Information for build java-17-openjdk-17.0.7.0.7-3.el9
ID | 25218 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Package Name | java-17-openjdk | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Version | 17.0.7.0.7 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Release | 3.el9 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Epoch | 1 | Draft | False | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Source | java-17-openjdk-17.0.7.0.7-3.el9.src.rpm | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Summary | OpenJDK 17 Runtime Environment | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Description | The OpenJDK 17 runtime environment. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Built by | circlekoji | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
State | complete | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Volume | DEFAULT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Started | Sun, 21 May 2023 11:39:05 CST | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Completed | Sun, 21 May 2023 12:19:51 CST | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Task | build (dist-circle9, java-17-openjdk-17.0.7.0.7-3.el9.src.rpm) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Extra | {'source': {'original_url': 'java-17-openjdk-17.0.7.0.7-3.el9.src.rpm'}} | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Tags |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
RPMs |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Logs | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Changelog | * Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-3 - Sync portable spec file with current version - Related: rhbz#2189326 * Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-2 - Update to jdk-17.0.7.0+7 - Update release notes to 17.0.7.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace - Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs - Update FIPS support against 17.0.7+6 and bring in latest changes: - * RH2134669: Add missing attributes when registering services in FIPS mode. - * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class - * RH1940064: Enable XML Signature provider in FIPS mode - * RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized - Fix trailing '.' in tarball name - Use portablerelease in vendor version to avoid inclusion of dist tag - ** This tarball is embargoed until 2023-04-18 @ 1pm PT. ** - Resolves: rhbz#2185182 - Resolves: rhbz#2186803 - Resolves: rhbz#2186810 - Resolves: rhbz#2186806 * Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-6 - Include the java-17-openjdk-portable.spec file with instructions on how to rebuild. - Related: rhbz#2189326 * Tue Apr 25 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-5 - Replace local copies of JDK portable binaries with build dependencies - Resolves: rhbz#2189326 * Wed Feb 15 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-4 - Replace build section with extraction of existing builds from portables - Resolves: rhbz#2150200 * Fri Jan 20 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-3 - Update to jdk-17.0.6.0+10 - Update release notes to 17.0.6.0+10 - Switch to GA mode for release - Resolves: rhbz#2160111 * Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.9-0.4.ea - Update FIPS support to bring in latest changes - * OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz#2150198 * Fri Jan 13 2023 Stephan Bergmann <sbergman@redhat.com> - 1:17.0.6.0.9-0.4.ea - Fix flatpak builds by disabling TestTranslations test due to missing tzdb.dat - Related: rhbz#2150198 * Wed Jan 04 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.9-0.3.ea - Update to jdk-17.0.6+9 - Update release notes to 17.0.6+9 - Drop local copy of JDK-8293834 now this is upstream - Require tzdata 2022g due to inclusion of JDK-8296108, JDK-8296715 & JDK-8297804 - Update TestTranslations.java to test the new America/Ciudad_Juarez zone - Resolves: rhbz#2150198 * Sat Dec 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.1-0.3.ea - Update to jdk-17.0.6+1 - Update release notes to 17.0.6+1 - Switch to EA mode for 17.0.6 pre-release builds. - Re-enable EA upstream status check now it is being actively maintained. - Drop JDK-8294357 (tzdata2022d) & JDK-8295173 (tzdata2022e) local patches which are now upstream - Drop JDK-8275535 local patch now this has been accepted and backported upstream - Bump tzdata requirement to 2022e now the package is available in RHEL - Related: rhbz#2150198 * Wed Nov 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-5 - Update FIPS support to bring in latest changes - * Add nss.fips.cfg support to OpenJDK tree - * RH2117972: Extend the support for NSS DBs (PKCS11) in FIPS mode - * Remove forgotten dead code from RH2020290 and RH2104724 - Drop local nss.fips.cfg.in handling now this is handled in the patched OpenJDK build - Resolves: rhbz#2118493 * Wed Oct 26 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-2 - Update to jdk-17.0.5+8 (GA) - Update release notes to 17.0.5+8 (GA) - Switch to GA mode for final release. - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv (JDK-8293834) - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds - Remove freetype sources along with zlib sources - Resolves: rhbz#2133695 * Tue Oct 04 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.7-0.2.ea - Update to jdk-17.0.5+7 - Update release notes to 17.0.5+7 - Resolves: rhbz#2130622 * Mon Oct 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.1-0.2.ea - Update to jdk-17.0.5+1 - Update release notes to 17.0.5+1 - Switch to EA mode for 17.0.5 pre-release builds. - Bump HarfBuzz bundled version to 4.4.1 