File _patchinfo of Package patchinfo.3579
<patchinfo incident="3579">
<issue id="1005528" tracker="bnc">VUL-0: CVE-2016-5597: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent Networking</issue>
<issue id="1005522" tracker="bnc">VUL-0: CVE-2016-5542: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent Libraries</issue>
<issue id="1005523" tracker="bnc">VUL-0: CVE-2016-5554: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent JMX</issue>
<issue id="1005526" tracker="bnc">VUL-0: CVE-2016-5573: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent Hotspot</issue>
<issue id="1005527" tracker="bnc">VUL-0: CVE-2016-5582: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent Hotspot</issue>
<issue id="1005524" tracker="bnc">VUL-0: CVE-2016-5556: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent 2D</issue>
<issue id="1005525" tracker="bnc">VUL-0: CVE-2016-5568: java-1_8_0-openjdk, java-1_7_0-openjdk: Unspecified vulnerability in subcomponent AWT</issue>
<issue id="2016-5554" tracker="cve" />
<issue id="2016-5556" tracker="cve" />
<issue id="2016-5573" tracker="cve" />
<issue id="2016-5542" tracker="cve" />
<issue id="2016-5568" tracker="cve" />
<issue id="2016-5582" tracker="cve" />
<issue id="2016-5597" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>fstrba</packager>
<description>
This update for java-1_7_0-openjdk fixes the following issues:
- Update to 2.6.8 - OpenJDK 7u121
* Security fixes
+ S8151921: Improved page resolution
+ S8155968: Update command line options
+ S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522)
+ S8157176: Improved classfile parsing
+ S8157739, CVE-2016-5554: Classloader Consistency Checking
(bsc#1005523)
+ S8157749: Improve handling of DNS error replies
+ S8157753: Audio replay enhancement
+ S8157759: LCMS Transform Sampling Enhancement
+ S8157764: Better handling of interpolation plugins
+ S8158302: Handle contextual glyph substitutions
+ S8158993, CVE-2016-5568: Service Menu services (bsc#1005525)
+ S8159495: Fix index offsets
+ S8159503: Amend Annotation Actions
+ S8159511: Stack map validation
+ S8159515: Improve indy validation
+ S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526)
+ S8160090: Better signature handling in pack200
+ S8160094: Improve pack200 layout
+ S8160098: Clean up color profiles
+ S8160591, CVE-2016-5582: Improve internal array handling
(bsc#1005527)
+ S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528)
+ PR3207, RH1367357: lcms2: Out-of-bounds read in
Type_MLU_Read()
+ CVE-2016-5556 (bsc#1005524)
* Import of OpenJDK 7 u121 build 0
+ S6624200: Regression test fails:
test/closed/javax/swing/JMenuItem/4654927/bug4654927.java
+ S6882559: new JEditorPane("text/plain","") fails for null
context class loader
+ S7090158: Networking Libraries don't build with javac -Werror
+ S7125055: ContentHandler.getContent API changed in error
+ S7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on
windows
+ S7187051: ShortRSAKeynnn.sh tests should do cleanup before
start test
+ S8000626: Implement dead key detection for KeyEvent on Linux
+ S8003890: corelibs test scripts should pass TESTVMOPTS
+ S8005629: javac warnings compiling
java.awt.EventDispatchThread and sun.awt.X11.XIconWindow
+ S8010297: Missing isLoggable() checks in logging code
+ S8010782: clean up source files containing carriage return
characters
+ S8014431: cleanup warnings indicated by the -Wunused-value
compiler option on linux
+ S8015265: revise the fix for 8007037
+ S8016747: Replace deprecated PlatformLogger isLoggable(int)
with isLoggable(Level)
+ S8020708: NLS mnemonics missing in SwingSet2/JInternalFrame
demo
+ S8024756: method grouping tabs are not selectable
+ S8026741: jdk8 l10n resource file translation update 5
+ S8048147: Privilege tests with JAAS Subject.doAs
+ S8048357: PKCS basic tests
+ S8049171: Additional tests for jarsigner's warnings
+ S8059177: jdk8u40 l10n resource file translation update 1
+ S8075584: test for 8067364 depends on hardwired text advance
+ S8076486: [TESTBUG]
javax/security/auth/Subject/doAs/NestedActions.java fails if
extra VM options are given
+ S8077953: [TEST_BUG]
com/sun/management/OperatingSystemMXBean/TestTotalSwap.java
Compilation failed after JDK-8077387
+ S8080628: No mnemonics on Open and Save buttons in
JFileChooser
+ S8083601: jdk8u60 l10n resource file translation update 2
+ S8140530: Creating a VolatileImage with size 0,0 results in
no longer working g2d.drawString
+ S8142926: OutputAnalyzer's shouldXXX() calls return this
+ S8143134: L10n resource file translation update
+ S8147077: IllegalArgumentException thrown by
api/java_awt/Component/FlipBufferStrategy/indexTGF_General
+ S8148127: IllegalArgumentException thrown by JCK test
