import java-11-openjdk-11.0.19.0.7-1.el8_7
This commit is contained in:
parent
cbb22857da
commit
298c232f10
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
||||
SOURCES/openjdk-jdk11u-jdk-11.0.18+10-4curve.tar.xz
|
||||
SOURCES/openjdk-jdk11u-jdk-11.0.19+7-4curve.tar.xz
|
||||
SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
|
||||
|
@ -1,2 +1,2 @@
|
||||
65abc412a085af5ba08c019cf6d0e7e44cfe94eb SOURCES/openjdk-jdk11u-jdk-11.0.18+10-4curve.tar.xz
|
||||
aa30c8827f7ced0a1fa9a9c226884f7c79101e86 SOURCES/openjdk-jdk11u-jdk-11.0.19+7-4curve.tar.xz
|
||||
c8281ee37b77d535c9c1af86609a531958ff7b34 SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
|
||||
|
293
SOURCES/NEWS
293
SOURCES/NEWS
@ -3,6 +3,287 @@ Key:
|
||||
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
|
||||
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
|
||||
|
||||
New in release OpenJDK 11.0.19 (2023-04-18):
|
||||
=============================================
|
||||
Live versions of these release notes can be found at:
|
||||
* https://bit.ly/openjdk11019
|
||||
|
||||
* CVEs
|
||||
- CVE-2023-21930
|
||||
- CVE-2023-21937
|
||||
- CVE-2023-21938
|
||||
- CVE-2023-21939
|
||||
- CVE-2023-21954
|
||||
- CVE-2023-21967
|
||||
- CVE-2023-21968
|
||||
* Security fixes
|
||||
- JDK-8287404: Improve ping times
|
||||
- JDK-8288436: Improve Xalan supports
|
||||
- JDK-8294474: Better AES support
|
||||
- JDK-8295304: Runtime support improvements
|
||||
- JDK-8296676, JDK-8296622: Improve String platform support
|
||||
- JDK-8296684: Improve String platform support
|
||||
- JDK-8296692: Improve String platform support
|
||||
- JDK-8296832: Improve Swing platform support
|
||||
- JDK-8297371: Improve UTF8 representation redux
|
||||
- JDK-8298191: Enhance object reclamation process
|
||||
- JDK-8298310: Enhance TLS session negotiation
|
||||
- JDK-8298667: Improved path handling
|
||||
- JDK-8299129: Enhance NameService lookups
|
||||
* Other changes
|
||||
- JDK-6528710: sRGB-ColorSpace to sRGB-ColorSpace Conversion
|
||||
- JDK-7188098: TEST_BUG: closed/javax/sound/midi/Synthesizer/Receiver/bug6186488.java fails
|
||||
- JDK-8035787: SourcePositions are wrong for Strings concatenated with '+' operator
|
||||
- JDK-8065097: [macosx] javax/swing/Popup/TaskbarPositionTest.java fails because Popup is one pixel off
|
||||
- JDK-8065422: Trailing dot in hostname causes TLS handshake to fail with SNI disabled
|
||||
- JDK-8129315: java/net/Socket/LingerTest.java and java/net/Socket/ShutdownBoth.java timeout intermittently
|
||||
- JDK-8144030: [macosx] test java/awt/Frame/ShapeNotSetSometimes/ShapeNotSetSometimes.java fails (again)
|
||||
- JDK-8170705: sun/net/www/protocol/http/StackTraceTest.java fails intermittently with Invalid Http response
|
||||
- JDK-8171405: java/net/URLConnection/ResendPostBody.java failed with "Error while cleaning up threads after test"
|
||||
- JDK-8179317: [TESTBUG] rewrite runtime shell tests in java
|
||||
- JDK-8190492: Remove SSLv2Hello and SSLv3 from default enabled TLS protocols
|
||||
- JDK-8192931: Regression test java/awt/font/TextLayout/CombiningPerf.java fails
|
||||
- JDK-8195057: java/util/concurrent/CountDownLatch/Basic.java failed w/ Xcomp
|
||||
- JDK-8195716: BootstrapLoggerTest : Executor still alive
|
||||
- JDK-8202621: bad test with broken links needs to be updated
|
||||
- JDK-8207248: Reduce incidence of compiler.warn.source.no.bootclasspath in javac tests
|
||||
- JDK-8208077: File.listRoots performance degradation
|
||||
- JDK-8209023: fix 2 compiler tests to avoid JDK-8208690
|
||||
- JDK-8209115: adjust libsplashscreen linux ppc64le builds for easier libpng update
|
||||
- JDK-8209774: Refactor shell test javax/xml/jaxp/common/8035437/run.sh to java
|
||||
- JDK-8209935: Test to cover CodeSource.getCodeSigners()
|
||||
- JDK-8210373: Deadlock in libj2gss.so when loading "j2gss" and "net" libraries in parallel.
