diff --git a/.gitignore b/.gitignore
index 3ca8fbe..b705f93 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz
+SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.8+10-4curve.tar.xz
SOURCES/tapsets-icedtea-3.15.0.tar.xz
diff --git a/.java-11-openjdk.metadata b/.java-11-openjdk.metadata
index a477770..6163a15 100644
--- a/.java-11-openjdk.metadata
+++ b/.java-11-openjdk.metadata
@@ -1,2 +1,2 @@
-770fb5e2a0c18da9239ffdd4d0511fb0f5a6a2b6 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz
+96b0432148cbf9743ef57d6645600dbcc5c25bb0 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.8+10-4curve.tar.xz
7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz
diff --git a/SOURCES/NEWS b/SOURCES/NEWS
new file mode 100644
index 0000000..426a78c
--- /dev/null
+++ b/SOURCES/NEWS
@@ -0,0 +1,749 @@
+Key:
+
+JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
+CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
+
+New in release OpenJDK 11.0.8 (2020-07-14):
+===========================================
+Live versions of these release notes can be found at:
+ * https://bitly.com/oj1108
+ * https://builds.shipilev.net/backports-monitor/release-notes-11.0.8.txt
+
+* Security fixes
+ - JDK-8230613: Better ASCII conversions
+ - JDK-8231800: Better listing of arrays
+ - JDK-8232014: Expand DTD support
+ - JDK-8233234: Better Zip Naming
+ - JDK-8233239, CVE-2020-14562: Enhance TIFF support
+ - JDK-8233255: Better Swing Buttons
+ - JDK-8234032: Improve basic calendar services
+ - JDK-8234042: Better factory production of certificates
+ - JDK-8234418: Better parsing with CertificateFactory
+ - JDK-8234836: Improve serialization handling
+ - JDK-8236191: Enhance OID processing
+ - JDK-8236867, CVE-2020-14573: Enhance Graal interface handling
+ - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
+ - JDK-8237592, CVE-2020-14577: Enhance certificate verification
+ - JDK-8238002, CVE-2020-14581: Better matrix operations
+ - JDK-8238013: Enhance String writing
+ - JDK-8238804: Enhance key handling process
+ - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
+ - JDK-8238843: Enhanced font handing
+ - JDK-8238920, CVE-2020-14583: Better Buffer support
+ - JDK-8238925: Enhance WAV file playback
+ - JDK-8240119, CVE-2020-14593: Less Affine Transformations
+ - JDK-8240482: Improved WAV file playback
+ - JDK-8241379: Update JCEKS support
+ - JDK-8241522: Manifest improved jar headers redux
+ - JDK-8242136, CVE-2020-14621: Better XML namespace handling
+* Other changes
+ - JDK-6933331: (d3d/ogl) java.lang.IllegalStateException: Buffers have not been created
+ - JDK-7124307: JSpinner and changing value by mouse
+ - JDK-8022574: remove HaltNode code after uncommon trap calls
+ - JDK-8039082: [TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java fails
+ - JDK-8040630: Popup menus and tooltips flicker with previous popup contents when first shown
+ - JDK-8044365: (dc) MulticastSendReceiveTests.java failing with ENOMEM when joining group (OS X 10.9)
+ - JDK-8048215: [TESTBUG] java/lang/management/ManagementFactory/ThreadMXBeanProxy.java Expected non-null LockInfo
+ - JDK-8051349: nsk/jvmti/scenarios/sampling/SP06/sp06t003 fails in nightly
+ - JDK-8080353: JShell: Better error message on attempting to add default method
+ - JDK-8139876: Exclude hanging nsk/stress/stack from execution with deoptimization enabled
+ - JDK-8146090: java/lang/ref/ReachabilityFenceTest.java fails with -XX:+DeoptimizeALot
+ - JDK-8153430: jdk regression test MletParserLocaleTest, ParserInfiniteLoopTest reduce default timeout
+ - JDK-8156207: Resource allocated BitMaps are often cleared unnecessarily
+ - JDK-8159740: JShell: corralled declarations do not have correct source to wrapper mapping
+ - JDK-8175984: ICC_Profile has un-needed, not-empty finalize method
+ - JDK-8176359: Frame#setMaximizedbounds not working properly in multi screen environments
+ - JDK-8183369: RFC unconformity of HttpURLConnection with proxy
+ - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT
+ - JDK-8191169: java/net/Authenticator/B4769350.java failed intermittently
+ - JDK-8191930: [Graal] emits unparseable XML into compile log
+ - JDK-8193879: Java debugger hangs on method invocation
+ - JDK-8196019: java/awt/Window/Grab/GrabTest.java fails on Windows
+ - JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails
+ - JDK-8198000: java/awt/List/EmptyListEventTest/EmptyListEventTest.java debug assert on Windows
+ - JDK-8198001: java/awt/Menu/WrongParentAfterRemoveMenu/WrongParentAfterRemoveMenu.java debug assert on Windows
+ - JDK-8198339: Test javax/swing/border/Test6981576.java is unstable
+ - JDK-8200701: jdk/jshell/ExceptionsTest.java fails on Windows, after JDK-8198801
+ - JDK-8203264: JNI exception pending in PlainDatagramSocketImpl.c:740
+ - JDK-8203672: JNI exception pending in PlainSocketImpl.c
+ - JDK-8203673: JNI exception pending in DualStackPlainDatagramSocketImpl.c:398
+ - JDK-8204834: Fix confusing "allocate" naming in OopStorage
+ - JDK-8205399: Set node color on pinned HashMap.TreeNode deletion
+ - JDK-8205653: test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java and RmiSslBootstrapTest.sh fail with handshake_failure
+ - JDK-8206179: com/sun/management/OperatingSystemMXBean/GetCommittedVirtualMemorySize.java fails with Committed virtual memory size illegal value
+ - JDK-8207334: VM times out in VM_HandshakeAllThreads::doit() with RunThese30M
+ - JDK-8208277: Code cache heap (-XX:ReservedCodeCacheSize) doesn't work with 1GB LargePages
+ - JDK-8209113: Use WeakReference for lastFontStrike for created Fonts
+ - JDK-8209333: Socket reset issue for TLS 1.3 socket close
+ - JDK-8209439: C2 library_call can potentially ignore Math.pow intrinsic or use null pointer
+ - JDK-8209534: [TESTBUG]runtime/appcds/cacheObject/ArchivedModuleCompareTest.java fails with EnableJVMCI.
+ - JDK-8210147: adjust some WSAGetLastError usages in windows network coding
+ - JDK-8210284: "assert((av & 0x00000001) == 0) failed: unsupported V8" on Solaris 11.4
+ - JDK-8210303: VM_HandshakeAllThreads fails assert with "failed: blocked and not walkable"
+ - JDK-8210515: [TESTBUG]CheckArchivedModuleApp.java needs to check if EnableJVMCI is set.
+ - JDK-8210788: Javadoc for Thread.join(long, int) should specify that it waits forever when both arguments are zero
+ - JDK-8211301: [macos] support full window content options
+ - JDK-8211332: Space for stub routines (code_size2) is too small on new Skylake CPUs
+ - JDK-8211339: NPE during SSL handshake caused by HostnameChecker
+ - JDK-8211392: compiler/profiling/spectrapredefineclass_classloaders/Launcher.java times out in JDK12 CI
+ - JDK-8211743: [AOT] crash in ScopeDesc::decode_body() when JVMTI walks AOT frames
+ - JDK-8212154: [TESTBUG] CheckArchivedModuleApp fails with NPE when JVMCI is absent
+ - JDK-8212167: JShell : Stack trace of exception has wrong line number
+ - JDK-8212933: Thread-SMR: requesting a VM operation whilst holding a ThreadsListHandle can cause deadlocks
+ - JDK-8212986: Make Visual Studio compiler check less strict
+ - JDK-8213250: CDS archive creation aborts due to metaspace object allocation failure
+ - JDK-8213516: jck test api/javax_accessibility/AccessibleState/fields.html fails intermittent
+ - JDK-8213947: ARM32: failed check_simd should set UsePopCountInstruction to false
+ - JDK-8214418: half-closed SSLEngine status may cause application dead loop
+ - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate"
+ - JDK-8214444: Wrong strncat limits in dfa.cpp
+ - JDK-8214481: freetype path does not disable TrueType hinting with AA+FM hints
+ - JDK-8214571: -Xdoclint of array serialField gives "error: array type not allowed here"
+ - JDK-8214856: Errors with JSZip in web console after upgrade to 3.1.5
+ - JDK-8214862: assert(proj != __null) at compile.cpp:3251
+ - JDK-8215369: Jcstress pollute /var/tmp with temporary files.
+ - JDK-8215551: Missing case label in nmethod::reloc_string_for()
+ - JDK-8215555: TieredCompilation C2 threads can excessively block handshakes
+ - JDK-8215711: Missing key_share extension for (EC)DHE key exchange should alert missing_extension
+ - JDK-8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
+ - JDK-8216154: C4819 warnings at HotSpot sources on Windows
+ - JDK-8216541: CompiledICHolders of VM locked unloaded nmethods are released too late
+ - JDK-8217230: assert(t == t_no_spec) failure in NodeHash::check_no_speculative_types()
+ - JDK-8217404: --with-jvm-features doesn't work when multiple features are explicitly disabled
+ - JDK-8217447: Develop flag TraceICs is broken
+ - JDK-8217606: LdapContext#reconnect always opens a new connection
+ - JDK-8218807: Compilation database (compile_commands.json) may contain obsolete items
+ - JDK-8219214: Infinite Loop in CodeSection::dump()
+ - JDK-8219904: ClassCastException when calling FlightRecorderMXBean#getRecordings()
+ - JDK-8219991: New fix of the deadlock in sun.security.ssl.SSLSocketImpl
+ - JDK-8221121: applications/microbenchmarks are encountering crashes in tier5
+ - JDK-8221445: FastSysexMessage constructor crashes MIDI receiption thread
+ - JDK-8221482: Initialize VMRegImpl::regName[] earlier to prevent assert during PrintStubCode
+ - JDK-8221741: ClassCastException can happen when fontconfig.properties is used
+ - JDK-8221823: Requested JDialog width is ignored
+ - JDK-8223108: Test java/awt/EventQueue/NonComponentSourcePost.java is unstable
+ - JDK-8223935: PIT: java/awt/font/WindowsIndicFonts.java fails on windows10
+ - JDK-8224109: Text spaced incorrectly by drawString under rotation with fractional metric
+ - JDK-8224632: testbug: java/awt/dnd/RemoveDropTargetCrashTest/RemoveDropTargetCrashTest.java fails on MacOS
+ - JDK-8224793: os::die() does not honor CreateCoredumpOnCrash option
+ - JDK-8224847: gc/stress/TestReclaimStringsLeaksMemory.java fails with reserved greater than expected
+ - JDK-8224931: disable JAOTC invokedynamic support until 8223533 is fixed
+ - JDK-8224997: ChaCha20-Poly1305 TLS cipher suite decryption throws ShortBufferException
+ - JDK-8225068: Remove DocuSign root certificate that is expiring in May 2020
+ - JDK-8225069: Remove Comodo root certificate that is expiring in May 2020
+ - JDK-8225126: Test SetBoundsPaintTest.html faild on Windows when desktop is scaled
+ - JDK-8225325: Add tests for redefining a class' private method during resolution of the bootstrap specifier
+ - JDK-8225622: [AOT] runtime/SharedArchiveFile/TestInterpreterMethodEntries.java crashed with AOTed java.base
+ - JDK-8225653: Provide more information when hitting SIGILL from HaltNode
+ - JDK-8225783: Incorrect use of binary operators on booleans in type.cpp
+ - JDK-8225789: Empty method parameter type should generate ClassFormatError
+ - JDK-8226198: use of & instead of && in LibraryCallKit::arraycopy_restore_alloc_state
+ - JDK-8226253: JAWS reports wrong number of radio buttons when buttons are hidden.
