File _patchinfo of Package patchinfo.8548

<patchinfo incident="8548">
  <issue tracker="fate" id="324453" />
  <issue tracker="fate" id="323970" />
  <issue tracker="bnc" id="1111162">OpenJDK 11 Official update</issue>
  <issue id="1112142" tracker="bnc"/>
  <issue id="1112143" tracker="bnc"/>
  <issue id="1112144" tracker="bnc"/>
  <issue id="1112145" tracker="bnc"/>
  <issue id="1112146" tracker="bnc"/>
  <issue id="1112147" tracker="bnc"/>
  <issue id="1112148" tracker="bnc"/>
  <issue id="1112149" tracker="bnc"/>
  <issue id="2018-3136" tracker="cve" />
  <issue id="2018-3139" tracker="cve" />
  <issue id="2018-3149" tracker="cve" />
  <issue id="2018-3150" tracker="cve" />
  <issue id="2018-3157" tracker="cve" />
  <issue id="2018-3169" tracker="cve" />
  <issue id="2018-3180" tracker="cve" />
  <issue id="2018-3183" tracker="cve" />

  <category>recommended</category>
  <rating>moderate</rating>
  <packager>fstrba</packager>
  <description>This update for java-11-openjdk fixes the following issues:

Update to upstream tag jdk-11.0.1+13 (Oracle October 2018 CPU)

Security fixes:

- S8202936, CVE-2018-3183, bsc#1112148: Improve script engine support
- S8199226, CVE-2018-3169, bsc#1112146: Improve field accesses
- S8199177, CVE-2018-3149, bsc#1112144: Enhance JNDI lookups
- S8202613, CVE-2018-3180, bsc#1112147: Improve TLS connections stability
- S8208209, CVE-2018-3180, bsc#1112147: Improve TLS connection stability again
- S8199172, CVE-2018-3150, bsc#1112145: Improve jar attribute checks
- S8200648, CVE-2018-3157, bsc#1112149: Make midi code more sound
- S8194534, CVE-2018-3136, bsc#1112142: Manifest better support
- S8208754, CVE-2018-3136, bsc#1112142: The fix for JDK-8194534 needs updates
- S8196902, CVE-2018-3139, bsc#1112143: Better HTTP Redirection

Security-In-Depth fixes:

- S8194546: Choosier FileManagers
- S8195874: Improve jar specification adherence
- S8196897: Improve PRNG support
- S8197881: Better StringBuilder support
- S8201756: Improve cipher inputs
- S8203654: Improve cypher state updates
- S8204497: Better formatting of decimals
- S8200666: Improve LDAP support
- S8199110: Address Internet Addresses

Update to upstream tag jdk-11+28 (OpenJDK 11 rc1)

- S8207317: SSLEngine negotiation fail exception behavior
  changed from fail-fast to fail-lazy
- S8207838: AArch64: Float registers incorrectly restored in
  JNI call
- S8209637: [s390x] Interpreter doesn't call result handler
  after native calls
- S8209670: CompilerThread releasing code buffer in destructor
  is unsafe
- S8209735: Disable avx512 by default
- S8209806: API docs should be updated to refer to javase11
- Report version without the "-internal" postfix

- Don't build against gdk making the accessibility depend on a
  particular version of gtk.

