Update to jdk-17.0.8.0+7
- Update release notes to 17.0.8.0+7 - removed upstreamed Patch2001 jdk8274864-remove_amman_cairo_hacks.patch Patch2002 jdk8305113-tzdata2023c.patch
This commit is contained in:
parent
93dc232356
commit
860f685b4f
|
@ -36,3 +36,4 @@
|
|||
/openjdk-jdk17u-jdk-17.0.6+9.tar.xz
|
||||
/openjdk-jdk17u-jdk-17.0.6+10.tar.xz
|
||||
/openjdk-jdk17u-jdk-17.0.7+7.tar.xz
|
||||
/openjdk-jdk17u-jdk-17.0.8+7.tar.xz
|
||||
|
|
370
NEWS
370
NEWS
|
@ -3,6 +3,355 @@ Key:
|
|||
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
|
||||
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
|
||||
|
||||
New in release OpenJDK 17.0.8 (2023-07-18):
|
||||
===========================================
|
||||
Live versions of these release notes can be found at:
|
||||
* https://bit.ly/openjdk1708
|
||||
|
||||
* CVEs
|
||||
- CVE-2023-22006
|
||||
- CVE-2023-22036
|
||||
- CVE-2023-22041
|
||||
- CVE-2023-22044
|
||||
- CVE-2023-22045
|
||||
- CVE-2023-22049
|
||||
- CVE-2023-25193
|
||||
* Security fixes
|
||||
- JDK-8294323: Improve Shared Class Data
|
||||
- JDK-8296565: Enhanced archival support
|
||||
- JDK-8298676, JDK-8300891: Enhanced Look and Feel
|
||||
- JDK-8300285: Enhance TLS data handling
|
||||
- JDK-8300596: Enhance Jar Signature validation
|
||||
- JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1
|
||||
- JDK-8302475: Enhance HTTP client file downloading
|
||||
- JDK-8302483: Enhance ZIP performance
|
||||
- JDK-8303376: Better launching of JDI
|
||||
- JDK-8304460: Improve array usages
|
||||
- JDK-8304468: Better array usages
|
||||
- JDK-8305312: Enhanced path handling
|
||||
- JDK-8308682: Enhance AES performance
|
||||
* Other changes
|
||||
- JDK-8178806: Better exception logging in crypto code
|
||||
- JDK-8201516: DebugNonSafepoints generates incorrect information
|
||||
- JDK-8224768: Test ActalisCA.java fails
|
||||
- JDK-8227060: Optimize safepoint cleanup subtask order
|
||||
- JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError
|
||||
- JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
|
||||
- JDK-8244976: vmTestbase/nsk/jdi/Event/request/request001.java doesn' initialize eName
|
||||
- JDK-8245877: assert(_value != __null) failed: resolving NULL _value in JvmtiExport::post_compiled_method_load
|
||||
- JDK-8248001: javadoc generates invalid HTML pages whose ftp:// links are broken
|
||||
- JDK-8252990: Intrinsify Unsafe.storeStoreFence
|
||||
- JDK-8254711: Add java.security.Provider.getService JFR Event
|
||||
- JDK-8257856: Make ClassFileVersionsTest.java robust to JDK version updates
|
||||
- JDK-8261495: Shenandoah: reconsider update references memory ordering
|
||||
- JDK-8268288: jdk/jfr/api/consumer/streaming/TestOutOfProcessMigration.java fails with "Error: ShouldNotReachHere()"
|
||||
- JDK-8268298: jdk/jfr/api/consumer/log/TestVerbosity.java fails: unexpected log message
|
||||
- JDK-8268582: javadoc throws NPE with --ignore-source-errors option
|
||||
- JDK-8269821: Remove is-queue-active check in inner loop of write_ref_array_pre_work
|
||||
- JDK-8270434: JDI+UT: Unexpected event in JDI tests
|
||||
- JDK-8270859: Post JEP 411 refactoring: client libs with maximum covering > 10K
|
||||
- JDK-8270869: G1ServiceThread may not terminate
|
||||
- JDK-8271519: java/awt/event/SequencedEvent/MultipleContextsFunctionalTest.java failed with "Total [200] - Expected [400]"
|
||||
- JDK-8273909: vmTestbase/nsk/jdi/Event/request/request001 can still fail with "ERROR: new event is not ThreadStartEvent"
|
||||
- JDK-8274243: Implement fast-path for ASCII-compatible CharsetEncoders on aarch64
|
||||
- JDK-8274615: Support relaxed atomic add for linux-aarch64
|
||||
- JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile
|
||||
- JDK-8275233: Incorrect line number reported in exception stack trace thrown from a lambda expression
|
||||
- JDK-8275287: Relax memory ordering constraints on updating instance class and array class counters