+ - JDK-8226653: [accessibility] Can edit text cell correctly, but Accessibility Tool reads nothing about editor
+ - JDK-8226806: [macOS 10.14] Methods of Java Robot should be called from appropriate thread
+ - JDK-8226879: Memory leak in Type::hashcons
+ - JDK-8227632: Incorrect PrintCompilation message: made not compilable on levels 0 1 2 3 4
+ - JDK-8228407: JVM crashes with shared archive file mismatch
+ - JDK-8228482: fix xlc16/xlclang comparison of distinct pointer types and string literal conversion warnings
+ - JDK-8228757: Fail fast if the handshake type is unknown
+ - JDK-8229158: make UseSwitchProfiling non-experimental or false by-default
+ - JDK-8229421: The logic of java/net/ipv6tests/TcpTest.java is flawed
+ - JDK-8229855: C2 fails with assert(false) failed: bad AD file
+ - JDK-8230591: AArch64: Missing intrinsics for Math.ceil, floor, rint
+ - JDK-8231118: ARM32: Math tests failures
+ - JDK-8231213: Migrate SimpleDateFormatConstTest to JDK Repo
+ - JDK-8231243: [TESTBUG] CustomFont.java cannot find font file
+ - JDK-8231438: [macOS] Dark mode for the desktop is not supported
+ - JDK-8231550: C2: ShouldNotReachHere() in verify_strip_mined_scheduling
+ - JDK-8231564: setMaximizedBounds is broken with large display scale and multiple monitors
+ - JDK-8231572: Use -lobjc instead of -fobjc-link-runtime in libosxsecurity
+ - JDK-8231631: sun/net/ftp/FtpURLConnectionLeak.java fails intermittently with NPE
+ - JDK-8231671: Fix copyright headers in hotspot (missing comma after year)
+ - JDK-8231720: Some perf regressions after 8225653
+ - JDK-8231779: crash HeapWord*ParallelScavengeHeap::failed_mem_allocate
+ - JDK-8231863: Crash if classpath is read from @argument file and the main gets option argument
+ - JDK-8232080: jlink plugins for vendor information and run-time options
+ - JDK-8232106: [x86] C2: SIGILL due to usage of SSSE3 instructions on processors which don't support it
+ - JDK-8232134: Change to Visual Studio 2017 15.9.16 for building on Windows at Oracle
+ - JDK-8232226: [macos 10.15] test/jdk/java/awt/color/EqualityTest/EqualityTest.java may fail
+ - JDK-8232357: Compare version info of Santuario to legal notice
+ - JDK-8232572: Add hooks for custom output dir in Bundles.gmk
+ - JDK-8232634: Problem List ICMColorDataTest.java
+ - JDK-8232748: Build static versions of certain JDK libraries
+ - JDK-8232846: ProcessHandle.Info command with non-English shows question marks
+ - JDK-8233033: C2 produces wrong result while unswitching a loop due to lost control dependencies
+ - JDK-8233137: runtime/ErrorHandling/VeryEarlyAssertTest.java fails after 8232080
+ - JDK-8233197: Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing
+ - JDK-8233291: [TESTBUG] tools/jlink/plugins/VendorInfoPluginsTest.java fails with debug or non-server VMs
+ - JDK-8233364: Fix undefined behavior in Canonicalizer::do_ShiftOp
+ - JDK-8233573: Toolkit.getScreenInsets(GraphicsConfiguration) may throw ClassCastException
+ - JDK-8233608: Minimal build broken after JDK-8233494
+ - JDK-8233621: Mismatch in jsse.enableMFLNExtension property name
+ - JDK-8233696: [TESTBUG]Some jtreg tests fail when CAPS_LOCK is ON
+ - JDK-8233707: systemScale.cpp could not compile with VS2019
+ - JDK-8233801: GCMEmptyIv.java test fails on Solaris 11.4
+ - JDK-8233880: Support compilers with multi-digit major version numbers
+ - JDK-8233920: MethodHandles::tryFinally generates illegal bytecode for long/double return type
+ - JDK-8234137: The "AutoTestOnTop.java" test may run external applications
+ - JDK-8234146: compiler/jsr292/ContinuousCallSiteTargetChange.java times out on SPARC
+ - JDK-8234184: [TESTBUG] java/awt/Mouse/EnterExitEvents/ModalDialogEnterExitEventsTest.java fails in Windows
+ - JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect numbers for Compiler area
+ - JDK-8234332: [TESTBUG] java/awt/Focus/DisposedWindow/DisposeDialogNotActivateOwnerTest/DisposeDialogNotActivateOwnerTest.java fails on linux-x64 nightly
+ - JDK-8234398: Replace ID2D1Factory::GetDesktopDpi with GetDeviceCaps
+ - JDK-8234522: [macos] Crash with use of native file dialog
+ - JDK-8234691: Potential double-free in ParallelSPCleanupTask constructor
+ - JDK-8234696: tools/jlink/plugins/VendorInfoPluginsTest.java times out
+ - JDK-8234727: sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3
+ - JDK-8234728: Some security tests should support TLSv1.3
+ - JDK-8234779: Provide idiom for declaring classes noncopyable
+ - JDK-8234968: check calloc rv in libinstrument InvocationAdapter
+ - JDK-8235153: [TESTBUG] [macos 10.15] java/awt/Graphics/DrawImageBG/SystemBgColorTest.java fails
+ - JDK-8235183: Remove the "HACK CODE" in comment
+ - JDK-8235263: Revert TLS 1.3 change that wrapped IOExceptions
+ - JDK-8235311: Tag mismatch may alert bad_record_mac
+ - JDK-8235332: TestInstanceCloneAsLoadsStores.java fails with -XX:+StressGCM
+ - JDK-8235452: Strip mined loop verification fails with assert(is_OuterStripMinedLoop()) failed: invalid node class
+ - JDK-8235584: UseProfiledLoopPredicate fails with assert(_phase->get_loop(c) == loop) failed: have to be in the same loop
+ - JDK-8235620: Broken merge between JDK-8006406 and JDK-8003559
+ - JDK-8235638: NPE in LWWindowPeer.getOnscreenGraphics()
+ - JDK-8235686: Add more custom hooks in Bundles.gmk
+ - JDK-8235739: Rare NPE at WComponentPeer.getGraphics()
+ - JDK-8235762: JVM crash in SWPointer during C2 compilation
+ - JDK-8235834: IBM-943 charset encoder needs updating
+ - JDK-8235874: The ordering of Cipher Suites is not maintained provided through jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system property.
+ - JDK-8235908: omit ThreadPriorityPolicy warning when value is set from image
+ - JDK-8235984: C2: assert(out->in(PhiNode::Region) == head || out->in(PhiNode::Region) == slow_head) failed: phi must be either part of the slow or the fast loop
+ - JDK-8236211: [Graal] compiler/graalunit/GraphTest.java is skipped in all testing
+ - JDK-8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId
+ - JDK-8236545: Compilation error in mach5 java/awt/FileDialog/MacOSGoToFolderCrash.java
+ - JDK-8236700: Upgrading JSZip from v3.1.5 to v3.2.2
+ - JDK-8236759: ShouldNotReachHere in PhaseIdealLoop::verify_strip_mined_scheduling
+ - JDK-8236897: Fix the copyright header for pkcs11gcm2.h
+ - JDK-8236921: Add build target to produce a JDK image suitable for a Graal/SVM build
+ - JDK-8236953: [macos] JavaFX SwingNode is not rendered on macOS
+ - JDK-8236996: Incorrect Roboto font rendering on Windows with subpixel antialiasing
+ - JDK-8237045: JVM uses excessive memory with -XX:+EnableJVMCI -XX:JVMCICounterSize=2147483648
+ - JDK-8237055: [TESTBUG] compiler/c2/TestJumpTable.java fails with release VMs
+ - JDK-8237086: assert(is_MachReturn()) running CTW with fix for JDK-8231291
+ - JDK-8237192: Generate stripped/public pdbs on Windows for jdk images
+ - JDK-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers
+ - JDK-8237474: Default SSLEngine should create in server role
+ - JDK-8237859: C2: Crash when loads float above range check
+ - JDK-8237951: CTW: C2 compilation fails with "malformed control flow"
+ - JDK-8237962: give better error output for invalid OCSP response intervals in CertPathValidator checks
+ - JDK-8238190: [JVMCI] Fix single implementor speculation for diamond shapes.
+ - JDK-8238356: CodeHeap::blob_count() overestimates the number of blobs
+ - JDK-8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01
+ - JDK-8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB
+ - JDK-8238575: DragSourceEvent.getLocation() returns wrong value on HiDPI screens (Windows)
+ - JDK-8238676: jni crashes on accessing it from process exit hook
+ - JDK-8238721: Add failing client jtreg tests to the Problem List
+ - JDK-8238738: AudioSystem.getMixerInfo() takes about 30 sec to report a gone audio device
+ - JDK-8238756: C2: assert(((n) == __null || !VerifyIterativeGVN || !((n)->is_dead()))) failed: can not use dead node
+ - JDK-8238765: PhaseCFG::schedule_pinned_nodes cannot handle precedence edges from unmatched CFG nodes correctly
+ - JDK-8238898: Missing hash characters for header on license file
+ - JDK-8238942: Rendering artifacts with LCD text and fractional metrics
+ - JDK-8238985: [TESTBUG] The arrow image is blue instead of green
+ - JDK-8239000: handle ContendedPaddingWidth in vm_version_ppc
+ - JDK-8239055: Wrong implementation of VMState.hasListener
+ - JDK-8239091: Reversed arguments in call to strstr in freetype "debug" code.
