diff --git a/.gitignore b/.gitignore index f28ac9d..3c4bce6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/jdk-updates-jdk11u-jdk-11.0.10+9-4curve.tar.xz +SOURCES/jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz SOURCES/tapsets-icedtea-3.15.0.tar.xz diff --git a/.java-11-openjdk.metadata b/.java-11-openjdk.metadata index 96c1624..5e1952f 100644 --- a/.java-11-openjdk.metadata +++ b/.java-11-openjdk.metadata @@ -1,2 +1,2 @@ -8fb81cb2ae37ec04bfc0e3651257a9f9756786a6 SOURCES/jdk-updates-jdk11u-jdk-11.0.10+9-4curve.tar.xz +a339f6e108c16a23c47504565b602a6fc395bf2e SOURCES/jdk-updates-jdk11u-jdk-11.0.11+9-4curve.tar.xz 7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz diff --git a/SOURCES/NEWS b/SOURCES/NEWS index 48dce6e..4b4509e 100644 --- a/SOURCES/NEWS +++ b/SOURCES/NEWS @@ -3,6 +3,337 @@ Key: JDK-X - https://bugs.openjdk.java.net/browse/JDK-X CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release OpenJDK 11.0.11 (2021-04-20): +============================================= +Live versions of these release notes can be found at: + * https://bitly.com/openjdk11011 + * https://builds.shipilev.net/backports-monitor/release-notes-11.0.11.txt + +* Security fixes + - JDK-8244473: Contextualize registration for JNDI + - JDK-8244543: Enhanced handling of abstract classes + - JDK-8249906, CVE-2021-2163: Enhance opening JARs + - JDK-8250568, CVE-2021-2161: Less ambiguous processing + - JDK-8253799: Make lists of normal filenames + - JDK-8257001: Improve Http Client Support +* Other changes + - JDK-7107012: sun.jvm.hotspot.code.CompressedReadStream readDouble() conversion to long mishandled + - JDK-7146776: deadlock between URLStreamHandler.getHostAddress and file.Handler.openconnection + - JDK-8086003: Test fails on OSX with java.lang.RuntimeException 'Narrow klass base: 0x0000000000000000, Narrow klass shift: 3' missing + - JDK-8168869: jdeps: localized messages don't use proper line breaks + - JDK-8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID + - JDK-8202343: Disable TLS 1.0 and 1.1 + - JDK-8205992: jhsdb cannot attach to Java processes running in Docker containers + - JDK-8209193: Fix aarch64-linux compilation after -Wreorder changes + - JDK-8210413: AArch64: Optimize div/rem by constant in C1 + - JDK-8210578: AArch64: Invalid encoding for fmlsvs instruction + - JDK-8211051: jdeps usage of --dot-output doesn't provide valid output for modular jar + - JDK-8211057: Gensrc step CompileProperties generates unstable CompilerProperties output + - JDK-8211150: G1 Full GC not purging code root memory and hence causing memory leak + - JDK-8211825: ModuleLayer.defineModulesWithXXX does not setup delegation when module reads automatic module + - JDK-8212043: Add floating-point Math.min/max intrinsics + - JDK-8212218: [TESTBUG] runtime/ErrorHandling/TestHeapDumpOnOutOfMemoryErrorInMetaspace.java timed out + - JDK-8213116: javax/swing/JComboBox/WindowsComboBoxSize/WindowsComboBoxSizeTest.java fails in Windows + - JDK-8213909: jdeps --print-module-deps should report missing dependences + - JDK-8214180: Need better granularity for sleeping + - JDK-8214223: tools/jdeps/listdeps/ListModuleDeps.java failed due to missing Lib2 file + - JDK-8214230: Classes generated by SystemModulesPlugin.java are not reproducable + - JDK-8214741: docs/index.html has no title or copyright + - JDK-8215687: [Graal] unit test CheckGraalIntrinsics failed after 8212043 + - JDK-8217848: [Graal] vmTestbase/nsk/jvmti/ResourceExhausted/resexhausted003/TestDescription.java fails + - JDK-8218482: sun/security/krb5/auto/ReplayCachePrecise.java failed - no KrbException thrown + - JDK-8218550: Add test omitted from JDK-8212043 + - JDK-8221584: SIGSEGV in os::PlatformEvent::unpark() in JvmtiRawMonitor::raw_exit while posting method exit event + - JDK-8221995: AARCH64: problems with CAS instructions encoding + - JDK-8222518: Remove unnecessary caching of Parker object in java.lang.Thread + - JDK-8222785: aarch64: add necessary masking for immediate shift counts + - JDK-8223186: HotSpot compile warnings from GCC 9 + - JDK-8225773: jdeps --check produces NPE if there are missing module dependences + - JDK-8225805: Java Access Bridge does not close the logger + - JDK-8226810: Failed to launch JVM because of NullPointerException occured on System.props + - JDK-8229396: jdeps ignores multi-release when generate-module-info used on command line + - JDK-8229474: Shenandoah: Cleanup CM::update_roots() + - JDK-8232225: Rework the fix for JDK-8071483 + - JDK-8232905: JFR fails with assertion: assert(t->unflushed_size() == 0) failed: invariant + - JDK-8233164: C2 fails with assert(phase->C->get_alias_index(t) == phase->C->get_alias_index(t_adr)) failed: correct memory chain + - JDK-8233910: java/awt/ColorClass/AlphaColorTest.java is failing intermittently in nightly lnux-x64 system + - JDK-8233912: aarch64: minor improvements of atomic operations + - JDK-8234508: VM_HeapWalkOperation::iterate_over_object reads non-strong fields with an on-strong load barrier + - JDK-8234742: Improve handshake logging + - JDK-8234796: Refactor Handshake::execute to take a more complex type than ThreadClosure + - JDK-8235324: Dying objects are published from users of CollectedHeap::object_iterate + - JDK-8235351: Lookup::unreflect should bind with the original caller independent of Method's accessible flag + - JDK-8237369: Shenandoah: failed vmTestbase/nsk/jvmti/AttachOnDemand/attach021/TestDescription.java test + - JDK-8237392: Shenandoah: Remove unreliable assertion + - JDK-8237483: AArch64 C1 OopMap inserted twice fatal error + - JDK-8237495: Java MIDI fails with a dereferenced memory error when asked to send a raw 0xF7 + - JDK-8239355: (dc) Initial value of SO_SNDBUF should allow sending large datagrams (macOS) + - JDK-8240353: AArch64: missing support for -XX:+ExtendedDTraceProbes in C1 + - JDK-8240704: CheckHandles.java failed "AssertionError: Handle use increased by more than 10 percent." + - JDK-8240751: Shenandoah: fold ShenandoahTracer definition + - JDK-8240795: [REDO] 8238384 CTW: C2 compilation fails with "assert(store != load->find_exact_control(load->in(0))) failed: dependence cycle found" + - JDK-8241598: Upgrade JLine to 3.14.0 + - JDK-8241649: Optimize Character.toString + - JDK-8241770: Module xxxAnnotation() methods throw NCDFE if module-info.class found as resource in unnamed module + - JDK-8241911: AArch64: Fix a potential register clash issue in reduce_add2I + - JDK-8242030: Wrong package declarations in jline classes after JDK-8241598 + - JDK-8242565: Policy initialization issues when the denyAfter constraint is enabled + - JDK-8243618: compiler/rtm/cli tests can be run w/o WhiteBox + - JDK-8243670: Unexpected test result caused by C2 MergeMemNode::Ideal + - JDK-8244088: [Regression] Switch of Gnome theme ends up in deadlocked UI + - JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 header files + - JDK-8244340: Handshake processing thread lacks yielding + - JDK-8244573: java.lang.ArrayIndexOutOfBoundsException thrown for malformed class file + - JDK-8244683: A TSA server used by tests + - JDK-8245005: javax/net/ssl/compatibility/BasicConnectTest.java failed with No enum constant + - JDK-8245026: PsAdaptiveSizePolicy::_old_gen_policy_is_ready is unused + - JDK-8245283: JFR: Can't handle constant dynamic used by Jacoco agent + - JDK-8245512: CRC32 optimization using AVX512 instructions + - JDK-8245527: LDAP Channel Binding support for Java GSS/Kerberos + - JDK-8246707: (sc) SocketChannel.read/write throws AsynchronousCloseException on closed channel + - JDK-8246709: sun/security/tools/jarsigner/TsacertOptionTest.java