|
||||
- JDK-8275721: Name of UTC timezone in a locale changes depending on previous code
|
||||
- JDK-8275735: [linux] Remove deprecated Metrics api (kernel memory limit)
|
||||
- JDK-8276058: Some swing test fails on specific CI macos system
|
||||
- JDK-8277407: javax/swing/plaf/synth/SynthButtonUI/6276188/bug6276188.java fails to compile after JDK-8276058
|
||||
- JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java - add 4357905
|
||||
- JDK-8278146: G1: Rework VM_G1Concurrent VMOp to clearly identify it as pause
|
||||
- JDK-8278434: timeouts in test java/time/test/java/time/format/TestZoneTextPrinterParser.java
|
||||
- JDK-8278834: Error "Cannot read field "sym" because "this.lvar[od]" is null" when compiling
|
||||
- JDK-8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error
|
||||
- JDK-8282201: Consider removal of expiry check in VerifyCACerts.java test
|
||||
- JDK-8282227: Locale information for nb is not working properly
|
||||
- JDK-8282704: runtime/Thread/StopAtExit.java may leak memory
|
||||
- JDK-8283057: Update GCC to version 11.2.0 for Oracle builds on Linux
|
||||
- JDK-8283062: Uninitialized warnings in libgtest with GCC 11.2
|
||||
- JDK-8283520: JFR: Memory leak in dcmd_arena
|
||||
- JDK-8283566: G1: Improve G1BarrierSet::enqueue performance
|
||||
- JDK-8284331: Add sanity check for signal handler modification warning.
|
||||
- JDK-8285635: javax/swing/JRootPane/DefaultButtonTest.java failed with Default Button not pressed for L&F: com.sun.java.swing.plaf.motif.MotifLookAndFeel
|
||||
- JDK-8285987: executing shell scripts without #! fails on Alpine linux
|
||||
- JDK-8286191: misc tests fail due to JDK-8285987
|
||||
- JDK-8286287: Reading file as UTF-16 causes Error which "shouldn't happen"
|
||||
- JDK-8286331: jni_GetStringUTFChars() uses wrong heap allocator
|
||||
- JDK-8286346: 3-parameter version of AllocateHeap should not ignore AllocFailType
|
||||
- JDK-8286398: Address possibly lossy conversions in jdk.internal.le
|
||||
- JDK-8287007: [cgroups] Consistently use stringStream throughout parsing code
|
||||
- JDK-8287246: DSAKeyValue should check for missing params instead of relying on KeyFactory provider
|
||||
- JDK-8287541: Files.writeString fails to throw IOException for charset "windows-1252"
|
||||
- JDK-8287854: Dangling reference in ClassVerifier::verify_class
|
||||
- JDK-8287876: The recently de-problemlisted TestTitledBorderLeak test is unstable
|
||||
- JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md with information on 4th party dependencies
|
||||
- JDK-8288589: Files.readString ignores encoding errors for UTF-16
|
||||
- JDK-8289509: Improve test coverage for XPath Axes: descendant, descendant-or-self, following, following-sibling
|
||||
- JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space
|
||||
- JDK-8289949: Improve test coverage for XPath: operators
|
||||
- JDK-8290822: C2: assert in PhaseIdealLoop::do_unroll() is subject to undefined behavior
|
||||
- JDK-8291226: Create Test Cases to cover scenarios for JDK-8278067
|
||||
- JDK-8291637: HttpClient default keep alive timeout not followed if server sends invalid value
|
||||
- JDK-8291638: Keep-Alive timeout of 0 should close connection immediately
|
||||
- JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage() is lower than expected
|
||||
- JDK-8292301: [REDO v2] C2 crash when allocating array of size too large
|
||||
- JDK-8292407: Improve Weak CAS VarHandle/Unsafe tests resilience under spurious failures
|
||||
- JDK-8292713: Unsafe.allocateInstance should be intrinsified without UseUnalignedAccesses
|
||||
- JDK-8292755: Non-default method in interface leads to a stack overflow in JShell
|
||||
- JDK-8292990: Improve test coverage for XPath Axes: parent
|
||||
- JDK-8293295: Add type check asserts to java_lang_ref_Reference accessors
|
||||
- JDK-8293492: ShenandoahControlThread missing from hs-err log and thread dump
|
||||
