Hello community, here is the log from the commit of package java-1_8_0-openjdk for openSUSE:Factory checked in at 2016-01-28 22:50:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/java-1_8_0-openjdk (Old) and /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "java-1_8_0-openjdk" Changes: -------- --- /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/java-1_8_0-openjdk.changes 2015-10-28 17:15:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/java-1_8_0-openjdk.changes 2016-01-28 22:50:14.000000000 +0100 @@ -1,0 +2,52 @@ +Mon Jan 25 07:54:33 UTC 2016 - fst...@suse.com + +- Upgrade to upstream tag jdk8u72-b15 + * Oracle Critical Patch Update of January 2016 (bsc#962743) + * Using aarch64 hotspot tag aarch64-jdk8u72-b15 +- Security issues fixed: + * CVE-2015-7575: Mozilla Network Security Services (NSS) before + 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox + ESR 38.x before 38.5.2, does not reject MD5 signatures in Server + Key Exchange messages in TLS 1.2 Handshake Protocol traffic, + which makes it easier for man-in-the-middle attackers to spoof + servers by triggering a collision. + * CVE-2015-8126: Multiple buffer overflows in the (1) png_set_PLTE + and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x + and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x + before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to + cause a denial of service (application crash) or possibly have + unspecified other impact via a small bit-depth value in an IHDR + (aka image header) chunk in a PNG image. + * CVE-2016-0402: Unspecified vulnerability in the Java SE and + Java SE Embedded components in Oracle Java SE 6u105, 7u91, and + 8u66 and Java SE Embedded 8u65 allows remote attackers to affect + integrity via unknown vectors related to Networking. + * CVE-2016-0448: Unspecified vulnerability in the Java SE and + Java SE Embedded components in Oracle Java SE 6u105, 7u91, and + 8u66, and Java SE Embedded 8u65 allows remote authenticated + users to affect confidentiality via vectors related to JMX. + * CVE-2016-0466: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, + and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows + remote attackers to affect availability via vectors related to + JAXP. + * CVE-2016-0475: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 8u66; Java SE + Embedded 8u65; and JRockit R28.3.8 allows remote attackers to + affect confidentiality and integrity via unknown vectors related + to Libraries. + * CVE-2016-0483: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, + and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows + remote attackers to affect confidentiality, integrity, and + availability via vectors related to AWT. + * CVE-2016-0494: Unspecified vulnerability in the Java SE and Java + SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 + and Java SE Embedded 8u65 allows remote attackers to affect + confidentiality, integrity, and availability via unknown vectors + related to 2D. +- Modified patch: + * s390-java-opts.patch + + rediff to the changed context + +------------------------------------------------------------------- Old: ---- 14a4b0a9a0b7.tar.bz2 1ac6501881b2.tar.bz2 8e9c73f18f7e.tar.bz2 b6b6756b041d.tar.bz2 c684352da3e3.tar.bz2 d038f63e5167.tar.bz2 d9c2dcdd835c.tar.bz2 dbdfb913c528.tar.bz2 df0218bcade3.tar.bz2 New: ---- 1bcc41894340.tar.bz2 2f840ac0adf0.tar.bz2 48d0c20256a3.tar.bz2 769b21d1b85c.tar.bz2 8d2e1dabe378.tar.bz2 91e3b8e2e006.tar.bz2 d6670c5d49ba.tar.bz2 f3e86cc60726.tar.bz2 fff0c11d2811.