+ - JDK-8239142: C2's UseUniqueSubclasses optimization is broken for array accesses
+ - JDK-8239224: libproc_impl.c previous_thr may be used uninitialized warning
+ - JDK-8239351: Give more meaningful InternalError messages in Deflater.c
+ - JDK-8239365: ProcessBuilder test modifications for AIX execution
+ - JDK-8239456: vtable stub generation: assert failure (code size estimate)
+ - JDK-8239457: call ReleaseStringUTFChars before early returns in Java_sun_security_pkcs11_wrapper_PKCS11_connect
+ - JDK-8239462: jdk.hotspot.agent misses some ReleaseStringUTFChars calls in case of early returns
+ - JDK-8239557: [TESTBUG] VeryEarlyAssertTest.java validating "END." marker at lastline is not always true
+ - JDK-8239787: AArch64: String.indexOf may incorrectly handle empty strings
+ - JDK-8239792: Bump update version for OpenJDK: jdk-11.0.8
+ - JDK-8239798: SSLSocket closes socket both socket endpoints on a SocketTimeoutException
+ - JDK-8239819: XToolkit: Misread of screen information memory
+ - JDK-8239852: java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed
+ - JDK-8239893: Windows handle Leak when starting processes using ProcessBuilder
+ - JDK-8239915: Zero VM crashes when handling dynamic constant
+ - JDK-8239931: [win][x86] vtable stub generation: assert failure (code size estimate) follow-up
+ - JDK-8239976: Put JDK-8239965 on the ProblemList.txt
+ - JDK-8240073: Fix 'test-make' build target in 11u
+ - JDK-8240197: Cannot start JVM when $JAVA_HOME includes CJK characters
+ - JDK-8240202: A few client tests leave mouse buttons pressed
+ - JDK-8240220: IdealLoopTree::dump_head predicate printing is broken
+ - JDK-8240223: Use consistent predicate order in and with PhaseIdealLoop::find_predicate
+ - JDK-8240227: Loop predicates should be copied to unswitched loops
+ - JDK-8240286: [TESTBUG] Test command error in hotspot/jtreg/compiler/loopopts/superword/SumRedAbsNeg_Float.java
+ - JDK-8240518: Incorrect JNU_ReleaseStringPlatformChars in Windows Print
+ - JDK-8240529: CheckUnhandledOops breaks NULL check in Modules::define_module
+ - JDK-8240576: JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges
+ - JDK-8240603: Windows 32bit compile error after 8238676
+ - JDK-8240629: argfiles parsing broken for argfiles with comment cross 4096 bytes chunk
+ - JDK-8240711: TestJstatdPort.java failed due to "ExportException: Port already in use:"
+ - JDK-8240786: [TESTBUG] The test java/awt/Window/GetScreenLocation/GetScreenLocationTest.java fails on HiDPI screen
+ - JDK-8240824: enhance print_full_memory_info on Linux by THP related information
+ - JDK-8240827: Downport SSLSocketImpl.java from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
+ - JDK-8240905: assert(mem == (Node*)1 || mem == mem2) failed: multiple Memories being matched at once?
+ - JDK-8240972: macOS codesign fail on macOS 10.13.5 or older
+ - JDK-8241445: Fix copyright in test/jdk/tools/launcher/ArgFileSyntax.java
+ - JDK-8241458: [JVMCI] add mark value to expose CodeOffsets::Frame_Complete
+ - JDK-8241464: [11u] Backport: make rehashing be a needed guaranteed safepoint cleanup action
+ - JDK-8241556: Memory leak if -XX:CompileCommand is set
+ - JDK-8241568: (fs) UserPrincipalLookupService.lookupXXX failure with IOE "Operation not permitted"
+ - JDK-8241586: compiler/cpuflags/TestAESIntrinsicsOnUnsupportedConfig.java fails on aarch64
+ - JDK-8241638: launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set
+ - JDK-8241660: Add virtualization information output to hs_err file on macOS
+ - JDK-8241808: [TESTBUG] The JDK-8039467 bug appeared on macOS
+ - JDK-8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one
+ - JDK-8241900: Loop unswitching may cause dependence on null check to be lost
+ - JDK-8241948: enhance list of environment variables printed in hs_err file
+ - JDK-8241996: on linux set full relro in the linker flags
+ - JDK-8242108: Performance regression after fix for JDK-8229496
+ - JDK-8242141: New System Properties to configure the TLS signature schemes
+ - JDK-8242154: Backport parts of JDK-4947890 to OpenJDK 11u
+ - JDK-8242174: [macos] The NestedModelessDialogTest test make the macOS unstable
+ - JDK-8242239: [Graal] javax/management/generified/GenericTest.java fails: FAILED: queryMBeans sets same
+ - JDK-8242294: JSSE Client does not throw SSLException when an alert occurs during handshaking
+ - JDK-8242379: [TESTBUG] compiler/loopopts/TestLoopUnswitchingLostCastDependency.java fails with release VMs
+ - JDK-8242470: Update Xerces to Version 2.12.1
+ - JDK-8242498: Invalid "sun.awt.TimedWindowEvent" object leads to JVM crash
+ - JDK-8242541: Small charset issues (ISO8859-16, x-eucJP-Open, x-IBM834 and x-IBM949C)
+ - JDK-8242626: enhance posix print_rlimit_info
+ - JDK-8243059: Build fails when --with-vendor-name contains a comma
+ - JDK-8243539: Copyright info (Year) should be updated for fix of 8241638
+ - JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a
+ - JDK-8244407: JVM crashes after transformation in C2 IdealLoopTree::split_fall_in
+ - JDK-8244520: problemlist java/awt/font/Rotate/RotatedFontTest.java on linux
+ - JDK-8244777: ClassLoaderStats VM Op uses constant hash value
+ - JDK-8244853: The static build of libextnet is missing the JNI_OnLoad_extnet function
+ - JDK-8244951: Missing entitlements for hardened runtime
+ - JDK-8245047: [PPC64] C2: ReverseBytes + Load always match to unordered Load (acquire semantics missing)
+ - JDK-8245649: Revert 8245397 backport of 8230591
+ - JDK-8246031: SSLSocket.getSession() doesn't close connection for timeout/ interrupts
+ - JDK-8246613: Choose the default SecureRandom algo based on registration ordering
+ - JDK-8248505: Unexpected NoSuchAlgorithmException when using secure random impl from BCFIPS provider
+
+Notes on individual issues:
+===========================
+
+security-libs/java.security:
+
+JDK-8244167: Removal of Comodo Root CA Certificate
+==================================================
+The following expired Comodo root CA certificate was removed from the `cacerts` keystore: +
+alias name "addtrustclass1ca [jdk]"
+
+Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
+
+JDK-8244166: Removal of DocuSign Root CA Certificate
+====================================================
+The following expired DocuSign root CA certificate was removed from the `cacerts` keystore: +
+alias name "keynectisrootca [jdk]"
+
+Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
+
+security-libs/javax.crypto:pkcs11:
+
+JDK-8240191: Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database
+============================================================================================================================
+The SunPKCS11 security provider can now be initialized with NSS when
+FIPS-enabled external modules are configured in the Security Modules
+Database (NSSDB). Prior to this change, the SunPKCS11 provider would
+throw a RuntimeException with the message: "FIPS flag set for
+non-internal module" when such a library was configured for NSS in
+non-FIPS mode.
+
+This change allows the JDK to work properly with recent NSS releases
+in GNU/Linux operating systems when the system-wide FIPS policy is
+turned on.
+
+Further information can be found in JDK-8238555.
+
+security-libs/javax.net.ssl:
+
+JDK-8245077: Default SSLEngine Should Create in Server Role
+===========================================================
+In JDK 11 and later, `javax.net.ssl.SSLEngine` by default used client
+mode when handshaking. As a result, the set of default enabled
+protocols may differ to what is expected. `SSLEngine` would usually be
+used in server mode. From this JDK release onwards, `SSLEngine` will
+default to server mode. The
+`javax.net.ssl.SSLEngine.setUseClientMode(boolean mode)` method may
+be used to configure the mode.
+
+JDK-8242147: New System Properties to Configure the TLS Signature Schemes
+=========================================================================
+
+Two new System Properties are added to customize the TLS signature
+schemes in JDK. `jdk.tls.client.SignatureSchemes` is added for TLS
+client side, and `jdk.tls.server.SignatureSchemes` is added for server
+side.
+
+Each System Property contains a comma-separated list of supported
+signature scheme names specifying the signature schemes that could be
+used for the TLS connections.
+
+The names are described in the "Signature Schemes" section of the
+*Java Security Standard Algorithm Names Specification*.
+
+New in release OpenJDK 11.0.7 (2020-04-14):
+===========================================
+Live versions of these release notes can be found at:
+ * https://bitly.com/oj1107
+ * https://builds.shipilev.net/backports-monitor/release-notes-11.0.7.txt
+
+* Security fixes
+ - JDK-8223898, CVE-2020-2754: Forward references to Nashorn
+ - JDK-8223904, CVE-2020-2755: Improve Nashorn matching
+ - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs
+ - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues
+ - JDK-8225603: Enhancement for big integers
+ - JDK-8226346: Build better binary builders
+ - JDK-8227467: Better class method invocations
+ - JDK-8227542: Manifest improved jar headers
+ - JDK-8229733: TLS message handling improvements
+ - JDK-8231415, CVE-2020-2773: Better signatures in XML
+ - JDK-8231785: Improved socket permissions
+ - JDK-8232424, CVE-2020-2778: More constrained algorithms
+ - JDK-8232581, CVE-2020-2767: Improve TLS verification
+ - JDK-8233250: Better X11 rendering
+ - JDK-8233410: Better Build Scripting
+ - JDK-8234027: Better JCEKS key support
+ - JDK-8234408, CVE-2020-2781: Improve TLS session handling
+ - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers
+ - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers
+ - JDK-8235274, CVE-2020-2805: Enhance typing of methods
+ - JDK-8235691, CVE-2020-2816: Enhance TLS connectivity
+ - JDK-8236201, CVE-2020-2830: Better Scanner conversions
+ - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap
+* Other changes
+ - JDK-4919790: Errors in alert ssl message does not reflect the actual certificate status
+ - JDK-4949105: Access Bridge lacks html tags parsing
+ - JDK-7092821: java.security.Provider.getService() is synchronized and became scalability bottleneck
+ - JDK-7143743: Potential memory leak with zip provider
+ - JDK-8005819: Support cross-realm MSSFU
+ - JDK-8042383: [TEST_BUG] Test javax/swing/plaf/basic/BasicMenuUI/4983388/bug4983388.java fails with shortcuts on menus do not work
+ - JDK-8068184: Fix for JDK-8032832 caused a deadlock
+ - JDK-8145845: [AOT] NullPointerException in compiler/whitebox/GetCodeHeapEntriesTest.java
+ - JDK-8152988: [AOT] Update test batch definitions to include aot-ed java.base module mode into hs-comp testing
+ - JDK-8160926: FLAGS_COMPILER_CHECK_ARGUMENTS doesn't handle cross-compilation
+ - JDK-8163083: SocketListeningConnector does not allow invocations with port 0
+ - JDK-8163251: Hard coded loop limit prevents reading of smart card data greater than 8k
+ - JDK-8167276: jvmci/compilerToVM/MaterializeVirtualObjectTest.java fails with -XX:-EliminateAllocations
+ - JDK-8169718: nsk/jdb/locals/locals002: ERROR: Cannot find boolVar with expected value: false
+ - JDK-8176556: java/awt/dnd/ImageTransferTest/ImageTransferTest.java fails for JFIF
+ - JDK-8178798: Two compiler/aot/verification/vmflags tests fail by timeout with UseAVX=3
+ - JDK-8183107: PKCS11 regression regarding checkKeySize
+ - JDK-8185005: Improve performance of ThreadMXBean.getThreadInfo(long ids[], int maxDepth)
+ - JDK-8189633: Missing -Xcheck:jni checking for DeleteWeakGlobalRef
+ - JDK-8189861: Refactor CacheFind
+ - JDK-8193042: NativeLookup::lookup_critical_entry() should only load shared library once
+ - JDK-8193596: java/net/DatagramPacket/ReuseBuf.java failed due to timeout
+ - JDK-8194944: Regression automated test 'open/test/jdk/javax/swing/JInternalFrame/8145896/TestJInternalFrameMaximize.java' fails
+ - JDK-8196467: javax/swing/JInternalFrame/Test6325652.java fails
+ - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE
+ - JDK-8198321: javax/swing/JEditorPane/5076514/bug5076514.java fails
+ - JDK-8198398: Test javax/swing/JColorChooser/Test6199676.java fails in mach5
+ - JDK-8199072: Test javax/swing/GroupLayout/6613904/bug6613904.java is unstable
+ - JDK-8200432: javadoc fails with ClassCastException on {@link byte[]}
+ - JDK-8201349: build broken when configured with --with-zlib=bundled on gcc 7.3
+ - JDK-8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
+ - JDK-8201513: nsk/jvmti/IterateThroughHeap/filter-* are broken
+ - JDK-8203364: Some serviceability/sa/ tests intermittently fail with java.io.IOException: LingeredApp terminated with non-zero exit code 3
+ - JDK-8203687: javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3
+ - JDK-8203904: javax/swing/JSplitPane/4816114/bug4816114.java: The divider location is wrong
+ - JDK-8203911: Test runtime/modules/getModuleJNI/GetModule fails with -Xcheck:jni
+ - JDK-8204525: [TESTBUG] runtime/NMT/MallocStressTest.java ran out of java heap
+ - JDK-8204529: gc/TestAllocateHeapAtMultiple.java fail with Agent 7 timed out
+ - JDK-8204551: Event descriptions are truncated in logs
+ - JDK-8206963: [AOT] bug with multiple class loaders
+ - JDK-8207367: 10 vmTestbase/nsk/jdi tests timed out when running with jtreg
+ - JDK-8207832: serviceability/sa/ClhsdbCDSCore.java failed with "Couldn't find core file location"
+ - JDK-8207938: At step6,Click Add button,case failed automatically.
