rpms/java-11-openjdk
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import java-11-openjdk-11.0.12.0.1-0.1.ea.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-07-15 14:16:00 +00:00 committed by Andrew Lukoshko
parent a24aabc7ac
commit 55b888799d
5 changed files with 379 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz
SOURCES/jdk-updates-jdk11u-jdk-11.0.12+1-4curve.tar.xz
SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz

2
.java-11-openjdk.metadata
View File

@ -1,2 +1,2 @@
a339f6e108c16a23c47504565b602a6fc395bf2e SOURCES/jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz
127a825852d1f05099a01f088fad3f4ba4b9995c SOURCES/jdk-updates-jdk11u-jdk-11.0.12+1-4curve.tar.xz
c8281ee37b77d535c9c1af86609a531958ff7b34 SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz

305
SOURCES/NEWS
View File

@ -3,6 +3,311 @@ Key:
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
New in release OpenJDK 11.0.12 (2021-07-20):
=============================================
Live versions of these release notes can be found at:
* https://bitly.com/openjdk11012
* https://builds.shipilev.net/backports-monitor/release-notes-11.0.12.txt
* Other changes
- JDK-6847157: java.lang.NullPointerException: HDC for component at sun.java2d.loops.Blit.Blit
- JDK-7106851: Test should not use System.exit
- JDK-8073446: TimeZone getOffset API does not return a dst offset between years 2038-2137
- JDK-8076190: Customizing the generation of a PKCS12 keystore
- JDK-8171303: sun/java2d/pipe/InterpolationQualityTest.java fails on Windows & Linux
- JDK-8177068: incomplete classpath causes NPE in Flow
- JDK-8187450: JNI local refs exceeds capacity warning in NetworkInterface::getAll
- JDK-8190763: Class cast exception on (CompoundEdit) UndoableEditEvent.getEdit()
- JDK-8195841: PNGImageReader.readNullTerminatedString() doesnt check for non-null terminated strings with length equal to maxLen
- JDK-8199646: JShell tests: jdk/jshell/FailOverDirectExecutionControlTest.java failed with java.lang.UnsupportedOperationException
- JDK-8206925: Support the certificate_authorities extension
- JDK-8207247: AARCH64: Enable Minimal and Client VM builds
- JDK-8207404: MulticastSocket tests failing on AIX
- JDK-8207779: Method::is_valid_method() compares 'this' with NULL
- JDK-8208061: runtime/LoadClass/TestResize.java fails with "Load factor too high" when running in CDS mode.
- JDK-8209459: TestSHA512MultiBlockIntrinsics failed on AArch64
- JDK-8210443: Migrate Locale matching tests to JDK Repo.
- JDK-8213231: ThreadSnapshot::_threadObj can become stale
- JDK-8213483: ARM32: runtime/ErrorHandling/ShowRegistersOnAssertTest.java jtreg test fail
- JDK-8213725: JShell NullPointerException due to class file with unexpected package
- JDK-8213794: ARM32: disable TypeProfiling, CriticalJNINatives, Serviceablity tests for ARM32
- JDK-8213845: ARM32: Interpreter doesn't call result handler after native calls
- JDK-8214128: ARM32: wrong stack alignment on Deoptimization::unpack_frames
- JDK-8214512: ARM32: Jtreg test compiler/c2/Test8062950.java fails on ARM
- JDK-8214922: Add vectorization support for fmin/fmax
- JDK-8216259: AArch64: Vectorize Adler32 intrinsics
- JDK-8216314: SIGILL in CodeHeapState::print_names()
- JDK-8217348: assert(thread->is_Java_thread()) failed: just checking
- JDK-8217465: [REDO] - Optimize CodeHeap Analytics
- JDK-8217561: X86: Add floating-point Math.min/max intrinsics
- JDK-8217918: C2: -XX:+AggressiveUnboxing is broken
- JDK-8219586: CodeHeap State Analytics processes dead nmethods
- JDK-8220407: compiler/intrinsics/math/TestFpMinMaxIntrinsics.java timedout
- JDK-8222302: [TESTBUG]test/hotspot/jtreg/compiler/intrinsics/sha/cli/TestUseSHAOptionOnUnsupportedCPU.java fails on any other CPU
- JDK-8222412: AARCH64: multiple instructions encoding issues
