: bundled(lcms2) = 2.10.0 -# Version in jdk/src/share/native/sun/awt/image/jpeg/jpeglib.h -Provides: bundled(libjpeg) = 6b -# Version in jdk/src/share/native/sun/awt/libpng/png.h -Provides: bundled(libpng) = 1.6.37 -%endif - -# this is always built, also during debug-only build -# when it is built in debug-only this package is just placeholder -%{java_rpo %{nil}} - -%description -The %{origin_nice} %{majorver} runtime environment. - -%if %{include_debug_build} -%package slowdebug -Summary: %{origin_nice} %{majorver} Runtime Environment %{debug_on} -Group: Development/Languages - -%{java_rpo -- %{debug_suffix_unquoted}} -%description slowdebug -The %{origin_nice} %{majorver} runtime environment. -%{debug_warning} -%endif - -%if %{include_fastdebug_build} -%package fastdebug -Summary: %{origin_nice} %{majorver} Runtime Environment %{fastdebug_on} -Group: Development/Languages - -%{java_rpo -- %{fastdebug_suffix_unquoted}} -%description fastdebug -The %{origin_nice} %{majorver} runtime environment. -%{fastdebug_warning} -%endif - -%if %{include_normal_build} -%package headless -Summary: %{origin_nice} %{majorver} Headless Runtime Environment -Group: Development/Languages - -%{java_headless_rpo %{nil}} - -%description headless -The %{origin_nice} %{majorver} runtime environment without audio and video support. -%endif - -%if %{include_debug_build} -%package headless-slowdebug -Summary: %{origin_nice} %{majorver} Runtime Environment %{debug_on} -Group: Development/Languages - -%{java_headless_rpo -- %{debug_suffix_unquoted}} - -%description headless-slowdebug -The %{origin_nice} %{majorver} runtime environment without audio and video support. -%{debug_warning} -%endif - -%if %{include_fastdebug_build} -%package headless-fastdebug -Summary: %{origin_nice} %{majorver} Runtime Environment %{fastdebug_on} -Group: Development/Languages - -%{java_headless_rpo -- %{fastdebug_suffix_unquoted}} - -%description headless-fastdebug -The %{origin_nice} %{majorver} runtime environment without audio and video support. -%{fastdebug_warning} -%endif - -%if %{include_normal_build} -%package devel -Summary: %{origin_nice} %{majorver} Development Environment -Group: Development/Tools - -%{java_devel_rpo %{nil}} - -%description devel -The %{origin_nice} %{majorver} development tools. -%endif - -%if %{include_debug_build} -%package devel-slowdebug -Summary: %{origin_nice} %{majorver} Development Environment %{debug_on} -Group: Development/Tools - -%{java_devel_rpo -- %{debug_suffix_unquoted}} - -%description devel-slowdebug -The %{origin_nice} %{majorver} development tools. -%{debug_warning} -%endif - -%if %{include_fastdebug_build} -%package devel-fastdebug -Summary: %{origin_nice} %{majorver} Development Environment %{fastdebug_on} -Group: Development/Tools - -%{java_devel_rpo -- %{fastdebug_suffix_unquoted}} - -%description devel-fastdebug -The %{origin_nice} %{majorver} development tools. -%{fastdebug_warning} -%endif - -%if %{include_normal_build} -%package demo -Summary: %{origin_nice} %{majorver} Demos -Group: Development/Languages - -%{java_demo_rpo %{nil}} - -%description demo -The %{origin_nice} %{majorver} demos. -%endif - -%if %{include_debug_build} -%package demo-slowdebug -Summary: %{origin_nice} %{majorver} Demos %{debug_on} -Group: Development/Languages - -%{java_demo_rpo -- %{debug_suffix_unquoted}} - -%description demo-slowdebug -The %{origin_nice} %{majorver} demos. -%{debug_warning} -%endif - -%if %{include_fastdebug_build} -%package demo-fastdebug -Summary: %{origin_nice} %{majorver} Demos %{fastdebug_on} -Group: Development/Languages - -%{java_demo_rpo -- %{fastdebug_suffix_unquoted}} - -%description demo-fastdebug -The %{origin_nice} %{majorver} demos. -%{fastdebug_warning} -%endif - -%if %{include_normal_build} -%package src -Summary: %{origin_nice} %{majorver} Source Bundle -Group: Development/Languages - -%{java_src_rpo %{nil}} - -%description src -The %{compatiblename}-src sub-package contains the complete %{origin_nice} %{majorver} -class library source code for use by IDE indexers and debuggers. -%endif - -%if %{include_debug_build} -%package src-slowdebug -Summary: %{origin_nice} %{majorver} Source Bundle %{for_debug} -Group: Development/Languages - -%{java_src_rpo -- %{debug_suffix_unquoted}} - -%description src-slowdebug -The %{compatiblename}-src-slowdebug sub-package contains the complete %{origin_nice} %{majorver} - class library source code for use by IDE indexers and debuggers, %{for_debug}. -%endif - -%if %{include_fastdebug_build} -%package src-fastdebug -Summary: %{origin_nice} %{majorver} Source Bundle %{for_fastdebug} -Group: Development/Languages - -%{java_src_rpo -- %{fastdebug_suffix_unquoted}} - -%description src-fastdebug -The %{compatiblename}-src-fastdebug sub-package contains the complete %{origin_nice} %{majorver} - class library source code for use by IDE indexers and debuggers, %{for_fastdebug}. -%endif - -%if %{include_normal_build} -%package javadoc -Summary: %{origin_nice} %{majorver} API documentation -Group: Documentation -Requires: javapackages-filesystem -Obsoletes: javadoc-slowdebug < 1:1.8.0.212.b04-4 -BuildArch: noarch - -%{java_javadoc_rpo -- %{nil} -zip} -%{java_javadoc_rpo -- %{nil} %{nil}} - -%description javadoc -The %{origin_nice} %{majorver} API documentation. - -%package javadoc-zip -Summary: %{origin_nice} %{majorver} API documentation compressed in a single archive -Group: Documentation -Requires: javapackages-filesystem -Obsoletes: javadoc-zip-slowdebug < 1:1.8.0.212.b04-4 -BuildArch: noarch - -%{java_javadoc_rpo -- %{nil} %{nil}} - -%description javadoc-zip -The %{origin_nice} %{majorver} API documentation compressed in a single archive. - -%package accessibility -Summary: %{origin_nice} %{majorver} accessibility connector - -%{java_accessibility_rpo %{nil}} - -%description accessibility -Enables accessibility support in %{origin_nice} %{majorver} by using java-atk-wrapper. This allows -compatible at-spi2 based accessibility programs to work for AWT and Swing-based -programs. - -Please note, the java-atk-wrapper is still in beta, and %{origin_nice} %{majorver} itself is still -being tuned to be working with accessibility features. There are known issues -with accessibility on, so please do not install this package unless you really -need to. -%endif - -%if %{include_debug_build} -%package accessibility-slowdebug -Summary: %{origin_nice} %{majorver} accessibility connector %{for_debug} - -%{java_accessibility_rpo -- %{debug_suffix_unquoted}} - -%description accessibility-slowdebug -See normal java-%{version}-openjdk-accessibility description. -%endif - -%if %{include_fastdebug_build} -%package accessibility-fastdebug -Summary: %{origin_nice} %{majorver} accessibility connector %{for_fastdebug} - -%{java_accessibility_rpo -- %{fastdebug_suffix_unquoted}} - -%description accessibility-fastdebug -See normal java-%{version}-openjdk-accessibility description. -%endif - -%prep - -# Using the echo macro breaks rpmdev-bumpspec, as it parses the first line of stdout :-( -%if 0%{?stapinstall:1} - echo "CPU: %{_target_cpu}, arch install directory: %{archinstall}, SystemTap install directory: %{stapinstall}" -%else - %{error:Unrecognised architecture %{_target_cpu}} -%endif - -if [ %{include_normal_build} -eq 0 -o %{include_normal_build} -eq 1 ] ; then - echo "include_normal_build is %{include_normal_build}" -else - echo "include_normal_build is %{include_normal_build}, that is invalid. Use 1 for yes or 0 for no" - exit 11 -fi -if [ %{include_debug_build} -eq 0 -o %{include_debug_build} -eq 1 ] ; then - echo "include_debug_build is %{include_debug_build}" -else - echo "include_debug_build is %{include_debug_build}, that is invalid. Use 1 for yes or 0 for no" - exit 12 -fi -if [ %{include_fastdebug_build} -eq 0 -o %{include_fastdebug_build} -eq 1 ] ; then - echo "include_fastdebug_build is %{include_fastdebug_build}" -else - echo "include_fastdebug_build is %{include_fastdebug_build}, that is invalid. Use 1 for yes or 0 for no" - exit 13 -fi -if [ %{include_debug_build} -eq 0 -a %{include_normal_build} -eq 0 -a %{include_fastdebug_build} -eq 0 ] ; then - echo "You have disabled all builds (normal,fastdebug,slowdebug). That is a no go." - exit 14 -fi - -echo "Update version: %{updatever}" -echo "Build number: %{buildver}" -echo "Milestone: %{milestone}" -%setup -q -c -n %{uniquesuffix ""} -T -a 0 -# https://bugzilla.redhat.com/show_bug.cgi?id=1189084 -prioritylength=`expr length %{priority}` -if [ $prioritylength -ne 7 ] ; then - echo "priority must be 7 digits in total, violated" - exit 14 -fi -# For old patches -ln -s %{top_level_dir_name} jdk8 - -# replace outdated configure guess script -# -# the configure macro will do this too, but it also passes a few flags not -# supported by openjdk configure script -cp %{SOURCE100} %{top_level_dir_name}/common/autoconf/build-aux/ -cp %{SOURCE101} %{top_level_dir_name}/common/autoconf/build-aux/ - -# OpenJDK patches - -%if %{system_libs} -# Remove libraries that are linked -sh %{SOURCE12} -%endif - -# System library fixes -%if %{system_libs} -%patch201 -%patch202 -%patch203 -%patch204 -%endif - -%patch1 -%patch3 -%patch5 - -# s390 build fixes -%patch102 -%patch103 -%patch107 - -# AArch64 fixes - -# x86 fixes -%patch105 - -# Upstreamable fixes -%patch502 -%patch512 -%patch523 -%patch528 -%patch571 -%patch574 -%patch112 -%patch581 - -pushd %{top_level_dir_name} -# Add crypto policy and FIPS support -%patch1001 -p1 -# nss.cfg PKCS11 support; must come last as it also alters java.security -%patch1000 -p1 -# system cacerts support -%patch539 -p1 -# 8u382 fix -%patch2001 -p1 -popd - -# RPM-only fixes -%patch600 -%patch1003 - -# RHEL-only patches -%if ! 0%{?fedora} && 0%{?rhel} <= 7 -%patch534 -%endif - -# Shenandoah patches - -# Extract systemtap tapsets -%if %{with_systemtap} -tar --strip-components=1 -x -I xz -f %{SOURCE8} -%if %{include_debug_build} -cp -r tapset tapset%{debug_suffix} -%endif -%if %{include_fastdebug_build} -cp -r tapset tapset%{fastdebug_suffix} -%endif - - -for suffix in %{build_loop} ; do - for file in "tapset"$suffix/*.in; do - OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:-%{version}-%{release}.%{_arch}.stp:g"` - sed -e "s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/server/libjvm.so:g" $file > $file.1 -# TODO find out which architectures other than i686 have a client vm -%ifarch %{ix86} - sed -e "s:@ABS_CLIENT_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/client/libjvm.so:g" $file.1 > $OUTPUT_FILE -%else - sed -e "/@ABS_CLIENT_LIBJVM_SO@/d" $file.1 > $OUTPUT_FILE -%endif - sed -i -e "s:@ABS_JAVA_HOME_DIR@:%{_jvmdir}/%{sdkdir -- $suffix}:g" $OUTPUT_FILE - sed -i -e "s:@INSTALL_ARCH_DIR@:%{archinstall}:g" $OUTPUT_FILE - sed -i -e "s:@prefix@:%{_jvmdir}/%{sdkdir -- $suffix}/:g" $OUTPUT_FILE - done -done -# systemtap tapsets ends -%endif - -# Prepare desktop files -# The _X_ syntax indicates variables that are replaced by make upstream -# The @X@ syntax indicates variables that are replaced by configure upstream -for suffix in %{build_loop} ; do -for file in %{SOURCE9} %{SOURCE10} ; do - FILE=`basename $file | sed -e s:\.in$::g` - EXT="${FILE##*.}" - NAME="${FILE%.*}" - OUTPUT_FILE=$NAME$suffix.$EXT - sed -e "s:_SDKBINDIR_:%{sdkbindir -- $suffix}:g" $file > $OUTPUT_FILE - sed -i -e "s:_JREBINDIR_:%{jrebindir -- $suffix}:g" $OUTPUT_FILE - sed -i -e "s:@target_cpu@:%{_arch}:g" $OUTPUT_FILE - sed -i -e "s:@OPENJDK_VER@:%{version}-%{release}.%{_arch}$suffix:g" $OUTPUT_FILE - sed -i -e "s:@JAVA_VER@:%{javaver}:g" $OUTPUT_FILE - sed -i -e "s:@JAVA_VENDOR@:%{origin}:g" $OUTPUT_FILE -done -done - -# Setup nss.cfg -sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE11} > nss.cfg - -# Setup nss.fips.cfg -sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE17} > nss.fips.cfg - -# Setup security policy -sed -i -e "s:^security.systemCACerts=.*:security.systemCACerts=%{cacerts_file}:" %{security_file} - -%build - -function customisejdk() { - local imagepath=${1} - - if [ -d ${imagepath} ] ; then - # Turn on system security properties - sed -i -e "s:^security.useSystemPropertiesFile=.*:security.useSystemPropertiesFile=true:" \ - ${imagepath}/jre/lib/security/java.security - - # Use system-wide tzdata - mv ${imagepath}/jre/lib/tzdb.dat{,.upstream} - ln -sv %{_datadir}/javazi-1.8/tzdb.dat ${imagepath}/jre/lib/tzdb.dat - - # Rename OpenJDK cacerts database - mv ${imagepath}/jre/lib/security/cacerts{,.upstream} - # Install cacerts symlink needed by some apps which hard-code the path - ln -sv %{cacerts_file} ${imagepath}/jre/lib/security - fi -} - -for suffix in %{build_loop} ; do - - if [ "x$suffix" = "x" ] ; then - jdkzip=%{releasezip} - elif [ "x$suffix" = "x%{fastdebug_suffix_unquoted}" ] ; then - jdkzip=%{fastdebugzip} - else # slowdebug - jdkzip=%{slowdebugzip} - debugbuild=release - fi - - installdir=%{installoutputdir -- ${suffix}} - - # TODO: should verify checksums when using packages from buildroot - tar -xJf ${jdkzip} - mkdir -p $(dirname ${installdir}) - mv %{name}* ${installdir} - # Fix build paths in ELF files so it looks like we built them - portablenvr="%{name}-portable-%{version}-%{portablerelease}.%{portablesuffix}.%{_arch}" - for file in $(find ${installdir} -type f) ; do - if file ${file} | grep -q 'ELF'; then - %{debugedit} -b %{portablebuilddir}/${portablenvr} -d $(pwd) -n ${file} - fi - done - - # Final setup on the main image - customisejdk ${installdir} - - # Print release information - cat ${installdir}/release - -# build cycles -done - -docdir=%{installoutputdir -- "-docs"} -tar -xJf %{docszip} -mv %{name}*.docs.* ${docdir} - -miscdir=%{installoutputdir -- "-misc"} -tar -xJf %{misczip} -mv %{name}*.misc.* ${miscdir} - -%check - -# We test debug first as it will give better diagnostics on a crash -for suffix in %{build_loop} ; do - -export JAVA_HOME=$(pwd)/%{installoutputdir -- $suffix} - -# Check unlimited policy has been used -$JAVA_HOME/bin/javac -d . %{SOURCE13} -$JAVA_HOME/bin/java TestCryptoLevel - -# Check ECC is working -$JAVA_HOME/bin/javac -d . %{SOURCE14} -$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||") - -# Check system crypto (policy) is active and can be disabled -# Test takes a single argument - true or false - to state whether system -# security properties are enabled or not. -$JAVA_HOME/bin/javac -d . %{SOURCE15} -export PROG=$(echo $(basename %{SOURCE15})|sed "s|\.java||") -export SEC_DEBUG="-Djava.security.debug=properties" -$JAVA_HOME/bin/java ${SEC_DEBUG} ${PROG} true -$JAVA_HOME/bin/java ${SEC_DEBUG} -Djava.security.disableSystemPropertiesFile=true ${PROG} false - -# Check java launcher has no SSB mitigation -if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi - -# Check alt-java launcher has SSB mitigation on supported architectures -%ifarch %{ssbd_arches} -nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation -%else -if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi -%endif - -# Check correct vendor values have been set -$JAVA_HOME/bin/javac -d . %{SOURCE16} -$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" %{oj_vendor_url} %{oj_vendor_bug_url} - -# Check translations are available for new timezones -$JAVA_HOME/bin/javac -d . %{SOURCE18} -$JAVA_HOME/bin/java $(echo $(basename %{SOURCE18})|sed "s|\.java||") JRE - -# Check debug symbols are present and can identify code -find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib -do - if [ -f "$lib" ] ; then - echo "Testing $lib for debug symbols" - # All these tests rely on RPM failing the build if the exit code of any set - # of piped commands is non-zero. - - # Test for .debug_* sections in the shared object. This is the main test - # Stripped objects will not contain these - eu-readelf -S "$lib" | grep "] .debug_" - test $(eu-readelf -S "$lib" | grep -E "\]\ .debug_(info|abbrev)" | wc --lines) == 2 - - # Test FILE symbols. These will most likely be removed by anything that - # manipulates symbol tables because it's generally useless. So a nice test - # that nothing has messed with symbols - old_IFS="$IFS" - IFS=$'\n' - for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT") - do - # We expect to see .cpp files, except for architectures like aarch64 and - # s390 where we expect .o and .oS files - echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$" - done - IFS="$old_IFS" - - # If this is the JVM, look for javaCalls.(cpp|o) in FILEs, for extra sanity checking - if [ "`basename $lib`" = "libjvm.so" ]; then - eu-readelf -s "$lib" | \ - grep -E "00000000 0 FILE LOCAL DEFAULT ABS javaCalls.