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_8_0-openjdk.spec ++++++ --- /var/tmp/diff_new_pack.WiBsvI/_old 2016-01-28 22:50:17.000000000 +0100 +++ /var/tmp/diff_new_pack.WiBsvI/_new 2016-01-28 22:50:17.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package java-1_8_0-openjdk # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,21 +29,21 @@ %global syslibdir %{_libdir} %global archname %{name} # Standard JPackage naming and versioning defines. -%global updatever 65 -%global buildver b17 +%global updatever 72 +%global buildver b15 %global root_project jdk8u %global root_repository jdk8u -%global root_revision c684352da3e3 -%global corba_revision d9c2dcdd835c -%global hotspot_revision 8e9c73f18f7e -%global jaxp_revision b6b6756b041d -%global jaxws_revision dbdfb913c528 -%global jdk_revision 14a4b0a9a0b7 -%global langtools_revision d038f63e5167 -%global nashorn_revision df0218bcade3 +%global root_revision fff0c11d2811 +%global corba_revision 91e3b8e2e006 +%global hotspot_revision d6670c5d49ba +%global jaxp_revision 1bcc41894340 +%global jaxws_revision 2f840ac0adf0 +%global jdk_revision f3e86cc60726 +%global langtools_revision 48d0c20256a3 +%global nashorn_revision 769b21d1b85c %global aarch64_project aarch64-port -%global aarch64_repository jdk8u60 -%global aarch64_hotspot_revision 1ac6501881b2 +%global aarch64_repository jdk8u +%global aarch64_hotspot_revision 8d2e1dabe378 %global icedtea_sound_version 1.0.1 # priority must be 6 digits in total %global priority 1805 ++++++ 14a4b0a9a0b7.tar.bz2 -> 1bcc41894340.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/1bcc41894340.tar.bz2 differ: char 11, line 1 ++++++ 14a4b0a9a0b7.tar.bz2 -> 2f840ac0adf0.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/2f840ac0adf0.tar.bz2 differ: char 11, line 1 ++++++ df0218bcade3.tar.bz2 -> 48d0c20256a3.tar.bz2 ++++++ ++++ 977380 lines of diff (skipped) ++++++ dbdfb913c528.tar.bz2 -> 769b21d1b85c.tar.bz2 ++++++ ++++ 967186 lines of diff (skipped) ++++++ 14a4b0a9a0b7.tar.bz2 -> 8d2e1dabe378.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/8d2e1dabe378.tar.bz2 differ: char 11, line 1 ++++++ 14a4b0a9a0b7.tar.bz2 -> 91e3b8e2e006.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/91e3b8e2e006.tar.bz2 differ: char 11, line 1 ++++++ 14a4b0a9a0b7.tar.bz2 -> d6670c5d49ba.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/d6670c5d49ba.tar.bz2 differ: char 11, line 1 ++++++ 14a4b0a9a0b7.tar.bz2 -> f3e86cc60726.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/f3e86cc60726.tar.bz2 differ: char 11, line 1 ++++++ 14a4b0a9a0b7.tar.bz2 -> fff0c11d2811.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/14a4b0a9a0b7.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/fff0c11d2811.tar.bz2 differ: char 11, line 1 ++++++ s390-java-opts.patch ++++++ --- /var/tmp/diff_new_pack.WiBsvI/_old 2016-01-28 22:50:24.000000000 +0100 +++ /var/tmp/diff_new_pack.WiBsvI/_new 2016-01-28 22:50:24.000000000 +0100 @@ -1,7 +1,6 @@ -diff -urEbwB jdk8/common/autoconf/boot-jdk.m4 jdk8/common/autoconf/boot-jdk.m4 ---- jdk8/common/autoconf/boot-jdk.m4 2014-10-28 18:10:36.000000000 +0100 -+++ jdk8/common/autoconf/boot-jdk.m4 2014-11-11 12:54:41.698246995 +0100 -@@ -319,21 +319,12 @@ +--- jdk8/common/autoconf/boot-jdk.m4 2015-12-22 20:16:46.000000000 +0100 ++++ jdk8/common/autoconf/boot-jdk.m4 2016-01-23 13:16:40.069301419 +0100 +@@ -329,21 +329,12 @@ AC_MSG_CHECKING([flags for boot jdk java command for big workloads]) # Starting amount of heap memory. @@ -10,7 +9,7 @@ # Maximum amount of heap memory. # Maximum stack size. -- if test "x$BUILD_NUM_BITS" = x32; then +- if test "x$BOOT_JDK_BITS" = x32; then - JVM_MAX_HEAP=1100M + JVM_MAX_HEAP=768M STACK_SIZE=768