From 411aa8b88c1b108e40b7abf0b9d78838f6abb885 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jul 16 2020 08:26:07 +0000 Subject: import java-11-openjdk-11.0.8.10-0.el8_2 --- diff --git a/.gitignore b/.gitignore index 3ca8fbe..b705f93 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz +SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.8+10-4curve.tar.xz SOURCES/tapsets-icedtea-3.15.0.tar.xz diff --git a/.java-11-openjdk.metadata b/.java-11-openjdk.metadata index a477770..6163a15 100644 --- a/.java-11-openjdk.metadata +++ b/.java-11-openjdk.metadata @@ -1,2 +1,2 @@ -770fb5e2a0c18da9239ffdd4d0511fb0f5a6a2b6 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz +96b0432148cbf9743ef57d6645600dbcc5c25bb0 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.8+10-4curve.tar.xz 7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz diff --git a/SOURCES/NEWS b/SOURCES/NEWS new file mode 100644 index 0000000..426a78c --- /dev/null +++ b/SOURCES/NEWS @@ -0,0 +1,749 @@ +Key: + +JDK-X - https://bugs.openjdk.java.net/browse/JDK-X +CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY + +New in release OpenJDK 11.0.8 (2020-07-14): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/oj1108 + * https://builds.shipilev.net/backports-monitor/release-notes-11.0.8.txt + +* Security fixes + - JDK-8230613: Better ASCII conversions + - JDK-8231800: Better listing of arrays + - JDK-8232014: Expand DTD support + - JDK-8233234: Better Zip Naming + - JDK-8233239, CVE-2020-14562: Enhance TIFF support + - JDK-8233255: Better Swing Buttons + - JDK-8234032: Improve basic calendar services + - JDK-8234042: Better factory production of certificates + - JDK-8234418: Better parsing with CertificateFactory + - JDK-8234836: Improve serialization handling + - JDK-8236191: Enhance OID processing + - JDK-8236867, CVE-2020-14573: Enhance Graal interface handling + - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior + - JDK-8237592, CVE-2020-14577: Enhance certificate verification + - JDK-8238002, CVE-2020-14581: Better matrix operations + - JDK-8238013: Enhance String writing + - JDK-8238804: Enhance key handling process + - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable + - JDK-8238843: Enhanced font handing + - JDK-8238920, CVE-2020-14583: Better Buffer support + - JDK-8238925: Enhance WAV file playback + - JDK-8240119, CVE-2020-14593: Less Affine Transformations + - JDK-8240482: Improved WAV file playback + - JDK-8241379: Update JCEKS support + - JDK-8241522: Manifest improved jar headers redux + - JDK-8242136, CVE-2020-14621: Better XML namespace handling +* Other changes + - JDK-6933331: (d3d/ogl) java.lang.IllegalStateException: Buffers have not been created + - JDK-7124307: JSpinner and changing value by mouse + - JDK-8022574: remove HaltNode code after uncommon trap calls + - JDK-8039082: [TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java fails + - JDK-8040630: Popup menus and tooltips flicker with previous popup contents when first shown + - JDK-8044365: (dc) MulticastSendReceiveTests.java failing with ENOMEM when joining group (OS X 10.9) + - JDK-8048215: [TESTBUG] java/lang/management/ManagementFactory/ThreadMXBeanProxy.java Expected non-null LockInfo + - JDK-8051349: nsk/jvmti/scenarios/sampling/SP06/sp06t003 fails in nightly + - JDK-8080353: JShell: Better error message on attempting to add default method + - JDK-8139876: Exclude hanging nsk/stress/stack from execution with deoptimization enabled + - JDK-8146090: java/lang/ref/ReachabilityFenceTest.java fails with -XX:+DeoptimizeALot + - JDK-8153430: jdk regression test MletParserLocaleTest, ParserInfiniteLoopTest reduce default timeout + - JDK-8156207: Resource allocated BitMaps are often cleared unnecessarily + - JDK-8159740: JShell: corralled declarations do not have correct source to wrapper mapping + - JDK-8175984: ICC_Profile has un-needed, not-empty finalize method + - JDK-8176359: Frame#setMaximizedbounds not working properly in multi screen environments + - JDK-8183369: RFC unconformity of HttpURLConnection with proxy + - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT + - JDK-8191169: java/net/Authenticator/B4769350.java failed intermittently + - JDK-8191930: [Graal] emits unparseable XML into compile log + - JDK-8193879: Java debugger hangs on method invocation + - JDK-8196019: java/awt/Window/Grab/GrabTest.java fails on Windows + - JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails + - JDK-8198000: java/awt/List/EmptyListEventTest/EmptyListEventTest.java debug assert on Windows + - JDK-8198001: java/awt/Menu/WrongParentAfterRemoveMenu/WrongParentAfterRemoveMenu.java debug assert on Windows + - JDK-8198339: Test javax/swing/border/Test6981576.java is unstable + - JDK-8200701: jdk/jshell/ExceptionsTest.java fails on Windows, after JDK-8198801 + - JDK-8203264: JNI exception pending in PlainDatagramSocketImpl.c:740 + - JDK-8203672: JNI exception pending in PlainSocketImpl.c + - JDK-8203673: JNI exception pending in DualStackPlainDatagramSocketImpl.c:398 + - JDK-8204834: Fix confusing "allocate" naming in OopStorage + - JDK-8205399: Set node color on pinned HashMap.TreeNode deletion + - JDK-8205653: test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java and RmiSslBootstrapTest.sh fail with handshake_failure + - JDK-8206179: com/sun/management/OperatingSystemMXBean/GetCommittedVirtualMemorySize.java fails with Committed virtual memory size illegal value + - JDK-8207334: VM times out in VM_HandshakeAllThreads::doit() with RunThese30M + - JDK-8208277: Code cache heap (-XX:ReservedCodeCacheSize) doesn't work with 1GB LargePages + - JDK-8209113: Use WeakReference for lastFontStrike for created Fonts + - JDK-8209333: Socket reset issue for TLS 1.3 socket close + - JDK-8209439: C2 library_call can potentially ignore Math.pow intrinsic or use null pointer + - JDK-8209534: [TESTBUG]runtime/appcds/cacheObject/ArchivedModuleCompareTest.java fails with EnableJVMCI. + - JDK-8210147: adjust some WSAGetLastError usages in windows network coding + - JDK-8210284: "assert((av & 0x00000001) == 0) failed: unsupported V8" on Solaris 11.4 + - JDK-8210303: VM_HandshakeAllThreads fails assert with "failed: blocked and not walkable" + - JDK-8210515: [TESTBUG]CheckArchivedModuleApp.java needs to check if EnableJVMCI is set. + - JDK-8210788: Javadoc for Thread.join(long, int) should specify that it waits forever when both arguments are zero + - JDK-8211301: [macos] support full window content options + - JDK-8211332: Space for stub routines (code_size2) is too small on new Skylake CPUs + - JDK-8211339: NPE during SSL handshake caused by HostnameChecker + - JDK-8211392: compiler/profiling/spectrapredefineclass_classloaders/Launcher.java times out in JDK12 CI + - JDK-8211743: [AOT] crash in ScopeDesc::decode_body() when JVMTI walks AOT frames + - JDK-8212154: [TESTBUG] CheckArchivedModuleApp fails with NPE when JVMCI is absent + - JDK-8212167: JShell : Stack trace of exception has wrong line number + - JDK-8212933: Thread-SMR: requesting a VM operation whilst holding a ThreadsListHandle can cause deadlocks + - JDK-8212986: Make Visual Studio compiler check less strict + - JDK-8213250: CDS archive creation aborts due to metaspace object allocation failure + - JDK-8213516: jck test api/javax_accessibility/AccessibleState/fields.html fails intermittent + - JDK-8213947: ARM32: failed check_simd should set UsePopCountInstruction to false + - JDK-8214418: half-closed SSLEngine status may cause application dead loop + - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate" + - JDK-8214444: Wrong strncat limits in dfa.cpp + - JDK-8214481: freetype path does not disable TrueType hinting with AA+FM hints + - JDK-8214571: -Xdoclint of array serialField gives "error: array type not allowed here" + - JDK-8214856: Errors with JSZip in web console after upgrade to 3.1.5 + - JDK-8214862: assert(proj != __null) at compile.cpp:3251 + - JDK-8215369: Jcstress pollute /var/tmp with temporary files. + - JDK-8215551: Missing case label in nmethod::reloc_string_for() + - JDK-8215555: TieredCompilation C2 threads can excessively block handshakes + - JDK-8215711: Missing key_share extension for (EC)DHE key exchange should alert missing_extension + - JDK-8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug + - JDK-8216154: C4819 warnings at HotSpot sources on Windows + - JDK-8216541: CompiledICHolders of VM locked unloaded nmethods are released too late + - JDK-8217230: assert(t == t_no_spec) failure in NodeHash::check_no_speculative_types() + - JDK-8217404: --with-jvm-features doesn't work when multiple features are explicitly disabled + - JDK-8217447: Develop flag TraceICs is broken + - JDK-8217606: LdapContext#reconnect always opens a new connection + - JDK-8218807: Compilation database (compile_commands.json) may contain obsolete items + - JDK-8219214: Infinite Loop in CodeSection::dump() + - JDK-8219904: ClassCastException when calling FlightRecorderMXBean#getRecordings() + - JDK-8219991: New fix of the deadlock in sun.security.ssl.SSLSocketImpl + - JDK-8221121: applications/microbenchmarks are encountering crashes in tier5 + - JDK-8221445: FastSysexMessage constructor crashes MIDI receiption thread + - JDK-8221482: Initialize VMRegImpl::regName[] earlier to prevent assert during PrintStubCode + - JDK-8221741: ClassCastException can happen when fontconfig.properties is used + - JDK-8221823: Requested JDialog width is ignored + - JDK-8223108: Test java/awt/EventQueue/NonComponentSourcePost.java is unstable + - JDK-8223935: PIT: java/awt/font/WindowsIndicFonts.java fails on windows10 + - JDK-8224109: Text spaced incorrectly by drawString under rotation with fractional metric + - JDK-8224632: testbug: java/awt/dnd/RemoveDropTargetCrashTest/RemoveDropTargetCrashTest.java fails on MacOS + - JDK-8224793: os::die() does not honor CreateCoredumpOnCrash option + - JDK-8224847: gc/stress/TestReclaimStringsLeaksMemory.java fails with reserved greater than expected + - JDK-8224931: disable JAOTC invokedynamic support until 8223533 is fixed + - JDK-8224997: ChaCha20-Poly1305 TLS cipher suite decryption throws ShortBufferException + - JDK-8225068: Remove DocuSign root certificate that is expiring in May 2020 + - JDK-8225069: Remove Comodo root certificate that is expiring in May 2020 + - JDK-8225126: Test SetBoundsPaintTest.html faild on Windows when desktop is scaled + - JDK-8225325: Add tests for redefining a class' private method during resolution of the bootstrap specifier + - JDK-8225622: [AOT] runtime/SharedArchiveFile/TestInterpreterMethodEntries.java