- JDK-8293858: Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG
|
||||
- JDK-8293887: AArch64 build failure with GCC 12 due to maybe-uninitialized warning in libfdlibm k_rem_pio2.c
|
||||
- JDK-8294183: AArch64: Wrong macro check in SharedRuntime::generate_deopt_blob
|
||||
- JDK-8294281: Allow warnings to be disabled on a per-file basis
|
||||
- JDK-8294673: JFR: Add SecurityProviderService#threshold to TestActiveSettingEvent.java
|
||||
- JDK-8294717: (bf) DirectByteBuffer constructor will leak if allocating Deallocator or Cleaner fails with OOME
|
||||
- JDK-8294906: Memory leak in PKCS11 NSS TLS server
|
||||
- JDK-8295564: Norwegian Nynorsk Locale is missing formatting
|
||||
- JDK-8295974: jni_FatalError and Xcheck:jni warnings should print the native stack when there are no Java frames
|
||||
- JDK-8296084: javax/swing/JSpinner/4788637/bug4788637.java fails intermittently on a VM
|
||||
- JDK-8296318: use-def assert: special case undetected loops nested in infinite loops
|
||||
- JDK-8296343: CPVE thrown on missing content-length in OCSP response
|
||||
- JDK-8296412: Special case infinite loops with unmerged backedges in IdealLoopTree::check_safepts
|
||||
- JDK-8296545: C2 Blackholes should allow load optimizations
|
||||
- JDK-8296934: Write a test to verify whether Undecorated Frame can be iconified or not
|
||||
- JDK-8297000: [jib] Add more friendly warning for proxy issues
|
||||
- JDK-8297154: Improve safepoint cleanup logging
|
||||
- JDK-8297450: ScaledTextFieldBorderTest.java fails when run with -show parameter
|
||||
- JDK-8297587: Upgrade JLine to 3.22.0
|
||||
- JDK-8297730: C2: Arraycopy intrinsic throws incorrect exception
|
||||
- JDK-8297955: LDAP CertStore should use LdapName and not String for DNs
|
||||
- JDK-8298488: [macos13] tools/jpackage tests failing with "Exit code: 137" on macOS
|
||||
- JDK-8298887: On the latest macOS+XCode the Robot API may report wrong colors
|
||||
- JDK-8299179: ArrayFill with store on backedge needs to reduce length by 1
|
||||
- JDK-8299259: C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE
|
||||
- JDK-8299544: Improve performance of CRC32C intrinsics (non-AVX-512) for small inputs
|
||||
- JDK-8299570: [JVMCI] Insufficient error handling when CodeBuffer is exhausted
|
||||
- JDK-8299959: C2: CmpU::Value must filter overflow computation against local sub computation
|
||||
- JDK-8300042: Improve CPU related JFR events descriptions
|
||||
- JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument
|
||||
- JDK-8300823: UB: Compile::_phase_optimize_finished is initialized too late
|
||||
- JDK-8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors
|
||||
- JDK-8301050: Detect Xen Virtualization on Linux aarch64
|
||||
- JDK-8301119: Support for GB18030-2022
|
||||
- JDK-8301123: Enable Symbol refcounting underflow checks in PRODUCT
|
||||
- JDK-8301190: [vectorapi] The typeChar of LaneType is incorrect when default locale is tr
|
||||
- JDK-8301216: ForkJoinPool invokeAll() ignores timeout
|
||||
- JDK-8301338: Identical branch conditions in CompileBroker::print_heapinfo
|
||||
- JDK-8301491: C2: java.lang.StringUTF16::indexOfChar intrinsic called with negative character argument
|
||||
- JDK-8301637: ThreadLocalRandom.current().doubles().parallel() contention
|
||||
- JDK-8301661: Enhance os::pd_print_cpu_info on macOS and Windows
|
||||
- JDK-8302151: BMPImageReader throws an exception reading BMP images
|
||||
- JDK-8302172: [JVMCI] HotSpotResolvedJavaMethodImpl.canBeInlined must respect ForceInline
|
||||
- JDK-8302320: AsyncGetCallTrace obtains too few frames in sanity test
|
||||
- JDK-8302491: NoClassDefFoundError omits the original cause of an error
|
||||
- JDK-8302508: Add timestamp to the output TraceCompilerThreads
|
||||
- JDK-8302594: use-after-free in Node::destruct
|
||||
- JDK-8302595: use-after-free related to GraphKit::clone_map
|
||||
- JDK-8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message
