[Bug 2124] [IcedTea7] Synchronise elliptic curves in sun.security.ec.NamedCurve with those listed by NSS
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Fri Apr 14 19:17:17 UTC 2017
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2124
--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea7?cmd=changeset;node=df0f259a2fcc
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Apr 14 07:14:20 2017 +0100
Bump to icedtea-2.7.0pre10.
Upstream changes:
- Bump to icedtea-2.7.0pre10
- S6253144: Long narrowing conversion should describe the algorithm used
and implied "risks"
- S6328537: Improve javadocs for Socket class by adding references to
SocketOptions
- S6624200: Regression test fails:
test/closed/javax/swing/JMenuItem/4654927/bug4654927.java
- S6882559: new JEditorPane("text/plain","") fails for null context class
loader
- S6978886: javadoc shows stacktrace after print error resulting from
disk full
- S6995421: Eliminate the static dependency to
sun.security.ec.ECKeyFactory
- S6996372: synchronizing handshaking hash
- S7027045: (doc) java/awt/Window.java has several typos in javadoc
- S7054969: Null-check-in-finally pattern in java/security documentation
- S7059542: JNDI name operations should be locale independent
- S7072353: JNDI libraries do not build with javac -Xlint:all -Werror
- S7075563: Broken link in "javax.swing.SwingWorker"
- S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11
- S7088502: Security libraries don't build with javac -Werror
- S7090158: Networking Libraries don't build with javac -Werror
- S7092447: Clarify the default locale used in each locale sensitive
operation
- S7093640: Enable client-side TLS 1.2 by default
- S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager
is installed
- S7117360: Warnings in java.util.concurrent.atomic package
- S7117465: Warning cleanup for IMF classes
- S7125055: ContentHandler.getContent API changed in error
- S7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on windows
- S7172012: Make test-in-build an option (Queens)
- S7187051: ShortRSAKeynnn.sh tests should do cleanup before start test
- S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an
error
- S8000418: javadoc should used a standard "generated by javadoc" string
- S8000626: Implement dead key detection for KeyEvent on Linux
- S8000666: javadoc should write directly to Writer instead of composing
strings
- S8000673: remove dead code from HtmlWriter and subtypes
- S8000897: VM crash in CompileBroker
- S8000970: break out auxiliary classes that will prevent multi-core
compilation of the JDK
- S8001669: javadoc internal DocletAbortException should set cause when
appropriate
- S8003890: corelibs test scripts should pass TESTVMOPTS
- S8005629: javac warnings compiling java.awt.EventDispatchThread and
sun.awt.X11.XIconWindow
- S8008949: javadoc stopped copying doc-files
- S8010297: Missing isLoggable() checks in logging code
- S8010782: clean up source files containing carriage return characters
- S8011402: Move blacklisting certificate logic from hard code to data
- S8011547: Update XML Signature implementation to Apache Santuario 1.5.4
- S8012288: XML DSig API allows wrong tag names and extra elements in
SignedInfo
- S8014431: cleanup warnings indicated by the -Wunused-value compiler
option on linux
- S8015265: revise the fix for 8007037
- S8016217: More javadoc warnings
- S8016491: PPC64 (part 2): Clean up PPC defines.
- S8016586: PPC64 (part 3): basic changes for PPC64
- S8016696: PPC64 (part 4): add relocation for trampoline stubs
- S8016747: Replace deprecated PlatformLogger isLoggable(int) with
isLoggable(Level)
- S8017313: PPC64 (part 6): stack handling improvements
- S8017317: PPC64 (part 7): cppInterpreter: implement support for biased
locking
- S8017325: Cleanup of the javadoc <code> tag in java.security.cert
- S8017326: Cleanup of the javadoc <code> tag in java.security.spec
- S8019517: PPC64 (part 102): cppInterpreter: implement G1 support
- S8019518: PPC64 (part 103): cppInterpreter: implement support for
compressed Oops
- S8019519: PPC64 (part 105): C interpreter: implement support for jvmti
early return.