crashed with AOTed java.base + - JDK-8225653: Provide more information when hitting SIGILL from HaltNode + - JDK-8225783: Incorrect use of binary operators on booleans in type.cpp + - JDK-8225789: Empty method parameter type should generate ClassFormatError + - JDK-8226198: use of & instead of && in LibraryCallKit::arraycopy_restore_alloc_state + - JDK-8226253: JAWS reports wrong number of radio buttons when buttons are hidden. + - JDK-8226653: [accessibility] Can edit text cell correctly, but Accessibility Tool reads nothing about editor + - JDK-8226806: [macOS 10.14] Methods of Java Robot should be called from appropriate thread + - JDK-8226879: Memory leak in Type::hashcons + - JDK-8227632: Incorrect PrintCompilation message: made not compilable on levels 0 1 2 3 4 + - JDK-8228407: JVM crashes with shared archive file mismatch + - JDK-8228482: fix xlc16/xlclang comparison of distinct pointer types and string literal conversion warnings + - JDK-8228757: Fail fast if the handshake type is unknown + - JDK-8229158: make UseSwitchProfiling non-experimental or false by-default + - JDK-8229421: The logic of java/net/ipv6tests/TcpTest.java is flawed + - JDK-8229855: C2 fails with assert(false) failed: bad AD file + - JDK-8230591: AArch64: Missing intrinsics for Math.ceil, floor, rint + - JDK-8231118: ARM32: Math tests failures + - JDK-8231213: Migrate SimpleDateFormatConstTest to JDK Repo + - JDK-8231243: [TESTBUG] CustomFont.java cannot find font file + - JDK-8231438: [macOS] Dark mode for the desktop is not supported + - JDK-8231550: C2: ShouldNotReachHere() in verify_strip_mined_scheduling + - JDK-8231564: setMaximizedBounds is broken with large display scale and multiple monitors + - JDK-8231572: Use -lobjc instead of -fobjc-link-runtime in libosxsecurity + - JDK-8231631: sun/net/ftp/FtpURLConnectionLeak.java fails intermittently with NPE + - JDK-8231671: Fix copyright headers in hotspot (missing comma after year) + - JDK-8231720: Some perf regressions after 8225653 + - JDK-8231779: crash HeapWord*ParallelScavengeHeap::failed_mem_allocate + - JDK-8231863: Crash if classpath is read from @argument file and the main gets option argument + - JDK-8232080: jlink plugins for vendor information and run-time options + - JDK-8232106: [x86] C2: SIGILL due to usage of SSSE3 instructions on processors which don't support it + - JDK-8232134: Change to Visual Studio 2017 15.9.16 for building on Windows at Oracle + - JDK-8232226: [macos 10.15] test/jdk/java/awt/color/EqualityTest/EqualityTest.java may fail + - JDK-8232357: Compare version info of Santuario to legal notice + - JDK-8232572: Add hooks for custom output dir in Bundles.gmk + - JDK-8232634: Problem List ICMColorDataTest.java + - JDK-8232748: Build static versions of certain JDK libraries + - JDK-8232846: ProcessHandle.Info command with non-English shows question marks + - JDK-8233033: C2 produces wrong result while unswitching a loop due to lost control dependencies + - JDK-8233137: runtime/ErrorHandling/VeryEarlyAssertTest.java fails after 8232080 + - JDK-8233197: Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing + - JDK-8233291: [TESTBUG] tools/jlink/plugins/VendorInfoPluginsTest.java fails with debug or non-server VMs + - JDK-8233364: Fix undefined behavior in Canonicalizer::do_ShiftOp + - JDK-8233573: Toolkit.getScreenInsets(GraphicsConfiguration) may throw ClassCastException + - JDK-8233608: Minimal build broken after JDK-8233494 + - JDK-8233621: Mismatch in jsse.enableMFLNExtension property name + - JDK-8233696: [TESTBUG]Some jtreg tests fail when CAPS_LOCK is ON + - JDK-8233707: systemScale.cpp could not compile with VS2019 + - JDK-8233801: GCMEmptyIv.java test fails on Solaris 11.4 + - JDK-8233880: Support compilers with multi-digit major version numbers + - JDK-8233920: MethodHandles::tryFinally generates illegal bytecode for long/double return type + - JDK-8234137: The "AutoTestOnTop.java" test may run external applications + - JDK-8234146: compiler/jsr292/ContinuousCallSiteTargetChange.java times out on SPARC + - JDK-8234184: [TESTBUG] java/awt/Mouse/EnterExitEvents/ModalDialogEnterExitEventsTest.java fails in Windows + - JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect numbers for Compiler area + - JDK-8234332: [TESTBUG] java/awt/Focus/DisposedWindow/DisposeDialogNotActivateOwnerTest/DisposeDialogNotActivateOwnerTest.java fails on linux-x64 nightly + - JDK-8234398: Replace ID2D1Factory::GetDesktopDpi with GetDeviceCaps + - JDK-8234522: [macos] Crash with use of native file dialog + - JDK-8234691: Potential double-free in ParallelSPCleanupTask constructor + - JDK-8234696: tools/jlink/plugins/VendorInfoPluginsTest.java times out + - JDK-8234727: sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3 + - JDK-8234728: Some security tests should support TLSv1.3 + - JDK-8234779: Provide idiom for declaring classes noncopyable + - JDK-8234968: check calloc rv in libinstrument InvocationAdapter + - JDK-8235153: [TESTBUG] [macos 10.15] java/awt/Graphics/DrawImageBG/SystemBgColorTest.java fails + - JDK-8235183: Remove the "HACK CODE" in comment + - JDK-8235263: Revert TLS 1.3 change that wrapped IOExceptions + - JDK-8235311: Tag mismatch may alert bad_record_mac + - JDK-8235332: TestInstanceCloneAsLoadsStores.java fails with -XX:+StressGCM + - JDK-8235452: Strip mined loop verification fails with assert(is_OuterStripMinedLoop()) failed: invalid node class + - JDK-8235584: UseProfiledLoopPredicate fails with assert(_phase->get_loop(c) == loop) failed: have to be in the same loop + - JDK-8235620: Broken merge between JDK-8006406 and JDK-8003559 + - JDK-8235638: NPE in LWWindowPeer.getOnscreenGraphics() + - JDK-8235686: Add more custom hooks in Bundles.gmk + - JDK-8235739: Rare NPE at WComponentPeer.getGraphics() + - JDK-8235762: JVM crash in SWPointer during C2 compilation + - JDK-8235834: IBM-943 charset encoder needs updating + - JDK-8235874: The ordering of Cipher Suites is not maintained provided through jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system property. + - JDK-8235908: omit ThreadPriorityPolicy warning when value is set from image + - JDK-8235984: C2: assert(out->in(PhiNode::Region) == head || out->in(PhiNode::Region) == slow_head) failed: phi must be either part of the slow or the fast loop + - JDK-8236211: [Graal] compiler/graalunit/GraphTest.java is skipped in all testing + - JDK-8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId + - JDK-8236545: Compilation error in mach5 java/awt/FileDialog/MacOSGoToFolderCrash.java + - JDK-8236700: Upgrading JSZip from v3.1.5 to v3.2.2 + - JDK-8236759: ShouldNotReachHere in PhaseIdealLoop::verify_strip_mined_scheduling + - JDK-8236897: Fix the copyright header for pkcs11gcm2.h + - JDK-8236921: Add build target to produce a JDK image suitable for a Graal/SVM build + - JDK-8236953: [macos] JavaFX SwingNode is not rendered on macOS + - JDK-8236996: Incorrect Roboto font rendering on Windows with subpixel antialiasing + - JDK-8237045: JVM uses excessive memory with -XX:+EnableJVMCI -XX:JVMCICounterSize=2147483648 + - JDK-8237055: [TESTBUG] compiler/c2/TestJumpTable.java fails with release VMs + - JDK-8237086: assert(is_MachReturn()) running CTW with fix for JDK-8231291 + - JDK-8237192: Generate stripped/public pdbs on Windows for jdk images + - JDK-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers + - JDK-8237474: Default SSLEngine should create in server role + - JDK-8237859: C2: Crash when loads float above range check + - JDK-8237951: CTW: C2 compilation fails with "malformed control flow" + - JDK-8237962: give better error output for invalid OCSP response intervals in CertPathValidator checks + - JDK-8238190: [JVMCI] Fix single implementor speculation for diamond shapes. + - JDK-8238356: CodeHeap::blob_count() overestimates the number of blobs + - JDK-8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01 + - JDK-8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB + - JDK-8238575: DragSourceEvent.getLocation() returns wrong value on HiDPI screens (Windows) + - JDK-8238676: jni crashes on accessing it from process exit hook + - JDK-8238721: Add failing client jtreg tests to the Problem List + - JDK-8238738: AudioSystem.getMixerInfo() takes about 30 sec to report a gone audio device + - JDK-8238756: C2: assert(((n) == __null || !VerifyIterativeGVN || !((n)->is_dead()))) failed: can not use dead node + - JDK-8238765: PhaseCFG::schedule_pinned_nodes cannot handle precedence edges from unmatched CFG nodes correctly + - JDK-8238898: Missing hash characters for header on license file + - JDK-8238942: Rendering artifacts with LCD text and fractional metrics + - JDK-8238985: [TESTBUG] The arrow image is blue instead of green + - JDK-8239000: handle ContendedPaddingWidth in vm_version_ppc + - JDK-8239055: Wrong implementation of VMState.hasListener + - JDK-8239091: Reversed arguments in call to strstr in freetype "debug" code. + - JDK-8239142: C2's UseUniqueSubclasses optimization is broken for array accesses + - JDK-8239224: libproc_impl.c previous_thr may be used uninitialized warning + - JDK-8239351: Give more meaningful InternalError messages in Deflater.c + - JDK-8239365: ProcessBuilder test modifications for AIX execution + - JDK-8239456: vtable stub generation: assert failure (code size estimate) + - JDK-8239457: call ReleaseStringUTFChars before early returns in Java_sun_security_pkcs11_wrapper_PKCS11_connect + - JDK-8239462: jdk.hotspot.agent misses some ReleaseStringUTFChars calls in case of early returns + - JDK-8239557: [TESTBUG] VeryEarlyAssertTest.java validating "END." marker at lastline is not always true + - JDK-8239787: AArch64: String.indexOf may incorrectly handle empty strings + - JDK-8239792: Bump update version for OpenJDK: jdk-11.0.8 + - JDK-8239798: SSLSocket closes socket both socket endpoints on a SocketTimeoutException + - JDK-8239819: XToolkit: Misread of screen information memory + - JDK-8239852: java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed + - JDK-8239893: Windows handle Leak when starting processes using ProcessBuilder + - JDK-8239915: Zero VM crashes when handling dynamic constant + - JDK-8239931: [win][x86] vtable stub generation: assert failure (code size estimate) follow-up + - JDK-8239976: Put JDK-8239965 on the ProblemList.txt + - JDK-8240073: Fix 'test-make' build target in 11u + - JDK-8240197: Cannot start JVM when $JAVA_HOME includes CJK characters + - JDK-8240202: A few client tests leave mouse buttons pressed + - JDK-8240220: IdealLoopTree::dump_head predicate printing