-
openjdk-17 (17.0.9+9-1~23.04) lunar-security; urgency=high
* Upload to Ubuntu 23.04.
* Release notes correction:
- CVE-2023-22081, CVE-2023-22025.
- Release notes:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-October/026352.html
openjdk-17 (17.0.9+9-1) unstable; urgency=high
* OpenJDK 17.0.9 release, build 9.
- CVE-2023-30589, CVE-2023-22081, CVE-2023-22091, CVE-2023-22025.
The patch for CVE-2023-30589 also addresses CVE-2023-30585,
CVE-2023-30588, and CVE-2023-30590.
- Release notes:
https://www.oracle.com/java/technologies/javase/17-0-9-relnotes.html#R17_0_9
[ Vladimir Petko ]
* Backport upstream fix for jexec: can't locate java:
No such file or directory. Closes: #1029342.
* d/rules, d/watch: Bundle googletest 1.14.
* d/copyright: Add googletest copyright.
* d/test: Update problemlist.
* d/p: exclude-broken-tests.patch.
* d/p/reproducible-properties-timestamp.diff: Use the privileged action
to read the system property (JDK-8272157, 914278).
-- Vladimir Petko <email address hidden> Thu, 19 Oct 2023 20:44:29 +1300
-
openjdk-17 (17.0.8.1+1~us1-0ubuntu1~23.04) lunar-security; urgency=high
* Upload to Ubuntu 23.04.
openjdk-17 (17.0.8.1+1~us1-0ubuntu1) mantic; urgency=high
* OpenJDK 17.0.8.1 release, build 1.
- REGRESSION UPDATE: 8313765: Invalid CEN header (invalid zip64 extra data
field size) (LP: #2032865).
* d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
* d/p/exclude-broken-tests.patch: disable pkcs11 tests failing with
NSS 3.91.
* d/t/problems-armhf.txt: disable armf tests -
java/util/Random/RandomTestBsi1999.java (deadlock in CI),
java/net/httpclient/ManyRequestsLegacy.java (SSL request timeout).
* Enable jtreg tests for bionic and focal.
-- Vladimir Petko <email address hidden> Fri, 25 Aug 2023 10:57:19 +1200
-
openjdk-17 (17.0.8+7-1~23.04) lunar-security; urgency=high
* Upload to Ubuntu 23.04.
* d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
* d/p/exclude-broken-tests.patch: disable pkcs11 tests failing with
NSS 3.91.
* d/t/problems-armhf.txt: disable armf tests -
java/util/Random/RandomTestBsi1999.java (deadlock in CI),
java/net/httpclient/ManyRequestsLegacy.java (SSL request timeout).
* Enable jtreg tests for bionic and focal.
openjdk-17 (17.0.8+7-1) unstable; urgency=high
* OpenJDK 17.0.8 release, build 7.
- CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044,
CVE-2023-22045, CVE-2023-22049, CVE-2023-25193.
- Release notes:
https://www.oracle.com/java/technologies/javase/17-0-8-relnotes.html#R17_0_8
* Don't run the tests on powerpc, hangs on the buildd.
* Refresh patches.
-- Vladimir Petko <email address hidden> Thu, 20 Jul 2023 21:09:31 +1200
-
openjdk-17 (17.0.7+7~us1-0ubuntu1~23.04) lunar-security; urgency=medium
* Upload to Ubuntu 23.04.
openjdk-17 (17.0.7+7~us1-0ubuntu1) mantic; urgency=medium
* OpenJDK 17.0.7 release, build 7.
- CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
- Release notes:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021899.html
* d/rules: update jquery to 3.6.1.
* d/p/*: refresh patches.
* d/rules: pack external debug symbols with build-id, do not pack duplicate
symbols, do not strip JVM shared libraries (LP: #2012326, LP: #2016739).
* d/p/system-pcsclite.diff: disable built-in pcsclite version assertion.
* d/rules: always use jtreg6.
* d/rules: only compile google tests when with_check is enabled, disable them
for bullseye and jammy.
-- Vladimir Petko <email address hidden> Sat, 06 May 2023 12:03:41 +0200
-
openjdk-17 (17.0.6+10-1ubuntu3) lunar; urgency=medium
* d/control: add jtreg6 dependencies, regenerate control.
