We have a new release of IcedTea (http://bitly.com/it11313) and a new OpenJDK 6 release, b41, to go with it. This is made from the current state of the OpenJDK 6 repositories plus backports of the new security fixes included in 7u121 & 8u111.
The tarballs are available here: https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b41-04_jan_2017.tar.gz https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b41-04_jan_2017.tar.xz The tarballs are accompanied by digital signatures available at: https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b41-04_jan_2017.tar.gz.sig https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b41-04_jan_2017.tar.xz.sig PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net) Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222 GnuPG >= 2.1 is required to be able to handle this key. SHA256 checksums: ee91ab48e8493812c9cb0a786eee8620aa0771a4b697e30da29e4b37e3e71a3e openjdk-6-src-b41-04_jan_2017.tar.gz c9fe74397d19602234a0a44f16b3a3227c846e23aeb50f6435881178708a1780 openjdk-6-src-b41-04_jan_2017.tar.gz.sig 8e34d451cec65fae8b4304651058ed4dc8d07bd45baa2f49780009097afc1a15 openjdk-6-src-b41-04_jan_2017.tar.xz ed80190b4a892cd197dbcdb5ffd9cf7605a1596a1322e11648756aed1bb896d3 openjdk-6-src-b41-04_jan_2017.tar.xz.sig They are listed at https://java.net/projects/openjdk6/downloads/download/openjdk-6-src-b41-04_jan_2017.sha256sum Changes since b40 (including both CPU fixes and any upstreamed changes): - S4787377: VK_STOP key on Solaris generates wrong Key Code - S4947220: (process)Runtime.exec() cannot invoke applications with unicode parameters(win) - S5036807: Pressing action keys "STOP/AGAIN/COMPOSE" generates keycode of F11/F12 keys. - S5099725: AWT doesn't seem to handle MappingNotify events under X11. - S5100701: Toolkit.getLockingKeyState() does not work on XToolkit, but works on Motif - S6324292: keytool -help is unhelpful - S6464022: Memory leak in JOptionPane.createDialog - S6501385: ColorChooser demo - two elemets have same mnemonic in it locale, GTK L&F - S6535697: keytool can be more flexible on format of PEM-encoded X.509 certificates - S6561126: keytool should use larger default keysize for keypairs - S6566218: l10n of 6476932 - S6606396: Notepad and Stylepad demos don't run in Japanese locale. - S6608456: need API to define RepaintManager per components hierarchy - S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.java - S6675400: "Details" in English has to be "Details" in German - S6680988: KeyEvent is still missing VK values for many keyboards - S6683775: Painting artifacts is seen when panel is made setOpaque(false) for a translucent window - S6693507: There are unnecessary compilation warnings in the com.sun.java.swing.plaf.motif package - S6709758: keytool default cert fingerprint algorithm should be SHA1, not MD5 - S6711676: Numpad keys trigger more than one KeyEvent. - S6719382: Printing of AWT components on windows is not working - S6726866: Repainting artifacts when resizing or dragging JInternalFrames in non-opaque toplevel - S6727661: Code improvement and warnings removing from the swing/plaf packages - S6727662: Code improvement and warnings removing from swing packages - S6794764: Translucent windows are completely repainted on every paint event, on Windows - S6796710: Html content in JEditorPane is overlapping on swing components while resizing the application. [TEST FRAMEWORK ONLY] - S6802846: jarsigner needs enhanced cert validation(options) - S6867657: Many JSN tests do not run under cygwin - S6870812: enhance security tools to use ECC algorithms - S6871299: Shift+Tab no longer generates a KEY_TYPED event; used to with JRE 1.5 - S6871847: AlgorithmId.get("SHA256withECDSA") not available - S6882559: new JEditorPane("text/plain","") fails for null context class loader - S6894719: (launcher)The option -no-jre-restrict-search is expected when -jre-no-restrict-search is documented. - S6901170: HttpCookie parsing of version and max-age mis-handled - S6911129: These tests do not work with CYGWIN: java/lang - S6922482: keytool's help on -file always shows 'output file' - S6923681: Jarsigner crashes during timestamping - S6939248: Jarsigner can't extract Extended Key Usage from Timestamp Reply correctly - S6959252: convert the anonymous arrays to named arrays in Java List Resource files - S6969683: Generify ResolverConfiguration codes - S6980510: Fix for 6959252 broke JConsole mnemonic keys - S6982840: sun/security/tools/jarsigner/emptymanifest.sh fails - S6987827: security/util/Resources.java needs improvement - S6988163: sun.security.util.Resources dup and a keytool doc typo - S7004168: jarsigner -verify checks for KeyUsage codesigning ext on all certs instead of just signing cert - S7013850: Please