Hello community,
here is the log from the commit of package java-1_8_0-openjdk for
openSUSE:Factory checked in at 2015-10-28 17:15:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/java-1_8_0-openjdk (Old)
and /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "java-1_8_0-openjdk"
Changes:
--------
--- /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/java-1_8_0-openjdk.changes
2015-08-21 12:42:19.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/java-1_8_0-openjdk.changes
2015-10-28 17:15:38.000000000 +0100
@@ -1,0 +2,59 @@
+Thu Oct 22 12:19:38 UTC 2015 - [email protected]
+
+- Upgrade to upstream tag jdk8u65-b17
+ * Security fix release of October 21, 2015 (bsc#951376)
+- Security issues fixed:
+ * CVE-2015-4734: A remote user can exploit a flaw in the Embedded
+ JGSS component to partially access data
+ * CVE-2015-4803: A remote user can exploit a flaw in the JRockit
+ JAXP component to cause partial denial of service conditions
+ * CVE-2015-4805: A remote user can exploit a flaw in the Embedded
+ Serialization component to gain elevated privileges
+ * CVE-2015-4806: A remote user can exploit a flaw in the Java SE
+ Embedded Libraries component to partially access and partially
+ modify data
+ * CVE-2015-4835: A remote user can exploit a flaw in the Embedded
+ CORBA component to gain elevated privileges
+ * CVE-2015-4842: A remote user can exploit a flaw in the Embedded
+ JAXP component to partially access data
+ * CVE-2015-4843: A remote user can exploit a flaw in the Java SE
+ Embedded Libraries component to gain elevated privileges
+ * CVE-2015-4844: A remote user can exploit a flaw in the Embedded
+ 2D component to gain elevated privileges
+ * CVE-2015-4860: A remote user can exploit a flaw in the Embedded
+ RMI component to gain elevated privileges
+ * CVE-2015-4872: A remote user can exploit a flaw in the JRockit
+ Security component to partially modify data [].
+ * CVE-2015-4881: A remote user can exploit a flaw in the Embedded
+ CORBA component to gain elevated privileges
+ * CVE-2015-4882: A remote user can exploit a flaw in the Embedded
+ CORBA component to cause partial denial of service conditions
+ * CVE-2015-4883: A remote user can exploit a flaw in the Embedded
+ RMI component to gain elevated privileges
+ * CVE-2015-4893: A remote user can exploit a flaw in the JRockit
+ JAXP component to cause partial denial of service conditions
+ * CVE-2015-4902: A remote user can exploit a flaw in the Java SE
+ Deployment component to partially modify data
+ * CVE-2015-4903: A remote user can exploit a flaw in the Embedded
+ RMI component to partially access data
+ * CVE-2015-4911: A remote user can exploit a flaw in the JRockit
+ JAXP component to cause partial denial of service conditions
+ * CVE-2015-4810: A local user can exploit a flaw in the Java SE
+ Deployment component to gain elevated privileges
+ * CVE-2015-4840: A remote user can exploit a flaw in the Embedded
+ 2D component to partially access data
+ * CVE-2015-4868: A remote user can exploit a flaw in the Java SE
+ Embedded Libraries component to gain elevated privileges
+ * CVE-2015-4901: A remote user can exploit a flaw in the JavaFX
+ component to gain elevated privileges
+ * CVE-2015-4906: A remote user can exploit a flaw in the JavaFX
+ component to partially access data
+ * CVE-2015-4908: A remote user can exploit a flaw in the JavaFX
+ component to partially access data
+ * CVE-2015-4916: A remote user can exploit a flaw in the JavaFX
+ component to partially access data
+- Modified patch:
+ * s390-size_t.patch
+ - Account for an additional uintptr_t <-> size_t mismatch
+
+-------------------------------------------------------------------
@@ -15 +74 @@
-Modified patches
+- Modified patches
Old:
----
10ad4b9d79f9.tar.bz2
72a33aed7dcc.tar.bz2
8ec803e97a0d.tar.bz2
8f260851e051.tar.bz2
975eb04d1795.tar.bz2
afbc08ea922b.tar.bz2
be922f27d059.tar.bz2
d50c3672fd18.tar.bz2
e8e293d0db49.tar.bz2
New:
----
14a4b0a9a0b7.tar.bz2
1ac6501881b2.tar.bz2
8e9c73f18f7e.tar.bz2
b6b6756b041d.tar.bz2
c684352da3e3.tar.bz2
d038f63e5167.tar.bz2
d9c2dcdd835c.tar.bz2
dbdfb913c528.tar.bz2
df0218bcade3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ java-1_8_0-openjdk.spec ++++++
