-
openjdk-21 (21.0.3+9-1ubuntu1~23.10.1) mantic-security; urgency=medium
* Modify the changelog entry for 21.0.3+9-1:
remove an invalid entry from the CVE list.
openjdk-21 (21.0.3+9-1ubuntu1~23.10) mantic-security; urgency=medium
* d/rules: enable jtreg tests.
* Regenerate control files.
[ Pushkar Kulkarni ]
* Upload to Ubuntu 23.10
openjdk-21 (21.0.3+9-1) unstable; urgency=high
* OpenJDK 21.0.3 release, build 9.
* CVEs
- CVE-2024-21011, 8319851: Improve exception logging.
- CVE-2024-21068, 8322122: Enhance generation of addresses.
- CVE-2024-21012, 8315708: Enhance HTTP/2 client usage.
- CVE-2024-21094, 8317507: Already fixed in November 2023:
C2 compilation fails with "Exceeded _node_regs array".
* Security fixes
- JDK-8315708: Enhance HTTP/2 client usage
- JDK-8318340: Improve RSA key implementations
- JDK-8319851: Improve exception logging
- JDK-8322122: Enhance generation of addresses
[ Vladimir Petko ]
* d/p/jdk-8329983.patch: apply workaround for JDK-8329983, link failure
against libjvm.so on armhf due to undefined symbol.
[ Matthias Klose ]
* Update the m68k-support patch. Closes: #1068873.
openjdk-21 (21.0.3~7ea-1) unstable; urgency=medium
* OpenJDK 21.0.3, build 7 (early access).
[ Matthias Klose ]
* Don't try to install jhsdb on armhf with a zero-only build.
* Remove the GTK 2.x bits.
* Update cups dependencies for time_t64.
[ Pushkar Kulkarni ]
* Corrections to patch arch-add-ports.diff.
* Fix a typo in the vendor name derivation logic.
* Copyright generator fixes.
[ Vladimir Petko ]
* d/p/jdk-8325028.patch: Apply upstream patch so that pipe channels
lazily set socket to non-blocking mode on first use by virtual thread.
* Fix installing the s390x build.
* Emit warning to install openjdk-*-jre package when fontmanager is
used, but only openjdk-*-jre-headless is installed.
* Add support to build --with-hsdis=binutils, but keep it off by default.
* Run the hotspot and jdk autopkg tests on all architectures.
* Add bash, lsb-release and xauth as dependencies for autopkg tests.
* Build openjdk-21-testsupport packages, containing the binaries
required to run the autopkg tests.
* d/t/{hotspot,jdk}-autopkgtest.{sh, in}: Set default arguments to
tier1 tests, otherwise pass user's arguments while setting correct
test directory and native path.
* Fix lintian override package name.
openjdk-21 (21.0.3~6ea-1) unstable; urgency=medium
* OpenJDK 21.0.3, build 6 (early access).
openjdk-21 (21.0.2+13-3) unstable; urgency=medium
* libcups2, libfontconfig1: Make it a recommends in jre-headless,
a dependency in jre.
* Make the dependencies for libfontmanager.so and libjsound.so
recommendations in jre-headless, and dependencies in jre.
* Drop build dependencies on libgtk2 | libgtk3.
* Disable running the tests for the time_t64 bootstrap.
openjdk-21 (21.0.2+13-2) unstable; urgency=medium
[ Matthias Klose ]
* d/changelog: Whitespace cleanup.
* Update build dependency on libfontconfig-dev.
* Apply proposed patch for JDK-8307977. Addresses: #1034600.
[ Vladimir Petko ]
* Apply proposed fix for JDK-8242564 to resolve Java 21 FTBFSes.
Closes: #1057500, #1057508, #1057519.
-- Pushkar Kulkarni <email address hidden> Wed, 29 May 2024 17:44:28 +0530
-
openjdk-21 (21.0.2+13-1~23.10.1) mantic-security; urgency=high
* OpenJDK 21.0.2 release, build 13.
- CVEs:
+ CVE-2024-20918
+ CVE-2024-20919
+ CVE-2024-20921
+ CVE-2024-20945
+ CVE-2024-20952
- Security fixes:
+ JDK-8308204: Enhanced certificate processing.
+ JDK-8314295: Enhance verification of verifier.
+ JDK-8314307: Improve loop handling.
+ JDK-8314468: Improve Compiler loops.
+ JDK-8316976: Improve signature handling.
+ JDK-8317547: Enhance TLS connection support.
[ Pushkar Kulkarni ]
* debian/copyright: Fix whitespace issues.
* Minor improvements to the copyright-generator.
[ Vladimir Petko ]
* d/copyright: Fix lintian warning.
* Generate d/watch to cope with early access and release builds.
[ Matthias Klose ]
* Add sparc64 defines (patch by Adrian Glaubitz). Closes: #1057390.
* d/copyright: Fix source location.
* Update the arch-add-ports patch, taken from 22.
* Regenerate debian files.
[ Pushkar Kulkarni ]
* Upload to Ubuntu 23.10
-- Matthias Klose <email address hidden> Wed, 17 Jan 2024 13:14:57 +0100
-
openjdk-21 (21.0.1+12-2~23.10) mantic-security; urgency=medium
* Upload to Ubuntu 23.10.
openjdk-21 (21.0.1+12-2) unstable; urgency=medium
[ Vladimir Petko ]
* d/rules: pack external debug symbols with build-id, do not strip
JVM shared libraries. LP: #2012326, LP: #2016739.
