diff --git a/.gitignore b/.gitignore index 2a74071..0e4f3a3 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,4 @@ /openjdk-23.0.2+7.tar.xz /openjdk-24.0.2+12.tar.xz /openjdk-25+36.tar.xz +/openjdk-25.0.1+8.tar.xz diff --git a/NEWS b/NEWS index 5c1733e..0a4a628 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,95 @@ Key: JDK-X - https://bugs.openjdk.java.net/browse/JDK-X CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release OpenJDK 25.0.1 (2025-10-21): +=========================================== + +* CVEs + - CVE-2025-53057 + - CVE-2025-53066 + - CVE-2025-61748 +* Changes + - JDK-8315131: Clarify VarHandle set/get access on 32-bit platforms + - JDK-8352637: Enhance bytecode verification + - JDK-8356294: Enhance Path Factories + - JDK-8356587: Missing object ID X in pool jdk.types.Method + - JDK-8357826: Avoid running some jtreg tests when asan is configured + - JDK-8358452: JNI exception pending in Java_sun_awt_screencast_ScreencastHelper_remoteDesktopKeyImpl of screencast_pipewire.c:1214 (ID: 51119) + - JDK-8358577: Test serviceability/jvmti/thread/GetCurrentContendedMonitor/contmon01/contmon01.java failed: unexpexcted monitor object + - JDK-8358819: The first year is not displayed correctly in Japanese Calendar + - JDK-8359059: Bump version numbers for 25.0.1 + - JDK-8359218: RISC-V: Only enable CRC32 intrinsic when AvoidUnalignedAccess == false + - JDK-8359270: C2: alignment check should consider base offset when emitting arraycopy runtime call + - JDK-8359454: Enhance String handling + - JDK-8359596: Behavior change when both -Xlint:options and -Xlint:-options flags are given + - JDK-8360179: RISC-V: Only enable BigInteger intrinsics when AvoidUnalignedAccess == false + - JDK-8360533: ContainerRuntimeVersionTestUtils fromVersionString fails with some docker versions + - JDK-8360647: [XWayland] [OL10] NumPad keys are not triggered + - JDK-8360679: Shenandoah: AOT saved adapter calls into broken GC barrier stub + - JDK-8360937: Enhance certificate handling + - JDK-8361212: Remove AffirmTrust root CAs + - JDK-8361532: RISC-V: Several vector tests fail after JDK-8354383 + - JDK-8361829: [TESTBUG] RISC-V: compiler/vectorization/runner/BasicIntOpTest.java fails with RVV but not Zvbb + - JDK-8362109: Change milestone to fcs for all releases + - JDK-8362882: Update SubmissionPublisher() specification to reflect use of ForkJoinPool.asyncCommonPool() + - JDK-8366223: ZGC: ZPageAllocator::cleanup_failed_commit_multi_partition is broken + - JDK-8367031: [backout] Change java.time month/day field types to 'byte' + - JDK-8368308: ISO 4217 Amendment 180 Update + +Notes on individual issues: +=========================== + +core-libs/java.io:serialization: + +JDK-8367031: [backout] Change java.time month/day field types to 'byte' +======================================================================= +In the initial release of OpenJDK 25, attempting to read serialised +Class objects created by earlier versions of OpenJDK for several of +the `java.time` classes would fail with a +`InvalidClassException`. Similarly, `java.time` Class objects +serialised with OpenJDK 25 could not be read by older OpenJDK +versions. This was due to the type of the day and month fields in +these classes being changed to `byte`. This change has now been +reverted and compatibility between OpenJDK 25 and older versions +restored. + +Note that this incompatibility occurred with the `Class` object and +not an instance of the object i.e. `writeObject(LocalDate.class)` +would produce incompatible serialised data, but +`writeObject(LocalDate.now())` would not. + +security-libs/java.security: + +JDK-8361212: Remove AffirmTrust root CAs +======================================== +The following root certificates from AffirmTrust, which were +deactivated in the 21.0.5 release of October 2024, have been removed +from the `cacerts` keystore: + +Alias name: affirmtrustcommercialca [jdk] +CN=AffirmTrust Commercial +O=AffirmTrust +C=US +SHA256: 03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7 + +Alias name: affirmtrustnetworkingca [jdk] +CN=AffirmTrust Networking +O=AffirmTrust +C=US +SHA256: 0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B + +Alias name: affirmtrustpremiumca [jdk] +CN=AffirmTrust Premium +O=AffirmTrust +C=US +SHA256: 70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A + +Alias name: affirmtrustpremiumeccca [jdk] +CN=AffirmTrust Premium ECC +O=AffirmTrust +C=US +SHA256: BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23 + New in release OpenJDK 25.0.0 (2025-09-16): =========================================== Major changes are listed below. Some changes may have been backported diff --git a/java-25-openjdk.spec b/java-25-openjdk.spec index 016ab92..136c13b 100644 --- a/java-25-openjdk.spec +++ b/java-25-openjdk.spec @@ -316,7 +316,7 @@ # New Version-String scheme-style defines %global featurever 25 %global interimver 0 -%global updatever 0 +%global updatever 1 %global patchver 0 # We don't add any LTS designator for STS packages (Fedora and EPEL). # We need to explicitly exclude EPEL as it would have the %%{rhel} macro defined. @@ -375,10 +375,10 @@ %global origin_nice OpenJDK %global top_level_dir_name %{vcstag} %global top_level_dir_name_backup %{top_level_dir_name}-backup -%global buildver 36 +%global buildver 8 %global rpmrelease 1 # Settings used by the portable build -%global portablerelease 2 +%global portablerelease 1 # Portable suffix differs between RHEL and CentOS %if 0%{?centos} == 0 %global portablerhel %{?pkgos:7_9}%{!?pkgos:8} @@ -2553,12 +2553,13 @@ exit 0 %endif %changelog -* Sun Nov 09 2025 Andrew Hughes - 1:25.0.0.0.36-1 -- Update to jdk-25.0.0+36 (GA) +* Mon Nov 10 2025 Andrew Hughes - 1:25.0.1.0.8-1 +- Update to jdk-25.0.1+8 (GA) - Update release notes with features of JDK 25 - Mention finalisation JEP for features finalised in JDK 22, 23 & 24 - Drop fakefeaturever now we have reached OpenJDK 25 -- Related: RHEL-120553 +- Update release notes to 25.0.1+8 +- Resolves: RHEL-120553 * Wed Nov 05 2025 Andrew Hughes - 1:24.0.2.0.12-1 - Update to jdk-24.0.2+12 (GA) diff --git a/sources b/sources index c58df78..81afaec 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30 -SHA512 (openjdk-25+36.tar.xz) = 062f55acdcccb32dd62377dce9573a70b0535312f2f69cb660be1d321b52ad3e24ef9c333055434b19e6fedb94dd5a1408addfb7e5f47d36664587ab1c12a22b +SHA512 (openjdk-25.0.1+8.tar.xz) = eb84d876f81ca02803283e8294c89b6acbed3753426811c3bcc228615c9618deefc85da4aa702800cac2feb103e628ee8b92292b316e9d7e12a58b6de69c5085