|
||||
- JDK-8212165: JGSS: Fix cut/paste error in NativeUtil.c
|
||||
- JDK-8212216: JGSS: Fix leak in exception cases in getJavaOID()
|
||||
- JDK-8213130: Update ProblemList after verification of jtreg tests in Win 7
|
||||
- JDK-8213265: fix missing newlines at end of files
|
||||
- JDK-8213932: [TESTBUG] assertEquals is invoked with the arguments in the wrong order
|
||||
- JDK-8214445: [test] java/net/URL/HandlerLoop has illegal reflective access
|
||||
- JDK-8215372: test/jdk/java/nio/file/DirectoryStream/Basic.java not correct when using a glob
|
||||
- JDK-8215759: [test] java/math/BigInteger/ModPow.java can throw an ArithmeticException
|
||||
- JDK-8217353: java/util/logging/LogManager/Configuration/updateConfiguration/HandlersOnComplexResetUpdate.java fails with Unexpected reference: java.lang.ref.WeakReference
|
||||
- JDK-8217730: Split up MakeBase.gmk
|
||||
- JDK-8218133: sun/net/www/protocol/http/ProtocolRedirect.java failed with "java.net.ConnectException"
|
||||
- JDK-8218431: Improved platform checking in makefiles
|
||||
- JDK-8218460: Test generation scripts do not invoke stream preprocessor correctly
|
||||
- JDK-8221098: Run java/net/URL/HandlerLoop.java in othervm mode
|
||||
- JDK-8221168: java/util/concurrent/CountDownLatch/Basic.java fails
|
||||
- JDK-8221351: Crash in KlassFactory::check_shared_class_file_load_hook
|
||||
- JDK-8221621: FindTests.gmk cannot handle "=" in TEST.groups comments
|
||||
- JDK-8222430: Add tests for ElementKind predicates
|
||||
- JDK-8223463: Replace wildcard address with loopback or local host in tests - part 2
|
||||
- JDK-8223716: sun/net/www/http/HttpClient/MultiThreadTest.java should be more resilient to unexpected traffic
|
||||
- JDK-8223736: jvmti/scenarios/contention/TC04/tc04t001/TestDescription.java fails due to wrong number of MonitorContendedEntered events
|
||||
- JDK-8224024: java/util/concurrent/BlockingQueue/DrainToFails.java testBounded fails intermittently
|
||||
- JDK-8225648: [TESTBUG] java/lang/annotation/loaderLeak/Main.java fails with -Xcomp
|
||||
- JDK-8226595: jvmti/scenarios/contention/TC04/tc04t001/TestDescription.java still fails due to wrong number of MonitorContendedEntered events
|
||||
- JDK-8226917: jvmti/scenarios/contention/TC04/tc04t001/TestDescription.java fails on jvmti->InterruptThread (JVMTI_ERROR_THREAD_NOT_ALIVE)
|
||||
- JDK-8227422: sun/net/www/protocol/file/DirPermissionDenied.java failed on Windows 2016 because DirPermissionDenied directory has no read permission
|
||||
- JDK-8230374: maxOutputSize, instead of javatest.maxOutputSize, should be used in TEST.properties
|
||||
- JDK-8230731: SA tests fail with "Windbg Error: ReadVirtual failed"
|
||||
- JDK-8231595: [TEST] develop a test case for SuspendThreadList including current thread
|
||||
- JDK-8233462: serviceability/tmtools/jstat tests times out with -Xcomp
|
||||
- JDK-8235448: code cleanup in SSLContextImpl.java
|
||||
- JDK-8238936: The crash in XRobotPeer when the custom GraphicsDevice is used
|
||||
- JDK-8241293: CompressedClassSpaceSizeInJmapHeap.java time out after 8 minutes
|
||||
- JDK-8241806: The sun/awt/shell/FileSystemViewMemoryLeak.java is unstable
|
||||
- JDK-8244592: Start supporting SOURCE_DATE_EPOCH
|
||||
- JDK-8245245: WebSocket can lose the URL encoding of URI query parameters
|
||||
- JDK-8245654: Add Certigna Root CA
|
||||
- JDK-8247741: Test test/hotspot/jtreg/runtime/7162488/TestUnrecognizedVmOption.java fails when -XX:+IgnoreUnrecognizedVMOptions is set
|
||||
- JDK-8248306: gc/stress/gclocker/TestExcessGCLockerCollections.java does not compile
|
||||
- JDK-8249691: jdk/lambda/vm/StrictfpDefault.java file can be removed
|
||||
- JDK-8252401: Introduce Utils.TEST_NATIVE_PATH
|
||||
- JDK-8252532: use Utils.TEST_NATIVE_PATH instead of System.getProperty("test.nativepath")
|
||||
- JDK-8252715: Problem list java/awt/event/KeyEvent/KeyTyped/CtrlASCII.java on Linux
|
||||
- JDK-8254267: javax/xml/crypto/dsig/LogParameters.java failed with "RuntimeException: Unexpected log output:"
|
||||
- JDK-8255710: Opensource unit/regression tests for CMM
|
||||
- JDK-8256110: Create implementation for NSAccessibilityStepper protocol
|
||||
- JDK-8256111: Create implementation for NSAccessibilityStaticText protocol
|
||||
- JDK-8256126: Create implementation for NSAccessibilityImage protocol peer
|
||||
- JDK-8256240: Reproducible builds should turn on the "deterministic" flag for Visual Studio
|
||||
- JDK-8256934: C2: assert(C->live_nodes() <= C->max_node_limit()) failed: Live Node limit exceeded limit
|
||||
- JDK-8257928: Test image build failure with clang-10 due to -Wmisleading-indentation
|
||||
- JDK-8258005: JDK build fails with incorrect fixpath script
|
||||
- JDK-8259265: Refactor UncaughtExceptions shell test as java test.
|
||||
- JDK-8259267: Refactor LoaderLeak shell test as java test.
|
||||
- JDK-8260576: Typo in compiler/runtime/safepoints/TestRegisterRestoring.java
|
||||
- JDK-8261270: MakeMethodNotCompilableTest fails with -XX:TieredStopAtLevel={1,2,3}
|
||||
- JDK-8261279: sun/util/resources/cldr/TimeZoneNamesTest.java timed out
|
||||
- JDK-8261350: Create implementation for NSAccessibilityCheckBox protocol peer
|
||||
- JDK-8261351: Create implementation for NSAccessibilityRadioButton protocol
|
||||
- JDK-8261352: Create implementation for component peer for all the components who should be ignored in a11y interactions
|
||||
- JDK-8262060: compiler/whitebox/BlockingCompilation.java timed out
|
||||
- JDK-8264200: java/nio/channels/DatagramChannel/SRTest.java fails intermittently
|
||||
- JDK-8264299: Create implementation of native accessibility peer for ScrollPane and ScrollBar Java Accessibility roles
|
||||
- JDK-8264512: jdk/test/jdk/java/util/prefs/ExportNode.java relies on default platform encoding
|
||||
- JDK-8266974: duplicate property key in java.sql.rowset resource bundle
|
||||
- JDK-8267038: Update IANA Language Subtag Registry to Version 2022-03-02
|
||||
- JDK-8270609: [TESTBUG] java/awt/print/Dialog/DialogCopies.java does not show instruction
|
||||
- JDK-8271323: [TESTBUG] serviceability/sa/ClhsdbCDSCore.java fails with -XX:TieredStopAtLevel=1
|
||||
- JDK-8271506: Add ResourceHashtable support for deleting selected entries
|
||||
- JDK-8272985: Reference discovery is confused about atomicity and degree of parallelism
|
||||
- JDK-8273497: building.md should link to both md and html
|
||||
- JDK-8273806: compiler/cpuflags/TestSSE4Disabled.java should test for CPU feature explicitly
|
||||