|
||||
- JDK-8302849: SurfaceManager might expose partially constructed object
|
||||
- JDK-8303069: Memory leak in CompilerOracle::parse_from_line
|
||||
- JDK-8303102: jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN
|
||||
- JDK-8303130: Document required Accessibility permissions on macOS
|
||||
- JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return
|
||||
- JDK-8303433: Bump update version for OpenJDK: jdk-17.0.8
|
||||
- JDK-8303440: The "ZonedDateTime.parse" may not accept the "UTC+XX" zone id
|
||||
- JDK-8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates
|
||||
- JDK-8303476: Add the runtime version in the release file of a JDK image
|
||||
- JDK-8303482: Update LCMS to 2.15
|
||||
- JDK-8303508: Vector.lane() gets wrong value on x86
|
||||
- JDK-8303511: C2: assert(get_ctrl(n) == cle_out) during unrolling
|
||||
- JDK-8303564: C2: "Bad graph detected in build_loop_late" after a CMove is wrongly split thru phi
|
||||
- JDK-8303575: adjust Xen handling on Linux aarch64
|
||||
- JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return
|
||||
- JDK-8303588: [JVMCI] make JVMCI source directories conform with standard layout
|
||||
- JDK-8303809: Dispose context in SPNEGO NegotiatorImpl
|
||||
- JDK-8303822: gtestMain should give more helpful output
|
||||
- JDK-8303861: Error handling step timeouts should never be blocked by OnError and others
|
||||
- JDK-8303937: Corrupted heap dumps due to missing retries for os::write()
|
||||
- JDK-8303949: gcc10 warning Linux ppc64le - note: the layout of aggregates containing vectors with 8-byte alignment has changed in GCC 5
|
||||
- JDK-8304054: Linux: NullPointerException from FontConfiguration.getVersion in case no fonts are installed
|
||||
- JDK-8304063: tools/jpackage/share/AppLauncherEnvTest.java fails when checking LD_LIBRARY_PATH
|
||||
- JDK-8304134: jib bootstrapper fails to quote filename when checking download filetype
|
||||
- JDK-8304291: [AIX] Broken build after JDK-8301998
|
||||
- JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998
|
||||
- JDK-8304350: Font.getStringBounds calculates wrong width for TextAttribute.TRACKING other than 0.0
|
||||
- JDK-8304671: javac regression: Compilation with --release 8 fails on underscore in enum identifiers
|
||||
- JDK-8304683: Memory leak in WB_IsMethodCompatible
|
||||
- JDK-8304760: Add 2 Microsoft TLS roots
|
||||
- JDK-8304867: Explicitly disable dtrace for ppc builds
|
||||
- JDK-8304880: [PPC64] VerifyOops code in C1 doesn't work with ZGC
|
||||
- JDK-8305088: SIGSEGV in Method::is_method_handle_intrinsic
|
||||
- JDK-8305113: (tz) Update Timezone Data to 2023c
|
||||
- JDK-8305400: ISO 4217 Amendment 175 Update
|
||||
- JDK-8305403: Shenandoah evacuation workers may deadlock
|
||||
- JDK-8305481: gtest is_first_C_frame failing on ARM
|
||||
- JDK-8305690: [X86] Do not emit two REX prefixes in Assembler::prefix
|
||||
- JDK-8305711: Arm: C2 always enters slowpath for monitorexit
|
||||
- JDK-8305721: add `make compile-commands` artifacts to .gitignore
|
||||
- JDK-8305975: Add TWCA Global Root CA
|
||||
- JDK-8305993: Add handleSocketErrorWithMessage to extend nio Net.c exception message
|
||||
- JDK-8305994: Guarantee eventual async monitor deflation
|
||||
- JDK-8306072: Open source several AWT MouseInfo related tests
|
||||
- JDK-8306133: Open source few AWT Drag & Drop related tests
|
||||
- JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related tests
|
||||
- JDK-8306432: Open source several AWT Text Component related tests
|
||||
- JDK-8306466: Open source more AWT Drag & Drop related tests
|
||||
- JDK-8306489: Open source AWT List related tests
|
||||
- JDK-8306543: GHA: MSVC installation is failing
|
||||
- JDK-8306640: Open source several AWT TextArea related tests
|
||||
- JDK-8306652: Open source AWT MenuItem related tests
|
||||
- JDK-8306658: GHA: MSVC installation could be optional since it might already be pre-installed