(cpp|o)$" - fi - - # Test that there are no .gnu_debuglink sections pointing to another - # debuginfo file. There shouldn't be any debuginfo files, so the link makes - # no sense either - eu-readelf -S "$lib" | grep 'gnu' - if eu-readelf -S "$lib" | grep '] .gnu_debuglink' | grep PROGBITS; then - echo "bad .gnu_debuglink section." - eu-readelf -x .gnu_debuglink "$lib" - false - fi - fi -done - -# Make sure gdb can do a backtrace based on line numbers on libjvm.so -# javaCalls.cpp:58 should map to: -# http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/file/ff3b27e6bcc2/src/share/vm/runtime/javaCalls.cpp#l58 -# Using line number 1 might cause build problems. See: -# https://bugzilla.redhat.com/show_bug.cgi?id=1539664 -# https://bugzilla.redhat.com/show_bug.cgi?id=1538767 -gdb -q "$JAVA_HOME/bin/java" <> %{name}-demo.files"$suffix" -# Find documentation demo files. -find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/demo \ - $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/sample \ - -type f -o -type l | sort \ - | grep README \ - | sed 's|'$RPM_BUILD_ROOT'||' \ - | sed 's|^|%doc |' \ - >> %{name}-demo.files"$suffix" -# Find demo directories. -find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/demo \ - $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/sample \ - -type d | sort \ - | sed 's|'$RPM_BUILD_ROOT'||' \ - | sed 's|^|%dir |' \ - >> %{name}-demo.files"$suffix" - -# Create links which leads to separately installed java-atk-bridge and allow configuration -# links points to java-atk-wrapper - an dependence - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/%{archinstall} - ln -s %{_libdir}/java-atk-wrapper/libatk-wrapper.so.0 libatk-wrapper.so - popd - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/ext - ln -s %{_libdir}/java-atk-wrapper/java-atk-wrapper.jar java-atk-wrapper.jar - popd - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/ - echo "#Config file to enable java-atk-wrapper" > accessibility.properties - echo "" >> accessibility.properties - echo "assistive_technologies=org.GNOME.Accessibility.AtkWrapper" >> accessibility.properties - echo "" >> accessibility.properties - popd - - -bash %{SOURCE21} $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix} %{javaver} -# https://bugzilla.redhat.com/show_bug.cgi?id=1183793 -touch -t 201401010000 $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/security/java.security - -# moving config files to /etc -mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib/security/policy/unlimited/ -mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib/security/policy/limited/ -for file in lib/security/cacerts lib/security/policy/unlimited/US_export_policy.jar lib/security/policy/unlimited/local_policy.jar lib/security/policy/limited/US_export_policy.jar lib/security/policy/limited/local_policy.jar lib/security/java.policy lib/security/java.security lib/security/blacklisted.certs lib/logging.properties lib/calendars.properties lib/security/nss.cfg lib/security/nss.fips.cfg ; do - mv $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/$file $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/$file - ln -sf %{etcjavadir -- $suffix}/$file $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/$file -done - -# stabilize permissions -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "*.so" -exec chmod 755 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -type d -exec chmod 755 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "ASSEMBLY_EXCEPTION" -exec chmod 644 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "LICENSE" -exec chmod 644 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "THIRD_PARTY_README" -exec chmod 644 {} \; ; - -# end, dual install -done - -%if %{include_normal_build} -# intentionally only for non-debug -%pretrans headless -p --- see https://bugzilla.redhat.com/show_bug.cgi?id=1038092 for whole issue --- see https://bugzilla.redhat.com/show_bug.cgi?id=1290388 for pretrans over pre --- if copy-jdk-configs is in transaction, it installs in pretrans to temp --- if copy_jdk_configs is in temp, then it means that copy-jdk-configs is in transaction and so is --- preferred over one in %%{_libexecdir}. If it is not in transaction, then depends --- whether copy-jdk-configs is installed or not. If so, then configs are copied --- (copy_jdk_configs from %%{_libexecdir} used) or not copied at all -local posix = require "posix" - -if (os.getenv("debug") == "true") then - debug = true; - print("cjc: in spec debug is on") -else - debug = false; -end - -SOURCE1 = "%{rpm_state_dir}/copy_jdk_configs.lua" -SOURCE2 = "%{_libexecdir}/copy_jdk_configs.lua" - -local stat1 = posix.stat(SOURCE1, "type"); -local stat2 = posix.stat(SOURCE2, "type"); - - if (stat1 ~= nil) then - if (debug) then - print(SOURCE1 .." exists - copy-jdk-configs in transaction, using this one.") - end; - package.path = package.path .. ";" .. SOURCE1 -else - if (stat2 ~= nil) then - if (debug) then - print(SOURCE2 .." exists - copy-jdk-configs already installed and NOT in transaction. Using.") - end; - package.path = package.path .. ";" .. SOURCE2 - else - if (debug) then - print(SOURCE1 .." does NOT exists") - print(SOURCE2 .." does NOT exists") - print("No config files will be copied") - end - return - end -end -arg = nil ; -- it is better to null the arg up, no meter if they exists or not, and use cjc as module in unified way, instead of relaying on "main" method during require "copy_jdk_configs.lua" -cjc = require "copy_jdk_configs.lua" -args = {"--currentjvm", "%{uniquesuffix %{nil}}", "--jvmdir", "%{_jvmdir %{nil}}", "--origname", "%{name}", "--origjavaver", "%{javaver}", "--arch", "%{_arch}", "--temp", "%{rpm_state_dir}/%{name}.%{_arch}"} -cjc.mainProgram(args) - -%post -%{post_script %{nil}} - -%post headless -%{post_headless %{nil}} - -%postun -%{postun_script %{nil}} - -%postun headless -%{postun_headless %{nil}} - -%posttrans -%{posttrans_script %{nil}} - -%posttrans headless -%{alternatives_java_install %{nil}} - -%post devel -%{post_devel %{nil}} - -%postun devel -%{postun_devel %{nil}} - -%posttrans devel -%{posttrans_devel %{nil}} - -%posttrans javadoc -%{alternatives_javadoc_install %{nil}} - -%postun javadoc -%{postun_javadoc %{nil}} - -%posttrans javadoc-zip -%{alternatives_javadoczip_install %{nil}} - -%postun javadoc-zip -%{postun_javadoc_zip %{nil}} -%endif - -%if %{include_debug_build} -%post slowdebug -%{post_script -- %{debug_suffix_unquoted}} - -%post headless-slowdebug -%{post_headless -- %{debug_suffix_unquoted}} - -%posttrans headless-slowdebug -%{alternatives_java_install -- %{debug_suffix_unquoted}} - -%postun slowdebug -%{postun_script -- %{debug_suffix_unquoted}} - -%postun headless-slowdebug -%{postun_headless -- %{debug_suffix_unquoted}} - -%posttrans slowdebug -%{posttrans_script -- %{debug_suffix_unquoted}} - -%post devel-slowdebug -%{post_devel -- %{debug_suffix_unquoted}} - -%postun devel-slowdebug -%{postun_devel -- %{debug_suffix_unquoted}} - -%posttrans devel-slowdebug -%{posttrans_devel -- %{debug_suffix_unquoted}} - -%endif - -%if %{include_fastdebug_build} -%post fastdebug -%{post_script -- %{fastdebug_suffix_unquoted}} - -%post headless-fastdebug -%{post_headless -- %{fastdebug_suffix_unquoted}} - -%postun fastdebug -%{postun_script -- %{fastdebug_suffix_unquoted}} - -%postun headless-fastdebug -%{postun_headless -- %{fastdebug_suffix_unquoted}} - -%posttrans fastdebug -%{posttrans_script -- %{fastdebug_suffix_unquoted}} - -%posttrans headless-fastdebug -%{alternatives_java_install -- %{fastdebug_suffix_unquoted}} - -%post devel-fastdebug -%{post_devel -- %{fastdebug_suffix_unquoted}} - -%postun devel-fastdebug -%{postun_devel -- %{fastdebug_suffix_unquoted}} - -%posttrans devel-fastdebug -%{posttrans_devel -- %{fastdebug_suffix_unquoted}} - -%endif - -%if %{include_normal_build} -%files -# main package builds always -%{files_jre %{nil}} -%else -%files -# placeholder -%endif - - -%if %{include_normal_build} -%files headless -# important note, see https://bugzilla.redhat.com/show_bug.cgi?id=1038092 for whole issue -# all config/noreplace files (and more) have to be declared in pretrans. See pretrans -%{files_jre_headless %{nil}} - -%files devel -%{files_devel %{nil}} - -%files demo -f %{name}-demo.files -%{files_demo %{nil}} - -%files src -%{files_src %{nil}} - -%files javadoc -%{files_javadoc %{nil}} - -# This puts a huge documentation file in /usr/share -# It is now architecture-dependent, as eg. AOT and Graal are now x86_64 only -# same for debug variant -%files javadoc-zip -%{files_javadoc_zip %{nil}} - -%files accessibility -%{files_accessibility %{nil}} -%endif - -%if %{include_debug_build} -%files slowdebug -%{files_jre -- %{debug_suffix_unquoted}} - -%files headless-slowdebug -%{files_jre_headless -- %{debug_suffix_unquoted}} - -%files devel-slowdebug -%{files_devel -- %{debug_suffix_unquoted}} - -%files demo-slowdebug -f %{name}-demo.files-slowdebug -%{files_demo -- %{debug_suffix_unquoted}} - -%files src-slowdebug -%{files_src -- %{debug_suffix_unquoted}} - -%files accessibility-slowdebug -%{files_accessibility -- %{debug_suffix_unquoted}} -%endif - -%if %{include_fastdebug_build} -%files fastdebug -%{files_jre -- %{fastdebug_suffix_unquoted}} - -%files headless-fastdebug -%{files_jre_headless -- %{fastdebug_suffix_unquoted}} - -%files devel-fastdebug -%{files_devel -- %{fastdebug_suffix_unquoted}} - -%files demo-fastdebug -f %{name}-demo.files-fastdebug -%{files_demo -- %{fastdebug_suffix_unquoted}} - -%files src-fastdebug -%{files_src -- %{fastdebug_suffix_unquoted}} - -%files accessibility-fastdebug -%{files_accessibility -- %{fastdebug_suffix_unquoted}} -%endif - -%changelog -* Thu Apr 27 2023 Andrew Hughes - 1:1.8.0.372.b07-4 -- Include the java-1.8.0-openjdk-portable.spec file with instructions on how to rebuild. -- Remove duplicate use of README.md inside the *-src package (it is no longer about sources) -- Related: rhbz#2189328 - -* Thu Apr 27 2023 Andrew Hughes - 1:1.8.0.372.b07-3 -- Revert "Restore native build for x86 as there is no portable build" -- Retain portable_build-arches with x86-32 added for reference -- Remove NEWS. -- Related: rhbz#2189328 - -* Tue Apr 18 2023 Andrew Hughes - 1:1.8.0.372.b07-2 -- Update to shenandoah-jdk8u372-b07 (GA) -- Update release notes for shenandoah-8u372-b07. -- Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 -- Update generate_tarball.sh to add support for passing a boot JDK to the configure run -- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace -- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs -- Drop JDK-8275535/RH2053256 patch which is now upstream -- Include JDK-8271199 backport early ahead of 8u382 (RH2175317) -- Drop hack for difference in local and portable build version -- Replace local copies of JDK portable binaries with build dependencies -- ** This tarball is embargoed until 2023-04-18 @ 1pm PT. ** -- Resolves: rhbz#2185182 -- Resolves: rhbz#2189328 - -* Tue Feb 28 2023 Andrew Hughes - 1:1.8.0.362.b09-4 -- On portable architectures, replace build section with extraction of existing builds from portables -- Rewrite ELF files so the source file path is correct and debugsources can be assembled -- Resolves: rhbz#2150203 - -* Tue Jan 24 2023 Andrew Hughes - 1:1.8.0.362.b09-3 -- Update cacerts patch to fix OPENJDK-1433 SecurityManager issue -- Update to shenandoah-jdk8u352-b09 (GA) -- Update release notes for shenandoah-8u352-b09. -- Resolves: rhbz#2162715 - -* Fri Jan 13 2023 Andrew Hughes - 1:1.8.0.362.b08-3 -- Update to shenandoah-jdk8u352-b08 (GA) -- Update release notes for shenandoah-8u352-b08. -- Fix broken links and missing release notes in older releases. -- Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete - - Patch was broken by inclusion of "JDK-8293554: Enhanced DH Key Exchanges" - - Patch was added for a specific corner case of a 4096-bit DH key on a Fedora host that no longer exists - - Fedora now appears to be using RSA and the JDK now supports ECC in preference to large DH keys -- Resolves: rhbz#2160111 - -* Wed Jan 11 2023 Andrew Hughes - 1:1.8.0.362.b07-0.3.ea -- Update to shenandoah-jdk8u362-b07 (EA) -- Update release notes for shenandoah-8u362-b07. -- Require tzdata 2022g due to inclusion of JDK-8296108, JDK-8296715 & JDK-8297804 -- Drop tzdata patches for 2022d & 2022e (JDK-8294357 & JDK-8295173) which are now upstream -- Update TestTranslations.java to test the new America/Ciudad_Juarez zone -- Drop JDK-8255559/RH2124390 patch which is now upstream -- Resolves: rhbz#2150193 - -* Tue Jan 10 2023 Andrew Hughes - 1:1.8.0.362.b01-0.3.ea -- Update to shenandoah-jdk8u362-b01 (EA) -- Update release notes for shenandoah-8u362-b01. -- Switch to EA mode for 8u362 pre-release builds. -- Drop JDK-8195607/PR3776/RH1760437 now this is upstream -- Related: rhbz#2150193 - -* Thu Nov 10 2022 Andrew Hughes - 1:1.8.0.352.b08-3 -- Add backport of JDK-8255559 to fix file descriptor leak in XML code -- Resolves: rhbz#2124390 - -* Wed Oct 19 2022 Andrew Hughes - 1:1.8.0.352.b08-2 -- Update to shenandoah-jdk8u352-b08 (GA) -- Update release notes for shenandoah-8u352-b08. -- Switch to GA mode for final release. -- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 -- Add test to ensure timezones can be translated -- Resolves: rhbz#2133695 - -* Wed Oct 12 2022 Andrew Hughes - 1:1.8.0.352.b07-0.2.ea -- Update to shenandoah-jdk8u352-b07 (EA) -- Update release notes for shenandoah-8u352-b07. -- Switch to EA mode for 8u352 pre-release builds. -- Rebase FIPS patch against 8u352-b07 -- Resolves: rhbz#2130612 - -* Tue Aug 30 2022 Andrew Hughes - 1:1.8.0.345.b01-5 -- Switch to static builds, reducing system dependencies and making build more portable -- Resolves: rhbz#2048542 - -* Tue Aug 30 2022 Andrew Hughes - 1:1.8.0.345.b01-4 -- Sync system cacerts support with RHEL 9, disabling using -Dsecurity.systemCACerts= -- Move cacerts replacement to install section and retain original of this and tzdb.dat -- Related: rhbz#2055274 - -* Mon Aug 29 2022 Stephan Bergmann - 1:1.8.0.345.b01-3 -- Disable copy-jdk-configs for Flatpak builds -- Fix flatpak builds by exempting them from bootstrap -- Resolves: rhbz#2102733 - -* Wed Aug 03 2022 Andrew Hughes - 1:1.8.0.345.b01-2 -- Update to shenandoah-jdk8u345-b01 (GA) -- Update release notes for 8u345-b01. -- Resolves: rhbz#2112403 - -* Sun Jul 24 2022 Andrew Hughes - 1:1.8.0.342.b07-2 -- Update to shenandoah-jdk8u342-b07 (GA) -- Update release notes for 8u342-b07. -- Switch to GA mode for final release. -- Resolves: rhbz#2106507 - -* Sun Jul 17 2022 Andrew Hughes - 1:1.8.0.342.b06-0.1.ea -- Update to shenandoah-jdk8u342-b06 (EA) -- Update release notes for shenandoah-8u342-b06. -- Switch to EA mode for 8u342 pre-release builds. -- Print release file during build, which should now include a correct SOURCE value from .src-rev -- Update tarball script with IcedTea GitHub URL and .src-rev generation -- Use "git apply" with patches in the tarball script to allow binary diffs -- Remove redundant "REPOS" variable from tarball script -- Include script to generate bug list for release notes -- Update tzdata requirement to 2022a to match JDK-8283350 -- Resolves: rhbz#2083265 - -* Sun Jul 17 2022 Andrew Hughes - 1:1.8.0.332.b09-5 -- Rebase FIPS patches from fips branch and simplify by using a single patch from that repository -- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage -- * RH2090378: Revert to disabling system security properties and FIPS mode support together -- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch -- Rebase PR2888/RH2055274 cacerts patch so it applies after the current FIPS patch -- Perform configuration changes (e.g. nss.cfg, nss.fips.cfg, tzdb.dat) in installjdk -- Enable system security properties in the RPM (now disabled by default in the FIPS repo) -- Improve security properties test to check both enabled and disabled behaviour -- Run security properties test with property debugging on -- Explicitly require crypto-policies during build and runtime for system security properties -- Resolves: rhbz#2097152 -- Resolves: rhbz#2100675 - -* Thu Jun 30 2022 Francisco Ferrari Bihurriet - 1:1.8.0.332.b09-4 -- RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode -- Resolves: rhbz#2102431 - -* Mon Apr 18 2022 Andrew Hughes - 1:1.8.0.332.b09-3 -- Update to shenandoah-jdk8u332-b09 (GA) -- Update release notes for 8u332-b09. -- Switch to GA mode