- JDK-8223020: aarch64: expand minI_rReg and maxI_rReg patterns into separate instructions
- JDK-8223444: Improve CodeHeap Free Space Management
- JDK-8223504: Improve performance of forall loops by better inlining of "iterator()" methods
- JDK-8225081: Remove Telia Company CA certificate expiring in April 2021
- JDK-8225116: Test OwnedWindowsLeak.java intermittently fails
- JDK-8225438: javax/net/ssl/TLSCommon/TestSessionLocalPrincipal.java failed with Read timed out
- JDK-8225756: [testbug] compiler/loopstripmining/CheckLoopStripMining.java sets too short a SafepointTimeoutDelay
- JDK-8226374: Restrict TLS signature schemes and named groups
- JDK-8226627: assert(t->singleton()) failed: must be a constant
- JDK-8227222: vmTestbase/jit/FloatingPoint/gen_math/Loops04/Loops04.java failed XMM register should be 0-15
- JDK-8230428: Cleanup dead CastIP node code in formssel.cpp
- JDK-8231460: Performance issue (CodeHeap) with large free blocks
- JDK-8231841: AArch64: debug.cpp help() is missing an AArch64 line for pns
- JDK-8232591: AArch64: Add missing match rules for smaddl, smsubl and smnegl
- JDK-8233185: HttpServer.stop() blocks indefinitely when called on dispatch thread
- JDK-8233787: Break cycle in vm_version* includes
- JDK-8233948: AArch64: Incorrect mapping between OptoReg and VMReg for high 64 bits of Vector Register
- JDK-8234355: Buffer overflow in jcmd GC.class_stats due to too many classes
- JDK-8235368: Update BCEL to Version 6.4.1
- JDK-8236859: WebSocket over authenticating proxy fails with NPE
- JDK-8236992: AArch64: remove redundant load_klass in itable stub
- JDK-8237743: test/langtools/jdk/jshell/FailOverExecutionControlTest.java fails No ExecutionControlProvider with name 'nonExistent' and parameter keys: []
- JDK-8238175: CTW: Class.getDeclaredMethods fails with assert(k->is_subclass_of(SystemDictionary::Throwable_klass())) failed: invalid exception class
- JDK-8238567: SoftMainMixer.processAudioBuffers(): Wrong handling of stoppedMixers
- JDK-8238812: assert(false) failed: bad AD file
- JDK-8239312: [macos] javax/swing/JFrame/NSTexturedJFrame/NSTexturedJFrame.java
- JDK-8239386: handle ContendedPaddingWidth in vm_version_aarch64
- JDK-8239536: Can't use `java.util.List` object after importing `java.awt.List`
- JDK-8240487: Cleanup whitespace in .cc, .hh, .m, and .mm files
- JDK-8240848: ArrayIndexOutOfBoundsException buf for TextCallbackHandler
- JDK-8241082: Upgrade IANA Language Subtag Registry data to 03-16-2020 version
- JDK-8241101: [s390] jtreg test failure after JDK-8238696: not conformant features string
- JDK-8241372: Several test failures due to javax.net.ssl.SSLException: Connection reset
- JDK-8241475: AArch64: Add missing support for PopCountVI node
- JDK-8241829: Cleanup the code for PrinterJob on windows
- JDK-8241960: The SHA3 message digests impl of SUN provider are not thread safe after cloned
- JDK-8242010: Upgrade IANA Language Subtag Registry to Version 2020-04-01
- JDK-8242429: Better implementation for sign extract
- JDK-8242557: Add length limit for strings in PNGImageWriter
- JDK-8243240: AArch64: Add support for MulVB
- JDK-8243559: Remove root certificates with 1024-bit keys
- JDK-8243597: AArch64: Add support for integer vector abs
- JDK-8244031: HttpClient should have more tests for HEAD requests
- JDK-8244205: HTTP/2 tunnel connections through proxy may be reused regardless of which proxy is selected
- JDK-8244847: Linux/PPC: runtime/CompressedOops/CompressedClassPointers: smallHeapTest fails
- JDK-8245511: G1 adaptive IHOP does not account for reclamation of humongous objects by young GC
- JDK-8246274: G1 old gen allocation tracking is not in a separate class
- JDK-8247354: [aarch64] PopFrame causes assert(oopDesc::is_oop(obj)) failed: not an oop
