Univention Bugzilla – Full Text Bug Listing |
Summary: | openjdk-8: Multiple issues (4.4) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.4 | ||
Target Milestone: | UCS 4.4-2-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 6.8 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N) NVD RedHat |
Description
Quality Assurance
2019-10-22 08:14:45 CEST
--- mirror/ftp/4.4/unmaintained/4.4-2/source/openjdk-8_8u222-b10-1~deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-2/source/openjdk-8_8u232-b09-1~deb9u1.dsc @@ -1,6 +1,98 @@ -8u222-b10-1~deb9u1 [Fri, 19 Jul 2019 16:57:48 +0000] Moritz Muehlenhoff <jmm@debian.org>: - - * Rebuild for stretch +8u232-b09-1~deb9u1 [Sat, 19 Oct 2019 17:00:54 +0200] Moritz Muehlenhoff <jmm@debian.org>: + + * Rebuild for stretch-security + +8u232-b09-1 [Thu, 17 Oct 2019 22:41:19 +0200] Matthias Klose <doko@ubuntu.com>: + + * Update to 8u222-b09 (release build). + * Security fixes: + - S8167646: Better invalid FilePermission. + - S8213429, CVE-2019-2933: Windows file handling redux. + - S8218573, CVE-2019-2945: Better socket support. + - S8218877: Help transform transformers. + - S8220186: Improve use of font temporary files. + - S8220302, CVE-2019-2949: Better Kerberos ccache handling. + - S8221497: Optional Panes in Swing. + - S8221858, CVE-2019-2958: Build Better Processes. + - S8222684, CVE-2019-2964: Better support for patterns. + - S8222690, CVE-2019-2962: Better Glyph Images. + - S8223163: Better pattern recognition. + - S8223505, CVE-2019-2973: Better pattern compilation. + - S8223518, CVE-2019-2975: Unexpected exception in jjs. + - S8223892, CVE-2019-2978: Improved handling of jar files. + - S8224025: Fix for JDK-8220302 is not complete. + - S8224532, CVE-2019-2981: Better Path supports. + - S8224915, CVE-2019-2983: Better serial attributes. + - S8225286, CVE-2019-2987: Better rendering of native glyphs. + - S8225292, CVE-2019-2988: Better Graphics2D drawing. + - S8225298, CVE-2019-2989: Improve TLS connection support. + - S8225597, CVE-2019-2992: Enhance font glyph mapping. + - S8226765, CVE-2019-2999: Commentary on Javadoc comments. + - S8227129: Better ligature for subtables. + - S8227601: Better collection of references. + - S8228825, CVE-2019-2894: Enhance ECDSA operations. + +8u232-b07-2 [Tue, 01 Oct 2019 13:49:35 +0200] Matthias Klose <doko@ubuntu.com>: + + * Update to 8u232-b07 (early access build). + + [ Matthias Klose ] + * Refresh patches. + * openjdk-8-jdk-headless: Add Breaks/Replaces for moved clhsdb binary. + LP: #1845873. + * debian/tests/control: Depend on g++ instead of build-essential or libc6-dev. + * Bump standards vesion. + + [ Tiago Stürmer Daitx ] + * Improve and fix build tests and autopkgtests: + - Update debian/tests/hotspot,jdk,langtools to ignore + jtreg-autopkgtest.sh return code. + - Create debian/tests/jtdiff-autopkgtest.in as it depends + on debian/rules variables. + - debian/control.in, debian/control: add default-jre-headless + to Build-Depends with a nocheck clause as jtreg requires + a JRE in /usr/lib/jvm/default-java. + - debian/tests/control: + + Add zip and unzip test dependencies required by jdk's + test/sun/security/tools/jarsigner/diffend.sh and + test/sun/security/tools/jarsigner/emptymanifest.sh. + + Depend on default-jre-headless so jtreg will use the + JRE from /usr/lib/jvm/default-java. + - debian/tests/jtdiff-autopkgtest.sh: + + Fail only if an actual regression is detected. + + Add the super-diff comparison from jtdiff. + + Save failed jtr files for all runs. + - debian/tests/jtreg-autopkgtest.sh: + + Enable retry of failed tests to trim out flaky tests. + + Fix unbound variable. + + Keep .jtr files from failed tests only. + - debian/patches/jdk-problem-list.diff: ignore failing tests + that require more investigation. + - debian/rules: + + Preserve all JTreport directories in the test output + directory. + + Use JDK_DIR instead of JDK_TO_TEST for autopkgtest + generation. + + Package all .jtr files from JTwork as jtreg-autopkgtest.sh + makes sure it contains only failed tests. + * debian/tests/jdk: add our custom debian/tests/jdk-problem-list.txt to the + exclusion list. + * debian/tests/jdk-problem-list.txt: custom exclusion rules for jdk tests + that fail to run during a build or autopkgtest run. + * debian/rules: remove debian/patches/jdk-problem-list.diff. + * debian/patches/jdk-problem-list.diff: jtreg allows for extra exclusion + files thus there's no need to patch upstream's exclusion list. + * debian/tests/control: mark all autopkgtests as flaky. + * debian/tests/hotspot-archs: generated by debian/rules, contains a list of + archs that supports a hotspot vm. + * debian/tests/jdk: run only when the host arch is a hotspot vm - allow + override through an environment variable. + * debian/rules: update gen-autopkgtests to echo supported hotspot archs. + +8u232-b04-1 [Fri, 06 Sep 2019 18:03:11 +0200] Matthias Klose <doko@ubuntu.com>: + + * Update to 8u232-b04 (early access build). + * Refresh patches. 8u222-b10-1 [Thu, 18 Jul 2019 18:57:23 +0200] Matthias Klose <doko@ubuntu.com>: <http://10.200.17.11/4.4-2/#6521605547572003112> OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-2] 90860f8541 Bug #50398: openjdk-8 8u232-b09-1~deb9u1 doc/errata/staging/openjdk-8.yaml | 55 ++++++++++++++++----------------------- 1 file changed, 22 insertions(+), 33 deletions(-) [4.4-2] e6f440c19d Bug #50398: openjdk-8 8u232-b09-1~deb9u1 doc/errata/staging/openjdk-8.yaml | 67 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) |