|
||||
- JDK-8306664: GHA: Update MSVC version to latest stepping
|
||||
- JDK-8306681: Open source more AWT DnD related tests
|
||||
- JDK-8306683: Open source several clipboard and color AWT tests
|
||||
- JDK-8306752: Open source several container and component AWT tests
|
||||
- JDK-8306753: Open source several container AWT tests
|
||||
- JDK-8306755: Open source few Swing JComponent and AbstractButton tests
|
||||
- JDK-8306768: CodeCache Analytics reports wrong threshold
|
||||
- JDK-8306774: Make runtime/Monitor/GuaranteedAsyncDeflationIntervalTest.java more reliable
|
||||
- JDK-8306825: Monitor deflation might be accidentally disabled by zero intervals
|
||||
- JDK-8306850: Open source AWT Modal related tests
|
||||
- JDK-8306871: Open source more AWT Drag & Drop tests
|
||||
- JDK-8306883: Thread stacksize is reported with wrong units in os::create_thread logging
|
||||
- JDK-8306941: Open source several datatransfer and dnd AWT tests
|
||||
- JDK-8306943: Open source several dnd AWT tests
|
||||
- JDK-8306954: Open source five Focus related tests
|
||||
- JDK-8306955: Open source several JComboBox jtreg tests
|
||||
- JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep
|
||||
- JDK-8306996: Open source Swing MenuItem related tests
|
||||
- JDK-8307080: Open source some more JComboBox jtreg tests
|
||||
- JDK-8307128: Open source some drag and drop tests 4
|
||||
- JDK-8307130: Open source few Swing JMenu tests
|
||||
- JDK-8307133: Open source some JTable jtreg tests
|
||||
- JDK-8307134: Add GTS root CAs
|
||||
- JDK-8307135: java/awt/dnd/NotReallySerializableTest/NotReallySerializableTest.java failed
|
||||
- JDK-8307331: Correctly update line maps when class redefine rewrites bytecodes
|
||||
- JDK-8307346: Add missing gc+phases logging for ObjectCount(AfterGC) JFR event collection code
|
||||
- JDK-8307347: serviceability/sa/ClhsdbDumpclass.java could leave files owned by root on macOS
|
||||
- JDK-8307378: Allow collectors to provide specific values for GC notifications' actions
|
||||
- JDK-8307381: Open Source JFrame, JIF related Swing Tests
|
||||
- JDK-8307425: Socket input stream read burns CPU cycles with back-to-back poll(0) calls
|
||||
- JDK-8307799: Newly added java/awt/dnd/MozillaDnDTest.java has invalid jtreg `@requires` clause
|
||||
- JDK-8308554: [17u] Fix commit of 8286191. vm.musl was not removed from ExternalEditorTest
|
||||
- JDK-8308880: [17u] micro bench ZoneStrings missed in backport of 8278434
|
||||
- JDK-8308884: [17u/11u] Backout JDK-8297951
|
||||
|
||||
Notes on individual issues:
|
||||
===========================
|
||||
|
||||
hotspot/compiler:
|
||||
|
||||
JDK-8308884: GregorianCalender.computeTime() JVM Crash
|
||||
======================================================
|
||||
A virtual machine crash was observed in JDK 11.0.19 when executing the
|
||||
`GregorianCalender.computeTime()` method (JDK-8307683). It was found
|
||||
that although the root cause of the crash is an old issue, a recent
|
||||
fix for a rare issue in the C2 compiler (JDK-8297951) made the crash
|
||||
much more likely. To mitigate this, the fix has been reverted in JDK
|
||||
11.0.20 and will be reapplied once JDK-8307683 is resolved.
|
||||
|
||||
core-libs/java.nio.charsets:
|
||||
|
||||
JDK-8301119: Support for GB18030-2022
|
||||
=====================================
|
||||
The China National Standard body (CESI) recently published
|
||||
GB18030-2022 as an update to the GB18030 standard, synchronising the
|
||||
character set with Unicode 11.0. This updated version of GB18030 is
|
||||
now the default GB18030 character set used in this release of
|
||||
OpenJDK. However, this updated character set contains incompatible
|
||||
changes compared with GB18030-2000, which was used in previous
|
||||
releases of OpenJDK 11. To use the previous version of the character
|
||||
set, the new system property `jdk.charset.GB18030` should be set to
|
||||
`2000`.