Update to upstream tag jdk-11+27

- S8031761: [TESTBUG] Add a regression test for JDK-8026328
- S8151259: [TESTBUG] nsk/jvmti/RedefineClasses/redefclass030
  fails with "unexpected values of outer fields of the class"
  when running with -Xcomp
- S8164639: Configure PKCS11 tests to use user-supplied NSS
  libraries
- S8189667: Desktop#moveToTrash expects incorrect "&lt;&lt;ALL
  FILES&gt;&gt;" FilePermission
- S8194949: [Graal] gc/TestNUMAPageSize.java fail with OOM in
  -Xcomp
- S8195156: [Graal] serviceability/jvmti/GetModulesInfo/
  /JvmtiGetAllModulesTest.java fails with Graal in Xcomp mode
- S8199081: [Testbug] compiler/linkage/LinkageErrors.java fails
  if run twice
- S8201394: Update java.se module summary to reflect removal of
  java.se.ee module
- S8204931: Colors with alpha are painted incorrectly on Linux
- S8204966: [TESTBUG] hotspot/test/compiler/whitebox/
  /IsMethodCompilableTest.java test fails with
  -XX:CompileThreshold=1
- S8205608: Fix 'frames()' in ThreadReferenceImpl.c to prevent
  quadratic runtime behavior
- S8205687: TimeoutHandler generates huge core files
- S8206176: Remove the temporary tls13VN field
- S8206258: [Test Error] sun/security/pkcs11 tests fail if NSS
  libs not found
- S8206965: java/util/TimeZone/Bug8149452.java failed on de_DE
  and ja_JP locale.
- S8207009: TLS 1.3 half-close and synchronization issues
- S8207046: arm32 vm crash: C1 arm32 platform functions
  parameters type mismatch
- S8207139: NMT is not enabled on Windows 2016/10
- S8207237: SSLSocket#setEnabledCipherSuites is accepting empty
  string
- S8207355: C1 compilation hangs in
  ComputeLinearScanOrder::compute_dominator
- S8207746: C2: Lucene crashes on AVX512 instruction
- S8207765: HeapMonitorTest.java intermittent failure
- S8207944: java.lang.ClassFormatError: Extra bytes at the end
  of class file test" possibly violation of JVMS 4.7.1
- S8207948: JDK 11 L10n resource file update msg drop 10
- S8207966: HttpClient response without content-length does not
  return body
- S8208125: Cannot input text into JOptionPane Text Input Dialog
- S8208164: (str) improve specification of String::lines
- S8208166: Still unable to use custom SSLEngine with default
  TrustManagerFactory after JDK-8207029
- S8208189: ProblemList compiler/graalunit/JttThreadsTest.java
- S8208205: ProblemList tests that fail due to 'Error attaching
  to process: Can't create thread_db agent!'
- S8208226: ProblemList com/sun/jdi/BasicJDWPConnectionTest.java
- S8208251: serviceability/jvmti/HeapMonitor/MyPackage/
  /HeapMonitorGCCMSTest.java fails intermittently on Linux-X64
- S8208305: ProblemList
  compiler/jvmci/compilerToVM/GetFlagValueTest.java
- S8208347: ProblemList
  compiler/cpuflags/TestAESIntrinsicsOnSupportedConfig.java
- S8208353: Upgrade JDK 11 to libpng 1.6.35
- S8208358: update bug ids mentioned in tests
- S8208370: fix typo in ReservedStack tests' @requires
- S8208391: Differentiate response and connect timeouts in HTTP
  Client API
- S8208466: Fix potential memory leak in harfbuzz shaping.
- S8208496: New Test to verify concurrent behavior of TLS.
- S8208521: ProblemList more tests that fail due to 'Error
  attaching to process: Can't create thread_db agent!'
- S8208640: [a11y] [macos] Unable to navigate between
  Radiobuttons in Radio group using keyboard.
- S8208663: JDK 11 L10n resource file update msg drop 20
- S8208676: Missing NULL check and resource leak in
  NetworkPerformanceInterface::NetworkPerformance::network_utilization
- S8208691: Tighten up jdk.includeInExceptions security property
- S8209011: [TESTBUG] AArch64: sun/security/pkcs11/Secmod/
  /TestNssDbSqlite.java fails in aarch64 platforms
- S8209029: ProblemList tests that fail due to 'Error attaching
  to process: Can't create thread_db agent!' in jdk-11+25
  testing
- S8209149: [TESTBUG] runtime/RedefineTests/
  /RedefineRunningMethods.java needs a longer timeout
- S8209451: Please change jdk 11 milestone to FCS
- S8209452: VerifyCACerts.java failed with "At least one cacert
  test failed"
- S8209506: Add Google Trust Services GlobalSign root
  certificates
- S8209537: Two security tests failed after JDK-8164639 due to
  dependency was missed
</description>
  <summary>Recommended update for java-11-openjdk</summary>
</patchinfo>