-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 21 Jul 2017 13:51:05 +0200
Source: openjdk-8
Binary: openjdk-8-jdk-headless openjdk-8-jre-headless openjdk-8-jdk openjdk-8-jre openjdk-8-demo openjdk-8-source openjdk-8-doc openjdk-8-dbg openjdk-8-jre-zero
Architecture: source
Version: 8u141-b15-1
Distribution: unstable
Urgency: high
Maintainer: OpenJDK Team <openjdk@lists.launchpad.net>
Changed-By: Matthias Klose <doko@ubuntu.com>
Description:
openjdk-8-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-8-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-8-doc - OpenJDK Development Kit (JDK) documentation
openjdk-8-jdk - OpenJDK Development Kit (JDK)
openjdk-8-jdk-headless - OpenJDK Development Kit (JDK) (headless)
openjdk-8-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-8-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-8-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-8-source - OpenJDK Development Kit (JDK) source files
Closes: 863331 867314
Changes:
openjdk-8 (8u141-b15-1) unstable; urgency=high
.
* Update to 8u141-b15, Hotspot 8u141-b16 for AArch64.
* Security fixes from 8u141:
- CVE-2017-10102, S8163958: Improved garbage collection.
- CVE-2017-10053, S8169209: Improved image post-processing steps.
- CVE-2017-10067, S8169392: Additional jar validation steps.
- CVE-2017-10081, S8170966: Right parenthesis issue.
- CVE-2017-10078, S8171539: Better script accessibility for JavaScript.
- CVE-2017-10087, S8172204: Better Thread Pool execution.
- CVE-2017-10089, S8172461: Service Registration Lifecycle.
- CVE-2017-10090, S8172465: Better handling of channel groups.
- CVE-2017-10096, S8172469: Transform Transformer Exceptions.
- CVE-2017-10101, S8173286: Better reading of text catalogs.
- CVE-2017-10107, S8173697: Less Active Activations.
- CVE-2017-10074, S8173770: Image conversion improvements.
- CVE-2017-10110, S8174098: Better image fetching.
- CVE-2017-10108, S8174105: Better naming attribution.
- CVE-2017-10109, S8174113: Better sourcing of code.
- CVE-2017-10115, S8175106: Higher quality DSA operations.
- CVE-2017-10118, S8175110: Higher quality ECDSA operations.
- CVE-2017-10116, S8176067: Proper directory lookup processing.
- CVE-2017-10135, S8176760: Better handling of PKCS8 material.
- CVE-2017-10176, S8178135: Additional elliptic curve support.
- CVE-2017-10193, S8179101: Improve algorithm constraints implementation.
- CVE-2017-10198, S8179998: Clear certificate chain connections.
- S8174770: Check registry registration location.
- S8174873: Improved certificate procesing.
- S8176055: JMX diagnostic improvements.
- S8176536: Improved algorithm constraints checking.
- S8181420: PPC: Image conversion improvements.
- S8182054: Improve wsdl support.
- S8184185: Rearrange MethodHandle arrangements.
.
[ Matthias Klose ]
* Provide jvmdir symlink in /usr/lib/debug. Closes: #867314.
* Fix pt_BR translation in awt message. Closes: #863331.
.
[ Tiago Stürmer Daitx ]
* debian/rules:
- enable apport hook on Ubuntu and derivatives only.
- remove with_zenhai logic.
- remove unused with_tzdata logic, move tzdata build dependency
to control.in.
- add Breaks:tzdata-java except for wheezy, jessie or trusty.
- re-enable jamvm for Xenial only.
- run debian/control before build so we won't build with a invalid
control file.
- remove logic to select between ttf or font packages and depend
on fonts-wqy-microhei and fonts-wqy-zenhei instead
* debian/apport-hook.py: add an apport hook to include conffiles
modified by the user on any report and the hs_err log file on
crash report only. LP: #1696886.
* patches/fontconfig-arphic-uming.diff: only enabled when with_zenhai
was false; not required since lenny.
* patches/hotspot-ppc64el-S8175813-mbind-invalid-argument.patch: prevent
invalid argument message when invoking UseNUMA on a system with
non-consecutive numa topology. LP: #1697348.
Checksums-Sha1:
37fc4a1e5618236bfb25ffd1ea070752c282df93 4483 openjdk-8_8u141-b15-1.dsc
5253a945b02494d27789b5a5df5ea8a0b06c5703 64099346 openjdk-8_8u141-b15.orig.tar.gz
5013cc9912c44e5e07d459218fbef070ebf6d878 244608 openjdk-8_8u141-b15-1.debian.tar.xz
f26d12dad3fca0f7b6b2780d3f8b1621df713a85 16303 openjdk-8_8u141-b15-1_source.buildinfo
Checksums-Sha256:
8acacf3f7c7df82523fe18e28e868761b19e95189644381752227686de38f5d8 4483 openjdk-8_8u141-b15-1.dsc
906bcbecce35e0bda53d6c431c22282cf5aba9367e842efa82426c7e9214cf64 64099346 openjdk-8_8u141-b15.orig.tar.gz
1f7d6f631a337be1bc6050d6f837e5921319e0b02f1e32f9c437d678afc880aa 244608 openjdk-8_8u141-b15-1.debian.tar.xz
af81d0da598b9e01ff2b626dce4d6bc3ff8ff0df6b27f1059b7de7686594261b 16303 openjdk-8_8u141-b15-1_source.buildinfo
Files:
5aa673088344da79f8e9dab833a45a3d 4483 java optional openjdk-8_8u141-b15-1.dsc
406746c8a52a9561784c4e2645b599db 64099346 java optional openjdk-8_8u141-b15.orig.tar.gz
8c46c8e2e775c3509babcaa7eaea5077 244608 java optional openjdk-8_8u141-b15-1.debian.tar.xz
49ac4471759f3d7f670865daa3cd51b3 16303 java optional openjdk-8_8u141-b15-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAllx84kQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9WMdEACgRCa7udOUhUInD0KWoBAT51Df9ctI7sRI
1mLDAGVaBukDcE2joRGdN5T2v3/Kg/kUJigj45qVNNndIVHXYFOLPh5scZDV4wX5
TXgU7Jp7Y//dxxtHGjQehW2eahsR0PE5MU9F3ytu+V0xXo76GxcFAXr94CqZLGhb
Zb4OhdD6mYh7bf/gNuqiLvKtdMtdo72BCWBs+NBEzkxgoLezxMMMyVs3b9oSKrs6
GTnBtR32r5du0aP9lT19cYj2e4GVr6LnozTcWiUxBoZJNAHHqpCakM9VuB8EC+ha
gZvTHZP4raowr3n7ZY0zmGvxetuTagcQyHXor7dhewH5Sq423lqYsnDP84xKSCuZ
1XHRqkoBnLp1l1JXeXbjfQ/vLi61etaWnzCCXXkP4HJbP/52oYbA5NNkugdfb3qm
kXhyWikcjDwB0ezpEnwrkG+i6KHdnfyb6Td96+dr94gCQPg/L0IZuu+Jbj/Y3b9O
/nHp+6A312LVTOzqnY6NGAS3utPRfBD51ZCb0trgOZplH2Swp/oGUYxE9ZYWANeX
QDfxt3IGeBeEcd4Bx/02UmrpD/bf8srddbHOdhifTJgj4J15Yaib2Rp4DY/oFGlY
NKIpbKaiShw2x/Z8ooAJ7js4ftM7lDZAuege46hZeyM4G53sny3EwQe4tBWVhSd1
nIoceB6CVw==
=5Ofz
-----END PGP SIGNATURE-----