[ Pushkar Kulkarni ]
* debian/copyright: Update copyrights and notices, using a generator script.
-- Vladimir Petko <email address hidden> Fri, 24 Nov 2023 08:36:13 +1300
-
openjdk-21 (21.0.1+12-1) unstable; urgency=high
* OpenJDK 21.0.1 release, build 12.
- CVE-2023-22081, CVE-2023-22025.
- Release notes:
https://www.oracle.com/java/technologies/javase/21-0-1-relnotes.html
[ Matthias Klose ]
* Build-depend on OpenJDK 21 in releases where it already exists.
[ Pushkar Kulkarni ]
* debian/copyright: Update copyrights and notices.
[ Vladimir Petko ]
* d/p/build_test.patch: Use openjdk-17 patch for backports compatibility.
* d/watch: use release version format.
* d/copyright: include google test license.
* d/rules, d/watch: bundle google test library.
* d/patches: remove build_gtest.patch.
* d/tests: refresh problem lists.
* d/p/exclude_broken_tests.patch: drop patch.
-- Matthias Klose <email address hidden> Fri, 20 Oct 2023 09:45:32 +0200
-
openjdk-21 (21+35-1) unstable; urgency=medium
* OpenJDK 21 release build, (no changes).
[ Matthias Klose ]
* Build-depend on the unversioned libfreetype-dev.
* Build zero on loong64.
* Change upstream VCS to https://github.com/openjdk/jdk21u.
[ Pushkar Kulkarni ]
* Enable JdiListeningLocalhostExecutionControlTest.java again.
[ Vladimir Petko ]
* Run tests on Ubuntu 22.04 LTS and 20.04 LTS.
-- Matthias Klose <email address hidden> Thu, 21 Sep 2023 06:39:23 +0200
-
openjdk-21 (21~35ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 35 (first release candidate).
[ Pushkar Kulkarni ]
* d/p/series - The jaw-classpath and jaw-optional patches help work around
the problem of an application being unable to load ATK wrapper classes
since the introduction of the JPMS(JDK9). With openjdk-8, these classes
were loaded as extension classes from jre/lib/ext. The best alternative
today is that the user makes sure java-atk-wrapper is installed, modifies
the accessibility.properties file to enable ATK and sets the CLASSPATH to
point to the location of the ATK jar. These patches have been dropped on
openjdk-11 and openjdk-17 previously.
[ Matthias Klose ]
* Explicitly configure --without-jtreg with the nocheck profile
-- Matthias Klose <email address hidden> Thu, 24 Aug 2023 08:43:29 +0200
-
openjdk-21 (21~34ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 34.
-- Matthias Klose <email address hidden> Fri, 04 Aug 2023 03:01:18 +0200
-
openjdk-21 (21~32ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 32.
[ Vladimir Petko ]
* d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
* d/p/exclude-broken-tests.patch: quarantine pkcs11 tests failing with NSS 3.91.
* d/t/problems-armhf.txt: quarantine armhf failing tests:
- java/net/httpclient/ManyRequestsLegacy.java: SSL request timeout.
- java/util/Random/RandomTestBsi1999.java: deadlock in CI.
-- Matthias Klose <email address hidden> Thu, 20 Jul 2023 10:52:07 +0200
-
openjdk-21 (21~30ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 30.
* Link with --no-as-needed. Closes: #1031521.
* d/rules: Remove EXTRA_.*FLAGS_JDK macros.
* Fix FTCBFS: Add libffi-dev:native to B-D (Helmut Grohne). Closes: #1039946.
* Build using GCC 13.
-- Matthias Klose <email address hidden> Mon, 10 Jul 2023 14:11:47 +0200
-
openjdk-21 (21~29ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 29.
[ Vladimir Petko ]
* Fix bootstrapping with an OpenJDK 20 zero VM.
-- Matthias Klose <email address hidden> Fri, 30 Jun 2023 11:22:43 +0200
-
openjdk-21 (21~28ea-2) unstable; urgency=medium
* Update VCS attributes.
* Provide versioned java-runtime, java-runtime-headless, java-sdk
and java-sdk-headless virtual packages (Emmanuel Bourg).
* Add support for arc (untested), hppa (untested) and ia64.
* Configure --with-stdc++lib=static on ia64.
-- Matthias Klose <email address hidden> Thu, 29 Jun 2023 07:21:14 +0200
-
openjdk-21 (21~28ea-1) unstable; urgency=medium
* OpenJDK 21 snapshot, Build 28.
* Add support for alpha, m68k, ppc, sh, x32.
-- Matthias Klose <email address hidden> Mon, 26 Jun 2023 07:48:49 +0200
-
openjdk-21 (21~27ea-4) unstable; urgency=medium
* debian/rules: Correctly set BOOT_JDK_HOME.
-- Matthias Klose <email address hidden> Fri, 16 Jun 2023 20:53:53 +0200
-
openjdk-21 (21~14ea~us1-0ubuntu1) lunar; urgency=medium
* OpenJDK 21 snapshot, Build 14.
* d/copyright, d/watch: implement uscan repackaging (LP: #2011749).
* d/rules: use --with-debug-symbols=none (LP: #2003820).
-- Vladimir Petko <email address hidden> Fri, 17 Mar 2023 13:31:13 +1300