- JDK-8247432: Update IANA Language Subtag Registry to Version 2020-09-29
- JDK-8247438: JShell: When FailOverExecutionControlProvider fails the proximal cause is not shown
- JDK-8248411: [aarch64] Insufficient error handling when CodeBuffer is exhausted
- JDK-8249142: java/awt/FontClass/CreateFont/DeleteFont.sh is unstable
- JDK-8249719: MethodHandle performance suffers from bad ResolvedMethodTable hash function
- JDK-8250635: MethodArityHistogram should use Compile_lock in favour of fancy checks
- JDK-8251525: AARCH64: Faster Math.signum(fp)
- JDK-8252259: AArch64: Adjust default value of FLOATPRESSURE
- JDK-8252779: compiler/graalunit/HotspotTest.java failed after 8251525
- JDK-8252883: AccessDeniedException caused by delayed file deletion on Windows
- JDK-8253167: ARM32 builds fail after JDK-8247910
- JDK-8253572: [windows] CDS archive may fail to open with long file names
- JDK-8253923: C2 doesn't always run loop opts for compilations that include loops
- JDK-8253948: Memory leak in ImageFileReader
- JDK-8254631: Better support ALPN byte wire values in SunJSSE
- JDK-8255086: Update the root locale display names
- JDK-8255625: AArch64: Implement Base64.encodeBlock accelerator/intrinsic
- JDK-8255763: C2: OSR miscompilation caused by invalid memory instruction placement
- JDK-8256037: [TESTBUG] com/sun/jndi/dns/ConfigTests/PortUnreachable.java fails due to the hard coded threshold is small
- JDK-8256244: java/lang/ProcessHandle/PermissionTest.java fails with TestNG 7.1
- JDK-8256287: [windows] add loop fuse to map_or_reserve_memory_aligned
- JDK-8256523: Streamline Java SHA2 implementation
- JDK-8257414: Drag n Drop target area is wrong on high DPI systems
- JDK-8257569: Failure observed with JfrVirtualMemory::initialize
- JDK-8257574: C2: "failed: parsing found no loops but there are some" assert failure
- JDK-8257580: Bump update version for OpenJDK: jdk-11.0.12
- JDK-8257604: JNI_ArgumentPusherVaArg leaks valist
- JDK-8257621: JFR StringPool misses cached items across consecutive recordings
- JDK-8257796: [TESTBUG] TestUseSHA512IntrinsicsOptionOnSupportedCPU.java fails on x86_32
- JDK-8257822: C2 crashes with SIGFPE due to a division that floats above its zero check
- JDK-8258414: OldObjectSample events too expensive
- JDK-8258505: [TESTBUG] TestDivZeroWithSplitIf.java fails due to missing UnlockDiagnosticVMOptions
- JDK-8258753: StartTlsResponse.close() hangs due to synchronization issues
- JDK-8259061: C2: assert(found) failed: memory-writing node is not placed in its original loop or an ancestor of it
- JDK-8259227: C2 crashes with SIGFPE due to a division that floats above its zero check
- JDK-8259276: C2: Empty expression stack when reexecuting tableswitch/lookupswitch instructions after deoptimization
- JDK-8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl
- JDK-8259710: Inlining trace leaks memory
- JDK-8259777: Incorrect predication condition generated by ADLC
- JDK-8259786: initialize last parameter of getpwuid_r
- JDK-8259843: initialize dli_fname array before calling dll_address_to_library_name
- JDK-8259886: Improve SSL session cache performance and scalability
- JDK-8259983: do not use uninitialized expand_ms value in G1CollectedHeap::expand_heap_after_young_collection
- JDK-8260236: better init AnnotationCollector _contended_group
- JDK-8260255: C1: LoopInvariantCodeMotion constructor can leave some fields uninitialized
- JDK-8260284: C2: assert(_base == Int) failed: Not an Int
- JDK-8260380: Upgrade to LittleCMS 2.12
- JDK-8260420: C2 compilation fails with assert(found_sfpt) failed: no node in loop that's not input to safepoint
- JDK-8260426: awt debug_mem.c DMem_AllocateBlock might leak memory
- JDK-8260432: allocateSpaceForGP in freetypeScaler.c might leak memory
- JDK-8260925: HttpsURLConnection does not work with other JSSE provider.
