[PATCH] jdk7u201-b00 security patch review
Martin Balao
mbalao at redhat.com
Thu Nov 1 16:35:31 UTC 2018
Hi,
I'm not an official reviewer but have had a look at the following critical
backports and are fine to me:
* 8194534 / 8208754
* 8194546
* 8195868
* 8195874 / 8211731
* 8196897
* 8196902
* 8199177
* 8199226
* 8201756
* 8202613
* 8203654
* 8204497
* 8205361
Kind regards,
Martin.-
On Wed, Oct 31, 2018 at 3:40 PM, Andrew Hughes <gnu.andrew at redhat.com>
wrote:
> 8u191 was released recently & we've backported appropriate
> changes to OpenJDK 7 to create OpenJDK 7 u201.
>
> The changes from u191-b02 to u201-b00 are as follows:
> - S7058700: Unexpected exceptions and timeouts in SF2 parser code
> - S7098755: test/sun/misc/JarIndex/metaInfFilenames/Basic.java
> should use supported compiler interface
> - S7104650: rawtype warnings in several net, nio and security source
> files
> - S7116722: Miscellaneous warnings sun.misc ( and related classes )
> - S7117249: fix warnings in java.util.jar, .logging, .prefs, .zip
> - S7142888: sun/security/tools/jarsigner/ec.sh fail on sparc
> - S8044860: Vectors and fixed length fields should be verified for
> allowed sizes.
> - S8049834: Two security tools tests do not run with only JRE
> - S8054431: Some of the input validation in the javasound is too strict
> - S8074462: Handshake messages can be strictly ordered
> - S8130132: jarsigner should emit warning if weak algorithms or
> keysizes are used
> - S8142927: Feed some text to STDIN in ProcessTools.executeProcess()
> - S8146377: test/sun/security/tools/jarsigner/concise_jarsigner.sh
> failing
> - S8158887: sun/security/tools/jarsigner/concise_jarsigner.sh timed out
> - S8164480: Crash with assert(handler_address ==
> SharedRuntime::compute_compiled_exc_handler(..) failed: Must be the
> same
> - S8168405: Pending exceptions in java.base/windows/native
> - S8172529: Use PKIXValidator in jarsigner
> - S8180289: jarsigner treats timestamped signed jar invalid after
> the signer cert expires
> - S8190674: sun/security/tools/jarsigner/TimestampCheck.java failed
> with java.nio.file.NoSuchFileException: ts2.cert
> - S8193892: Impact of noncloneable MessageDigest implementation
> - S8194534: Manifest better support
> - S8194546: Choosier FileManagers
> - S8195868: Address Internet Addresses
> - S8195874: Improve jar specification adherence
> - S8196897: Improve PRNG support
> - S8196902: Better HTTP redirection support
> - S8199177: Enhance JNDI lookups
> - S8199226: Improve field accesses
> - S8201756: Improve cipher inputs
> - S8202613: Improve TLS connections stability
> - S8203654: Improve cypher state updates
> - S8204497: Better formatting of decimals
> - S8204667: Resources not freed on exception
> - S8205361: Better RIFF reading support
> - S8207336: Build failure in JDK8u on Windows after fix 8207260
> - S8208350: Disable all DES cipher suites
> - S8208353: Upgrade JDK 8u to libpng 1.6.35
> - S8208660: JDK 8u191 l10n resource file update
> - S8208754: The fix for JDK-8194534 needs updates
> - S8211107: LDAPS communication failure with jdk 1.8.0_181
> - S8211731: Reconsider default option for ClassPathURLCheck change
> done in JDK-8195874
>
> Webrevs for the new changes:
>
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/root/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/corba/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jaxp/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jaxws/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/hotspot/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jdk/
> http://cr.openjdk.java.net/~andrew/openjdk7/20181016/langtools/
>
> Ok to push?
>
> Thanks,
> --
> Andrew :)
>
> Senior Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
>
> Web Site: http://fuseyism.com
> Twitter: https://twitter.com/gnu_andrew_java
> PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
> Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
>
More information about the jdk7u-dev
mailing list