[PATCH] jdk7u101-b00 retro-active security patch review

Andrew Hughes gnu.andrew at redhat.com
Tue Apr 26 04:45:05 UTC 2016 

We have a new release of IcedTea (http://bitly.com/it20606) and a new OpenJDK
7 release, u101-b00, to go with it. This is made from the current state of the
OpenJDK 7u repositories plus backports of the new security fixes included in 8u91.

The tarball is available here:

https://java.net/projects/openjdk7/downloads/download/openjdk7u101-b00.tar.xz

SHA256 checksum:

e936c7aaece35d82edf9d0b8b98d84e690429421212b86689388ab1bd5db73cd  openjdk7u101-b00.tar.xz

Changes since u99-b00:

* Security fixes
  - S8129952, CVE-2016-0686: Ensure thread consistency
  - S8132051, CVE-2016-0687: Better byte behavior
  - S8138593, CVE-2016-0695: Make DSA more fair
  - S8139008: Better state table management
  - S8143167, CVE-2016-3425: Better buffering of XML strings
  - S8144430, CVE-2016-3427: Improve JMX connections
  - S8146494: Better ligature substitution
  - S8146498: Better device table adjustments
* Other changes
  - S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
  - S4963723: Implement SHA-224
  - S6414899: P11Digest should support cloning
  - S6956398: make ephemeral DH key match the length of the certificate key
  - S7044060: Need to support NSA Suite B Cryptography algorithms
  - S7127906: (launcher) convert the launcher regression tests to java
  - S8002116: This JdbReadTwiceTest.sh gets an exit 1
  - S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
  - S8006935: Need to take care of long secret keys in HMAC/PRF compuation
  - S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT explicitly turned on
  - S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
  - S8028537: PPC64: Updated the JDK regression tests to run on AIX
  - S8036132: Tab characters in test/com/sun/jdi files
  - S8038963: com/sun/jdi tests fail because cygwin's ps sometimes misses processes
  - S8039921: SHA1WithDSA with key > 1024 bits not working
  - S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
  - S8059661: Test SoftReference and OOM behavior
  - S8072753: Nondeterministic wrong answer on arithmetic
  - S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
  - S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
  - S8081475: SystemTap does not work when JDK is compiled with GCC 5
  - S8087120: [GCC5] java.lang.StackOverflowError on Zero JVM initialization on non x86 platforms.
  - S8134297: NPE in GSSNameElement nameType check
  - S8134650: Xsl transformation gives different results in 8u66
  - S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
  - S8143002: [Parfait] JNI exception pending in fontpath.c:1300
  - S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
  - S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
  - S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
  - S8148446: (tz) Support tzdata2016a
  - S8148475: Missing SA Bytecode updates.
  - S8148487: PPC64: Better byte behavior
  - S8149170: Better byte behavior for native arguments
  - S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
  - S8150012: Better byte behavior for reflection
  - S8150790: 8u75 L10n resource file translation update
  - S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
  - S8154210: Zero: Better byte behaviour
  - S8154413: AArch64: Better byte behaviour

Webrevs for the new changes:
 
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/root/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/corba/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/jaxp/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/jaxws/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/hotspot/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/jdk/
http://cr.openjdk.java.net/~andrew/openjdk7/20160419/langtools/

Once approved, I'll push these to the OpenJDK 7 repository.

Thanks,
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

More information about the jdk7u-dev mailing list