* d/t/{jdk,hotspot,jaxp,lantools}: run tier1 and tier2 jtreg tests only,
add test options from OpenJDK makefile.
* d/t/*: fix test environment: add missing -nativepath (LP: #2001563).
* d/t/jdk: provide dbus session for the window manager (LP: #2001576).
* d/p/build_gtest.patch: build OpenJDK with the system googletest
(LP: #2012316).
* d/p/*: add patches for jtreg tests:
- disable-thumb-assertion.patch: fix JDK-8305481.
- update-assertion-for-armhf.patch: fix JDK-8305480.
- misalign-pointer-for-armhf.patch: packaging-specific patch to fix test
failure introduced by d/p/m68k-support.diff.
- log-generated-classes-test.patch: workaround JDK-8166162.
- update-permission-test.patch: add security permissions for testng 7.
- ldap-timeout-test-use-ip.patch, test-use-ip-address.patch: Ubuntu-specific
patches to workaround missing DNS resolver on the build machines.
- exclude_broken_tests.patch: quarantine failing tests.
* d/rules: package external debug symbols (LP: #2015835).
* drop d/p/{jaw-classpath.diff, jaw-optional.diff}: the atk wrapper is disabled
and these patches cause class data sharing tests to fail (LP: #2016194).
* d/p/exclude-broken-tests.patch: add OpenJDK 17 failures.
* d/t/jtreg-autopkgtest.in: pass JTREG home to locate junit.jar, regenerate
d/t/jtreg-autopkgtest.sh (LP: #2016206).
-- Vladimir Petko <email address hidden> Mon, 27 Mar 2023 11:41:46 +1300
-
openjdk-17 (17.0.6+10-1ubuntu2) lunar; urgency=medium
* d/p: drop obsolete patches (LP: #2011653).
- workaround_expand_exec_shield_cs_limit.diff: obsoleted by
hotspot-disable-exec-shield-workaround.diff.
- generated-headers.patch: include is already added by openjdk makefile.
* d/copyright, d/watch: implement uscan repackaging (LP: #2011749).
* d/rules: use --with-debug-symbols=none (LP: #2003820).
-- Vladimir Petko <email address hidden> Thu, 16 Mar 2023 15:04:36 +1300
-
openjdk-17 (17.0.6+10-1ubuntu1) lunar; urgency=medium
* debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre
is set up.
-- Vladimir Petko <email address hidden> Wed, 01 Mar 2023 15:11:45 +1300
-
openjdk-17 (17.0.6+10-1) unstable; urgency=high
* OpenJDK 17.0.6 release, build 10.
- CVE-2023-21835, CVE-2023-21843
- Release notes:
https://www.oracle.com/java/technologies/javase/17-0-6-relnotes.html
[ Vladimir Petko ]
* debian/patches/*: Refresh patches for the new release and drop unused
patches.
* debian/rules: add lunar to jtreg version selection.
-- Matthias Klose <email address hidden> Thu, 26 Jan 2023 11:36:16 +0100
-
openjdk-17 (17.0.6+10-0ubuntu1) lunar; urgency=medium
* OpenJDK 17.0.6 release, build 10.
- CVE-2023-21835, CVE-2023-21843
- Release notes:
https://www.oracle.com/java/technologies/javase/17-0-6-relnotes.html
* debian/patches/*: Refreshed patches for the new release and dropped unused
patches.
* debian/rules: add lunar to jtreg version selection.
-- Vladimir Petko <email address hidden> Thu, 19 Jan 2023 21:34:14 +1300
-
openjdk-17 (17.0.5+8-2ubuntu1) kinetic-security; urgency=medium
* Handle jtreg package name for backports.
-- Matthias Klose <email address hidden> Mon, 24 Oct 2022 18:33:55 +0200
-
openjdk-17 (17.0.4+8-1) unstable; urgency=high
* OpenJDK 17.0.4+8 (release).
* Disable the reproducible-copyright-headers patch.
* Only try to re-run failed tests once instead of three times.
-- Matthias Klose <email address hidden> Wed, 20 Jul 2022 18:04:41 +0200