+ - JDK-8208157: requires.VMProps throws NPE for missing properties in "release" file
+ - JDK-8208379: compiler/jvmci/events/JvmciNotifyInstallEventTest.java failed with "Got unexpected event count after 2nd install attempt: expected 9 to equal 2"
+ - JDK-8208658: Make CDS archived heap regions usable even if compressed oop encoding has changed
+ - JDK-8208715: Conversion of milliseconds to nanoseconds in UNIXProcess contains bug
+ - JDK-8209361: [AOT] Unexpected number of references for JVMTI_HEAP_REFERENCE_CONSTANT_POOL [111-->111]: 0 (expected at least 1)
+ - JDK-8209385: CDS runtime classpath checking is too strict when only classes from the system modules are archived
+ - JDK-8209389: SIGSEGV in WalkOopAndArchiveClosure::do_oop_work.
+ - JDK-8209418: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2
+ - JDK-8209494: Create a test for SwingSet InternalFrameDemo
+ - JDK-8209499: Create test for SwingSet EditorPaneDemo
+ - JDK-8209574: [AOT] breakpoint events are generated in different threads does not meet expected count
+ - JDK-8209686: cleanup arguments to PhaseIdealLoop() constructor
+ - JDK-8209789: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2
+ - JDK-8209802: Garbage collectors should register JFR types themselves to avoid build errors.
+ - JDK-8209807: improve handling exception in requires.VMProps
+ - JDK-8209817: stack is executable when building with Clang on Linux
+ - JDK-8209824: Improve the code coverage for ThreadLocal
+ - JDK-8209826: Undefined reference to os::write after JDK-8209657 (filemap.hpp cleanup)
+ - JDK-8209850: Allow NamedThreads to use GlobalCounter critical sections
+ - JDK-8209976: Improve iteration over non-JavaThreads
+ - JDK-8209993: Create a test for SwingSet3 ToolTipDemo
+ - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread()
+ - JDK-8210052: Enable testing for all the available look and feels in SwingSet3 demo tests
+ - JDK-8210055: Enable different look and feel tests in SwingSet3 demo tests
+ - JDK-8210057: Enable different look and feels in SwingSet3 demo test InternalFrameDemoTest
+ - JDK-8210058: Algorithmic Italic font leans opposite angle in Printing
+ - JDK-8210220: [AOT] jdwp test cases are failing with error # ERROR: TEST FAILED: Cought IOException while receiving event packet
+ - JDK-8210289: ArchivedKlassSubGraphInfoRecord is incomplete
+ - JDK-8210459: Add support for generating compile_commands.json
+ - JDK-8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
+ - JDK-8210512: [Testbug] vmTestbase/nsk/jdi/ObjectReference/referringObjects/referringObjects002/referringObjects002.java fails with unexpected size of ClassLoaderReference.referringObjects
+ - JDK-8210523: runtime/appcds/cacheObject/DifferentHeapSizes.java crash
+ - JDK-8210632: Add key exchange algorithm to javax/net/ssl/TLSCommon/CipherSuite.java
+ - JDK-8210699: Problem list tests which times out in Xcomp mode
+ - JDK-8210793: [JVMCI] AllocateCompileIdTest.java failed to find DiagnosticCommand.class
+ - JDK-8210910: Create test for FileChooserDemo
+ - JDK-8210994: Create test for SwingSet3 FrameDemo
+ - JDK-8211139: Increase timeout value in all tests under jdk/sanity/client/SwingSet/src
+ - JDK-8211160: Handle different look and feels in JInternalFrameOperator
+ - JDK-8211211: vmTestbase/metaspace/stressDictionary/StressDictionary.java timeout
+ - JDK-8211322: Reduce the timeout of tooltip in SwingSet2DemoTest
+ - JDK-8211443: Enable different look and feels in SwingSet3 demo test SplitPaneDemoTest
+ - JDK-8211703: JInternalFrame : java.lang.AssertionError: cannot find the internal frame
+ - JDK-8211781: re-building fails after changing Graal sources
+ - JDK-8212897: Some improvements in the EditorPaneDemotest
+ - JDK-8212903: [TestBug] Tests test/jdk/javax/swing/LookAndFeel/8145547/DemandGTK2.sh and DemandGTK3.sh fail on Ubuntu 18.04 LTS
+ - JDK-8213009: Refactoring existing SunMSCAPI classes
+ - JDK-8213010: Supporting keys created with certmgr.exe
+ - JDK-8213168: Enable different look and feel tests in SwingSet3 demo test FileChooserDemoTest
+ - JDK-8213348: jdk.internal.vm.compiler.management service providers missing in module descriptor
+ - JDK-8213906: Update arm devkits with libXrandr headers
+ - JDK-8213908: AssertionError in DeferredAttr at setOverloadKind
+ - JDK-8214124: [TESTBUG] Bugs in runtime/NMT/MallocStressTest.java
+ - JDK-8214344: C2: assert(con.basic_type() != T_ILLEGAL) failed: elembt=byte; loadbt=void; unsigned=0
+ - JDK-8214345: infinite recursion while checking super class
+ - JDK-8214471: Enable different look and feel tests in SwingSet3 demo test ToolTipDemoTest
+ - JDK-8214534: Setting of THIS_FILE in the build is broken
+ - JDK-8214557: Filter out VM flags which don't affect AOT code generation
+ - JDK-8214578: [macos] Problem with backslashes on macOS/JIS keyboard: Java ignores system settings
+ - JDK-8214840: runtime/NMT/MallocStressTest.java timed out
+ - JDK-8214850: Rename vm_operations.?pp files to vmOperations.?pp files
+ - JDK-8214904: Test8004741.java failed due to "Too few ThreadDeath hits; expected at least 6 but saw only 5"
+ - JDK-8215322: add @file support to jaotc
+ - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1)
+ - JDK-8215396: JTabbedPane preferred size calculation is wrong for SCROLL_TAB_LAYOUT
+ - JDK-8216180: [AOT] compiler/intrinsics/bigInteger/TestMulAdd.java crashed with AOT enabled
+ - JDK-8216353: Use utility APIs introduced in org/netbeans/jemmy/util/LookAndFeel class in client sanity test cases
+ - JDK-8216354: Syntax error in toolchain_windows.m4
+ - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win)
+ - JDK-8216535: tools/jimage/JImageExtractTest.java timed out
+ - JDK-8217235: Create automated test for SwingSet ColorChooserDemoTest
+ - JDK-8217297: Add support for multiple look and feel for SwingSet SliderDemoTest
+ - JDK-8217338: [Containers] Improve systemd slice memory limit support
+ - JDK-8217613: [AOT] TEST_OPTS_AOT_MODULES doesn't work on mac
+ - JDK-8217634: RunTest documentation and usability update
+ - JDK-8217717: ZGC: Broken oop map in C1 load barrier stub
+ - JDK-8217728: Speed up incremental rerun of "make hotspot"
+ - JDK-8218268: Javac treats Manifest Class-Path entries as Paths instead of URLs
+ - JDK-8218662: Allow 204 responses with Content-Length:0
+ - JDK-8218882: NET_Writev is declared, NET_WriteV is defined
+ - JDK-8218889: Improperly use of the Optional API
+ - JDK-8219205: JFR file without license header
+ - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions
+ - JDK-8219723: javax/net/ssl/compatibility/Compatibility.java failed on some SNI cases
+ - JDK-8220348: [ntintel] asserts about copying unaligned array
+ - JDK-8220451: jdi/EventQueue/remove/remove004 failed due to "ERROR: thread2 is not alive"
+ - JDK-8220456: jdi/EventQueue/remove_l/remove_l004 failed due to "TIMEOUT while waiting for event"
+ - JDK-8220479: java/nio/channels/Selector/SelectWithConsumer.java failed at testTwoChannels()
+ - JDK-8220613: java/util/Arrays/TimSortStackSize2.java times out with fastdebug build
+ - JDK-8220688: [TESTBUG] runtime/NMT/MallocStressTest.java timed out
+ - JDK-8220786: Create new switch to redirect error reporting output to stdout or stderr
+ - JDK-8221270: Duplicated synchronized keywords in SSLSocketImpl
+ - JDK-8221312: test/jdk/sanity/client/SwingSet/src/ColorChooserDemoTest.java failed
+ - JDK-8221851: Use of THIS_FILE in hotspot invalidates precompiled header on Linux/GCC
+ - JDK-8221885: Add intermittent test in the JavaSound to the ProblemList
+ - JDK-8222264: Windows incremental build is broken with JDK-8217728
+ - JDK-8222391: javax/net/ssl/compatibility/Compatibility.java should be more flexible
+ - JDK-8222448: java/lang/reflect/PublicMethods/PublicMethodsTest.java times out
+ - JDK-8222519: ButtonDemoScreenshotTest fails randomly with "still state to be reached"
+ - JDK-8222741: jdi/EventQueue/remove/remove004 fails due to VMDisconnectedException
+ - JDK-8223003: SunMSCAPI keys are not cleaned up
+ - JDK-8223063: Support CNG RSA keys
+ - JDK-8223158: Docked MacBook cannot start any Java Swing applications
+ - JDK-8223260: NamingManager should cache InitialContextFactory
+ - JDK-8223464: Improve version string for Oracle CI builds
+ - JDK-8223558: Java does not render Myanmar script correctly
+ - JDK-8223627: jdk-13+20 bundle name contains null instead of ea
+ - JDK-8223638: Replace wildcard address with loopback or local host in tests - part 6
+ - JDK-8223678: Add Visual Studio Code workspace generation support (for native code)
+ - JDK-8223727: com/sun/jndi/ldap/privconn/RunTest.java failed due to hang in LdapRequest.getReplyBer
+ - JDK-8223769: Assert triggers with -XX:+StressReflectiveCode
+ - JDK-8224187: Refactor arraycopy_prologue to allow ZGC read barriers on arraycopy
+ - JDK-8224475: JTextPane does not show images in HTML rendering
+ - JDK-8224673: Adjust permission for delayed starting of debugging
+ - JDK-8224705: Tests that need to be problem-listed or have printer resources
+ - JDK-8224778: test/jdk/demo/jfc/J2Ddemo/J2DdemoTest.java cannot find J2Ddemo.jar
+ - JDK-8224821: java/awt/Focus/NoAutotransferToDisabledCompTest/NoAutotransferToDisabledCompTest.java fails linux-x64
+ - JDK-8224830: test/jdk/java/awt/Focus/ModalExcludedWindowClickTest/ModalExcludedWindowClickTest.java fails on linux-x64