is broken + - JDK-8240223: Use consistent predicate order in and with PhaseIdealLoop::find_predicate + - JDK-8240227: Loop predicates should be copied to unswitched loops + - JDK-8240286: [TESTBUG] Test command error in hotspot/jtreg/compiler/loopopts/superword/SumRedAbsNeg_Float.java + - JDK-8240518: Incorrect JNU_ReleaseStringPlatformChars in Windows Print + - JDK-8240529: CheckUnhandledOops breaks NULL check in Modules::define_module + - JDK-8240576: JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges + - JDK-8240603: Windows 32bit compile error after 8238676 + - JDK-8240629: argfiles parsing broken for argfiles with comment cross 4096 bytes chunk + - JDK-8240711: TestJstatdPort.java failed due to "ExportException: Port already in use:" + - JDK-8240786: [TESTBUG] The test java/awt/Window/GetScreenLocation/GetScreenLocationTest.java fails on HiDPI screen + - JDK-8240824: enhance print_full_memory_info on Linux by THP related information + - JDK-8240827: Downport SSLSocketImpl.java from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE" + - JDK-8240905: assert(mem == (Node*)1 || mem == mem2) failed: multiple Memories being matched at once? + - JDK-8240972: macOS codesign fail on macOS 10.13.5 or older + - JDK-8241445: Fix copyright in test/jdk/tools/launcher/ArgFileSyntax.java + - JDK-8241458: [JVMCI] add mark value to expose CodeOffsets::Frame_Complete + - JDK-8241464: [11u] Backport: make rehashing be a needed guaranteed safepoint cleanup action + - JDK-8241556: Memory leak if -XX:CompileCommand is set + - JDK-8241568: (fs) UserPrincipalLookupService.lookupXXX failure with IOE "Operation not permitted" + - JDK-8241586: compiler/cpuflags/TestAESIntrinsicsOnUnsupportedConfig.java fails on aarch64 + - JDK-8241638: launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set + - JDK-8241660: Add virtualization information output to hs_err file on macOS + - JDK-8241808: [TESTBUG] The JDK-8039467 bug appeared on macOS + - JDK-8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one + - JDK-8241900: Loop unswitching may cause dependence on null check to be lost + - JDK-8241948: enhance list of environment variables printed in hs_err file + - JDK-8241996: on linux set full relro in the linker flags + - JDK-8242108: Performance regression after fix for JDK-8229496 + - JDK-8242141: New System Properties to configure the TLS signature schemes + - JDK-8242154: Backport parts of JDK-4947890 to OpenJDK 11u + - JDK-8242174: [macos] The NestedModelessDialogTest test make the macOS unstable + - JDK-8242239: [Graal] javax/management/generified/GenericTest.java fails: FAILED: queryMBeans sets same + - JDK-8242294: JSSE Client does not throw SSLException when an alert occurs during handshaking + - JDK-8242379: [TESTBUG] compiler/loopopts/TestLoopUnswitchingLostCastDependency.java fails with release VMs + - JDK-8242470: Update Xerces to Version 2.12.1 + - JDK-8242498: Invalid "sun.awt.TimedWindowEvent" object leads to JVM crash + - JDK-8242541: Small charset issues (ISO8859-16, x-eucJP-Open, x-IBM834 and x-IBM949C) + - JDK-8242626: enhance posix print_rlimit_info + - JDK-8243059: Build fails when --with-vendor-name contains a comma + - JDK-8243539: Copyright info (Year) should be updated for fix of 8241638 + - JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a + - JDK-8244407: JVM crashes after transformation in C2 IdealLoopTree::split_fall_in + - JDK-8244520: problemlist java/awt/font/Rotate/RotatedFontTest.java on linux + - JDK-8244777: ClassLoaderStats VM Op uses constant hash value + - JDK-8244853: The static build of libextnet is missing the JNI_OnLoad_extnet function + - JDK-8244951: Missing entitlements for hardened runtime + - JDK-8245047: [PPC64] C2: ReverseBytes + Load always match to unordered Load (acquire semantics missing) + - JDK-8245649: Revert 8245397 backport of 8230591 + - JDK-8246031: SSLSocket.getSession() doesn't close connection for timeout/ interrupts + - JDK-8246613: Choose the default SecureRandom algo based on registration ordering + - JDK-8248505: Unexpected NoSuchAlgorithmException when using secure random impl from BCFIPS provider + +Notes on individual issues: +=========================== + +security-libs/java.security: + +JDK-8244167: Removal of Comodo Root CA Certificate +================================================== +The following expired Comodo root CA certificate was removed from the `cacerts` keystore: + +alias name "addtrustclass1ca [jdk]" + +Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE + +JDK-8244166: Removal of DocuSign Root CA Certificate +==================================================== +The following expired DocuSign root CA certificate was removed from the `cacerts` keystore: + +alias name "keynectisrootca [jdk]" + +Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR + +security-libs/javax.crypto:pkcs11: + +JDK-8240191: Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database +============================================================================================================================ +The SunPKCS11 security provider can now be initialized with NSS when +FIPS-enabled external modules are configured in the Security Modules +Database (NSSDB). Prior to this change, the SunPKCS11 provider would +throw a RuntimeException with the message: "FIPS flag set for +non-internal module" when such a library was configured for NSS in +non-FIPS mode. + +This change allows the JDK to work properly with recent NSS releases +in GNU/Linux operating systems when the system-wide FIPS policy is +turned on. + +Further information can be found in JDK-8238555. + +security-libs/javax.net.ssl: + +JDK-8245077: Default SSLEngine Should Create in Server Role +=========================================================== +In JDK 11 and later, `javax.net.ssl.SSLEngine` by default used client +mode when handshaking. As a result, the set of default enabled +protocols may differ to what is expected. `SSLEngine` would usually be +used in server mode. From this JDK release onwards, `SSLEngine` will +default to server mode. The +`javax.net.ssl.SSLEngine.setUseClientMode(boolean mode)` method may +be used to configure the mode. + +JDK-8242147: New System Properties to Configure the TLS Signature Schemes +========================================================================= + +Two new System Properties are added to customize the TLS signature +schemes in JDK. `jdk.tls.client.SignatureSchemes` is added for TLS +client side, and `jdk.tls.server.SignatureSchemes` is added for server +side. + +Each System Property contains a comma-separated list of supported +signature scheme names specifying the signature schemes that could be +used for the TLS connections. + +The names are described in the "Signature Schemes" section of the +*Java Security Standard Algorithm Names Specification*. + +New in release OpenJDK 11.0.7 (2020-04-14): +=========================================== +Live versions of these release notes can be found at: + * https://bitly.com/oj1107 + * https://builds.shipilev.net/backports-monitor/release-notes-11.0.7.txt + +* Security fixes + - JDK-8223898, CVE-2020-2754: Forward references to Nashorn + - JDK-8223904, CVE-2020-2755: Improve Nashorn matching + - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs + - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues + - JDK-8225603: Enhancement for big integers + - JDK-8226346: Build better binary builders + - JDK-8227467: Better class method invocations + - JDK-8227542: Manifest improved jar headers + - JDK-8229733: TLS message handling improvements + - JDK-8231415, CVE-2020-2773: Better signatures in XML + - JDK-8231785: Improved socket permissions + - JDK-8232424, CVE-2020-2778: More constrained algorithms + - JDK-8232581, CVE-2020-2767: Improve TLS verification + - JDK-8233250: Better X11 rendering + - JDK-8233410: Better Build Scripting + - JDK-8234027: Better JCEKS key support + - JDK-8234408, CVE-2020-2781: Improve TLS session handling + - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers + - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers + - JDK-8235274, CVE-2020-2805: Enhance typing of methods + - JDK-8235691, CVE-2020-2816: Enhance TLS connectivity + - JDK-8236201, CVE-2020-2830: Better Scanner conversions + - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap +* Other changes + - JDK-4919790: Errors in alert ssl message does not reflect the actual certificate status + - JDK-4949105: Access Bridge lacks html tags parsing + - JDK-7092821: java.security.Provider.getService() is synchronized and became scalability bottleneck + - JDK-7143743: Potential memory leak with zip provider + - JDK-8005819: Support cross-realm MSSFU + - JDK-8042383: [TEST_BUG] Test javax/swing/plaf/basic/BasicMenuUI/4983388/bug4983388.java fails with shortcuts on menus do not work + - JDK-8068184: Fix for JDK-8032832 caused a deadlock + - JDK-8145845: [AOT] NullPointerException in compiler/whitebox/GetCodeHeapEntriesTest.java + - JDK-8152988: [AOT] Update test batch definitions to include aot-ed java.base module mode into hs-comp testing + - JDK-8160926: FLAGS_COMPILER_CHECK_ARGUMENTS doesn't handle cross-compilation + - JDK-8163083: SocketListeningConnector does not allow invocations with port 0 + - JDK-8163251: Hard coded loop limit prevents reading of smart card data greater than 8k + - JDK-8167276: jvmci/compilerToVM/MaterializeVirtualObjectTest.java fails with -XX:-EliminateAllocations + - JDK-8169718: nsk/jdb/locals/locals002: ERROR: Cannot find boolVar with expected value: false + - JDK-8176556: java/awt/dnd/ImageTransferTest/ImageTransferTest.java fails for JFIF + - JDK-8178798: Two compiler/aot/verification/vmflags tests fail by timeout with UseAVX=3 + - JDK-8183107: PKCS11 regression regarding checkKeySize + - JDK-8185005: Improve performance of ThreadMXBean.getThreadInfo(long ids[], int maxDepth) + - JDK-8189633: Missing -Xcheck:jni checking for DeleteWeakGlobalRef + - JDK-8189861: Refactor CacheFind + - JDK-8193042: NativeLookup::lookup_critical_entry() should only load shared library once + - JDK-8193596: java/net/DatagramPacket/ReuseBuf.java failed due to timeout + - JDK-8194944: Regression automated test 'open/test/jdk/javax/swing/JInternalFrame/8145896/TestJInternalFrameMaximize.java' fails + - JDK-8196467: javax/swing/JInternalFrame/Test6325652.java fails + - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE + - JDK-8198321: javax/swing/JEditorPane/5076514/bug5076514.java fails + - JDK-8198398: Test javax/swing/JColorChooser/Test6199676.java fails in