api/java_awt/Component/FlipBufferStrategy/indexTGF_General in
opengl pipeline
+ S8150611: Security problem on sun.misc.resources.Messages*
+ S8157653: [Parfait] Uninitialised variable in awt_Font.cpp
+ S8158734: JEditorPane.createEditorKitForContentType throws
NPE after 6882559
+ S8159684: (tz) Support tzdata2016f
+ S8160934: isnan() is not available on older MSVC compilers
+ S8162411: Service Menu services 2
+ S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh
failing after JDK-8155968
+ S8162511: 8u111 L10n resource file updates
+ S8162792: Remove constraint DSA keySize < 1024 from
jdk.jar.disabledAlgorithms in jdk8
+ S8164452: 8u111 L10n resource file update - msgdrop 20
+ S8165816: jarsigner -verify shows jar unsigned if it was
signed with a weak algorithm
+ S8166381: Back out changes to the java.security file to not
disable MD5
* Backports
+ S6604109, PR3162:
javax.print.PrintServiceLookup.lookupPrintServices fails
SOMETIMES for Cups
+ S6907252, PR3162: ZipFileInputStream Not Thread-Safe
+ S8024046, PR3162: Test sun/security/krb5/runNameEquals.sh
failed on 7u45 Embedded linux-ppc*
+ S8028479, PR3162: runNameEquals still cannot precisely detect
if a usable native krb5 is available
+ S8034057, PR3162: Files.getFileStore and Files.isWritable do
not work with SUBST'ed drives (win)
+ S8038491, PR3162: Improve synchronization in ZipFile.read()
+ S8038502, PR3162: Deflater.needsInput() should use
synchronization
+ S8059411, PR3162: RowSetWarning does not correctly chain
warnings
+ S8062198, PR3162: Add RowSetMetaDataImpl Tests and add column
range validation to isdefinitlyWritable
+ S8066188, PR3162: BaseRowSet returns the wrong default value
for escape processing
+ S8072466, PR3162: Deadlock when initializing MulticastSocket
and DatagramSocket
+ S8075118, PR3162: JVM stuck in infinite loop during
verification
+ S8076579, PR3162: Popping a stack frame after exception
breakpoint sets last method param to exception
+ S8078495, PR3162: End time checking for native TGT is wrong
+ S8078668, PR3162: jar usage string mentions unsupported
option '-n'
+ S8080115, PR3162: (fs) Crash in libgio when calling
Files.probeContentType(path) from parallel threads
+ S8081794, PR3162: ParsePosition getErrorIndex returns 0 for
TimeZone parsing problem
+ S8129957, PR3162: Deadlock in JNDI LDAP implementation when
closing the LDAP context
+ S8130136, PR3162: Swing window sometimes fails to repaint
partially when it becomes exposed
+ S8130274, PR3162: java/nio/file/FileStore/Basic.java fails
when two successive stores in an iteration are determined to
be equal
+ S8132551, PR3162: Initialize local variables before returning
them in p11_convert.c
+ S8133207, PR3162: [TEST_BUG] ParallelProbes.java test fails
after changes for JDK-8080115
+ S8133666, PR3162: OperatingSystemMXBean reports abnormally
high machine CPU consumption on Linux
+ S8135002, PR3162: Fix or remove broken links in
objectMonitor.cpp comments
+ S8137121, PR3162: (fc) Infinite loop FileChannel.truncate
+ S8137230, PR3162: TEST_BUG:
java/nio/channels/FileChannel/LoopingTruncate.java timed out
+ S8139373, PR3162: [TEST_BUG]
java/net/MulticastSocket/MultiDead.java failed with timeout
+ S8140249, PR3162: JVM Crashing During startUp If Flight
Recording is enabled
+ S8141491, PR3160, G592292: Unaligned memory access in Bits.c
+ S8144483, PR3162: One long Safepoint pause directly after
each GC log rotation
+ S8149611, PR3160, G592292: Add tests for
Unsafe.copySwapMemory
* Bug fixes
+ S8078628, PR3151: Zero build fails with pre-compiled headers
disabled
+ PR3128: pax-mark-vm script calls "exit -1" which is invalid
in dash
+ PR3131: PaX marking fails on filesystems which don't support
extended attributes
+ PR3135: Makefile.am rule
stamps/add/tzdata-support-debug.stamp has a typo in
add-tzdata dependency
+ PR3141: Pass $(CC) and $(CXX) to OpenJDK build
+ PR3166: invalid zip timestamp handling leads to error
building bootstrap-javac
+ PR3202: Update infinality configure test
+ PR3212: Disable ARM32 JIT by default
* CACAO
+ PR3136: CACAO is broken due to 2 new native methods in
sun.misc.Unsafe (from S8158260)
* JamVM
+ PR3134: JamVM is broken due to 2 new native methods in
sun.misc.Unsafe (from S8158260)
* AArch64 port
+ S8167200, PR3204: AArch64: Broken stack pointer adjustment
in interpreter
+ S8168888: Port 8160591: Improve internal array handling to
AArch64.
+ PR3211: AArch64 build fails with pre-compiled headers
disabled
- Changed patch:
* java-1_7_0-openjdk-gcc6.patch
+ Rediff to changed context
- Disable arm32 JIT, since its build broken
(http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2942)
</description>
<summary>Security update for java-1_7_0-openjdk</summary>
</patchinfo>
