[Bug 3608] [IcedTea7] CVE-2018-3639 hw: cpu: speculative store bypass mitigation

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Sat Dec 29 06:12:15 UTC 2018 

https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3608

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.6?cmd=changeset;node=d3a9b945a1d1
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Sat Dec 29 06:06:32 2018 +0000

    Bump to 2.6.15.

    Upstream changes:
      - Bump to icedtea-2.6.15
      - PR3604: Frequent JVM Crash SIGSEGV same stacktrace location during
tomcat start with hibernate init on 7u181-2.6.14-0ubuntu0.1
      - PR3608: CVE-2018-3639 hw: cpu: speculative store bypass mitigation
      - PR3615: Fix whitespace in hotspot/src/cpu/aarch64
      - PR3616: Don't include timestamps in generated documentation
      - S8001419: Build the JCE portion of JDK-8000970
      - S8005661: [parfait] Possible buffer overrun in
jdk/src/solaris/native/sun/awt/awt_GraphicsEnv.c
      - S8005695: [parfait] Format string argument mismatch in
jdk/src/solaris/native/sun/xawt/XToolkit.c
      - S8005752: [parfait] False positive function call mismatch at
jdk/src/solaris/native/sun/xawt/XWindow.c
      - S8020842: IDN do not throw IAE when hostname ends with a trailing dot
      - S8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java
fails
      - S8029020: Check src/share/native/java/util/zip code for JNI pending
exceptions
      - S8034031: [parfait] JNI exception pending in
jdk/src/macosx/native/apple/security/KeystoreImpl.m
      - S8034856: gcc warnings compiling src/solaris/native/sun/security/pkcs11
      - S8034857: gcc warnings compiling src/solaris/native/sun/management
      - S8035054: JarFacade.c should not include ctype.h
      - S8035287: gcc warnings compiling various libraries files
      - S8051972: sun/security/pkcs11/ec/ReadCertificates.java fails
intermittently
      - S8054213: Class name repeated in output of Type.toString()
      - S8076117: EndEntityChecker should not process custom extensions after
PKIX validation
      - S8150530: Improve javax.crypto.BadPaddingException messages
      - S8153955: increase java.util.logging.FileHandler MAX_LOCKS limit
      - S8157898: SupportedDSAParamGen.java failed with timeout
      - S8170035: When determining the ciphersuite lists, there is no debug
output for disabled suites.
      - S8175075: Add 3DES to the default disabled algorithm security property
      - S8176183: sun/security/mscapi/SignedObjectChain.java fails on Windows
      - S8179665: [Windows] java.awt.IllegalComponentStateException: component
must be showing on the screen to determine its location
      - S8183032: Upgrade to LittleCMS 2.9
      - S8186032: Disable XML Signatures signed with EC keys less than 224 bits
      - S8187496: Possible memory leak in
java.apple.security.KeychainStore.addItemToKeychain
      - S8187635: On Windows Swing changes keyboard layout on a window
activation
      - S8189123: More consistent classloading
      - S8189789: tomcat gzip-compressed response bodies appear to be broken in
update 151
      - S8189969: Manifest better manifest entries
      - S8189977: Improve permission portability
      - S8189981: Improve queuing portability
      - S8189985: Improve tabular data portability
      - S8189989: Improve container portability
      - S8189997: Enhance keystore mechanisms
      - S8190877: Better handling of abstract classes
      - S8191239: Improve desktop file usage
      - S8191358: Restore TSA certificate expiration check
      - S8191696: Better mouse positioning
      - S8191909: Nightly failures in nashorn suite
      - S8192025: Less referential references
      - S8192030: Better MTSchema support
      - S8192757: Improve stub classes implementation
      - S8192789: Avoid using AtomicReference in
sun.security.provider.PolicyFile
      - S8193409: Improve AES supporting classes
      - S8193414: Improvements in MethodType lookups
      - S8193419: Better Internet address support
      - S8193833: Better RMI connection support
      - S8194259: keytool error: java.io.IOException: Invalid secret key format
      - S8196224: Even better Internet address support
      - S8196854: TestFlushableGZIPOutputStream failing with
IndexOutOfBoundsException
      - S8197871: Support Derby connections
      - S8197925: Better stack walking
      - S8197943: Unable to use JDWP API in JDK 8 to debug JDK 9 VM
      - S8198494: 8u171 and 8u172 - Build failure on non-SE Linux Platforms
      - S8198963: Fix new rmi property name
      - S8199547: Exception to Pattern Syntax
      - S8200314: JDK 8u171 l10n resource file update - msg drop 40
      - S8200359: (tz) Upgrade time-zone data to tzdata2018d
      - S8200666: Improve LDAP support
      - S8200760: java.security-linux was missed in backport of JDK-8160104
      - S8201433: Fix potential crash in BufImg_SetupICM
      - S8202585: JDK 8u181 l10n resource file update
      - S8202850: Fix for 8189123 doesn't include precompiled header
      - S8202996: Remove debug print statements from RMI fix
      - S8203182: Release session if initialization of SunPKCS11 Signature
fails
      - S8203233: (tz) Upgrade time-zone data to tzdata2018e
      - S8203368: ObjectInputStream filterCheck method throws
NullPointerException
      - S8205491: adjust reflective access checks
      - S8205587: Implicit function declaration in jni_util.c
      - S8207151: Frequent JVM Crash SIGSEGV same stacktrace location during
tomcat start with hibernate init on 7u181-2.6.14-0ubuntu0.1
      - S8207345, PR3614: Trampoline generation code reads from uninitialized
memory

    ChangeLog:

    2018-12-28  Andrew John Hughes  <gnu_andrew at member.fsf.org>

        Bump to 2.6.15.
        * Makefile.am:
        (JDK_UPDATE_VERSION): Bump to 191.
        (BUILD_VERSION): Set to b02.
        (CORBA_CHANGESET): Update to icedtea-2.6.15.
        (JAXP_CHANGESET): Likewise.
        (JAXWS_CHANGESET): Likewise.
        (JDK_CHANGESET): Likewise.
        (LANGTOOLS_CHANGESET): Likewise.
        (OPENJDK_CHANGESET): Likewise.
        (CORBA_SHA256SUM): Likewise.
        (JAXP_SHA256SUM): Likewise.
        (JAXWS_SHA256SUM): Likewise.
        (JDK_SHA256SUM): Likewise.
        (LANGTOOLS_SHA256SUM): Likewise.
        (OPENJDK_SHA256SUM): Likewise.
        * NEWS: Updated.
        * configure.ac: Bump to 2.6.15.
        * hotspot.map.in: Update to icedtea-2.6.15.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20181229/d28b101b/attachment.html>

More information about the distro-pkg-dev mailing list