+ - JDK-8224851: AArch64: fix warnings and errors with Clang and GCC 8.3
+ - JDK-8224905: java/lang/ProcessBuilder/Basic.java#id1 failed with stream closed
+ - JDK-8225007: java/awt/print/PrinterJob/LandscapeStackOverflow.java may hang
+ - JDK-8225105: java/awt/Focus/ShowFrameCheckForegroundTest/ShowFrameCheckForegroundTest.java fails in Windows 10
+ - JDK-8225117: java/math/BigInteger/SymmetricRangeTests.java fails with ParseException
+ - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test
+ - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
+ - JDK-8225144: [macos] In Aqua L&F backspace key does not delete when Shift is pressed
+ - JDK-8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows
+ - JDK-8225182: JNI exception pending in DestroyXIMCallback of awt_InputMethod.c:1327
+ - JDK-8225199: [Graal] compiler/jvmci/compilerToVM/IsMatureVsReprofileTest.java fails with -XX:CompileThresholdScaling=0.1
+ - JDK-8225305: ProblemList java/lang/invoke/VarHandles tests
+ - JDK-8225350: compiler/jvmci/compilerToVM/IsCompilableTest.java timed out
+ - JDK-8225430: Replace wildcard address with loopback or local host in tests - part 14
+ - JDK-8225435: Upgrade IANA Language Subtag Registry to the latest for JDK14
+ - JDK-8225487: giflib legal file is missing attribution for openbsd-reallocarray.c
+ - JDK-8225567: Wrong file headers with 8202414 fix changeset
+ - JDK-8225684: [AOT] vmTestbase/vm/oom/production/AlwaysOOMProduction tests fail with AOTed java.base
+ - JDK-8225766: Curve in certificate should not affect signature scheme when using TLSv1.3
+ - JDK-8225797: OldObjectSample event creates unexpected amount of checkpoint data
+ - JDK-8226381: ProblemList java/lang/reflect/PublicMethods/PublicMethodsTest.java
+ - JDK-8226406: JVM fails to detect mismatched or corrupt CDS archive
+ - JDK-8226608: Hide the onjcmd option from the help output
+ - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys
+ - JDK-8227112: exclude compiler/intrinsics/sha/sanity tests from AOT runs
+ - JDK-8227324: Upgrade to freetype 2.10.1
+ - JDK-8227528: TestAbortVMOnSafepointTimeout.java failed due to "RuntimeException: 'Safepoint sync time longer than' missing from stdout/stderr"
+ - JDK-8227645: Some tests in serviceability/sa run with fixed -Xmx values and risk running out of memory
+ - JDK-8227646: [TESTBUG] appcds/SharedArchiveConsistency timed out
+ - JDK-8227662: freetype seeks to index at the end of the font data
+ - JDK-8228479: Correct the format of ColorChooserDemoTest
+ - JDK-8228613: java.security.Provider#getServices order is no longer deterministic
+ - JDK-8228969: 2019-09-28 public suffix list update
+ - JDK-8229236: CriticalJNINatives: dll handling should be done in native thread state
+ - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC
+ - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions
+ - JDK-8229994: assert(false) failed: Bad graph detected in get_early_ctrl_for_expensive
+ - JDK-8230004: jdk/internal/jimage/JImageOpenTest.java runs no test
+ - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception
+ - JDK-8230390: Problemlist SA tests with AOT
+ - JDK-8230400: Missing constant pool entry for a method in stacktrace
+ - JDK-8230459: Test failed to resume JVMCI CompilerThread
+ - JDK-8230480: check malloc/calloc results in java.desktop
+ - JDK-8230597: Update GIFlib library to the 5.2.1
+ - JDK-8230611: infinite loop in LogOutputList::wait_until_no_readers()
+ - JDK-8230624: [TESTBUG] Problemlist JFR compiler/TestCodeSweeper.java
+ - JDK-8230677: Should disable Escape Analysis if JVMTI capability can_get_owned_monitor_info was taken
+ - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout
+ - JDK-8231025: Incorrect method tag offset for big endian platform
+ - JDK-8231081: TestMetadataRetention fails due to missing symbol id
+ - JDK-8231387: java.security.Provider.getService returns random result due to race condition with mutating methods in the same class
+ - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type
+ - JDK-8231445: check ZALLOC return values in awt coding
+ - JDK-8231507: Update Apache Santuario (XML Signature) to version 2.1.4
+ - JDK-8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call
+ - JDK-8231753: use more Posix functionality in aix os::print_os_info
+ - JDK-8231810: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java fails intermittently with "java.lang.Exception: Unexpected EOF"
+ - JDK-8232003: (fs) Files.write can leak file descriptor in the exception case
+ - JDK-8232056: GetOwnedMonitorInfoWithEATest.java fails with ZGC: Heap too small
+ - JDK-8232060: add some initializations using sigemptyset in os_aix.cpp
+ - JDK-8232154: Update Mesa 3-D Headers to version 19.2.1
+ - JDK-8232167: Visual Studio install found through --with-tools-dir value is discarded
+ - JDK-8232170: FSInfo#getJarClassPath throws an exception not declared in its throws clause
+ - JDK-8232200: [macos 10.15] Windows in fullscreen tests jumps around the screen
+ - JDK-8232207: Linux os::available_memory re-reads cgroup configuration on every invocation
+ - JDK-8232224: [TESTBUG] problemlist JFR TestLargeRootSet.java
+ - JDK-8232370: Refactor some com.sun.jdi tests to enable IDE integration
+ - JDK-8232433: [macos 10.15] java/awt/Window/LocationAtScreenCorner/LocationAtScreenCorner.java may fail
+ - JDK-8232571: Add missing SIGINFO signal
+ - JDK-8232692: [TESTBUG] compiler/aot/fingerprint/SelfChangedCDS.java fails when cds is disabled
+ - JDK-8232713: Update BCEL version to 6.3.1 in license file
+ - JDK-8232806: Introduce a system property to disable eager lambda initialization
+ - JDK-8232834: RunTest sometimes fails to produce valid exitcode.txt
+ - JDK-8232880: Update test documentation with additional settings for client UI tooltip tests
+ - JDK-8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.
+ - JDK-8233018: Add a new test to verify that DatagramSocket is not interruptible
+ - JDK-8233019: java.lang.Class.isPrimitive() (C1) returns wrong result if Klass* is aligned to 32bit
+ - JDK-8233032: assert(in_bb(n)) failed: must be
+ - JDK-8233078: fix minimal VM build on Linux ppc64(le)
+ - JDK-8233328: fix minimal VM build on Linux s390x
+ - JDK-8233383: Various minor fixes
+ - JDK-8233466: aarch64: remove unnecessary load of mdo when profiling return and parameters type
+ - JDK-8233491: Crash in AdapterHandlerLibrary::get_adapter with CDS due to code cache exhaustion
+ - JDK-8233529: loopTransform.cpp:2984: Error: assert(p_f->Opcode() == Op_IfFalse) failed
+ - JDK-8233548: Update CUP to v0.11b
+ - JDK-8233649: Update ProblemList.txt to exclude failing headful tests on macos
+ - JDK-8233656: assert(d->is_CFG() && n->is_CFG()) failed: must have CFG nodes
+ - JDK-8233657: Intermittent NPE in Component.validate()
+ - JDK-8234288: Turkey Time Zone returns incorrect time zone name
+ - JDK-8234323: NULL-check return value of SurfaceData_InitOps on macosx
+ - JDK-8234339: replace JLI_StrTok in java_md_solinux.c
+ - JDK-8234340: Bump update version for OpenJDK: jdk-11.0.7
+ - JDK-8234350: assert(mode == ControlAroundStripMined && (use == sfpt || !use->is_reachable_from_root())) failed: missed a node
+ - JDK-8234386: [macos] NPE was thrown at expanding Choice from maximized frame
+ - JDK-8234397: add OS uptime information to os::print_os_info output
+ - JDK-8234423: Modifying ArrayList.subList().subList() resets modCount of subList
+ - JDK-8234466: Class loading deadlock involving X509Factory#commitEvent()
+ - JDK-8234501: remove obsolete NET_ReadV
+ - JDK-8234525: enable link-time section-gc for linux s390x to remove unused code
+ - JDK-8234610: MaxVectorSize set wrongly when UseAVX=3 is specified after JDK-8221092
+ - JDK-8234617: C1: Incorrect result of field load due to missing narrowing conversion
+ - JDK-8234723: javax/net/ssl/TLS tests support TLSv1.3
+ - JDK-8234724: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java supports TLSv1.3
+ - JDK-8234741: enhance os::get_core_path on macOS
+ - JDK-8234769: Duplicate attribution in freetype.md
+ - JDK-8234786: Fix for JDK-8214578 breaks OS X 10.12 compatibility
+ - JDK-8234809: set relro in linker flags when building with gcc
+ - JDK-8234824: java/nio/channels/SocketChannel/AdaptSocket.java fails on Windows 10
+ - JDK-8235243: handle VS2017 15.9 and VS2019 in abstract_vm_version
+ - JDK-8235288: AVX 512 instructions inadvertently used on Xeon for small vector width operations
+ - JDK-8235325: build failure on Linux after 8235243
+ - JDK-8235383: C1 compilation fails with -XX:+PrintIRDuringConstruction -XX:+Verbose
+ - JDK-8235489: handle return values of sscanf calls in hotspot
+ - JDK-8235509: Backport for JDK-8209657 Refactor filemap.hpp to simplify integration with Serviceability Agent.
+ - JDK-8235510: java.util.zip.CRC32 performance drop after 8200067
+ - JDK-8235563: [TESTBUG] appcds/CommandLineFlagComboNegative.java does not handle archive mapping failure
+ - JDK-8235637: jhsdb jmap from OpenJDK 11.0.5 doesn't work if prelink is enabled
+ - JDK-8235671: enhance print_rlimit_info in os_posix
+ - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64
+ - JDK-8235904: Infinite loop when rendering huge lines
+ - JDK-8235998: [c2] Memory leaks during tracing after '8224193: stringStream should not use Resource Area'.
+ - JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
+ - JDK-8236140: assert(!VerifyHashTableKeys || _hash_lock == 0) failed: remove node from hash table before modifying it
+ - JDK-8236179: C1 register allocation error with T_ADDRESS
+ - JDK-8236488: Support for configure option --with-native-debug-symbols=internal is impossible on Windows
+ - JDK-8236500: Windows ucrt.dll should be looked up in versioned WINSDK subdirectory
+ - JDK-8236709: struct SwitchRange in HS violates C++ One Definition Rule
+ - JDK-8236848: [JDK 11u] make run-test-tier1 fails after backport of JDK-8232834
+ - JDK-8236873: Worker has a deadlock bug
+ - JDK-8237217: Incorrect G1StringDedupEntry type used in StringDedupTable destructor
+ - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read
+ - JDK-8237375: SimpleThresholdPolicy misses CounterDecay timestamp initialization
+ - JDK-8237508: Simplify JarFile.isInitializing
+ - JDK-8237540: Missing files in backport of JDK-8210910
+ - JDK-8237541: Missing files in backport of JDK-8236528
+ - JDK-8237600: Test SunJSSEFIPSInit fails on Ubuntu
+ - JDK-8237819: s390x - remove unused pd_zero_to_words_large
+ - JDK-8237869: exclude jtreg test security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java because of instabilities
+ - JDK-8237879: make 4.3 breaks build
+ - JDK-8237945: CTW: C2 compilation fails with assert(just_allocated_object(alloc_ctl) == ptr) failed: most recent allo
+ - JDK-8238225: Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary
+ - JDK-8238247: CTW runner should sweep nmethods more aggressively
+ - JDK-8238366: CTW runner closes standard output on exit
+ - JDK-8238438: SuperWord::co_locate_pack picks memory state of first instead of last load
+ - JDK-8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION
+ - JDK-8238534: Deep sign macOS bundles before bundle archive is being created
+ - JDK-8238591: CTW: Split applications/ctw/modules/jdk_localedata.java
+ - JDK-8238596: AVX enabled by default for Skylake even when unsupported
+ - JDK-8238811: C2: assert(i >= req() || i == 0 || is_Region() || is_Phi()) with -XX:+VerifyGraphEdges
+ - JDK-8239005: [TESTBUG] test/hotspot/jtreg/runtime/StackGuardPages/TestStackGuardPages.java: exeinvoke.c: must initialize static state before calling do_overflow()
+ - JDK-8239466: Loss of precision in counter decay calculation in 11u backport of JDK-8237375
+ - JDK-8239856: [ntintel] asserts about copying unaligned array element
+ - JDK-8240724: [test] jdk11 downport of 8224475 misses binary file test/jdk/javax/swing/JTextPane/arrow.png
+ - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
+
+Notes on individual issues:
+===========================
+
+security-libs/javax.xml.crypto:
+
+JDK-8239467: Apache Santuario Library Updated to Version 2.1.4
+==============================================================
+The Apache Santuario library has been upgraded to version 2.1.4. As a
+result, a new system property
+`com.sun.org.apache.xml.internal.security.parser.pool-size` has been
+introduced.
+
+This new system property sets the pool size of the internal
+`DocumentBuilder` cache used when processing XML Signatures. The
+function is equivalent to the
+`org.apache.xml.security.parser.pool-size` system property used in
+Apache Santuario and has the same default value of 20.
diff --git a/SOURCES/jdk8236039-status_request_extension.patch b/SOURCES/jdk8236039-status_request_extension.patch
deleted file mode 100644
index be7008c..0000000
--- a/SOURCES/jdk8236039-status_request_extension.patch
+++ /dev/null
@@ -1,310 +0,0 @@
-# HG changeset patch
-# User jnimeh
-# Date 1578287079 28800
-# Sun Jan 05 21:04:39 2020 -0800
-# Node ID b9d1ce20dd4b2ce34e74c8fa2d784335231abcd1
-# Parent 3782f295811625b65d57f1aef15daa10d82a58a7
-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
-Reviewed-by: xuelei
-
-diff --git a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
---- a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
-+++ b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
-+ * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
-@@ -39,11 +39,7 @@
- import javax.net.ssl.SSLProtocolException;
- import sun.security.provider.certpath.OCSPResponse;
- import sun.security.provider.certpath.ResponderId;
--import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST;
--import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST_V2;
- import sun.security.ssl.SSLExtension.ExtensionConsumer;
--import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST;
--import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST_V2;
- import sun.security.ssl.SSLExtension.SSLExtensionSpec;
- import sun.security.ssl.SSLHandshake.HandshakeMessage;
- import sun.security.util.DerInputStream;
-@@ -434,8 +430,9 @@
- } else {
- extBuilder.append(",\n");
- }
-- extBuilder.append(
-- "{\n" + Utilities.indent(ext.toString()) + "}");
-+ extBuilder.append("{\n").
-+ append(Utilities.indent(ext.toString())).
-+ append("}");
- }
-
- extsStr = extBuilder.toString();
-@@ -552,11 +549,11 @@
- return null;
- }
-
-- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST)) {
-+ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) {
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
- SSLLogger.fine(
- "Ignore unavailable extension: " +
-- CH_STATUS_REQUEST.name);
-+ SSLExtension.CH_STATUS_REQUEST.name);
- }
- return null;
- }
-@@ -568,8 +565,8 @@
- byte[] extData = new byte[] {0x01, 0x00, 0x00, 0x00, 0x00};
-
- // Update the context.
-- chc.handshakeExtensions.put(
-- CH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
-+ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST,
-+ CertStatusRequestSpec.DEFAULT);
-
- return extData;
- }
-@@ -593,10 +590,10 @@
- // The consuming happens in server side only.
- ServerHandshakeContext shc = (ServerHandshakeContext)context;
-
-- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST)) {
-+ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) {
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
- SSLLogger.fine("Ignore unavailable extension: " +
-- CH_STATUS_REQUEST.name);
-+ SSLExtension.CH_STATUS_REQUEST.name);
- }
- return; // ignore the extension
- }
-@@ -610,7 +607,7 @@
- }
-
- // Update the context.
-- shc.handshakeExtensions.put(CH_STATUS_REQUEST, spec);
-+ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST, spec);
- if (!shc.isResumption &&
- !shc.negotiatedProtocol.useTLS13PlusSpec()) {
- shc.handshakeProducers.put(SSLHandshake.CERTIFICATE_STATUS.id,
-@@ -654,13 +651,12 @@
-
- // In response to "status_request" extension request only.
- CertStatusRequestSpec spec = (CertStatusRequestSpec)
-- shc.handshakeExtensions.get(CH_STATUS_REQUEST);
-+ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST);
- if (spec == null) {
- // Ignore, no status_request extension requested.
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
-- SSLLogger.finest(
-- "Ignore unavailable extension: " +
-- CH_STATUS_REQUEST.name);
-+ SSLLogger.finest("Ignore unavailable extension: " +
-+ SSLExtension.CH_STATUS_REQUEST.name);
- }
-
- return null; // ignore the extension
-@@ -681,8 +677,8 @@
- byte[] extData = new byte[0];
-
- // Update the context.
-- shc.handshakeExtensions.put(
-- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
-+ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST,
-+ CertStatusRequestSpec.DEFAULT);
-
- return extData;
- }
-@@ -708,7 +704,7 @@
-
- // In response to "status_request" extension request only.
- CertStatusRequestSpec requestedCsr = (CertStatusRequestSpec)
-- chc.handshakeExtensions.get(CH_STATUS_REQUEST);
-+ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST);
- if (requestedCsr == null) {
- throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
- "Unexpected status_request extension in ServerHello");
-@@ -722,8 +718,8 @@
- }
-
- // Update the context.
-- chc.handshakeExtensions.put(
-- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
-+ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST,
-+ CertStatusRequestSpec.DEFAULT);
-
- // Since we've received a legitimate status_request in the
- // ServerHello, stapling is active if it's been enabled.
-@@ -909,7 +905,7 @@
- return null;
- }
-
-- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) {
-+ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) {
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
- SSLLogger.finest(
- "Ignore unavailable status_request_v2 extension");
-@@ -926,8 +922,8 @@
- 0x00, 0x07, 0x02, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00};
-
- // Update the context.
-- chc.handshakeExtensions.put(
-- CH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
-+ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2,
-+ CertStatusRequestV2Spec.DEFAULT);
-
- return extData;
- }
-@@ -951,7 +947,7 @@
- // The consuming happens in server side only.
- ServerHandshakeContext shc = (ServerHandshakeContext)context;
-
-- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) {
-+ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) {
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
- SSLLogger.finest(
- "Ignore unavailable status_request_v2 extension");
-@@ -969,7 +965,8 @@
- }
-
- // Update the context.
-- shc.handshakeExtensions.put(CH_STATUS_REQUEST_V2, spec);
-+ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2,
-+ spec);
- if (!shc.isResumption) {
- shc.handshakeProducers.putIfAbsent(
- SSLHandshake.CERTIFICATE_STATUS.id,
-@@ -1013,7 +1010,7 @@
-
- // In response to "status_request_v2" extension request only
- CertStatusRequestV2Spec spec = (CertStatusRequestV2Spec)
-- shc.handshakeExtensions.get(CH_STATUS_REQUEST_V2);
-+ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2);
- if (spec == null) {
- // Ignore, no status_request_v2 extension requested.
- if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
-@@ -1038,8 +1035,8 @@
- byte[] extData = new byte[0];
-
- // Update the context.
-- shc.handshakeExtensions.put(
-- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
-+ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2,
-+ CertStatusRequestV2Spec.DEFAULT);
-
- return extData;
- }
-@@ -1065,7 +1062,7 @@
-
- // In response to "status_request" extension request only
- CertStatusRequestV2Spec requestedCsr = (CertStatusRequestV2Spec)
-- chc.handshakeExtensions.get(CH_STATUS_REQUEST_V2);
-+ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2);
- if (requestedCsr == null) {
- throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
- "Unexpected status_request_v2 extension in ServerHello");
-@@ -1079,8 +1076,8 @@
- }
-
- // Update the context.
-- chc.handshakeExtensions.put(
-- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
-+ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2,
-+ CertStatusRequestV2Spec.DEFAULT);
-
- // Since we've received a legitimate status_request in the
- // ServerHello, stapling is active if it's been enabled. If it
-diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
---- a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
-+++ b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
-+ * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
-@@ -113,7 +113,6 @@
- null,
- null,
- CertStatusExtension.certStatusReqStringizer),
--
- CR_STATUS_REQUEST (0x0005, "status_request"),
- CT_STATUS_REQUEST (0x0005, "status_request",
- SSLHandshake.CERTIFICATE,
-@@ -124,6 +123,7 @@
- null,
- null,
- CertStatusExtension.certStatusRespStringizer),
-+
- // extensions defined in RFC 4681
- USER_MAPPING (0x0006, "user_mapping"),
-
-@@ -515,6 +515,16 @@
- return null;
- }
-
-+ static String nameOf(int extensionType) {
-+ for (SSLExtension ext : SSLExtension.values()) {
-+ if (ext.id == extensionType) {
-+ return ext.name;
-+ }
-+ }
-+
-+ return "unknown extension";
-+ }
-+
- static boolean isConsumable(int extensionType) {
- for (SSLExtension ext : SSLExtension.values()) {
- if (ext.id == extensionType &&
-diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
---- a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
-+++ b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
-+ * Copyright (c) 2018, 2020 Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
-@@ -86,11 +86,14 @@
- "Received buggy supported_groups extension " +
- "in the ServerHello handshake message");
- }
-- } else {
-+ } else if (handshakeType == SSLHandshake.SERVER_HELLO) {
- throw hm.handshakeContext.conContext.fatal(
-- Alert.UNSUPPORTED_EXTENSION,
-- "extension (" + extId +
-- ") should not be presented in " + handshakeType.name);
-+ Alert.UNSUPPORTED_EXTENSION, "extension (" +
-+ extId + ") should not be presented in " +
-+ handshakeType.name);
-+ } else {
-+ isSupported = false;
-+ // debug log to ignore unknown extension for handshakeType
- }
- }
-
-@@ -365,9 +368,10 @@
- }
-
- private static String toString(int extId, byte[] extData) {
-+ String extName = SSLExtension.nameOf(extId);
- MessageFormat messageFormat = new MessageFormat(
-- "\"unknown extension ({0})\": '{'\n" +
-- "{1}\n" +
-+ "\"{0} ({1})\": '{'\n" +
-+ "{2}\n" +
- "'}'",
- Locale.ENGLISH);
-
-@@ -375,6 +379,7 @@
- String encoded = hexEncoder.encodeBuffer(extData);
-
- Object[] messageFields = {
-+ extName,
- extId,
- Utilities.indent(encoded)
- };
diff --git a/SOURCES/jdk8237396-avoid_triggering_barriers.patch b/SOURCES/jdk8237396-avoid_triggering_barriers.patch
deleted file mode 100644
index 90d7c65..0000000
--- a/SOURCES/jdk8237396-avoid_triggering_barriers.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-# HG changeset patch
-# User zgu
-# Date 1579696811 18000
-# Wed Jan 22 07:40:11 2020 -0500
-# Node ID 91ea567eeabeade6b3f8d6cf10c02ba53f700eca
-# Parent 082f1d3eb1649ff776cda165ed78d65bc7361ebc
-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers
-Reviewed-by: stefank, rkennke
-
-diff --git a/src/hotspot/share/prims/jvmtiTagMap.cpp b/src/hotspot/share/prims/jvmtiTagMap.cpp
---- a/src/hotspot/share/prims/jvmtiTagMap.cpp
-+++ b/src/hotspot/share/prims/jvmtiTagMap.cpp
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
-+ * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
-@@ -96,6 +96,11 @@
- inline oop object_peek() {
- return NativeAccess<ON_PHANTOM_OOP_REF | AS_NO_KEEPALIVE>::oop_load(object_addr());
- }
-+
-+ inline oop object_raw() {
-+ return RawAccess<>::oop_load(object_addr());
-+ }
-+
- inline jlong tag() const { return _tag; }
-
- inline void set_tag(jlong tag) {
-@@ -3357,7 +3362,7 @@
- JvmtiTagHashmapEntry* next = entry->next();
-
- // has object been GC'ed
-- if (!is_alive->do_object_b(entry->object_peek())) {
-+ if (!is_alive->do_object_b(entry->object_raw())) {
- // grab the tag
- jlong tag = entry->tag();
- guarantee(tag != 0, "checking");
-@@ -3375,7 +3380,7 @@
- ++freed;
- } else {
- f->do_oop(entry->object_addr());
-- oop new_oop = entry->object_peek();
-+ oop new_oop = entry->object_raw();
-
- // if the object has moved then re-hash it and move its
- // entry to its new location.