- JDK-8273895: compiler/ciReplay/TestVMNoCompLevel.java fails due to wrong data size with TieredStopAtLevel=2,3
|
||||
- JDK-8274939: Incorrect size of the pixel storage is used by the robot on macOS
|
||||
- JDK-8277346: ProblemList 7 serviceability/sa tests on macosx-x64
|
||||
- JDK-8277351: ProblemList runtime/jni/checked/TestPrimitiveArrayCriticalWithBadParam.java on macosx-x64
|
||||
- JDK-8279614: The left line of the TitledBorder is not painted on 150 scale factor
|
||||
- JDK-8279662: serviceability/sa/ClhsdbScanOops.java can fail due to unexpected GC
|
||||
- JDK-8279941: sun/security/pkcs11/Signature/TestDSAKeyLength.java fails when NSS version detection fails
|
||||
- JDK-8280048: Missing comma in copyright header
|
||||
- JDK-8280391: NMT: Correct NMT tag on CollectedHeap
|
||||
- JDK-8280401: [sspi] gss_accept_sec_context leaves output_token uninitialized
|
||||
- JDK-8280896: java/nio/file/Files/probeContentType/Basic.java fails on Windows 11
|
||||
- JDK-8281262: Windows builds in different directories are not fully reproducible
|
||||
- JDK-8282036: Change java/util/zip/ZipFile/DeleteTempJar.java to stop HttpServer cleanly in case of exceptions
|
||||
- JDK-8282219: jdk/java/lang/ProcessBuilder/Basic.java fails on AIX
|
||||
- JDK-8282398: EndingDotHostname.java test fails because SSL cert expired
|
||||
- JDK-8282511: Use fixed certificate validation date in SSLExampleCert template
|
||||
- JDK-8282958: Rendering Issues with Borders on Windows High-DPI systems
|
||||
- JDK-8283606: Tests may fail with zh locale on MacOS
|
||||
- JDK-8283717: vmTestbase/nsk/jdi/ThreadStartEvent/thread/thread001 failed due to SocketTimeoutException
|
||||
- JDK-8283719: java/util/logging/CheckZombieLockTest.java failing intermittently
|
||||
- JDK-8283870: jdeprscan --help causes an exception when the locale is ja, zh_CN or de
|
||||
- JDK-8284023: java.sun.awt.X11GraphicsDevice.getDoubleBufferVisuals() leaks XdbeScreenVisualInfo
|
||||
- JDK-8284165: Add pid to process reaper thread name
|
||||
- JDK-8285093: Introduce UTIL_ARG_WITH
|
||||
- JDK-8285399: JNI exception pending in awt_GraphicsEnv.c:1432
|
||||
- JDK-8285690: CloneableReference subtest should not throw CloneNotSupportedException
|
||||
- JDK-8285755: JDK-8285093 changed the default for --with-output-sync
|
||||
- JDK-8285835: SIGSEGV in PhaseIdealLoop::build_loop_late_post_work
|
||||
- JDK-8285919: Remove debug printout from JDK-8285093
|
||||
- JDK-8286030: Avoid JVM crash when containers share the same /tmp dir
|
||||
- JDK-8286800: Assert in PhaseIdealLoop::dump_real_LCA is too strong
|
||||
- JDK-8286962: java/net/httpclient/ServerCloseTest.java failed once with ConnectException
|
||||
- JDK-8287011: Improve container information
|
||||
- JDK-8287180: Update IANA Language Subtag Registry to Version 2022-08-08
|
||||
- JDK-8287906: Rewrite of GitHub Actions (GHA) sanity tests
|
||||
- JDK-8288332: Tier1 validate-source fails after 8279614
|
||||
- JDK-8288499: Restore cancel-in-progress in GHA
|
||||
- JDK-8289562: Change bugs.java.com and bugreport.java.com URL's to https
|
||||
- JDK-8289695: [TESTBUG] TestMemoryAwareness.java fails on cgroups v2 and crun
|
||||
- JDK-8290197: test/jdk/java/nio/file/Files/probeContentType/Basic.java fails on some systems for the ".rar" extension
|
||||
- JDK-8290899: java/lang/String/StringRepeat.java test requests too much heap on windows x86
|
||||
- JDK-8290920: sspi_bridge.dll not built if BUILD_CRYPTO is false
|
||||
- JDK-8290964: C2 compilation fails with assert "non-reduction loop contains reduction nodes"
|
||||
- JDK-8292863: assert(_print_inlining_stream->size() > 0) failed: missing inlining msg
|
||||
- JDK-8292877: java/util/concurrent/atomic/Serial.java uses {Double,Long}Accumulator incorrectly
|
||||
- JDK-8293550: Optionally add get-task-allow entitlement to macos binaries
|
||||
- JDK-8293767: AWT test TestSinhalaChar.java has old SCCS markings
|
||||
- JDK-8293996: C2: fix and simplify IdealLoopTree::do_remove_empty_loop
|
||||
- JDK-8294378: URLPermission constructor exception when using tr locale
|
||||
- JDK-8294580: frame::interpreter_frame_print_on() crashes if free BasicObjectLock exists in frame
|
||||
- JDK-8294705: Disable an assertion in test/jdk/java/util/DoubleStreamSums/CompensatedSums.java
|
||||
- JDK-8294947: Use 64bit atomics in patch_verified_entry on x86_64
|
||||
- JDK-8295116: C2: assert(dead->outcnt() == 0 && !dead->is_top()) failed: node must be dead
|
||||
- JDK-8295211: Fix autoconf 2.71 warning "AC_CHECK_HEADERS: you should use literals"
|
||||
- JDK-8295405: Add cause in a couple of IllegalArgumentException and InvalidParameterException shown by sun/security/pkcs11 tests
|
||||
- JDK-8295412: support latest VS2022 MSC_VER in abstract_vm_version.cpp
|
||||
- JDK-8295530: Update Zlib Data Compression Library to Version 1.2.13
|
||||
- JDK-8295685: Update Libpng to 1.6.38
|
||||
- JDK-8295774: Write a test to verify List sends ItemEvent/ActionEvent
|
||||
- JDK-8295777: java/net/httpclient/ConnectExceptionTest.java should not rely on system resolver
|
||||
- JDK-8295788: C2 compilation hits "assert((mode == ControlAroundStripMined && use == sfpt) || !use->is_reachable_from_root()) failed: missed a node"
|
||||
- JDK-8296239: ISO 4217 Amendment 174 Update
|
||||
- JDK-8296611: Problemlist several sun/security tests until JDK-8295343 is resolved
|
||||
- JDK-8296619: Upgrade jQuery to 3.6.1
|
||||
- JDK-8296675: Exclude linux-aarch64 in NSS tests
|
||||
- JDK-8296878: Document Filter attached to JPasswordField and setText("") is not cleared instead inserted characters replaced with unicode null characters
|
||||
- JDK-8296904: Improve handling of macos xcode toolchain
|
||||
- JDK-8296912: C2: CreateExNode::Identity fails with assert(i < _max) failed: oob: i=1, _max=1
|
||||
- JDK-8296924: C2: assert(is_valid_AArch64_address(dest.target())) failed: bad address
|
||||
- JDK-8297088: Update LCMS to 2.14
|
||||
- JDK-8297257: Bump update version for OpenJDK: jdk-11.0.19
|
||||
- JDK-8297264: C2: Cast node is not processed again in CCP and keeps a wrong too narrow type which is later replaced by top
|
||||
- JDK-8297480: GetPrimitiveArrayCritical in imageioJPEG misses result - NULL check
|
||||
- JDK-8297489: Modify TextAreaTextEventTest.java as to verify the content change of TextComponent sends TextEvent
|
||||
- JDK-8297569: URLPermission constructor throws IllegalArgumentException: Invalid characters in hostname after JDK-8294378
|
||||
- JDK-8297951: C2: Create skeleton predicates for all If nodes in loop predication