following JDK-8289853 - Bump FreeType bundled version to 2.12.1 following JDK-8290334 - Related: rhbz#2130622 * Tue Aug 30 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-5 - Switch to static builds, reducing system dependencies and making build more portable - Resolves: rhbz#2121268 * Mon Aug 29 2022 Stephan Bergmann <sbergman@redhat.com> - 1:17.0.4.1.1-4 - Fix flatpak builds (catering for their uncompressed manual pages) - Fix flatpak builds by exempting them from bootstrap - Resolves: rhbz#2102726 * Mon Aug 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-3 - Update FIPS support to bring in latest changes - * RH2104724: Avoid import/export of DH private keys - * RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode - * Build the systemconf library on all platforms - * RH2048582: Support PKCS#12 keystores - * RH2020290: Support TLS 1.3 in FIPS mode - Resolves: rhbz#2104725 - Resolves: rhbz#2117758 - Resolves: rhbz#2115164 - Resolves: rhbz#2029665 * Sun Aug 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-2 - Update to jdk-17.0.4.1+1 - Update release notes to 17.0.4.1+1 - Add patch to provide translations for Europe/Kyiv added in tzdata2022b - Add test to ensure timezones can be translated - Resolves: rhbz#2119532 * Fri Jul 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-3 - Update to jdk-17.0.4.0+8 - Update release notes to 17.0.4.0+8 - Switch to GA mode for release - Resolves: rhbz#2106524 * Wed Jul 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.7-0.2.ea - Revert the following changes until copy-java-configs has adapted to relative symlinks: - * Move cacerts replacement to install section and retain original of this and tzdb.dat - * Run tests on the installed image, rather than the build image - * Introduce variables to refer to the static library installation directories - * Use relative symlinks so they work within the image - * Run debug symbols check during build stage, before the install strips them - The move of turning on system security properties is retained so we don't ship with them off - Related: rhbz#2084218 * Sat Jul 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.7-0.1.ea - Update to jdk-17.0.3.0+7 - Update release notes to 17.0.3.0+7 - Need to include the '.S' suffix in debuginfo checks after JDK-8284661 - Explicitly require crypto-policies during build and runtime for system security properties - Make use of the vendor version string to store our version & release rather than an upstream release date - Include a test in the RPM to check the build has the correct vendor information. - Resolves: rhbz#2084218 * Thu Jul 14 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.1-0.2.ea - Fix issue where CheckVendor.java test erroneously passes when it should fail. - Add proper quoting so '&' is not treated as a special character by the shell. - Related: rhbz#2084218 * Tue Jul 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.1-0.1.ea - Update to jdk-17.0.4.0+1 - Update release notes to 17.0.4.0+1 - Switch to EA mode for 17.0.4 pre-release builds. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Include script to generate bug list for release notes - Update tzdata requirement to 2022a to match JDK-8283350 - Move EA designator check to prep so failures can be caught earlier - Make EA designator check non-fatal while upstream is not maintaining it - Related: rhbz#2084218 * Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5 - Fix whitespace in spec file - Related: rhbz#2100677 * Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5 - Sequence spec file sections as they are run by rpmbuild (build, install then test) - Related: rhbz#2100677 * Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5 - Turn on system security properties as part of the build's install section - Move cacerts replacement to install section and retain original of this and tzdb.dat - Run tests on the installed image, rather than the build image - Introduce variables to refer to the static library installation directories - Use relative symlinks so they work within the image - Run debug symbols check during build stage, before the install strips them - Related: rhbz#2100677 * Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@redhat.com> - 1:17.0.3.0.7-4 - RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode - Resolves: rhbz#2102433 * Wed Jun 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-3 - Update FIPS support to bring in latest changes - * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage - * RH2090378: Revert to disabling system security properties and FIPS mode support together - Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch - Enable system security properties in the RPM (now disabled by default in the FIPS repo) - Improve security properties test to check both enabled and disabled behaviour - Run security properties test with property debugging on - Resolves: rhbz#2099844 - Resolves: rhbz#2100677 * Sun Jun 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-2 - Rebase FIPS patches from fips-17u branch and simplify by using a single patch from that repository - Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch - RH2023467: Enable FIPS keys export - RH2094027: SunEC runtime permission for FIPS - Resolves: rhbz#2029657 - Resolves: rhbz#2096117 * Wed Apr 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-1 - April 2022 security update to jdk 17.0.3+6 - Update to jdk-17.0.3.0+6 pre-release tarball (17usec.17.0.3+5-220408) - Add JDK-8284548 regression fix missing from pre-release tarball but in jdk-17.0.3+6/jdk-17.0.3-ga - Update release notes to 17.0.3.0+6 - Add missing README.md and