- S8019772: Fix doclint issues in javax.crypto and javax.security
subpackages
- S8019929: PPC64 (part 107): Extend ELF-decoder to support PPC64
function descriptor tables
- S8019973: PPC64 (part 11): Fix IA64 preprocessor conditionals on AIX.
- S8020121: PPC64: fix build in cppInterpreter after 8019519
- S8020190: Fatal: Bug in native code: jfieldID must match object
- S8020557: javadoc cleanup in javax.security
- S8020688: Broken links in documentation at
http://docs.oracle.com/javase/6/docs/api/index.
- S8020708: NLS mnemonics missing in SwingSet2/JInternalFrame demo
- S8021108: Clean up doclint warnings and errors in java.text package
- S8021417: Fix doclint issues in java.util.concurrent
- S8021833: javadoc cleanup in java.net
- S8022120: JCK test
api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
- S8022175: Fix doclint warnings in javax.print
- S8022406: Fix doclint issues in java.beans
- S8022746: List of spelling errors in API doc
- S8024344: PPC64 (part 112): C argument in register AND stack slot.
- S8024468: PPC64 (part 201): cppInterpreter: implement bytecode
profiling
- S8024469: PPC64 (part 202): cppInterpreter: support for OSR.
- S8024756: method grouping tabs are not selectable
- S8024779: [macosx] SwingNode crashes on exit
- S8024854: PPC64: Basic changes and files to build the class library on
AIX
- S8024900: PPC64: Enable new build on AIX (jdk part)
- S8025085: [javadoc] some errors in javax/swing
- S8025218: [javadoc] some errors in java/awt classes
- S8025249: [javadoc] fix some javadoc errors in javax/swing/
- S8025409: Fix javadoc comments errors and warning reported by doclint
report
- S8026021: more fix of javadoc errors and warnings reported by doclint,
see the description
- S8026119: Regression test DHEKeySizing.java failing intermittently
- S8026741: jdk8 l10n resource file translation update 5
- S8029957: PPC64 (part 213): cppInterpreter: memory ordering for object
initialization
- S8033168: PPC64: gcc 4.8 warning in output_c.cpp
- S8034797: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280
- S8035396: Introduce accessor for tmp_oop in frame.
- S8035647: PPC64: Support for elf v2 abi.
- S8036767: PPC64: Support for little endian execution model
- S8036976: PPC64: implement the template interpreter
- S8037099: [macosx] Remove all references to GC from native OBJ-C code
- S8037915: PPC64/AIX: Several smaller fixes
- S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID
attribute value is empty String
- S8038349: Signing XML with DSA throws Exception when key is larger than
1024 bits
- S8042309: Some bugfixes for the ppc64 port
- S8048147: Privilege tests with JAAS Subject.doAs
- S8048357: PKCS basic tests
- S8049171: Additional tests for jarsigner's warnings
- S8049244: XML Signature performance issue caused by unbuffered
signature data
- S8049432: New tests for TLS property jdk.tls.client.protocols
- S8050893: (smartcardio) Invert reset argument in tests in
sun/security/smartcardio
- S8050942: PPC64: implement template interpreter for ppc64le
- S8050972: Concurrency problem in PcDesc cache
- S8056122: Upgrade JDK to use LittleCMS 2.6
- S8057934: Upgrade to LittleCMS 2.6 breaks AIX build
- S8059177: jdk8u40 l10n resource file translation update 1
- S8059212: Modify sun/security/smartcardio manual regression tests so
that they do not just fail if no cardreader found
- S8067364: Printing to Postscript doesn't support dieresis
- S8068279: (typo in the spec)
javax.script.ScriptEngineFactory.getLanguageName
- S8068491: Update the protocol for references of docs.oracle.com to
HTTPS.
