-
openjdk-lts (11.0.11+9-0ubuntu2~20.10) groovy-security; urgency=medium
* Backport the security update to 20.10.
openjdk-lts (11.0.11+9-0ubuntu2) hirsute; urgency=medium
* OpenJDK 11.0.11+9 build (release).
* Security fixes:
- JDK-8244473: Contextualize registration for JNDI.
- JDK-8244543: Enhanced handling of abstract classes.
- JDK-8250568: Less ambiguous processing (CVE-2021-2161).
- JDK-8253799: Make lists of normal filenames.
- JDK-8249906: Enhance opening JARs (CVE-2021-2163).
- JDK-8257001: Improve HTTP client support.
* Mark the build as an upstream release.
openjdk-lts (11.0.11+8-0ubuntu2) hirsute; urgency=medium
* OpenJDK 11.0.11+8 build (early access).
* Sync packages with 11.0.11+8-1:
* Set DEB_BUILD_MAINT_OPTIONS = optimize=-lto, not yet ready. Looks
like 16 and 17 are buildable with lto.
* Remove dangling jfr alternative on upgrades if no jdk is installed (Andreas
Beckmann). Closes: #985060.
* Use mktemp instead of tempfile in maintainer scripts (Andreas Beckmann).
* Backport fix for JDK-8262085, hovering Metal HTML Tooltips in different
windows cause IllegalArgExc on Linux. Closes: #967049.
openjdk-lts (11.0.11+7-0ubuntu1) hirsute; urgency=medium
* OpenJDK 11.0.11+7 build (early access).
* Sync packages with 11.0.11+7-1:
* Simplify compiler selection for backports.
* Don't use the triplet-prefixed binutils tools for backports.
openjdk-lts (11.0.11+4-0ubuntu2) hirsute; urgency=medium
* Don't build zero on armhf, still fails to build.
openjdk-lts (11.0.11+4-0ubuntu1) hirsute; urgency=medium
* OpenJDK 11.0.11+4 build (early access).
* Sync packages with 11.0.11+4-1:
* reproducible-build-jmod.diff: Fall back to the unpatched behavior
for backports.
* Only build with system harfbuzz for recent releases.
* Configure --with-copyright-year. Closes: #956154.
* Sync packages with 11.0.11+3-3:
* Fix the build logic, jaotc and jhsdb tools not available on all archs.
* Ship the jfc files used by jfr.
* Move libawt_xawt.so, libjawt.so into the jre package. Closes: #908058.
* Sync packages with 11.0.11+3-2:
* OpenJDK 11.0.11+3 build (early access).
* Use debugedit to generate unique build-id's and remove the openjdk-N-dbg
file conflicts. Closes: #919671.
* Remove KFreeBSD build support and patches, not updated since OpenJDK 8.
* Backport JDK-8222825. Closes: #960153.
* Build with Rules-Requires-Root: no.
* Move the jfr binary from -jre-headless to -jdk-headless. Development tool.
* Build zero again on armhf.
-- Matthias Klose <email address hidden> Wed, 21 Apr 2021 11:15:32 +0200
-
openjdk-lts (11.0.10+9-0ubuntu1~20.10) groovy-security; urgency=medium
* Backport from Hirsute.
* Update VCS attributes.
openjdk-lts (11.0.10+9-0ubuntu1) hirsute; urgency=medium
* OpenJDK 11.0.10+9 build (release).
openjdk-lts (11.0.10+8-0ubuntu1) hirsute; urgency=medium
* OpenJDK 11.0.10+8 build (early access).
[ Matthias Klose ]
* Build with system harfbuzz.
* Refresh patches.
* Bump standards version.
[ Tiago Stürmer Daitx ]
* Update VCS attributes.
-- Tiago Stürmer Daitx <email address hidden> Wed, 20 Jan 2021 02:32:18 +0000
-
openjdk-lts (11.0.9.1+1-0ubuntu1~20.10) groovy-security; urgency=medium
* Backport from Hirsute.
openjdk-lts (11.0.9.1+1-0ubuntu1) hirsute; urgency=medium
* OpenJDK 11.0.9+11 build (release).
[ Matthias Klose ]
* Configure --with-jvm-features=shenandoahgc for hotspot builds.
LP: #1902029.
[ Tiago Stürmer Daitx ]
* Filter out recurring failed tests.
- debian/failed-tests-problemlist.txt: list of tests known to
have failed in the past.
- debian/tests/control: add zip as some tests depend on it.
- debian/tests/hotspot, debian/tests/jaxp, debian/test/jdk,
debian/tests/langtools: exclude tests listed as failed tests,
exit if jtreg exits 77 as no test was actually ran.
- debian/tests/jtreg-autopkgtest.in: reduce retries from 3 to 2,
exit early if test results are the same on retry, output time
along name and status.
- debian/tests/jtreg-autopkgtest.sh: regenerated.
- d/p/hotspot-test-fix-npe-on-missing-file.patch: recurse only
if src file exists, fixes test when libatk is a dangling link.
openjdk-lts (11.0.9+11-0ubuntu2) hirsute; urgency=medium
* d/p/jdk-8254982-tzdata2020c.patch: update to tzdata2020c.
-- Tiago Stürmer Daitx <email address hidden> Tue, 10 Nov 2020 04:18:42 +0000
-
openjdk-lts (11.0.9+11-0ubuntu1) groovy; urgency=medium
* OpenJDK 11.0.9+11 build (release).