for final release. -- Resolves: rhbz#2074646 - -* Mon Apr 18 2022 Andrew Hughes - 1:1.8.0.332.b06-0.2.ea -- Allow the default keystore to be configured using security.systemCACerts -- Use of the property can now be disabled using -Djava.security.disableSystemCACerts=true -- Resolves: rhbz#2055274 - -* Mon Apr 18 2022 Andrew Hughes - 1:1.8.0.332.b06-0.1.ea -- Update to shenandoah-jdk8u332-b06 (EA) -- Update release notes for shenandoah-8u332-b06. -- Resolves: rhbz#2047536 - -* Sun Apr 17 2022 Andrew Hughes - 1:1.8.0.332.b01-0.1.ea -- Update to shenandoah-jdk8u332-b01 (EA) -- Update release notes for shenandoah-8u332-b01. -- Switch to EA mode. -- Remove JDK-8279077 patch now upstream. -- Related: rhbz#2047536 - -* Mon Feb 28 2022 Jiri Vanek - 1:1.8.0.322.b06-11 -- Storing and restoring alterntives during update manually -- Fixing Bug 2001567 - update of JDK/JRE is removing its manually selected alterantives and select (as auto) system JDK/JRE --- The move of alternatives creation to posttrans to fix: --- Bug 1200302 - dnf reinstall breaks alternatives --- Had caused the alternatives to be removed, and then created again, --- instead of being added, and then removing the old, and thus persisting --- the selection in family --- Thus this fix, is storing the family of manually selected master, and if --- stored, then it is restoring the family of the master -- Resolves: rhbz#2008192 - -* Mon Feb 28 2022 Jiri Vanek - 1:1.8.0.322.b06-10 -- Family extracted to globals -- Resolves: rhbz#2008192 - -* Mon Feb 28 2022 Jiri Vanek - 1:1.8.0.322.b06-9 -- javadoc-zip got its own provides next to plain javadoc ones -- Resolves: rhbz#2008192 - -* Mon Feb 28 2022 Jiri Vanek - 1:1.8.0.322.b06-8 -- alternatives creation moved to posttrans -- Thus fixing the old reisntall issue: -- https://bugzilla.redhat.com/show_bug.cgi?id=1200302 -- https://bugzilla.redhat.com/show_bug.cgi?id=1976053 -- Resolves: rhbz#2008192 - -* Mon Feb 28 2022 Andrew Hughes - 1:1.8.0.322.b06-7 -- Add JDK-8275535 patch to fix LDAP authentication issue. -- Resolves: rhbz#2053285 - -* Mon Feb 28 2022 Andrew Hughes - 1:1.8.0.322.b06-6 -- Detect NSS at runtime for FIPS detection -- Turn off build-time NSS linking and go back to an explicit Requires on NSS -- Resolves: rhbz#2052828 - -* Wed Feb 23 2022 Andrew Hughes - 1:1.8.0.322.b06-5 -- Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent -- Resolves: rhbz#2052817 - -* Mon Feb 21 2022 Andrew Hughes - 1:1.8.0.322.b06-4 -- Refactor build functions so we can build just HotSpot without any attempt at installation. -- Introduce architecture restriction logic for the gdb test. (RH2041970) -- Pass compiler flags to the ADLC build (JDK-8281098) -- Adjust JDK8199936/PR3533 -mstackrealign patch to instead pass -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4 -- Explicitly list JIT architectures rather than relying on those with slowdebug builds -- Disable the serviceability agent on Zero architectures even when the architecture itself is supported -- Add backport of JDK-8257794 to fix bogus assert on slowdebug x86-32 Zero builds -- Sync minor placement differences with Fedora & RHEL 9 -- Resolves: rhbz#2022815 - -* Mon Jan 24 2022 Andrew Hughes - 1:1.8.0.322.b06-3 -- Fix FIPS issues in native code and with initialisation of java.security.Security -- Resolves: rhbz#2021263 - -* Fri Jan 21 2022 Andrew Hughes - 1:1.8.0.322.b06-2 -- Update to aarch64-shenandoah-jdk8u322-b06 (EA) -- Update release notes for 8u322-b06. -- Switch to GA mode for final release. -- Resolves: rhbz#2039366 - -* Thu Jan 20 2022 Andrew Hughes - 1:1.8.0.322.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u322-b05 (EA) -- Update release notes for 8u322-b05. -- Require tzdata 2021e as of JDK-8275766. -- Update tarball generation script to use git following shenandoah-jdk8u's move to github -- Resolves: rhbz#2022815 - -* Tue Jan 18 2022 Andrew Hughes - 1:1.8.0.322.b04-0.2.ea -- Add backport of JDK-8279077 to fix crash on ppc64 -- Resolves: rhbz#2030399 - -* Mon Jan 10 2022 Andrew Hughes - 1:1.8.0.322.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u322-b04 (EA) -- Update release notes for 8u322-b04. -- Require tzdata 2021c as of JDK-8274407. -- Related: rhbz#2022815 - -* Fri Jan 07 2022 Andrew Hughes - 1:1.8.0.322.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u322-b03 (EA) -- Update release notes for 8u322-b03. -- Related: rhbz#2022815 - -* Fri Dec 17 2021 Andrew Hughes - 1:1.8.0.322.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u322-b02 (EA) -- Update release notes for 8u322-b02. -- Related: rhbz#2022815 - -* Tue Dec 14 2021 Andrew Hughes - 1:1.8.0.322.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u322-b01 (EA) -- Update release notes for 8u322-b01. -- Switch to EA mode. -- Related: rhbz#2022815 - -* Mon Dec 06 2021 Andrew Hughes - 1:1.8.0.312.b07-5 -- Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le. -- Related: rhbz#2022815 - -* Mon Dec 06 2021 Severin Gehwolf - 1:1.8.0.312.b07-4 -- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy - secmod.db file as part of nss -- Resolves: rhbz#2023532 - -* Fri Oct 15 2021 Andrew Hughes - 1:1.8.0.312.b07-3 -- Update to aarch64-shenandoah-jdk8u312-b07 (EA) -- Update release notes for 8u312-b07. -- Switch to GA mode for final release. -- Resolves: rhbz#2012339 - -* Tue Oct 12 2021 Andrew Hughes - 1:1.8.0.312.b05-0.3.ea -- Update to aarch64-shenandoah-jdk8u312-b05-shenandoah-merge-2021-10-07 -- Update release notes for 8u312-b05-shenandoah-merge-2021-10-07. -- Related: rhbz#1999937 - -* Thu Oct 07 2021 Andrew Hughes - 1:1.8.0.312.b05-0.2.ea -- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false -- Resolves: rhbz#1994659 - -* Thu Oct 07 2021 Martin Balao - 1:1.8.0.312.b05-0.2.ea -- Add patch to allow plain key import. -- Resolves: rhbz#1994659 - -* Thu Sep 30 2021 Andrew Hughes - 1:1.8.0.312.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u312-b05 (EA) -- Update release notes for 8u312-b05. -- Resolves: rhbz#1999937 - -* Mon Sep 27 2021 Andrew Hughes - 1:1.8.0.312.b04-0.2.ea -- Reduce disk footprint by removing build artifacts by default. -- Related: rhbz#1999937 - -* Sun Sep 26 2021 Andrew Hughes - 1:1.8.0.312.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u312-b04 (EA) -- Update release notes for 8u312-b04. -- Related: rhbz#1999937 - -* Fri Sep 24 2021 Andrew Hughes - 1:1.8.0.312.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u312-b03 (EA) -- Update release notes for 8u312-b03. -- Related: rhbz#1999937 - -* Sun Sep 19 2021 Andrew Hughes - 1:1.8.0.312.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u312-b02 (EA) -- Update release notes for 8u312-b02. -- Related: rhbz#1999937 - -* Mon Sep 13 2021 Andrew Hughes - 1:1.8.0.312.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u312-b01 (EA) -- Update release notes for 8u312-b01. -- Switch to EA mode. -- Remove "-clean" suffix as no 8u312 builds are unclean. -- Related: rhbz#1999937 - -* Fri Sep 10 2021 Andrew Hughes - 1:1.8.0.302.b08-4 -- Remove non-Free test and demo files from source tarball. -- Related: rhbz#1999937 - -* Fri Aug 27 2021 Andrew Hughes - 1:1.8.0.302.b08-3 -- Add patch to login to the NSS software token when in FIPS mode. -- Resolves: rhbz#1997358 - -* Fri Aug 27 2021 Andrew Hughes - 1:1.8.0.302.b08-2 -- Fix path to libsystemconf.so on 8u. -- Resolves: rhbz#1971679 - -* Fri Aug 27 2021 Andrew Hughes - 1:1.8.0.302.b08-2 -- Port FIPS system detection support to OpenJDK 8u -- Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure. -- Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM. -- Resolves: rhbz#1971679 - -* Fri Aug 27 2021 Martin Balao - 1:1.8.0.302.b08-2 -- Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library. -- Resolves: rhbz#1971679 - -* Fri Jul 16 2021 Andrew Hughes - 1:1.8.0.302.b08-1 -- Update to aarch64-shenandoah-jdk8u302-b08 (EA) -- Update release notes for 8u302-b08. -- Switch to GA mode for final release. -- This tarball is embargoed until 2021-07-20 @ 1pm PT. -- Resolves: rhbz#1972395 - -* Thu Jul 08 2021 Andrew Hughes - 1:1.8.0.302.b07-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b07 (EA) -- Update release notes for 8u302-b07. -- Resolves: rhbz#1967812 - -* Tue Jul 06 2021 Andrew Hughes - 1:1.8.0.302.b06-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b06 (EA) -- Update release notes for 8u302-b06. -- Resolves: rhbz#1967812 - -* Tue Jul 06 2021 Andrew Hughes - 1:1.8.0.302.b05-0.2.ea -- Remove restriction on disabling product build, as debug packages no longer have javadoc packages. -- Fix name of javadoc debug packages in Obsoletes declarations and add version where it was removed. -- Resolves: rhbz#1966233 - -* Mon Jul 05 2021 Andrew Hughes - 1:1.8.0.302.b05-0.1.ea -- Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics. -- Resolves: rhbz#1966233 - -* Fri Jul 02 2021 Andrew Hughes - 1:1.8.0.302.b05-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b05 (EA) -- Update release notes for 8u302-b05. -- Resolves: rhbz#1967812 - -* Wed Jun 30 2021 Andrew Hughes - 1:1.8.0.302.b04-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b04 (EA) -- Update release notes for 8u302-b04. -- Resolves: rhbz#1967812 - -* Tue Jun 29 2021 Andrew Hughes - 1:1.8.0.302.b03-0.3.ea -- Introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java or java is patched -- Patch600, rh1750419-redhat_alt_java.patch, amended to die, if it is used wrongly -- Introduced ssbd_arches with currently only valid arch of x86_64 to separate real alt-java architectures -- Resolves: rhbz#1966233 - -* Mon Jun 28 2021 Andrew Hughes - 1:1.8.0.302.b03-0.2.ea -- Re-order source files to sync with Fedora. -- Resolves: rhbz#1966233 - -* Mon Jun 28 2021 Severin Gehwolf - 1:1.8.0.302.b03-0.2.ea -- Add a test verifying system crypto policies can be disabled -- Resolves: rhbz#1966233 - -* Mon Jun 28 2021 Andrew Hughes - 1:1.8.0.302.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u302-b03-shenandoah-merge-2021-06-23 (EA) -- Update release notes for 8u302-b03-shenandoah-merge-2021-06-23. -- Resolves: rhbz#1967812 - -* Sun Jun 27 2021 Andrew Hughes - 1:1.8.0.302.b03-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b03 (EA) -- Update release notes for 8u302-b03. -- Resolves: rhbz#1967812 - -* Sat Jun 26 2021 Andrew Hughes - 1:1.8.0.302.b02-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b02 (EA) -- Update release notes for 8u302-b02. -- Resolves: rhbz#1967812 - -* Mon Jun 21 2021 Andrew Hughes - 1:1.8.0.302.b01-0.3.ea -- Add ppc64le and aarch64 to fastdebug_arches -- Resolves: rhbz#1969254 - -* Fri Jun 18 2021 Andrew Hughes - 1:1.8.0.302.b01-0.2.ea -- Cleanup architecture handling in preparation for extending set of fastdebug architectures -- Fixed not-including fastdebug build in case of --without fastdebug -- Resolves: rhbz#1969254 - -* Wed Jun 16 2021 Jiri Vanek - 1:1.8.0.302.b01-0.1.ea -- adapted to newst cjc to fix issue with rpm 4.17 -- Disable copy-jdk-configs for Flatpak builds -- removed cjc backward comaptiblity, to fix when both rpm 4.16 and 4.17 are in transaction -- Resolves: rhbz#1953923 - -* Sat May 22 2021 Andrew Hughes - 1:1.8.0.302.b01-0.0.ea -- Update to aarch64-shenandoah-jdk8u302-b01 (EA) -- Update release notes for 8u302-b01. -- Switch to EA mode. -- Resolves: rhbz#1967812 - -* Tue Apr 13 2021 Andrew Hughes - 1:1.8.0.292.b10-2 -- Update to aarch64-shenandoah-jdk8u292-b10 (GA) -- Update release notes for 8u292-b10. -- This tarball is embargoed until 2021-04-20 @ 1pm PT. -- Resolves: rhbz#1938201 - -* Tue Apr 13 2021 Andrew Hughes - 1:1.8.0.292.b09-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b09 (EA) -- Update release notes for 8u292-b09. -- Resolves: rhbz#1942306 - -* Mon Apr 12 2021 Andrew Hughes - 1:1.8.0.292.b08-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b08 (EA) -- Update release notes for 8u292-b08. -- Require tzdata 2021a due to JDK-8260356 -- Resolves: rhbz#1942306 - -* Mon Apr 12 2021 Andrew Hughes - 1:1.8.0.292.b07-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b07 (EA) -- Update release notes for 8u292-b07. -- Resolves: rhbz#1942306 - -* Sun Apr 11 2021 Andrew Hughes - 1:1.8.0.292.b06-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b06 (EA) -- Update release notes for 8u292-b06. -- Require tzdata 2020f due to JDK-8259048 -- Resolves: rhbz#1942306 - -* Sat Apr 10 2021 Andrew Hughes - 1:1.8.0.292.b05-0.3.ea -- Update to aarch64-shenandoah-jdk8u292-b05-shenandoah-merge-2021-03-11 (EA) -- Update release notes for 8u292-b05-shenandoah-merge-2021-03-11. -- Re-organise S/390 patches for upstream submission, separating 8u upstream from Shenandoah fixes. -- Add new formatting case found in memprofiler.cpp on debug builds to PR3593 patch. -- Extend s390 patch to fix issue caused by JDK-8252660 backport and lack of JDK-8188813 in 8u. -- Revise JDK-8252660 s390 failure to make _soft_max_size a jlong so pointer types are accurate. -- Resolves: rhbz#1942306 - -* Fri Apr 09 2021 Andrew Hughes - 1:1.8.0.292.b05-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b05 (EA) -- Update release notes for 8u292-b05. -- Resolves: rhbz#1942306 - -* Fri Apr 09 2021 Andrew Hughes - 1:1.8.0.292.b04-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b04 (EA) -- Update release notes for 8u292-b04. -- Resolves: rhbz#1942306 - -* Fri Apr 09 2021 Andrew Hughes - 1:1.8.0.292.b03-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b03 (EA) -- Update release notes for 8u292-b03. -- Resolves: rhbz#1942306 - -* Sat Mar 27 2021 Andrew Hughes - 1:1.8.0.292.b02-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b02 (EA) -- Update release notes for 8u292-b02. -- Remove RH1868759 patch as this is now resolved upstream by JDK-8258833. -- Resolves: rhbz#1942306 - -* Thu Mar 25 2021 Andrew Hughes - 1:1.8.0.292.b01-0.2.ea -- Update to aarch64-shenandoah-jdk8u292-b01 (EA) -- Update release notes for 8u292-b01. -- Switch to EA mode. -- Update tarball generation script to use PR3822 which handles - JDK-8233228 & JDK-8035166 changes -- Resolves: rhbz#1942306 - -* Wed Feb 17 2021 Stephan Bergmann - 1:1.8.0.282.b08-4 -- Resolves: rhbz#1896014 Hardcode /usr/sbin/alternatives for Flatpak builds - -* Sun Jan 17 2021 Andrew Hughes - 1:1.8.0.282.b08-3 -- Cleanup package descriptions and version number placement. -- Resolves: rhbz#1908967 - -* Sun Jan 17 2021 Jiri Vanek - 1:1.8.0.282.b08-3 -- Fix typo in variable -- Resolves: rhbz#1908967 - -* Sun Jan 17 2021 Andrew Hughes - 1:1.8.0.282.b08-2 -- Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode -- Resolves: rhbz#1913868 - -* Fri Jan 15 2021 Andrew Hughes - 1:1.8.0.282.b08-1 -- Update to aarch64-shenandoah-jdk8u282-b08 (GA) -- Update release notes for 8u282-b08. -- Resolves: rhbz#1908967 - -* Fri Jan 15 2021 Andrew Hughes - 1:1.8.0.282.b07-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b07 (EA) -- Update release notes for 8u282-b07. -- Fix placement issue in release notes, caught by comparing with vanilla version. -- Resolves: rhbz#1903904 - -* Wed Jan 13 2021 Andrew Hughes - 1:1.8.0.282.b06-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b06 (EA) -- Update release notes for 8u282-b06. -- Resolves: rhbz#1903904 - -* Mon Jan 11 2021 Andrew Hughes - 1:1.8.0.282.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b05 (EA) -- Update release notes for 8u282-b05 and make some minor corrections. -- Resolves: rhbz#1903904 - -* Wed Jan 06 2021 Andrew Hughes - 1:1.8.0.282.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b04 (EA) -- Update release notes for 8u282-b04. -- Remove upstreamed patch PR3519 -- Resolves: rhbz#1903904 - -* Sat Jan 02 2021 Andrew Hughes - 1:1.8.0.282.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b03 (EA) -- Update release notes for 8u282-b03. -- Resolves: rhbz#1903904 - -* Fri Dec 18 2020 Andrew Hughes - 1:1.8.0.282.b02-0.2.ea -- Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs. -- Resolves: rhbz#1906862 - -* Wed Dec 16 2020 Andrew Hughes - 1:1.8.0.282.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b02 (EA) -- Update release notes for 8u282-b02. -- Resolves: rhbz#1903904 - -* Mon Dec 07 2020 Andrew Hughes - 1:1.8.0.282.