--- /var/tmp/diff_new_pack.30qBSk/_old 2015-10-28 17:15:40.000000000 +0100
+++ /var/tmp/diff_new_pack.30qBSk/_new 2015-10-28 17:15:40.000000000 +0100
@@ -29,21 +29,21 @@
%global syslibdir %{_libdir}
%global archname %{name}
# Standard JPackage naming and versioning defines.
-%global updatever 60
-%global buildver b27
+%global updatever 65
+%global buildver b17
%global root_project jdk8u
-%global root_repository jdk8u60
-%global root_revision d50c3672fd18
-%global corba_revision be922f27d059
-%global hotspot_revision 10ad4b9d79f9
-%global jaxp_revision 8f260851e051
-%global jaxws_revision 975eb04d1795
-%global jdk_revision afbc08ea922b
-%global langtools_revision e8e293d0db49
-%global nashorn_revision 72a33aed7dcc
+%global root_repository jdk8u
+%global root_revision c684352da3e3
+%global corba_revision d9c2dcdd835c
+%global hotspot_revision 8e9c73f18f7e
+%global jaxp_revision b6b6756b041d
+%global jaxws_revision dbdfb913c528
+%global jdk_revision 14a4b0a9a0b7
+%global langtools_revision d038f63e5167
+%global nashorn_revision df0218bcade3
%global aarch64_project aarch64-port
-%global aarch64_repository jdk8
-%global aarch64_hotspot_revision 8ec803e97a0d
+%global aarch64_repository jdk8u60
+%global aarch64_hotspot_revision 1ac6501881b2
%global icedtea_sound_version 1.0.1
# priority must be 6 digits in total
%global priority 1805
++++++ 10ad4b9d79f9.tar.bz2 -> 14a4b0a9a0b7.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/14a4b0a9a0b7.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> 1ac6501881b2.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/1ac6501881b2.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> 8e9c73f18f7e.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/8e9c73f18f7e.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> b6b6756b041d.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/b6b6756b041d.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> c684352da3e3.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/c684352da3e3.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> d038f63e5167.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/d038f63e5167.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> d9c2dcdd835c.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/d9c2dcdd835c.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> dbdfb913c528.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/dbdfb913c528.tar.bz2 differ:
char 11, line 1
++++++ 10ad4b9d79f9.tar.bz2 -> df0218bcade3.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2
/work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/df0218bcade3.tar.bz2 differ:
char 11, line 1
++++++ s390-size_t.patch ++++++
--- /var/tmp/diff_new_pack.30qBSk/_old 2015-10-28 17:15:41.000000000 +0100
+++ /var/tmp/diff_new_pack.30qBSk/_new 2015-10-28 17:15:41.000000000 +0100
@@ -1,5 +1,5 @@
----
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp
2015-02-06 12:41:58.252468796 +0100
-+++
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp
2015-02-06 12:42:56.781083256 +0100
+---
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp
2015-10-21 17:15:39.485338783 +0200
++++
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp
2015-10-21 17:17:24.211977506 +0200
@@ -2659,7 +2659,7 @@
if (ResizeOldPLAB && CMSOldPLABResizeQuicker) {
size_t multiple =
