-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 23 Aug 2017 16:02:57 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm openjdk-7-jre-zero
Architecture: source
Version: 7u151-2.6.11-1
Distribution: experimental
Urgency: medium
Maintainer: OpenJDK Team <openjdk@lists.launchpad.net>
Changed-By: Matthias Klose <doko@ubuntu.com>
Description:
icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
openjdk-7-jdk - OpenJDK Development Kit (JDK)
openjdk-7-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-7-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-7-source - OpenJDK Development Kit (JDK) source files
Closes: 766601 827741 863007 865533 865749 869816
Changes:
openjdk-7 (7u151-2.6.11-1) experimental; urgency=medium
.
* IcedTea release 2.6.11 (based on 7u151). Closes: #869816.
* Security fixes:
- S8163958, CVE-2017-10102: Improved garbage collection.
- S8167228: Update to libpng 1.6.28.
- S8169209, CVE-2017-10053: Improved image post-processing steps.
- S8169392, CVE-2017-10067: Additional jar validation steps.
- S8170966, CVE-2017-10081: Right parenthesis issue.
- S8172204, CVE-2017-10087: Better Thread Pool execution.
- S8172461, CVE-2017-10089: Service Registration Lifecycle.
- S8172465, CVE-2017-10090: Better handling of channel groups.
- S8172469, CVE-2017-10096: Transform Transformer Exceptions.
- S8173286, CVE-2017-10101: Better reading of text catalogs.
- S8173697, CVE-2017-10107: Less Active Activations.
- S8173770, CVE-2017-10074: Image conversion improvements.
- S8174098, CVE-2017-10110: Better image fetching.
- S8174105, CVE-2017-10108: Better naming attribution.
- S8174113, CVE-2017-10109: Better sourcing of code.
- S8174770: Check registry registration location.
- S8174873: Improved certificate processing.
- S8175106, CVE-2017-10115: Higher quality DSA operations.
- S8175110, CVE-2017-10118: Higher quality ECDSA operations.
- S8176055: JMX diagnostic improvements.
- S8176067, CVE-2017-10116: Proper directory lookup processing.
- S8176760, CVE-2017-10135: Better handling of PKCS8 material.
- S8178135, CVE-2017-10176: Additional elliptic curve support.
- S8181420, CVE-2017-10074: PPC: Image conversion improvements.
- S8182054, CVE-2017-10243: Improve wsdl support.
- S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements.
- S8184119, CVE-2017-10111: Incorrect return processing for the LF editor
of MethodHandles.permuteArguments.
.
[ Tiago Stürmer Daitx ]
* d/control.in:
- remove @bd_compress@ dependency.
- replace @bd_autotools@ with fixed dependencies.
* d/control.tests: package to hold all tests artifacts and logs.
* d/repack: fixed and simplified download script.
* d/rules:
- include openjdk-7-tests package on Ubuntu derivatives only.
- only save the full jtreg results when the openjdk-7-tests package
is being built, otherwise stick to old behaviour (keep compressed
test summaries + failed test results). Closes: #863007, #865533.
- only run the long jdk testsuite when default vm is a hotspot.
- only run the full testsuite for zero alternative vm on very fast
systems, otherwise stick to the hotspot testsuite to avoid long
build times.
- remove with_nss as all supported releases have it now.
- remove gcc/g++ configurations for EOL releases.
- keep libjpeg8 dependency on wheezy, replace it with libjpeg62-turbo
on other Debian releases and libjpeg-turbo8 on Ubuntu. Closes: #766601.
- remove old logic to depend on libcupsys2.
- always set rhino_source, all supported releases have dpkg > 1.16.2.
- remove bd_compress and pkg_compress as they haven't been used for
quite a while.
- remove with_wgy_zenhai logic, lenny is EOL.
- remove bd_autotools logic if/then, call dh_autoreconf and
dh_autoreconf_clean.
- simplify bootstrap dependency logic and remove EOL releases.
- remove EOL releases from gcc/g++ dependency logic.
- remove unused jamvm_defaults and simplify jamvm_archs logic.
- use ttf-indic-fonts for trusty, otherwise stick to fonts-indic.
- patch configure after dh_autoreconf call to include additional
/usr/lib/jvm directories; setting DEB_HOST_ARCH=alpha to check
if patches apply correctly fails because alpha requires a jdk for
bootstrap and IcedTea does not look into our usual directories.
* d/p/fontconfig-arphic-uming.diff: removed, not used since lenny.