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u282-b01 (EA) -- Update release notes for 8u282-b01. -- Switch to EA mode. -- Require tzdata 2020b due to resource changes in JDK-8254177 -- Remove PR3601, covered upstream by JDK-8062808. -- Remove upstreamed JDK-8197981/PR3548, JDK-8062808/PR3548, JDK-8254177 & JDK-8215727. -- Extend RH1750419 alt-java fix to include external debuginfo, following JDK-8252395 -- Resolves: rhbz#1903904 - -* Fri Nov 27 2020 Jiri Vanek - 1:1.8.0.275.b01-3 -- added patch600, rh1750419-redhat_alt_java.patch -- Replaced alt-java palceholder by real pathced alt-java -- remove patch529 rh1566890-CVE_2018_3639-speculative_store_bypass.patch -- remove patch531 rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch -- both suprassed by new patch -- Resolves: rhbz#1750419 - -* Fri Nov 06 2020 Andrew Hughes - 1:1.8.0.275.b01-2 -- Update to aarch64-shenandoah-jdk8u275-b01 (GA) -- Update release notes for 8u275. -- Remove JDK-8223940/RH1892216 backport now included in upstream 8u275. -- Remove JDK-8236512/RH1889414 backport now included in upstream 8u275. -- Resolves: rhbz#1895060 - -* Fri Oct 30 2020 Andrew Hughes - 1:1.8.0.272.b10-6 -- Add backport of JDK-8223940: "Private key not supported by chosen signature algorithm" to handle lack of provider RSAPSS support -- Resolves: rhbz#1892216 - -* Fri Oct 30 2020 Jiri Vanek - 1:1.8.0.272.b10-5 -- Added gating test for ipa server -- Resolves: rhbz#1892216 - -* Thu Oct 29 2020 Andrew Hughes - 1:1.8.0.272.b10-4 -- Bump release number to build on RHEL 8.4.0 branch. -- Resolves: rhbz#1876665 -- Resolves: rhbz#1889414 - -* Wed Oct 21 2020 Andrew Hughes - 1:1.8.0.272.b10-3 -- Add backport of JDK-8236512 to correct use of killSession -- Resolves: rhbz#1889414 - -* Tue Oct 20 2020 Andrew Hughes - 1:1.8.0.272.b10-2 -- Add backport of JDK-8215727: "Restore JFR thread sampler loop to old / previous behaviour" -- Resolves: rhbz#1876665 - -* Sat Oct 17 2020 Andrew Hughes - 1:1.8.0.272.b10-1 -- Update to aarch64-shenandoah-jdk8u272-b10. -- Switch to GA mode for final release. -- Update release notes for 8u272 release. -- Add backport of JDK-8254177 to update to tzdata 2020b -- Require tzdata 2020b due to resource changes in JDK-8254177 -- Delay tzdata 2020b dependency until tzdata update has shipped. -- Adjust JDK-8062808/PR3548 following constantPool.hpp context change in JDK-8243302 -- Adjust PR3593 following g1StringDedupTable.cpp context change in JDK-8240124 & JDK-8244955 -- This tarball is embargoed until 2020-10-20 @ 1pm PT. -- Resolves: rhbz#1876665 - -* Thu Oct 15 2020 Andrew Hughes - 1:1.8.0.272.b09-0.2.ea -- Include a test in the RPM to check the build has the correct vendor information. -- Use 'oj_' prefix on new vendor globals to avoid a conflict with RPM's vendor value. -- Improve quoting of vendor name -- Resolves: rhbz#1876665 - -* Thu Oct 15 2020 Jiri Vanek - 1:1.8.0.272.b09-0.2.ea -- Set vendor property and vendor URLs -- Made URLs to be preconfigured by OS -- Resolves: rhbz#1876665 - -* Wed Oct 14 2020 Andrew Hughes - 1:1.8.0.272.b09-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b09 (EA). -- Resolves: rhbz#1876665 - -* Tue Oct 13 2020 Andrew Hughes - 1:1.8.0.272.b08-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b08 (EA). -- Resolves: rhbz#1876665 - -* Tue Oct 13 2020 Andrew Hughes - 1:1.8.0.272.b07-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b07 (EA). -- Resolves: rhbz#1876665 - -* Mon Oct 12 2020 Andrew Hughes - 1:1.8.0.272.b06-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b06. -- Update tarball generation script to use PR3799, following inclusion of JDK-8245468 (TLSv1.3) -- Remove JDK-8165996/PR3506/RH1760437 & JDK-8251117/RH1860990 as now applied upstream. -- Replace JDK-8223482/RH1860965 with RH1860986 (disable TLSv1.3 when using the NSS-FIPS provider) -- Resolves: rhbz#1876665 - -* Mon Oct 12 2020 Andrew Hughes - 1:1.8.0.272.b05-0.3.ea -- Enable JFR on x86, now we have JDK-8252096: Shenandoah: adjust SerialPageShiftCount for x86_32 and JFR -- Resolves: rhbz#1876665 - -* Thu Oct 08 2020 Andrew Hughes - 1:1.8.0.272.b05-0.2.ea -- Update to aarch64-shenandoah-jdk8u272-b05-shenandoah-merge-2020-08-28. -- Add additional s390 log2_intptr case in shenandoahUtils.cpp introduced by JDK-8245464 -- Resolves: rhbz#1876665 - -* Thu Oct 08 2020 Andrew Hughes - 1:1.8.0.272.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b05. -- Add additional s390 size_t case in g1ConcurrentMarkObjArrayProcessor.cpp introduced by JDK-8057003 -- Resolves: rhbz#1876665 - -* Wed Oct 07 2020 Andrew Hughes - 1:1.8.0.272.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b04. -- Update tarball generation script to use PR3795, following inclusion of JDK-8177334 -- Resolves: rhbz#1876665 - -* Mon Oct 05 2020 Andrew Hughes - 1:1.8.0.272.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b03. -- Resolves: rhbz#1876665 - -* Mon Oct 05 2020 Andrew Hughes - 1:1.8.0.272.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b02. -- Remove JDK-8154313 backport now applied upstream. -- Change target from 'zip-docs' to 'docs-zip', which is the naming used upstream. -- Resolves: rhbz#1876665 - -* Mon Oct 05 2020 Andrew Hughes - 1:1.8.0.272.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u272-b01. -- Switch to EA mode. -- Add debugging output for build. -- JFR must now be explicitly disabled when unwanted (e.g. x86), following switch of upstream default. -- Resolves: rhbz#1876665 - -* Thu Sep 17 2020 Andrew Hughes - 1:1.8.0.265.b01-4 -- Add patch to cancel PKCS#11 operations on failure (RH1868759) -- Resolves: rhbz#1868759 - -* Tue Aug 25 2020 Andrew Hughes - 1:1.8.0.265.b01-3 -- Add backport of JDK-8251117 to allow key length to be retrieved from PKCS#11 FIPS keys -- Resolves: rhbz#1860993 - -* Tue Aug 25 2020 Andrew Hughes - 1:1.8.0.265.b01-2 -- Add backport of JDK-8223482 so PKCS#11 FIPS provider does not offer unsupported ciphers. -- Resolves: rhbz#1860965 - -* Mon Jul 27 2020 Andrew Hughes - 1:1.8.0.265.b01-1 -- Update to aarch64-shenandoah-jdk8u265-b01. -- Update release notes for 8u265 release. -- Resolves: rhbz#1860453 - -* Mon Jul 27 2020 Jiri Vanek - 1:1.8.0.262.b10-3 -- ASSEMBLY_EXCEPTION LICENSE THIRD_PARTY_README moved to fully versioned dirs -- Resolves: rhbz#1831665 - -* Thu Jul 16 2020 Andrew Hughes - 1:1.8.0.262.b10-2 -- Remove issues in NEWS file duplicated between 8u252 & 8u262 releases. -- Resolves: rhbz#1838811 - -* Sun Jul 12 2020 Andrew Hughes - 1:1.8.0.262.b10-1 -- Update to aarch64-shenandoah-jdk8u262-b10. -- Switch to GA mode for final release. -- Update release notes for 8u262 release. -- Fix typo in jfr_arches which leads to ppc64 being wrongly excluded. -- Split JDK-8042159 patch into per-repo patches as upstream. -- Update JDK-8042159 JDK patch to apply after JDK-8238002 changes to Awt2dLibraries.gmk -- Resolves: rhbz#1838811 - -* Sat Jul 11 2020 Andrew Hughes - 1:1.8.0.262.b09-0.3.ea -- Restructure the build so a minimal initial build is then used for the final build (with docs) -- This reduces pressure on the system JDK and ensures the JDK being built can do a full build -- Resolves: rhbz#1838811 - -* Fri Jul 10 2020 Andrew Hughes - 1:1.8.0.262.b09-0.2.ea -- Update to aarch64-shenandoah-jdk8u262-b09-shenandoah-merge-2020-07-03 -- Resolves: rhbz#1838811 - -* Fri Jul 10 2020 Andrew Hughes - 1:1.8.0.262.b09-0.1.ea -- With JDK-8248399 fixed, a broken jfr binary is no longer installed on architectures without JFR. -- Resolves: rhbz#1838811 - -* Thu Jul 09 2020 Andrew Hughes - 1:1.8.0.262.b09-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b09. -- Resolves: rhbz#1838811 - -* Wed Jul 08 2020 Andrew Hughes - 1:1.8.0.262.b08-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b08. -- Resolves: rhbz#1838811 - -* Tue Jul 07 2020 Andrew Hughes - 1:1.8.0.262.b07-0.3.ea -- Update to aarch64-shenandoah-jdk8u262-b07-shenandoah-merge-2020-06-18. -- Resolves: rhbz#1838811 - -* Sun Jul 05 2020 Andrew Hughes - 1:1.8.0.262.b07-0.2.ea -- Sync alt-java support with java-11-openjdk version. -- Resolves: rhbz#1838811 - -* Sat Jul 04 2020 Jiri Vanek - 1:1.8.0.262.b07-0.2.ea -- Created copy of java as alt-java and adapted alternatives and man pages -- Resolves: rhbz#1838811 - -* Fri Jul 03 2020 Andrew Hughes - 1:1.8.0.262.b07-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b07. -- Require tzdata 2020a so system tzdata matches resource updates in b07 -- Resolves: rhbz#1838811 - -* Tue Jun 30 2020 Andrew Hughes - 1:1.8.0.262.b06-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b06. -- Resolves: rhbz#1838811 - -* Mon Jun 29 2020 Andrew Hughes - 1:1.8.0.262.b05-0.4.ea -- Update to aarch64-shenandoah-jdk8u262-b05-shenandoah-merge-2020-06-04. -- Resolves: rhbz#1838811 - -* Mon Jun 29 2020 Andrew Hughes - 1:1.8.0.262.b05-0.3.ea -- Add directories to files directive for demo package. -- Resolves: rhbz#1649801 - -* Sun Jun 28 2020 Andrew Hughes - 1:1.8.0.262.b05-0.2.ea -- Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY -- Resolves: rhbz#1582504 - -* Sat Jun 27 2020 Andrew Hughes - 1:1.8.0.262.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b05. -- Resolves: rhbz#1838811 - -* Fri Jun 26 2020 Andrew Hughes - 1:1.8.0.262.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b04. -- Resolves: rhbz#1838811 - -* Wed Jun 24 2020 Andrew Hughes - 1:1.8.0.262.b03-0.2.ea -- Update to aarch64-shenandoah-jdk8u262-b03-shenandoah-merge-2020-05-20. -- Resolves: rhbz#1838811 - -* Tue Jun 23 2020 Andrew Hughes - 1:1.8.0.262.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b03. -- Resolves: rhbz#1838811 - -* Mon Jun 22 2020 Andrew Hughes - 1:1.8.0.262.b02-0.2.ea -- Introduce jfr_arches for architectures which support JFR. -- Fix path to jfr.jar. -- Use sa_arches for libsaproc.so inclusion. -- Resolves: rhbz#1838811 - -* Mon Jun 22 2020 Andrew Hughes - 1:1.8.0.262.b02-0.2.ea -- Explicitly list jfr.jar, default.jfc & profile.jfc in the spec file. -- Resolves: rhbz#1838811 - -* Sun Jun 21 2020 Andrew Hughes - 1:1.8.0.262.b02-0.2.ea -- Enable JFR in our builds, ahead of upstream default. -- Only enable JFR for JIT builds, as it is not supported with Zero. -- Turn off JFR on x86 for now due to assert(SerializePageShiftCount == count) crash. -- Resolves: rhbz#1838811 - -* Sun Jun 21 2020 Andrew Hughes - 1:1.8.0.262.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b02. -- Resolves: rhbz#1838811 - -* Sat Jun 20 2020 Andrew Hughes - 1:1.8.0.262.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u262-b01. -- Switch to EA mode. -- Adjust JDK-8143245/PR3548 patch following context changes due to JDK-8203287 for JFR -- Adjust RH1648644 following context changes due to introduction of JFR packages -- Add jfr binary to devel package and alternatives set -- Resolves: rhbz#1838811 - -* Tue Jun 02 2020 Andrew John Hughes - 1:1.8.0.252.b09-7 -- Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable). -- Resolves: rhbz#1655466 - -* Mon Jun 01 2020 Andrew John Hughes - 1:1.8.0.252.b09-6 -- Use appropriate keystore types when in FIPS mode. -- Resolves: rhbz#1760838 - -* Fri May 22 2020 Andrew John Hughes - 1:1.8.0.252.b09-5 -- Add support for fastdebug builds on x86_64 only. -- Drop redundant slowdebug/debug sed invocation on the docs zip filename as it is only now built for non-debug. -- Resolves: rhbz#1836067 - -* Wed Apr 22 2020 Andrew John Hughes - 1:1.8.0.252.b09-4 -- Bump release number for RHEL 8.3.0. -- Resolves: rhbz#1810557 - -* Sun Apr 19 2020 Andrew Hughes - 1:1.8.0.252.b09-3 -- Add release notes. -- Resolves: rhbz#1810557 - -* Sun Apr 19 2020 Andrew Hughes - 1:1.8.0.252.b09-2 -- Make use of --with-extra-asflags introduced in jdk8u252-b01. -- Resolves: rhbz#1810557 - -* Mon Apr 06 2020 Andrew Hughes - 1:1.8.0.252.b09-1 -- Update to aarch64-shenandoah-jdk8u252-b09. -- Switch to GA mode for final release. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b08-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b08. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b07-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b07. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b06-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b06. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b05. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b04. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b03. -- Adjust PR2974/RH1337583 & PR3083/RH1346460 following context changes in JDK-8230978 -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b02. -- Resolves: rhbz#1810557 - -* Wed Apr 01 2020 Andrew Hughes - 1:1.8.0.252.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u252-b01. -- Switch to EA mode. -- Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change -- Resolves: rhbz#1810557 - -* Fri Mar 27 2020 Andrew John Hughes - 1:1.8.0.242.b08-4 -- Need to support noarch for creating source RPMs for non-scratch builds. -- Resolves: rhbz#1737112 - -* Tue Mar 24 2020 Andrew John Hughes - 1:1.8.0.242.b08-4 -- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64) -- Resolves: rhbz#1737112 - -* Mon Feb 24 2020 Andrew John Hughes - 1:1.8.0.242.b08-3 -- Add JDK-8165996/PR3506 & JDK-8195607/PR3776 to support NSS SQLite databases. -- Resolves: rhbz#1760437 - -* Sun Feb 23 2020 Andrew John Hughes - 1:1.8.0.242.b08-2 -- Sync SystemTap & desktop files with upstream IcedTea release 3.15.0, removing previous workarounds -- Resolves: rhbz#1737112 - -* Sun Feb 23 2020 Andrew John Hughes - 1:1.8.0.242.b08-2 -- Sync SystemTap & desktop files with upstream IcedTea release 3.11.0 using new script -- Resolves: rhbz#1737112 - -* Wed Jan 15 2020 Andrew Hughes - 1:1.8.0.242.b08-1 -- Update to aarch64-shenandoah-jdk8u242-b08. -- Remove local copies of JDK-8031111 & JDK-8132111 as replaced by upstream versions. -- Resolves: rhbz#1785753 - -* Wed Jan 15 2020 Andrew John Hughes - 1:1.8.0.242.b07-2 -- Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. -- Resolves: rhbz#1785753 - -* Mon Jan 13 2020 Andrew Hughes - 1:1.8.0.242.b07-1 -- Update to aarch64-shenandoah-jdk8u242-b07. -- Switch to GA mode for final release. -- Remove Shenandoah S390 patch which is now included upstream as JDK-8236829. -- Resolves: rhbz#1785753 - -* Sun Jan 05 2020 Andrew Hughes - 1:1.8.0.242.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u242-b05. -- Attempt to fix Shenandoah formatting failures on S390, introduced by JDK-8232102. -- Revise b05 snapshot to include JDK-8236178. -- Add additional Shenandoah formatting fixes revealed by successful -Wno-error=format run -- Resolves: rhbz#1785753 - -* Sat Jan 04 2020 Andrew Hughes - 1:1.8.0.242.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u242-b01. -- Switch to EA mode. -- Resolves: rhbz#1785753 - -* Sat Jan 04 2020 Andrew Hughes - 1:1.8.0.232.b09-6 -- Update generate_source_tarball.sh script to use the PR3756 patch and retain the secp256k1 curve. -- Regenerate source tarball using the updated script and add the -'4curve' suffix. -- Resolves: rhbz#1746879 - -* Thu Jan 02 2020 Andrew Hughes - 1:1.8.0.232.b09-5 -- Revert SSBD removal for now, until appropriate messaging has been decided. -- Resolves: rhbz#1750419 - -* Tue Dec 24 2019 Andrew John Hughes - 1:1.8.0.232.b09-4 -- Remove CVE-2018-3639 mitigation due to performance regression and - OpenJDK position on speculative execution vulnerabilities. - https://mail.openjdk.java.net/pipermail/vuln-announce/2019-July/000002.html -- Resolves: rhbz#1750419 - -* Thu Nov 14 2019 Andrew John Hughes - 1:1.8.0.232.b09-3 -- Bump release number for RHEL 8.2.0. -- Resolves: rhbz#1753423 - -* Fri Oct 25 2019 Andrew John Hughes - 1:1.8.0.232.b09-2 -- Disable FIPS mode support unless com.redhat.fips is set to "true". -- Resolves: rhbz#1655466 - -* Fri Oct 11 2019 Andrew Hughes - 1:1.8.0.232.b09-1 -- Update to aarch64-shenandoah-jdk8u232-b09. -- Switch to GA mode for final release. -- Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. -- Resolves: rhbz#1753423 - -* Fri Oct 11 2019 Andrew Hughes - 1:1.8.0.232.b08-0.1.ea -- Update to aarch64-shenandoah-jdk8u232-b08. -- Resolves: rhbz#1753423 - -* Fri Oct 11 2019 Andrew Hughes - 1:1.8.0.232.b05-0.2.ea -- Update to aarch64-shenandoah-jdk8u232-b05-shenandoah-merge-2019-09-09. -- Resolves: rhbz#1753423 - -* Thu Oct 10 2019 Andrew Hughes - 1:1.8.0.232.