-
openjdk-lts (11.0.20.1+1-0ubuntu1~23.04) lunar-security; urgency=medium
* Upload to Ubuntu 23.04.
openjdk-lts (11.0.20.1+1-0ubuntu1) mantic; urgency=medium
* OpenJDK 11.0.20.1 release, build 1.
- REGRESSION UPDATE: 8313765: Invalid CEN header (invalid zip64 extra data
field size) (LP: #2032865).
* d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
-- Vladimir Petko <email address hidden> Fri, 25 Aug 2023 10:33:45 +1200
-
openjdk-lts (11.0.20+8-1ubuntu1~23.04) lunar-security; urgency=high
* Upload to Ubuntu 23.04.
* d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
openjdk-lts (11.0.20+8-1ubuntu1) mantic; urgency=high
* OpenJDK 11.0.20 release, build 8.
- CVE-2023-22041, CVE-2023-25193, CVE-2023-22045,
CVE-2023-22049, CVE-2023-22036, CVE-2023-22006.
- Release notes:
https://www.oracle.com/java/technologies/javase/11-0-20-relnotes.html#R11_0_20
* Merge changes from 11.0.20+8-1:
* Link with --no-as-needed. Closes: #1031521.
* Provide versioned java-runtime, java-runtime-headless, java-sdk
and java-sdk-headless virtual packages (Emmanuel Bourg).
* Configure --with-stdc++lib=static on ia64.
* Bump standards version.
* Refresh patches.
[ Vladimir Petko ]
* debian/copyright: convert to a machine-readable format.
debian/copyright: align excludes statement with openjdk-17.
-- Vladimir Petko <email address hidden> Thu, 20 Jul 2023 14:57:06 +1200
-
openjdk-lts (11.0.19+7~us1-0ubuntu1~23.04) lunar-security; urgency=medium
* Upload to Ubuntu 23.04.
openjdk-lts (11.0.19+7~us1-0ubuntu1) mantic; urgency=medium
* OpenJDK 11.0.19 release, build 7.
- CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
- Release notes:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021900.html
- d/p/*: refresh patches.
* d/rules: pack external debug symbols with build-id, do not pack duplicate
symbols, do not strip JVM shared libraries (LP: #2012326, LP: #2016739).
* d/rules: always use jtreg6.
-- Vladimir Petko <email address hidden> Sat, 06 May 2023 12:26:45 +0200
-
openjdk-lts (11.0.18+10-0ubuntu5) lunar; urgency=medium
* d/control: add jtreg6 dependencies, regenerate control.
* d/t/{jdk,hotspot,jaxp,lantools}: run tier1 and tier2 jtreg tests only,
add test options from OpenJDK makefile.
* d/t/*: fix test environment: add missing -nativepath (LP: #2001563).
* d/t/jdk: provide dbus session for the window manager (LP: #2001576).
* d/p/*: add patches for jtreg tests:
- disable-thumb-assertion.patch: fix JDK-8305481.
- update-assertion-for-armhf.patch: fix JDK-8305480.
- log-generated-classes-test.patch: workaround JDK-8166162.
- update-permission-test.patch: add security permissions for testng 7.
- ldap-timeout-test-use-ip.patch, test-use-ip-address.patch: Ubuntu-specific
patches to workaround missing DNS resolver on the build machines.
- exclude_broken_tests.patch: quarantine failing tests.
* d/rules: package external debug symbols (LP: #2015835).
* drop d/p/{jaw-classpath.diff, jaw-optional.diff}: the atk wrapper is disabled
and these patches cause class data sharing tests to fail (LP: #2016194).
* d/p/exclude-broken-tests.patch: add OpenJDK 11 failures.
* d/t/jtreg-autopkgtest.in: pass JTREG home to locate junit.jar, regenerate
d/t/jtreg-autopkgtest.sh (LP: #2016206).
* d/t/control.in: disable jtreg autopkgtests in line with openjdk 17,
regenerate control (LP: #2016438).
-- Vladimir Petko <email address hidden> Fri, 14 Apr 2023 11:29:59 +1200
-
openjdk-lts (11.0.18+10-0ubuntu4) lunar; urgency=medium
* d/p: drop obsolete patches (LP: #2011653).
- workaround_expand_exec_shield_cs_limit.diff: obsoleted by
hotspot-disable-exec-shield-workaround.diff.
- generated-headers.patch: include is already added by openjdk makefile.
- parallel-build-fix.diff: include is not necessary.
* d/copyright, d/watch: implement uscan repackaging (LP: #2011749).
* d/rules: use --with-debug-symbols=none (LP: #2003820).
-- Vladimir Petko <email address hidden> Thu, 16 Mar 2023 08:39:50 +1300
-
openjdk-lts (11.0.18+10-0ubuntu3) lunar; urgency=medium
* debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre
is set up.
-- Vladimir Petko <email address hidden> Wed, 01 Mar 2023 16:55:33 +1300
-
openjdk-lts (11.0.18+10-0ubuntu2) lunar; urgency=medium
* No-change rebuild, building on i386.
-- Matthias Klose <email address hidden> Sun, 12 Feb 2023 11:21:50 +0100
-
openjdk-lts (11.0.18+10-0ubuntu1) lunar; urgency=medium
* OpenJDK 11.0.18 release, build 10.
- CVE-2023-21835, CVE-2023-21843
- Release notes:
https://www.oracle.com/java/technologies/javase/11-0-18-relnotes.html
* debian/patches/*: Refreshed patches for the new release and dropped unused
patches.
* debian/watch: use jdk11u repository as upstream.
* debian/rules: add lunar to jtreg version selection.
-- Vladimir Petko <email address hidden> Thu, 19 Jan 2023 21:24:22 +1300
-
openjdk-lts (11.0.17+8-1ubuntu2) kinetic-security; urgency=medium
* OpenJDK 11.0.17 release, build 8.
* Security fixes
- JDK-8289366: Improve HTTP/2 client usage.
- JDK-8288508: Enhance ECDSA usage.
- JDK-8286918: Better HttpServer service.
- JDK-8287446: Enhance icon presentations.
- JDK-8286910: Improve JNDI lookups.
- JDK-8286511: Improve macro allocation.
- JDK-8286526: Improve NTLM support.
- JDK-8286533: Key X509 usages.
- JDK-8286077: Wider MultiByte conversions.
- JDK-8286519: Better memory handling.
- JDK-8285662: Better permission resolution.
- JDK-8282252: Improve BigInteger/Decimal validation.
* Sync packages with 11.0.13+8-1:
- Build using GCC 12 in recent development distros.
- Don't install the security/blacklisted.certs symlink anymore.
Closes: #1021866.
- Remove patches applied upstream.
-- Matthias Klose <email address hidden> Mon, 24 Oct 2022 17:39:49 +0200
-
openjdk-lts (11.0.16+8-0ubuntu1) kinetic; urgency=high
* OpenJDK 11.0.16+8 build (release).
-- Matthias Klose <email address hidden> Wed, 20 Jul 2022 13:27:22 +0200
