- Update release notes to 17.0.5+8 (GA)
- Switch to EA mode for 17.0.5 pre-release builds.
- Bump HarfBuzz bundled version to 4.4.1 following JDK-8289853
- Bump FreeType bundled version to 2.12.1 following JDK-8290334
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
- Update CLDR data with Europe/Kyiv (JDK-8293834)
- Drop JDK-8292223 patch which we found to be unnecessary
- Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream
- The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds
- Remove freetype sources along with zlib sources
Related: RHEL-45216
- Update to jdk-17+35, also known as jdk-17-ga.
- Remove boot JDKs in favour of OpenJDK 17 build now in the buildroot.
- Update buildjdkver to 17 so as to build with itself
- Add possibility to disable system crypto policy
- Add PR3695 to allow the system crypto policy to be turned off
- Re-enable TestSecurityProperties after inclusion of PR3695
- Added gating.yaml
- Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
- Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics.
- Remove restriction on disabling product build, as debug packages no longer have javadoc packages.
- Update to jdk-17+33, including JDWP fix and July 2021 CPU
- Support the FIPS mode crypto policy (RH1655466)
- Update RH1655466 FIPS patch with changes in OpenJDK 8 version.
- SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file.
- Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg.
- No need to substitute path to nss.fips.cfg as java.security file supports a java.home variable.
- Disable FIPS mode support unless com.redhat.fips is set to "true".
- Use appropriate keystore types when in FIPS mode (RH1818909)
- Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable).
- Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986)
- Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode
- Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071)
- Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library.
- Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure.
- Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM.
- Add patch to disable non-FIPS crypto in the SUN and SunEC security providers.
- Add patch to login to the NSS software token when in FIPS mode.
- Fix unused function compiler warning found in systemconf.c
- Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access.
- Add JDK-8272332 fix so we actually link against HarfBuzz.
- Update release notes to document the major changes between OpenJDK 11 & 17.
- Add FIPS patch to allow plain key import.
- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false
- Patch syslookup.c so it actually has some code to be compiled into libsyslookup
- alternatives creation moved to posttrans
- Set LTS designator on RHEL, but not Fedora or EPEL.
Related: RHEL-45216
Removed many pre-steps, build requires and patching. Removed build.
added dependencies on portables
extracted portabels to BUILD
keep systemtap
todo, repack it properly
removed nss setup, enabled buildr and tuned "install"
check debuginfo for jre only
Print release
repacked portables
Remove javadoc.zip only for release build
Update release notes to 17.0.5+8 (GA)
Switch to GA mode for final release.
The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds
Remove freetype sources along with zlib sources
