- * RH2048582: Support PKCS#12 keystores
- * RH2020290: Support TLS 1.3 in FIPS mode
- * Add nss.fips.cfg support to OpenJDK tree
- * RH2117972: Extend the support for NSS DBs (PKCS11) in FIPS mode
- * Remove forgotten dead code from RH2020290 and RH2104724
- * OJ1357: Fix issue on FIPS with a SecurityManager in place
- * RH2134669: Add missing attributes when registering services in FIPS mode.
- * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class
- * RH1940064: Enable XML Signature provider in FIPS mode
- * Remove GCC minor versioning (JDK-8284772) to unbreak testing
- Drop local nss.fips.cfg.in handling now this is handled in the patched OpenJDK build
- require tzdata 2023c
- initial update to jdk21
- commented out fips patches
- updated to jdk21 ea
- updated patch 1001 - rh1648249-add_commented_out_nss_cfg_provider_to_java_security
- replaced files used for static libs smoke tests
* Update NEWS
- Update system crypto policy & FIPS patch from new fips-20u tree
* RH2104724: Avoid import/export of DH private keys
* RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode
* Build the systemconf library on all platforms
- Update generate_tarball.sh ICEDTEA_VERSION and add support for passing a boot JDK to the configure run
- Revert changes to generate_tarball.sh which break error handling
- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace
- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs
- Revert changes to patch macro which break on older versions of rpm (4.16)
- Revert changes to configure run
- Update CLDR reference data following update to 42 (Rocky Mountain-Normalzeit => Rocky-Mountain-Normalzeit)
- Re-enable disabled translation test
- Automatically turn off building a fresh HotSpot first, if the bootstrap JDK is not the same major version as that being built
- remvoed already upstreamed patches patch2006,2007,2008,2009
- commented out not yet adapted patch1001 - fips support
- removed --disable-sysconf-nss due to missing patch 1001 from configure
-- todo return both patch1001 and disable-sysconf-nss!
- adapted rh1750419-redhat_alt_java.patch and rh1750419-redhat_alt_java.patch patches
* RH2023467: Enable FIPS keys export
* RH2094027: SunEC runtime permission for FIPS
* RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
* RH2090378: Revert to disabling system security properties and FIPS mode support together
Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
Enable system security properties in the RPM (now disabled by default in the FIPS repo)
Improve security properties test to check both enabled and disabled behaviour
Run security properties test with property debugging on
Minor sync-ups with java-17-openjdk spec file
* Add new slave jwebserver and corresponding manpage
- Adjust rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
- Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so in the server directory
- Disable HotSpot-only pre-build which is incompatible with the boot JDK being a different major version to that being built
- Rebase FIPS patches from fips-18u branch and simplify by using a single patch from that repository
- Detect NSS at runtime for FIPS detection
- Turn off build-time NSS linking and go back to an explicit Requires on NSS
- Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Update to jdk 15.0.0.36 tag
- Modify rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
- Update vendor version string to 20.9
- Remove jjs binaries from files after JEP 372: Nashorn removal
- Remove rmic binaries from files after JDK-8225319
Petra Alice Mikova
Andrew John Hughes
Jiri
Petra Mikova