rpms
/
java-21-openjdk-portable
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to RC version of OpenJDK 19 

Update release notes to 19.0.0
Rebase FIPS patches from fips-19u branch
Need to include the '.S' suffix in debuginfo checks after JDK-8284661
Add patch to provide translations for Europe/Kyiv added in tzdata2022b
Add test to ensure timezones can be translated
Remove references to sample directory removed by JDK-8284999
This commit is contained in:
Andrew Hughes 2022-08-29 01:31:15 +01:00
parent c9b6c1b9f0
commit b4e6a520f9
8 changed files with 350 additions and 376 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -28,3 +28,4 @@
/openjdk-jdk18u-jdk-18.0.1+10.tar.xz
/openjdk-jdk18u-jdk-18.0.1.1+2.tar.xz
/openjdk-jdk18u-jdk-18.0.2+9.tar.xz
/openjdk-jdk19u-jdk-19+36.tar.xz

369
NEWS
View File

@ -3,242 +3,13 @@ Key:
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
New in release OpenJDK 18.0.2 (2022-07-19):
===========================================
Live versions of these release notes can be found at:
* https://builds.shipilev.net/backports-monitor/release-notes-18.0.2.txt
* Security fixes
- JDK-8272243: Improve DER parsing
- JDK-8272249: Better properties of loaded Properties
- JDK-8277608: Address IP Addressing
- JDK-8281859, CVE-2022-21540: Improve class compilation
- JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
- JDK-8282676: Improve subject handling
- JDK-8283190: Improve MIDI processing
- JDK-8284370: Improve zlib usage
- JDK-8285407, CVE-2022-34169: Improve Xalan supports
* Other changes
- JDK-8240903: Add test to check that jmod hashes are reproducible
- JDK-8256368: Avoid repeated upcalls into Java to re-resolve MH/VH linkers/invokers
- JDK-8270480: Better path to expressing Xpaths
- JDK-8271008: appcds/*/MethodHandlesAsCollectorTest.java tests time out because of excessive GC (CodeCache GC Threshold) in loom
- JDK-8271055: Crash during deoptimization with "assert(bb->is_reachable()) failed: getting result from unreachable basicblock" with -XX:+VerifyStack
- JDK-8272493: Suboptimal code generation around Preconditions.checkIndex intrinsic with AVX2
- JDK-8274524: SSLSocket.close() hangs if it is called during the ssl handshake
- JDK-8275337: C1: assert(false) failed: live_in set of first block must be empty
- JDK-8277055: Assert "missing inlining msg" with -XX:+PrintIntrinsics
- JDK-8277072: ObjectStreamClass caches keep ClassLoaders alive
- JDK-8277893: Arraycopy stress tests
- JDK-8278065: Refactor subclassAudits to use ClassValue
- JDK-8278381: [GCC 11] Address::make_raw() does not initialize rspec
- JDK-8278549: UNIX sun/font coding misses SUSE distro detection on recent distro SUSE 15
- JDK-8278794: Infinite loop in DeflaterOutputStream.finish()
- JDK-8279219: [REDO] C2 crash when allocating array of size too large
- JDK-8279668: x86: AVX2 versions of vpxor should be asserted
- JDK-8279822: CI: Constant pool entries in error state are not supported
- JDK-8279958: Provide configure hints for Alpine/apk package managers
- JDK-8280041: Retry loop issues in java.io.ClassCache
- JDK-8280476: [macOS] : hotspot arm64 bug exposed by latest clang
- JDK-8280600: C2: assert(!had_error) failed: bad dominance
- JDK-8280674: Bump version numbers for July CPU
- JDK-8280799: С2: assert(false) failed: cyclic dependency prevents range check elimination
- JDK-8280867: Cpuid1Ecx feature parsing is incorrect for AMD CPUs
- JDK-8280901: MethodHandle::linkToNative stub is missing w/ -Xint
- JDK-8280956: Re-examine copyright headers on files in src/java.desktop/macosx/native/libawt_lwawt/awt/a11y
- JDK-8281168: Micro-optimize VarForm.getMemberName for interpreter
- JDK-8281181: Do not use CPU Shares to compute active processor count
- JDK-8281266: [JVMCI] MetaUtil.toInternalName() doesn't handle hidden classes correctly
- JDK-8281274: deal with ActiveProcessorCount in os::Linux::print_container_info
- JDK-8281318: Improve jfr/event/allocation tests reliability
- JDK-8281544: assert(VM_Version::supports_avx512bw()) failed for Tests jdk/incubator/vector/
- JDK-8281615: Deadlock caused by jdwp agent
- JDK-8281638: jfr/event/allocation tests fail with release VMs after JDK-8281318 due to lack of -XX:+UnlockDiagnosticVMOptions
- JDK-8281771: Crash in java_lang_invoke_MethodType::print_signature
- JDK-8281811: assert(_base == Tuple) failed: Not a Tuple after JDK-8280799
- JDK-8281822: Test failures on non-DTrace builds due to incomplete DTrace* flags handling
- JDK-8282042: [testbug] FileEncodingTest.java depends on default encoding
- JDK-8282045: When loop strip mining fails, safepoints are removed from loop anyway
- JDK-8282080: Lambda deserialization fails for Object method references on interfaces
- JDK-8282170: JVMTI SetBreakpoint metaspace allocation test
- JDK-8282172: CompileBroker::log_metaspace_failure is called from non-Java/compiler threads
- JDK-8282194: C1: Missing side effects of dynamic constant linkage
- JDK-8282219: jdk/java/lang/ProcessBuilder/Basic.java fails on AIX
- JDK-8282225: GHA: Allow one concurrent run per PR only
- JDK-8282231: x86-32: runtime call to SharedRuntime::ldiv corrupts registers
- JDK-8282295: SymbolPropertyEntry::set_method_type fails with assert
- JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972
- JDK-8282312: Minor corrections to evbroadcasti32x4 intrinsic on x86
- JDK-8282444: Module finder incorrectly assumes default file system path-separator character
- JDK-8282551: Properly initialize L32X64MixRandom state
- JDK-8282583: Update BCEL md to include the copyright notice
- JDK-8282590: C2: assert(addp->is_AddP() && addp->outcnt() > 0) failed: Don't process dead nodes
- JDK-8282592: C2: assert(false) failed: graph should be schedulable