- S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be
updated for JDK-8061210
- S8069590: AIX port of "8050807: Better performing performance data
handling"
- S8075118: JVM stuck in infinite loop during verification
- S8075584: test for 8067364 depends on hardwired text advance
- S8076369: Introduce the jdk.tls.client.protocols system property for
JDK 7u
- S8076486: [TESTBUG] javax/security/auth/Subject/doAs/NestedActions.java
fails if extra VM options are given
- S8077953: [TEST_BUG]
com/sun/management/OperatingSystemMXBean/TestTotalSwap.java Compilation failed
after JDK-8077387
- S8078482: ppc: pass thread to throw_AbstractMethodError
- S8078823, PR2809: javax/net/ssl/ciphersuites/DisabledAlgorithms.java
fails intermittently
- S8080190: PPC64: Fix wrong rotate instructions in the .ad file
- S8080628: No mnemonics on Open and Save buttons in JFileChooser
- S8083601: jdk8u60 l10n resource file translation update 2
- S8138725: Add options for Javadoc generation
- S8139258: PPC64LE: argument passing problem when passing 15 floats in
native call
- S8139421: PPC64LE: MacroAssembler::bxx64_patchable kill register R12
- S8139565: Restrict certificates with DSA keys less than 1024 bits
- S8140353: Improve signature checking
- S8140422: Add mechanism to allow non default root CAs to be not subject
to algorithm restrictions
- S8140530: Creating a VolatileImage with size 0,0 results in no longer
working g2d.drawString
- S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of
direct class check
- S8142926: OutputAnalyzer's shouldXXX() calls return this
- S8143134: L10n resource file translation update
- S8143959: Certificates requiring blacklisting
- S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
- S8147077: IllegalArgumentException thrown by
api/java_awt/Component/FlipBufferStrategy/indexTGF_General
- S8148127: IllegalArgumentException thrown by JCK test
api/java_awt/Component/FlipBufferStrategy/indexTGF_General in opengl pipeline
- S8148487: PPC64: Better byte behavior
- S8148516: Improve the default strength of EC in JDK
- S8148516, PR2809: Improve the default strength of EC in JDK
[test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java update]
- S8149029: Secure validation of XML based digital signature always
enabled when checking wrapping attacks
- S8150611: Security problem on sun.misc.resources.Messages*
- S8151893: Add security property to configure XML Signature secure
validation mode
- S8151921: Improved page resolution
- S8151934: Resolve class resolution
- S8155760: Implement Serialization Filtering
- S8155968: Update command line options
- S8155973: Tighten jar checks
- S8156802: Better constraint checking
- S8157176: Improved classfile parsing
- S8157653: [Parfait] Uninitialised variable in awt_Font.cpp
- S8157739: Classloader Consistency Checking
- S8157749: Improve handling of DNS error replies
- S8157753: Audio replay enhancement
- S8157759: LCMS Transform Sampling Enhancement
- S8157764: Better handling of interpolation plugins
- S8158260: PPC64: unaligned Unsafe.getInt can lead to the generation of
illegal instructions
- S8158302: Handle contextual glyph substitutions
- S8158406: Limited Parameter Processing
- S8158734: JEditorPane.createEditorKitForContentType throws NPE after
6882559
- S8158993: Service Menu services
- S8158997: JNDI Protocols Switch
- S8159495: Fix index offsets
- S8159503: Amend Annotation Actions
- S8159507: RuntimeVisibleAnnotation validation
- S8159511: Stack map validation
- S8159515: Improve indy validation
- S8159519: Reformat JDWP messages
- S8159684: (tz) Support tzdata2016f
- S8160090: Better signature handling in pack200
- S8160094: Improve pack200 layout
- S8160098: Clean up color profiles
- S8160591: Improve internal array handling