|
||||
|
||||
core-libs/java.util.jar:
|
||||
|
||||
JDK-8300596: Enhance Jar Signature validation
|
||||
=============================================
|
||||
A System property "jdk.jar.maxSignatureFileSize" is introduced to
|
||||
configure the maximum number of bytes allowed for the
|
||||
signature-related files in a JAR file during verification. The default
|
||||
value is 8000000 bytes (8 MB).
|
||||
|
||||
JDK-8302483: Enhance ZIP performance
|
||||
====================================
|
||||
This release of OpenJDK includes stronger checks on the Zip64 fields
|
||||
of zip files. In the event that these checks cause failures on trusted
|
||||
zip files, the checks can be disabled by setting the new system
|
||||
property, `jdk.util.zip.disableZip64ExtraFieldValidation` to `true`.
|
||||
|
||||
security-libs/java.security:
|
||||
|
||||
JDK-8307134: Added 4 GTS Root CA Certificates
|
||||
=============================================
|
||||
The following root certificates have been added to the cacerts
|
||||
truststore:
|
||||
|
||||
Name: Google Trust Services LLC
|
||||
Alias Name: gtsrootcar1
|
||||
Distinguished Name: CN=GTS Root R1, O=Google Trust Services LLC, C=US
|
||||
|
||||
Name: Google Trust Services LLC
|
||||
Alias Name: gtsrootcar2
|
||||
Distinguished Name: CN=GTS Root R2, O=Google Trust Services LLC, C=US
|
||||
|
||||
Name: Google Trust Services LLC
|
||||
Alias Name: gtsrootcar3
|
||||
Distinguished Name: CN=GTS Root R3, O=Google Trust Services LLC, C=US
|
||||
|
||||
Name: Google Trust Services LLC
|
||||
Alias Name: gtsrootcar4
|
||||
Distinguished Name: CN=GTS Root R4, O=Google Trust Services LLC, C=US
|
||||
|
||||
JDK-8304760: Added Microsoft Corporation's 2 TLS Root CA Certificates
|
||||
=====================================================================
|
||||
The following root certificates has been added to the cacerts
|
||||
truststore:
|
||||
|
||||
Name: Microsoft Corporation
|
||||
Alias Name: microsoftecc2017
|
||||
Distinguished Name: CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft Corporation, C=US
|
||||
|
||||
Name: Microsoft Corporation
|
||||
Alias Name: microsoftrsa2017
|
||||
Distinguished Name: CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft Corporation, C=US
|
||||
|
||||
JDK-8305975: Added TWCA Root CA Certificate
|
||||
===========================================
|
||||
The following root certificate has been added to the cacerts
|
||||
truststore:
|
||||
|
||||
Name: TWCA
|
||||
Alias Name: twcaglobalrootca
|
||||
Distinguished Name: CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW
|
||||
|
||||
JDK-8303465: Enhance Contents (Trusted Certificate Entries) of macOS KeychainStore
|
||||
==================================================================================
|
||||
Recent changes to the MacOS KeychainStore implementation were
|
||||
incomplete and only considered certificates within the user domain.
|
||||
With this release, the implementation exposes certificates from both
|
||||
the user and admin domain, and will exclude those certificates that
|
||||
include a "deny" entry in their trust settings.
|
||||
|
||||
JDK-8254711: New JFR Event: jdk.SecurityProviderService
|
||||
=======================================================
|
||||
Calls to the `java.security.Provider.getService(String type, String
|
||||
algorithm)` method now trigger a Java Flight Recorder (JFR) event.
|
||||
|
||||
The event contains three fields:
|
||||
|
||||
* type - the type of service
|
||||
* algorithm - the algorithm name
|
||||
* provider - the security provider
|
||||
|
||||
This event is disabled by default. It may be enabled via the usual JFR
|
||||
configuration files and options.
|
||||
|
||||
New in release OpenJDK 17.0.7 (2023-04-18):
|
||||
===========================================
|
||||
Live versions of these release notes can be found at:
|
||||
|
@ -282,6 +631,15 @@ Live versions of these release notes can be found at:
|
|||
Notes on individual issues:
|
||||
===========================
|
||||
|
||||
client-libs/javax.swing:
|
||||
|
||||
JDK-8296832: Improve Swing platform support
|
||||
===========================================
|
||||
Earlier OpenJDK releases would always render HTML object tags embedded in
|
||||
Swing HTML components. With this release, rendering only occurs when the
|
||||
new system property "swing.html.object" is set to true. By default, it
|
||||
is set to false.