- JDK-8282628: Potential memory leak in sun.font.FontConfigManager.getFontConfig()
- JDK-8282874: Bad performance on gather/scatter API caused by different IntSpecies of indexMap
- JDK-8282887: Potential memory leak in sun.util.locale.provider.HostLocaleProviderAdapterImpl.getNumberPattern() on Windows
- JDK-8282929: Localized monetary symbols are not reflected in `toLocalizedPattern` return value
- JDK-8283017: GHA: Workflows break with update release versions
- JDK-8283022: com/sun/crypto/provider/Cipher/AEAD/GCMBufferTest.java failing with -Xcomp after 8273297
- JDK-8283037: Update jdk18u fix version to 18.0.2
- JDK-8283187: C2: loop candidate for superword not always unrolled fully if superword fails
- JDK-8283217: Leak FcObjectSet in getFontConfigLocations() in fontpath.c
- JDK-8283379: Memory leak in FileHeaderHelper
- JDK-8283408: Fix a C2 crash when filling arrays with unsafe
- JDK-8283422: Create a new test for JDK-8254790
- JDK-8283451: C2: assert(_base == Long) failed: Not a Long
- JDK-8283469: Don't use memset to initialize members in FileMapInfo and fix memory leak
- JDK-8283555: G1: Concurrent mark accesses uninitialized BOT of closed archive regions
- JDK-8283641: Large value for CompileThresholdScaling causes assert
- JDK-8283725: Launching java with "-Xlog:gc*=trace,safepoint*=trace,class*=trace" crashes the JVM
- JDK-8284012: Correction version-numbers.conf after merge
- JDK-8284023: java.sun.awt.X11GraphicsDevice.getDoubleBufferVisuals() leaks XdbeScreenVisualInfo
- JDK-8284033: Leak XVisualInfo in getAllConfigs in awt_GraphicsEnv.c
- JDK-8284094: Memory leak in invoker_completeInvokeRequest()
- JDK-8284369: TestFailedAllocationBadGraph fails with -XX:TieredStopAtLevel < 4
- JDK-8284389: Improve stability of GHA Pre-submit testing by caching cygwin installer
- JDK-8284458: CodeHeapState::aggregate() leaks blob_name
- JDK-8284507: GHA: Only check test results if testing was not skipped
- JDK-8284532: Memory leak in BitSet::BitMapFragmentTable in JFR leak profiler
- JDK-8284549: JFR: FieldTable leaks FieldInfoTable member
- JDK-8284620: CodeBuffer may leak _overflow_arena
- JDK-8284622: Update versions of some Github Actions used in JDK workflow
- JDK-8284808: change milestone to fcs for releases: jdk-11.0.16, jdk-17.0.4, jdk-18.0.2
- JDK-8284848: C2: Compiler blackhole arguments should be treated as globally escaping
- JDK-8284866: Add test to JDK-8273056
- JDK-8284992: Fix misleading Vector API doc for LSHR operator
- JDK-8285394: Compiler blackholes can be eliminated due to stale ciMethod::intrinsic_id()
- JDK-8285515: (dc) DatagramChannel.disconnect fails with "Invalid argument" on macOS 12.4
- JDK-8285517: System.getenv() returns unexpected value if environment variable has non ASCII character
- JDK-8285523: Improve test java/io/FileOutputStream/OpenNUL.java
- JDK-8285686: Upgrade to FreeType 2.12.0
- JDK-8285828: runtime/execstack/TestCheckJDK.java fails with zipped debug symbols
- JDK-8285921: serviceability/dcmd/jvmti/AttachFailed/AttachReturnError.java fails on Alpine
- JDK-8285956: (fs) Excessive default poll interval in PollingWatchService
- JDK-8286013: Incorrect test configurations for compiler/stable/TestStableShort.java
- JDK-8286029: Add classpath exemption to globals_vectorApiSupport_***.S.inc
- JDK-8286198: [linux] Fix process-memory information
- JDK-8286283: assert(func2 == 0 && func3 == 0) failed: not unary
- JDK-8286444: javac errors after JDK-8251329 are not helpful enough to find root cause
- JDK-8286594: (zipfs) Mention paths with dot elements in ZipException and cleanups
- JDK-8286601: Mac Aarch: Excessive warnings to be ignored for build jdk
- JDK-8286855: javac error on invalid jar should only print filename
- JDK-8287119: Add Distrust.java to ProblemList
- JDK-8287162: (zipfs) Performance regression related to support for POSIX file permissions
- JDK-8287175: Backout 8270480: Better path to expressing Xpaths
- JDK-8287202: GHA: Add macOS aarch64 to the list of default platforms for workflow_dispatch event
- JDK-8287336: GHA: Workflows break on patch versions
- JDK-8287378: GHA: Update cygwin to fix issues in langtools tests on Windows
- JDK-8287644: [18u] Backport of JDK-8240903 causes test errors
Notes on individual issues:
===========================
hotspot/runtime:
JDK-8288367: CPU Shares Ignored When Computing Active Processor Count
=====================================================================
Previous JDK releases used an incorrect interpretation of the Linux
cgroups parameter cpu.shares". This might cause the JVM to use fewer
CPUs than available, leading to an under utilization of CPU resources
when the JVM is used inside a container.
Starting from this JDK release, by default, the JVM no longer
considers "cpu.shares" when deciding the number of threads to be used
by the various thread pools. The `-XX:+UseContainerCpuShares`
command-line option can be used to revert to the previous
behavior. This option is deprecated and may be removed in a future JDK
release.
New in release OpenJDK 18.0.1.1 (2022-04-22):
=============================================
* Other changes
- JDK-8283350: (tz) Update Timezone Data to 2022a
- JDK-8284548: Invalid XPath expression causes StringIndexOutOfBoundsException
- JDK-8284920: Incorrect Token type causes XPath expression to return incorrect results
- JDK-8285391: Update the release version for respin April CPU22_04 for release jdk18.0.1.1
- JDK-8285445: cannot open file "NUL:"
- JDK-8285454: Update the JBS version for respin of April CPU22_04
Notes on individual issues:
===========================
core-libs/java.io:
JDK-8285660: New System Property to Disable Windows Alternate Data Stream Support in java.io.File