mach5 + - JDK-8199072: Test javax/swing/GroupLayout/6613904/bug6613904.java is unstable + - JDK-8200432: javadoc fails with ClassCastException on {@link byte[]} + - JDK-8201349: build broken when configured with --with-zlib=bundled on gcc 7.3 + - JDK-8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed + - JDK-8201513: nsk/jvmti/IterateThroughHeap/filter-* are broken + - JDK-8203364: Some serviceability/sa/ tests intermittently fail with java.io.IOException: LingeredApp terminated with non-zero exit code 3 + - JDK-8203687: javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3 + - JDK-8203904: javax/swing/JSplitPane/4816114/bug4816114.java: The divider location is wrong + - JDK-8203911: Test runtime/modules/getModuleJNI/GetModule fails with -Xcheck:jni + - JDK-8204525: [TESTBUG] runtime/NMT/MallocStressTest.java ran out of java heap + - JDK-8204529: gc/TestAllocateHeapAtMultiple.java fail with Agent 7 timed out + - JDK-8204551: Event descriptions are truncated in logs + - JDK-8206963: [AOT] bug with multiple class loaders + - JDK-8207367: 10 vmTestbase/nsk/jdi tests timed out when running with jtreg + - JDK-8207832: serviceability/sa/ClhsdbCDSCore.java failed with "Couldn't find core file location" + - JDK-8207938: At step6,Click Add button,case failed automatically. + - JDK-8208157: requires.VMProps throws NPE for missing properties in "release" file + - JDK-8208379: compiler/jvmci/events/JvmciNotifyInstallEventTest.java failed with "Got unexpected event count after 2nd install attempt: expected 9 to equal 2" + - JDK-8208658: Make CDS archived heap regions usable even if compressed oop encoding has changed + - JDK-8208715: Conversion of milliseconds to nanoseconds in UNIXProcess contains bug + - JDK-8209361: [AOT] Unexpected number of references for JVMTI_HEAP_REFERENCE_CONSTANT_POOL [111-->111]: 0 (expected at least 1) + - JDK-8209385: CDS runtime classpath checking is too strict when only classes from the system modules are archived + - JDK-8209389: SIGSEGV in WalkOopAndArchiveClosure::do_oop_work. + - JDK-8209418: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2 + - JDK-8209494: Create a test for SwingSet InternalFrameDemo + - JDK-8209499: Create test for SwingSet EditorPaneDemo + - JDK-8209574: [AOT] breakpoint events are generated in different threads does not meet expected count + - JDK-8209686: cleanup arguments to PhaseIdealLoop() constructor + - JDK-8209789: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2 + - JDK-8209802: Garbage collectors should register JFR types themselves to avoid build errors. + - JDK-8209807: improve handling exception in requires.VMProps + - JDK-8209817: stack is executable when building with Clang on Linux + - JDK-8209824: Improve the code coverage for ThreadLocal + - JDK-8209826: Undefined reference to os::write after JDK-8209657 (filemap.hpp cleanup) + - JDK-8209850: Allow NamedThreads to use GlobalCounter critical sections + - JDK-8209976: Improve iteration over non-JavaThreads + - JDK-8209993: Create a test for SwingSet3 ToolTipDemo + - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread() + - JDK-8210052: Enable testing for all the available look and feels in SwingSet3 demo tests + - JDK-8210055: Enable different look and feel tests in SwingSet3 demo tests + - JDK-8210057: Enable different look and feels in SwingSet3 demo test InternalFrameDemoTest + - JDK-8210058: Algorithmic Italic font leans opposite angle in Printing + - JDK-8210220: [AOT] jdwp test cases are failing with error # ERROR: TEST FAILED: Cought IOException while receiving event packet + - JDK-8210289: ArchivedKlassSubGraphInfoRecord is incomplete + - JDK-8210459: Add support for generating compile_commands.json + - JDK-8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow + - JDK-8210512: [Testbug] vmTestbase/nsk/jdi/ObjectReference/referringObjects/referringObjects002/referringObjects002.java fails with unexpected size of ClassLoaderReference.referringObjects + - JDK-8210523: runtime/appcds/cacheObject/DifferentHeapSizes.java crash + - JDK-8210632: Add key exchange algorithm to javax/net/ssl/TLSCommon/CipherSuite.java + - JDK-8210699: Problem list tests which times out in Xcomp mode + - JDK-8210793: [JVMCI] AllocateCompileIdTest.java failed to find DiagnosticCommand.class + - JDK-8210910: Create test for FileChooserDemo + - JDK-8210994: Create test for SwingSet3 FrameDemo + - JDK-8211139: Increase timeout value in all tests under jdk/sanity/client/SwingSet/src + - JDK-8211160: Handle different look and feels in JInternalFrameOperator + - JDK-8211211: vmTestbase/metaspace/stressDictionary/StressDictionary.java timeout + - JDK-8211322: Reduce the timeout of tooltip in SwingSet2DemoTest + - JDK-8211443: Enable different look and feels in SwingSet3 demo test SplitPaneDemoTest + - JDK-8211703: JInternalFrame : java.lang.AssertionError: cannot find the internal frame + - JDK-8211781: re-building fails after changing Graal sources + - JDK-8212897: Some improvements in the EditorPaneDemotest + - JDK-8212903: [TestBug] Tests test/jdk/javax/swing/LookAndFeel/8145547/DemandGTK2.sh and DemandGTK3.sh fail on Ubuntu 18.04 LTS + - JDK-8213009: Refactoring existing SunMSCAPI classes + - JDK-8213010: Supporting keys created with certmgr.exe + - JDK-8213168: Enable different look and feel tests in SwingSet3 demo test FileChooserDemoTest + - JDK-8213348: jdk.internal.vm.compiler.management service providers missing in module descriptor + - JDK-8213906: Update arm devkits with libXrandr headers + - JDK-8213908: AssertionError in DeferredAttr at setOverloadKind + - JDK-8214124: [TESTBUG] Bugs in runtime/NMT/MallocStressTest.java + - JDK-8214344: C2: assert(con.basic_type() != T_ILLEGAL) failed: elembt=byte; loadbt=void; unsigned=0 + - JDK-8214345: infinite recursion while checking super class + - JDK-8214471: Enable different look and feel tests in SwingSet3 demo test ToolTipDemoTest + - JDK-8214534: Setting of THIS_FILE in the build is broken + - JDK-8214557: Filter out VM flags which don't affect AOT code generation + - JDK-8214578: [macos] Problem with backslashes on macOS/JIS keyboard: Java ignores system settings + - JDK-8214840: runtime/NMT/MallocStressTest.java timed out + - JDK-8214850: Rename vm_operations.?pp files to vmOperations.?pp files + - JDK-8214904: Test8004741.java failed due to "Too few ThreadDeath hits; expected at least 6 but saw only 5" + - JDK-8215322: add @file support to jaotc + - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1) + - JDK-8215396: JTabbedPane preferred size calculation is wrong for SCROLL_TAB_LAYOUT + - JDK-8216180: [AOT] compiler/intrinsics/bigInteger/TestMulAdd.java crashed with AOT enabled + - JDK-8216353: Use utility APIs introduced in org/netbeans/jemmy/util/LookAndFeel class in client sanity test cases + - JDK-8216354: Syntax error in toolchain_windows.m4 + - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win) + - JDK-8216535: tools/jimage/JImageExtractTest.java timed out + - JDK-8217235: Create automated test for SwingSet ColorChooserDemoTest + - JDK-8217297: Add support for multiple look and feel for SwingSet SliderDemoTest + - JDK-8217338: [Containers] Improve systemd slice memory limit support + - JDK-8217613: [AOT] TEST_OPTS_AOT_MODULES doesn't work on mac + - JDK-8217634: RunTest documentation and usability update + - JDK-8217717: ZGC: Broken oop map in C1 load barrier stub + - JDK-8217728: Speed up incremental rerun of "make hotspot" + - JDK-8218268: Javac treats Manifest Class-Path entries as Paths instead of URLs + - JDK-8218662: Allow 204 responses with Content-Length:0 + - JDK-8218882: NET_Writev is declared, NET_WriteV is defined + - JDK-8218889: Improperly use of the Optional API + - JDK-8219205: JFR file without license header + - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions + - JDK-8219723: javax/net/ssl/compatibility/Compatibility.java failed on some SNI cases + - JDK-8220348: [ntintel] asserts about copying unaligned array + - JDK-8220451: jdi/EventQueue/remove/remove004 failed due to "ERROR: thread2 is not alive" + - JDK-8220456: jdi/EventQueue/remove_l/remove_l004 failed due to "TIMEOUT while waiting for event" + - JDK-8220479: java/nio/channels/Selector/SelectWithConsumer.java failed at testTwoChannels() + - JDK-8220613: java/util/Arrays/TimSortStackSize2.java times out with fastdebug build + - JDK-8220688: [TESTBUG] runtime/NMT/MallocStressTest.java timed out + - JDK-8220786: Create new switch to redirect error reporting output to stdout or stderr + - JDK-8221270: Duplicated synchronized keywords in SSLSocketImpl + - JDK-8221312: test/jdk/sanity/client/SwingSet/src/ColorChooserDemoTest.java failed + - JDK-8221851: Use of THIS_FILE in hotspot invalidates precompiled header on Linux/GCC + - JDK-8221885: Add intermittent test in the JavaSound to the ProblemList + - JDK-8222264: Windows incremental build is broken with JDK-8217728 + - JDK-8222391: javax/net/ssl/compatibility/Compatibility.java should be more flexible + - JDK-8222448: java/lang/reflect/PublicMethods/PublicMethodsTest.java times out + - JDK-8222519: ButtonDemoScreenshotTest fails randomly with "still state to be reached" + - JDK-8222741: jdi/EventQueue/remove/remove004 fails due to VMDisconnectedException + - JDK-8223003: SunMSCAPI keys are not cleaned up + - JDK-8223063: Support CNG RSA keys + - JDK-8223158: Docked MacBook cannot start any Java Swing applications + - JDK-8223260: NamingManager should cache InitialContextFactory + - JDK-8223464: Improve version string for Oracle CI builds + - JDK-8223558: Java does not render Myanmar script correctly + - JDK-8223627: jdk-13+20 bundle name contains null instead of ea + - JDK-8223638: Replace wildcard address with loopback or local host in tests - part 6 + - JDK-8223678: Add Visual Studio Code workspace generation support (for native code) + - JDK-8223727: com/sun/jndi/ldap/privconn/RunTest.java failed due to hang in LdapRequest.getReplyBer + - JDK-8223769: Assert triggers with -XX:+StressReflectiveCode + - JDK-8224187: Refactor arraycopy_prologue to allow ZGC read barriers on arraycopy + - JDK-8224475: JTextPane does not show images in HTML rendering + - JDK-8224673: Adjust permission for delayed starting of debugging + - JDK-8224705: Tests that need to be problem-listed or have printer resources + - JDK-8224778: test/jdk/demo/jfc/J2Ddemo/J2DdemoTest.java cannot find J2Ddemo.jar + - JDK-8224821: java/awt/Focus/NoAutotransferToDisabledCompTest/NoAutotransferToDisabledCompTest.java fails linux-x64 + - JDK-8224830: test/jdk/java/awt/Focus/ModalExcludedWindowClickTest/ModalExcludedWindowClickTest.java