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u232-b05. -- Drop upstreamed patch JDK-8141570/PR3548. -- Adjust context of JDK-8143245/PR3548 to apply against upstream JDK-8141570. -- Resolves: rhbz#1753423 - -* Mon Oct 07 2019 Andrew Hughes - 1:1.8.0.232.b01-0.1.ea -- Update to aarch64-shenandoah-jdk8u232-b01. -- Switch to EA mode. -- Drop JDK-8210761/RH1632174 as now upstream. -- Drop JDK-8223219 as now upstream. -- JDK-8226870 removed clhsdb and hdsdb from the JRE bin directory, so we should do likewise. -- Add alternatives support for these two new SDK binaries. -- Resolves: rhbz#1753423 - -* Fri Sep 27 2019 Andrew Hughes - 1:1.8.0.222.b10-3 -- SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file. -- Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg. -- Resolves: rhbz#1750752 - -* Wed Aug 21 2019 Andrew Hughes - 1:1.8.0.222.b10-2 -- nss.fips.cfg needs to be moved to %%{etcjavadir} and symlinked into the JDK, like nss.cfg -- Resolves: rhbz#1655466 - -* Thu Aug 15 2019 Andrew Hughes - 1:1.8.0.222.b10-2 -- Backport FIPS mode patch to java-1.8.0-openjdk, simplifying provider removal. -- Resolves: rhbz#1655466 - -* Thu Aug 15 2019 Martin Balao - 1:1.8.0.222.b10-2 -- Support the FIPS mode crypto policy on RHEL 8. -- Resolves: rhbz#1655466 - -* Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-1 -- Update to aarch64-shenandoah-jdk8u222-b10. -- Resolves: rhbz#1724452 - -* Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-2 -- Drop NSS runtime dependencies and patches to link against it. -- Resolves: rhbz#1678557 - -* Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-1 -- Update to aarch64-shenandoah-jdk8u222-b09. -- Switch to GA mode for final release. -- Resolves: rhbz#1724452 - -* Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b08. -- Adjust PR3083/RH134640 to apply after JDK-8182999 -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b06. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b05. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b04. -- Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b03. -- Drop 8210425 patches applied upstream. Still need to add AArch64 version in aarch64/shenandoah-jdk8u. -- Re-generate JDK-8141570 & JDK-8143245 patches due to 8210425 zeroshark.make changes. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b02-0.1.ea -- Update to aarch64-shenandoah-jdk8u222-b02. -- Drop 8064786/PR3599 & 8210416/RH1632174 as applied upstream (8064786 silently in 8176100). -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b01-2 -- Switch to EA mode -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- fontconfig build requirement should be fontconfig-devel, previously masked by Gtk2+ dependency -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Allow Recommends and Suggests on Fedora platforms too. -- Resolves: rhbz#1724452 - -* Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Add missing build requirements for libXext-devel and libXrender-devel, previously masked by Gtk2+ dependency. -- Resolves: rhbz#1724452 - -* Sun Jul 07 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Add new tarball to new format sources file. -- Resolves: rhbz#1724452 - -* Sun Jul 07 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Drop unnecessary build requirement on gtk2-devel, as OpenJDK searches for Gtk+ at runtime. -- Resolves: rhbz#1724452 - -* Sun Jul 07 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Make use of Recommends and Suggests dependent on RHEL 8+ environment. -- Resolves: rhbz#1724452 - -* Sun Jul 07 2019 Andrew Hughes - 1:1.8.0.222.b01-1 -- Update to aarch64-shenandoah-jdk8u222-b01. -- Refactor PR2888 after inclusion of 8129988 upstream. Now includes PR3575. -- Drop 8171000 & 8197546 as applied upstream. -- Resolves: rhbz#1724452 - -* Wed Jul 03 2019 Andrew Hughes - 1:1.8.0.212.b04-5 -- Obsolete javadoc-debug and javadoc-debug-zip packages via javadoc and javadoc-zip respectively. -- Resolves: rhbz#1724452 - -* Wed Jul 03 2019 Severin Gehwolf - 1:1.8.0.212.b04-5 -- Include 'ea' designator in Release when appropriate. -- Resolves: rhbz#1724452 - -* Wed Jul 03 2019 Severin Gehwolf - 1:1.8.0.212.b04-5 -- Don't produce javadoc/javadoc-zip sub packages for the debug variant build. -- Don't perform a bootcycle build for the debug variant build. -- Resolves: rhbz#1724452 - -* Wed Jul 03 2019 Andrew Hughes - 1:1.8.0.212.b04-5 -- Handle milestone as variables so we can alter it easily and set the docs zip filename appropriately. -- Drop unused use_shenandoah_hotspot variable. -- Resolves: rhbz#1724452 - -* Fri Jun 14 2019 Andrew Hughes - 1:1.8.0.212.b04-4 -- Update to aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30. -- Update version logic to handle -shenandoah* tag suffix. -- Drop PR3634 as applied upstream. -- Adjust 8214206 fix for S390 as BinaryMagnitudeSeq moved to shenandoahNumberSeq.cpp -- Update 8214206 to use log2_long rather than casting to intptr_t, which may be smaller than size_t. -- Resolves: rhbz#1688365 -- Resolves: rhbz#1688382 - -* Thu May 02 2019 Andrew Hughes - 1:1.8.0.212.b04-3 -- Remove additions to EXTRA_CFLAGS and EXTRA_CPP_FLAGS which are now made by upstream. -- Resolves: rhbz#1693468 - -* Thu May 02 2019 Andrew Hughes - 1:1.8.0.212.b04-2 -- Add JDK-8223219 to avoid -fstack-protector overriding -fstack-protector-strong -- Resolves: rhbz#1693468 - -* Thu Apr 11 2019 Andrew Hughes - 1:1.8.0.212.b04-1 -- Update to aarch64-shenandoah-jdk8u212-b04. -- Resolves: rhbz#1693468 - -* Thu Apr 11 2019 Andrew Hughes - 1:1.8.0.212.b03-1 -- Update to aarch64-shenandoah-jdk8u212-b03. -- Resolves: rhbz#1693468 - -* Thu Apr 11 2019 Andrew Hughes - 1:1.8.0.212.b02-1 -- Add new clhsdb and hsdb binaries. -- Resolves: rhbz#1693468 - -* Tue Apr 09 2019 Andrew Hughes - 1:1.8.0.212.b02-1 -- Update to aarch64-shenandoah-jdk8u212-b02. -- Remove patches included upstream - - JDK-8197429/PR3546/RH153662{2,3} - - JDK-8184309/PR3596 - - JDK-8210647/RH1632174 - - JDK-8029661/PR3642/RH1477159 - - JDK-8145096/PR3693 -- Re-generate patches - - JDK-8203030 -- Add casts to resolve s390 ambiguity in calls to log2_intptr -- Resolves: rhbz#1693468 - -* Sun Apr 07 2019 Andrew Hughes - 1:1.8.0.202.b08-1 -- Update to aarch64-shenandoah-jdk8u202-b08. -- Remove patches included upstream - - JDK-8211387/PR3559 - - JDK-8207057/PR3613 - - JDK-8165852/PR3468 - - JDK-8073139/PR1758/RH1191652 - - JDK-8044235 - - JDK-8172850/RH1640127 - - JDK-8209639/RH1640127 - - JDK-8131048/PR3574/RH1498936 - - JDK-8164920/PR3574/RH1498936 -- Re-generate patches - - JDK-8210647/RH1632174 -- Resolves: rhbz#1693468 - -* Thu Apr 04 2019 Andrew Hughes - 1:1.8.0.201.b13-1 -- Update to aarch64-shenandoah-jdk8u201-b13. -- Drop JDK-8160748 & JDK-8189170 AArch64 patches now applied upstream. -- Resolves: rhbz#1693468 - -* Tue Apr 02 2019 Severin Gehwolf - 1:1.8.0.201.b09-5 -- Update patch for RH1566890. - - Renamed rh1566890_speculative_store_bypass_so_added_more_per_task_speculation_control_CVE_2018_3639 to - rh1566890-CVE_2018_3639-speculative_store_bypass.patch - - Added dependent patch, - rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch -- Resolves: rhbz#1693468 - -* Tue Mar 26 2019 Jiri Vanek - 1:1.8.0.201.b09-4 -- added gating - -* Mon Feb 11 2019 Jiri Vanek - 1:1.8.0.201.b09-3 -- removed config declaration from links to config files -- Resolves: rhbz#1661577 - -* Thu Feb 07 2019 Andrew Hughes - 1:1.8.0.201.b09-2 -- Fix invalid dates earlier in the ChangeLog. -- Resolves: rhbz#1661577 - -* Thu Feb 07 2019 Andrew Hughes - 1:1.8.0.201.b09-2 -- Add PR3655 to allow the system crypto policy to be turned off. -- Resolves: rhbz#1661577 - -* Wed Feb 06 2019 Andrew John Hughes - 1:1.8.0.201.b09-1 -- Add backport of JDK-8145096 (PR3693) to fix undefined behaviour issues on newer GCCs -- Resolves: rhbz#1661577 - -* Tue Feb 05 2019 Andrew Hughes - 1:1.8.0.201.b09-0 -- Update to aarch64-shenandoah-jdk8u201-b09. -- Resolves: rhbz#1661577 - -* Wed Jan 30 2019 Andrew Hughes - 1:1.8.0.192.b12-0 -- Update to aarch64-shenandoah-jdk8u192-b12. -- Remove patches included upstream - - JDK-8031668/PR2842 - - JDK-8148351/PR2842 - - JDK-6260348/PR3066 - - JDK-8061305/PR3335/RH1423421 - - JDK-8188030/PR3459/RH1484079 - - JDK-8205104/PR3539/RH1548475 - - JDK-8185723/PR3553 - - JDK-8186461/PR3557 - - JDK-8201509/PR3579 - - JDK-8075942/PR3602 - - JDK-8203182/PR3603 - - JDK-8206406/PR3610/RH1597825 - - JDK-8206425 - - JDK-8036003 - - JDK-8201495/PR2415 - - JDK-8150954/PR2866/RH1176206 -- Re-generate patches (mostly due to upstream build changes) - - JDK-8073139/PR1758/RH1191652 - - JDK-8143245/PR3548 (due to JDK-8202600) - - JDK-8197429/PR3546/RH1536622 (due to JDK-8189170) - - JDK-8199936/PR3533 - - JDK-8199936/PR3591 - - JDK-8207057/PR3613 - - JDK-8210761/RH1632174 (due to JDK-8207402) - - PR3559 (due to JDK-8185723/JDK-8186461/JDK-8201509) - - PR3593 (due to JDK-8081202) - - RH1566890/CVE-2018-3639 (due to JDK-8189170) - - RH1649664 (due to JDK-8196516) -- Add 8160748 for AArch64 which is missing from upstream 8u version. -- Add port of 8189170 to AArch64 which is missing from upstream 8u version. -- Resolves: rhbz#1661577 - -* Mon Jan 28 2019 Andrew Hughes - 1:1.8.0.191.b14-1 -- Add 8131048 & 8164920 (PR3574/RH1498936) to provide a CRC32 intrinsic for PPC64. -- Resolves: rhbz#1661577 - -* Thu Jan 24 2019 Andrew Hughes - 1:1.8.0.191.b14-0 -- Introduce sa_arches for architectures with sa-jdi.jar and include aarch64 -- Resolves: rhbz#1661577 - -* Thu Jan 10 2019 Andrew Hughes - 1:1.8.0.191.b14-0 -- Update to aarch64-shenandoah-jdk8u191-b14. -- Adjust JDK-8073139/PR1758/RH1191652 to apply following 8155627 backport. -- Resolves: rhbz#1661577 - -* Wed Jan 09 2019 Andrew Hughes - 1:1.8.0.191.b13-0 -- Update to aarch64-shenandoah-jdk8u191-b13. -- Update tarball generation script in preparation for PR3667/RH1656676 SunEC changes. -- Use remove-intree-libraries.sh to remove the remaining SunEC code for now. -- Resolves: rhbz#1661577 - -* Sat Dec 22 2018 Andrew John Hughes - 1:1.8.0.191.b12-12 -- Add backport of JDK-8029661 which adds TLSv1.2 support to the PKCS11 provider. -- Resolves: rhbz#1661577 - -* Sat Dec 22 2018 Andrew Hughes - 1:1.8.0.191.b12-11 -- Revise Shenandoah PR3634 patch following upstream discussion. -- Resolves: rhbz#1661577 - -* Wed Dec 19 2018 Severin Gehwolf - 1:1.8.0.191.b12-11 -- Refactor _find_debuginfo_opts -g (global over define) -- Resolves: rhbz#1661577 - -* Wed Nov 07 2018 Jiri Vanek - 1:1.8.0.191.b12-9 -- headfull suggests of cups, replaced by Requires of cups-libs in headless -- Resolves: rhbz#1661577 - -* Wed Nov 07 2018 Andrew Hughes - 1:1.8.0.191.b12-9 -- Note why PR1834/RH1022017 is not suitable to go upstream in its current form. -- Resolves: rhbz#1661577 - -* Mon Nov 05 2018 Andrew Hughes - 1:1.8.0.191.b12-9 -- Document patch sections. -- Resolves: rhbz#1661577 - -* Mon Nov 05 2018 Andrew Hughes - 1:1.8.0.191.b12-9 -- Fix patch organisation in the spec file: -- * Move ECC patches back to upstreamable section -- * Move system cacerts & crypto policy patches to upstreamable section -- * Merge "Local fixes" and "RPM fixes" which amount to the same thing -- * Move system libpng & lcms patches back to 8u upstreamable section -- Resolves: rhbz#1661577 - -* Fri Oct 26 2018 Jiri Vanek - 1:1.8.0.191.b12-8 -- added Patch583 jdk8172850-rh1640127-01-register_allocator_crash.patch -- added Patch584 jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch -- Resolves: rhbz#1661577 - -* Tue Oct 23 2018 Jiri Vanek - 1:1.8.0.191.b12-2 -- cups moved to headful package -- Resolves: rhbz#1633817 - -* Tue Oct 23 2018 Jiri Vanek - 1:1.8.0.191.b12-1 -- updated to aarch64-shenandoah-jdk8u191-b12 -- deleted 8146115-pr3508-rh1463098.patch, pr3619.patch, pr3620.patch - should be upstreamed -- create pr3634-fix_shenandoah_for_size_t_on_s390.patch to fix build failure on s390 -- Resolves: rhbz#1633817 - -* Fri Oct 12 2018 Severin Gehwolf - 1:1.8.0.181.b15-7 -- Add patch jdk8210425-rh1632174-03-compile_with_o2_and_ffp_contract_off_as_for_fdlibm_zero.patch: - - Annother fix for optimization gaps (annocheck issues) - - Zero 8u version fix was missing. Hence, only shows up on Zero arches. -- Resolves: rhbz#1633817 - -* Tue Oct 09 2018 Andrew Hughes - 1:1.8.0.191.b12-0 -- Update to aarch64-shenandoah-jdk8u191-b12. -- Resolves: rhbz#1633817 - -* Mon Oct 08 2018 Severin Gehwolf - 1:1.8.0.181.b15-6 -- Refreshed upstreamed patches (from 8u202): - - jdk8044235-src_zip_should_include_all_sources.patch: src.zip should include all sources. - - jdk8073139-pr2236-rh1191652--use_ppc64le_as_the_arch_directory_on_that_platform_and_report_it_in_os_arch_aarch64_forest.patch, - jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_jdk.patch, - jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_root.patch: PPC64LE JVM reporting issues. -- Moved both patch series to 8u202 sections. -- Resolves: rhbz#1633817 - -* Tue Oct 02 2018 Andrew Hughes - 1:1.8.0.191.b10-0 -- Update to aarch64-shenandoah-jdk8u191-b10. -- Drop 8146115/PR3508/RH1463098 applied upstream. -- Resolves: rhbz#1633817 - -* Mon Oct 01 2018 Andrew Hughes - 1:1.8.0.181.b16-0 -- Add new Shenandoah patch PR3634 as upstream still fails on s390. -- Resolves: rhbz#1633817 - -* Mon Oct 01 2018 Andrew Hughes - 1:1.8.0.181.b16-0 -- Update to aarch64-shenandoah-jdk8u181-b16. -- Drop PR3619 & PR3620 Shenandoah patches which should now be fixed upstream. -- Resolves: rhbz#1633817 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b15-0 -- Move to single OpenJDK tarball build, based on aarch64/shenandoah-jdk8u. -- Update to aarch64-shenandoah-jdk8u181-b15. -- Drop 8165489-pr3589.patch which was only applied to aarch64/jdk8u builds. -- Split ppc64 Shenandoah fix into separate patch file with its own bug ID (PR3620). -- Update pr3539-rh1548475.patch to apply after 8187045. -- Resolves: rhbz#1633817 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Remove unneeded functions from ppc shenandoahBarrierSet. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Add missing shenandoahBarrierSet implementation for ppc64{be,le}. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Fix wrong format specifiers in Shenandoah code. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Avoid changing variable types to fix size_t, at least for now. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- More size_t fixes for Shenandoah. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Add additional s390 size_t case for Shenandoah. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Attempt to fix Shenandoah build issues on s390. -- Resolves: rhbz#1640188 - -* Mon Oct 1 2018 Andrew Hughes - 1:1.8.0.181.b13-10 -- Use the Shenandoah HotSpot on all architectures. -- Resolves: rhbz#1640188 - -* Mon Oct 01 2018 Severin Gehwolf - 1:1.8.0.181.b15-5 -- Add explicit requirement for libXcomposite which is used when performing - screenshots from Java. -- Add explicit BR unzip required for building OpenJDK. -- Resolves: rhbz#1633817 - -* Thu Sep 27 2018 Severin Gehwolf - 1:1.8.0.181.b15-4 -- Add fixes for optimization gaps (annocheck issues): - - 8210761: libjsig is being compiled without optimization - - 8210647: libsaproc is being compiled without optimization - - 8210416: [linux] Poor StrictMath performance due to non-optimized compilation - - 8210425: [x86] sharedRuntimeTrig/sharedRuntimeTrans compiled without optimization - 8u upstream and aarch64/jdk8u upstream versions. -- Resolves: rhbz#1633817 - -* Wed Sep 26 2018 Severin Gehwolf - 1:1.8.0.181.b15-3 -- Renamed more patches for clarity: - include-all-srcs.patch => jdk8044235-src_zip_should_include_all_sources.patch - java-1.8.0-openjdk-rh1191652-hotspot-aarch64.patch => jdk8073139-pr2236-rh1191652--use_ppc64le_as_the_arch_directory_on_that_platform_and_report_it_in_os_arch_aarch64_forest.patch - java-1.8.0-openjdk-rh1191652-jdk.patch => jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_jdk.patch - java-1.8.0-openjdk-rh1191652-root.patch => jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_root.patch -- Resolves: rhbz#1633817 - -* Tue Sep 18 2018 Severin Gehwolf - 1:1.8.0.181.b15-2 -- Update(s) from upstreamed patches: - - 8036003-dont-add-unnecessary-debug-links.patch => - jdk8036003-add_with_native_debug_symbols_configure_flag.patch - - rh1176206-jdk.patch => - jdk8150954-pr2866-rh1176206-screenshot_xcomposite_jdk.patch => - Deleted rh1176206-root.patch as thats no longer needed with - upstream 8150954. - - Refreshed jdk8165852-pr3468-mount_point_not_found_for_a_file_which_is_present_in_overlayfs.patch from upstream. - - Refreshed jdk8201495-zero_reduce_limits_of_max_heap_size_for_boot_JDK_on_s390.patch from upstream. - - 8207057-pr3613-hotspot-assembler-debuginfo.patch => - jdk8207057-pr3613-no_debug_info_for_assembler_files_hotspot.patch and - jdk8207057-pr3613-no_debug_info_for_assembler_files_root.patch. From JDK 8u - review. -- Renamed pr2842-02.patch => jdk8148351-pr2842-02-only_display_resolved_symlink_for_compiler_do_not_change_path.patch. -- Renamed spec-only patch: - pr3183.patch => pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch -- Renamed java-1.8.0-openjdk-size_t.patch => - jdk8201495-zero_reduce_limits_of_max_heap_size_for_boot_JDK_on_s390.patch -- Moved SunEC provider via system NSS to RPM specific patches section. -- Moved upstream 8u patches to appropriate sections (8u192/8u202). -- Removed rh1214835.patch since it's invalid. See: - https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2304#c3 -- Use --with-native-debug-symbols=internal which JDK-8036003 adds. -- Resolves: rhbz#1633817 - -* Tue Sep 11 2018 Jiri Vanek - 1:1.8.0.181.b15-1 -- fixed unexpanded arch in policy tool desktop file -- fixed versions (8->1.8.0) of images used in desktop files -- Resolves: rhbz#1633817 - -* Mon Aug 27 2018 Severin Gehwolf - 1:1.8.0.181.b13-9 -- Adjust system jpeg patch, jdk8043805-allow_using_system_installed_libjpeg.patch, so as to filter - -Wl,--as-needed. Resolves RHBZ#1622186. -- Resolves: rhbz#1633817 - -* Mon Aug 27 2018 Severin Gehwolf - 1:1.8.0.181.b13-8 -- Adjust system NSS patch, pr1983-rh1565658-support_using_the_system_installation_of_nss_with_the_sunec_provider_jdk8.patch, so as to filter - -Wl,--as-needed. Resolves RHBZ#1622186. -- Resolves: rhbz#1633817 - -* Wed Aug 01 2018 Jiri Vanek - 1:1.8.0.181.b13-7 -- build number moved from release to version - -* Mon Jul 23 2018 Andrew John Hughes - 1:1.8.0.181-7.b13 -- Remove duplicate -mstackrealign workaround. - -* Mon Jul 23 2018 Andrew John Hughes - 1:1.8.0.181-6.b13 -- Bump release for previous changeset. - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-6.b13 -- Update to aarch64-jdk8u181-b13 and aarch64-shenandoah-jdk8u181-b13. -- Remove 8187577/PR3578 now applied upstream. - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-5.b04 -- Update bug status and add missing bug IDs - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-5.b04 -- Add "8146115, PR3508, RH1463098: Improve docker container detection and resource configuration usage" - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-4.b04 -- Add "8206406, PR3610, RH1597825: StubCodeDesc constructor publishes partially-constructed objects on StubCodeDesc::_list" - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-4.b04 -- Mark bugs now backported to OpenJDK 8u upstream - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-3.b04 -- Backport "8203182, PR3603: Release session if initialization of SunPKCS11 Signature fails" - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-2.b04 -- Backport "8075942, PR3602: ArrayIndexOutOfBoundsException in sun.java2d.pisces.Dasher.goTo" - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-1.b04 -- Add missing bug identifiers for patches unique to RHEL 8 and move to correct sections. - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-1.b04 -- Mark bugs that have been pushed to 8u upstream and are scheduled for a release. - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-1.b04 -- Update to aarch64-jdk8u181-b04 and aarch64-shenandoah-jdk8u181-b04. - -* Mon Jul 23 2018 Andrew Hughes - 1:1.8.0.181-0.b03 -- Update to aarch64-jdk8u181-b03 and aarch64-shenandoah-jdk8u181-b03. -- Remove AArch64 patch for PR3458/RH1540242 as applied upstream. - -* Sun Jul 22 2018 Andrew Hughes - 1:1.8.0.172-17.b11 -- Fix bad output file name substitution for SystemTap files. - -* Wed Jul 18 2018 Andrew Hughes - 1:1.8.0.172-17.b11 -- Update Shenandoah tarball to fix TCK overflow failure. - -* Tue Jul 17 2018 Jiri Vanek - 11:1.8.0.172-16.b11 -- added Recommends gtk2 for main package -- added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package -- see RHBZ1598152 - -* Fri Jul 13 2018 Fedora Release Engineering - 1:1.8.0.172-15.b11 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Tue Jul 10 2018 Severin Gehwolf - 1:1.8.0.172-14.b11 -- Fix hook to show hs_err*.log files on failures. - -* Mon Jul 02 2018 Severin Gehwolf - 1:1.8.0.172-13.b11 -- Fix requires/provides filters for internal libs. See - RHBZ#1590796 - -* Mon Jun 25 2018 Severin Gehwolf - 1:1.8.0.172-12.b11 -- Add hook to show hs_err*.log files on failures. - -* Wed Jun 20 2018 Severin Gehwolf - 1:1.8.0.172-11.b11 -- Expose release/slowdebug builds being produced via conditionals. - -* Wed Jun 20 2018 Andrew Hughes - 1:1.8.0.172-11.b11 -- Add additional fix (PR3601) to fix -Wreturn-type failures introduced by 8061651 -- Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds. -- Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on AArch64. -- Sync with IcedTea 3.8.0 patches to use -Wreturn-type. -- Add backports of 8141570, 8143245, 8197981 & 8062808. -- Drop pr3458-rh1540242-zero.patch which is covered by 8143245. - -* Wed Jun 20 2018 Jiri Vanek - 11:1.8.0.172-10.b11 -- jsa files changed to 444 to pass rpm verification - -* Mon Jun 18 2018 Severin Gehwolf - 1:1.8.0.172-9.b11 -- Filter private provides/requires: 'lib.so(SUNWprivate_.*' - -* Thu Jun 14 2018 Severin Gehwolf - 1:1.8.0.172-8.b11 -- Add provides/requires for libjvm.so back. See RHBZ#1591215. - -* Wed Jun 13 2018 Severin Gehwolf - 1:1.8.0.172-7.b11 -- Fix reg-ex for filtering private libraries' provides/requires. - -* Wed Jun 13 2018 Andrew Hughes - 1:1.8.0.172-6.b11 -- Remove build flags exemption for aarch64 now the platform is more mature and can bootstrap OpenJDK with these flags. -- Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags. -- Add missing changelog credits - -* Mon Jun 11 2018 Jiri Vanek - 1:1.8.0.172-5.b11 -- Merge changes from RHEL 7 - -* Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11 -- Read jssecacerts file prior to trying either cacerts file (system or local) (PR3575) - -* Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11 -- Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should be PR3546) - -* Thu Jun 07 2018 Andrew Hughes - 1:1.8.0.172-5.b11 -- Update Shenandoah tarball to include 2018-05-15 merge. -- Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be skipped on Shenandoah builds. -- Drop PR3573 patch applied upstream. -- Restrict 8187577 fix to non-Shenandoah builds, as it's included in the new tarball. - -* Thu Jun 07 2018 Andrew Hughes - 1:1.8.0.172-5.b11 -- Sync with IcedTea 3.8.0. -- Label architecture-specific fixes with architecture concerned -- x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround) -- PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build -- 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland mode -- 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds -- 8185723, PR3553: Zero: segfaults on Power PC 32-bit -- 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on linux-powerpcspe -- PR3559: Use ldrexd for atomic reads on ARMv7. -- 8187577, PR3578: JVM crash during gc doing concurrent marking -- 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong -- 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile -- PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code -- 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26 - -* Wed Jun 06 2018 Jiri Vanek - 1:1.8.0.172-1.b11 -- updated to u172-b11 -- removed patches: -- patch207 8200556-pr3566.patch -- patch104 pr3458-rh1540242.patch -- patch209 8035496-hotspot.patch -- patch700 pr3573-fix_TCK_crash_with_shenandoah_in_shenandoahsupport_cpp_in_case_of_dead_brnach_in_is_independent.patch -- fixed issue with atkwrapper wrongly palced broken symlink -- fixed libjvm path for system tap -- returned patch104 pr3458-rh1540242.patch - -* Mon Jun 04 2018 Jiri Vanek - 1:10.0.1.10-7 -- quoted sed expressions, changed possibly confussing # by @ -- added vendor(origin) into icons -- removed last trace of relative symlinks -- added BuildRequires of javapackages-tools to fix build failure after Requires change to javapackages-filesystem - -* Fri Jun 01 2018 Jiri Vanek - 1:1.8.0.171-6.b10 -- aligning with java-openjdk in fedora: -- removed fx binding -- config files to etc -- slowdebug instead simply debug subpackage -- purged provides -- many macros renamed -- typos correction -- bumped jstack (may be wrong) - -* Wed May 09 2018 Severin Gehwolf - 1:1.8.0.171-5.b10 -- Compile i686 JDK with -mstackrealign. - -* Wed Apr 25 2018 Severin Gehwolf - 1:1.8.0.171-4.b10 -- Enable hardened build unconditionally (also for Zero). - Resolves RHBZ#1290936. - -* Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-3.b10 -- Enable hardened build for Aarch64. - -* Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-2.b10 -- Update rhbz1548475-LDFLAGSusage.patch to also set linker - flags for libsaproc.so and libjsig.so. - -* Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.171-1.b10 -- Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10. -- Fix jconsole.desktop.in subcategory, replacing "Monitor" with "Profiling" (PR3550) (gnu_andrew) -- Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add misisng ones (gnu_andrew) - -* Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.162-7.b12 -- added ownership of policy dir and subdirs -- removed ignored attributes for classes.jsa - -* Tue Apr 10 2018 Severin Gehwolf - 1:1.8.0.162-6.b12 -- Use correct patch for RHBZ#1538767 (JDK-8196516) - -* Mon Apr 02 2018 Andrew Hughes - 1:1.8.0.162-5.b12 -- Cleanup from previous commit. -- Remove unused upstream patch 8167200.hotspotAarch64.patch. - -* Thu Mar 29 2018 Jiri Vanek - 1:1.8.0.162-3.b12 -- returned patch562 rhbz_1540242.patch -- added Patch563 rhbz_1536622-JDK8197429-jdk8.patch - -* Mon Mar 26 2018 Jiri Vanek - 1:1.8.0.162-2.b12 -- Added patch 540 rhbz1548475-LDFLAGSusage.patch to honor build flags fully - -* Wed Mar 21 2018 Andrew Hughes - 1:1.8.0.162-1.b12 -- Update to aarch64-jdk8u162-b12 and aarch64-shenandoah-jdk8u162-b12. -- Remove upstreamed patches for 8181055/PR3394/RH1448880, -- 8181419/PR3413/RH1463144, 8145913/PR3466/RH1498309, -- 8168318/PR3466/RH1498320, 8170328/PR3466/RR1498321 and -- 8181810/PR3466/RH1498319. - -* Wed Mar 07 2018 Adam Williamson - 1:1.8.0.161-9.b14 -- Rebuild to fix GCC 8 mis-compilation - See https://da.gd/YJVwk ("GCC 8 ABI change on x86_64") - -* Sun Feb 11 2018 Sandro Mani - 1:1.8.0.161-8.b14 -- Rebuild (giflib) - -* Fri Feb 09 2018 Igor Gnatenko - 1:1.8.0.161-7.b14 -- Escape macros in %%changelog - -* Wed Feb 07 2018 Fedora Release Engineering - 1:1.8.0.161-6.b14 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Wed Jan 31 2018 Severin Gehwolf - 1:1.8.0.161-5.b14 -- Additional fix needed for FTBFS bug on aarch64. - Resolves RHBZ#1540242. - -* Wed Jan 31 2018 Severin Gehwolf - 1:1.8.0.161-4.b14 -- Add fix for FTBFS on aarch64 and armv7hl. - Resolves RHBZ#1540242. - -* Tue Jan 30 2018 Severin Gehwolf - 1:1.8.0.161-3.b14 -- Include Aarch64 build fixes post January 2018 CPU. - -* Mon Jan 29 2018 Severin Gehwolf - 1:1.8.0.161-2.b14 -- Work around ppc64le gdb backtrace problem in %%check. - See RHBZ#1539664 - -* Wed Jan 24 2018 Severin Gehwolf - 1:1.8.0.161-1.b14 -- Fix FTBFS due to link failure in libfontmanager.so -- See RHBZ#1538767 - -* Wed Jan 24 2018 jvanek - 1:1.8.0.161-0.b14 -- updated to u161, rmeoved upstreamed patches -- removed patch555 8164293-pr3412-rh1459641.patch -- removed patch550 8175813-pr3394-rh1448880.patch -- removed patch547 8173941-pr3326.patch -- removed patch532 8162384-pr3122-rh1358661.patch -- removed patch535 8153711-pr3313-rh1284948.patch -- removed patch561 8075484-pr3473-rh1490713.patch -- removed patch554 8175887-pr3415.patch - -* Mon Nov 13 2017 jvanek - 1:1.8.0.151-1.b12 -- added ownership of etc dirs -- sysconfdir/.java/.systemPrefs -- sysconfdir/.java - -* Wed Oct 25 2017 jvanek - 1:1.8.0.151-1.b12 -- updated to aarch64-jdk8u151-b12 (from aarch64-port/jdk8u) -- updated to aarch64-shenandoah-jdk8u151-b12 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-aarch64-jdk8u151-b12.tar.xz as new sources -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u151-b12.tar.xz as new sources for hotspot -- tapset updated to 3.6pre02 -- policies adapted to new limited/unlimited schmea -- above acomapnied by c-j-c 3.3 -- alligned patches and added PPC ones (thanx to gnu_andrew) -- added patch209: 8035496-hotspot.patch -- added patch210: suse_linuxfilestore.patch - -* Wed Oct 04 2017 jvanek - 1:1.8.0.144-7.b01 -- updated to aarch64-shenandoah-jdk8u144-b02-shenandoah-merge-2017-10-02 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u144-b02-shenandoah-merge-2017-10-02.tar.xz as new sources for hotspot - -* Fri Sep 15 2017 Jiri Vanek - 1:1.8.0.144-6.b01 -- added patch540, bug1484079.patch - -* Fri Sep 08 2017 Troy Dawson - 1:1.8.0.144-6.b01 -- Cleanup spec file conditionals - -* Fri Aug 25 2017 Jiri Vanek - 1:1.8.0.144-4.b01 -- added ownership of diretories which were oonly listing files - -* Fri Aug 25 2017 Jiri Vanek - 1:1.8.0.144-3.b01 -- added (experiment) "--" delimiter also to $suffix in expanding macros - -* Wed Aug 23 2017 Jiri Vanek - 1:1.8.0.144-1.b01 -- Update to aarch64-jdk8u144-b01 and aarch64-shenandoah-jdk8u144-b01. -- Exclude 8175887 from Shenandoah builds as it has been included in that repo. -- Added 8164293-pr3412-rh1459641.patch backport from 8u development tree -- get rid of bin/* and lib/*, fixed rhbz1480777 -- adapted to rpm 4.14: all expanding macros changed to define, all %1 and %%1 replaced by %%{?1}, all expandable macros parameter preffixed by -- -- get rid of generated filelists all except javafx and demos - -* Wed Aug 02 2017 Fedora Release Engineering - 1:1.8.0.141-5.b16 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Sun Jul 30 2017 Florian Weimer - 1:1.8.0.141-4.b16 -- Rebuild with binutils fix for ppc64le (#1475636) - -* Wed Jul 26 2017 Jiri Vanek - 1:1.8.0.141-3.b16 -- added patch208, aarch64BuildFailure.patch to fix condition found during jdk9 build - -* Wed Jul 26 2017 Fedora Release Engineering - 1:1.8.0.141-2.b16 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Fri Jul 21 2017 Jiri Vanek - 1:1.8.0.141-1.b16 -- updated to security u141.b16 -- sync patches with rhel7 -- removed no longer defined jvmjardir - -* Sat Jun 17 2017 Jiri Vanek - 1:1.8.0.131-7.b12 -- adapted to no longer noarch openjfx-devel - -* Wed Jun 07 2017 Jiri Vanek - 1:1.8.0.131-6.b12 -- added virtualprovides for javafx - -* Wed Jun 07 2017 Jiri Vanek - 1:1.8.0.131-5.b12 -- fixed target of to fxrt.jar link -- fixedname of libglass - -* Tue Jun 06 2017 Jiri Vanek - 1:1.8.0.131-3.b12 -- source999 moved to source1 -- added two pathces 8181055-pr3394-rh1448880.patch and 8175813/PR3394/RH1448880 -- enabled (commented out) system NSS via patch1000, rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch - -* Tue May 09 2017 Jiri Vanek - 1:1.8.0.131-1.b12 -- added javafx binding subpackages - -* Thu Apr 20 2017 Jiri Vanek - 1:1.8.0.131-1.b12 -- updated to aarch64-jdk8u131-b12 (from aarch64-port/jdk8u) -- updated to aarch64-shenandoah-jdk8u131-b12-shenandoah-merge-2017-04-20 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-aarch64-jdk8u131-b12.tar.xz as new sources -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u131-b12-shenandoah-merge-2017-04-20.tar.xz as new sources for hotspot - -* Sun Mar 19 2017 jvanek - 1:1.8.0.121-12.b14 -- minor tweaks, egrep replaced by grep -E, added provides for some subpackages - -* Mon Mar 13 2017 jvanek - 1:1.8.0.121-11.b14 -- sync from rhel, reordered patches, enabled shenanoah on aarch64 -- Patch OpenJDK to check the system cacerts database directly -- Remove unneeded symlink to the system cacerts database -- Drop outdated openssl dependency from when the RPM built the cacerts database -- udpated to latest stable shenandoah hotspot - -* Mon Mar 13 2017 jvanek - 1:1.8.0.121-10.b14 -- rhbz#1423751 - removed -fno-split-loops worakround as building against newer GCC7 - -* Tue Feb 28 2017 jvanek - 1:1.8.0.121-9.b14 -- updated to latest stable shenandoah hotspot -- updated to properly tagged upstream forest (no update, just rename) -- fixed update package to verify PR2126 patch and work with sha512 - -* Tue Feb 28 2017 jvanek - 1:1.8.0.121-8.b14 -- rebuild because of NSS - -* Tue Feb 21 2017 jvanek - 1:1.8.0.121-7.b14 -- fixed the config(noreplace) issue with various left files lke java.security (rhbz#1183793) -- by calling new c-j-c hooks -- removed self-tail-bitting check check_sum_presented_in_spec -- release 6+7 to verify update path - -* Mon Feb 20 2017 jvanek - 1:1.8.0.121-5.b14 -- patch 536 reordered to 537 -- added patch 536 - Backport "8170888: [linux] Experimental support for cgroup memory limits in container (ie Docker) environments" -- added patch 538 - 1423421: Javadoc crashes when method name ends with "Property" -- rhbz#1423751 - added -fno-split-loops worakround sigsew when building with GCC7 (probably bug in jdk's JIT ) - -* Fri Feb 17 2017 jvanek - 1:1.8.0.121-4.b14 -- added Patch535 