Update to jdk-11.0.11.0+9

Update release notes to 11.0.11.0+9 Switch to GA mode for final release. Require tzdata 2021a to match upstream change JDK-8260356
2021-04-22 02:32:07 +01:00 · 2021-04-22 02:32:07 +01:00 · 16a1b06e71
commit 16a1b06e71
parent c45ae1042c
4 changed files with 27 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -85,3 +85,4 @@
 /jdk-updates-jdk11u-jdk-11.0.11+5-4curve.tar.xz
 /jdk-updates-jdk11u-jdk-11.0.11+6-4curve.tar.xz
 /jdk-updates-jdk11u-jdk-11.0.11+7-4curve.tar.xz
+/jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz
--- a/12
+++ b/12
@ -9,6 +9,13 @@ Live versions of these release notes can be found at:
  * https://bitly.com/openjdk11011
  * https://builds.shipilev.net/backports-monitor/release-notes-11.0.11.txt

+* Security fixes
+  - JDK-8244473: Contextualize registration for JNDI
+  - JDK-8244543: Enhanced handling of abstract classes
+  - JDK-8249906, CVE-2021-2163: Enhance opening JARs
+  - JDK-8250568, CVE-2021-2161: Less ambiguous processing
+  - JDK-8253799: Make lists of normal filenames
+  - JDK-8257001: Improve Http Client Support
 * Other changes
  - JDK-7107012: sun.jvm.hotspot.code.CompressedReadStream readDouble() conversion to long mishandled
  - JDK-7146776: deadlock between URLStreamHandler.getHostAddress and file.Handler.openconnection
@ -174,6 +181,7 @@ Live versions of these release notes can be found at:
  - JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java again reports leaks after JDK-8257884
  - JDK-8257999: Parallel GC crash in gc/parallel/TestDynShrinkHeap.java: new region is not in covered_region
  - JDK-8258077: Using -Xcheck:jni can lead to a double-free after JDK-8193234
+  - JDK-8258247: Couple of issues in fix for JDK-8249906
  - JDK-8258373: Update the text handling in the JPasswordField
  - JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder.rotateDisk()
  - JDK-8258419: RSA cipher buffer cleanup
@ -192,9 +200,11 @@ Live versions of these release notes can be found at:
  - JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert will expire in 90 days
  - JDK-8259319: Illegal package access when SunPKCS11 requires SunJCE's classes
  - JDK-8259339: AllocateUninitializedArray C2 intrinsic fails with void.class input
+  - JDK-8259428: AlgorithmId.getEncodedParams() should return copy
  - JDK-8259446: runtime/jni/checked/TestCheckedReleaseArrayElements.java fails with stderr not empty
  - JDK-8259949: x86 32-bit build fails when -fcf-protection is passed in the compiler flags
  - JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use condition is incorrect
+  - JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE after JDK-8244543
  - JDK-8259706: C2 compilation fails with assert(vtable_index == Method::invalid_vtable_index) failed: correct sentinel value
  - JDK-8259707: LDAP channel binding does not work with StartTLS extension
  - JDK-8259773: Incorrect encoding of AVX-512 kmovq instruction
@ -212,6 +222,7 @@ Live versions of these release notes can be found at:
  - JDK-8260704: ParallelGC: oldgen expansion needs release-store for _end
  - JDK-8261022: Fix incorrect result of Math.abs() with char type
  - JDK-8261089: [TESTBUG] native library of test TestCheckedReleaseCriticalArray.java fails to compile with gcc 4.x
+  - JDK-8261183: Follow on to Make lists of normal filenames
  - JDK-8261209: isStandalone property: remove dependency on pretty-print
  - JDK-8261231: Windows IME was disabled after DnD operation
  - JDK-8261251: Shenandoah: Use object size for full GC humongous compaction
@ -226,6 +237,7 @@ Live versions of these release notes can be found at:
  - JDK-8261912: Code IfNode::fold_compares_helper more defensively
  - JDK-8261920: [AIX] jshell command throws java.io.IOError on non English locales
  - JDK-8262018: Wrong format in SAP copyright header of OsVersionTest
+  - JDK-8263069: Exclude some failing tests from security/infra/java/security/cert/CertPathValidator

 Notes on individual issues:
 ===========================
--- a/java-11-openjdk.spec
+++ b/java-11-openjdk.spec
@ -344,8 +344,8 @@
 %global origin_nice     OpenJDK
 %global top_level_dir_name   %{origin}
 %global top_level_dir_name_backup %{top_level_dir_name}-backup
-%global buildver        7
-%global rpmrelease      1
+%global buildver        9
+%global rpmrelease      0
 #%%global tagsuffix      ""
 # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
 %if %is_system_jdk
@ -374,7 +374,7 @@
 # Release will be (where N is usually a number starting at 1):
 # - 0.N%%{?extraver}%%{?dist} for EA releases,
 # - N%%{?extraver}{?dist} for GA releases
-%global is_ga           0
+%global is_ga           1
 %if %{is_ga}
 %global ea_designator ""
 %global ea_designator_zip ""
@ -1006,8 +1006,8 @@ Requires: ca-certificates
 # Require javapackages-filesystem for ownership of /usr/lib/jvm/ and macros
 Requires: javapackages-filesystem
 # Require zone-info data provided by tzdata-java sub-package
-# 2020f required as of JDK-8259048 in October CPU
-Requires: tzdata-java >= 2020f
+# 2021a required as of JDK-8260356 in April 2021 CPU
+Requires: tzdata-java >= 2021a
 # for support of kernel stream control
 # libsctp.so.1 is being `dlopen`ed on demand
 Requires: lksctp-tools%{?_isa}
@ -1277,8 +1277,8 @@ BuildRequires: java-%{buildjdkver}-openjdk-devel
 %ifnarch %{jit_arches}
 BuildRequires: libffi-devel
 %endif
-# 2020f required as of JDK-8259048 in October CPU
-BuildRequires: tzdata-java >= 2020f
+# 2021a required as of JDK-8260356 in April 2021 CPU
+BuildRequires: tzdata-java >= 2021a
 # Earlier versions have a bug in tree vectorization on PPC
 BuildRequires: gcc >= 4.8.3-8

@ -2286,6 +2286,12 @@ require "copy_jdk_configs.lua"
 %endif

 %changelog
+* Wed Apr 21 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.11.0.9-0
+- Update to jdk-11.0.11.0+9
+- Update release notes to 11.0.11.0+9
+- Switch to GA mode for final release.
+- Require tzdata 2021a to match upstream change JDK-8260356
+
 * Tue Apr 20 2021 Stephan Bergmann <sbergman@redhat.com> - 1:11.0.11.0.7-1.0.ea
 - Disable copy-jdk-configs for Flatpak builds

--- a/2
+++ b/2
@ -1,2 +1,2 @@
 SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30
-SHA512 (jdk-updates-jdk11u-jdk-11.0.11+7-4curve.tar.xz) = 6c50b58392e540e82cf81a7edd592faefccacad38884eeef1dce504df6cae4bf2de25966f73f120711e341c20c9bc6331a3e80081d63dc9645aa815570a286f0
+SHA512 (jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz) = 92aee670c98e14505434e7e7a92bcf0c06a322442aec5b6656df53131b53e85e389123c17926a2cd3f85b0ead7acef87d9abd70a88d7f09d7e8848d01d00f961