-@@ -3409,7 +3414,7 @@
- // Re-add all the entries which were kept aside
- while (delayed_add != NULL) {
- JvmtiTagHashmapEntry* next = delayed_add->next();
-- unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_peek(), size);
-+ unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_raw(), size);
- delayed_add->set_next(table[pos]);
- table[pos] = delayed_add;
- delayed_add = next;
diff --git a/SPECS/java-11-openjdk.spec b/SPECS/java-11-openjdk.spec
index 8906590..8493ffd 100644
--- a/SPECS/java-11-openjdk.spec
+++ b/SPECS/java-11-openjdk.spec
@@ -21,6 +21,9 @@
# Enable release builds by default on relevant arches.
%bcond_without release
+# Workaround for stripping of debug symbols from static libraries
+%define __brp_strip_static_archive %{nil}
+
# The -g flag says to use strip -g instead of full strip on DSOs or EXEs.
# This fixes detailed NMT and other tools which need minimal debug info.
# See: https://bugzilla.redhat.com/show_bug.cgi?id=1520879
@@ -59,8 +62,8 @@
# the ghosts are here to allow installation via query like `dnf install /usr/bin/java`
# you can list those files, with appropriate sections: cat *.spec | grep -e --install -e --slave -e post_
# TODO - fix those hardcoded lists via single list
-# those files ,must *NOT* be ghosted for *slowdebug* packages
-# FIXME - if you are moving jshell or jlink or simialr, always modify all three sections
+# Those files must *NOT* be ghosted for *slowdebug* packages
+# FIXME - if you are moving jshell or jlink or similar, always modify all three sections
# you can check via headless and devels:
# rpm -ql --noghost java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin
# == rpm -ql java-11-openjdk-headless-slowdebug-11.0.1.13-8.fc29.x86_64.rpm | grep bin
@@ -121,12 +124,12 @@
%endif
%if %{bootstrap_build}
-%global release_targets bootcycle-images docs-zip
+%global release_targets bootcycle-images static-libs-image docs-zip
%else
-%global release_targets images docs-zip
+%global release_targets images docs-zip static-libs-image
%endif
# No docs nor bootcycle for debug builds
-%global debug_targets images
+%global debug_targets images static-libs-image
# Filter out flags from the optflags macro that cause problems with the OpenJDK build
@@ -212,7 +215,7 @@
# New Version-String scheme-style defines
%global majorver 11
-%global securityver 6
+%global securityver 8
# buildjdkver is usually same as %%{majorver},
# but in time of bootstrap of next jdk, it is majorver-1,
# and this it is better to change it here, on single place
@@ -238,8 +241,8 @@
%global top_level_dir_name %{origin}
%global minorver 0
%global buildver 10
-%global rpmrelease 4
-#%%global tagsuffix ""
+%global rpmrelease 0
+#%%global tagsuffix %%{nil}
# priority must be 8 digits in total; untill openjdk 1.8 we were using 18..... so when moving to 11 we had to add another digit
%if %is_system_jdk
%global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} )
@@ -271,8 +274,9 @@
# parametrized macros are order-sensitive
%global compatiblename java-%{majorver}-%{origin}
%global fullversion %{compatiblename}-%{version}-%{release}
-# images stub
-%global jdkimage jdk
+# images directories from upstream build
+%global jdkimage jdk
+%global static_libs_image static-libs
# output dir stub
%define buildoutputdir() %{expand:openjdk/build%{?1}}
# we can copy the javadoc to not arched dir, or make it not noarch
@@ -308,6 +312,8 @@
%define sdkbindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin}
%define jrebindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin}
+%global alt_java_name alt-java
+
%global rpm_state_dir %{_localstatedir}/lib/rpm-state/
%if %{with_systemtap}
@@ -353,6 +359,7 @@ ext=.gz
alternatives \\
--install %{_bindir}/java java %{jrebindir -- %{?1}}/java $PRIORITY --family %{name}.%{_arch} \\
--slave %{_jvmdir}/jre jre %{_jvmdir}/%{sdkdir -- %{?1}} \\
+ --slave %{_bindir}/%{alt_java_name} %{alt_java_name} %{jrebindir -- %{?1}}/%{alt_java_name} \\
--slave %{_bindir}/jjs jjs %{jrebindir -- %{?1}}/jjs \\
--slave %{_bindir}/keytool keytool %{jrebindir -- %{?1}}/keytool \\
--slave %{_bindir}/pack200 pack200 %{jrebindir -- %{?1}}/pack200 \\
@@ -361,6 +368,8 @@ alternatives \\
--slave %{_bindir}/unpack200 unpack200 %{jrebindir -- %{?1}}/unpack200 \\
--slave %{_mandir}/man1/java.1$ext java.1$ext \\
%{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1$ext \\
+ --slave %{_mandir}/man1/%{alt_java_name}.1$ext %{alt_java_name}.1$ext \\
+ %{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1$ext \\
--slave %{_mandir}/man1/jjs.1$ext jjs.1$ext \\
%{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1$ext \\
--slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \\
@@ -573,6 +582,7 @@ exit 0
%define files_jre_headless() %{expand:
%license %{_jvmdir}/%{sdkdir -- %{?1}}/legal
+%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/NEWS
%dir %{_sysconfdir}/.java/.systemPrefs
%dir %{_sysconfdir}/.java
%dir %{_jvmdir}/%{sdkdir -- %{?1}}
@@ -580,6 +590,7 @@ exit 0
%{_jvmdir}/%{jrelnk -- %{?1}}
%dir %{_jvmdir}/%{sdkdir -- %{?1}}/bin
%{_jvmdir}/%{sdkdir -- %{?1}}/bin/java
+%{_jvmdir}/%{sdkdir -- %{?1}}/bin/%{alt_java_name}
%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jjs
%{_jvmdir}/%{sdkdir -- %{?1}}/bin/keytool
%{_jvmdir}/%{sdkdir -- %{?1}}/bin/pack200
@@ -641,6 +652,7 @@ exit 0
%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jfr/default.jfc
%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jfr/profile.jfc
%{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1*
+%{_mandir}/man1/%{alt_java_name}-%{uniquesuffix -- %{?1}}.1*
%{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1*
%{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1*
%{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1*
@@ -689,6 +701,7 @@ exit 0
%if %is_system_jdk
%if %{is_release_build -- %{?1}}
%ghost %{_bindir}/java
+%ghost %{_bindir}/%{alt_java_name}
%ghost %{_jvmdir}/jre
# https://bugzilla.redhat.com/show_bug.cgi?id=1312019
%ghost %{_bindir}/jjs
@@ -773,6 +786,7 @@ exit 0
%if %{is_release_build -- %{?1}}
%ghost %{_bindir}/javac
%ghost %{_jvmdir}/java
+%ghost %{_jvmdir}/%{alt_java_name}
%ghost %{_bindir}/jaotc
%ghost %{_bindir}/jlink
%ghost %{_bindir}/jmod
@@ -819,6 +833,25 @@ exit 0
%{_jvmdir}/%{sdkdir -- %{?1}}/lib/src.zip
}
+%define files_static_libs() %{expand:
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2pkcs11.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2pcsc.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libnio.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libprefs.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjava.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjli.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libnet.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjimage.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjaas.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libfdlibm.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2gss.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libsunec.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libjsig.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libextnet.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libverify.a
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libzip.a
+}
+
%define files_javadoc() %{expand:
%doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}}
%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/legal
@@ -874,7 +907,9 @@ Requires: ca-certificates
# Require javapackages-filesystem for ownership of /usr/lib/jvm/ and macros
Requires: javapackages-filesystem
# Require zone-info data provided by tzdata-java sub-package
-Requires: tzdata-java >= 2015d
+# 2020a required as of JDK-8243541 in 11.0.8+4
+Requires: tzdata-java >= 2020a
+# for support of kernel stream control
# libsctp.so.1 is being `dlopen`ed on demand
Requires: lksctp-tools%{?_isa}
# tool to copy jdk's configs - should be Recommends only, but then only dnf/yum enforce it,
@@ -936,6 +971,11 @@ Provides: java-sdk%{?1} = %{epoch}:%{version}-%{release}
%endif
}
+%define java_static_libs_rpo() %{expand:
+Requires: %{name}-devel%{?1}%{?_isa} = %{epoch}:%{version}-%{release}
+OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release}
+}
+
%define java_jmods_rpo() %{expand:
# Requires devel package
# as jmods are bytecode, they should be OK without any _isa
@@ -1040,6 +1080,9 @@ Source8: tapsets-icedtea-%{icedteaver}.tar.xz
# Desktop files. Adapted from IcedTea
Source9: jconsole.desktop.in
+# Release notes
+Source10: NEWS
+
# nss configuration file
Source11: nss.cfg.in
@@ -1075,8 +1118,6 @@ Patch1001: rh1655466-global_crypto_and_fips.patch
# Shenandoah specific patches
#
#############################################
-# JDK-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers
-Patch10: jdk8237396-avoid_triggering_barriers.patch
# Currently empty
@@ -1098,8 +1139,6 @@ Patch6: rh1566890-CVE_2018_3639-speculative_store_bypass.patch
Patch7: pr3695-toggle_system_crypto_policy.patch
# S390 ambiguous log2_intptr call
Patch8: s390-8214206_fix.patch
-# JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
-Patch9: jdk8236039-status_request_extension.patch
#############################################
#
@@ -1143,7 +1182,8 @@ BuildRequires: java-%{buildjdkver}-openjdk-devel
%ifnarch %{jit_arches}
BuildRequires: libffi-devel
%endif
-BuildRequires: tzdata-java >= 2015d
+# 2020a required as of JDK-8243541 in 11.0.8+4
+BuildRequires: tzdata-java >= 2020a
# Earlier versions have a bug in tree vectorization on PPC
BuildRequires: gcc >= 4.8.3-8
@@ -1216,6 +1256,27 @@ The %{origin_nice} development tools %{majorver}.
