- Update to 2.6.8 - OpenJDK 7u121

  - Security fixes

  + S8151921: Improved page resolution

  + S8155968: Update command line options

  + S8155973, CVE-2016-5542: Tighten jar checks     (boo#1005522)

  + S8157176: Improved classfile parsing

  + S8157739, CVE-2016-5554: Classloader Consistency     Checking (boo#1005523)

  + S8157749: Improve handling of DNS error replies

  + S8157753: Audio replay enhancement

  + S8157759: LCMS Transform Sampling Enhancement

  + S8157764: Better handling of interpolation plugins

  + S8158302: Handle contextual glyph substitutions

  + S8158993, CVE-2016-5568: Service Menu services     (boo#1005525)

  + S8159495: Fix index offsets

  + S8159503: Amend Annotation Actions

  + S8159511: Stack map validation

  + S8159515: Improve indy validation

  + S8159519, CVE-2016-5573: Reformat JDWP messages     (boo#1005526)

  + S8160090: Better signature handling in pack200

  + S8160094: Improve pack200 layout

  + S8160098: Clean up color profiles

  + S8160591, CVE-2016-5582: Improve internal array handling     (boo#1005527)

  + S8160838, CVE-2016-5597: Better HTTP service     (boo#1005528)

  + PR3207, RH1367357: lcms2: Out-of-bounds read in     Type_MLU_Read()

  + CVE-2016-5556 (boo#1005524)

  - Import of OpenJDK 7 u121 build 0

  + S6624200: Regression test fails:
    test/closed/javax/swing/JMenuItem/4654927/bug4654927.jav     a

  + S6882559: new JEditorPane('text/plain','') fails for     null context class loader

  + S7090158: Networking Libraries don't build with javac
    -Werror

  + S7125055: ContentHandler.getContent API changed in error

  + S7145960: sun/security/mscapi/ShortRSAKey1024.sh failing     on windows

  + S7187051: ShortRSAKeynnn.sh tests should do cleanup     before start test

  + S8000626: Implement dead key detection for KeyEvent on     Linux

  + S8003890: corelibs test scripts should pass TESTVMOPTS

  + S8005629: javac warnings compiling     java.awt.EventDispatchThread and sun.awt.X11.XIconWindow

  + S8010297: Missing isLoggable() checks in logging code

  + S8010782: clean up source files containing carriage     return characters

  + S8014431: cleanup warnings indicated by the
    -Wunused-value compiler option on linux

  + S8015265: revise the fix for 8007037

  + S8016747: Replace deprecated PlatformLogger     isLoggable(int) with isLoggable(Level)

  + S8020708: NLS mnemonics missing in     SwingSet2/JInternalFrame demo

  + S8024756: method grouping tabs are not selectable

  + S8026741: jdk8 l10n resource file translation update 5

  + S8048147: Privilege tests with JAAS Subject.doAs

  + S8048357: PKCS basic tests

  + S8049171: Additional tests for jarsigner's warnings

  + S8059177: jdk8u40 l10n resource file translation update     1

  + S8075584: test for 8067364 depends on hardwired text     advance

  + S8076486: [TESTBUG]     javax/security/auth/Subject/doAs/NestedActions.java     fails if extra VM options are given

  + S8077953: [TEST_BUG]     com/sun/management/OperatingSystemMXBean/TestTotalSwap.j     ava Compilation failed after JDK-8077387

  + S8080628: No mnemonics on Open and Save buttons in     JFileChooser

  + S8083601: jdk8u60 l10n resource file translation update     2

  + S8140530: Creating a VolatileImage with size 0,0 results     in no longer working g2d.drawString

  + S8142926: OutputAnalyzer's shouldXXX() calls return this

  + S8143134: L10n resource file translation update

  + S8147077: IllegalArgumentException thrown by     api/java_awt/Component/FlipBufferStrategy/indexTGF_Gener     al

  + S8148127: IllegalArgumentException thrown by JCK test     api/java_awt/Component/FlipBufferStrategy/indexTGF_Gener     al in opengl pipeline

  + S8150611: Security problem on     sun.misc.resources.Messages*

  + S8157653: [Parfait] Uninitialised variable in     awt_Font.cpp

  + S8158734: JEditorPane.createEditorKitForContentType     throws NPE after 6882559

  + S8159684: (tz) Support tzdata2016f

  + S8160934: isnan() is not available on older MSVC     compilers

  + S8162411: Service Menu services 2

  + S8162419:
    closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh failing     after JDK-8155968

  + S8162511: 8u111 L10n resource file updates

  + S8162792: Remove constraint DSA keySize < 1024 from     jdk.jar.disabledAlgorithms in jdk8