|
||||
- JDK-8297963: Partially fix string expansion issues in UTIL_DEFUN_NAMED and related macros
|
||||
- JDK-8298027: Remove SCCS id's from awt jtreg tests
|
||||
- JDK-8298073: gc/metaspace/CompressedClassSpaceSizeInJmapHeap.java causes test task timeout on macosx
|
||||
- JDK-8298093: improve cleanup and error handling of awt_parseColorModel in awt_parseImage.c
|
||||
- JDK-8298108: Add a regression test for JDK-8297684
|
||||
- JDK-8298129: Let checkpoint event sizes grow beyond u4 limit
|
||||
- JDK-8298271: java/security/SignedJar/spi-calendar-provider/TestSPISigned.java failing on Windows
|
||||
- JDK-8298459: Fix msys2 linking and handling out of tree build directory for source zip creation
|
||||
- JDK-8298527: Cygwin's uname -m returns different string than before
|
||||
- JDK-8298588: WebSockets: HandshakeUrlEncodingTest unnecessarily depends on a response body
|
||||
- JDK-8299194: CustomTzIDCheckDST.java may fail at future date
|
||||
- JDK-8299296: Write a test to verify the components selection sends ItemEvent
|
||||
- JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR
|
||||
- JDK-8299445: EndingDotHostname.java fails because of compilation errors
|
||||
- JDK-8299483: ProblemList java/text/Format/NumberFormat/CurrencyFormat.java
|
||||
- JDK-8299520: TestPrintXML.java output error messages in case compare fails
|
||||
- JDK-8299596: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.19
|
||||
- JDK-8299616: [11u] Bootcycle build fails after JDK-8257679 backport
|
||||
- JDK-8299789: Compilation of gtest causes build to fail if runtime libraries are in different dirs
|
||||
- JDK-8300119: CgroupMetrics.getTotalMemorySize0() can report invalid results on 32 bit systems
|
||||
- JDK-8300424: [11u] Chunk lost in backport of 8297569
|
||||
- JDK-8300642: [17u,11u] Fix DEFAULT_PROMOTED_VERSION_PRE=ea for -dev
|
||||
- JDK-8300742: jstat's CGCT is 5 percent higher than the pause time in -Xlog:gc.
|
||||
- JDK-8300773: Address the inconsistency between the constant array and pool size
|
||||
- JDK-8301397: [11u, 17u] Bump jtreg to fix issue with build JDK 11.0.18
|
||||
- JDK-8301760: Fix possible leak in SpNegoContext dispose
|
||||
- JDK-8301842: JFR: increase checkpoint event size for stacktrace and string pool
|
||||
- JDK-8302000: [11u] A subtle race condition during jdk11u build
|
||||
- JDK-8302657: [11u] Add missing '(' in makefile after backport of 8218431
|
||||
- JDK-8302694: [11u] Update GHA Boot JDK to 11.0.18
|
||||
- JDK-8302903: [11u] Add modified test snippet after backport of JDK-8221871
|
||||
- JDK-8303075: [11u] Add CompileClassWithDebugTest to ProblemList for 8303074
|
||||
- JDK-8304389: [11u] Crash on Windows in C2 compiled code after 8248238 and 8218431
|
||||
|
||||
Notes on individual issues:
|
||||
===========================
|
||||
|
||||
security-libs/javax.net.ssl:
|
||||
|
||||
JDK-8190492: Removed SSLv2Hello and SSLv3 From Default Enabled TLS Protocols
|
||||
============================================================================
|
||||
SSLv2Hello and SSLv3 are versions of the SSL protocol that have not
|
||||
been considered secure for some time and are already disabled by
|
||||
default. They have been superseded by the more secure and modern TLS
|
||||
protocol, and users are recommended to switch to TLS 1.2 or 1.3.
|
||||
|
||||
With this release, SSLv2Hello and SSLv3 are now also removed from the
|
||||
list of default enabled protocols. This means that, even if SSLv3 is
|
||||
removed from the `jdk.tls.disabledAlgorithms` security property, it
|
||||
will still not be returned by the following methods:
|
||||
|
||||
* SSLServerSocket.getEnabledProtocols()
|
||||
* SSLEngine.getEnabledProtocols()
|
||||
* SSLParameters.getProtocols()
|
||||
|
||||
To enable SSLv3, it is now necessary to use the
|
||||
`jdk.tls.client.protocols` or `jdk.tls.server.protocols` system
|
||||
properties on the command line, or call one of the following methods
|
||||
to enable them programatically:
|
||||
|
||||
* SSLSocket.setEnabledProtocols()
|
||||
* SSLServerSocket.setEnabledProtocols()
|
||||
* SSLEngine.setEnabledProtocols()
|
||||
|
||||
security-libs/java.security:
|
||||
|
||||
JDK-8245654: Added Certigna(Dhimyotis) Root CA Certificate
|
||||
==========================================================
|
||||
The following root certificate has been added to the cacerts truststore:
|
||||
|
||||
Name: Certigna (Dhimyotis)
|
||||
Alias Name: certignarootca
|
||||
Distinguished Name: CN=Certigna, O=Dhimyotis, C=FR
|
||||
|
||||
core-libs/java.io:
|
||||
|
||||
JDK-8208077: File::listRoots Changed To Return All Available Drives On Windows
|
||||
==============================================================================
|
||||
The `java.io.File.listRoots()` method on Windows systems filtered out disk
|
||||
drives that could not be accessed or did not have media loaded. The
|
||||
use of this filtering led to observable performance issues. This release
|
||||
now returns all available disk drives, unfiltered.
|
||||
|
||||
New in release OpenJDK 11.0.18 (2023-01-17):
|
||||
=============================================
|
||||
Live versions of these release notes can be found at:
|
||||
@ -224,7 +505,7 @@ Live versions of these release notes can be found at:
|
||||
- JDK-8296239: ISO 4217 Amendment 174 Update
|
||||
- JDK-8296480: java/security/cert/pkix/policyChanges/TestPolicy.java is failing
|
||||
- JDK-8296485: BuildEEBasicConstraints.java test fails with SunCertPathBuilderException
|
||||
- JDK-8296496: Overzealous check in sizecalc.h prevents large memory allocation
|
||||
- JDK-8296496, JDK-8292652: Overzealous check in sizecalc.h prevents large memory allocation
|
||||
- JDK-8296632: Write a test to verify the content change of TextArea sends TextEvent
|
||||
- JDK-8296652: Restore windows aarch64 fixpath patch that was removed in 8239708
|
||||
- JDK-8296715: CLDR v42 update for tzdata 2022f
|
||||
@ -244,6 +525,16 @@ Live versions of these release notes can be found at:
|
||||
Notes on individual issues:
|
||||
===========================
|
||||
|
||||
client-libs/javax.imageio:
|
||||
|
||||
JDK-8295687: Better BMP bounds
|
||||
==============================
|
||||
Loading a linked ICC profile within a BMP image is now disabled by
|
||||
default. To re-enable it, set the new system property
|
||||
`sun.imageio.bmp.enabledLinkedProfiles` to `true`. This new property
|
||||
replaces the old property,
|
||||
`sun.imageio.plugins.bmp.disableLinkedProfiles`.