and 526 -- tweeked debugsymbols check for sigill - -* Wed Jan 25 2017 jvanek - 1:1.8.0.121-2.b14 -- revertrd patch535, excludeECDHE-1415137.patch and related changes -- issue casued by nss, see rhbz#1415137 c#35 - -* Tue Jan 24 2017 jvanek - 1:1.8.0.121-2.b14 -- added patch535, excludeECDHE-1415137.patch to tmp-worakround crash with nss - -* Tue Jan 24 2017 jvanek - 1:1.8.0.121-1.b14 -- updated to aarch64-jdk8u121-b14 (from openjdk8-forests/latest-aarch64) -- updated to aarch64-shenandoah-jdk8u121-b14 (from openjdk8-forests/latest-shenandoah) of hotspot -- used openjdk8-forests-latest-aarch64-aarch64-jdk8u121-b14.tar.xz as new sources -- used openjdk8-forests-latest-shenandoah-aarch64-shenandoah-jdk8u121-b14.tar.xz as new sources for hotspot -- deleted: 8044762-pr2960.patch 8049226-pr2960.patch 8154210.patch 8158260-pr2991-rh1341258.patch 8159244-pr3074.patch -- adapted java-1.8.0-openjdk-size_t.patch pr1834-rh1022017-reduce_ellipticcurvesextension_to_provide_only_three_nss_supported_nist_curves_23_24_25.patch rh1163501-increase_2048_bit_dh_upper_bound_fedora_infrastructure_in_dhparametergenerator.patch -- updated from internal (rhel) repo OPENJDK_URL_DEFAULT=ssh://t...redhat.com//...ty/ -- with custom PR2126=/.../pr2126.patch (removed newly added brainpool curves) -- withspecial values of PROJECT_NAME="openjdk8-forests", REPO_NAME="latest-aarch64" -- with correct tag VERSION="aarch64-jdk8u121-b14" -- and for shenandoah hotspot used custom repo REPO_NAME=latest-shenandoah -- with correct tag VERSION="aarch64-shenandoah-jdk8u121-b14" -- complete changes to generate_source_tarball.sh update_package.sh NOT commited (willbe regenerated from official repos soon) - -* Mon Jan 09 2017 jvanek - 1:1.8.0.111-2.b16 -- added dont-add-unnecessary-debug-links.patch -- added hotspot-assembler-debuginfo.patch -- returned accidentally removed hotspot-remove-debuglink.patch -- eu-readelfs on libraries improved, added gdb call - -* Wed Oct 19 2016 jvanek - 1:1.8.0.111-1.b16 -- updated to aarch64-jdk8u111-b16 (from aarch64-port/jdk8u) -- updated to aarch64-shenandoah-jdk8u111-b16 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-aarch64-jdk8u111-b16.tar.xz as new sources -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u111-b16.tar.xz as new sources for hotspot -- adapted patches - -* Wed Oct 5 2016 Jiri Vanek - 1:1.8.0.102-3.b14 -- debug subpackages allowed on aarch64 and ppc64le -- fontconfig and nss restricted by isa - -* Wed Aug 31 2016 jvanek - 1:1.8.0.102-2.b14 -- declared check_sum_presented_in_spec and used in prep and check -- it is checking that latest packed java.security is mentioned in listing -- @prefix@ in tapsetfiles substitued by prefix as necessary to work with systemtap3 (rhbz1371005) - -* Thu Aug 25 2016 jvanek - 1:1.8.0.102-1.b14 -- updated to aarch64-jdk8u102-b14 (from aarch64-port/jdk8u) -- updated to aarch64-shenandoah-jdk8u102-b14 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-aarch64-jdk8u102-b14.tar.xz as new sources -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u102-b14.tar.xz as new sources for hotspot -- removed upstreamed patches 519, 520 and 605 -- updated to systemtap 3, removed related patches 300 and 301 -- jjs provides moved to headless - -* Mon Aug 01 2016 Andrew Hughes - 1:1.8.0.101-3.b14 -- Replace patch for S8162384 with upstream version. Document correctly along with SystemTap RH1204159 patch. -- Resolves: rhbz#1358661 -- Replace patch for S8157306 with upstream version, documented & applied on all archs with conditional in patch -- Resolves: rhbz#1360863 - -* Mon Jul 25 2016 jvanek - 1:1.8.0.101-2.b14 -- added patch532 hotspot-1358661.patch - to fix performance of bimorphic inlining may be bypassed by type speculation -- added patch301 bz1204159_java8.patch - to fix systemtap on multiple jdks - -* Mon Jul 25 2016 jvanek - 1:1.8.0.101-1.b14 -- updated to aarch64-jdk8u101-b14 (from aarch64-port/jdk8u) -- updated to aarch64-shenandoah-jdk8u101-b14-shenandoah-merge-2016-07-25 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-aarch64-jdk8u101-b14.tar.xz as new sources -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u101-b14-shenandoah-merge-2016-07-25.tar.xz as new sources for hotspot -- priority lowered for ine zero digit, tip moved to 999 -- added jdk6260348-pr3066-gtk_laf_jtextcomponent_not_respecting_desktop_caret_blink_rate.patch, pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch, 8159244-pr3074.patch, corba_typo_fix.patch -renamed: jdk8-archivedJavadoc.patch -> jdk8154313-generated_javadoc_scattered_all_over_the_place.patch, pr2991-rh1341258.patch -> 8158260-pr2991-rh1341258.patch -- not added 8147771-additional_hunk.patch, already in b14 - -* Tue Jul 12 2016 Jiri Vanek - 1:1.8.0.92-5.b14 -- added Provides: /usr/bin/jjs - -* Tue Jun 21 2016 Jiri Vanek - 1:1.8.0.92-2.b14 -- family restricted by arch - -* Tue Jun 07 2016 Jiri Vanek - 1:1.8.0.92-1.b14 -- updated to u92 -- removed upstreamed patches 8132051-aarch64.patch, 8143855.patch, criticalShenandoahFix.patch, rhbz1206656_fix_current_stack_pointer.patch -- 8132051-zero.patch, remove_aarch64_template_for_gcc6.patch -- jdwpCrash.abrt.patch renamed to 8044762-pr2960.patch -- httpsFix1329342.patch renamed to pr2934-sunec_provider_throwing_keyexception_withine.separator_current_nss_thus_initialise_the_random_number_generator_and_feed_the_seed_to_it.patch -- added known regresisonos fixes for u92 scheduled for next u (519-525) - -* Thu May 19 2016 jvanek - 1:1.8.0.91-7.b14 -- added patch519, jdwpCrash.abrt.patch to fix trasnportation error - -* Fri May 13 2016 jvanek - 1:1.8.0.91-6.b14 -- Enable weak reference discovery in ShenandoahMarkCompact. Otherwise we never process any weak references in full-gc. - -* Tue May 03 2016 jvanek - 1:1.8.0.91-5.b14 -- Restricted to depend on exactly same version of nss as used for build -- Resolves: rhbz#1332456 - -* Tue May 03 2016 jvanek - 1:1.8.0.91-4.b14 -- updated to aarch64-shenandoah-jdk8u71-b15-beta02 (from aarch64-port/jdk8u-shenandoah) of hotspot -- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u71-b15-beta02.tar.xz as new sources for hotspot -- reverted nss version fix - -* Mon Apr 25 2016 Jiri Vanek - 1:1.8.0.91-4.b14 -- Restricted to depend on exactly same version of nss as use dfor build -- Resolves: rhbz#1332456 - -* Mon Apr 25 2016 Jiri Vanek - 1:1.8.0.91-3.b14 -- included shenandoah support in 64b intel - -* Sun Apr 24 2016 Jiri Vanek - 1:1.8.0.91-2.b14 -- added patch518 httpsFix1329342.patch -- test based on SOURCE14 enabled -- Resolves: rhbz#1329342 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Roll back release number as release 1 never succeeded, even with tests disabled. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Add additional fix to Zero patch to properly handle result on 64-bit big-endian -- Revert debugging options (aarch64 back to JIT, product build, no -Wno-error) -- Enable full bootstrap on all architectures to check we are good to go. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Turn tests back on or build will not fail. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Temporarily remove power64 from JIT arches to see if endian issue appears on Zero. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Turn off Java-based checks in a vain attempt to get a complete build. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Turn off -Werror so s390 can build in slowdebug mode. -- Add fix for formatting issue found by previous s390 build. -- Resolves: rhbz#1325423 - -* Tue Apr 12 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Revert settings to production defaults so we can at least get a build. -- Switch to a slowdebug build to try and unearth remaining issue on s390x. -- Resolves: rhbz#1325423 - -* Mon Apr 11 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Disable ECDSA test for now until failure on RHEL 7 is fixed. -- Resolves: rhbz#1325423 - -* Mon Apr 11 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Add 8132051 port to Zero. -- Turn on bootstrap build for all to ensure we are now good to go. -- Resolves: rhbz#1325423 - -* Mon Apr 11 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Add 8132051 port to AArch64. -- Resolves: rhbz#1325423 - -* Mon Apr 11 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Enable a full bootstrap on JIT archs. Full build held back by Zero archs anyway. -- Resolves: rhbz#1325423 - -* Sun Apr 10 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Use basename of test file to avoid misinterpretation of full path as a package -- Resolves: rhbz#1325423 - -* Sun Apr 10 2016 Andrew Hughes - 1:1.8.0.91-1.b14 -- Update to u91b14. -- Resolves: rhbz#1325423 - -* Mon Apr 04 2016 jvanek - 1:1.8.0.77-2.b03 -- added patch400 jdk8-archivedJavadoc.patch -- added javadoc-zip(-debug) subpackage with compressed javadoc - -* Thu Mar 31 2016 Andrew Hughes - 1:1.8.0.77-3.b03 -- Fix typo in test invocation. -- Resolves: rhbz#1245810 - -* Thu Mar 31 2016 Andrew Hughes - 1:1.8.0.77-3.b03 -- Add ECDSA test to ensure ECC is working. -- Resolves: rhbz#1245810 - -* Wed Mar 30 2016 Andrew Hughes - 1:1.8.0.77-2.b03 -- Avoid WithSeed versions of NSS functions as they do not fully process the seed -- List current java.security md5sum so that java.security is replaced and ECC gets enabled. -- Resolves: rhbz#1245810 - -* Wed Mar 23 2016 Andrew Hughes - 1:1.8.0.77-1.b03 -- Update to u77b03. - -* Thu Mar 03 2016 Andrew Hughes - 1:1.8.0.72-13.b16 -- When using a compositing WM, the overlay window should be used, not the root window. - -* Mon Feb 29 2016 Omair Majid - 1:1.8.0.72-12.b15 -- Use a simple backport for PR2462/8074839. -- Don't backport the crc check for pack.gz. It's not tested well upstream. - -* Mon Feb 29 2016 Andrew Hughes - 1:1.8.0.72-5.b16 -- Fix regression introduced on s390 by large code cache change. -- Update to u72b16. -- Drop 8147805 and jvm.cfg fix which are applied upstream. - -* Wed Feb 24 2016 Andrew Hughes - 1:1.8.0.72-11.b15 -- Add patches to allow the SunEC provider to be built with the system NSS install. -- Re-generate source tarball so it includes ecc_impl.h. -- Adjust tarball generation script to allow ecc_impl.h to be included. -- Bring over NSS changes from java-1.7.0-openjdk spec file (NSS_CFLAGS/NSS_LIBS) -- Remove patch which disables the SunEC provider as it is now usable. -- Correct spelling mistakes in tarball generation script. -- Move completely unrelated AArch64 gcc 6 patch into separate file. -- Resolves: rhbz#1019554 (fedora bug) - -* Tue Feb 23 2016 jvanek - 1:1.8.0.72-10.b15 -- returning accidentlay removed hunk from renamed and so wrongly merged remove_aarch64_jvm.cfg_divergence.patch - -* Mon Feb 22 2016 jvanek - 1:1.8.0.72-9.b15 -- sync from rhel - -* Tue Feb 16 2016 Dan Horák - 1:1.8.0.72-8.b15 -- Refresh s390-java-opts patch - -* Tue Feb 16 2016 Severin Gehwolf - 1:1.8.0.72-7.b15 -- Use -fno-lifetime-dse over -fno-guess-branch-probability. - See RHBZ#1306558. - -* Mon Feb 15 2016 Severin Gehwolf - 1:1.8.0.72-6.b15 -- Add aarch64_FTBFS_rhbz_1307224.patch so as to resolve RHBZ#1307224. - -* Fri Feb 12 2016 Severin Gehwolf - 1:1.8.0.72-5.b15 -- Add -fno-delete-null-pointer-checks -fno-guess-branch-probability flags to resolve x86/x86_64 crash. - -* Mon Feb 08 2016 Andrew Hughes - 1:1.8.0.72-5.b15 -- Explicitly set the C++ standard to use, as the default has changed to C++ 2014 in GCC 6. -- Turn off -Werror due to format warnings in HotSpot and -std usage warnings in SCTP. -- Run tests under the check stage and use the debug build first. - -* Fri Feb 05 2016 Andrew Hughes - 1:1.8.0.71-4.b15 -- Backport S8148351: Only display resolved symlink for compiler, do not change path - -* Wed Feb 03 2016 jvanek - 1:1.8.0.72-3.b15 -* touch -t 201401010000 java.security to try to worakround md5sums - -* Wed Jan 27 2016 jvanek - 1:1.8.0.72-1.b15 -- updated to aarch64-jdk8u72-b15 (from aarch64-port/jdk8u) -- used aarch64-port-jdk8u-aarch64-jdk8u72-b15.tar.xz as new sources -- removed already upstreamed patch501 8146566.patch - -* Wed Jan 20 2016 Jiri Vanek - 1:1.8.0.71-1.b15 -- sync with rhel7 -- security update to CPU 19.1.2016 to u71b15 - -* Tue Dec 15 2015 Jiri Vanek - 1:1.8.0.65-14.b17 -- pretrans moved back to lua nd now includes file from copy-jdk-configs instead of call it - -* Tue Dec 15 2015 Severin Gehwolf - 1:1.8.0.65-13.b17 -- Disable hardened build on non-JIT arches. - Workaround for RHBZ#1290936. - -* Thu Dec 10 2015 Andrew Hughes - 1:1.8.0.65-12.b17 --removed patch4 java-1.8.0-openjdk-PStack-808293.patch --removed patch13 libjpeg-turbo-1.4-compat.patch - -* Thu Dec 10 2015 Andrew Hughes - 1:1.8.0.65-11.b17 -- Define our own optimisation flags based on the optflags macro and pass to OpenJDK build cflags/cxxflags. -- Remove -fno-devirtualize as we are now on GCC 5 where the GCC bug it worked around is fixed. -- Pass __global_ldflags to --with-extra-ldflags so Fedora linker flags are used in the build. -- Also Pass ourcppflags to the OpenJDK build cflags as it wrongly uses them for the HotSpot C++ build. -- Add PR2428, PR2462 & S8143855 patches to fix build issues that arise. -- Resolves: rhbz#1283949 -- Resolves: rhbz#1120792 - -* Thu Dec 10 2015 Andrew Hughes - 1:1.8.0.65-10.b17 -- Add patch to honour %%{_smp_ncpus_max} from Tuomo Soini -- Resolves: rhbz#1152896 - -* Wed Dec 09 2015 Jiri Vanek - 1:1.8.0.65-9.b17 -- extracted lua scripts moved from pre where they don't work to pretrans -- requirement on copy-jdk-configs made Week. - -* Tue Dec 08 2015 Jiri Vanek - 1:1.8.0.65-8.b17 -- used extracted lua scripts. -- now depnding on copy-jdk-configs -- config files persisting in pre instead of %%pretrans - -* Tue Dec 08 2015 Jiri Vanek - 1:1.8.0.65-7.b17 -- changed way of generating the sources. As result: -- "updated" to aarch64-jdk8u65-b17 (from aarch64-port/jdk8u60) -- used aarch64-port-jdk8u60-aarch64-jdk8u65-b17.tar.xz as new sources - -* Fri Nov 27 2015 Jiri Vanek - 1:1.8.0.65-5.b17 -- added missing md5sums -- moved to bundeld lcms - -* Wed Nov 25 2015 Jiri Vanek - 1:1.8.0.65-4.b17 -- debug packages priority lowered by 1 - -* Wed Nov 25 2015 Jiri Vanek - 1:1.8.0.65-3.b17 -- depends on chkconfig >1.7 - added --family support - -* Fri Nov 13 2015 Jiri Vanek - 1:1.8.0.65-2.b17 -- added and applied patch605 soundFontPatch.patch as repalcement for removed sound font links -- removed hardcoded soundfont links - -* Thu Nov 12 2015 Jiri Vanek - 1:1.8.0.65-1.b17 -- updated to u65b17 - -* Mon Nov 09 2015 Jiri Vanek - 1:1.8.0.60-17.b28 -- policytool manpage followed the binary from devel to jre - -* Mon Nov 02 2015 Jiri Vanek - 1:1.8.0.60-16.b28 -added and applied patch604: aarch64-ifdefbugfix.patch to fix rhbz1276959 - -* Thu Oct 15 2015 Jiri Vanek - 1:1.8.0.60-15.b28 -- moved to single source integration forest -- removed patch patch9999 enableArm64.patch -- removed patch patch600 %%{name}-rh1191652-hotspot.patch - -* Thu Aug 27 2015 Jiri Vanek - 1:1.8.0.60-14.b24 -- updated aarch64 tarball to contain whole forest of latest jdk8-aarch64-jdk8u60-b24.2.tar.xz -- using this forest instead of only hotspot -- generate_source_tarball.sh - temporarily excluded repos="hotspot" compression of download -- not only openjdk/hotspot is replaced, by wholeopenjdk -- ln -s openjdk jdk8 done after replacing of openjdk -- patches 9999 601 and 602 exclded for aarch64 - -* Wed Aug 26 2015 Jiri Vanek - 1:1.8.0.60-13.b24 -- updated aarch64 hotpost to latest jdk8-aarch64-jdk8u60-b24.2.tar.xz - -* Wed Aug 19 2015 Jiri Vanek - 1:1.8.0.60-12.b24 -- updated to freshly released jdk8u60-jdk8u60-b27 - -* Thu Aug 13 2015 Jiri Vanek - 1:1.8.0.60-11.b24 -- another touching attempt to polycies... - -* Mon Aug 03 2015 Jiri Vanek - 1:1.8.0.60-10.b24 -- arch64 updated to u60-b24 with hope to fix rhbz1249037 - -* Fri Jul 17 2015 Jiri Vanek - 1:1.8.0.60-3.b24 -- added one more md5sum test (thanx to Severin!) - - I guess one more missing -- doubled slash in md5sum test in post - -* Thu Jul 16 2015 Jiri Vanek - 1:1.8.0.60-2.b24 -- updated to security u60-b24 -- moved to openjdk instead of jdk8 topdir in sources -- removed upstreamed patch99 java-1.8.0-openjdk-linux-4.x.patch -- removed upstreamed patch503 pr2444.patch -- removed upstreamed patch505 1208369_memory_leak_gcc5.patch -- removed upstreamed patch506: gif4.1.patch - - note: usptream version is suspicious - GIFLIB_MAJOR >= 5 SplashStreamGifInputFunc, NULL - ELSE SplashStreamGifInputFunc - - but the condition seems to be viceversa - - -* Mon Jun 22 2015 Omair Majid - 1:1.8.0.60-7.b16 -- Require