Go to file
Andrew John Hughes e426a3c6f9 Support the FIPS mode crypto policy (RH1655466)
Update RH1655466 FIPS patch with changes in OpenJDK 8 version.
SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file.
Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg.
No need to substitute path to nss.fips.cfg as java.security file supports a java.home variable.
Disable FIPS mode support unless com.redhat.fips is set to "true".
Use appropriate keystore types when in FIPS mode (RH1818909)
Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable).
Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986)
Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode
Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071)
2021-09-06 01:15:24 +01:00
.gitignore Update to jdk-17+33, including JDWP fix and July 2021 CPU 2021-07-30 06:27:26 +01:00
generate_source_tarball.sh Update to jdk-16.0.0.0+36 2021-02-23 17:04:55 +00:00
icedtea_sync.sh many cosmetic changes taken from more maintained jdk11 2020-12-20 09:15:28 +01:00
java-latest-openjdk.spec Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
jconsole.desktop.in Initial commit 2019-04-02 19:40:23 +02:00
NEWS Update to jdk-15.0.2.0+7 2021-01-22 13:25:56 +00:00
nss.cfg.in Initial commit 2019-04-02 19:40:23 +02:00
nss.fips.cfg.in Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch Initial commit 2019-04-02 19:40:23 +02:00
pr3695-toggle_system_crypto_policy.patch Add PR3695 to allow the system crypto policy to be turned off. 2021-06-24 18:37:35 +02:00
README.md Added patches that I did not somehow pack to srpm 2019-04-04 10:38:23 +02:00
remove-intree-libraries.sh Perform static library build on a separate source tree with bundled image libraries 2021-03-11 19:03:35 +01:00
rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch Initial commit 2019-04-02 19:40:23 +02:00
rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch Update of the package to OpenJDK 13 2019-07-09 10:59:30 +02:00
rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch 2021-06-28 18:04:36 +02:00
rh1648644-java_access_bridge_privileged_security.patch Initial commit 2019-04-02 19:40:23 +02:00
rh1655466-global_crypto_and_fips.patch Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch Initial commit 2019-04-02 19:40:23 +02:00
rh1750419-redhat_alt_java.patch Update to jdk-16.0.0.0+36 2021-02-23 17:04:55 +00:00
rh1818909-fips_default_keystore_type.patch Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
rh1860986-disable_tlsv1.3_in_fips_mode.patch Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
rh1915071-always_initialise_configurator_access.patch Support the FIPS mode crypto policy (RH1655466) 2021-09-06 01:15:24 +01:00
sources Update to jdk-17+33, including JDWP fix and July 2021 CPU 2021-07-30 06:27:26 +01:00
TestCryptoLevel.java Initial commit 2019-04-02 19:40:23 +02:00
TestECDSA.java Initial commit 2019-04-02 19:40:23 +02:00
TestSecurityProperties.java many cosmetic changes taken from more maintained jdk11 2020-12-20 09:15:28 +01:00
update_package.sh Update for JDK 15 GA 2020-09-15 18:00:52 +02:00

Rolling release of (usually) STSs OpenJDK OpenJDK has release cadence of 6 months, but 3/4 of them are Short Term Supported for 6 months only. This package is designed to harbor them. Currently it is build of OpenJDK 12. LTSs will go also as separate packages.

JDK12 is current release of Java platform. It is bringing many cool improvements - https://openjdk.java.net/projects/jdk/12/ and is landing to your Fedora. Where it will be maintained for f28 and newer. Unluckily, this package is STS (short term support) version. Between individual LTS there will be always several STS. Again, please see announcement: http://mail.openjdk.java.net/pipermail/discuss/2017-September/004281.html and See java SIG plans: https://jvanek.fedorapeople.org/devconf/2018/changesInjavaReleaseProcess.pdf . So this is rolling release of all STSs to come. Its fate during the release of fresh LTS is yet to be decided. You will always be allowed to install LTS in fedora build root, alongside with latest STS via alternatives.

See announcement: http://mail.openjdk.java.net/pipermail/discuss/2017-September/004281.html See java SIG plans: https://jvanek.fedorapeople.org/devconf/2018/changesInjavaReleaseProcess.pdf

https://bugzilla.redhat.com/show_bug.cgi?id=1557371#c0 https://fedoraproject.org/wiki/Changes/java-openjdk-10 https://fedoraproject.org/wiki/Changes/java-11-openjdk-TechPreview