=================================================================================================
The Windows implementation of `java.io.File` allows access to NTFS
Alternate Data Streams (ADS) by default. Such streams have a structure
like “filename:streamname”. A system property `jdk.io.File.enableADS`
has been added to control this behavior. To disable ADS support in
`java.io.File`, the system property `jdk.io.File.enableADS` should be
set to `false` (case ignored). Stricter path checking however prevents
the use of special devices such as `NUL:`
New in release OpenJDK 18.0.1 (2022-04-19):
===========================================
Live versions of these release notes can be found at:
* https://builds.shipilev.net/backports-monitor/release-notes-18.0.1.txt
* Security fixes
- JDK-8269938: Enhance XML processing passes redux
- JDK-8270504, CVE-2022-21426: Better XPath expression handling
- JDK-8272255: Completely handle MIDI files
- JDK-8272261: Improve JFR recording file processing
- JDK-8272588: Enhanced recording parsing
- JDK-8272594: Better record of recordings
- JDK-8274221: More definite BER encodings
- JDK-8275151, CVE-2022-21443: Improved Object Identification
- JDK-8277227: Better identification of OIDs
- JDK-8277233, CVE-2022-21449: Improve ECDSA signature support
- JDK-8277672, CVE-2022-21434: Better invocation handler handling
- JDK-8278356: Improve file creation
- JDK-8278449: Improve keychain support
- JDK-8278798: Improve supported intrinsic
- JDK-8278805: Enhance BMP image loading
- JDK-8278972, CVE-2022-21496: Improve URL supports
- JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo
* Other changes
- JDK-8258814: Compilation logging crashes for thread suspension / debugging tests
- JDK-8267341: macos attempt_reserve_memory_at(arg1, arg2, true) failure
- JDK-8272996: JNDI DNS provider fails to resolve SRV entries when IPV6 stack is enabled
- JDK-8273139: C2: assert(f <= 1 && f >= 0) failed: Incorrect frequency
- JDK-8274751: Drag And Drop hangs on Windows
- JDK-8276819: javax/print/PrintServiceLookup/FlushCustomClassLoader.java fails to free
- JDK-8276990: Memory leak in invoker.c fillInvokeRequest() during JDI operations
- JDK-8277488: Add expiry exception for Digicert (geotrustglobalca) expiring in May 2022
- JDK-8277795: ldap connection timeout not honoured under contention
- JDK-8278186: org.jcp.xml.dsig.internal.dom.Utils.parseIdFromSameDocumentURI throws StringIndexOutOfBoundsException when calling substring method
- JDK-8278384: Bytecodes::result_type() for arraylength returns T_VOID instead of T_INT
- JDK-8278472: Invalid value set to CANDIDATEFORM structure
- JDK-8278851: Correct signer logic for jars signed with multiple digestalgs
- JDK-8278869: Bump version numbers for OPENJDK 18.0.1
- JDK-8279223: Define version in .jcheck/conf
- JDK-8279225: [arm32] C1 longs comparison operation destroys argument registers
- JDK-8279412: [JVMCI] failed speculations list must outlive any nmethod that refers to it
- JDK-8279437: [JVMCI] exception in HotSpotJVMCIRuntime.translate can exit the VM
- JDK-8279445: Update JMH devkit to 1.34
- JDK-8280123: C2: Infinite loop in CMoveINode::Ideal during IGVN
- JDK-8280414: Memory leak in DefaultProxySelector
- JDK-8280526: x86_32 Math.sqrt performance regression with -XX:UseSSE={0,1}
- JDK-8280550: SplittableRandom#nextDouble(double,double) can return result >= bound
- JDK-8280785: change milestone to fcs for releases: jdk-11.0.15, jdk-17.0.3, jdk-18.0.1
- JDK-8280910: Update openjdk project in jcheck to "jdk-updates" for jdk18u
- JDK-8280950: RandomGenerator:NextDouble() default behavior non conformant after JDK-8280550 fix
- JDK-8281093: Violating Attribute-Value Normalization in the XML specification 1.0
- JDK-8281183: RandomGenerator:NextDouble() default behavior partially fixed by JDK-8280950
- JDK-8281262: Windows builds in different directories are not fully reproducible
- JDK-8281275: Upgrading from 8 to 11 no longer accepts '/' as filepath separator in gc paths
- JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972
- JDK-8282397: createTempFile method of java.io.File is failing when called with suffix of spaces character
New in release OpenJDK 18.0.0 (2022-03-22):
New in release OpenJDK 19.0.0 (2022-09-20):
===========================================
Major changes are listed below. Some changes may have been backported
to earlier releases following their first appearance in OpenJDK 18.
to earlier releases following their first appearance in OpenJDK 19.
The full list of changes in 18u can be found at:
- * https://builds.shipilev.net/backports-monitor/release-notes-18.txt
The full list of changes in 19u can be found at:
- * https://builds.shipilev.net/backports-monitor/release-notes-19.txt
NEW FEATURES
============
@ -250,6 +21,7 @@ Pattern Matching for switch
===========================
https://openjdk.org/jeps/406
https://openjdk.org/jeps/420
https://openjdk.org/jeps/427
Enhance the Java programming language with pattern matching for
`switch` expressions and statements, along with extensions to the
@ -259,58 +31,46 @@ specific action, so that complex data-oriented queries can be
expressed concisely and safely.
This was a preview feature (http://openjdk.java.net/jeps/12) in
OpenJDK 17 (JEP 406) and sees a second preview in OpenJDK 18 (JEP
420).
OpenJDK 17 (JEP 406) and saw a second preview in OpenJDK 18 (JEP 420).
It reaches its third preview (JEP 427) in OpenJDK 19.
Record Patterns
===============
https://openjdk.org/jeps/405
Enhance the Java programming language with record patterns to
deconstruct record values. Record patterns and type patterns can be
nested to enable a powerful, declarative, and composable form of data
