[PATCH] jdk7u181-b01 security patch review

Andrew Hughes gnu.andrew at redhat.com
Wed May 23 16:37:38 UTC 2018 

On 23 May 2018 at 07:00, Andrew Brygin <abrygin at azul.com> wrote:
> Hello Andrew,
>
> the changes look good to me.
>
> Thanks,
> Andrew
>
>> On May 10, 2018, at 6:41 AM, Andrew Hughes <gnu.andrew at redhat.com> wrote:
>>
>> 8u171 was released in mid-April and we've backported appropriate
>> changes to OpenJDK 7 to create OpenJDK 7 u181.
>>
>> The changes from u171-b02 to u181-b00 are as follows:
>>  - S7132338: Use @code friendly idiom for '\' in javadoc
>>  - S8001419: Build the JCE portion of JDK-8000970
>>  - S8019360: Cleanup of the javadoc <code> tag in java.security.*
>>  - S8020842: IDN do not throw IAE when hostname ends with a trailing dot
>>  - S8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java
>> fails
>>  - S8026982: javadoc errors in core libs
>>  - S8029020: Check src/share/native/java/util/zip code for JNI
>> pending exceptions
>>  - S8029475: Fix more doclint issues in javax.security
>>  - S8034031: [parfait] JNI exception pending in
>> jdk/src/macosx/native/apple/security/KeystoreImpl.m
>>  - S8054213: Class name repeated in output of Type.toString()
>>  - S8064524: Compiler code generation improvements
>>  - S8150530: Improve javax.crypto.BadPaddingException messages
>>  - S8153955: increase java.util.logging.FileHandler MAX_LOCKS limit
>>  - S8162488: JDK should be updated to use LittleCMS 2.8
>>  - S8169080: Improve documentation examples for crypto applications
>>  - S8175075: Add 3DES to the default disabled algorithm security property
>>  - S8179665: [Windows] java.awt.IllegalComponentStateException:
>> component must be showing on the screen to determine its location
>>  - S8180881: Better packaging of deserialization
>>  - S8182362: Update CipherOutputStream Usage
>>  - S8183032: Upgrade to LittleCMS 2.9
>>  - S8186032: Disable XML Signatures signed with EC keys less than 224 bits
>>  - S8187496: Possible memory leak in
>> java.apple.security.KeychainStore.addItemToKeychain
>>  - S8189789: tomcat gzip-compressed response bodies appear to be
>> broken in update 151
>>  - S8189969: Manifest better manifest entries
>>  - S8189977: Improve permission portability
>>  - S8189981: Improve queuing portability
>>  - S8189985: Improve tabular data portability
>>  - S8189989: Improve container portability
>>  - S8189993: Improve document portability
>>  - S8189997: Enhance keystore mechanisms
>>  - S8190478: Improved interface method selection
>>  - S8190877: Better handling of abstract classes
>>  - S8191358: Restore TSA certificate expiration check
>>  - S8191696: Better mouse positioning
>>  - S8191909: Nightly failures in nashorn suite
>>  - S8192025: Less referential references
>>  - S8192030: Better MTSchema support
>>  - S8192757: Improve stub classes implementation
>>  - S8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile
>>  - S8193409: Improve AES supporting classes
>>  - S8193414: Improvements in MethodType lookups
>>  - S8193833: Better RMI connection support
>>  - S8194259: keytool error: java.io.IOException: Invalid secret key format
>>  - S8198494: 8u171 and 8u172 - Build failure on non-SE Linux Platforms
>>  - S8198963: Fix new rmi property name
>>  - S8200760: java.security-linux was missed in backport of JDK-8160104
>>
>> The changes from u181-b00 to u181-b01 are as follows:
>>  - S8189123: More consistent classloading
>>  - S8200314: JDK 8u171 l10n resource file update - msg drop 40
>>  - S8202850: Fix for 8189123 doesn't include precompiled header
>>
>> Webrevs for the new changes:
>>
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/root/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/corba/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/jaxp/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/jaxws/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/hotspot/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/jdk/
>> http://cr.openjdk.java.net/~andrew/openjdk7/20180417/langtools/
>>
>> Ok to push?
>>
>> Thanks,
>> --
>> Andrew :)
>>
>> Senior Free Java Software Engineer
>> Red Hat, Inc. (http://www.redhat.com)
>>
>> Web Site: http://fuseyism.com
>> Twitter: https://twitter.com/gnu_andrew_java
>> PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
>> Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222
>

Thanks. Pushing.
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Web Site: http://fuseyism.com
Twitter: https://twitter.com/gnu_andrew_java
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

More information about the jdk7u-dev mailing list