[PATCH] b39 Release and retro-active security patch review

Andrew Hughes gnu.andrew at redhat.com
Wed May 4 23:48:20 UTC 2016 

We have a new release of IcedTea (http://bitly.com/it11311) and a new OpenJDK
6 release, b39, to go with it. This is made from the current state of the OpenJDK 6
repositories plus backports of the new security fixes included in 7u101 & 8u91.

The tarballs are available here:

https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b39-03_may_2016.tar.gz
https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b39-03_may_2016.tar.xz

SHA256 checksums:

4e21ae0e3b167dc3b76269ef16e5836fdfc1ae6266d2e28dd09248c69f5e3daf  openjdk-6-src-b39-03_may_2016.tar.gz
d11dc2ababe88e7891f1abbd7fa4fe033a65dea22c071331a641374b3247717f  openjdk-6-src-b39-03_may_2016.tar.xz

Changes since b38 (including both CPU fixes and upstreamed changes):
  - S4459600: java -jar fails to run Main-Class if classname followed by whitespace.
  - S4963723: Implement SHA-224
  - S6378099: RFE: Use libfontconfig to create/synthesise a fontconfig.properties
  - S6414899: P11Digest should support cloning
  - S6452854: Provide a flag to print the java configuration
  - S6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
  - S6604496: Support for CKM_AES_CTR (counter mode)
  - S6742159: (launcher) improve the java launching mechanism
  - S6752622: java.awt.Font.getPeer throws "java.lang.InternalError: Not implemented" on Linux
  - S6753664: Support SHA256 (and higher) in SunMSCAPI
  - S6758881: (launcher) needs to throw NoClassDefFoundError instead of JavaRuntimeException
  - S6812738: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes with PCKS11 provider
  - S6856415: Enabling java security manager will make program thrown wrong exception ( main method not found )
  - S6892493: potential memory leaks in 2D font code indentified by parfait.
  - S6924489: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_OPERATION_NOT_INITIALIZED
  - S6925851: Localize JRE into pt_BR
  - S6956398: make ephemeral DH key match the length of the certificate key
  - S6968053: (launcher) hide exceptions under certain launcher failures
  - S6977738: Deadlock between java.lang.ClassLoader and java.util.Properties
  - S6981001: (launcher) EnsureJREInstallation is not being called in order
  - S7017734: jdk7 message drop 1 translation integration
  - S7026184: (launcher) Regression: class with unicode name can't be launched by java.
  - S7033170: Cipher.getMaxAllowedKeyLength(String) throws NoSuchAlgorithmException
  - S7044060: Need to support NSA Suite B Cryptography algorithms
  - S7104161: test/sun/tools/jinfo/Basic.sh fails on Ubuntu
  - S7106773: 512 bits RSA key cannot work with SHA384 and SHA512
  - S7125442: jar application located in two bytes character named folder cannot be run with JRE 7 u1/u2
  - S7127906: (launcher) convert the launcher regression tests to java
  - S7141141: Add 3 new test scenarios for testing Main-Class attribute in jar manifest file
  - S7158988: jvm crashes while debugging on x86_32 and x86_64
  - S7189944: (launcher) test/tools/launcher/Arrrrghs.java needs a couple of minor fixes
  - S7193318: C2: remove number of inputs requirement from Node's new operator
  - S8002116: This JdbReadTwiceTest.sh gets an exit 1
  - S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
  - S8006935: Need to take care of long secret keys in HMAC/PRF compuation
  - S8023990: Regression: postscript size increase from 6u18
  - S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
  - S8028537: PPC64: Updated the JDK regression tests to run on AIX
  - S8036132: Tab characters in test/com/sun/jdi files
  - S8038963: com/sun/jdi tests fail because cygwin's ps sometimes misses processes
  - S8039921: SHA1WithDSA with key > 1024 bits not working
  - S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
  - S8059661: Test SoftReference and OOM behavior
  - S8067364: Printing to Postscript doesn't support dieresis
  - S8072753: Nondeterministic wrong answer on arithmetic
  - S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
  - S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
  - S8075584: test for 8067364 depends on hardwired text advance
  - S8087120: [GCC5] java.lang.StackOverflowError on Zero JVM initialization on non x86 platforms.
  - S8129952: Ensure thread consistency
  - S8132051: Better byte behavior
  - S8134297: NPE in GSSNameElement nameType check
  - S8134650: Xsl transformation gives different results in 8u66
  - S8138593: Make DSA more fair
  - S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
  - S8143002: [Parfait] JNI exception pending in fontpath.c:1300
  - S8143167: Better buffering of XML strings
  - S8144430: Improve JMX connections
  - S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
  - S8146494: Better ligature substitution
  - S8146498: Better device table adjustments
  - S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
  - S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
  - S8148446: (tz) Support tzdata2016a
  - S8148475: Missing SA Bytecode updates.
  - S8149170: Better byte behavior for native arguments
  - S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
  - S8150012: Better byte behavior for reflection
  - S8150790: 8u75 L10n resource file translation update
  - S8154210: Zero: Better byte behaviour
  - S8155261: Zero broken since HS23 update
  - S8155699: Resolve issues created by backports in OpenJDK 6 b39
  - S8155699: Resolve issues created by backports in OpenJDK 6 b39, part 2
  - S8155746: Sync Windows export list in make/java/jli/Makefile with make/java/jli/mapfile-vers

Webrevs for the new changes:
 
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/root/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/corba/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/jaxp/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/jaxws/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/hotspot/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/jdk/
http://cr.openjdk.java.net/~andrew/openjdk6/20160419/langtools/

Ok to push?

Thanks,
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

More information about the jdk6-dev mailing list