[PATCH] jdk7u201-b00 security patch review

Wed Oct 31 18:40:12 UTC 2018

8u191 was released recently & we've backported appropriate
changes to OpenJDK 7 to create OpenJDK 7 u201.

The changes from u191-b02 to u201-b00 are as follows:
  - S7058700: Unexpected exceptions and timeouts in SF2 parser code
  - S7098755: test/sun/misc/JarIndex/metaInfFilenames/Basic.java
should use supported compiler interface
  - S7104650: rawtype warnings in several net, nio and security source files
  - S7116722: Miscellaneous warnings sun.misc ( and related classes )
  - S7117249: fix warnings in java.util.jar, .logging, .prefs, .zip
  - S7142888: sun/security/tools/jarsigner/ec.sh fail on sparc
  - S8044860: Vectors and fixed length fields should be verified for
allowed sizes.
  - S8049834: Two security tools tests do not run with only JRE
  - S8054431: Some of the input validation in the javasound is too strict
  - S8074462: Handshake messages can be strictly ordered
  - S8130132: jarsigner should emit warning if weak algorithms or
keysizes are used
  - S8142927: Feed some text to STDIN in ProcessTools.executeProcess()
  - S8146377: test/sun/security/tools/jarsigner/concise_jarsigner.sh failing
  - S8158887: sun/security/tools/jarsigner/concise_jarsigner.sh timed out
  - S8164480: Crash with assert(handler_address ==
SharedRuntime::compute_compiled_exc_handler(..) failed: Must be the
same
  - S8168405: Pending exceptions in java.base/windows/native
  - S8172529: Use PKIXValidator in jarsigner
  - S8180289: jarsigner treats timestamped signed jar invalid after
the signer cert expires
  - S8190674: sun/security/tools/jarsigner/TimestampCheck.java failed
with java.nio.file.NoSuchFileException: ts2.cert
  - S8193892: Impact of noncloneable MessageDigest implementation
  - S8194534: Manifest better support
  - S8194546: Choosier FileManagers
  - S8195868: Address Internet Addresses
  - S8195874: Improve jar specification adherence
  - S8196897: Improve PRNG support
  - S8196902: Better HTTP redirection support
  - S8199177: Enhance JNDI lookups
  - S8199226: Improve field accesses
  - S8201756: Improve cipher inputs
  - S8202613: Improve TLS connections stability
  - S8203654: Improve cypher state updates
  - S8204497: Better formatting of decimals
  - S8204667: Resources not freed on exception
  - S8205361: Better RIFF reading support
  - S8207336: Build failure in JDK8u on Windows after fix 8207260
  - S8208350: Disable all DES cipher suites
  - S8208353: Upgrade JDK 8u to libpng 1.6.35
  - S8208660: JDK 8u191 l10n resource file update
  - S8208754: The fix for JDK-8194534 needs updates
  - S8211107: LDAPS communication failure with jdk 1.8.0_181
  - S8211731: Reconsider default option for ClassPathURLCheck change
done in JDK-8195874

Webrevs for the new changes:

http://cr.openjdk.java.net/~andrew/openjdk7/20181016/root/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/corba/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jaxp/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jaxws/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/hotspot/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/jdk/
http://cr.openjdk.java.net/~andrew/openjdk7/20181016/langtools/

Ok to push?

Thanks,
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Web Site: http://fuseyism.com
Twitter: https://twitter.com/gnu_andrew_java
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222