navigation and processing.
This is a preview feature (http://openjdk.java.net/jeps/12) introduced
in OpenJDK 19 (JEP 405)
Library Features
================
UTF-8 by Default
================
https://openjdk.org/jeps/400
Specify UTF-8 as the default charset of the standard Java APIs. With
this change, APIs that depend upon the default charset will behave
consistently across all implementations, operating systems, locales,
and configurations.
Reimplement Core Reflection with Method Handles
===============================================
https://openjdk.org/jeps/416
Reimplement java.lang.reflect.Method, Constructor, and Field on top of
java.lang.invoke method handles. Making method handles the underlying
mechanism for reflection will reduce the maintenance and development
cost of both the java.lang.reflect and java.lang.invoke APIs.
Vector API
==========
https://openjdk.org/jeps/338
https://openjdk.org/jeps/414
https://openjdk.org/jeps/417
https://openjdk.org/jeps/426
Provide an initial iteration of an incubator module,
`jdk.incubator.vector`, to express vector computations that reliably
compile at runtime to optimal vector hardware instructions on
supported CPU architectures and thus achieve superior performance to
equivalent scalar computations.
Introduce an API to express vector computations that reliably compile
at runtime to optimal vector hardware instructions on supported CPU
architectures and thus achieve superior performance to equivalent
scalar computations.
This is an incubation feature (https://openjdk.java.net/jeps/11)
introduced in OpenJDK 16 (JEP 338). A second round of incubation took
place in OpenJDK 17 (JEP 414) and OpenJDK 18 (JEP 417) sees a third.
Internet-Address Resolution SPI
===============================
https://openjdk.org/jeps/418
Define a service-provider interface (SPI) for host name and address
resolution, so that java.net.InetAddress can make use of resolvers
other than the platform's built-in resolver.
place in OpenJDK 17 (JEP 414), OpenJDK 18 (JEP 417) saw a third and
OpenJDK 19 sees its fourth (JEP 426).
Foreign Function & Memory API
=============================
https://openjdk.org/jeps/412
https://openjdk.org/jeps/419
https://openjdk.org/jeps/424
Introduce an API by which Java programs can interoperate with code and
data outside of the Java runtime. By efficiently invoking foreign
@ -319,43 +79,48 @@ foreign memory (i.e., memory not managed by the JVM), the API enables
Java programs to call native libraries and process native data without
the brittleness and danger of JNI.
This API is an incubation feature (https://openjdk.java.net/jeps/11)
introduced in OpenJDK 17 (JEP 412), and is an evolution of the Foreign
Memory Access API (OpenJDK 14 through 16) and Foreign Linker API
(OpenJDK 16) (see release notes for java-17-openjdk). OpenJDK 18 sees
a second round of incubation (JEP 419).
This API is now a preview feature (http://openjdk.java.net/jeps/12).
It was first introduced in incubation
(https://openjdk.java.net/jeps/11) in OpenJDK 17 (JEP 412), and is an
evolution of the Foreign Memory Access API (OpenJDK 14 through 16) and
Foreign Linker API (OpenJDK 16) (see release notes for
java-17-openjdk). OpenJDK 18 saw a second round of incubation (JEP
419) before its inclusion as a preview in OpenJDK 19 (JEP 424).
Tools
Virtual Threads
===============
https://openjdk.org/jeps/425
Introduce virtual threads to the Java Platform. Virtual threads are
lightweight threads that dramatically reduce the effort of writing,
maintaining, and observing high-throughput concurrent applications.
This is a preview feature (http://openjdk.java.net/jeps/12) introduced
in OpenJDK 19 (JEP 425)
Structured Concurrency
======================
https://openjdk.org/jeps/428
Simplify multithreaded programming by introducing an API for
structured concurrency. Structured concurrency treats multiple tasks
running in different threads as a single unit of work, thereby
streamlining error handling and cancellation, improving reliability,
and enhancing observability.
This is an incubation feature (https://openjdk.java.net/jeps/11)
introduced in OpenJDK 19 (JEP 428).
Ports
=====
Simple Web Server
Linux/RISC-V Port
=================
https://openjdk.org/jeps/408
https://openjdk.org/jeps/422
Provide a command-line tool, `jwebserver`, to start a minimal web
server that serves static files only. No CGI or servlet-like
functionality is available. This tool will be useful for prototyping,
ad-hoc coding, and testing purposes, particularly in educational
contexts.
Code Snippets in Java API Documentation
=======================================
https://openjdk.org/jeps/413
Introduce an @snippet tag for JavaDoc's Standard Doclet, to simplify
the inclusion of example source code in API documentation.
DEPRECATIONS
============
Deprecate Finalization for Removal
==================================
https://openjdk.org/jeps/421
Deprecate finalization for removal in a future release. Finalization
remains enabled by default for now, but can be disabled to facilitate
early testing. In a future release it will be disabled by default, and
in a later release it will be removed. Maintainers of libraries and
applications that rely upon finalization should consider migrating to
other resource management techniques such as the try-with-resources
statement and cleaners.
RISC-V is a free and open-source RISC instruction set architecture
(ISA) designed originally at the University of California, Berkeley,
and now developed collaboratively under the sponsorship of RISC-V
International. It is already supported by a wide range of language
toolchains. With the increasing availability of RISC-V hardware, a
port of the JDK would be valuable.