javapackages-tools instead of jpackage-utils. - -* Wed Jun 17 2015 Fedora Release Engineering - 1:1.8.0.60-6.b16 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Tue Jun 09 2015 Dan Horák - 1:1.8.0.60-5.b16 -- allow build on Linux 4.x kernel -- refresh s390 size_t patch - -* Fri Jun 05 2015 Jiri Vanek - 1:1.8.0.60-4.b16 -- added requires lksctp-tools for headless subpackage to make sun.nio.ch.sctp work - -* Mon May 25 2015 Jiri Vanek - 1:1.8.0.60-2.b16 -- Patch503 d318d83c4e74.patch, patch505 1208369_memory_leak_gcc5.patch (and patch506 gif4.1.patch) - moved out of "if with_systemtap" block - -* Mon May 25 2015 Jiri Vanek - 1:1.8.0.60-1.b16 -- updated to u60b16 -- deleted upstreamed patches: - patch501 1182011_JavaPrintApiDoesNotPrintUmlautCharsWithPostscriptOutputCorrectly.patch - patch502 1182694_javaApplicationMenuMisbehave.patch - patch504 1210739_dns_naming_ipv6_addresses.patch - patch402 atomic_linux_zero.inline.hpp.patch - patch401 fix_ZERO_ARCHDEF_ppc.patch - patch400 ppc_stack_overflow_fix.patch - patch204 zero-interpreter-fix.patch -- added Patch506 gif4.1.patch to allow build agaisnt giflib > 4.1 - -* Wed May 13 2015 Jiri Vanek - 1:1.8.0.45-38.b14 -- updated to 8u45-b14 with hope to fix rhbz#1123870 - -* Wed May 13 2015 Jiri Vanek - 1:1.8.0.45-37.b13 -- added runtime requires for tzdata -- Remove reference to tz.properties which is no longer used (by gnu.andrew) - -* Wed Apr 29 2015 Severin Gehwolf - 1:1.8.0.45-36.b13 -- Patch hotspot to not use undefined code rather than passing - -fno-tree-vrp via CFLAGS. - Resolves: RHBZ#1208369 -- Add upstream patch for DNS nameserver issue with IPv6 addresses. - Resolves: RHBZ#1210739 - -* Wed Apr 29 2015 Jiri Vanek - 1:1.8.0.45-35.b13 -- Omit jsa files from power64 file list as well, as they are never generated -- moved to boot build by openjdk8 -- Use the template interpreter on ppc64le - -* Fri Apr 10 2015 Jiri Vanek - 1:1.8.0.45-31.b13 -- repacked sources - -* Tue Apr 07 2015 Jiri Vanek - 1:1.8.0.45-30.b13 -- updated to security u45 -- removed patch6: disable-doclint-by-default.patch -- added patch d318d83c4e74.patch -- added rhbz1206656_fix_current_stack_pointer.patch -- renamed PStack-808293.patch -> java-1.8.0-openjdk-PStack-808293.patch -- renamed remove-intree-libraries.sh -> java-1.8.0-openjdk-remove-intree-libraries.sh -- renamed to preven conflix with jdk7 - -* Fri Apr 03 2015 Omair Majid - 1:1.8.0.40-27.b25 -- Add -fno-tree-vrp to flags to prevent hotspot miscompilation. -- Resolves: RHBZ#1208369 - -* Thu Apr 02 2015 Jiri Vanek - 1:1.8.0.40-27.b25 -- bumped release. Needed rebuild by itself on arm - -* Tue Mar 31 2015 Severin Gehwolf - 1:1.8.0.40-26.b25 -- Make Zero build-able on ARM32. - Resolves: RHBZ#1206656 - -* Fri Mar 27 2015 Dan Horák - 1:1.8.0.40-25.b25 -- refresh s390 patches - -* Fri Mar 27 2015 Jiri Vanek - 1:1.8.0.40-24.b25 -- added patch501 1182011_JavaPrintApiDoesNotPrintUmlautCharsWithPostscriptOutputCorrectly.patch -- added patch502 1182694_javaApplicationMenuMisbehave.patch -- both upstreamed, will be gone with u60 - -* Wed Mar 25 2015 Omair Majid - 1:1.8.0.40-23.b25 -- Disable various EC algorithms in configuration - -* Mon Mar 23 2015 Jiri Vanek - 1:1.8.0.40-22.b25 -- sytemtap made working for dual package - -* Tue Mar 03 2015 Severin Gehwolf - 1:1.8.0.40-21.b25 -- Added compiler no-warn- - -* Fri Feb 20 2015 Omair Majid - 1:1.8.0.40-21.b25 -- Fix zero interpreter build. - -* Thu Feb 12 2015 Omair Majid - 1:1.8.0.40-21.b25 -- Fix building with gcc 5 by ignoring return-local-addr warning -- Include additional debugging info for java class files and test that they are - present - -* Thu Feb 12 2015 Jiri Vanek - 1:1.8.0.40-20.b25 -- bumped to b25 -- removed upstreamed patch11 hotspot-build-j-directive.patch -- policies repacked to stop spamming yum update -- added and used source20 repackReproduciblePolycies.sh -- added mehanism to force priority size - -* Fri Jan 09 2015 Dan Horák - 1:1.8.0.40-19.b12 -- refresh s390 patches - -* Fri Nov 07 2014 Jiri Vanek - 1:1.8.0.40-18.b12 -- updated arm64 tarball to jdk8-jdk8u40-b12-aarch64-1263.tar.xz - -* Fri Nov 07 2014 Jiri Vanek - 1:1.8.0.40-17.b12 -- obsoleted gcj and sindoc. rh1149674 and rh1149675 -- removed backup/restore on images and docs in favor of reconfigure in different directory - -* Mon Nov 03 2014 Jiri Vanek - 1:1.8.0.40-16.b12 -- updated both noral and aarch64 tarballs to u40b12 - -* Mon Nov 03 2014 Jiri Vanek - 1:1.8.0.40-15.b02 -- enabled debug packages -- removed all provides duplicating package name -- comments about files moved inside files section (to prevent different javadoc postuns) - - see (RH1160693) - -* Fri Oct 31 2014 Omair Majid - 1:1.8.0.40-13.b02 -- Build against libjpeg-turbo-1.4 - -* Fri Oct 24 2014 Jiri Vanek - 1:1.8.0.40-13.b02 -- preparing for parallel debug+normal build -- files and scripelts moved to extendable macros as first step to dual build -- install and build may be done in loop for both release and slowdebug -- debugbuild off untill its completed - -* Fri Oct 24 2014 Jiri Vanek - 1:1.8.0.40-12.b02 -- added patch12,removeSunEcProvider-RH1154143 -- xdump excluded from ppc64le (rh1156151) -- Add check for src.zip completeness. See RH1130490 (by sgehwolf@redhat.com) -- Resolves: rhbz#1125260 - -* Thu Sep 25 2014 Jiri Vanek - 1:1.8.0.40-11.b02 -- fixing flags usages (thanx to jerboaa!) - -* Thu Sep 25 2014 Jiri Vanek - 1:1.8.0.20-10.b26 -- sync with rhel7 - -* Wed Sep 17 2014 Omair Majid - 1:1.8.0.20-9.b26 -- Remove LIBDIR and funny definition of _libdir. -- Fix rpmlint warnings about macros in comments. - -* Thu Sep 11 2014 Jiri Vanek - 1:1.8.0.20-8.b26 -- fixed headless to become headless again - - jre/bin/policytool added to not headless exclude list - -* Wed Sep 10 2014 Omair Majid - 1:1.8.0.20-7.b26 -- Update aarch64 hotspot to latest upstream version - -* Fri Sep 05 2014 Omair Majid - 1:1.8.0.40-6.b26 -- Use %%{power64} instead of %%{ppc64}. - -* Thu Sep 04 2014 Jiri Vanek - 1:1.8.0.40-5.b26 -- Update aarch64 hotspot to jdk7u40-b02 to match the rest of the JDK -- commented out patch2 (obsolated by 666) -- all ppc64 added to jitarches - -* Thu Sep 04 2014 Omair Majid - 1:1.8.0.20-4.b26 -- Use the cpp interpreter on ppc64le. - -* Wed Sep 03 2014 Jiri Vanek - 1:1.8.0.20-3.b26 -- fixed RH1136544, orriginal issue, state of pc64le jit remians mistery - -* Wed Aug 27 2014 Jiri Vanek - 1:1.8.0.20-2.b26 -- requirement Requires: javazi-1.8/tzdb.dat changed to tzdata-java >= 2014f-1 -- see RH1130800#c5 - -* Wed Aug 27 2014 Jiri Vanek - 1:1.8.0.40-1.b02 -- adapted aarch64 patch -- removed upstreamed patch 0001-PPC64LE-arch-support-in-openjdk-1.8.patch - -* Wed Aug 27 2014 Jiri Vanek - 1:1.8.0.40-1.b02 -- updated to u40-b02 -- adapted aarch64 patches - -* Wed Aug 27 2014 Jiri Vanek - 1:1.8.0.40-1.b01 -- updated to u40-b01 -- adapted rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch -- adapted jdk8042159-allow_using_system_installed_lcms2.patch -- removed patch8 set-active-window.patch -- removed patch9 javadoc-error-jdk-8029145.patch -- removed patch10 javadoc-error-jdk-8037484.patch -- removed patch99 applet-hole.patch - itw 1.5.1 is able to ive without it - -* Tue Aug 19 2014 Jiri Vanek - 1:1.8.0.11-19.b12 -- fixed desktop icons -- Icon set to java-1.8.0 -- Development removed from policy tool - -* Mon Aug 18 2014 Jiri Vanek - 1:1.8.0.11-18.b12 -- fixed jstack - -* Mon Aug 18 2014 Jiri Vanek - 1:1.8.0.11-17.b12 -- added build requires and requires for headles _datadir/javazi-1.8/tzdb.dat -- restriction of tzdata provider, so we will be aware of another possible failure - -* Sat Aug 16 2014 Fedora Release Engineering -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Thu Aug 14 2014 Jiri Vanek - 1:1.8.0.11-15.b12 -- fixed provides/obsolates - -* Tue Aug 12 2014 Jiri Vanek - 1:1.8.0.11-14.b12 -- forced to build in fully versioned dir - -* Tue Aug 12 2014 Jiri Vanek - 1:1.8.0.11-13.b12 -- fixing tapset to support multipleinstalls -- added more config/norepalce -- policitool moved to jre - -* Tue Aug 12 2014 Jiri Vanek - 1:1.8.0.11-12.b12 -- bumped release to build by previous release. -- forcing rebuild by jdk8 -- uncommenting forgotten comment on tzdb link - -* Tue Aug 12 2014 Jiri Vanek - 1:1.8.0.11-11.b12 -- backporting old fixes: -- get rid of jre-abrt, uniquesuffix, parallel install, jsa files, - config(norepalce) bug, -fstack-protector-strong, OrderWithRequires, - nss config, multilib arches, provides/requires excludes -- some additional cosmetic changes - -* Tue Jul 22 2014 Omair Majid - 1:1.8.0.11-8.b12 -- Modify aarch64-specific jvm.cfg to list server vm first - -* Mon Jul 21 2014 Jiri Vanek - 1:1.8.0.11-7.b12 -- removed legacy aarch64 switches - - --with-jvm-variants=client and --disable-precompiled-headers - -* Tue Jul 15 2014 Jiri Vanek - 1:1.8.0.11-6.b12 -- added patch patch9999 enableArm64.patch to enable new hotspot - -* Tue Jul 15 2014 Jiri Vanek - 1:1.8.0.11-5.b12 -- Attempt to update aarch64 *jdk* to u11b12, by resticting aarch64 sources to hotpot only - -* Tue Jul 15 2014 Jiri Vanek - 1:1.8.0.11-1.b12 -- updated to security u11b12 - -* Tue Jun 24 2014 Omair Majid - 1:1.8.0.5-13.b13 -- Obsolete java-1.7.0-openjdk - -* Wed Jun 18 2014 Omair Majid - 1:1.8.0.5-12.b13 -- Use system tzdata from tzdata-java - -* Thu Jun 12 2014 Omair Majid - 1:1.8.0.5-11.b13 -- Add patch from IcedTea to handle -j and -I correctly - -* Wed Jun 11 2014 Omair Majid - 1:1.8.0.5-11.b13 -- Backport javadoc fixes from upstream -- Related: rhbz#1107273 - -* Sat Jun 07 2014 Fedora Release Engineering - 1:1.8.0.5-10.b13 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Mon Jun 02 2014 Omair Majid - 1:1.8.0.5-9.b13 -- Build with OpenJDK 8 - -* Wed May 28 2014 Omair Majid - 1:1.8.0.5-8.b13 -- Backport fix for JDK-8012224 - -* Wed May 28 2014 Omair Majid - 1:1.8.0.5-7.b13 -- Require fontconfig and minimal fonts (xorg-x11-fonts-Type1) explicitly -- Resolves rhbz#1101394 - -* Fri May 23 2014 Dan Horák - 1:1.8.0.5-6.b13 -- Enable build on s390/s390x - -* Tue May 20 2014 Omair Majid - 1:1.8.0.5-5.b13 -- Only check for debug symbols in libjvm if it exists. - -* Fri May 16 2014 Omair Majid - 1:1.8.0.5-4.b13 -- Include all sources in src.zip - -* Mon Apr 28 2014 Omair Majid - 1:1.8.0.5-4.b13 -- Check for debug symbols in libjvm.so - -* Thu Apr 24 2014 Brent Baude - 1:1.8.0.5-3.b13 -- Add ppc64le support, bz# 1088344 - -* Wed Apr 23 2014 Omair Majid - 1:1.8.0.5-2.b13 -- Build with -fno-devirtualize -- Don't strip debuginfo from files - -* Wed Apr 16 2014 Omair Majid - 1:1.8.0.5-1.b13 -- Instrument build with various sanitizers. - -* Tue Apr 15 2014 Omair Majid - 1:1.8.0.5-1.b13 -- Update to the latest security release: OpenJDK8 u5 b13 - -* Fri Mar 28 2014 Omair Majid - 1:1.8.0.0-2.b132 -- Include version information in desktop files -- Move desktop files from tarball to top level source - -* Tue Mar 25 2014 Omair Majid - 1:1.8.0.0-1.0.b132 -- Switch from java8- style provides to java- style -- Bump priority to reflect java version - -* Fri Mar 21 2014 Omair Majid - 1:1.8.0.0-0.35.b132 -- Disable doclint for compatiblity -- Patch contributed by Andrew John Hughes - -* Tue Mar 11 2014 Omair Majid - 1:1.8.0.0-0.34.b132 -- Include jdeps and jjs for aarch64. These are present in b128. - -* Mon Mar 10 2014 Omair Majid - 1:1.8.0.0-0.33.b132 -- Update aarch64 tarball to the latest upstream release - -* Fri Mar 07 2014 Omair Majid - 1:1.8.0.0-0.32.b132 -- Fix `java -version` output - -* Fri Mar 07 2014 Jiri Vanek - 1:1.8.0.0-0.31.b132 -- updated to rc4 aarch64 tarball -- outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch - patch2021 system-libpng-aarch64.patch - -* Thu Mar 06 2014 Omair Majid - 1:1.8.0.0-0.30.b132 -- Update to b132 - -* Thu Mar 06 2014 Omair Majid - 1:1.8.0.0-0.29.b129 -- Fix typo in STRIP_POLICY - -* Mon Mar 03 2014 Omair Majid - 1:1.8.0.0-0.28.b129 -- Remove redundant debuginfo files -- Generate complete debug information for libjvm - -* Tue Feb 25 2014 Omair Majid - 1:1.8.0.0-0.27.b129 -- Fix non-headless libraries - -* Tue Feb 25 2014 Jiri Vanek - 1:1.8.0.0-0.26.b129 -- Fix incorrect Requires - -* Thu Feb 13 2014 Omair Majid - 1:1.8.0.0-0.26.b129 -- Add -headless subpackage based on java-1.7.0-openjdk -- Add abrt connector support -- Add -accessibility subpackage - -* Thu Feb 13 2014 Omair Majid - 1:1.8.0.0-0.26.b129 -- Update to b129. - -* Fri Feb 07 2014 Omair Majid - 1:1.8.0.0-0.25.b126 -- Update to candidate Reference Implementation release. - -* Fri Jan 31 2014 Omair Majid - 1:1.8.0.0-0.24.b123 -- Forward port more patches from java-1.7.0-openjdk - -* Mon Jan 20 2014 Omair Majid - 1:1.8.0.0-0.23.b123 -- Update to jdk8-b123 - -* Thu Nov 14 2013 Omair Majid - 1:1.8.0.0-0.22.b115 -- Update to jdk8-b115 - -* Wed Oct 30 2013 Jiri Vanek - 1:1.8.0.0-0.21.b106 -- added jre/lib/security/blacklisted.certs for aarch64 -- updated to preview_rc2 aarch64 tarball - -* Sun Oct 06 2013 Omair Majid - 1:1.8.0.0-0.20.b106 -- Fix paths in tapsets to work on non-x86_64 -- Use system libjpeg - -* Thu Sep 05 2013 Omair Majid - 1:1.8.0.0-0.19.b106 -- Fix with_systemtap conditionals - -* Thu Sep 05 2013 Omair Majid - 1:1.8.0.0-0.18.b106 -- Update to jdk8-b106 - -* Tue Aug 13 2013 Deepak Bhole - 1:1.8.0.0-0.17.b89x -- Updated aarch64 to latest head -- Dropped upstreamed patches - -* Wed Aug 07 2013 Omair Majid - 1:1.8.0.0-0.16.b89x -- The zero fix only applies on b89 tarball - -* Tue Aug 06 2013 Omair Majid - 1:1.8.0.0-0.16.b89x -- Add patch to fix zero on 32-bit build - -* Mon Aug 05 2013 Omair Majid - 1:1.8.0.0-0.16.b89x -- Added additional build fixes for aarch64 - -* Sat Aug 03 2013 Fedora Release Engineering - 1:1.8.0.0-0.16.b89x -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Fri Aug 02 2013 Deepak Bhole - 1:1.8.0.0-0.15.b89 -- Added a missing includes patch (#302/%%{name}-arm64-missing-includes.patch) -- Added --disable-precompiled-headers for arm64 build - -* Mon Jul 29 2013 Jiri Vanek - 1:1.8.0.0-0.14.b89 -- added patch 301 - removeMswitchesFromx11.patch - -* Fri Jul 26 2013 Jiri Vanek - 1:1.8.0.0-0.13.b89 -- added new aarch64 tarball - -* Thu Jul 25 2013 Jiri Vanek - 1:1.8.0.0-0.12.b89 -- ifarchaarch64 then --with-jvm-variants=client - -* Tue Jul 23 2013 Jiri Vanek - 1:1.8.0.0-0.11.b89 -- prelink dependence excluded also for aaech64 -- arm64 added to jitarches -- added source100 config.guess to repalce the outdated one in-tree -- added source101 config.sub to repalce the outdated one in-tree -- added patch2011 system-libjpegAARCH64.patch (as aarch64-port is little bit diferent) -- added patch2031 system-lcmsAARCH64.patch (as aarch64-port is little bit diferent) -- added gcc-c++ build depndece so builddep will result to better situation - -* Tue Jul 23 2013 Jiri Vanek - 1:1.8.0.0-0.10.b89 -- moved to latest working osurces - -* Tue Jul 23 2013 Omair Majid - 1:1.8.0.0-0.10.b89 -- Moved to hg clone for generating sources. - -* Sun Jul 21 2013 Jiri Vanek - 1:1.8.0.0-0.9.b89 -- added aarch 64 tarball, proposed usage of clone instead of tarballs - -* Mon Jul 15 2013 Omair Majid - 1:1.8.0.0-0.9.b89 -- Switch to xz for compression -- Fixes RHBZ#979823 - -* Mon Jul 15 2013 Omair Majid - 1:1.8.0.0-0.9.b89 -- Priority should be 0 until openjdk8 is released by upstream -- Fixes RHBZ#964409 - -* Mon Jun 3 2013 Omair Majid - 1:1.8.0.0-0.8.b89 -- Fix incorrect permissions on ct.sym - -* Mon May 20 2013 Omair Majid - 1:1.8.0.0-0.7.b89 -- Fix incorrect permissions on jars - -* Fri May 10 2013 Adam Williamson -- update scriptlets to follow current guidelines for updating icon cache - -* Tue Apr 30 2013 Omair Majid 1:1.8.0.0-0.5.b87 -- Update to b87 -- Remove all rhino support; use nashorn instead -- Remove upstreamed/unapplied patches - -* Tue Apr 23 2013 Karsten Hopp 1:1.8.0.0-0.4.b79 -- update java-1.8.0-openjdk-ppc-zero-hotspot patch -- use power64 macro - -* Thu Mar 28 2013 Omair Majid 1:1.8.0.0-0.3.b79 -- Add build fix for zero -- Drop gstabs fixes; enable full debug info instead - -* Wed Mar 13 2013 Omair Majid 1:1.8.0.0-0.2.b79 -- Fix alternatives priority - -* Tue Mar 12 2013 Omair Majid 1:1.8.0.0-0.1.b79.f19 -- Update to jdk8-b79 -- Initial version for Fedora 19 - -* Tue Sep 04 2012 Andrew John Hughes - 1:1.8.0.0-b53.1 -- Initial build from java-1.7.0-openjdk RPM diff --git a/SPECS/java-1.8.0-openjdk.spec b/SPECS/java-1.8.0-openjdk.spec new file mode 120000 index 0000000..c7b6b76 --- /dev/null +++ b/SPECS/java-1.8.0-openjdk.spec @@ -0,0 +1 @@ +../SOURCES/java-1.8.0-openjdk-portable.specfile \ No newline at end of file