  + S8164452: 8u111 L10n resource file update - msgdrop 20

  + S8165816: jarsigner -verify shows jar unsigned if it was     signed with a weak algorithm

  + S8166381: Back out changes to the java.security file to     not disable MD5

  - Backports

  + S6604109, PR3162:
    javax.print.PrintServiceLookup.lookupPrintServices fails     SOMETIMES for Cups

  + S6907252, PR3162: ZipFileInputStream Not Thread-Safe

  + S8024046, PR3162: Test     sun/security/krb5/runNameEquals.sh failed on 7u45     Embedded linux-ppc*

  + S8028479, PR3162: runNameEquals still cannot precisely     detect if a usable native krb5 is available

  + S8034057, PR3162: Files.getFileStore and     Files.isWritable do not work with SUBST'ed drives (win)

  + S8038491, PR3162: Improve synchronization in     ZipFile.read()

  + S8038502, PR3162: Deflater.needsInput() should use     synchronization

  + S8059411, PR3162: RowSetWarning does not correctly chain     warnings

  + S8062198, PR3162: Add RowSetMetaDataImpl Tests and add     column range validation to isdefinitlyWritable

  + S8066188, PR3162: BaseRowSet returns the wrong default     value for escape processing

  + S8072466, PR3162: Deadlock when initializing     MulticastSocket and DatagramSocket

  + S8075118, PR3162: JVM stuck in infinite loop during     verification

  + S8076579, PR3162: Popping a stack frame after exception     breakpoint sets last method param to exception

  + S8078495, PR3162: End time checking for native TGT is     wrong

  + S8078668, PR3162: jar usage string mentions unsupported     option '-n'

  + S8080115, PR3162: (fs) Crash in libgio when calling     Files.probeContentType(path) from parallel threads

  + S8081794, PR3162: ParsePosition getErrorIndex returns 0     for TimeZone parsing problem

  + S8129957, PR3162: Deadlock in JNDI LDAP implementation     when closing the LDAP context

  + S8130136, PR3162: Swing window sometimes fails to     repaint partially when it becomes exposed

  + S8130274, PR3162: java/nio/file/FileStore/Basic.java     fails when two successive stores in an iteration are     determined to be equal

  + S8132551, PR3162: Initialize local variables before     returning them in p11_convert.c

  + S8133207, PR3162: [TEST_BUG] ParallelProbes.java test     fails after changes for JDK-8080115

  + S8133666, PR3162: OperatingSystemMXBean reports     abnormally high machine CPU consumption on Linux

  + S8135002, PR3162: Fix or remove broken links in     objectMonitor.cpp comments

  + S8137121, PR3162: (fc) Infinite loop     FileChannel.truncate

  + S8137230, PR3162: TEST_BUG:
    java/nio/channels/FileChannel/LoopingTruncate.java timed     out

  + S8139373, PR3162: [TEST_BUG]     java/net/MulticastSocket/MultiDead.java failed with     timeout

  + S8140249, PR3162: JVM Crashing During startUp If Flight     Recording is enabled

  + S8141491, PR3160, G592292: Unaligned memory access in     Bits.c

  + S8144483, PR3162: One long Safepoint pause directly     after each GC log rotation

  + S8149611, PR3160, G592292: Add tests for     Unsafe.copySwapMemory

  - Bug fixes

  + S8078628, PR3151: Zero build fails with pre-compiled     headers disabled

  + PR3128: pax-mark-vm script calls 'exit -1' which is     invalid in dash

  + PR3131: PaX marking fails on filesystems which don't     support extended attributes

  + PR3135: Makefile.am rule     stamps/add/tzdata-support-debug.stamp has a typo in     add-tzdata dependency

  + PR3141: Pass $(CC) and $(CXX) to OpenJDK build

  + PR3166: invalid zip timestamp handling leads to error     building bootstrap-javac

  + PR3202: Update infinality configure test

  + PR3212: Disable ARM32 JIT by default

  - CACAO

  + PR3136: CACAO is broken due to 2 new native methods in     sun.misc.Unsafe (from S8158260)

  - JamVM

  + PR3134: JamVM is broken due to 2 new native methods in     sun.misc.Unsafe (from S8158260)

  - AArch64 port

  + S8167200, PR3204: AArch64: Broken stack pointer     adjustment in interpreter

  + S8168888: Port 8160591: Improve internal array handling     to AArch64.

  + PR3211: AArch64 build fails with pre-compiled headers     disabled

  - Changed patch :

  - java-1_7_0-openjdk-gcc6.patch

  + Rediff to changed context

  - Disable arm32 JIT, since its build broken     (http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2     942)

Detections

Analytics

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1389)

critical Nessus Plugin ID 95549

Version 2.5