|
||||
|
||||
client-libs/javax.sound:
|
||||
|
||||
JDK-8293742: Better Banking of Sounds
|
||||
|
@ -1,5 +1,5 @@
|
||||
diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4
|
||||
index a73c0f38181..80710886ed8 100644
|
||||
index 16e906bdc6..1a352e5a32 100644
|
||||
--- a/make/autoconf/libraries.m4
|
||||
+++ b/make/autoconf/libraries.m4
|
||||
@@ -101,6 +101,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
|
||||
@ -74,10 +74,10 @@ index a73c0f38181..80710886ed8 100644
|
||||
+ AC_SUBST(USE_SYSCONF_NSS)
|
||||
+])
|
||||
diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in
|
||||
index 0ae23b93167..a242acc1234 100644
|
||||
index 3787b12600..dab108a82b 100644
|
||||
--- a/make/autoconf/spec.gmk.in
|
||||
+++ b/make/autoconf/spec.gmk.in
|
||||
@@ -826,6 +826,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
|
||||
@@ -848,6 +848,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
|
||||
# Libraries
|
||||
#
|
||||
|
||||
@ -89,10 +89,10 @@ index 0ae23b93167..a242acc1234 100644
|
||||
LCMS_CFLAGS:=@LCMS_CFLAGS@
|
||||
LCMS_LIBS:=@LCMS_LIBS@
|
||||
diff --git a/make/lib/Lib-java.base.gmk b/make/lib/Lib-java.base.gmk
|
||||
index a529768f39e..daf9c947172 100644
|
||||
index 4cd656a086..e1fc94b5b4 100644
|
||||
--- a/make/lib/Lib-java.base.gmk
|
||||
+++ b/make/lib/Lib-java.base.gmk
|
||||
@@ -178,6 +178,31 @@ ifeq ($(OPENJDK_TARGET_OS_TYPE), unix)
|
||||
@@ -178,6 +178,31 @@ ifeq ($(call isTargetOsType, unix), true)
|
||||
endif
|
||||
endif
|
||||
|
||||
@ -125,7 +125,7 @@ index a529768f39e..daf9c947172 100644
|
||||
# Create the symbols file for static builds.
|
||||
|
||||
diff --git a/make/nb_native/nbproject/configurations.xml b/make/nb_native/nbproject/configurations.xml
|
||||
index fb07d54c1f0..c5813e2b7aa 100644
|
||||
index fb07d54c1f..c5813e2b7a 100644
|
||||
--- a/make/nb_native/nbproject/configurations.xml
|
||||
+++ b/make/nb_native/nbproject/configurations.xml
|
||||
@@ -2950,6 +2950,9 @@
|
||||
@ -151,7 +151,7 @@ index fb07d54c1f0..c5813e2b7aa 100644
|
||||
ex="false"
|
||||
tool="3"
|
||||
diff --git a/make/scripts/compare_exceptions.sh.incl b/make/scripts/compare_exceptions.sh.incl
|
||||
index 6327040964d..6b3780123b6 100644
|
||||
index 6327040964..6b3780123b 100644
|
||||
--- a/make/scripts/compare_exceptions.sh.incl
|
||||
+++ b/make/scripts/compare_exceptions.sh.incl
|
||||
@@ -179,6 +179,7 @@ if [ "$OPENJDK_TARGET_OS" = "solaris" ] && [ "$OPENJDK_TARGET_CPU" = "x86_64" ];
|
||||
@ -172,7 +172,7 @@ index 6327040964d..6b3780123b6 100644
|
||||
./lib/libzip.so
|
||||
diff --git a/src/java.base/linux/native/libsystemconf/systemconf.c b/src/java.base/linux/native/libsystemconf/systemconf.c
|
||||
new file mode 100644
|
||||
index 00000000000..8dcb7d9073f
|
||||
index 0000000000..8dcb7d9073
|
||||
--- /dev/null
|
||||
+++ b/src/java.base/linux/native/libsystemconf/systemconf.c
|
||||
@@ -0,0 +1,224 @@
|
||||
@ -401,7 +401,7 @@ index 00000000000..8dcb7d9073f
|
||||
+ }
|
||||
+}
|
||||
diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
|
||||
index b36510a376b..ad5182e1e7c 100644
|
||||
index b36510a376..ad5182e1e7 100644
|
||||
--- a/src/java.base/share/classes/java/security/Security.java
|
||||
+++ b/src/java.base/share/classes/java/security/Security.java
|
||||
@@ -32,6 +32,7 @@ import java.net.URL;
|
||||
@ -533,7 +533,7 @@ index b36510a376b..ad5182e1e7c 100644
|
||||
/*
|
||||
diff --git a/src/java.base/share/classes/java/security/SystemConfigurator.java b/src/java.base/share/classes/java/security/SystemConfigurator.java
|
||||
new file mode 100644
|
||||
index 00000000000..90f6dd2ebc0
|
||||
index 0000000000..90f6dd2ebc
|
||||
--- /dev/null
|
||||
+++ b/src/java.base/share/classes/java/security/SystemConfigurator.java
|
||||
@@ -0,0 +1,248 @@
|
||||
@ -787,7 +787,7 @@ index 00000000000..90f6dd2ebc0
|
||||
+}
|
||||
diff --git a/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java b/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java
|
||||
new file mode 100644
|
||||
index 00000000000..21bc6d0b591
|
||||
index 0000000000..21bc6d0b59
|
||||
--- /dev/null
|
||||
+++ b/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java
|
||||
@@ -0,0 +1,31 @@
|
||||
@ -823,7 +823,7 @@ index 00000000000..21bc6d0b591
|
||||
+ boolean isPlainKeySupportEnabled();
|
||||
+}
|
||||
diff --git a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
|
||||
index 688ec9f0915..8489b940c43 100644
|
||||
index 688ec9f091..8489b940c4 100644
|
||||
--- a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
|
||||
+++ b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
|
||||
@@ -36,6 +36,7 @@ import java.io.FilePermission;
|
||||
@ -859,7 +859,7 @@ index 688ec9f0915..8489b940c43 100644
|
||||
+ }
|
||||
}
|
||||
diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java
|
||||
index 5460efcf8c5..f08dc2fafc5 100644
|
||||
index 7351627db3..859591890d 100644
|
||||