_num_blocks[word_sz]/(CMSOldPLABToleranceFactor*CMSOldPLABNumRefills*n_blks);
@@ -9,8 +9,8 @@
}
assert(n_blks > 0, "Error");
_cfls->par_get_chunk_of_blocks(word_sz, n_blks, fl);
----
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
2015-02-06 12:41:58.252468796 +0100
-+++
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
2015-02-06 12:42:56.784083185 +0100
+---
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
2015-10-21 17:15:39.486338760 +0200
++++
jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
2015-10-21 17:17:24.213977461 +0200
@@ -957,7 +957,7 @@
if (free_percentage < desired_free_percentage) {
size_t desired_capacity = (size_t)(used() / ((double) 1 -
desired_free_percentage));
@@ -20,7 +20,7 @@
if (PrintGCDetails && Verbose) {
size_t desired_capacity = (size_t)(used() / ((double) 1 -
desired_free_percentage));
gclog_or_tty->print_cr("\nFrom compute_new_size: ");
-@@ -6575,7 +6575,7 @@
+@@ -6577,7 +6577,7 @@
HeapWord* curAddr = _markBitMap.startWord();
while (curAddr < _markBitMap.endWord()) {
size_t remaining = pointer_delta(_markBitMap.endWord(), curAddr);
@@ -29,7 +29,7 @@
_markBitMap.clear_large_range(chunk);
if (ConcurrentMarkSweepThread::should_yield() &&
!foregroundGCIsActive() &&
-@@ -6874,7 +6874,7 @@
+@@ -6875,7 +6875,7 @@
return;
}
// Double capacity if possible
@@ -38,9 +38,9 @@
// Do not give up existing stack until we have managed to
// get the double capacity that we desired.
ReservedSpace rs(ReservedSpace::allocation_align_size_up(
---- jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp
2015-02-06 12:41:58.253468772 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp
2015-02-06 12:42:56.785083162 +0100
-@@ -3902,7 +3902,7 @@
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp
2015-10-21 17:15:39.487338738 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp
2015-10-21 17:17:24.214977439 +0200
+@@ -3903,7 +3903,7 @@
// of things to do) or totally (at the very end).
size_t target_size;
if (partially) {
@@ -49,9 +49,9 @@
} else {
target_size = 0;
}
---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp
2015-02-06 12:41:58.254468748 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp
2015-02-06 12:42:56.787083115 +0100
-@@ -1738,7 +1738,7 @@
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp
2015-10-21 17:15:39.487338738 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp
2015-10-21 17:17:24.215977416 +0200
+@@ -1726,7 +1726,7 @@
verify_region_sets_optional();
@@ -60,8 +60,19 @@
ergo_verbose1(ErgoHeapSizing,
"attempt heap expansion",
ergo_format_reason("allocation request failed")
---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp
2015-02-06 12:41:58.255468724 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp
2015-02-06 12:42:56.787083115 +0100
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1PageBasedVirtualSpace.hpp
2015-10-21 17:15:39.488338715 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1PageBasedVirtualSpace.hpp
2015-10-21 17:17:24.217977371 +0200
+@@ -89,7 +89,7 @@
+ void pretouch_internal(size_t start_page, size_t end_page);
+
+ // Returns the index of the page which contains the given address.
+- uintptr_t addr_to_page_index(char* addr) const;
++ size_t addr_to_page_index(char* addr) const;
+ // Returns the address of the given page index.