17
TestSecurityProperties.java
View File

@ -1,3 +1,20 @@
/* TestSecurityProperties -- Ensure system security properties can be used to
enable the crypto policies.
Copyright (C) 2022 Red Hat, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
import java.io.File;
import java.io.FileInputStream;
import java.security.Security;

35
TestTranslations.java Normal file
View File

@ -0,0 +1,35 @@
/* TestTranslations -- Ensure translations are available for new timezones
Copyright (C) 2022 Red Hat, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
import java.util.Arrays;
import java.util.Locale;
import java.util.ResourceBundle;
import sun.util.resources.LocaleData;
import sun.util.locale.provider.LocaleProviderAdapter;
public class TestTranslations {
public static void main(String[] args) {
for (String zone : args) {
System.out.printf("Translations for %s\n", zone);
for (Locale l : Locale.getAvailableLocales()) {
ResourceBundle bundle = new LocaleData(LocaleProviderAdapter.Type.JRE).getTimeZoneNames(l);
System.out.printf("Locale: %s, language: %s, translations: %s\n", l, l.getDisplayLanguage(), Arrays.toString(bundle.getStringArray(zone)));
}
}
}
}

122
fips-18u-60131cc7271.patch → fips-19u-d95bb40c7c8.patch
View File

@ -89,30 +89,30 @@ index 00000000000..b2b1c1787da
+ AC_SUBST(USE_SYSCONF_NSS)
+])
diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4
index 8e4012910d8..f2a178b5734 100644
index 7a1d8d80bb2..1807cb71073 100644
--- a/make/autoconf/libraries.m4
+++ b/make/autoconf/libraries.m4
@@ -33,6 +33,7 @@ m4_include([lib-std.m4])
@@ -35,6 +35,7 @@ m4_include([lib-std.m4])
m4_include([lib-x11.m4])
m4_include([lib-fontconfig.m4])
m4_include([lib-tests.m4])
+m4_include([lib-sysconf.m4])
################################################################################
# Determine which libraries are needed for this configuration
@@ -102,6 +103,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
LIB_SETUP_BUNDLED_LIBS
LIB_SETUP_MISC_LIBS
@@ -107,6 +108,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
LIB_SETUP_X11
LIB_TESTS_SETUP_GTEST
+ LIB_SETUP_SYSCONF_LIBS
BASIC_JDKLIB_LIBS=""
if test "x$TOOLCHAIN_TYPE" != xmicrosoft; then
diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in
index bc13f30e5f1..04cb12f2763 100644
index 8908a5deb3c..2fce35f5b2d 100644
--- a/make/autoconf/spec.gmk.in
+++ b/make/autoconf/spec.gmk.in
@@ -843,6 +843,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
@@ -854,6 +854,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
# Libraries
#
@ -124,7 +124,7 @@ index bc13f30e5f1..04cb12f2763 100644
LCMS_CFLAGS:=@LCMS_CFLAGS@
LCMS_LIBS:=@LCMS_LIBS@
diff --git a/make/modules/java.base/Lib.gmk b/make/modules/java.base/Lib.gmk
index eee488607f2..3c095802426 100644
index 0d5a6c9846c..5ca12054351 100644
--- a/make/modules/java.base/Lib.gmk
+++ b/make/modules/java.base/Lib.gmk
@@ -164,6 +164,31 @@ ifeq ($(call isTargetOsType, unix), true)
@ -390,7 +390,7 @@ index 00000000000..8dcb7d9073f
+ }
+}
diff --git a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
index a020e1c15d8..6d459fdec01 100644
index 38836d2701e..324620a8e9b 100644
--- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
+++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
@@ -31,6 +31,7 @@ import java.security.SecureRandom;
@ -1398,7 +1398,7 @@ index a020e1c15d8..6d459fdec01 100644
// Return the instance of this class or create one if needed.
diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
index 2ee706c2448..8f4c44a1436 100644
index 7218f536804..7be83f5eeaa 100644
--- a/src/java.base/share/classes/java/security/Security.java
+++ b/src/java.base/share/classes/java/security/Security.java
@@ -32,6 +32,7 @@ import java.net.URL;
@ -1458,7 +1458,7 @@ index 2ee706c2448..8f4c44a1436 100644
// first load the system properties file
// to determine the value of security.overridePropertiesFile
@@ -99,6 +122,7 @@ public final class Security {
@@ -98,6 +121,7 @@ public final class Security {
if (sdebug != null) {
sdebug.println("reading security properties file: " +
propFile);
@ -1466,7 +1466,7 @@ index 2ee706c2448..8f4c44a1436 100644
}
} catch (IOException e) {
if (sdebug != null) {
@@ -193,6 +217,61 @@ public final class Security {
@@ -192,6 +216,61 @@ public final class Security {
}
}
@ -1821,18 +1821,18 @@ index 00000000000..3f3caac64dc
+ boolean isPlainKeySupportEnabled();
+}
diff --git a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
index 1e98e727b79..a79ae218d92 100644
index 08e1133ffae..7d6e6b3cbc6 100644
--- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
+++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
@@ -39,6 +39,7 @@ import java.io.FilePermission;
import java.io.ObjectInputStream;
@@ -42,6 +42,7 @@ import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.RandomAccessFile;
import java.security.ProtectionDomain;
+import java.security.Security;
import java.security.Signature;
/** A repository of "shared secrets", which are a mechanism for
@@ -80,6 +81,7 @@ public class SharedSecrets {
@@ -87,6 +88,7 @@ public class SharedSecrets {
