Ubuntu
openjdk-8 package

Change logs for openjdk-8 source package in Kinetic

  1. Kinetic (22.10)
  2. Change log 
  • openjdk-8 (8u372-ga~us1-0ubuntu1~22.10) kinetic-security; urgency=medium

  * Upload to Ubuntu 22.10.

openjdk-8 (8u372-ga~us1-0ubuntu1) mantic; urgency=medium

  * OpenJDK 8u372 release, build 7.
    - CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
      CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
    - Release notes:
      https://mail.openjdk.org/pipermail/jdk8u-dev/2023-April/017039.html
  * d/rules: remove IcedTeaPlugin.so reference (LP: #2016396).

 -- Vladimir Petko <email address hidden>  Sat, 06 May 2023 12:54:58 +0200
  • openjdk-8 (8u362-ga-0ubuntu1~22.10) kinetic-security; urgency=medium

  * Upload to Ubuntu 22.10.

openjdk-8 (8u362-ga-0ubuntu1) lunar; urgency=medium

  * New upstream release
  * CVEs
    - CVE-2023-21830
    - CVE-2023-21843
  * Security fixes
    - JDK-8285021: Improve CORBA communication
    - JDK-8286496: Improve Thread labels
    - JDK-8288516: Enhance font creation
    - JDK-8289350: Better media supports
    - JDK-8293554: Enhanced DH Key Exchanges
    - JDK-8293598: Enhance InetAddress address handling
    - JDK-8293717: Objective view of ObjectView
    - JDK-8293734: Improve BMP image handling
    - JDK-8293742: Better Banking of Sounds
    - JDK-8295687: Better BMP bounds
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2023-January/016479.html

 -- Vladimir Petko <email address hidden>  Fri, 20 Jan 2023 22:12:31 +1300
  • openjdk-8 (8u352-ga-1~22.10) kinetic-security; urgency=medium

  * Upload 8u352-ga to Ubuntu 22.10.

openjdk-8 (8u352-ga-1) unstable; urgency=medium

  * Update GCC for bookworm/sid and kinetic-proposed from 11 to 12
    to match default system compiler (this needs testing as people
    report early issues in other distros)
  * New upstream release
  * Security fixes:
    - JDK-8282252: Improve BigInteger/Decimal validation
    - JDK-8285662: Better permission resolution
    - JDK-8286511: Improve macro allocation
    - JDK-8286519: Better memory handling
    - JDK-8286526, CVE-2022-21619: Improve NTLM support
    - JDK-8286533, CVE-2022-21626: Key X509 usages
    - JDK-8286910, CVE-2022-21624: Improve JNDI lookups
    - JDK-8286918, CVE-2022-21628: Better HttpServer service
    - JDK-8288508: Enhance ECDSA usage
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2022-October/015706.html
  * Drop applied patches
  * Upload sponsored by ⮡ tarent

 -- Matthias Klose <email address hidden>  Tue, 25 Oct 2022 19:26:06 +0200
  • openjdk-8 (8u342-b07-1) unstable; urgency=medium

  * New upstream release
  * Security fixes:
    - JDK-8272243: Improve DER parsing
    - JDK-8272249: Better properties of loaded Properties
    - JDK-8277608: Address IP Addressing
    - JDK-8281859, CVE-2022-21540: Improve class compilation
    - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
    - JDK-8283190: Improve MIDI processing
    - JDK-8284370: Improve zlib usage
    - JDK-8285407, CVE-2022-34169: Improve Xalan supports
  * Other changes see
    https://mail.openjdk.org/pipermail/jdk8u-dev/2022-July/015254.html
  * Add patch to undo user.dir change prohibition; this breaks legacy
    software like Gradle
  * Upload sponsored by ⮡ tarent

 -- Thorsten Glaser <email address hidden>  Sat, 23 Jul 2022 01:34:54 +0200
  • openjdk-8 (8u342~b06-1) unstable; urgency=low

  * Upload 8u342-b06 for pre-release testing (b05 for hotspot-aarch32
    but the only difference is elsewhere)

 -- Thorsten Glaser <email address hidden>  Tue, 12 Jul 2022 23:13:34 +0200
  • openjdk-8 (8u312-b07-0ubuntu1) jammy; urgency=medium

  * Update to 8u312-b07 (GA).
  * Security fixes
    - JDK-8130183, CVE-2021-35588: InnerClasses: VM permits wrong Throw
      ClassFormatError if InnerClasses attribute's inner_class_info_index is 0.
    - JDK-8161016: Strange behavior of URLConnection with proxy.
    - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites
      preference.
    - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS
      session close.
    - JDK-8263314: Enhance XML Dsig modes.
    - JDK-8265167, CVE-2021-35556: Richer Text Editors.
    - JDK-8265574: Improve handling of sheets.
    - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit.
    - JDK-8265776: Improve Stream handling for SSL.
    - JDK-8266097, CVE-2021-35561: Better hashing support.
    - JDK-8266103: Better specified spec values.
    - JDK-8266109: More Resilient Classloading.
    - JDK-8266115: More Manifest Jar Loading.
    - JDK-8266137, CVE-2021-35564: Improve Keystore integrity.
    - JDK-8266689, CVE-2021-35567: More Constrained Delegation.
    - JDK-8267086: ArrayIndexOutOfBoundsException in
      java.security.KeyFactory.generatePublic.
    - JDK-8267712: Better LDAP reference processing.
    - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking.
    - JDK-8267735, CVE-2021-35586: Better BMP support.
    - JDK-8268193: Improve requests of certificates.
    - JDK-8268199: Correct certificate requests.
    - JDK-8268506: More Manifest Digests.
    - JDK-8269618, CVE-2021-35603: Better session identification.
    - JDK-8269624: Enhance method selection support.
    - JDK-8270398: Enhance canonicalization.
    - JDK-8270404: Better canonicalization.
  * Use mktemp instead of tempfile in maintainer script.

 -- Matthias Klose <email address hidden>  Wed, 03 Nov 2021 14:27:30 +0200