+ char* page_start(size_t index) const;
+
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp
2015-10-21 17:15:39.489338692 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp
2015-10-21 17:17:24.216977394 +0200
@@ -38,7 +38,7 @@
_cancel(false),
_empty(true),
@@ -71,8 +82,8 @@
_queues = NEW_C_HEAP_ARRAY(G1StringDedupWorkerQueue, _nqueues, mtGC);
for (size_t i = 0; i < _nqueues; i++) {
new (_queues + i)
G1StringDedupWorkerQueue(G1StringDedupWorkerQueue::default_segment_size(),
_max_cache_size, _max_size);
---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp
2015-02-06 12:41:58.255468724 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp
2015-02-06 12:42:56.788083092 +0100
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp
2015-10-21 17:15:39.489338692 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp
2015-10-21 17:17:24.216977394 +0200
@@ -110,7 +110,7 @@
};
@@ -82,9 +93,9 @@
_lists = PaddedArray<G1StringDedupEntryFreeList,
mtGC>::create_unfreeable((uint)_nlists);
}
---- jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp
2015-02-06 12:41:58.256468700 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp
2015-02-06 12:42:56.788083092 +0100
-@@ -147,7 +147,7 @@
+--- jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp
2015-10-21 17:15:39.489338692 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp
2015-10-21 17:17:24.216977394 +0200
+@@ -109,7 +109,7 @@
if (FLAG_IS_DEFAULT(G1HeapRegionSize)) {
size_t average_heap_size = (initial_heap_size + max_heap_size) / 2;
region_size = MAX2(average_heap_size / HeapRegionBounds::target_number(),
@@ -93,8 +104,8 @@
}
int region_size_log = log2_long((jlong) region_size);
----
jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
2015-02-06 12:41:58.258468651 +0100
-+++
jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
2015-02-06 12:42:56.789083068 +0100
+---
jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
2015-10-21 17:15:39.492338625 +0200
++++
jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
2015-10-21 17:17:24.217977371 +0200
@@ -910,8 +910,8 @@
void PSParallelCompact::initialize_dead_wood_limiter()
{
@@ -106,8 +117,8 @@
_dwl_first_term = 1.0 / (sqrt(2.0 * M_PI) * _dwl_std_dev);
DEBUG_ONLY(_dwl_initialized = true;)
_dwl_adjustment = normal_distribution(1.0);
---- jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
2015-02-06 12:41:58.257468675 +0100
-+++ jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
2015-02-06 12:42:56.790083045 +0100
+--- jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
2015-10-21 17:15:39.490338670 +0200
++++ jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
2015-10-21 17:17:24.218977349 +0200
@@ -194,7 +194,7 @@
const size_t num_overflow_elems = of_stack->size();
const size_t space_available = queue->max_elems() - queue->size();
@@ -117,8 +128,8 @@
num_overflow_elems);
// Transfer the most recent num_take_elems from the overflow
// stack to our work queue.
---- jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-02-06
12:41:58.263468530 +0100
-+++ jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-02-06
12:42:56.790083045 +0100
+--- jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-10-21
17:15:39.497338512 +0200
++++ jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-10-21
17:17:24.218977349 +0200
@@ -385,7 +385,7 @@
uintx calculated_size = NewSize + OldSize;
double shrink_factor = (double) MaxHeapSize / calculated_size;
@@ -175,8 +186,8 @@
_initial_gen1_size = OldSize;
// If the user has explicitly set an OldSize that is inconsistent
---- jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-02-06
12:41:58.264468506 +0100
-+++ jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-02-06
12:42:56.791083021 +0100
+--- jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-10-21
17:15:39.498338490 +0200
++++ jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-10-21
17:17:24.219977326 +0200
@@ -1455,7 +1455,7 @@
void MetaspaceGC::post_initialize() {
@@ -213,8 +224,8 @@
_first_class_chunk_word_size =
align_word_size_up(_first_class_chunk_word_size);
// Arbitrarily set the initial virtual space to a multiple
// of the boot class loader size.
---- jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-02-06
12:41:58.267468433 +0100
-+++ jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-02-06
12:42:56.792082998 +0100
+--- jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-10-21
17:15:39.501338422 +0200
++++ jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-10-21
17:17:24.219977326 +0200
@@ -48,7 +48,7 @@
const size_t beg_index = size_t(index);
assert(beg_index < len || len == 0, "index too large");
@@ -233,8 +244,8 @@
const size_t end_index = beg_index + stride;
T* const base = (T*)a->base();
T* const beg = base + beg_index;
---- jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-02-06
12:41:58.277468191 +0100
-+++ jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-02-06
12:42:56.794082951 +0100
+--- jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-10-21
17:15:39.512338174 +0200
++++ jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-10-21
17:17:24.220977303 +0200
@@ -1277,7 +1277,7 @@
// NewSize was set on the command line and it is larger than
// preferred_max_new_size.