|
||||
|
||||
security-libs/java.security:
|
||||
|
||||
JDK-8245654: Added Certigna(Dhimyotis) Root CA Certificate
|
||||
|
@ -946,6 +1304,17 @@ make it clear they map to the current user:
|
|||
* "Windows-MY-CURRENTUSER" (same as "Windows-MY")
|
||||
* "Windows-ROOT-CURRENTUSER" (same as "Windows-ROOT")
|
||||
|
||||
JDK-8286918: Better HttpServer service
|
||||
======================================
|
||||
The HttpServer can be optionally configured with a maximum connection
|
||||
limit by setting the jdk.httpserver.maxConnections system property. A
|
||||
value of 0 or a negative integer is ignored and considered to
|
||||
represent no connection limit. In the case of a positive integer
|
||||
value, any newly accepted connections will be first checked against
|
||||
the current count of established connections and, if the configured
|
||||
limit has been reached, then the newly accepted connection will be
|
||||
closed immediately.
|
||||
|
||||
hotspot/runtime:
|
||||
|
||||
JDK-8281181: CPU Shares Ignored When Computing Active Processor Count
|
||||
|
@ -2544,3 +2913,4 @@ its introduction and the effort required to maintain it is
|
|||
significant. Retain the experimental Java-level JVM compiler
|
||||
interface (JVMCI) so that developers can continue to use
|
||||
externally-built versions of the compiler for JIT compilation.
|
||||
|
||||
|
|
|
@ -333,7 +333,7 @@
|
|||
# New Version-String scheme-style defines
|
||||
%global featurever 17
|
||||
%global interimver 0
|
||||
%global updatever 7
|
||||
%global updatever 8
|
||||
%global patchver 0
|
||||
# buildjdkver is usually same as %%{featurever},
|
||||
# but in time of bootstrap of next jdk, it is featurever-1,
|
||||
|
@ -391,7 +391,7 @@
|
|||
%global top_level_dir_name %{origin}
|
||||
%global top_level_dir_name_backup %{top_level_dir_name}-backup
|
||||
%global buildver 7
|
||||
%global rpmrelease 7
|
||||
%global rpmrelease 1
|
||||
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
|
||||
%if %is_system_jdk
|
||||
# Using 10 digits may overflow the int used for priority, so we combine the patch and build versions
|
||||
|
@ -558,7 +558,7 @@ ExcludeArch: %{ix86}
|
|||
|
||||
Name: java-%{javaver}-%{origin}-portable
|
||||
Version: %{newjavaver}.%{buildver}
|
||||
Release: %{?eaprefix}%{rpmrelease}%{?extraver}%{?dist}.1
|
||||
Release: %{?eaprefix}%{rpmrelease}%{?extraver}%{?dist}
|
||||
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
|
||||
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
|
||||
# also included the epoch in their virtual provides. This created a
|
||||
|
@ -712,10 +712,6 @@ Patch1001: fips-17u-%{fipsver}.patch
|
|||
# OpenJDK patches appearing in 17.0.8
|
||||
#
|
||||
#############################################
|
||||
# JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile
|
||||
Patch2001: jdk8274864-remove_amman_cairo_hacks.patch
|
||||
# JDK-8305113: (tz) Update Timezone Data to 2023c
|
||||
Patch2002: jdk8305113-tzdata2023c.patch
|
||||
Patch2003: jdk8305995-footprint_regression_from_jdk_8224957
|
||||
|
||||
BuildRequires: autoconf
|
||||
|
@ -991,9 +987,6 @@ pushd %{top_level_dir_name}
|
|||
%patch1001 -p1
|
||||
# nss.cfg PKCS11 support; must come last as it also alters java.security
|
||||
%patch1000 -p1
|
||||
# tzdata update
|
||||
%patch2001 -p1
|
||||
%patch2002 -p1
|
||||
%patch2003 -p1
|
||||
popd # openjdk
|
||||
|
||||
|
@ -1642,6 +1635,11 @@ done
|
|||
%license %{unpacked_licenses}/%{jdkportablesourcesarchiveForFiles}