- S8160838: Better HTTP service
- S8160934: isnan() is not available on older MSVC compilers
- S8161218: Better bytecode loading
- S8161228: URL objects with custom protocol handlers have port changed
after deserializing
- S8161571: Verifying ECDSA signatures permits trailing bytes
- S8161743: Provide proper login context
- S8162411: Service Menu services 2
- S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh failing
after JDK-8155968
- S8162511: 8u111 L10n resource file updates
- S8162577: Standardize logging levels
- S8162792: Remove constraint DSA keySize < 1024 from
jdk.jar.disabledAlgorithms in jdk8
- S8162973: Better component components
- S8163304: jarsigner -verbose -verify should print the algorithms used
to sign the jar
- S8164143: Improve components for menu items
- S8164147: Improve streaming socket output
- S8164452: 8u111 L10n resource file update - msgdrop 20
- S8164908: ReflectionFactory support for IIOP and custom serialization
- S8165071: Expand TLS support
- S8165230: RMIConnection addNotificationListeners failing with specific
inputs
- S8165344: Update concurrency support
- S8165807: PPC64: Backport PPC64 port to OpenJDK 7
- S8165816: jarsigner -verify shows jar unsigned if it was signed with a
weak algorithm
- S8166381: Back out changes to the java.security file to not disable MD5
- S8166393: disabledAlgorithms property should not be strictly parsed
- S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra
is very fast (Trackpad, Retina only)
- S8166739: Improve extensibility of ObjectInputFilter information passed
to the filter
- S8166875: (tz) Support tzdata2016g
- S8166878: Connection reset during TLS handshake
- S8166988: Improve image processing performance
- S8167104: Additional class construction refinements
- S8167144: Fix aix after 8022507: SIGSEGV at
ParMarkBitMap::verify_clear()
- S8167198: Changes to make AIX compile after the merge
- S8167223: URL handling improvements
- S8167335: Fix build on Linux with 64kb default page size
- S8167356: Follow up fix for jdk8 backport of 8164143. Changes for
CMenuComponent.m were missed
- S8167459: Add debug output for indicating if a chosen ciphersuite was
legacy
- S8167472: Chrome interop regression with JDK-8148516
- S8167591: Add MD5 to signed JAR restrictions
- S8168705: Better ObjectIdentifier validation
- S8168714: Tighten ECDSA validation
- S8168724: ECDSA signing improvments
- S8168728: DSA signing improvments
- S8168861: AnchorCertificates uses hardcoded password for cacerts
keystore
- S8168993: JDK8u121 L10n resource file update
- S8169191: (tz) Support tzdata2016i
- S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for
January CPU
- S8169911: Enhanced tests for jarsigner -verbose -verify after
JDK-8163304
- S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms
property
- S8170268: 8u121 L10n resource file update - msgdrop 20
- S8173622: Backport of 7180907 is incomplete
- S8173849: Fix use of java.util.Base64 in test cases
- S8173854: [TEST] Update DHEKeySizing test case following 8076328 &
8081760
ChangeLog:
2017-04-07 Andrew John Hughes <gnu_andrew at member.fsf.org>
Bump to icedtea-2.7.0pre10.
* Makefile.am:
(JDK_UPDATE_VERSION): Bump to 131.
(BUILD_VERSION): Reset to b00.
(CORBA_CHANGESET): Update to icedtea-2.7.0pre10.
(JAXP_CHANGESET): Likewise.
(JAXWS_CHANGESET): Likewise.
(JDK_CHANGESET): Likewise.
(LANGTOOLS_CHANGESET): Likewise.
(OPENJDK_CHANGESET): Likewise.
(CORBA_SHA256SUM): Likewise.
(JAXP_SHA256SUM): Likewise.
(JAXWS_SHA256SUM): Likewise.
(JDK_SHA256SUM): Likewise.
(LANGTOOLS_SHA256SUM): Likewise.
(OPENJDK_SHA256SUM): Likewise.
(install-data-local): Install blacklisted.certs.
* NEWS: Updated.
* configure.ac: Bump to 2.7.0pre10.
* hotspot.map.in: Update to icedtea-2.7.0pre10.