--- a/src/java.base/share/classes/module-info.java
|
||||
+++ b/src/java.base/share/classes/module-info.java
|
||||
@@ -182,6 +182,7 @@ module java.base {
|
||||
@ -871,7 +871,7 @@ index 5460efcf8c5..f08dc2fafc5 100644
|
||||
jdk.attach,
|
||||
jdk.charsets,
|
||||
diff --git a/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java b/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
|
||||
index ffee2c1603b..ff3d5e0e4ab 100644
|
||||
index ffee2c1603..ff3d5e0e4a 100644
|
||||
--- a/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
|
||||
+++ b/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
|
||||
@@ -33,8 +33,13 @@ import java.security.KeyStore.*;
|
||||
@ -910,7 +910,7 @@ index ffee2c1603b..ff3d5e0e4ab 100644
|
||||
"FIPS mode: KeyStore must be " +
|
||||
"from provider " + SunJSSE.cryptoProvider.getName());
|
||||
diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
index de7da5c3379..5c3813dda7b 100644
|
||||
index e06b2a588c..315a2ce370 100644
|
||||
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
@@ -31,6 +31,7 @@ import java.security.*;
|
||||
@ -931,6 +931,14 @@ index de7da5c3379..5c3813dda7b 100644
|
||||
- ProtocolVersion.TLS11,
|
||||
- ProtocolVersion.TLS10
|
||||
- );
|
||||
-
|
||||
- serverDefaultProtocols = getAvailableProtocols(
|
||||
- new ProtocolVersion[] {
|
||||
- ProtocolVersion.TLS13,
|
||||
- ProtocolVersion.TLS12,
|
||||
- ProtocolVersion.TLS11,
|
||||
- ProtocolVersion.TLS10
|
||||
- });
|
||||
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
|
||||
+ .isSystemFipsEnabled()) {
|
||||
+ // RH1860986: TLSv1.3 key derivation not supported with
|
||||
@ -940,14 +948,7 @@ index de7da5c3379..5c3813dda7b 100644
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ );
|
||||
|
||||
- serverDefaultProtocols = getAvailableProtocols(
|
||||
- new ProtocolVersion[] {
|
||||
- ProtocolVersion.TLS13,
|
||||
- ProtocolVersion.TLS12,
|
||||
- ProtocolVersion.TLS11,
|
||||
- ProtocolVersion.TLS10
|
||||
- });
|
||||
+
|
||||
+ serverDefaultProtocols = getAvailableProtocols(
|
||||
+ new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS12,
|
||||
@ -973,42 +974,68 @@ index de7da5c3379..5c3813dda7b 100644
|
||||
} else {
|
||||
supportedProtocols = Arrays.asList(
|
||||
ProtocolVersion.TLS13,
|
||||
@@ -620,6 +639,16 @@ public abstract class SSLContextImpl extends SSLContextSpi {
|
||||
|
||||
static ProtocolVersion[] getSupportedProtocols() {
|
||||
if (SunJSSE.isFIPS()) {
|
||||
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
|
||||
+ .isSystemFipsEnabled()) {
|
||||
+ // RH1860986: TLSv1.3 key derivation not supported with
|
||||
+ // the Security Providers available in system FIPS mode.
|
||||
+ return new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ }
|
||||
return new ProtocolVersion[] {
|
||||
ProtocolVersion.TLS13,
|
||||
ProtocolVersion.TLS12,
|
||||
@@ -949,6 +978,16 @@ public abstract class SSLContextImpl extends SSLContextSpi {
|
||||
|
||||
static ProtocolVersion[] getProtocols() {
|
||||
if (SunJSSE.isFIPS()) {
|
||||
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
|
||||
+ .isSystemFipsEnabled()) {
|
||||
+ // RH1860986: TLSv1.3 key derivation not supported with
|
||||
+ // the Security Providers available in system FIPS mode.
|
||||
+ return new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ }
|
||||
return new ProtocolVersion[]{
|
||||
ProtocolVersion.TLS13,
|
||||
ProtocolVersion.TLS12,
|
||||
@@ -910,12 +929,23 @@ public abstract class SSLContextImpl extends SSLContextSpi {
|
||||
if (client) {
|
||||
// default client protocols
|
||||
if (SunJSSE.isFIPS()) {
|
||||
- candidates = new ProtocolVersion[] {
|
||||
- ProtocolVersion.TLS13,
|
||||
- ProtocolVersion.TLS12,
|
||||
- ProtocolVersion.TLS11,
|
||||
- ProtocolVersion.TLS10
|
||||
- };
|
||||
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
|
||||
+ .isSystemFipsEnabled()) {
|
||||
+ // RH1860986: TLSv1.3 key derivation not supported with
|
||||
+ // the Security Providers available in system FIPS mode.
|
||||
+ candidates = new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ } else {
|
||||
+ candidates = new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS13,
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ }
|
||||
} else {
|
||||
candidates = new ProtocolVersion[] {
|
||||
ProtocolVersion.TLS13,
|
||||
@@ -927,12 +957,23 @@ public abstract class SSLContextImpl extends SSLContextSpi {
|
||||
} else {
|
||||
// default server protocols
|
||||
if (SunJSSE.isFIPS()) {
|
||||
- candidates = new ProtocolVersion[] {
|
||||
- ProtocolVersion.TLS13,
|
||||
- ProtocolVersion.TLS12,
|
||||
- ProtocolVersion.TLS11,
|
||||
- ProtocolVersion.TLS10
|
||||
- };
|
||||
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
|
||||
+ .isSystemFipsEnabled()) {
|
||||
+ // RH1860986: TLSv1.3 key derivation not supported with
|
||||
+ // the Security Providers available in system FIPS mode.