change the mnemonic assignment system to avoid translation issue - S7017818: NLS: JConsoleResources.java cannot be handled by translation team - S7019937: Translatability bug - Remove Unused String - String ID , read end of file - S7019938: Translatability bug - Remove Unused String - String ID can not specify Principal with a - S7019940: Translatability bug - Remove unused string - String ID: provided null name - S7019942: Translatability bug - String ID: trustedCertEntry, - S7019945: Translatability bug - Translatability issue - String ID: * has NOT been verified! In order to veri - S7019947: Translatability bug - Translatability issue - String ID: * The integrity of the information stored i - S7019949: Translatability bug - Translatability issue - String ID: * you must provide your keystore password. - S7020531: test: java/security/cert/CertificateFactory/openssl/OpenSSLCert.java file not closed after run - S7021693: [ja, zh_CN] jconsole throws exception and fail to start in ja and zh_CN locales - S7022005: [ja,zh_CN] javadoc, part of navigation bar in generated html are not translated. - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f - S7025267: NLS: t13y fix for 7021689 [ja] Notepad demo throws NPE - S7028447: security-related resources Chinese translation errors - S7028490: better suggestion for jarsigner when TSA is not accessible - S7030174: Jarsigner should accept TSACert with an HTTPS id-ad-timeStamping SIA - S7032018: The file list in JFileChooser does not have an accessible name - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics - S7034259: [all] incorrect mnemonic keys in JCP automatic update advanced settings dialog. - S7034940: message drop 2 translation integration - S7035843: [zh_CN, ja] JConsole mnemonic keys don't work - S7038803: [CCJK] Incorrect mnemonic key (0) is displayed on cancel button on messagedialog of JOptionPane - S7038807: [CCJK] OK button on message dialog of JOptionpane is not translated - S7040228: [zh_TW] extra (C) on cancel button on File Chooser dialog - S7040257: [pt_BR,fr] Print dialog has duplicate mnemonic key. - S7042323: [sv, de, es, it] Print dialog has duplicate mnemonic key - S7042475: [ja,zh_CN] extra mnemonic key in jconsole - S7043548: message drop 3 translation integration - S7045132: sun.security.util.Resources_pt_BR.java translation error - S7045184: GTK L&F doesn't have hotkeys in jdk7 b141, while b139 has. - S7062969: java -help still shows http://java.sun.com/javase/reference - S7090158: Networking Libraries don't build with javac -Werror - S7090832: Some locale info are not localized for some languages. - S7093156: NLS Please change the mnemonic assignment system to avoid translation issue (Swing files) - S7102686: Restructure timestamp code so that jars and modules can more easily share the same code - S7109085: Test use hotkeys not intended for Mac - S7116786: RFE: Detailed information on VerifyErrors - S7124171: 7u4 l10n message update related to Mac OS X port - S7125055: ContentHandler.getContent API changed in error - S7132247: java/rmi/registry/readTest/readTest.sh failing with Cygwin - S7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done - S7145375: 7u4 l10n message update related to langtools - S7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on windows - S7146099: NLS: [de,es,it,ko,pt_BR]launcher_**.properties, double backslash issue. - S7149012: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp - S7158712: Synth Property "ComboBox.popupInsets" is ignored - S7169226: NLS: Please change the mnemonic assignment system for windows and motif properties - S7174970: NLS [ccjk] Extra mnemonic keys at standard filechooserdialog (open and save) in metal L&F - S7175367: NLS: 7u6 message drop10 integration - S7176894: back out LocaleNames_xx.properties files from 7u6 message drop10 - S7178145: Change constMethodOop::_exception_table to optionally inlined u2 table. - S7180907: Jarsigner -verify fails if rsa file used sha-256 with authenticated attributes - S7181632: nsk classLoad001_14 failure and CompileTheWorld crash after 7178145. - S7182226: NLS: jdk7u6 message drop20 integration - S7183203: ShortRSAKeynnn.sh tests intermittent failure - S7187051: ShortRSAKeynnn.sh tests should do cleanup before start test - S7194449: String resources for Key Tool and Policy Tool should be in their respective packages - S8000626: Implement dead key detection for KeyEvent on Linux - S8000897: VM crash in CompileBroker - S8003890: corelibs test scripts should pass TESTVMOPTS - S8008764: 7uX l10n resource file translation update - S8009168: accessibility.properties syntax issue - S8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as defined in RFC3161 - S8010297: Missing isLoggable() checks in logging