- JDK-8261020: Wrong format parameter in create_emergency_chunk_path
- JDK-8261027: AArch64: Support for LSE atomics C++ HotSpot code
- JDK-8261167: print_process_memory_info add a close call after fopen
- JDK-8261170: Upgrade to freetype 2.10.4
- JDK-8261235: C1 compilation fails with assert(res->vreg_number() == index) failed: conversion check
- JDK-8261261: The version extra fields needs to be overridable in jib-profiles.js
- JDK-8261262: Kitchensink24HStress.java crashed with EXCEPTION_ACCESS_VIOLATION
- JDK-8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
- JDK-8261397: try catch Method failing to work when dividing an integer by 0
- JDK-8261447: MethodInvocationCounters frequently run into overflow
- JDK-8261481: Cannot read Kerberos settings in dynamic store on macOS Big Sur
- JDK-8261505: Test test/hotspot/jtreg/gc/parallel/TestDynShrinkHeap.java killed by Linux OOM Killer
- JDK-8261601: free memory in early return in Java_sun_nio_ch_sctp_SctpChannelImpl_receive0
- JDK-8261649: AArch64: Optimize LSE atomics in C++ code
- JDK-8261730: C2 compilation fails with assert(store->find_edge(load) != -1) failed: missing precedence edge
- JDK-8261752: Multiple GC test are missing memory requirements
- JDK-8261791: (sctp) handleSendFailed in SctpChannelImpl.c potential leaks
- JDK-8261812: C2 compilation fails with assert(!had_error) failed: bad dominance
- JDK-8261914: IfNode::fold_compares_helper faces non-canonicalized bool when running JRuby JSON workload
- JDK-8262093: java/util/concurrent/tck/JSR166TestCase.java failed "assert(false) failed: unexpected node"
- JDK-8262110: DST starts from incorrect time in 2038
- JDK-8262121: [11u] Redo 8244287: JFR: Methods samples have line number 0
- JDK-8262295: C2: Out-of-Bounds Array Load from Clone Source
- JDK-8262298: G1BarrierSetC2::step_over_gc_barrier fails with assert "bad barrier shape"
- JDK-8262446: DragAndDrop hangs on Windows
- JDK-8262461: handle wcstombsdmp return value correctly in unix awt_InputMethod.c
- JDK-8262465: Very long compilation times and high memory consumption in C2 debug builds
- JDK-8262726: AArch64: C1 StubAssembler::call_RT can corrupt stack
- JDK-8262739: String inflation C2 intrinsic prevents insertion of anti-dependencies
- JDK-8262829: Native crash in Win32PrintServiceLookup.getAllPrinterNames()
- JDK-8262837: handle split_USE correctly
- JDK-8262900: ToolBasicTest fails to access HTTP server it starts
- JDK-8263260: [s390] Support latest hardware (z14 and z15)
- JDK-8263311: Watch registry changes for remote printers update instead of polling
- JDK-8263361: Incorrect arraycopy stub selected by C2 for SATB collectors
- JDK-8263425: AArch64: two potential bugs in C1 LIRGenerator::generate_address()
- JDK-8263448: CTW: fatal error: meet not symmetric
- JDK-8263504: Some OutputMachOpcodes fields are uninitialized
- JDK-8263557: Possible NULL dereference in Arena::destruct_contents()
- JDK-8263558: Possible NULL dereference in fast path arena free if ZapResourceArea is true
- JDK-8263676: AArch64: one potential bug in C1 LIRGenerator::generate_address()
- JDK-8263729: [test] divert spurious output away from stream under test in ProcessBuilder Basic test
- JDK-8264047: Duplicate global variable 'jvm' in libjavajpeg and libawt
- JDK-8264096: slowdebug jvm crashes when StrInflatedCopy match rule is not supported
- JDK-8264151: ciMethod::ensure_method_data() should return false is loading resulted in empty state
- JDK-8264173: [s390] Improve Hardware Feature Detection And Reporting
- JDK-8264190: Harden TLS interop tests
- JDK-8264223: CodeHeap::verify fails extra_hops assertion in fastdebug test
- JDK-8264328: Broken license in javax/swing/JComboBox/8072767/bug8072767.java
- JDK-8264360: Loop strip mining verification fails with "should be on the backedge"
- JDK-8264626: C1 should be able to inline excluded methods
- JDK-8264640: CMS ParScanClosure misses a barrier
- JDK-8264821: DirectIOTest fails on a system with large block size
- JDK-8264846: [macos] libjvm.dylib linker warning due to macOS version mismatch
- JDK-8264923: PNGImageWriter.write_zTXt throws Exception with a typo
- JDK-8264958: C2 compilation fails with assert "n is later than its clone"
- JDK-8265099: Revert backport to 11u of 8236859: WebSocket over authenticating proxy fails with NPE
- JDK-8265154: vinserti128 operand mix up for KNL platforms
- JDK-8265417: Backport of JDK-8249672 breaks Solaris x86 build
- JDK-8265421: java/lang/String/StringRepeat.java test is missing a memory requirement
- JDK-8265537: x86 version string truncated after JDK-8249672 11u backport
- JDK-8265677: CMS: CardTableBarrierSet::write_ref_array_work() lacks storestore barrier
- JDK-8265690: Use the latest Ubuntu base image version in Docker testing
- JDK-8265718: Build failure after JDK-8258414 11u backport
- JDK-8265750: Fatal error in safepoint.cpp after backport of 8258414
Notes on individual issues:
===========================
security-libs/java.security:
JDK-8215293: Customizing PKCS12 keystore Generation
===================================================
New system and security properties have been added to enable users to
customize the generation of PKCS #12 keystores. This includes
algorithms and parameters for key protection, certificate protection,
and MacData. The detailed explanation and possible values for these
properties can be found in the "PKCS12 KeyStore properties" section of
the `java.security` file.