fails on linux-x64 + - JDK-8224851: AArch64: fix warnings and errors with Clang and GCC 8.3 + - JDK-8224905: java/lang/ProcessBuilder/Basic.java#id1 failed with stream closed + - JDK-8225007: java/awt/print/PrinterJob/LandscapeStackOverflow.java may hang + - JDK-8225105: java/awt/Focus/ShowFrameCheckForegroundTest/ShowFrameCheckForegroundTest.java fails in Windows 10 + - JDK-8225117: java/math/BigInteger/SymmetricRangeTests.java fails with ParseException + - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test + - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test + - JDK-8225144: [macos] In Aqua L&F backspace key does not delete when Shift is pressed + - JDK-8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows + - JDK-8225182: JNI exception pending in DestroyXIMCallback of awt_InputMethod.c:1327 + - JDK-8225199: [Graal] compiler/jvmci/compilerToVM/IsMatureVsReprofileTest.java fails with -XX:CompileThresholdScaling=0.1 + - JDK-8225305: ProblemList java/lang/invoke/VarHandles tests + - JDK-8225350: compiler/jvmci/compilerToVM/IsCompilableTest.java timed out + - JDK-8225430: Replace wildcard address with loopback or local host in tests - part 14 + - JDK-8225435: Upgrade IANA Language Subtag Registry to the latest for JDK14 + - JDK-8225487: giflib legal file is missing attribution for openbsd-reallocarray.c + - JDK-8225567: Wrong file headers with 8202414 fix changeset + - JDK-8225684: [AOT] vmTestbase/vm/oom/production/AlwaysOOMProduction tests fail with AOTed java.base + - JDK-8225766: Curve in certificate should not affect signature scheme when using TLSv1.3 + - JDK-8225797: OldObjectSample event creates unexpected amount of checkpoint data + - JDK-8226381: ProblemList java/lang/reflect/PublicMethods/PublicMethodsTest.java + - JDK-8226406: JVM fails to detect mismatched or corrupt CDS archive + - JDK-8226608: Hide the onjcmd option from the help output + - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys + - JDK-8227112: exclude compiler/intrinsics/sha/sanity tests from AOT runs + - JDK-8227324: Upgrade to freetype 2.10.1 + - JDK-8227528: TestAbortVMOnSafepointTimeout.java failed due to "RuntimeException: 'Safepoint sync time longer than' missing from stdout/stderr" + - JDK-8227645: Some tests in serviceability/sa run with fixed -Xmx values and risk running out of memory + - JDK-8227646: [TESTBUG] appcds/SharedArchiveConsistency timed out + - JDK-8227662: freetype seeks to index at the end of the font data + - JDK-8228479: Correct the format of ColorChooserDemoTest + - JDK-8228613: java.security.Provider#getServices order is no longer deterministic + - JDK-8228969: 2019-09-28 public suffix list update + - JDK-8229236: CriticalJNINatives: dll handling should be done in native thread state + - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC + - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions + - JDK-8229994: assert(false) failed: Bad graph detected in get_early_ctrl_for_expensive + - JDK-8230004: jdk/internal/jimage/JImageOpenTest.java runs no test + - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception + - JDK-8230390: Problemlist SA tests with AOT + - JDK-8230400: Missing constant pool entry for a method in stacktrace + - JDK-8230459: Test failed to resume JVMCI CompilerThread + - JDK-8230480: check malloc/calloc results in java.desktop + - JDK-8230597: Update GIFlib library to the 5.2.1 + - JDK-8230611: infinite loop in LogOutputList::wait_until_no_readers() + - JDK-8230624: [TESTBUG] Problemlist JFR compiler/TestCodeSweeper.java + - JDK-8230677: Should disable Escape Analysis if JVMTI capability can_get_owned_monitor_info was taken + - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout + - JDK-8231025: Incorrect method tag offset for big endian platform + - JDK-8231081: TestMetadataRetention fails due to missing symbol id + - JDK-8231387: java.security.Provider.getService returns random result due to race condition with mutating methods in the same class + - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type + - JDK-8231445: check ZALLOC return values in awt coding + - JDK-8231507: Update Apache Santuario (XML Signature) to version 2.1.4 + - JDK-8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call + - JDK-8231753: use more Posix functionality in aix os::print_os_info + - JDK-8231810: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java fails intermittently with "java.lang.Exception: Unexpected EOF" + - JDK-8232003: (fs) Files.write can leak file descriptor in the exception case + - JDK-8232056: GetOwnedMonitorInfoWithEATest.java fails with ZGC: Heap too small + - JDK-8232060: add some initializations using sigemptyset in os_aix.cpp + - JDK-8232154: Update Mesa 3-D Headers to version 19.2.1 + - JDK-8232167: Visual Studio install found through --with-tools-dir value is discarded + - JDK-8232170: FSInfo#getJarClassPath throws an exception not declared in its throws clause + - JDK-8232200: [macos 10.15] Windows in fullscreen tests jumps around the screen + - JDK-8232207: Linux os::available_memory re-reads cgroup configuration on every invocation + - JDK-8232224: [TESTBUG] problemlist JFR TestLargeRootSet.java + - JDK-8232370: Refactor some com.sun.jdi tests to enable IDE integration + - JDK-8232433: [macos 10.15] java/awt/Window/LocationAtScreenCorner/LocationAtScreenCorner.java may fail + - JDK-8232571: Add missing SIGINFO signal + - JDK-8232692: [TESTBUG] compiler/aot/fingerprint/SelfChangedCDS.java fails when cds is disabled + - JDK-8232713: Update BCEL version to 6.3.1 in license file + - JDK-8232806: Introduce a system property to disable eager lambda initialization + - JDK-8232834: RunTest sometimes fails to produce valid exitcode.txt + - JDK-8232880: Update test documentation with additional settings for client UI tooltip tests + - JDK-8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures. + - JDK-8233018: Add a new test to verify that DatagramSocket is not interruptible + - JDK-8233019: java.lang.Class.isPrimitive() (C1) returns wrong result if Klass* is aligned to 32bit + - JDK-8233032: assert(in_bb(n)) failed: must be + - JDK-8233078: fix minimal VM build on Linux ppc64(le) + - JDK-8233328: fix minimal VM build on Linux s390x + - JDK-8233383: Various minor fixes + - JDK-8233466: aarch64: remove unnecessary load of mdo when profiling return and parameters type + - JDK-8233491: Crash in AdapterHandlerLibrary::get_adapter with CDS due to code cache exhaustion + - JDK-8233529: loopTransform.cpp:2984: Error: assert(p_f->Opcode() == Op_IfFalse) failed + - JDK-8233548: Update CUP to v0.11b + - JDK-8233649: Update ProblemList.txt to exclude failing headful tests on macos + - JDK-8233656: assert(d->is_CFG() && n->is_CFG()) failed: must have CFG nodes + - JDK-8233657: Intermittent NPE in Component.validate() + - JDK-8234288: Turkey Time Zone returns incorrect time zone name + - JDK-8234323: NULL-check return value of SurfaceData_InitOps on macosx + - JDK-8234339: replace JLI_StrTok in java_md_solinux.c + - JDK-8234340: Bump update version for OpenJDK: jdk-11.0.7 + - JDK-8234350: assert(mode == ControlAroundStripMined && (use == sfpt || !use->is_reachable_from_root())) failed: missed a node + - JDK-8234386: [macos] NPE was thrown at expanding Choice from maximized frame + - JDK-8234397: add OS uptime information to os::print_os_info output + - JDK-8234423: Modifying ArrayList.subList().subList() resets modCount of subList + - JDK-8234466: Class loading deadlock involving X509Factory#commitEvent() + - JDK-8234501: remove obsolete NET_ReadV + - JDK-8234525: enable link-time section-gc for linux s390x to remove unused code + - JDK-8234610: MaxVectorSize set wrongly when UseAVX=3 is specified after JDK-8221092 + - JDK-8234617: C1: Incorrect result of field load due to missing narrowing conversion + - JDK-8234723: javax/net/ssl/TLS tests support TLSv1.3 + - JDK-8234724: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java supports TLSv1.3 + - JDK-8234741: enhance os::get_core_path on macOS + - JDK-8234769: Duplicate attribution in freetype.md + - JDK-8234786: Fix for JDK-8214578 breaks OS X 10.12 compatibility + - JDK-8234809: set relro in linker flags when building with gcc + - JDK-8234824: java/nio/channels/SocketChannel/AdaptSocket.java fails on Windows 10 + - JDK-8235243: handle VS2017 15.9 and VS2019 in abstract_vm_version + - JDK-8235288: AVX 512 instructions inadvertently used on Xeon for small vector width operations + - JDK-8235325: build failure on Linux after 8235243 + - JDK-8235383: C1 compilation fails with -XX:+PrintIRDuringConstruction -XX:+Verbose + - JDK-8235489: handle return values of sscanf calls in hotspot + - JDK-8235509: Backport for JDK-8209657 Refactor filemap.hpp to simplify integration with Serviceability Agent. + - JDK-8235510: java.util.zip.CRC32 performance drop after 8200067 + - JDK-8235563: [TESTBUG] appcds/CommandLineFlagComboNegative.java does not handle archive mapping failure + - JDK-8235637: jhsdb jmap from OpenJDK 11.0.5 doesn't work if prelink is enabled + - JDK-8235671: enhance print_rlimit_info in os_posix + - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64 + - JDK-8235904: Infinite loop when rendering huge lines + - JDK-8235998: [c2] Memory leaks during tracing after '8224193: stringStream should not use Resource Area'. + - JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3 + - JDK-8236140: assert(!VerifyHashTableKeys || _hash_lock == 0) failed: remove node from hash table before modifying it + - JDK-8236179: C1 register allocation error with T_ADDRESS + - JDK-8236488: Support for configure option --with-native-debug-symbols=internal is impossible on Windows + - JDK-8236500: Windows ucrt.dll should be looked up in versioned WINSDK subdirectory + - JDK-8236709: struct SwitchRange in HS violates C++ One Definition Rule + - JDK-8236848: [JDK 11u] make run-test-tier1 fails after backport of JDK-8232834 + - JDK-8236873: Worker has a deadlock bug + - JDK-8237217: Incorrect G1StringDedupEntry type used in StringDedupTable destructor + - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read + - JDK-8237375: SimpleThresholdPolicy misses CounterDecay timestamp initialization + - JDK-8237508: Simplify JarFile.isInitializing + - JDK-8237540: Missing files in backport of JDK-8210910 + - JDK-8237541: Missing files in backport of JDK-8236528 + - JDK-8237600: Test SunJSSEFIPSInit fails on Ubuntu + - JDK-8237819: s390x - remove unused pd_zero_to_words_large + - JDK-8237869: exclude jtreg test security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java