private static JavaSecuritySpecAccess javaSecuritySpecAccess;
private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess;
private static JavaxCryptoSpecAccess javaxCryptoSpecAccess;
@ -1840,7 +1840,7 @@ index 1e98e727b79..a79ae218d92 100644
public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) {
javaUtilCollectionAccess = juca;
@@ -441,4 +443,15 @@ public class SharedSecrets {
@@ -498,4 +500,15 @@ public class SharedSecrets {
MethodHandles.lookup().ensureInitialized(c);
} catch (IllegalAccessException e) {}
}
@ -1857,10 +1857,10 @@ index 1e98e727b79..a79ae218d92 100644
+ }
}
diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java
index 5fbaa8950e8..218dee0065d 100644
index e280defabe0..724dcf76edd 100644
--- a/src/java.base/share/classes/module-info.java
+++ b/src/java.base/share/classes/module-info.java
@@ -152,6 +152,8 @@ module java.base {
@@ -155,6 +155,8 @@ module java.base {
java.naming,
java.rmi,
jdk.charsets,
@ -1868,9 +1868,9 @@ index 5fbaa8950e8..218dee0065d 100644
+ jdk.crypto.ec,
jdk.jartool,
jdk.jlink,
jdk.net,
jdk.net;
diff --git a/src/java.base/share/classes/sun/security/provider/SunEntries.java b/src/java.base/share/classes/sun/security/provider/SunEntries.java
index 912cad59714..709d32912ca 100644
index 46d3ee8bb06..53bc4851d23 100644
--- a/src/java.base/share/classes/sun/security/provider/SunEntries.java
+++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java
@@ -30,6 +30,7 @@ import java.net.*;
@ -1879,7 +1879,7 @@ index 912cad59714..709d32912ca 100644
+import jdk.internal.access.SharedSecrets;
import jdk.internal.util.StaticProperty;
import sun.security.action.GetPropertyAction;
import sun.security.action.GetBooleanAction;
import sun.security.util.SecurityProviderConstants;
@@ -83,6 +84,10 @@ import static sun.security.util.SecurityProviderConstants.getAliases;
@ -2085,7 +2085,7 @@ index 912cad59714..709d32912ca 100644
/*
* Algorithm Parameter Generator engines
@@ -201,40 +208,42 @@ public final class SunEntries {
@@ -201,42 +208,44 @@ public final class SunEntries {
addWithAlias(p, "AlgorithmParameters", "DSA",
"sun.security.provider.DSAParameters", attrs);
@ -2098,8 +2098,10 @@ index 912cad59714..709d32912ca 100644
- /*
- * Digest engines
- */
- add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs);
- add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs);
- addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2",
- attrs);
- addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5",
- attrs);
- addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA",
- attrs);
+ if (!systemFipsEnabled) {
@ -2132,10 +2134,12 @@ index 912cad59714..709d32912ca 100644
+ /*
+ * Digest engines
+ */
+ add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs);
+ add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs);
+ addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2",
+ attrs);
+ addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5",
+ attrs);
+ addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA",
+ attrs);
+ attrs);
+
+ addWithAlias(p, "MessageDigest", "SHA-224",
+ "sun.security.provider.SHA2$SHA224", attrs);
@ -2280,7 +2284,7 @@ index ca79f25cc44..225517ac69b 100644
"sun.security.rsa.PSSParameters", null);
}
diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
index 6ffdfeda18d..775b185fb06 100644
index a7fc33d9ffb..cec40ba7b21 100644
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
@@ -32,6 +32,7 @@ import java.security.cert.*;
@ -2408,7 +2412,7 @@ index 894e26dfad8..8b16378b96b 100644
"sun.security.ssl.SSLContextImpl$TLSContext",
List.of("SSL"), null);
diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
index 91b3a01ee57..33f9fdc6f84 100644
index f913c981ddc..fd1d0a9e478 100644
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@@ -79,6 +79,16 @@ security.provider.tbd=Apple
@ -2455,10 +2459,10 @@ index 91b3a01ee57..33f9fdc6f84 100644
# Determines the default key and trust manager factory algorithms for
# the javax.net.ssl package.
diff --git a/src/java.base/share/lib/security/default.policy b/src/java.base/share/lib/security/default.policy
index b22f26947af..3ee2ce6ea88 100644
index 20f53b1cd4c..6db2393efb8 100644
--- a/src/java.base/share/lib/security/default.policy
+++ b/src/java.base/share/lib/security/default.policy
@@ -121,6 +121,7 @@ grant codeBase "jrt:/jdk.charsets" {
@@ -123,6 +123,7 @@ grant codeBase "jrt:/jdk.charsets" {
grant codeBase "jrt:/jdk.crypto.ec" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
@ -2466,7 +2470,7 @@ index b22f26947af..3ee2ce6ea88 100644
permission java.lang.RuntimePermission "loadLibrary.sunec";
permission java.security.SecurityPermission "putProviderProperty.SunEC";
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
@@ -130,6 +131,7 @@ grant codeBase "jrt:/jdk.crypto.ec" {
@@ -132,6 +133,7 @@ grant codeBase "jrt:/jdk.crypto.ec" {
grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.crypto.provider";
@ -2971,7 +2975,7 @@ index 00000000000..187be7295f3
+ }
+}
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
