rpms
/
java-17-openjdk
7
0
Fork 0
Code Issues Pull Requests Releases Activity
25 Commits 10 Branches 58 Tags 2.7 MiB
Commit Graph

24 Commits

Author SHA1 Message Date
Andrew Hughes d3bc4567f3 Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes (_heap->_heaps) and @JAVA_SPEC_VER@ 
Update icedtea_sync.sh with a VCS mode that retrieves sources from a Mercurial repository

Related: rhbz#2022826
 2022-02-16 00:33:09 +00:00
Andrew Hughes a8b9b10273 January 2022 security update to jdk 17.0.2+8 
Rebase RH1995150 & RH1996182 patches following JDK-8275863 addition to module-info.java
Rename libsvml.so to libjsvml.so following JDK-8276025
Drop JDK-8276572 patch which is now upstream

Resolves: rhbz#2039392
 2022-02-11 12:48:59 +00:00
Andrew Hughes 1f415e6830 Sync desktop files with upstream IcedTea release 3.15.0 using new script 
Related: rhbz#2022826
 2022-02-10 21:14:21 +00:00
Andrew Hughes 821e2145f6 Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy secmod.db file as part of nss 
Resolves: rhbz#2023537
 2021-11-29 19:36:18 +00:00
Andrew Hughes defc5e1dd6 October CPU update to jdk 17.0.1+12 
Dropped commented-out source line
Drop JDK-8272332 patch now included upstream.

Resolves: rhbz#2013846
 2021-11-16 18:51:08 +00:00
Andrew Hughes 3cd0505fe2 Set LTS designator on RHEL, but not Fedora or EPEL. 
Related: rhbz#2013846
 2021-11-09 01:58:54 +00:00
Jiri Vanek b291d3f668 alternatives creation moved to posttrans 
- Thus fixing the old reisntall issue:
- https://bugzilla.redhat.com/show_bug.cgi?id=1200302
- https://bugzilla.redhat.com/show_bug.cgi?id=1976053
 2021-11-08 15:38:19 +01:00
Andrew Hughes bf21f1a810 Patch syslookup.c so it actually has some code to be compiled into libsyslookup 
Related: rhbz#2013846
 2021-11-07 01:50:01 +00:00
Andrew Hughes ccefd13b01 Add FIPS patch to allow plain key import. 
Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false

Resolves: rhbz#1994682
 2021-10-11 03:24:35 +01:00
Andrew Hughes 4b932ebee8 Update release notes to document the major changes between OpenJDK 11 & 17. 
Resolves: rhbz#2000925
 2021-10-10 23:05:32 +01:00
Andrew Hughes da06035ff0 Update to jdk-17+35, also known as jdk-17-ga. 
Switch to GA mode.
Add JDK-8272332 fix so we actually link against HarfBuzz.

Resolves: rhbz#2000925
 2021-09-19 13:38:46 +01:00
Andrew Hughes 1c4a8bc563 Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access. 
Resolves: rhbz#1997359
 2021-08-30 16:52:43 +01:00
Andrew Hughes 027bbcc4e3 Add patch to login to the NSS software token when in FIPS mode. 
Fix unused function compiler warning found in systemconf.c

Resolves: rhbz#1997359
Related: rhbz#1995889
 2021-08-28 01:38:47 +01:00
Andrew Hughes cba3bba79b Add patch to disable non-FIPS crypto in the SUN and SunEC security providers. 
Resolves: rhbz#1995889
 2021-08-27 23:17:20 +01:00
Andrew Hughes d4c6f7c9b1 Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library. 
Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure.
Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM.

Related: rhbz#1995889
 2021-08-27 21:22:49 +01:00
Andrew Hughes 584ffa5a36 Support the FIPS mode crypto policy (RH1655466) 
Update RH1655466 FIPS patch with changes in OpenJDK 8 version.
SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file.
Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg.
No need to substitute path to nss.fips.cfg as java.security file supports a java.home variable.
Disable FIPS mode support unless com.redhat.fips is set to "true".
Use appropriate keystore types when in FIPS mode (RH1818909)
Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable).
Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986)
Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode
Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071)

Related: rhbz#1995889
 2021-08-27 05:58:02 +01:00
Andrew Hughes ee6b0f24ba Update to jdk-17+33, including JDWP fix and July 2021 CPU 
Resolves: rhbz#1870625
 2021-08-26 18:47:16 +01:00
Andrew Hughes f9155e4763 Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics. 
Remove restriction on disabling product build, as debug packages no longer have javadoc packages.

Resolves: rhbz#1870625
 2021-08-26 03:36:42 +01:00
Mohan Boddu 1103501516 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags 
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-08-09 21:03:49 +00:00
Andrew Hughes a9c385cc9a Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch 
It makes the SunPKCS provider show up again

Resolves: rhbz#1870625
 2021-07-14 05:44:00 +01:00
Jiri Vanek 2575952df8 Added gating.yaml 
Resolves: rhbz#1870625
 2021-07-13 17:42:35 +02:00
Severin Gehwolf f9fcec76c3 Add possibility to disable system crypto policy 
Add PR3695 to allow the system crypto policy to be turned off
Re-enable TestSecurityProperties after inclusion of PR3695

Resolves: rhbz#1870625
 2021-07-06 03:59:27 +01:00
Andrew Hughes 780eb3f7a9 Remove boot JDKs in favour of OpenJDK 17 build now in the buildroot. 
Update buildjdkver to 17 so as to build with itself

Resolves: rhbz#1870625
 2021-06-26 18:34:21 +01:00
Andrew Hughes 913d7c9e5b Import java-17-openjdk 
Resolves: rhbz#1870625
 2021-06-23 03:08:10 +01:00