generate_source_tarball.sh - Switch to GA mode for release - JDK-8283911 patch no longer needed now we're GA... - Resolves: rhbz#2073579 * Wed Apr 06 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.5-0.1.ea - Update to jdk-17.0.3.0+5 - Update release notes to 17.0.3.0+5 - Resolves: rhbz#2050460 * Tue Mar 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.1-0.1.ea - Update to jdk-17.0.3.0+1 - Update release notes to 17.0.3.0+1 - Switch to EA mode for 17.0.3 pre-release builds. - Add JDK-8283911 to fix bad DEFAULT_PROMOTED_VERSION_PRE value - Related: rhbz#2050460 * Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-13 - Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode - Resolves: rhbz#2055383 * Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-12 - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode - Resolves: rhbz#2023540 * Sun Feb 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-11 - Introduce tests/tests.yml, based on the one in java-11-openjdk - Resolves: rhbz#2058490 * Fri Feb 25 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-10 - Storing and restoring alterntives during update manually - Fixing Bug 2001567 - update of JDK/JRE is removing its manually selected alterantives and select (as auto) system JDK/JRE -- The move of alternatives creation to posttrans to fix: -- Bug 1200302 - dnf reinstall breaks alternatives -- Had caused the alternatives to be removed, and then created again, -- instead of being added, and then removing the old, and thus persisting -- the selection in family -- Thus this fix, is storing the family of manually selected master, and if -- stored, then it is restoring the family of the master - Resolves: rhbz#2008206 * Fri Feb 25 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-9 - Family extracted to globals - Related: rhbz#2008206 * Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-8 - Detect NSS at runtime for FIPS detection - Turn off build-time NSS linking and go back to an explicit Requires on NSS - Resolves: rhbz#2052829 * Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-7 - Add JDK-8275535 patch to fix LDAP authentication issue. - Resolves: rhbz#2053521 * Mon Feb 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-6 - Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent - Resolves: rhbz#2052819 * Fri Feb 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-5 - Fix FIPS issues in native code and with initialisation of java.security.Security - Resolves: rhbz#2023531 * Thu Feb 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-4 - Restructure the build so a minimal initial build is then used for the final build (with docs) - This reduces pressure on the system JDK and ensures the JDK being built can do a full build - Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le. - Handle Fedora in distro conditionals that currently only pertain to RHEL. - Run OpenJDK normalizer script on the spec file to fix further rogue whitespace - Sync gdb test with java-1.8.0-openjdk and improve architecture restrictions. - Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64) - Need to support noarch for creating source RPMs for non-scratch builds. - Replace -mstackrealign with -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4 on x86_32 for stack alignment - Support a HotSpot-only build so a freshly built libjvm.so can then be used in the bootstrap JDK. - Explicitly list JIT architectures rather than relying on those with slowdebug builds - Disable the serviceability agent on Zero architectures even when the architecture itself is supported - Resolves: rhbz#2022826 * Thu Feb 17 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-4 - Replaced tabs by sets of spaces to make rpmlint happy - javadoc-zip gets its own provides next to plain javadoc ones - Resolves: rhbz#2022826 * Wed Feb 16 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-3 - Minor cosmetic improvements to make spec more comparable between variants - Related: rhbz#2022826 * Wed Feb 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-2 - Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes (_heap->_heaps) and @JAVA_SPEC_VER@ - Update icedtea_sync.sh with a VCS mode that retrieves sources from a Mercurial repository - Related: rhbz#2022826 * Fri Feb 11 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-1 - January 2022 security update to jdk 17.0.2+8 - Rebase RH1995150 & RH1996182 patches following JDK-8275863 addition to module-info.java - Rename libsvml.so to libjsvml.so following JDK-8276025 - Drop JDK-8276572 patch which is now upstream - Resolves: rhbz#2039392 * Thu Feb 10 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-3 - Sync desktop files with upstream IcedTea release 3.15.0 using new script - Related: rhbz#2022826 * Mon Nov 29 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.1.0.12-2 - Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy secmod.db file as part of nss - Resolves: rhbz#2023537 * Tue Nov 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-1 - Drop JDK-8272332 patch now included upstream. - Resolves: rhbz#2013846 * Tue Nov 16 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.1.0.12-1 - October CPU update to jdk 17.0.1+12 - Dropped commented-out source line - Resolves: rhbz#2013846 * Tue Nov 09 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-8 - Extend LTS check to exclude EPEL. - Related: rhbz#2013846 * Tue Nov 09 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.35-8 - Set LTS designator. - Related: rhbz#2013846 * Mon Nov 08 2021 Jiri Vanek <jvanek@redhat.com> - 1:17.0.0.0.35-7 - alternatives creation moved to posttrans - Thus fixing the old reinstall issue: - https://bugzilla.redhat.com/show_bug.cgi?id=1200302 - https://bugzilla.redhat.com/show_bug.cgi?id=1976053 - Resolves: rhbz#2008206 * Fri Nov 05 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-6 - Patch syslookup.c so it actually has some code to be compiled into libsyslookup - Related: rhbz#2013846 * Sun Oct 10 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-5 - Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false - Resolves: rhbz#1994682 * Sun Oct 10 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.35-5 - Add patch to allow plain key import. - Resolves: rhbz#1994682 * Mon Sep 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-4 - Update release notes to document the major changes between OpenJDK 11 & 17. - Resolves: rhbz#2000925 * Thu Sep 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-3 - Update to jdk-17+35, also known as jdk-17-ga. - Switch to GA mode. - Add JDK-8272332 fix so we actually link against HarfBuzz. - Resolves: rhbz#2000925 * Mon Aug 30 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.5.ea - Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access. - Resolves: rhbz#1997359 * Sat Aug 28 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.4.ea - Fix unused function compiler warning found in systemconf.c - Related: rhbz#1995889 * Sat Aug 28 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.4.ea - Add patch to login to the NSS software token when in FIPS mode. - Resolves: rhbz#1997359 * Fri Aug 27 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.3.ea - Add patch to disable non-FIPS crypto in the SUN and SunEC security providers. - Resolves: rhbz#1995889 * Fri Aug 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.2.ea - Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure. - Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM. - Related: rhbz#1995889 * Fri Aug 27 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.2.ea - Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library. - Related: rhbz#1995889 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.1.ea - Update RH1655466 FIPS patch with changes in OpenJDK 8 version. - SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file. - Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg. - No need to substitute path to nss.fips.cfg as java.security file supports a java.home variable. - Disable FIPS mode support unless com.redhat.fips is set to "true". - Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable). - Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode - Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071) - Related: rhbz#1995889 * Thu Aug 26 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.1.ea - Support the FIPS mode crypto policy (RH1655466) - Use appropriate keystore types when in FIPS mode (RH1818909) - Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986) - Related: rhbz#1995889 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.0.ea - Update to jdk-17+33, including JDWP fix and July 2021 CPU - Resolves: rhbz#1870625 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.5.ea - Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics. - Remove restriction on disabling product build, as debug packages no longer have javadoc packages. - Resolves: rhbz#1870625 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:17.0.0.0.26-0.4.ea.1 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Wed Jul 14 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.0.0.26-0.4.ea - Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch which made the SunPKCS provider show up again - Resolves: rhbz#1870625 * Tue Jul 13 2021 Jiri Vanek <pmikova@redhat.com> - 1:17.0.0.0.26-0.3.ea - Add gating support - Resolves: rhbz#1870625 * Fri Jun 25 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.2.ea - Re-enable TestSecurityProperties after inclusion of PR3695 - Resolves: rhbz#1870625 * Fri Jun 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.2.ea - Add PR3695 to allow the system crypto policy to be turned off - Resolves: rhbz#1870625 * Fri Jun 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.1.ea - Remove boot JDKs in favour of OpenJDK 17 build now in the buildroot. - Resolves: rhbz#1870625 * Thu Jun 24 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.1.ea - Update buildjdkver to 17 so as to build with itself - Resolves: rhbz#1870625 * Mon Jun 21 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.0.ea - Rename to java-17-openjdk and bootstrap using boot JDK in local sources - Exclude x86 as this is not supported by OpenJDK 17 - Use unzip to test src.zip to avoid looking for jar on path - Resolves: rhbz#1870625 * Fri Jun 11 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.0.0.26-0.0.ea.rolling - update sources to jdk 17.0.0+26 - set is_ga to 0, as this is early access build - change vendor_version_string - change path to the version-numbers.conf - removed rmid binary from files and from slaves - removed JAVAC_FLAGS=-g from make command, as it breaks the build since JDK-8258407 - add lib/libsyslookup.so to files - renamed lib/security/blacklisted.certs to lib/security/blocked.certs - add lib/libsvml.so for intel - skip debuginfo check for libsyslookup.so on s390x * Fri May 07 2021 Jiri Vanek <jvanek@redhat.com> - 1:16.0.1.0.9-2.rolling - removed cjc backward comaptiblity, to fix when both rpm 4.16 and 4.17 are in transaction * Thu Apr 29 2021 Jiri Vanek <jvanek@redhat.com> - 1:16.0.1.0.9-2.rolling - adapted to debug handling in newer cjc - The rest of the "rpm 4.17" patch must NOT be backported, as on rpm 4.16 and down, it would casue double execution - Disable copy-jdk-configs for Flatpak builds |