index bf0c5f2ba84..a4daed24b82 100644
index cae28a06d7b..1c5bd3d15ac 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
@@ -37,6 +37,8 @@ import javax.crypto.*;
@ -2993,30 +2997,35 @@ index bf0c5f2ba84..a4daed24b82 100644
private static final long serialVersionUID = -2575874101938349339L;
private static final String PUBLIC = "public";
@@ -392,8 +397,9 @@ abstract class P11Key implements Key, Length {
@@ -396,8 +401,9 @@ abstract class P11Key implements Key, Length {
new CK_ATTRIBUTE(CKA_EXTRACTABLE),
});
- boolean keySensitive = (attrs[0].getBoolean() ||
- attrs[1].getBoolean() || !attrs[2].getBoolean());
+ boolean keySensitive = (!plainKeySupportEnabled &&
+ (attrs[0].getBoolean() ||
+ attrs[1].getBoolean() || !attrs[2].getBoolean()));
+ (attrs[0].getBoolean() ||
+ attrs[1].getBoolean() || !attrs[2].getBoolean()));
switch (algorithm) {
case "RSA":
@@ -448,7 +454,8 @@ abstract class P11Key implements Key, Length {
@@ -452,7 +458,8 @@ abstract class P11Key implements Key, Length {
public String getFormat() {
token.ensureValid();
- if (sensitive || (extractable == false)) {
- if (sensitive || !extractable || (isNSS && tokenObject)) {
+ if (!plainKeySupportEnabled &&
+ (sensitive || (extractable == false))) {
+ (sensitive || !extractable || (isNSS && tokenObject))) {
return null;
} else {
return "RAW";
@@ -1574,4 +1581,3 @@ final class SessionKeyRef extends PhantomReference<P11Key> {
this.clear();
}
}
-
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
index 9cdbdfa9d6b..ea18bdb82a3 100644
index 0f65a8b3221..0a406e1a2c8 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
@@ -26,6 +26,9 @@
@ -3135,7 +3144,7 @@ index 9cdbdfa9d6b..ea18bdb82a3 100644
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
throw new UnsupportedOperationException
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
index f87690bc24f..79408353609 100644
index 4b06daaf264..55e14945469 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
@@ -49,6 +49,9 @@ package sun.security.pkcs11.wrapper;
@ -3148,7 +3157,7 @@ index f87690bc24f..79408353609 100644
import java.util.*;
import java.security.AccessController;
@@ -167,18 +170,43 @@ public class PKCS11 {
@@ -174,18 +177,43 @@ public class PKCS11 {
return version;
}
@ -3195,7 +3204,7 @@ index f87690bc24f..79408353609 100644
}
if (omitInitialize == false) {
try {
@@ -1971,4 +1999,194 @@ static class SynchronizedPKCS11 extends PKCS11 {
@@ -1976,4 +2004,194 @@ static class SynchronizedPKCS11 extends PKCS11 {
super.C_GenerateRandom(hSession, randomData);
}
}
@ -3391,7 +3400,7 @@ index f87690bc24f..79408353609 100644
+}
}
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
index ad2ffc8623b..5441fdecea0 100644
index 8a560a2c48d..7d68520375b 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
@@ -190,6 +190,14 @@ public class PKCS11Exception extends Exception {
@ -3410,7 +3419,7 @@ index ad2ffc8623b..5441fdecea0 100644
* Constructor taking the error code (the CKR_* constants in PKCS#11) and
* extra info for error message.
diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
index 8c9e4f9dbe6..883dc04758e 100644
index 200ed63634f..fa258d736d0 100644
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
@@ -38,6 +38,7 @@ import java.util.HashMap;
@ -3432,11 +3441,10 @@ index 8c9e4f9dbe6..883dc04758e 100644
private static class ProviderServiceA extends ProviderService {
ProviderServiceA(Provider p, String type, String algo, String cn,
HashMap<String, String> attrs) {
@@ -249,85 +254,86 @@ public final class SunEC extends Provider {
@@ -249,83 +254,85 @@ public final class SunEC extends Provider {
putXDHEntries();
putEdDSAEntries();
-
- /*
- * Signature engines
- */
@ -3506,9 +3514,8 @@ index 8c9e4f9dbe6..883dc04758e 100644
- /*
- * Key Pair Generator engine
- */
- putService(new ProviderService(this, "KeyPairGenerator",
- "EC", "sun.security.ec.ECKeyPairGenerator",
- List.of("EllipticCurve"), ATTRS));
- putService(new ProviderServiceA(this, "KeyPairGenerator",
- "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS));
-
- /*
- * Key Agreement engine
@ -3585,9 +3592,8 @@ index 8c9e4f9dbe6..883dc04758e 100644
+ /*
+ * Key Pair Generator engine
+ */
+ putService(new ProviderService(this, "KeyPairGenerator",
+ "EC", "sun.security.ec.ECKeyPairGenerator",
+ List.of("EllipticCurve"), ATTRS));
+ putService(new ProviderServiceA(this, "KeyPairGenerator",
+ "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS));
+
+ /*
+ * Key Agreement engine
@ -3598,7 +3604,7 @@ index 8c9e4f9dbe6..883dc04758e 100644
}
private void putXDHEntries() {
@@ -344,23 +350,25 @@ public final class SunEC extends Provider {
@@ -342,23 +349,25 @@ public final class SunEC extends Provider {
"X448", "sun.security.ec.XDHKeyFactory.X448",
ATTRS));
@ -3641,7 +3647,7 @@ index 8c9e4f9dbe6..883dc04758e 100644
}
private void putEdDSAEntries() {
@@ -375,21 +383,23 @@ public final class SunEC extends Provider {
@@ -373,21 +382,23 @@ public final class SunEC extends Provider {
putService(new ProviderServiceA(this, "KeyFactory",
"Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS));