%endif
%if %{include_normal_build}
+%package static-libs
+Summary: %{origin_nice} libraries for static linking %{majorver}
+
+%{java_static_libs_rpo %{nil}}
+
+%description static-libs
+The %{origin_nice} libraries for static linking %{majorver}.
+%endif
+
+%if %{include_debug_build}
+%package static-libs-slowdebug
+Summary: %{origin_nice} libraries for static linking %{majorver} %{debug_on}
+
+%{java_static_libs_rpo -- %{debug_suffix_unquoted}}
+
+%description static-libs-slowdebug
+The %{origin_nice} libraries for static linking %{majorver}.
+%{debug_warning}
+%endif
+
+%if %{include_normal_build}
%package jmods
Summary: JMods for %{origin_nice} %{majorver}
Group: Development/Tools
@@ -1356,8 +1417,6 @@ pushd %{top_level_dir_name}
%patch6 -p1
%patch7 -p1
%patch8 -p1
-%patch9 -p1
-%patch10 -p1
popd # openjdk
%patch1000
@@ -1439,7 +1498,8 @@ EXTRA_CPP_FLAGS="%ourcppflags -std=gnu++98 -fno-delete-null-pointer-checks -fno-
# fix rpmlint warnings
EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-strict-aliasing"
%endif
-export EXTRA_CFLAGS
+EXTRA_ASFLAGS="${EXTRA_CFLAGS} -Wa,--generate-missing-build-notes=yes"
+export EXTRA_CFLAGS EXTRA_ASFLAGS
for suffix in %{build_loop} ; do
if [ "x$suffix" = "x" ] ; then
@@ -1478,6 +1538,7 @@ bash ../configure \
--with-stdc++lib=dynamic \
--with-extra-cxxflags="$EXTRA_CPP_FLAGS" \
--with-extra-cflags="$EXTRA_CFLAGS" \
+ --with-extra-asflags="$EXTRA_ASFLAGS" \
--with-extra-ldflags="%{ourldflags}" \
--with-num-cores="$NUM_PROC" \
--disable-javac-server \
@@ -1524,6 +1585,14 @@ install -m 644 nss.fips.cfg $JAVA_HOME/conf/security/
rm $JAVA_HOME/lib/tzdb.dat
ln -s %{_datadir}/javazi-1.8/tzdb.dat $JAVA_HOME/lib/tzdb.dat
+# Create fake alt-java as a placeholder for future alt-java
+pushd ${JAVA_HOME}
+cp -a bin/java bin/%{alt_java_name}
+# add alt-java man page
+echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1
+cat man/man1/java.1 >> man/man1/%{alt_java_name}.1
+popd
+
# build cycles
done
@@ -1547,6 +1616,11 @@ $JAVA_HOME/bin/java --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLev
$JAVA_HOME/bin/javac -d . %{SOURCE14}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||")
+# Check debug symbols in static libraries (smoke test)
+export STATIC_LIBS_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{static_libs_image}
+readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep w_remainder.c
+readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep e_remainder.c
+
# Check debug symbols are present and can identify code
find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib
do
@@ -1665,7 +1739,6 @@ pushd %{buildoutputdir $suffix}/images/%{jdkimage}
ln -sf %{sdkdir -- $suffix} %{jrelnk -- $suffix}
popd
-
# Install man pages
install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man1
for manpage in man/man1/*
@@ -1680,6 +1753,9 @@ pushd %{buildoutputdir $suffix}/images/%{jdkimage}
rm -rf $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/man
popd
+# Install static libs artefacts
+cp -a %{buildoutputdir -- $suffix}/images/%{static_libs_image}/lib/*.a \
+ $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/lib
if ! echo $suffix | grep -q "debug" ; then
@@ -1689,6 +1765,11 @@ if ! echo $suffix | grep -q "debug" ; then
cp -a %{buildoutputdir -- $suffix}/bundles/jdk-%{newjavaver}%{ea_designator_zip}+%{buildver}%{lts_designator_zip}-docs.zip $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix}.zip
fi
+# Install release notes
+commondocdir=${RPM_BUILD_ROOT}%{_defaultdocdir}/%{uniquejavadocdir $suffix}
+install -d -m 755 ${commondocdir}
+cp -a %{SOURCE10} ${commondocdir}
+
# Install icons and menu entries
for s in 16 24 32 48 ; do
install -D -p -m 644 \
@@ -1858,6 +1939,9 @@ require "copy_jdk_configs.lua"
%files devel
%{files_devel %{nil}}
+%files static-libs
+%{files_static_libs %{nil}}
+
%files jmods
%{files_jmods %{nil}}
@@ -1888,6 +1972,9 @@ require "copy_jdk_configs.lua"
%files devel-slowdebug
%{files_devel -- %{debug_suffix_unquoted}}
+%files static-libs-slowdebug
+%{files_static_libs -- %{debug_suffix_unquoted}}
+
%files jmods-slowdebug
%{files_jmods -- %{debug_suffix_unquoted}}
@@ -1900,6 +1987,131 @@ require "copy_jdk_configs.lua"
%endif
%changelog
+* Sat Jul 11 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.10-0
+- Update to shenandoah-jdk-11.0.8+10 (GA)
+- Switch to GA mode for final release.
+- Update release notes with last minute fix (JDK-8248505).
+- This tarball is embargoed until 2020-07-14 @ 1pm PT.
+- Resolves: rhbz#1838811
+
+* Fri Jul 10 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.9-0.0.ea
+- Update to shenandoah-jdk-11.0.8+9 (EA)
+- Update release notes for 11.0.8 release.
+- This tarball is embargoed until 2020-07-14 @ 1pm PT.
+- Resolves: rhbz#1838811
+
+* Tue Jun 30 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.8-0.0.ea
+- Update to shenandoah-jdk-11.0.8+8 (EA)
+- Resolves: rhbz#1838811
+
+* Wed Jun 24 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.7-0.1.ea
+- java-11-openjdk doesn't have a JRE tree, so don't try and copy alt-java there...
+- Resolves: rhbz#1838811
+
+* Wed Jun 24 2020 Jiri Vanek <jvanek@redhat.com> - 1:11.0.8.7-0.1.ea
+- Create a copy of java as alt-java with alternatives and man pages
+- Resolves: rhbz#1838811
+
+* Tue Jun 23 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.7-0.0.ea
+- Update to shenandoah-jdk-11.0.8+7 (EA)
+- Resolves: rhbz#1838811
+
+* Thu Jun 18 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.6-0.0.ea
+- Update to shenandoah-jdk-11.0.8+6 (EA)
+- Resolves: rhbz#1838811
+
+* Tue Jun 09 2020 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.8.5-0.1.ea
+- Disable stripping of debug symbols for static libraries part of
+ the -static-libs sub-package.
+- Resolves: rhbz#1848701
+
+* Sun Jun 07 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.5-0.0.ea
+- Update to shenandoah-jdk-11.0.8+5 (EA)
+- Resolves: rhbz#1838811
+
+* Mon May 25 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.4-0.0.ea
+- Update to shenandoah-jdk-11.0.8+4 (EA)
+- Require tzdata 2020a due to resource changes in JDK-8243541
+- Resolves: rhbz#1838811
+
+* Mon May 25 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.3-0.0.ea
+- Update to shenandoah-jdk-11.0.8+3 (EA)
+- Resolves: rhbz#1838811
+
+* Mon May 25 2020 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.8.2-0.1.ea
+- Build static-libs-image and add resulting files via -static-libs
+ sub-package.
+- Resolves: rhbz#1848701
+
+* Mon May 18 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.2-0.0.ea
+- Update to shenandoah-jdk-11.0.8+2 (EA)
+- Resolves: rhbz#1838811
+
+* Sun May 10 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.8.1-0.0.ea
+- Update to shenandoah-jdk-11.0.8+1 (EA)
+- Switch to EA mode for 11.0.8 pre-release builds.
+- Drop JDK-8237396 & JDK-8228407 backports now applied upstream.
+- Resolves: rhbz#1838811
+
+* Wed Apr 22 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-2
+- Add JDK-8228407 backport to resolve crashes during verification.
+- Resolves: rhbz#1810557
+
+* Wed Apr 22 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-2
+- Amend release notes, removing issue actually fixed in 11.0.6.
+- Resolves: rhbz#1810557
+
+* Wed Apr 22 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-2
+- Add release notes.
+- Resolves: rhbz#1810557
+
+* Wed Apr 22 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-2
+- Make use of --with-extra-asflags introduced in jdk-11.0.6+1.
+- Resolves: rhbz#1810557
+
+* Sun Apr 19 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
+- Update to shenandoah-jdk-11.0.7+10 (GA)
+- Switch to GA mode for final release.
+- Resolves: rhbz#1810557
+
+* Sun Apr 19 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.9-0.1.ea
+- Update to shenandoah-jdk-11.0.7+9 (EA)
+- Resolves: rhbz#1810557
+
+* Sun Apr 19 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.8-0.1.ea
+- Update to shenandoah-jdk-11.0.7+8 (EA)
+- Resolves: rhbz#1810557
+
+* Sat Apr 18 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.7-0.1.ea
+- Update to shenandoah-jdk-11.0.7+7 (EA)
+- Resolves: rhbz#1810557
+
+* Sat Apr 18 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.6-0.1.ea
+- Update to shenandoah-jdk-11.0.7+6 (EA)
+- Resolves: rhbz#1810557
+
+* Thu Apr 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.5-0.1.ea
+- Update to shenandoah-jdk-11.0.7+5 (EA)
+- Resolves: rhbz#1810557
+
+* Sat Apr 11 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.4-0.1.ea
+- Update to shenandoah-jdk-11.0.7+4 (EA)
+- Resolves: rhbz#1810557
+
+* Wed Apr 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.3-0.1.ea
+- Update to shenandoah-jdk-11.0.7+3 (EA)
+- Resolves: rhbz#1810557
+
+* Mon Apr 06 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.2-0.1.ea
+- Update to shenandoah-jdk-11.0.7+2 (EA)
+- Resolves: rhbz#1810557
+
+* Wed Apr 01 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.1-0.1.ea
+- Update to shenandoah-jdk-11.0.7+1 (EA)
+- Switch to EA mode for 11.0.7 pre-release builds.
+- Drop JDK-8236039 backport now applied upstream.
+- Resolves: rhbz#1810557
+
* Fri Mar 27 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-4
- Need to support noarch for creating source RPMs for non-scratch builds.
- Resolves: rhbz#1737115
@@ -2346,7 +2558,7 @@ require "copy_jdk_configs.lua"
- renamed zip javadoc
* Tue Apr 10 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:10.0.0.46-12
-- Enable basic EC ciphers test in %check.
+- Enable basic EC ciphers test in %%check.
* Tue Apr 10 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:10.0.0.46-11
- Port Martin Balao's JDK 9 patch for system NSS support to JDK 10.