diff --git a/.gitignore b/.gitignore index d4c4324..e8f109c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u232-b09.tar.xz +SOURCES/aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u242-b08.tar.xz SOURCES/systemtap_3.2_tapsets_hg-icedtea8-9d464368e06d.tar.xz diff --git a/.java-1.8.0-openjdk.metadata b/.java-1.8.0-openjdk.metadata index 03bd636..115b999 100644 --- a/.java-1.8.0-openjdk.metadata +++ b/.java-1.8.0-openjdk.metadata @@ -1,2 +1,2 @@ -ca59ed55769893ca7a5bcff04612141f696ea2e9 SOURCES/aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u232-b09.tar.xz +a3d01aa92f2cdefc6d50a1d0a256f35bf239f8c9 SOURCES/aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u242-b08.tar.xz cd8bf91753b9eb1401cfc529e78517105fc66011 SOURCES/systemtap_3.2_tapsets_hg-icedtea8-9d464368e06d.tar.xz diff --git a/SPECS/java-1.8.0-openjdk.spec b/SPECS/java-1.8.0-openjdk.spec index 29cd1bc..10aa028 100644 --- a/SPECS/java-1.8.0-openjdk.spec +++ b/SPECS/java-1.8.0-openjdk.spec @@ -198,7 +198,7 @@ # note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there. %global shenandoah_project aarch64-port %global shenandoah_repo jdk8u-shenandoah -%global shenandoah_revision aarch64-shenandoah-jdk8u232-b09 +%global shenandoah_revision aarch64-shenandoah-jdk8u242-b08 # Define old aarch64/jdk8u tree variables for compatibility %global project %{shenandoah_project} %global repo %{shenandoah_repo} @@ -212,7 +212,7 @@ %global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u}) # eg jdk8u60-b27 -> b27 %global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-}) -%global rpmrelease 2 +%global rpmrelease 0 # Define milestone (EA for pre-releases, GA ("fcs") for releases) # Release will be (where N is usually a number starting at 1): # - 0.N%%{?extraver}%%{?dist} for EA releases, @@ -1099,18 +1099,18 @@ Patch512: rh1649664-awt2dlibraries_compiled_with_no_strict_overflow.patch Patch523: pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch # PR3083, RH1346460: Regression in SSL debug output without an ECC provider Patch528: pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch -# RH1566890: CVE-2018-3639 -Patch529: rh1566890-CVE_2018_3639-speculative_store_bypass.patch -Patch531: rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch # PR3601: Fix additional -Wreturn-type issues introduced by 8061651 Patch530: pr3601-fix_additional_Wreturn_type_issues_introduced_by_8061651_for_prims_jvm_cpp.patch # PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts) # PR3575, RH1567204: System cacerts database handling should not affect jssecacerts Patch539: pr2888-openjdk_should_check_for_system_cacerts_database_eg_etc_pki_java_cacerts.patch # PR3183, RH1340845: Support Fedora/RHEL8 system crypto policy -Patch300: pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch +Patch400: pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch # PR3655: Allow use of system crypto policy to be disabled by the user -Patch301: pr3655-toggle_system_crypto_policy.patch +Patch401: pr3655-toggle_system_crypto_policy.patch +# RH1566890: CVE-2018-3639 +Patch529: rh1566890-CVE_2018_3639-speculative_store_bypass.patch +Patch531: rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch ############################################# # @@ -1145,7 +1145,7 @@ Patch107: s390-8214206_fix.patch # This fixes printf warnings that lead to build failure with -Werror=format-security from optflags Patch502: pr2462-resolve_disabled_warnings_for_libunpack_and_the_unpack200_binary.patch # S8154313: Generated javadoc scattered all over the place -Patch400: jdk8154313-generated_javadoc_scattered_all_over_the_place.patch +Patch578: jdk8154313-generated_javadoc_scattered_all_over_the_place.patch # PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code Patch571: jdk8199936-pr3591-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x_jdk.patch # 8143245, PR3548: Zero build requires disabled warnings @@ -1471,8 +1471,8 @@ sh %{SOURCE12} %patch203 # System security policy fixes -%patch300 -%patch301 +%patch400 +%patch401 %patch1 %patch3 @@ -1493,12 +1493,12 @@ sh %{SOURCE12} %patch502 %patch504 %patch512 -%patch400 +%patch578 %patch523 %patch528 +%patch530 %patch529 %patch531 -%patch530 %patch571 %patch574 %patch575 @@ -2094,6 +2094,43 @@ require "copy_jdk_configs.lua" %endif %changelog +* Wed Jan 15 2020 Andrew Hughes - 1:1.8.0.242.b08-0 +- Update to aarch64-shenandoah-jdk8u242-b08. +- Remove local copies of JDK-8031111 & JDK-8132111 as replaced by upstream versions. +- Resolves: rhbz#1785753 + +* Wed Jan 15 2020 Andrew John Hughes - 1:1.8.0.242.b07-1 +- Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. +- Resolves: rhbz#1785753 + +* Mon Jan 13 2020 Andrew Hughes - 1:1.8.0.242.b07-0 +- Update to aarch64-shenandoah-jdk8u242-b07. +- Switch to GA mode for final release. +- Remove Shenandoah S390 patch which is now included upstream as JDK-8236829. +- Resolves: rhbz#1785753 + +* Sun Jan 05 2020 Andrew Hughes - 1:1.8.0.242.b05-0.1.ea +- Update to aarch64-shenandoah-jdk8u242-b05. +- Attempt to fix Shenandoah formatting failures on S390, introduced by JDK-8232102. +- Revise b05 snapshot to include JDK-8236178. +- Add additional Shenandoah formatting fixes revealed by successful -Wno-error=format run +- Resolves: rhbz#1785753 + +* Thu Jan 02 2020 Andrew Hughes - 1:1.8.0.242.b01-0.0.ea +- Update to aarch64-shenandoah-jdk8u242-b01. +- Switch to EA mode. +- Resolves: rhbz#1785753 + +* Thu Jan 02 2020 Andrew Hughes - 1:1.8.0.232.b09-4 +- Revert SSBD removal for now, until appropriate messaging has been decided. +- Resolves: rhbz#1785753 + +* Tue Dec 24 2019 Andrew John Hughes - 1:1.8.0.232.b09-3 +- Remove CVE-2018-3639 mitigation due to performance regression and + OpenJDK position on speculative execution vulnerabilities. + https://mail.openjdk.java.net/pipermail/vuln-announce/2019-July/000002.html +- Resolves: rhbz#1785753 + * Fri Oct 25 2019 Andrew John Hughes - 1:1.8.0.232.b09-2 - Disable FIPS mode support unless com.redhat.fips is set to "true". - Resolves: rhbz#1655466