because of instabilities + - JDK-8237879: make 4.3 breaks build + - JDK-8237945: CTW: C2 compilation fails with assert(just_allocated_object(alloc_ctl) == ptr) failed: most recent allo + - JDK-8238225: Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary + - JDK-8238247: CTW runner should sweep nmethods more aggressively + - JDK-8238366: CTW runner closes standard output on exit + - JDK-8238438: SuperWord::co_locate_pack picks memory state of first instead of last load + - JDK-8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION + - JDK-8238534: Deep sign macOS bundles before bundle archive is being created + - JDK-8238591: CTW: Split applications/ctw/modules/jdk_localedata.java + - JDK-8238596: AVX enabled by default for Skylake even when unsupported + - JDK-8238811: C2: assert(i >= req() || i == 0 || is_Region() || is_Phi()) with -XX:+VerifyGraphEdges + - JDK-8239005: [TESTBUG] test/hotspot/jtreg/runtime/StackGuardPages/TestStackGuardPages.java: exeinvoke.c: must initialize static state before calling do_overflow() + - JDK-8239466: Loss of precision in counter decay calculation in 11u backport of JDK-8237375 + - JDK-8239856: [ntintel] asserts about copying unaligned array element + - JDK-8240724: [test] jdk11 downport of 8224475 misses binary file test/jdk/javax/swing/JTextPane/arrow.png + - JDK-8241296: Segfault in JNIHandleBlock::oops_do() + +Notes on individual issues: +=========================== + +security-libs/javax.xml.crypto: + +JDK-8239467: Apache Santuario Library Updated to Version 2.1.4 +============================================================== +The Apache Santuario library has been upgraded to version 2.1.4. As a +result, a new system property +`com.sun.org.apache.xml.internal.security.parser.pool-size` has been +introduced. + +This new system property sets the pool size of the internal +`DocumentBuilder` cache used when processing XML Signatures. The +function is equivalent to the +`org.apache.xml.security.parser.pool-size` system property used in +Apache Santuario and has the same default value of 20. diff --git a/SOURCES/jdk8236039-status_request_extension.patch b/SOURCES/jdk8236039-status_request_extension.patch deleted file mode 100644 index be7008c..0000000 --- a/SOURCES/jdk8236039-status_request_extension.patch +++ /dev/null @@ -1,310 +0,0 @@ -# HG changeset patch -# User jnimeh -# Date 1578287079 28800 -# Sun Jan 05 21:04:39 2020 -0800 -# Node ID b9d1ce20dd4b2ce34e74c8fa2d784335231abcd1 -# Parent 3782f295811625b65d57f1aef15daa10d82a58a7 -8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3 -Reviewed-by: xuelei - -diff --git a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java ---- a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java -+++ b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -39,11 +39,7 @@ - import javax.net.ssl.SSLProtocolException; - import sun.security.provider.certpath.OCSPResponse; - import sun.security.provider.certpath.ResponderId; --import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST; --import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST_V2; - import sun.security.ssl.SSLExtension.ExtensionConsumer; --import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST; --import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST_V2; - import sun.security.ssl.SSLExtension.SSLExtensionSpec; - import sun.security.ssl.SSLHandshake.HandshakeMessage; - import sun.security.util.DerInputStream; -@@ -434,8 +430,9 @@ - } else { - extBuilder.append(",\n"); - } -- extBuilder.append( -- "{\n" + Utilities.indent(ext.toString()) + "}"); -+ extBuilder.append("{\n"). -+ append(Utilities.indent(ext.toString())). -+ append("}"); - } - - extsStr = extBuilder.toString(); -@@ -552,11 +549,11 @@ - return null; - } - -- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST)) { -+ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { - SSLLogger.fine( - "Ignore unavailable extension: " + -- CH_STATUS_REQUEST.name); -+ SSLExtension.CH_STATUS_REQUEST.name); - } - return null; - } -@@ -568,8 +565,8 @@ - byte[] extData = new byte[] {0x01, 0x00, 0x00, 0x00, 0x00}; - - // Update the context. -- chc.handshakeExtensions.put( -- CH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT); -+ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST, -+ CertStatusRequestSpec.DEFAULT); - - return extData; - } -@@ -593,10 +590,10 @@ - // The consuming happens in server side only. - ServerHandshakeContext shc = (ServerHandshakeContext)context; - -- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST)) { -+ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { - SSLLogger.fine("Ignore unavailable extension: " + -- CH_STATUS_REQUEST.name); -+ SSLExtension.CH_STATUS_REQUEST.name); - } - return; // ignore the extension - } -@@ -610,7 +607,7 @@ - } - - // Update the context. -- shc.handshakeExtensions.put(CH_STATUS_REQUEST, spec); -+ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST, spec); - if (!shc.isResumption && - !shc.negotiatedProtocol.useTLS13PlusSpec()) { - shc.handshakeProducers.put(SSLHandshake.CERTIFICATE_STATUS.id, -@@ -654,13 +651,12 @@ - - // In response to "status_request" extension request only. - CertStatusRequestSpec spec = (CertStatusRequestSpec) -- shc.handshakeExtensions.get(CH_STATUS_REQUEST); -+ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST); - if (spec == null) { - // Ignore, no status_request extension requested. - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { -- SSLLogger.finest( -- "Ignore unavailable extension: " + -- CH_STATUS_REQUEST.name); -+ SSLLogger.finest("Ignore unavailable extension: " + -+ SSLExtension.CH_STATUS_REQUEST.name); - } - - return null; // ignore the extension -@@ -681,8 +677,8 @@ - byte[] extData = new byte[0]; - - // Update the context. -- shc.handshakeExtensions.put( -- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT); -+ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST, -+ CertStatusRequestSpec.DEFAULT); - - return extData; - } -@@ -708,7 +704,7 @@ - - // In response to "status_request" extension request only. - CertStatusRequestSpec requestedCsr = (CertStatusRequestSpec) -- chc.handshakeExtensions.get(CH_STATUS_REQUEST); -+ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST); - if (requestedCsr == null) { - throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, - "Unexpected status_request extension in ServerHello"); -@@ -722,8 +718,8 @@ - } - - // Update the context. -- chc.handshakeExtensions.put( -- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT); -+ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST, -+ CertStatusRequestSpec.DEFAULT); - - // Since we've received a legitimate status_request in the - // ServerHello, stapling is active if it's been enabled. -@@ -909,7 +905,7 @@ - return null; - } - -- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) { -+ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { - SSLLogger.finest( - "Ignore unavailable status_request_v2 extension"); -@@ -926,8 +922,8 @@ - 0x00, 0x07, 0x02, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00}; - - // Update the context. -- chc.handshakeExtensions.put( -- CH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT); -+ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2, -+ CertStatusRequestV2Spec.DEFAULT); - - return extData; - } -@@ -951,7 +947,7 @@ - // The consuming happens in server side only. - ServerHandshakeContext shc = (ServerHandshakeContext)context; - -- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) { -+ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { - SSLLogger.finest( - "Ignore unavailable status_request_v2 extension"); -@@ -969,7 +965,8 @@ - } - - // Update the context. -- shc.handshakeExtensions.put(CH_STATUS_REQUEST_V2, spec); -+ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2, -+ spec); - if (!shc.isResumption) { - shc.handshakeProducers.putIfAbsent( - SSLHandshake.CERTIFICATE_STATUS.id, -@@ -1013,7 +1010,7 @@ - - // In response to "status_request_v2" extension request only - CertStatusRequestV2Spec spec = (CertStatusRequestV2Spec) -- shc.handshakeExtensions.get(CH_STATUS_REQUEST_V2); -+ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2); - if (spec == null) { - // Ignore, no status_request_v2 extension requested. - if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { -@@ -1038,8 +1035,8 @@ - byte[] extData = new byte[0]; - - // Update the context. -- shc.handshakeExtensions.put( -- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT); -+ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2, -+ CertStatusRequestV2Spec.DEFAULT); - - return extData; - } -@@ -1065,7 +1062,7 @@ - - // In response to "status_request" extension request only - CertStatusRequestV2Spec requestedCsr = (CertStatusRequestV2Spec) -- chc.handshakeExtensions.get(CH_STATUS_REQUEST_V2); -+ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2); - if (requestedCsr == null) { - throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, - "Unexpected status_request_v2 extension in ServerHello"); -@@ -1079,8 +1076,8 @@ - } - - // Update the context. -- chc.handshakeExtensions.put( -- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT); -+ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2, -+ CertStatusRequestV2Spec.DEFAULT); - - // Since we've received a legitimate status_request in the - // ServerHello, stapling is active if it's been enabled. If it -diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java ---- a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java -+++ b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -113,7 +113,6 @@ - null, - null, - CertStatusExtension.certStatusReqStringizer), -- - CR_STATUS_REQUEST (0x0005, "status_request"), - CT_STATUS_REQUEST (0x0005, "status_request", - SSLHandshake.CERTIFICATE, -@@ -124,6 +123,7 @@ - null, - null, - CertStatusExtension.certStatusRespStringizer), -+ - // extensions defined in RFC 4681 - USER_MAPPING (0x0006, "user_mapping"), - -@@ -515,6 +515,16 @@ - return null; - } - -+ static String nameOf(int extensionType) { -+ for (SSLExtension ext : SSLExtension.values()) { -+ if (ext.id == extensionType) { -+ return ext.name; -+ } -+ } -+ -+ return "unknown extension"; -+ } -+ - static boolean isConsumable(int extensionType) { - for (SSLExtension ext : SSLExtension.values()) { - if (ext.id == extensionType && -diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java ---- a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java -+++ b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2018, 2020 Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -86,11 +86,14 @@ - "Received buggy supported_groups extension " + - "in the ServerHello handshake message"); - } -- } else { -+ } else if (handshakeType == SSLHandshake.SERVER_HELLO) { - throw hm.handshakeContext.conContext.fatal( -- Alert.UNSUPPORTED_EXTENSION, -- "extension (" + extId + -- ") should not be presented in " + handshakeType.name); -+ Alert.UNSUPPORTED_EXTENSION, "extension (" + -+ extId + ") should not be presented in " + -+ handshakeType.name); -+ } else { -+ isSupported = false; -+ // debug log to ignore unknown extension for handshakeType - } - } - -@@ -365,9 +368,10 @@ - } - - private static String toString(int extId, byte[] extData) { -+ String extName = SSLExtension.nameOf(extId); - MessageFormat messageFormat = new MessageFormat( -- "\"unknown extension ({0})\": '{'\n" + -- "{1}\n" + -+ "\"{0} ({1})\": '{'\n" + -+ "{2}\n" + - "'}'", - Locale.ENGLISH); - -@@ -375,6 +379,7 @@ - String encoded = hexEncoder.encodeBuffer(extData); - - Object[] messageFields = { -+ extName, - extId, - Utilities.indent(encoded) - }; diff --git a/SOURCES/jdk8237396-avoid_triggering_barriers.patch b/SOURCES/jdk8237396-avoid_triggering_barriers.patch deleted file mode 100644 index 90d7c65..0000000 --- a/SOURCES/jdk8237396-avoid_triggering_barriers.patch +++ /dev/null @@ -1,58 +0,0 @@ -# HG changeset patch -# User zgu -# Date 1579696811 18000 -# Wed Jan 22 07:40:11 2020 -0500 -# Node ID 91ea567eeabeade6b3f8d6cf10c02ba53f700eca -# Parent 082f1d3eb1649ff776cda165ed78d65bc7361ebc -8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers -Reviewed-by: stefank, rkennke - -diff --git a/src/hotspot/share/prims/jvmtiTagMap.cpp b/src/hotspot/share/prims/jvmtiTagMap.cpp ---- a/src/hotspot/share/prims/jvmtiTagMap.cpp -+++ b/src/hotspot/share/prims/jvmtiTagMap.cpp -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -96,6 +96,11 @@ - inline oop object_peek() { - return NativeAccess::oop_load(object_addr()); - } -+ -+ inline oop object_raw() { -+ return RawAccess<>::oop_load(object_addr()); -+ } -+ - inline jlong tag() const { return _tag; } - - inline void set_tag(jlong tag) { -@@ -3357,7 +3362,7 @@ - JvmtiTagHashmapEntry* next = entry->next(); - - // has object been GC'ed -- if (!is_alive->do_object_b(entry->object_peek())) { -+ if (!is_alive->do_object_b(entry->object_raw())) { - // grab the tag - jlong tag = entry->tag(); - guarantee(tag != 0, "checking"); -@@ -3375,7 +3380,7 @@ - ++freed; - } else { - f->do_oop(entry->object_addr()); -- oop new_oop = entry->object_peek(); -+ oop new_oop = entry->object_raw(); - - // if the object has moved then re-hash it and move its - // entry to its new location. -@@ -3409,7 +3414,7 @@ - // Re-add all the entries which were kept aside - while (delayed_add != NULL) { - JvmtiTagHashmapEntry* next = delayed_add->next(); -- unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_peek(), size); -+ unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_raw(), size); - delayed_add->set_next(table[pos]); - table[pos] = delayed_add; - delayed_add = next; diff --git a/SPECS/java-11-openjdk.spec b/SPECS/java-11-openjdk.spec index 8906590..8493ffd 100644 --- a/SPECS/java-11-openjdk.spec +++ b/SPECS/java-11-openjdk.spec @@ -21,6 +21,9 @@ # Enable release builds by default on relevant arches. %bcond_without release +# Workaround for stripping of debug symbols from static libraries +%define __brp_strip_static_archive %{nil} + # The -g flag says to use strip -g instead of full strip on DSOs or EXEs. # This fixes detailed NMT and other tools which need minimal debug info. # See: https://bugzilla.redhat.com/show_bug.cgi?id=1520879 @@ -59,8 +62,8 @@ # the ghosts are here to allow installation via query like `dnf install /usr/bin/java` # you can list those files, with appropriate sections: cat *.spec | grep -e --install -e --slave -e post_ # TODO - fix those hardcoded lists via single list -# those files ,must *NOT* be ghosted for *slowdebug* packages -# FIXME - if you are moving jshell or jlink or simialr, always modify all three sections +# Those files must *NOT* be ghosted for *slowdebug* packages +# FIXME - if you are moving jshell or jlink or similar, always modify all three sections # you can check via headless and devels: # rpm -ql --noghost java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin # == rpm -ql java-11-openjdk-headless-slowdebug-11.0.1.13-8.fc29.x86_64.rpm | grep bin @@ -121,12 +124,12 @@ %endif %if %{bootstrap_build} -%global release_targets bootcycle-images docs-zip +%global release_targets bootcycle-images static-libs-image docs-zip %else -%global release_targets images docs-zip +%global release_targets images docs-zip static-libs-image %endif # No docs nor bootcycle for debug builds -%global debug_targets images +%global debug_targets images static-libs-image # Filter out flags from the optflags macro that cause problems with the OpenJDK build @@ -212,7 +215,7 @@ # New Version-String scheme-style defines %global majorver 11 -%global securityver 6 +%global securityver 8 # buildjdkver is usually same as %%{majorver}, # but in time of bootstrap of next jdk, it is majorver-1, # and this it is better to change it here, on single place @@ -238,8 +241,8 @@ %global top_level_dir_name %{origin} %global minorver 0 %global buildver 10 -%global rpmrelease 4 -#%%global tagsuffix "" +%global rpmrelease 0 +#%%global tagsuffix %%{nil} # priority must be 8 digits in total; untill openjdk 1.8 we were using 18..... so when moving to 11 we had to add another digit %if %is_system_jdk %global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} ) @@ -271,8 +274,9 @@ # parametrized macros are order-sensitive %global compatiblename java-%{majorver}-%{origin} %global fullversion %{compatiblename}-%{version}-%{release} -# images stub -%global jdkimage jdk +# images directories from upstream build +%global jdkimage jdk +%global static_libs_image static-libs # output dir stub %define buildoutputdir() %{expand:openjdk/build%{?1}} # we can copy the javadoc to not arched dir, or make it not noarch @@ -308,6 +312,8 @@ %define sdkbindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin} %define jrebindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin} +%global alt_java_name alt-java + %global rpm_state_dir %{_localstatedir}/lib/rpm-state/ %if %{with_systemtap} @@ -353,6 +359,7 @@ ext=.gz alternatives \\ --install %{_bindir}/java java %{jrebindir -- %{?1}}/java $PRIORITY --family %{name}.%{_arch} \\ --slave %{_jvmdir}/jre jre %{_jvmdir}/%{sdkdir -- %{?1}} \\ + --slave %{_bindir}/%{alt_java_name} %{alt_java_name} %{jrebindir -- %{?1}}/%{alt_java_name} \\ --slave %{_bindir}/jjs jjs %{jrebindir -- %{?1}}/jjs \\ --slave %{_bindir}/keytool keytool %{jrebindir -- %{?1}}/keytool \\ --slave %{_bindir}/pack200 pack200 %{jrebindir -- %{?1}}/pack200 \\ @@ -361,6 +368,8 @@ alternatives \\ --slave %{_bindir}/unpack200 unpack200 %{jrebindir -- %{?1}}/unpack200 \\ --slave %{_mandir}/man1/java.1$ext java.1$ext \\ %{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1$ext \\ + --slave %{_mandir}/man1/%{alt_java_name}.1$ext %{alt_java_name}.1$ext \\ + %{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1$ext \\ --slave %{_mandir}/man1/jjs.1$ext jjs.1$ext \\ %{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1$ext \\ --slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \\ @@ -573,6 +582,7 @@ exit 0 %define files_jre_headless() %{expand: %license %{_jvmdir}/%{sdkdir -- %{?1}}/legal +%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/NEWS %dir %{_sysconfdir}/.java/.systemPrefs %dir %{_sysconfdir}/.java %dir %{_jvmdir}/%{sdkdir -- %{?1}} @@ -580,6 +590,7 @@ exit 0 %{_jvmdir}/%{jrelnk -- %{?1}} %dir %{_jvmdir}/%{sdkdir -- %{?1}}/bin %{_jvmdir}/%{sdkdir -- %{?1}}/bin/java +%{_jvmdir}/%{sdkdir -- %{?1}}/bin/%{alt_java_name} %{_jvmdir}/%{sdkdir -- %{?1}}/bin/jjs %{_jvmdir}/%{sdkdir -- %{?1}}/bin/keytool %{_jvmdir}/%{sdkdir -- %{?1}}/bin/pack200 @@ -641,6 +652,7 @@ exit 0 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/jfr/default.jfc %{_jvmdir}/%{sdkdir -- %{?1}}/lib/jfr/profile.jfc %{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1* +%{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1* %{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1* %{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1* %{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1* @@ -689,6 +701,7 @@ exit 0 %if %is_system_jdk %if %{is_release_build -- %{?1}} %ghost %{_bindir}/java +%ghost %{_bindir}/%{alt_java_name} %ghost %{_jvmdir}/jre # https://bugzilla.redhat.com/show_bug.cgi?id=1312019 %ghost %{_bindir}/jjs @@ -773,6 +786,7 @@ exit 0 %if %{is_release_build -- %{?1}} %ghost %{_bindir}/javac %ghost %{_jvmdir}/java +%ghost %{_jvmdir}/%{alt_java_name} %ghost %{_bindir}/jaotc %ghost %{_bindir}/jlink %ghost %{_bindir}/jmod @@ -819,6 +833,25 @@ exit 0 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/src.zip } +%define files_static_libs() %{expand: +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2pkcs11.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2pcsc.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libnio.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libprefs.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjava.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjli.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libnet.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjimage.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjaas.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libfdlibm.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2gss.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libsunec.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjsig.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libextnet.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libverify.a +%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libzip.a +} + %define files_javadoc() %{expand: %doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}} %license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/legal @@ -874,7 +907,9 @@ Requires: ca-certificates # Require javapackages-filesystem for ownership of /usr/lib/jvm/ and macros Requires: javapackages-filesystem # Require zone-info data provided by tzdata-java sub-package -Requires: tzdata-java >= 2015d +# 2020a required as of JDK-8243541 in 11.0.8+4 +Requires: tzdata-java >= 2020a +# for support of kernel stream control # libsctp.so.1 is being `dlopen`ed on demand Requires: lksctp-tools%{?