code - S8010782: clean up source files containing carriage return characters - S8014048: Online user guide of jconsole points incorrect link - S8014431: cleanup warnings indicated by the -Wunused-value compiler option on linux - S8015265: revise the fix for 8007037 - S8016579: (process) IOException thrown by ProcessBuilder.start() method is incorrectly encoded - S8019541: 7u40 l10n resource file translation update - S8020708: NLS mnemonics missing in SwingSet2/JInternalFrame demo - S8023338: Update jarsigner to encourage timestamping - S8024302: Clarify jar verifications - S8024756: method grouping tabs are not selectable - S8026741: jdk8 l10n resource file translation update 5 - S8027787: 7u51 l10n resource file translation update 1 - S8030698: Several GUI labels in jconsole need correction - S8030878: JConsole issues meaningless message if SSL connection fails - S8035988: 7u60 l10n resource file translation update 1 - S8038837: Add support to jarsigner for specifying timestamp hash algorithm - S8048147: Privilege tests with JAAS Subject.doAs - S8048357: PKCS basic tests - S8049171: Additional tests for jarsigner's warnings - S8049480: Current versions of Java can't verify jars signed and timestamped with Java 9 - S8055176: 7u71 l10n resource file translation update - S8057530: (process) Runtime.exec throws garbled message in jp locale - S8059177: jdk8u40 l10n resource file translation update 1 - S8065609: 7u76 l10n resource file translation update - S8076486: [TESTBUG] javax/security/auth/Subject/doAs/NestedActions.java fails if extra VM options are given - S8077953: [TEST_BUG] com/sun/management/OperatingSystemMXBean/TestTotalSwap.java Compilation failed after JDK-8077387 - S8078628: Zero build fails with pre-compiled headers disabled - S8080628: No mnemonics on Open and Save buttons in JFileChooser - S8083601: jdk8u60 l10n resource file translation update 2 - S8140530: Creating a VolatileImage with size 0,0 results in no longer working g2d.drawString - S8142926: OutputAnalyzer's shouldXXX() calls return this - S8143134: L10n resource file translation update - S8147077: IllegalArgumentException thrown by api/java_awt/Component/FlipBufferStrategy/indexTGF_General - S8148127: IllegalArgumentException thrown by JCK test api/java_awt/Component/FlipBufferStrategy/indexTGF_General in opengl pipeline - S8150611: Security problem on sun.misc.resources.Messages* - S8151921: Improved page resolution - S8155968: Update command line options - S8155973: Tighten jar checks - S8157077: 8u101 L10n resource file updates - S8157176: Improved classfile parsing - S8157653: [Parfait] Uninitialised variable in awt_Font.cpp - S8157739: Classloader Consistency Checking - S8157749: Improve handling of DNS error replies - S8157753: Audio replay enhancement - S8158302: Handle contextual glyph substitutions - S8158734: JEditorPane.createEditorKitForContentType throws NPE after 6882559 - S8158993: Service Menu services - S8159495: Fix index offsets - S8159503: Amend Annotation Actions - S8159511: Stack map validation - S8159515: Improve indy validation - S8159519: Reformat JDWP messages - S8159684: (tz) Support tzdata2016f - S8160090: Better signature handling in pack200 - S8160094: Improve pack200 layout - S8160591: Improve internal array handling - S8160838: Better HTTP service - S8162411: Service Menu services 2 - S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh failing after JDK-8155968 - S8162511: 8u111 L10n resource file updates - S8162792: Remove constraint DSA keySize < 1024 from jdk.jar.disabledAlgorithms in jdk8 - S8164452: 8u111 L10n resource file update - msgdrop 20 - S8165816: jarsigner -verify shows jar unsigned if it was signed with a weak algorithm - S8166381: Back out changes to the java.security file to not disable MD5 - S8169448: OpenJDK 6 fails to build without pre-compiled headers - S8171415: Remove Java 7 features from testlibrary - S8171954: Add stubs for sun.security.tools.KeyTool and sun.security.tools.JarSigner - S8172159: Remove @Override annotation on interfaces added by b41 updates - S8172252: Remove over-zealous switch to for-each loop in SortingFocusTraversalPolicy Webrevs for the new changes: http://cr.openjdk.java.net/~andrew/openjdk6/20161018/root/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/corba/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/jaxp/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/jaxws/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/hotspot/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/jdk/ http://cr.openjdk.java.net/~andrew/openjdk6/20161018/langtools/ Ok to push? Thanks, -- Andrew :) Senior Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net) Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222