48
java-latest-openjdk.spec
View File

@ -308,14 +308,14 @@
%endif
# New Version-String scheme-style defines
%global featurever 18
%global featurever 19
%global interimver 0
%global updatever 2
%global updatever 0
%global patchver 0
# buildjdkver is usually same as %%{featurever},
# but in time of bootstrap of next jdk, it is featurever-1,
# and this it is better to change it here, on single place
%global buildjdkver %{featurever}
%global buildjdkver 18
# We don't add any LTS designator for STS packages (Fedora and EPEL).
# We need to explicitly exclude EPEL as it would have the %%{rhel} macro defined.
%if 0%{?rhel} && !0%{?epel}
@ -360,14 +360,14 @@
# Define IcedTea version used for SystemTap tapsets and desktop file
%global icedteaver 6.0.0pre00-c848b93a8598
# Define current Git revision for the FIPS support patches
%global fipsver 60131cc7271
%global fipsver d95bb40c7c8
# Standard JPackage naming and versioning defines
%global origin openjdk
%global origin_nice OpenJDK
%global top_level_dir_name %{origin}
%global top_level_dir_name_backup %{top_level_dir_name}-backup
%global buildver 9
%global buildver 36
%global rpmrelease 1
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
%if %is_system_jdk
@ -1084,7 +1084,6 @@ exit 0
%define files_demo() %{expand:
%license %{_jvmdir}/%{sdkdir -- %{?1}}/legal
%{_jvmdir}/%{sdkdir -- %{?1}}/demo
%{_jvmdir}/%{sdkdir -- %{?1}}/sample
}
%define files_src() %{expand:
@ -1360,6 +1359,9 @@ Source16: CheckVendor.java
# nss fips configuration file
Source17: nss.fips.cfg.in
# Ensure translations are available for new timezones
Source18: TestTranslations.java
############################################
#
# RPM/distribution specific patches
@ -1379,10 +1381,12 @@ Patch2: rh1648644-java_access_bridge_privileged_security.patch
Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch
# Depend on pcsc-lite-libs instead of pcsc-lite-devel as this is only in optional repo
Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
# Add translations for Europe/Kyiv locally until upstream is fully updated for tzdata2022b
Patch7: jdk8292223-tzdata2022b-kyiv.patch
# Crypto policy and FIPS support patches
# Patch is generated from the fips-18u tree at https://github.com/rh-openjdk/jdk/tree/fips-18u
# as follows: git diff %%{vcstag} src make > fips-18u-$(git show -s --format=%h HEAD).patch
# Patch is generated from the fips-19u tree at https://github.com/rh-openjdk/jdk/tree/fips-19u
# as follows: git diff %%{vcstag} src make > fips-19u-$(git show -s --format=%h HEAD).patch
# Diff is limited to src and make subdirectories to exclude .github changes
# Fixes currently included:
# PR3183, RH1340845: Follow system wide crypto policy
@ -1403,7 +1407,7 @@ Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-d
# RH2094027: SunEC runtime permission for FIPS
# RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
# RH2090378: Revert to disabling system security properties and FIPS mode support together
Patch1001: fips-18u-%{fipsver}.patch
Patch1001: fips-19u-%{fipsver}.patch
#############################################
#
@ -1823,6 +1827,7 @@ pushd %{top_level_dir_name}
%patch2 -p1
%patch3 -p1
%patch6 -p1
%patch7 -p1
# Add crypto policy and FIPS support
%patch1001 -p1
# alt-java
@ -2075,9 +2080,9 @@ function debugcheckjdk() {
IFS=$'\n'
for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT")
do
# We expect to see .cpp files, except for architectures like aarch64 and
# We expect to see .cpp and .S files, except for architectures like aarch64 and
# s390 where we expect .o and .oS files
echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$"
echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|S|oS))?$"
done
IFS="$old_IFS"
@ -2289,10 +2294,6 @@ done
# See https://bugzilla.redhat.com/show_bug.cgi?id=741821
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/.java/.systemPrefs
# copy samples next to demos; samples are mostly js files
cp -r %{top_level_dir_name}/src/sample $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/
# moving config files to /etc
mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}
mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib
@ -2359,6 +2360,14 @@ if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; els
$JAVA_HOME/bin/javac -d . %{SOURCE16}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" "%{oj_vendor_url}" "%{oj_vendor_bug_url}" "%{oj_vendor_version}"
# Check translations are available for new timezones
$JAVA_HOME/bin/javac --add-exports java.base/sun.util.resources=ALL-UNNAMED \
--add-exports java.base/sun.util.locale.provider=ALL-UNNAMED \
-d . %{SOURCE18}
$JAVA_HOME/bin/java --add-exports java.base/sun.util.resources=ALL-UNNAMED \
--add-exports java.base/sun.util.locale.provider=ALL-UNNAMED \
$(echo $(basename %{SOURCE18})|sed "s|\.java||") "Europe/Kiev" "Europe/Kyiv"
%if %{include_staticlibs}
# Check debug symbols in static libraries (smoke test)
export STATIC_LIBS_HOME=${JAVA_HOME}/%{static_libs_install_dir}
@ -2626,6 +2635,15 @@ cjc.mainProgram(args)
%endif
%changelog
* Mon Aug 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:19.0.0.0.36-1.rolling
- Update to RC version of OpenJDK 19
- Update release notes to 19.0.0
- Rebase FIPS patches from fips-19u branch
- Need to include the '.S' suffix in debuginfo checks after JDK-8284661
- Add patch to provide translations for Europe/Kyiv added in tzdata2022b
- Add test to ensure timezones can be translated
- Remove references to sample directory removed by JDK-8284999
* Fri Jul 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:18.0.2.0.9-1.rolling
- Update to jdk-18.0.2 release
- Update release notes to 18.0.2

132
jdk8292223-tzdata2022b-kyiv.patch Normal file
View File

@ -0,0 +1,132 @@
diff --git a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
index 8759aab3995..11ccbf73839 100644
--- a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
+++ b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
@@ -847,6 +847,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
{"Europe/Kirov", new String[] {"Kirov Standard Time", "GMT+03:00",
"Kirov Daylight Time", "GMT+03:00",
"Kirov Time", "GMT+03:00"}},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
index f007c1a8d3b..617268e4cf3 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
index 386414e16e6..14c5d89b9c5 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
index d23f5fd49e6..44117125619 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_fr extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
index b4f57d4568c..efa818f3865 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_it extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
index 1a10a9f96dc..7c0565461ad 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_ja extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
index 9a2d9e5c57c..8a2c805997f 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_ko extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
index de5e5c82daa..e3c06417f09 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_pt_BR extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
index b53de4d8c89..3e46b6a063e 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_sv extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
index 7797cda19d5..590908409a8 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
@@ -825,6 +825,7 @@ public final class TimeZoneNames_zh_CN extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
index 2cd10554853..23c5f180b6d 100644
--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
@@ -827,6 +827,7 @@ public final class TimeZoneNames_zh_TW extends TimeZoneNamesBundle {
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", EET},
{"Europe/Kiev", EET},
+ {"Europe/Kyiv", EET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},

2
sources
View File

@ -1,2 +1,2 @@
SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30
SHA512 (openjdk-jdk18u-jdk-18.0.2+9.tar.xz) = 08b06407deb4a13f36b29738b8038c7b2ce953eb526abe732fb4a256d968511c9ef705c5d568b4b3c98867665b748e331c9f293e69fc13bea1eed6879b6095d0
SHA512 (openjdk-jdk19u-jdk-19+36.tar.xz) = c441e1f7dbabe3e66e062a7f661f953e06c10dd165995e2996e614d32f2333cd4532f45064ba4d098dfc8fa3637448d4dc9869c235d086ef80499a7a262f4ede