Also, support for the following SHA-2 based HmacPBE algorithms has
been added to the SunJCE provider:
* HmacPBESHA224
* HmacPBESHA256
* HmacPBESHA384
* HmacPBESHA512
* HmacPBESHA512/224
* HmacPBESHA512/256
JDK-8256902: Removed Root Certificates with 1024-bit Keys
=========================================================
The following root certificates with weak 1024-bit RSA public keys
have been removed from the `cacerts` keystore:
Alias Name: thawtepremiumserverca [jdk]
Distinguished Name: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Alias Name: verisignclass2g2ca [jdk]
Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Alias Name: verisignclass3ca [jdk]
Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Alias Name: verisignclass3g2ca [jdk]
Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Alias Name: verisigntsaca [jdk]
Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA
JDK-8261361: Removed Telia Company's Sonera Class2 CA certificate
=================================================================
The following root certificate have been removed from the cacerts truststore:
Alias Name: soneraclass2ca
Distinguished Name: CN=Sonera Class2 CA, O=Sonera, C=FI
security-libs/javax.net.ssl:
JDK-8257548: Improve Encoding of TLS Application-Layer Protocol Negotiation (ALPN) Values
=========================================================================================
Certain TLS ALPN values couldn't be properly read or written by the
SunJSSE provider. This is due to the choice of Strings as the API
interface and the undocumented internal use of the UTF-8 Character Set
which converts characters larger than U+00007F (7-bit ASCII) into
multi-byte arrays that may not be expected by a peer.
ALPN values are now represented using the network byte representation
expected by the peer, which should require no modification for
standard 7-bit ASCII-based character Strings. However, SunJSSE now
encodes/decodes String characters as 8-bit ISO_8859_1/LATIN-1
characters. This means applications that used characters above
U+000007F that were previously encoded using UTF-8 may need to either
be modified to perform the UTF-8 conversion, or set the Java security
property `jdk.tls.alpnCharset` to "UTF-8" revert the behavior.
See the updated guide at
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/alpn.html
for more information.
JDK-8244460: Support for certificate_authorities Extension
==========================================================
The "certificate_authorities" extension is an optional extension
introduced in TLS 1.3. It is used to indicate the certificate
authorities (CAs) that an endpoint supports and should be used by the
receiving endpoint to guide certificate selection.
With this JDK release, the "certificate_authorities" extension is
supported for TLS 1.3 in both the client and the server sides. This
extension is always present for client certificate selection, while it
is optional for server certificate selection.
Applications can enable this extension for server certificate
selection by setting the `jdk.tls.client.enableCAExtension` system
property to `true`. The default value of the property is `false`.
Note that if the client trusts more CAs than the size limit of the
extension (less than 2^16 bytes), the extension is not enabled. Also,
some server implementations do not allow handshake messages to exceed
2^14 bytes. Consequently, there may be interoperability issues when
`jdk.tls.client.enableCAExtension` is set to `true` and the client
trusts more CAs than the server implementation limit.