_isa} # tool to copy jdk's configs - should be Recommends only, but then only dnf/yum enforce it, @@ -936,6 +971,11 @@ Provides: java-sdk%{?1} = %{epoch}:%{version}-%{release} %endif } +%define java_static_libs_rpo() %{expand: +Requires: %{name}-devel%{?1}%{?_isa} = %{epoch}:%{version}-%{release} +OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} +} + %define java_jmods_rpo() %{expand: # Requires devel package # as jmods are bytecode, they should be OK without any _isa @@ -1040,6 +1080,9 @@ Source8: tapsets-icedtea-%{icedteaver}.tar.xz # Desktop files. Adapted from IcedTea Source9: jconsole.desktop.in +# Release notes +Source10: NEWS + # nss configuration file Source11: nss.cfg.in @@ -1075,8 +1118,6 @@ Patch1001: rh1655466-global_crypto_and_fips.patch # Shenandoah specific patches # ############################################# -# JDK-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers -Patch10: jdk8237396-avoid_triggering_barriers.patch # Currently empty @@ -1098,8 +1139,6 @@ Patch6: rh1566890-CVE_2018_3639-speculative_store_bypass.patch Patch7: pr3695-toggle_system_crypto_policy.patch # S390 ambiguous log2_intptr call Patch8: s390-8214206_fix.patch -# JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3 -Patch9: jdk8236039-status_request_extension.patch ############################################# # @@ -1143,7 +1182,8 @@ BuildRequires: java-%{buildjdkver}-openjdk-devel %ifnarch %{jit_arches} BuildRequires: libffi-devel %endif -BuildRequires: tzdata-java >= 2015d +# 2020a required as of JDK-8243541 in 11.0.8+4 +BuildRequires: tzdata-java >= 2020a # Earlier versions have a bug in tree vectorization on PPC BuildRequires: gcc >= 4.8.3-8 @@ -1216,6 +1256,27 @@ The %{origin_nice} development tools %{majorver}. %endif %if %{include_normal_build} +%package static-libs +Summary: %{origin_nice} libraries for static linking %{majorver} + +%{java_static_libs_rpo %{nil}} + +%description static-libs +The %{origin_nice} libraries for static linking %{majorver}. +%endif + +%if %{include_debug_build} +%package static-libs-slowdebug +Summary: %{origin_nice} libraries for static linking %{majorver} %{debug_on} + +%{java_static_libs_rpo -- %{debug_suffix_unquoted}} + +%description static-libs-slowdebug +The %{origin_nice} libraries for static linking %{majorver}. +%{debug_warning} +%endif + +%if %{include_normal_build} %package jmods Summary: JMods for %{origin_nice} %{majorver} Group: Development/Tools @@ -1356,8 +1417,6 @@ pushd %{top_level_dir_name} %patch6 -p1 %patch7 -p1 %patch8 -p1 -%patch9 -p1 -%patch10 -p1 popd # openjdk %patch1000 @@ -1439,7 +1498,8 @@ EXTRA_CPP_FLAGS="%ourcppflags -std=gnu++98 -fno-delete-null-pointer-checks -fno- # fix rpmlint warnings EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-strict-aliasing" %endif -export EXTRA_CFLAGS +EXTRA_ASFLAGS="${EXTRA_CFLAGS} -Wa,--generate-missing-build-notes=yes" +export EXTRA_CFLAGS EXTRA_ASFLAGS for suffix in %{build_loop} ; do if [ "x$suffix" = "x" ] ; then @@ -1478,6 +1538,7 @@ bash ../configure \ --with-stdc++lib=dynamic \ --with-extra-cxxflags="$EXTRA_CPP_FLAGS" \ --with-extra-cflags="$EXTRA_CFLAGS" \ + --with-extra-asflags="$EXTRA_ASFLAGS" \ --with-extra-ldflags="%{ourldflags}" \ --with-num-cores="$NUM_PROC" \ --disable-javac-server \ @@ -1524,6 +1585,14 @@ install -m 644 nss.fips.cfg $JAVA_HOME/conf/security/ rm $JAVA_HOME/lib/tzdb.dat ln -s %{_datadir}/javazi-1.8/tzdb.dat $JAVA_HOME/lib/tzdb.dat +# Create fake alt-java as a placeholder for future alt-java +pushd ${JAVA_HOME} +cp -a bin/java bin/%{alt_java_name} +# add alt-java man page +echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1 +cat man/man1/java.1 >> man/man1/%{alt_java_name}.1 +popd + # build cycles done @@ -1547,6 +1616,11 @@ $JAVA_HOME/bin/java --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLev $JAVA_HOME/bin/javac -d . %{SOURCE14} $JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||") +# Check debug symbols in static libraries (smoke test) +export STATIC_LIBS_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{static_libs_image} +readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep w_remainder.c +readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep e_remainder.c + # Check debug symbols are present and can identify code find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib do @@ -1665,7 +1739,6 @@ pushd %{buildoutputdir $suffix}/images/%{jdkimage} ln -sf %{sdkdir -- $suffix} %{jrelnk -- $suffix} popd - # Install man pages install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man1 for manpage in man/man1/* @@ -1680,6 +1753,9 @@ pushd %{buildoutputdir $suffix}/images/%{jdkimage} rm -rf $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/man popd +# Install static libs artefacts +cp -a %{buildoutputdir -- $suffix}/images/%{static_libs_image}/lib/*.a \ + $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/lib if ! echo $suffix | grep -q "debug" ; then @@ -1689,6 +1765,11 @@ if ! echo $suffix | grep -q "debug" ; then cp -a %{buildoutputdir -- $suffix}/bundles/jdk-%{newjavaver}%{ea_designator_zip}+%{buildver}%{lts_designator_zip}-docs.zip $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix}.zip fi +# Install release notes +commondocdir=${RPM_BUILD_ROOT}%{_defaultdocdir}/%{uniquejavadocdir $suffix} +install -d -m 755 ${commondocdir} +cp -a %{SOURCE10} ${commondocdir} + # Install icons and menu entries for s in 16 24 32 48 ; do install -D -p -m 644 \ @@ -1858,6 +1939,9 @@ require "copy_jdk_configs.lua" %files devel %{files_devel %{nil}} +%files static-libs +%{files_static_libs %{nil}} + %files jmods %{files_jmods %{nil}} @@ -1888,6 +1972,9 @@ require "copy_jdk_configs.lua" %files devel-slowdebug %{files_devel -- %{debug_suffix_unquoted}} +%files static-libs-slowdebug +%{files_static_libs -- %{debug_suffix_unquoted}} + %files jmods-slowdebug %{files_jmods -- %{debug_suffix_unquoted}} @@ -1900,6 +1987,131 @@ require "copy_jdk_configs.lua" %endif %changelog +* Sat Jul 11 2020 Andrew Hughes - 1:11.0.8.10-0 +- Update to shenandoah-jdk-11.0.8+10 (GA) +- Switch to GA mode for final release. +- Update release notes with last minute fix (JDK-8248505). +- This tarball is embargoed until 2020-07-14 @ 1pm PT. +- Resolves: rhbz#1838811 + +* Fri Jul 10 2020 Andrew Hughes - 1:11.0.8.9-0.0.ea +- Update to shenandoah-jdk-11.0.8+9 (EA) +- Update release notes for 11.0.8 release. +- This tarball is embargoed until 2020-07-14 @ 1pm PT. +- Resolves: rhbz#1838811 + +* Tue Jun 30 2020 Andrew Hughes - 1:11.0.8.8-0.0.ea +- Update to shenandoah-jdk-11.0.8+8 (EA) +- Resolves: rhbz#1838811 + +* Wed Jun 24 2020 Andrew Hughes - 1:11.0.8.7-0.1.ea +- java-11-openjdk doesn't have a JRE tree, so don't try and copy alt-java there... +- Resolves: rhbz#1838811 + +* Wed Jun 24 2020 Jiri Vanek - 1:11.0.8.7-0.1.ea +- Create a copy of java as alt-java with alternatives and man pages +- Resolves: rhbz#1838811 + +* Tue Jun 23 2020 Andrew Hughes - 1:11.0.8.7-0.0.ea +- Update to shenandoah-jdk-11.0.8+7 (EA) +- Resolves: rhbz#1838811 + +* Thu Jun 18 2020 Andrew Hughes - 1:11.0.8.6-0.0.ea +- Update to shenandoah-jdk-11.0.8+6 (EA) +- Resolves: rhbz#1838811 + +* Tue Jun 09 2020 Severin Gehwolf - 1:11.0.8.5-0.1.ea +- Disable stripping of debug symbols for static libraries part of + the -static-libs sub-package. +- Resolves: rhbz#1848701 + +* Sun Jun 07 2020 Andrew Hughes - 1:11.0.8.5-0.0.ea +- Update to shenandoah-jdk-11.0.8+5 (EA) +- Resolves: rhbz#1838811 + +* Mon May 25 2020 Andrew Hughes - 1:11.0.8.4-0.0.ea +- Update to shenandoah-jdk-11.0.8+4 (EA) +- Require tzdata 2020a due to resource changes in JDK-8243541 +- Resolves: rhbz#1838811 + +* Mon May 25 2020 Andrew Hughes - 1:11.0.8.3-0.0.ea +- Update to shenandoah-jdk-11.0.8+3 (EA) +- Resolves: rhbz#1838811 + +* Mon May 25 2020 Severin Gehwolf - 1:11.0.8.2-0.1.ea +- Build static-libs-image and add resulting files via -static-libs + sub-package. +- Resolves: rhbz#1848701 + +* Mon May 18 2020 Andrew Hughes - 1:11.0.8.2-0.0.ea +- Update to shenandoah-jdk-11.0.8+2 (EA) +- Resolves: rhbz#1838811 + +* Sun May 10 2020 Andrew Hughes - 1:11.0.8.1-0.0.ea +- Update to shenandoah-jdk-11.0.8+1 (EA) +- Switch to EA mode for 11.0.8 pre-release builds. +- Drop JDK-8237396 & JDK-8228407 backports now applied upstream. +- Resolves: rhbz#1838811 + +* Wed Apr 22 2020 Andrew Hughes - 1:11.0.7.10-2 +- Add JDK-8228407 backport to resolve crashes during verification. +- Resolves: rhbz#1810557 + +* Wed Apr 22 2020 Andrew Hughes - 1:11.0.7.10-2 +- Amend release notes, removing issue actually fixed in 11.0.6. +- Resolves: rhbz#1810557 + +* Wed Apr 22 2020 Andrew Hughes - 1:11.0.7.10-2 +- Add release notes. +- Resolves: rhbz#1810557 + +* Wed Apr 22 2020 Andrew Hughes - 1:11.0.7.10-2 +- Make use of --with-extra-asflags introduced in jdk-11.0.6+1. +- Resolves: rhbz#1810557 + +* Sun Apr 19 2020 Andrew Hughes - 1:11.0.7.10-1 +- Update to shenandoah-jdk-11.0.7+10 (GA) +- Switch to GA mode for final release. +- Resolves: rhbz#1810557 + +* Sun Apr 19 2020 Andrew Hughes - 1:11.0.7.9-0.1.ea +- Update to shenandoah-jdk-11.0.7+9 (EA) +- Resolves: rhbz#1810557 + +* Sun Apr 19 2020 Andrew Hughes - 1:11.0.7.8-0.1.ea +- Update to shenandoah-jdk-11.0.7+8 (EA) +- Resolves: rhbz#1810557 + +* Sat Apr 18 2020 Andrew Hughes - 1:11.0.7.7-0.1.ea +- Update to shenandoah-jdk-11.0.7+7 (EA) +- Resolves: rhbz#1810557 + +* Sat Apr 18 2020 Andrew Hughes - 1:11.0.7.6-0.1.ea +- Update to shenandoah-jdk-11.0.7+6 (EA) +- Resolves: rhbz#1810557 + +* Thu Apr 16 2020 Andrew Hughes - 1:11.0.7.5-0.1.ea +- Update to shenandoah-jdk-11.0.7+5 (EA) +- Resolves: rhbz#1810557 + +* Sat Apr 11 2020 Andrew Hughes - 1:11.0.7.4-0.1.ea +- Update to shenandoah-jdk-11.0.7+4 (EA) +- Resolves: rhbz#1810557 + +* Wed Apr 08 2020 Andrew Hughes - 1:11.0.7.3-0.1.ea +- Update to shenandoah-jdk-11.0.7+3 (EA) +- Resolves: rhbz#1810557 + +* Mon Apr 06 2020 Andrew Hughes - 1:11.0.7.2-0.1.ea +- Update to shenandoah-jdk-11.0.7+2 (EA) +- Resolves: rhbz#1810557 + +* Wed Apr 01 2020 Andrew Hughes - 1:11.0.7.1-0.1.ea +- Update to shenandoah-jdk-11.0.7+1 (EA) +- Switch to EA mode for 11.0.7 pre-release builds. +- Drop JDK-8236039 backport now applied upstream. +- Resolves: rhbz#1810557 + * Fri Mar 27 2020 Andrew John Hughes - 1:11.0.6.10-4 - Need to support noarch for creating source RPMs for non-scratch builds. - Resolves: rhbz#1737115 @@ -2346,7 +2558,7 @@ require "copy_jdk_configs.lua" - renamed zip javadoc * Tue Apr 10 2018 Severin Gehwolf - 1:10.0.0.46-12 -- Enable basic EC ciphers test in %check. +- Enable basic EC ciphers test in %%check. * Tue Apr 10 2018 Severin Gehwolf - 1:10.0.0.46-11 - Port Martin Balao's JDK 9 patch for system NSS support to JDK 10.