|
||||
+ candidates = new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ } else {
|
||||
+ candidates = new ProtocolVersion[] {
|
||||
+ ProtocolVersion.TLS13,
|
||||
+ ProtocolVersion.TLS12,
|
||||
+ ProtocolVersion.TLS11,
|
||||
+ ProtocolVersion.TLS10
|
||||
+ };
|
||||
+ }
|
||||
} else {
|
||||
candidates = new ProtocolVersion[] {
|
||||
ProtocolVersion.TLS13,
|
||||
diff --git a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
|
||||
index c50ba93ecfc..de2a91a478c 100644
|
||||
index c50ba93ecf..de2a91a478 100644
|
||||
--- a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
|
||||
+++ b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
|
||||
@@ -27,6 +27,8 @@ package sun.security.ssl;
|
||||
@ -1037,7 +1064,7 @@ index c50ba93ecfc..de2a91a478c 100644
|
||||
"sun.security.ssl.SSLContextImpl$TLSContext",
|
||||
(isfips? null : createAliases("SSL")), null);
|
||||
diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
|
||||
index 097517926d1..474fe6f401f 100644
|
||||
index 9af64321c4..957cd78a55 100644
|
||||
--- a/src/java.base/share/conf/security/java.security
|
||||
+++ b/src/java.base/share/conf/security/java.security
|
||||
@@ -85,6 +85,14 @@ security.provider.tbd=Apple
|
||||
@ -1083,7 +1110,7 @@ index 097517926d1..474fe6f401f 100644
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
|
||||
new file mode 100644
|
||||
index 00000000000..b848a1fd783
|
||||
index 0000000000..b848a1fd78
|
||||
--- /dev/null
|
||||
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
|
||||
@@ -0,0 +1,290 @@
|
||||
@ -1378,7 +1405,7 @@ index 00000000000..b848a1fd783
|
||||
+ }
|
||||
+}
|
||||
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
|
||||
index 099caac605f..977e5332bd1 100644
|
||||
index cf7cd19b68..69cda46f85 100644
|
||||
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
|
||||
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
|
||||
@@ -26,6 +26,9 @@
|
||||
@ -1482,7 +1509,7 @@ index 099caac605f..977e5332bd1 100644
|
||||
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
|
||||
throw new UnsupportedOperationException
|
||||
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
|
||||
index 04a369f453c..f033fe47593 100644
|
||||
index 04a369f453..f033fe4759 100644
|
||||
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
|
||||
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
|
||||
@@ -49,6 +49,7 @@ package sun.security.pkcs11.wrapper;
|
55
SOURCES/jdk8274864-remove_amman_cairo_hacks.patch
Normal file
55
SOURCES/jdk8274864-remove_amman_cairo_hacks.patch
Normal file
@ -0,0 +1,55 @@
|
||||
commit b4caafe16f14983e303b7f1fdf3090e5c513ebd8
|
||||
Author: Andrew John Hughes <andrew@openjdk.org>
|
||||
Date: Thu Apr 13 15:37:20 2023 +0000
|
||||
|
||||
8274864: Remove Amman/Cairo hacks in ZoneInfoFile
|
||||
|
||||
Backport-of: ec199072c5867624d66840238cc8828e16ae8da7
|
||||
|
||||
diff --git a/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java b/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
index 1dc82561f2..a51490767d 100644
|
||||
--- a/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
+++ b/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
@@ -607,34 +607,6 @@ public final class ZoneInfoFile {
|
||||
params[8] = endRule.secondOfDay * 1000;
|
||||
params[9] = toSTZTime[endRule.timeDefinition];
|
||||
dstSavings = (startRule.offsetAfter - startRule.offsetBefore) * 1000;
|
||||
-
|
||||
- // Note: known mismatching -> Asia/Amman
|
||||
- // ZoneInfo : startDayOfWeek=5 <= Thursday
|
||||
- // startTime=86400000 <= 24 hours
|
||||
- // This: startDayOfWeek=6
|
||||
- // startTime=0
|
||||
- // Similar workaround needs to be applied to Africa/Cairo and
|
||||
- // its endDayOfWeek and endTime
|
||||
- // Below is the workarounds, it probably slows down everyone a little
|
||||
- if (params[2] == 6 && params[3] == 0 &&
|
||||
- (zoneId.equals("Asia/Amman"))) {
|
||||
- params[2] = 5;
|
||||
- params[3] = 86400000;
|
||||
- }
|
||||
- // Additional check for startDayOfWeek=6 and starTime=86400000
|
||||
- // is needed for Asia/Amman;
|
||||
- if (params[2] == 7 && params[3] == 0 &&
|
||||
- (zoneId.equals("Asia/Amman"))) {
|
||||
- params[2] = 6; // Friday
|
||||
- params[3] = 86400000; // 24h
|
||||
- }
|
||||
- //endDayOfWeek and endTime workaround
|
||||
- if (params[7] == 6 && params[8] == 0 &&
|
||||
- (zoneId.equals("Africa/Cairo"))) {
|
||||
- params[7] = 5;
|
||||
- params[8] = 86400000;
|
||||
- }
|
||||
-
|
||||
} else if (nTrans > 0) { // only do this if there is something in table already
|
||||
if (lastyear < LASTYEAR) {
|
||||
// ZoneInfo has an ending entry for 2037
|
||||
@@ -907,7 +879,6 @@ public final class ZoneInfoFile {
|
||||
this.dow = dowByte == 0 ? -1 : dowByte;
|
||||
this.secondOfDay = timeByte == 31 ? in.readInt() : timeByte * 3600;
|
||||
this.timeDefinition = (data & (3 << 12)) >>> 12;
|
||||
-
|
||||
this.standardOffset = stdByte == 255 ? in.readInt() : (stdByte - 128) * 900;
|
||||
this.offsetBefore = beforeByte == 3 ? in.readInt() : standardOffset + beforeByte * 1800;
|
||||
this.offsetAfter = afterByte == 3 ? in.readInt() : standardOffset + afterByte * 1800;
|
1098
SOURCES/jdk8305113-tzdata2023c.patch
Normal file
1098
SOURCES/jdk8305113-tzdata2023c.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,8 @@
|
||||
diff -r 1356affa5e44 make/launcher/Launcher-java.base.gmk
|
||||
--- openjdk/make/launcher/Launcher-java.base.gmk Wed Nov 25 08:27:15 2020 +0100
|
||||
+++ openjdk/make/launcher/Launcher-java.base.gmk Tue Dec 01 12:29:30 2020 +0100
|
||||
@@ -41,6 +41,16 @@
|
||||
diff --git openjdk.orig/make/launcher/Launcher-java.base.gmk openjdk/make/launcher/Launcher-java.base.gmk
|
||||
index a8990dd0ef..320fec6e51 100644
|
||||
--- openjdk.orig/make/launcher/Launcher-java.base.gmk
|
||||
+++ openjdk/make/launcher/Launcher-java.base.gmk
|
||||
@@ -41,6 +41,16 @@ $(eval $(call SetupBuildLauncher, java, \
|
||||
OPTIMIZATION := HIGH, \
|
||||
))
|
||||
|
||||
@ -15,13 +16,14 @@ diff -r 1356affa5e44 make/launcher/Launcher-java.base.gmk
|
||||
+ OPTIMIZATION := HIGH, \
|