* patches/boot/ecj-diamond.patch,
Regenerated. Add new cases in
com.sun.jndi.cosnaming.CNCtx,
com.sun.jndi.cosnaming.CNNameParser,
com.sun.jndi.cosnaming.IiopUrl,
com.sun.jndi.dns.DnsContextFactory,
com.sun.jndi.dns.DnsName,
com.sun.jndi.dns.NameNode,
com.sun.jndi.dns.ResourceRecords,
com.sun.jndi.ldap.EventSupport,
com.sun.jndi.ldap.LdapClient,
com.sun.jndi.ldap.LdapCtxFactory,
com.sun.jndi.ldap.LdapCtx,
com.sun.jndi.ldap.LdapName,
com.sun.jndi.ldap.LdapResult,
com.sun.jndi.ldap.LdapSchemaParser,
com.sun.jndi.ldap.NamingEventNotifier,
com.sun.jndi.ldap.Obj,
com.sun.jndi.ldap.pool.Connections,
com.sun.jndi.ldap.pool.Pool,
com.sun.jndi.ldap.sasl.LdapSasl,
com.sun.jndi.toolkit.ctx.Continuation,
com.sun.jndi.toolkit.dir.HierMemDirCtx,
com.sun.jndi.toolkit.dir.SearchFilter,
com.sun.jndi.toolkit.url.GenericURLContext,
com.sun.naming.internal.FactoryEnumeration,
com.sun.naming.internal.ResourceManager,
com.sun.naming.internal.VersionHelper,
java.net.SocketPermission,
java.net.URLConnection,
java.net.URL,
java.util.logging.LogRecord,
javax.naming.directory.BasicAttribute,
javax.naming.directory.BasicAttributes,
javax.naming.ldap.InitialLdapContext,
javax.naming.ldap.LdapName,
javax.naming.ldap.Rdn,
javax.naming.ldap.Rdn,
javax.naming.ldap.Rfc2253Parser,
javax.naming.NamingImpl,
javax.naming.Reference,
javax.naming.spi.DirectoryManager,
javax.naming.spi.NamingManager,
org.jcp.xml.dsig.internal.dom.Policy,
sun.awt.im.ExecutableInputMethodManager,
sun.awt.im.InputContext,
sun.misc.ObjectInputFilter,
sun.net.TransferProtocolClient,
sun.net.www.protocol.http.AuthenticationHeader,
sun.net.www.protocol.http.HttpURLConnection.
sun.security.ssl.ExtensionType,
sun.security.ssl.SupportedEllipticCurvesExtension,
sun.security.ssl.SupportedEllipticPointFormatsExtension,
sun.security.tools.jarsigner.Main,
sun.security.util.UntrustedCertificates,
sun.security.util.AnchorCertificates,
sun.security.util.DisabledAlgorithmConstraints and
sun.security.x509.X509CertImpl.
* patches/boot/ecj-multicatch.patch:
Regenerated. Add new cases in
com.sun.naming.internal.ResourceManager,
sun.net.www.protocol.http.HttpURLConnection,
sun.reflect.ReflectionFactory,
sun.security.x509.X509CertImpl,
com.sun.net.httpserver.spi.HttpServerProvider,
sun.net.ftp.FtpClientProvider,
com.sun.jndi.ldap.AbstractLdapNamingEnumeration,
com.sun.jndi.ldap.Connection and
com.sun.jndi.ldap.LdapCtx.
Drop case in sun.security.util.UntrustedCertificates.
* patches/boot/ecj-stringswitch.patch:
Regenerated. Add new cases in
com.sun.jndi.ldap.LdapCtx and
org.jcp.xml.dsig.internal.dom.Policy.
* patches/boot/ecj-trywithresources.patch:
Regenerated. Updated case in
sun.security.util.UntrustedCertificates.
Add new cases in
com.sun.jndi.ldap.Obj,
sun.security.util.AnchorCertificates and
sun.security.tools.jarsigner.Main.
* patches/boot/ecj-underscored_literals.patch:
Move case from sun.security.ssl.ServerHandshaker
to sun.security.util.Parsing.
* patches/pr2124.patch,
Extend following changes made in 8148516.
* patches/rh1022017.patch:
Adapt to changes made in 8148516.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20170414/6975c59a/attachment-0001.html>
More information about the distro-pkg-dev
mailing list