|
||||
|
||||
%changelog
|
||||
* Thu Aug 03 2023 Jiri Vanek <jvanekw@redhat.com> - 1:17.0.8.0.7-1
|
||||
- Update to jdk-17.0.8.0+7
|
||||
- Update release notes to 17.0.8.0+7
|
||||
- removed upstreamed Patch2001 jdk8274864-remove_amman_cairo_hacks.patch Patch2002 jdk8305113-tzdata2023c.patch
|
||||
|
||||
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:17.0.7.0.7-7.1
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
||||
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
commit 1b3825db8631e55771fb723d4fcd10040ea15b7e
|
||||
Author: duke <duke@openjdk.org>
|
||||
Date: Wed Apr 12 17:25:27 2023 +0000
|
||||
|
||||
Backport ec199072c5867624d66840238cc8828e16ae8da7
|
||||
|
||||
diff --git a/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java b/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
index 6f6e190efcd..ef278203182 100644
|
||||
--- a/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
+++ b/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java
|
||||
@@ -608,34 +608,6 @@ public final class ZoneInfoFile {
|
||||
params[8] = endRule.secondOfDay * 1000;
|
||||
params[9] = toSTZTime[endRule.timeDefinition];
|
||||
dstSavings = (startRule.offsetAfter - startRule.offsetBefore) * 1000;
|
||||
-
|
||||
- // Note: known mismatching -> Asia/Amman
|
||||
- // ZoneInfo : startDayOfWeek=5 <= Thursday
|
||||
- // startTime=86400000 <= 24 hours
|
||||
- // This: startDayOfWeek=6
|
||||
- // startTime=0
|
||||
- // Similar workaround needs to be applied to Africa/Cairo and
|
||||
- // its endDayOfWeek and endTime
|
||||
- // Below is the workarounds, it probably slows down everyone a little
|
||||
- if (params[2] == 6 && params[3] == 0 &&
|
||||
- (zoneId.equals("Asia/Amman"))) {
|
||||
- params[2] = 5;
|
||||
- params[3] = 86400000;
|
||||
- }
|
||||
- // Additional check for startDayOfWeek=6 and starTime=86400000
|
||||
- // is needed for Asia/Amman;
|
||||
- if (params[2] == 7 && params[3] == 0 &&
|
||||
- (zoneId.equals("Asia/Amman"))) {
|
||||
- params[2] = 6; // Friday
|
||||
- params[3] = 86400000; // 24h
|
||||
- }
|
||||
- //endDayOfWeek and endTime workaround
|
||||
- if (params[7] == 6 && params[8] == 0 &&
|
||||
- (zoneId.equals("Africa/Cairo"))) {
|
||||
- params[7] = 5;
|
||||
- params[8] = 86400000;
|
||||
- }
|
||||
-
|
||||
} else if (nTrans > 0) { // only do this if there is something in table already
|
||||
if (lastyear < LASTYEAR) {
|
||||
// ZoneInfo has an ending entry for 2037
|
||||
@@ -908,7 +880,6 @@ public final class ZoneInfoFile {
|
||||
this.dow = dowByte == 0 ? -1 : dowByte;
|
||||
this.secondOfDay = timeByte == 31 ? in.readInt() : timeByte * 3600;
|
||||
this.timeDefinition = (data & (3 << 12)) >>> 12;
|
||||
-
|
||||
this.standardOffset = stdByte == 255 ? in.readInt() : (stdByte - 128) * 900;
|
||||
this.offsetBefore = beforeByte == 3 ? in.readInt() : standardOffset + beforeByte * 1800;
|
||||
this.offsetAfter = afterByte == 3 ? in.readInt() : standardOffset + afterByte * 1800;
|
File diff suppressed because it is too large
Load Diff
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (openjdk-jdk17u-jdk-17.0.7+7.tar.xz) = 40e3089d1ad20d908a83c9e541f943e21f9c7d31117731b4960c5185f1cbd4032f24d0be03bdd949bf0075fa4238239dcfe53689688f94817ff7c909a90c23cf
|
||||
SHA512 (openjdk-jdk17u-jdk-17.0.8+7.tar.xz) = 52bd1002cffafc6fc613b3ee1c62bfc3f27f31d5e1810ebb8f556a725ebb310508885762079589f15be5da63388214525128b77d2a665bae9fccfc419ab5d6a1
|
||||
|
|
Loading…
Reference in New Issue