diff --git a/.gitignore b/.gitignore index 36300d4..f2440f6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/jdk-updates-jdk11u-jdk-11.0.15+8-4curve.tar.xz +SOURCES/jdk-updates-jdk11u-jdk-11.0.15+10-4curve.tar.xz SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz diff --git a/.java-11-openjdk.metadata b/.java-11-openjdk.metadata index a6e71cf..5e3b532 100644 --- a/.java-11-openjdk.metadata +++ b/.java-11-openjdk.metadata @@ -1,2 +1,2 @@ -683d0100dc69ff4488cde77e36f5d27b451326a8 SOURCES/jdk-updates-jdk11u-jdk-11.0.15+8-4curve.tar.xz +a3658fc54f198072f4c61090b712bfe6ff222928 SOURCES/jdk-updates-jdk11u-jdk-11.0.15+10-4curve.tar.xz c8281ee37b77d535c9c1af86609a531958ff7b34 SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz diff --git a/SOURCES/NEWS b/SOURCES/NEWS index a6364e1..acb5afb 100644 --- a/SOURCES/NEWS +++ b/SOURCES/NEWS @@ -11,6 +11,23 @@ Live versions of these release notes can be found at: * New features - JDK-8253795: Implementation of JEP 391: macOS/AArch64 Port +* Security fixes + - JDK-8269938: Enhance XML processing passes redux + - JDK-8270504, CVE-2022-21426: Better XPath expression handling + - JDK-8272255: Completely handle MIDI files + - JDK-8272261: Improve JFR recording file processing + - JDK-8272594: Better record of recordings + - JDK-8274221: More definite BER encodings + - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0 + - JDK-8275151, CVE-2022-21443: Improved Object Identification + - JDK-8277227: Better identification of OIDs + - JDK-8277672, CVE-2022-21434: Better invocation handler handling + - JDK-8278356: Improve file creation + - JDK-8278449: Improve keychain support + - JDK-8278798: Improve supported intrinsic + - JDK-8278805: Enhance BMP image loading + - JDK-8278972, CVE-2022-21496: Improve URL supports + - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo * Other changes - JDK-8065704: Set LC_ALL=C for all relevant commands in the build system - JDK-8177814: jdk/editpad is not in jdk TEST.groups @@ -126,7 +143,6 @@ Live versions of these release notes can be found at: - JDK-8274714: Incorrect verifier protected access error message - JDK-8274736: Concurrent read/close of SSLSockets causes SSLSessions to be invalidated unnecessarily - JDK-8274795: AArch64: avoid spilling and restoring r18 in macro assembler - - JDK-8275082: Update XML Security for Java to 2.3.0 - JDK-8275326: C2: assert(no_dead_loop) failed: dead loop detected - JDK-8275536: Add test to check that File::lastModified returns same time stamp as Files.getLastModifiedTime - JDK-8275610: C2: Object field load floats above its null check resulting in a segfault @@ -173,11 +189,15 @@ Live versions of these release notes can be found at: - JDK-8281061: [s390] JFR runs into assertions while validating interpreter frames - JDK-8281520: JFR: A wrong parameter is passed to the constructor of LeakKlassWriter - JDK-8281599: test/lib/jdk/test/lib/KnownOIDs.java is redundant since JDK-8268801 + - JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972 - JDK-8282372: [11] build issue on MacOS/aarch64 12.2.1 using Xcode 13.1: call to 'log2_intptr' is ambiguous + - JDK-8282397: createTempFile method of java.io.File is failing when called with suffix of spaces character - JDK-8282761: XPathFactoryImpl remove setProperty and getProperty methods - JDK-8283018: 11u GHA: Update GCC 9 minor versions - JDK-8283270: [11u] broken JRT_ENTRY_NO_ASYNC after Backport of JDK-8253795 - JDK-8283778: 11u GHA: Fix GCC 9 ubuntu package names + - JDK-8284548: Invalid XPath expression causes StringIndexOutOfBoundsException + - JDK-8284920: Incorrect Token type causes XPath expression to return empty result Notes on individual issues: =========================== diff --git a/SPECS/java-11-openjdk.spec b/SPECS/java-11-openjdk.spec index 18de533..a9022b3 100644 --- a/SPECS/java-11-openjdk.spec +++ b/SPECS/java-11-openjdk.spec @@ -362,8 +362,8 @@ %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global top_level_dir_name_backup %{top_level_dir_name}-backup -%global buildver 8 -%global rpmrelease 1 +%global buildver 10 +%global rpmrelease 3 #%%global tagsuffix %%{nil} # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit %if %is_system_jdk @@ -392,7 +392,7 @@ # Release will be (where N is usually a number starting at 1): # - 0.N%%{?extraver}%%{?dist} for EA releases, # - N%%{?extraver}{?dist} for GA releases -%global is_ga 0 +%global is_ga 1 %if %{is_ga} %global ea_designator "" %global ea_designator_zip "" @@ -1399,7 +1399,7 @@ Patch101: jdk8257794-remove_broken_assert.patch ############################################# # -# Patches appearing in 11.0.13 +# Patches appearing in 11.0.15 # # This section includes patches which are present # in the listed OpenJDK 11u release and should be @@ -2618,6 +2618,12 @@ end %endif %changelog +* Sun Apr 24 2022 Andrew Hughes - 1:11.0.15.0.10-3 +- Update to jdk-11.0.15.0+10 +- Update release notes to 11.0.15.0+10 +- Switch to GA mode for release +- Resolves: rhbz#2073593 + * Tue Apr 12 2022 Andrew Hughes - 1:11.0.15.0.8-0.1.ea - Update to jdk-11.0.15.0+8 - Update release notes to 11.0.15.0+8