We have a new release of IcedTea (http://bitly.com/it20607) and a new OpenJDK 7 release, u111-b01, to go with it. This is made from the current state of the OpenJDK 7u repositories plus backports of the new security fixes included in 8u101.
The tarball is available here: https://java.net/projects/openjdk7/downloads/download/openjdk7u111-b01.tar.xz SHA256 checksum: 53a0d7f8edcc35b6f26e1772a92b4e486dcd2a6ff5d67b6b558145f10ebb2b9b openjdk7u111-b01.tar.xz Changes since u101-b00: * Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking - S8145446, CVE-2016-3485: Perfect pipe placement (Windows only) - S8147771: Construction of static protection domains under Javax custom policy - S8148872, CVE-2016-3500: Complete name checking - S8149962, CVE-2016-3508: Better delineation of XML processing - S8150752: Share Class Data - S8151925: Font reference improvements - S8152479, CVE-2016-3550: Coded byte streams - S8155981, CVE-2016-3606: Bolster bytecode verification - S8155985, CVE-2016-3598: Persistent Parameter Processing - S8158571, CVE-2016-3610: Additional method handle validation * OpenJDK 7 u111 build 0 - S6953295: Move few sun.security.{util, x509, pkcs} classes used by keytool/jarsigner to another package - S7060849: Eliminate pack200 build warnings - S7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror - S7069870: Parts of the JDK erroneously rely on generic array initializers with diamond - S7102686: Restructure timestamp code so that jars and modules can more easily share the same code - S7105780: Add SSLSocket client/SSLEngine server to templates directory - S7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done - S7152582: PKCS11 tests should use the NSS libraries available in the OS - S7192202: Make sure keytool prints both unknown and unparseable extensions - S7194449: String resources for Key Tool and Policy Tool should be in their respective packages - S7196855: autotest.sh fails on ubuntu because libsoftokn.so not found - S7200682: TEST_BUG: keytool/autotest.sh still has problems with libsoftokn.so - S8002306: (se) Selector.open fails if invoked with thread interrupt status set [win] - S8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as defined in RFC3161 - S8019341: Update CookieHttpsClientTest to use the newer framework. - S8022228: Intermittent test failures in sun/security/ssl/javax/net/ssl/NewAPIs - S8022439: Fix lint warnings in sun.security.ec - S8022594: Potential deadlock in <clinit> of sun.nio.ch.Util/IOUtil - S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently - S8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp - S8037557: test SessionCacheSizeTests.java timeout - S8038837: Add support to jarsigner for specifying timestamp hash algorithm - S8079410: Hotspot version to share the same update and build version from JDK - S8130735: javax.swing.TimerQueue: timer fires late when another timer starts - S8139436: sun.security.mscapi.KeyStore might load incomplete data - S8144313: Test SessionTimeOutTests can be timeout - S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed out - S8146669: Test SessionTimeOutTests fails intermittently - S8146993: Several javax/management/remote/mandatory regression tests fail after JDK-8138811 - S8147857: [TEST] RMIConnector logs attribute names incorrectly - S8151841: Build needs additional flags to compile with GCC 6 - S8151876: (tz) Support tzdata2016d - S8157077: 8u101 L10n resource file updates - S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow not known. * OpenJDK 7 u111 build 1 - S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java failing - S8140344: add support for 3 digit update release numbers - S8145017: Add support for 3 digit hotspot minor version numbers - S8162344: The API changes made by CR 7064075 need to be reverted Webrevs for the new changes: http://cr.openjdk.java.net/~andrew/openjdk7/20160719/root/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/corba/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/jaxp/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/jaxws/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/hotspot/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/jdk/ http://cr.openjdk.java.net/~andrew/openjdk7/20160719/langtools/ Included are the GCC 6 fix previously posted [0] and the amended version of S8161262 [1]. Once approved, I'll push these to the OpenJDK 7 repository. [0] http://mail.openjdk.java.net/pipermail/jdk7u-dev/2016-July/010583.html [1] http://mail.openjdk.java.net/pipermail/jdk7u-dev/2016-July/010594.html -- Andrew :) Senior Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: ed25519/35964222 (hkp://keys.gnupg.net) Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