* Security fixes:
- JDK-8233624: Enhance JNI linkage
- JDK-8236196: Improve string pooling
- JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
- JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
- JDK-8237995, CVE-2020-14782: Enhance certificate processing
- JDK-8240124: Better VM Interning
- JDK-8241114, CVE-2020-14792: Better range handling
- JDK-8242680, CVE-2020-14796: Improved URI Support
- JDK-8242685, CVE-2020-14797: Better Path Validation
- JDK-8242695, CVE-2020-14798: Enhanced buffer support
- JDK-8243302: Advanced class supports
- JDK-8244136, CVE-2020-14803: Improved Buffer supports
- JDK-8244479: Further constrain certificates
- JDK-8244955: Additional Fix for JDK-8240124
- JDK-8245407: Enhance zoning of times
- JDK-8245412: Better class definitions
- JDK-8245417: Improve certificate chain handling
- JDK-8248574: Improve jpeg processing
- JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
- JDK-8253019: Enhanced JPEG decoding
[ Matthias Klose ]
* Call strip-nondeterminism before computing jmod hashes (Julian Gilbey).
Closes: #944738.
* Build with GCC 10 in current development versions. Closes: #972288.
[ Tiago Stürmer Daitx ]
* debian/rules:
- remove get-orig, gbp import-orig uses uscan and is configured
to clean the orig package.
- sanitize v_pkgrel to use in version-opt as it deletes
any character not in [-.a-zA-Z0-9].
- prevent deletion of test file on dh_clean.
* debian/generate-debian-orig.sh, debian/update-hgrev.sh: remove
outdated files that no longer work.
* debian/watch: fetch from github and only scan for numeric tags.
* debian/patches/jdk-8254177-tzdata2020b.patch: update to latest
tzdata.
* debian/JB-jre-headless.postinst.in: replace tempfile calls with
mktemp. Closes: #972245.
-- Tiago Stürmer Daitx <email address hidden> Thu, 22 Oct 2020 05:15:02 +0000
-
openjdk-lts (11.0.9+10-0ubuntu1) groovy; urgency=medium
[ Tiago Stürmer Daitx ]
* OpenJDK 11.0.9+9 build (early access).
* debian/rules:
- copy apport hook to source_$(PKGSOURCE).py.
- untar upstream tarball directly and avoid the unnecessary
intermediate directory.
- get tar to clamp mtime based on changelog's date entry and
name the origtarball from $PKGSOURCE instead of basename.
* debian/patches/Don-t-optimize-fdlibm-fork-for-Zero-on-linux-sparc-Z.patch,
debian/patches/generated-headers.patch,
debian/patches/icc_loading_with_symlink.diff,
debian/patches/jdk-getAccessibleValue.diff,
debian/patches/jexec.diff, debian/patches/jtreg-location.diff,
debian/patches/reproducible-build-user.diff, debian/patches/riscv64.diff,
debian/patches/s390x-opt.diff, debian/patches/system-pcsclite.diff,
debian/patches/workaround_expand_exec_shield_cs_limit.diff,
debian/patches/zero-x32.diff: refresh patches.
[ Matthias Klose ]
* Don't try to run autopkg tests on armel, mipsel, mips64el.
* debian/copyright (remove licenses not found anymore in the sources):
- Little CMS, libpng, GIFLIB.
* Prepare to Build using GCC 10.
-- Tiago Stürmer Daitx <email address hidden> Thu, 08 Oct 2020 14:57:00 +0000
-
openjdk-lts (11.0.8+10-0ubuntu1) groovy; urgency=medium
* OpenJDK 11.0.8+10 build (release).
* Security fixes:
- JDK-8233239, CVE-2020-14562: Enhance TIFF support
- JDK-8236867, CVE-2020-14573: Enhance Graal interface handling
- JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
- JDK-8237592, CVE-2020-14577: Enhance certificate verification
- JDK-8238002, CVE-2020-14581: Better matrix operations
- JDK-8238920, CVE-2020-14583: Better Buffer support
- JDK-8240119, CVE-2020-14593: Less Affine Transformations
- JDK-8242136, CVE-2020-14621: Better XML namespace handling
- JDK-8230613: Better ASCII conversions
- JDK-8231800: Better listing of arrays
- JDK-8232014: Expand DTD support
- JDK-8233234: Better Zip Naming
- JDK-8233255: Better Swing Buttons
- JDK-8234032: Improve basic calendar services
- JDK-8234042: Better factory production of certificates
- JDK-8234418: Better parsing with CertificateFactory
- JDK-8234836: Improve serialization handling
- JDK-8236191: Enhance OID processing
- JDK-8238013: Enhance String writing
- JDK-8238804: Enhance key handling process
- JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
- JDK-8238843: Enhanced font handing
- JDK-8238925: Enhance WAV file playback
- JDK-8240482: Improved WAV file playback
- JDK-8241379: Update JCEKS support
- JDK-8241522: Manifest improved jar headers redux
* d/p/default-jvm-cfg.diff: updated patch.
* d/p/8214571.diff, d/p/8228407.diff: applied by upstream, removed patches.
-- Tiago Stürmer Daitx <email address hidden> Wed, 15 Jul 2020 00:56:32 +0000
-
openjdk-lts (11.0.7+10-3ubuntu1) focal; urgency=medium
* Sync packages with 11.0.7+10-3:
* Backport the fix for JDK-8214571, -Xdoclint of array serialField gives
"error: array type not allowed here". Introduced with 11.0.7.
* Enable running the testsuite on release architectures.
-- Matthias Klose <email address hidden> Thu, 16 Apr 2020 14:54:17 +0200