* d/p/jdk-getAccessibleValue.diff: libatk-wrapper-java: File selection
dialog not refreshed when changing directory. Kindly provided by
Samuel Thibault. Closes: #827741.
* d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch:
deleted, included in IcedTea 2.6.10.
* d/p/kfreebsd-support-jdk.diff: updated, was failing to apply due to
jdk changes in NetworkInterface.c.
* d/p/sec-webrev-8u131-*.patch: deleted, included in IcedTea 2.6.10.
* d/p/zero-sparc.diff: commented out chaitin.hpp hunk #1 as that #ifdef
has been removed by JDK-8011621 (backported by IcedTea 2.6.10); this
was also backported to 7u131 through JDK-8160961 but then backed out,
better keep the hunk in case IcedTea decides to back it out as well.
.
[ Matthias Klose ]
* Build using gcc-6 on recent releases.
* Fix libjvm.so's .debug file names. Closes: #865749. LP: #1548434.
Checksums-Sha1:
5289060ca2d72468352a1c1830e2d1697e202a20 4693 openjdk-7_7u151-2.6.11-1.dsc
2b669d50627c4ad3f9452b97ad9d2ef1073e525a 53829152 openjdk-7_7u151-2.6.11.orig.tar.gz
d0e3b911810cda1d5cd94aeed4b2745a1a244453 167328 openjdk-7_7u151-2.6.11-1.debian.tar.xz
fa9bbed69d1649c60dd484d97e203fd155f449b2 16562 openjdk-7_7u151-2.6.11-1_source.buildinfo
Checksums-Sha256:
248997cbc70157062749bd960e064abd5a7a618fd957c08f4f82efd37242e4f1 4693 openjdk-7_7u151-2.6.11-1.dsc
9c77d10e23f1d6105a71e18d330a4397fe418e9d0ad63cde65b4b7bac9a144b6 53829152 openjdk-7_7u151-2.6.11.orig.tar.gz
bcce7f7dd5a67b326a6c4390db14e8767937451db815c4a1c9746d3d5668f575 167328 openjdk-7_7u151-2.6.11-1.debian.tar.xz
2fe56966f932153f58f091b09b2cd37a49a6b1d681c10e0aa35dfa89edcef45b 16562 openjdk-7_7u151-2.6.11-1_source.buildinfo
Files:
e7d99210dc299a6bd9e99059dfc4145a 4693 java optional openjdk-7_7u151-2.6.11-1.dsc
e033b12d6ab827c94810fab741d5f70d 53829152 java optional openjdk-7_7u151-2.6.11.orig.tar.gz
1ea4570570ff32d41597677f7cc4651d 167328 java optional openjdk-7_7u151-2.6.11-1.debian.tar.xz
dbb7e4efb5fee2c79a716036d6b7f9cd 16562 java optional openjdk-7_7u151-2.6.11-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlmdpOoQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9d9ID/9k3v7A2LS7U/11yL33O4avH6R9pxmPSjBl
/xm7Y8tuTyzfX0VV8ZoPVPTX76vJkSYF0H6TPLpaGeWS3rtdtaIdcCgW5OvfRREK
XeAl4FLdv230L07w3Q13ANLypA9h5TC45LtloUP8L7D9VdhUT3aqCh2tTUNycEzR
xUl6n81KQoSbxJck2UvrCXNhV3wsHCUJaXQj+9RqO8M/8pmp6sUJacRZA3rd/KTt
IOUweuslkASZqeDsU/MJ/P9JqLnOX+BFYNBy7ijnulHepM1YHToZ4Mb9LWnW2voA
S7qGQPdJ+CImMjViOqjNoMqMT/HboJyTKpZ0FQ6IB2mQnSlPWKRljHHiaX3PcVmN
ELBsjv6CYRzkI8k6+x4+kEyVqhRpfoq7j6mrHgE3kRVitIyXurxHHpP3HRXvTV0h
W6RxaUQ4NDjMWQT+D4gqHcgUA098Q5FCviF13MhWIZzegprPxY2YF3U6lozHClkr
mN8aZcShmlBuzFl1lwi4tZAb/TW1X1HMdH21Q2qebR0wU7Yit0WGh4eaMohjRBfv
KZfnxmFmugqXauDzp+dsJBGDq/esWOEEHURUKu0aHNlee5mulD4U08Xj6WY7PBGN
JLXhWOzpk3R/VYAxR162qgvcJuR7zBas/+90wZBbF9eaaRmRpL6nMesabXWCdYBM
Ssy6RRRVJw==
=Cf8Q
-----END PGP SIGNATURE-----
