Univention Bugzilla – Bug 49075
openjdk-8: Multiple issues (4.3)
Last modified: 2019-03-27 14:28:46 CET
New Debian openjdk-8 8u212-b01-1~deb9u1 fixes: This update addresses the following issue: * memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422)
--- mirror/ftp/4.3/unmaintained/4.3-3/source/openjdk-8_8u181-b13-2~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-3/source/openjdk-8_8u212-b01-1~deb9u1.dsc @@ -1,6 +1,86 @@ -8u181-b13-2~deb9u1 [Mon, 22 Oct 2018 18:05:23 +0000] Moritz Muehlenhoff <jmm@debian.org>: - - * Rebuild for stretch-security +8u212-b01-1~deb9u1 [Tue, 19 Mar 2019 00:06:47 +0100] Moritz Muehlenhoff <jmm@debian.org>: + + * Rebuild for stretch + +8u212-b01-1 [Tue, 19 Mar 2019 08:26:02 +0100] Matthias Klose <doko@ubuntu.com>: + + * Update to 8u212-b01. + * Enable SA on AArch64. + +8u202-b26-3 [Mon, 18 Mar 2019 14:13:37 +0100] Matthias Klose <doko@ubuntu.com>: + + * Fix the 8u202 merge for aarch32, not using SA. + +8u202-b26-2 [Sun, 17 Mar 2019 23:37:54 +0100] Matthias Klose <doko@ubuntu.com>: + + * Fix builds using the aarch32 hotspot version. + +8u202-b26-1 [Sun, 17 Mar 2019 17:07:16 +0100] Matthias Klose <doko@ubuntu.com>: + + * Update to 8u202-b26. + * Security fixes: + - CVE-2019-2422, S8206290: Better FileChannel transfer performance. + - CVE-2019-2426, S8209094: Improve web server connections. + - S8199156: Better route routing. + - S8199552: Update to build scripts. + - S8200659: Improve BigDecimal support. + - S8203955: Improve robot support. + - S8204895: Better icon support. + - S8205709: Proper allocation handling. + - S8205714: Initial class initialization. + - S8210094: Better loading of classloader classes. + - S8210606: Improved data set handling. + - S8210866: Improve JPEG processing. + + [ Tiago Stürmer Daitx ] + * Update DEP8 tests: + - debian/tests/control: updated to allow stderr output and to remove + dpkg-dev dependency. + - debian/tests/jtdiff-autopkgtest.sh: use dpkg --print-architecture + instead of dpkg-architecture; log script name on any output. + - debian/tests/jtreg-autopkgtest.in: use dpkg --print-architecture instead + of dpkg-architecture; do not retain test temporary files; log script + name on any output. + - debian/tests/jtreg-autopkgtest.sh: regenerated. + +8u191-b12-2 [Wed, 05 Dec 2018 09:06:06 +0100] Matthias Klose <doko@ubuntu.com>: + + * Upload to unstable. + * Remove the "Team upload" for the last upload to experimental. + +8u191-b12-1 [Mon, 19 Nov 2018 11:02:46 +0000] Tiago Stürmer Daitx <tiago.daitx@ubuntu.com>: + + * Update to 8u191-b12. (Closes: #911925, Closes: #912333, LP: #1800792) + * debian/excludelist.jdk.jtx: no longer needed, using ProblemsList.txt + from upstream now. + * debian/excludelist.langtools.jtx: upstream testing does not use any + exclusion list. + * debian/patches/sec-webrev-8u191-b12*: removed, applied upstream. + * debian/patches/jdk-8132985-backport-double-free.patch, + debian/patches/jdk-8139803-backport-warning.patch: fix crash in + freetypescaler due to double free, thanks to Heikki Aitakangas for + the report and patches. (Closes: #911847) + * debian/rules: + - tar and save JTreport directory. + - run the same limited set of tests as upstream does. + - call the same testsuites scripts used for autopkgtest. + - reenable jdk testsuite. + - simplified and moved xvfb logic into check-jdk rule. + - removed jtreg and xvfb build dependency logic and moved the bdeps + into debian/control.in. + - added rules to generate autopkgtest scripts from templates. + * updated dep8 tests: + - debian/test/control: run hotspot, langtools, and jdk testsuites. + - debian/tests/hotspot, debian/tests/jdk, debian/tests/langtools: + add scripts for each testsuite to be run. + - debian/tests/jtreg-autopkgtest.sh: template to generate the jtreg + script used by the autopkgtest tests. + - debian/tests/jtdiff-autopkgtest.sh: used by the scripts to report + any differences between the autopkgtest and the tests results + generated during the openjdk package build. + - debian/tests/jtreg-autopkgtest.sh: used by the scripts to run jtreg + and put the resulting artifacts in the right places. + - debian/tests/valid-tests: removed, no longer needed. 8u181-b13-2 [Sun, 21 Oct 2018 12:23:32 +0200] Matthias Klose <doko@ubuntu.com>: <http://10.200.17.11/4.3-3/#4931585690700407110>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-3] b43cca9fb0 Bug #49075: openjdk-8 8u212-b01-1~deb9u1 doc/errata/staging/openjdk-8.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.3-3] c3d6980611 Bug #49075: openjdk-8 8u212-b01-1~deb9u1 doc/errata/staging/openjdk-8.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.3-3] ff3a7e6922 Bug #49075: openjdk-8 8u212-b01-1~deb9u1 doc/errata/staging/openjdk-8.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.3/462.html>