||||
+))
|
||||
+
|
||||
ifeq ($(OPENJDK_TARGET_OS), windows)
|
||||
ifeq ($(call isTargetOs, windows), true)
|
||||
$(eval $(call SetupBuildLauncher, javaw, \
|
||||
CFLAGS := -DJAVAW -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES, \
|
||||
|
||||
diff -r 25e94aa812b2 src/share/bin/alt_main.h
|
||||
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
|
||||
+++ openjdk/src/java.base/share/native/launcher/alt_main.h Tue Jun 02 17:15:28 2020 +0100
|
||||
diff --git openjdk.orig/src/java.base/share/native/launcher/alt_main.h openjdk/src/java.base/share/native/launcher/alt_main.h
|
||||
new file mode 100644
|
||||
index 0000000000..697df2898a
|
||||
--- /dev/null
|
||||
+++ openjdk/src/java.base/share/native/launcher/alt_main.h
|
||||
@@ -0,0 +1,73 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
|
||||
@ -96,9 +98,10 @@ diff -r 25e94aa812b2 src/share/bin/alt_main.h
|
||||
+}
|
||||
+
|
||||
+#endif // REDHAT_ALT_JAVA
|
||||
diff -r 25e94aa812b2 src/share/bin/main.c
|
||||
--- openjdk/src/java.base/share/native/launcher/main.c Wed Feb 05 12:20:36 2020 -0300
|
||||
+++ openjdk/src/java.base/share/native/launcher/main.c Tue Jun 02 17:15:28 2020 +0100
|
||||
diff --git openjdk.orig/src/java.base/share/native/launcher/main.c openjdk/src/java.base/share/native/launcher/main.c
|
||||
index b734fe2ba7..79dc830765 100644
|
||||
--- openjdk.orig/src/java.base/share/native/launcher/main.c
|
||||
+++ openjdk/src/java.base/share/native/launcher/main.c
|
||||
@@ -34,6 +34,14 @@
|
||||
#include "jli_util.h"
|
||||
#include "jni.h"
|
||||
|
@ -331,7 +331,7 @@
|
||||
# New Version-String scheme-style defines
|
||||
%global featurever 11
|
||||
%global interimver 0
|
||||
%global updatever 18
|
||||
%global updatever 19
|
||||
%global patchver 0
|
||||
# buildjdkver is usually same as %%{featurever},
|
||||
# but in time of bootstrap of next jdk, it is featurever-1,
|
||||
@ -370,15 +370,15 @@
|
||||
# Define IcedTea version used for SystemTap tapsets and desktop file
|
||||
%global icedteaver 6.0.0pre00-c848b93a8598
|
||||
# Define current Git revision for the FIPS support patches
|
||||
%global fipsver 9087e80d0ab
|
||||
%global fipsver b34fb09a5c
|
||||
|
||||
# Standard JPackage naming and versioning defines
|
||||
%global origin openjdk
|
||||
%global origin_nice OpenJDK
|
||||
%global top_level_dir_name %{origin}
|
||||
%global top_level_dir_name_backup %{top_level_dir_name}-backup
|
||||
%global buildver 10
|
||||
%global rpmrelease 2
|
||||
%global buildver 7
|
||||
%global rpmrelease 1
|
||||
#%%global tagsuffix %%{nil}
|
||||
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
|
||||
%if %is_system_jdk
|
||||
@ -1360,7 +1360,7 @@ Patch1003: rh1842572-rsa_default_for_keytool.patch
|
||||
|
||||
# Crypto policy and FIPS support patches
|
||||
# Patch is generated from the fips tree at https://github.com/rh-openjdk/jdk11u/tree/fips
|
||||
# as follows: git diff %%{vcstag} src make > fips-11u-$(git show -s --format=%h HEAD).patch
|
||||
# as follows: git diff %%{vcstag} src make test > fips-11u-$(git show -s --format=%h HEAD).patch
|
||||
# Diff is limited to src and make subdirectories to exclude .github changes
|
||||
# Fixes currently included:
|
||||
# PR3694, RH1340845: Add security.useSystemPropertiesFile option to java.security to use system crypto policy
|
||||
@ -1412,13 +1412,17 @@ Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk1
|
||||
|
||||
#############################################
|
||||
#
|
||||
# Patches appearing in 11.0.18
|
||||
# Patches appearing in 11.0.20
|
||||
#
|
||||
# This section includes patches which are present
|
||||
# in the listed OpenJDK 11u release and should be
|
||||
# able to be removed once that release is out
|
||||
# and used by this RPM.
|
||||
#############################################
|
||||
# JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile
|
||||
Patch2002: jdk8274864-remove_amman_cairo_hacks.patch
|
||||
# JDK-8305113: (tz) Update Timezone Data to 2023c
|
||||
Patch2003: jdk8305113-tzdata2023c.patch
|
||||
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
@ -1453,8 +1457,8 @@ BuildRequires: java-%{buildjdkver}-openjdk-devel
|
||||
%ifarch %{zero_arches}
|
||||
BuildRequires: libffi-devel
|
||||
%endif
|
||||
# 2022g required as of JDK-8297804
|
||||
BuildRequires: tzdata-java >= 2022g
|
||||
# 2023c required as of JDK-8305113
|
||||
BuildRequires: tzdata-java >= 2023c
|
||||
# Earlier versions have a bug in tree vectorization on PPC
|
||||
BuildRequires: gcc >= 4.8.3-8
|
||||
|
||||
@ -1837,6 +1841,9 @@ pushd %{top_level_dir_name}
|
||||
%patch1001 -p1
|
||||
# nss.cfg PKCS11 support; must come last as it also alters java.security
|
||||
%patch1000 -p1
|
||||
# tzdata update
|
||||
%patch2002 -p1
|
||||
%patch2003 -p1
|
||||
popd # openjdk
|
||||
|
||||
%patch600
|
||||
@ -2676,7 +2683,23 @@ end
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jan 11 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.18.0.10-1
|
||||
* Fri Apr 14 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.19.0.7-1
|
||||
- Update to jdk-11.0.19.0+7
|
||||
- Update release notes to 11.0.19.0+7
|
||||
- Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113
|
||||
- Update generate_tarball.sh to add support for passing a boot JDK to the configure run
|
||||
- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace
|
||||
- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs
|
||||
- Rebase FIPS support against 11.0.19+6
|
||||
- Rebase RH1750419 alt-java patch against 11.0.19+6
|
||||
- ** This tarball is embargoed until 2023-04-18 @ 1pm PT. **
|
||||
- Resolves: rhbz#2185182
|
||||
|
||||
* Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.18.0.10-3
|
||||
- Add missing release note for JDK-8295687
|
||||
- Resolves: rhbz#2160111
|
||||
|
||||
* Wed Jan 11 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.18.0.10-2
|
||||
- Update to jdk-11.0.18+10 (GA)
|
||||
- Update release notes to 11.0.18+10
|
||||
- Switch to GA mode for release
|
||||
|
Loading…
Reference in New Issue
Block a user