New in release OpenJDK 11.0.11 (2021-04-20):
=============================================
Live versions of these release notes can be found at:

43
SOURCES/TestSecurityProperties.java Normal file
View File

@ -0,0 +1,43 @@
import java.io.File;
import java.io.FileInputStream;
import java.security.Security;
import java.util.Properties;
public class TestSecurityProperties {
// JDK 11
private static final String JDK_PROPS_FILE_JDK_11 = System.getProperty("java.home") + "/conf/security/java.security";
// JDK 8
private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
public static void main(String[] args) {
Properties jdkProps = new Properties();
loadProperties(jdkProps);
for (Object key: jdkProps.keySet()) {
String sKey = (String)key;
String securityVal = Security.getProperty(sKey);
String jdkSecVal = jdkProps.getProperty(sKey);
if (!securityVal.equals(jdkSecVal)) {
String msg = "Expected value '" + jdkSecVal + "' for key '" +
sKey + "'" + " but got value '" + securityVal + "'";
throw new RuntimeException("Test failed! " + msg);
} else {
System.out.println("DEBUG: " + sKey + " = " + jdkSecVal + " as expected.");
}
}
System.out.println("TestSecurityProperties PASSED!");
}
private static void loadProperties(Properties props) {
String javaVersion = System.getProperty("java.version");
System.out.println("Debug: Java version is " + javaVersion);
String propsFile = JDK_PROPS_FILE_JDK_11;
if (javaVersion.startsWith("1.8.0")) {
propsFile = JDK_PROPS_FILE_JDK_8;
}
try (FileInputStream fin = new FileInputStream(new File(propsFile))) {
props.load(fin);
} catch (Exception e) {
throw new RuntimeException("Test failed!", e);
}
}
}

36
SPECS/java-11-openjdk.spec
View File

@ -291,7 +291,7 @@
# New Version-String scheme-style defines
%global featurever 11
%global interimver 0
%global updatever 11
%global updatever 12
%global patchver 0
# If you bump featurever, you must bump also vendor_version_string
# Used via new version scheme. JDK 11 was
@ -338,8 +338,8 @@
%global origin_nice OpenJDK
%global top_level_dir_name %{origin}
%global top_level_dir_name_backup %{top_level_dir_name}-backup
%global buildver 9
%global rpmrelease 5
%global buildver 1
%global rpmrelease 1
#%%global tagsuffix %%{nil}
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
%if %is_system_jdk
@ -368,7 +368,7 @@
# Release will be (where N is usually a number starting at 1):
# - 0.N%%{?extraver}%%{?dist} for EA releases,
# - N%%{?extraver}{?dist} for GA releases
%global is_ga 1
%global is_ga 0
%if %{is_ga}
%global ea_designator ""
%global ea_designator_zip ""
@ -1198,12 +1198,15 @@ Source13: TestCryptoLevel.java
# Ensure ECDSA is working
Source14: TestECDSA.java
# nss fips configuration file
Source15: nss.fips.cfg.in
# Verify system crypto (policy) can be disabled via a property
Source15: TestSecurityProperties.java
# Ensure vendor settings are correct
Source16: CheckVendor.java
# nss fips configuration file
Source17: nss.fips.cfg.in
############################################
#
# RPM/distribution specific patches
@ -1694,7 +1697,7 @@ done
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE11} > nss.cfg
# Setup nss.fips.cfg
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE15} > nss.fips.cfg
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE17} > nss.fips.cfg
sed -i -e "s:@NSS_SECMOD@:/etc/pki/nssdb:g" nss.fips.cfg
%build
@ -1874,6 +1877,10 @@ $JAVA_HOME/bin/java --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLev
$JAVA_HOME/bin/javac -d . %{SOURCE14}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||")
# Check system crypto (policy) can be disabled
$JAVA_HOME/bin/javac -d . %{SOURCE15}
$JAVA_HOME/bin/java -Djava.security.disableSystemPropertiesFile=true $(echo $(basename %{SOURCE15})|sed "s|\.java||")
# Check correct vendor values have been set
$JAVA_HOME/bin/javac -d . %{SOURCE16}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" "%{oj_vendor_url}" "%{oj_vendor_bug_url}"
@ -2355,6 +2362,21 @@ end
%endif
%changelog
* Mon Jun 28 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.12.0.1-0.1.ea
- Re-order source files to sync with Fedora.
- Resolves: rhbz#1966234
* Mon Jun 28 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.12.0.1-0.1.ea
- Add a test verifying system crypto policies can be disabled
- Resolves: rhbz#1966234
* Mon Jun 28 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.12.0.1-0.0.ea
- Update to jdk-11.0.12.0+1
- Update release notes to 11.0.12.0+1
- Switch to EA mode for 11.0.12 pre-release builds.
- Update ECC patch following JDK-8226374 (bug ID yet to be confirmed)
- Resolves: rhbz#1967374
* Wed Jun 16 2021 Jiri Vanek <jvanek@redhat.com> - 1:11.0.11.0.9-5
- adapted to newst cjc to fix issue with rpm 4.17
- Disable copy-jdk-configs for Flatpak builds