compilation failed after JDK-8244683 + - JDK-8247200: assert((unsigned)fpargs < 32) + - JDK-8247766: [aarch64] guarantee(val < (1U << nbits)) failed: Field too big for insn. + - JDK-8248336: AArch64: C2: offset overflow in BoxLockNode::emit + - JDK-8248865: Document JNDI/LDAP timeout properties + - JDK-8248901: Signed immediate support in .../share/assembler.hpp is broken. + - JDK-8249543: Force DirectBufferAllocTest to run with -ExplicitGCInvokesConcurrent + - JDK-8249588: libwindowsaccessbridge issues on 64bit Windows + - JDK-8249749: modify a primitive array through a stream and a for cycle causes jre crash + - JDK-8249787: Make TestGCLocker more resilient with concurrent GCs + - JDK-8249867: xml declaration is not followed by a newline + - JDK-8250911: [windows] os::pd_map_memory() error detection broken + - JDK-8251255: [linux] Add process-memory information to hs-err and VM.info + - JDK-8251359: Shenandoah: filter null oops before calling enqueue/SATB barrier + - JDK-8251925: C2: RenaissanceStressTest fails with assert(!had_error): bad dominance + - JDK-8251944: Add Shenandoah test config to compiler/gcbarriers/UnsafeIntrinsicsTest.java + - JDK-8251992: VM crashed running TestComplexAddrExpr.java test with -XX:UseAVX=X + - JDK-8253220: Epsilon: clean up unused code/declarations + - JDK-8253274: The CycleDMImagetest brokes the system + - JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node + - JDK-8253368: TLS connection always receives close_notify exception + - JDK-8255368: Math.exp() gives wrong result for large values on x86 32-bit platforms + - JDK-8255401: Shenandoah: Allow oldval and newval registers to overlap in cmpxchg_oop() + - JDK-8253404: C2: assert(C->live_nodes() <= C->max_node_limit()) failed: Live Node limit exceeded limit + - JDK-8253409: Double-rounding possibility in float fma + - JDK-8253476: TestUseContainerSupport.java fails on some Linux kernels w/o swap limit capabilities + - JDK-8253524: C2: Refactor code that clones predicates during loop unswitching + - JDK-8253644: C2: assert(skeleton_predicate_has_opaque(iff)) failed: unexpected + - JDK-8253681: closed java/awt/dnd/MouseEventAfterStartDragTest/MouseEventAfterStartDragTest.html test failed + - JDK-8253702: BigSur version number reported as 10.16, should be 11.nn + - JDK-8253756: C2 CompilerThread0 crash in Node::add_req(Node*) + - JDK-8254104: MethodCounters must exist before nmethod is installed + - JDK-8254734: "dead loop detected" assert failure with patch from 8223051 + - JDK-8254748: Bad Copyright header format after JDK-8212218 + - JDK-8254799: runtime/ErrorHandling/TestHeapDumpOnOutOfMemoryError.java fails with release VMs + - JDK-8255058: C1: assert(is_virtual()) failed: type check + - JDK-8255351: Add detection for Graviton 2 CPUs + - JDK-8255387: Japanese characters were printed upside down on AIX + - JDK-8255479: [aarch64] assert(src->section_index_of(target) == CodeBuffer::SECT_NONE) failed: sanity + - JDK-8255544: Create a checked cast + - JDK-8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() + - JDK-8255681: print callstack in error case in runAWTLoopWithApp + - JDK-8255734: VM should ignore SIGXFSZ on ppc64, s390 too + - JDK-8255742: PrintInlining as compiler directive doesn't print virtual calls + - JDK-8255845: Memory leak in imageFile.cpp + - JDK-8255880: UI of Swing components is not redrawn after their internal state changed + - JDK-8255908: ExceptionInInitializerError due to UncheckedIOException while initializing cgroupv1 subsystem + - JDK-8256025: AArch64: MachCallRuntimeNode::ret_addr_offset() is incorrect for stub calls + - JDK-8256056: Deoptimization stub doesn't save vector registers on x86 + - JDK-8256061: RegisterSaver::save_live_registers() omits upper halves of ZMM0-15 registers + - JDK-8256187: [TEST_BUG] Automate bug4275046.java test + - JDK-8256220: C1: x86_32 fails with -XX:UseSSE=1 after JDK-8210764 due to mishandled lir_neg + - JDK-8256258: some missing NULL checks or asserts after CodeCache::find_blob_unsafe + - JDK-8256264: Printed GlyphVector outline with low DPI has bad quality on Windows + - JDK-8256290: javac/lambda/T8031967.java fails with StackOverflowError on x86_32 + - JDK-8256359: AArch64: runtime/ReservedStack/ReservedStackTestCompiler.java fails + - JDK-8256387: Unexpected result if patching an entire instruction on AArch64 + - JDK-8256421: Add 2 HARICA roots to cacerts truststore + - JDK-8256488: [aarch64] Use ldpq/stpq instead of ld4/st4 for small copies in StubGenerator::copy_memory + - JDK-8256489: Make gtest for long path names on Windows more resilient in the presence of virus scanners + - JDK-8256501: libTestMainKeyWindow fails to build with Xcode 12.2 + - JDK-8256633: Fix product build on Windows+Arm64 + - JDK-8256682: JDK-8202343 is incomplete + - JDK-8256751: Incremental rebuild with precompiled header fails when touching a header file + - JDK-8256757: Incorrect MachCallRuntimeNode::ret_addr_offset() for CallLeafNoFP on x86_32 + - JDK-8256806: Shenandoah: optimize shenandoah/jni/TestPinnedGarbage.java test + - JDK-8256807: C2: Not marking stores correctly as mismatched in string opts + - JDK-8256810: Incremental rebuild broken on Macosx + - JDK-8256818: SSLSocket that is never bound or connected leaks socket resources + - JDK-8256888: Client manual test problem list update + - JDK-8257083: Security infra test failures caused by JDK-8202343 + - JDK-8257408: Bump update version for OpenJDK: jdk-11.0.11 + - JDK-8257423: [PPC64] Support -XX:-UseInlineCaches + - JDK-8257436: [aarch64] Regressions in ArrayCopyUnalignedDst.testByte/testChar for 65-78 bytes when UseSIMDForMemoryOps is on + - JDK-8257513: C2: assert((constant_addr - _masm.code()->consts()->start()) == con.offset()) + - JDK-8257547: Handle multiple prereqs on the same line in deps files + - JDK-8257561: Some code is not vectorized after 8251925 and 8250607 + - JDK-8257565: epsilonBarrierSet.hpp should not include barrierSetAssembler + - JDK-8257575: C2: "failed: only phis" assert failure in loop strip mining verification + - JDK-8257594: C2 compiled checkcast of non-null object triggers endless deoptimization/recompilation cycle + - JDK-8257633: Missing -mmacosx-version-min=X flag when linking libjvm + - JDK-8257670: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java reports leaks + - JDK-8257707: Fix incorrect format string in Http1HeaderParser + - JDK-8257746: Regression introduced with JDK-8250984 - memory might be null in some machines + - JDK-8257798: [PPC64] undefined reference to Klass::vtable_start_offset() + - JDK-8257884: Re-enable sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java as automatic test + - JDK-8257910: [JVMCI] Set exception_seen accordingly in the runtime. + - JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java again reports leaks after JDK-8257884 + - JDK-8257999: Parallel GC crash in gc/parallel/TestDynShrinkHeap.java: new region is not in covered_region + - JDK-8258077: Using -Xcheck:jni can lead to a double-free after JDK-8193234 + - JDK-8258247: Couple of issues in fix for JDK-8249906 + - JDK-8258373: Update the text handling in the JPasswordField + - JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder.rotateDisk() + - JDK-8258419: RSA cipher buffer cleanup + - JDK-8258471: "search codecache" clhsdb command does not work + - JDK-8258534: Epsilon: clean up unused includes + - JDK-8258805: Japanese characters not entered by mouse click on Windows 10 + - JDK-8258833: Cancel multi-part cipher operations in SunPKCS11 after failures + - JDK-8258836: JNI local refs exceed capacity getDiagnosticCommandInfo + - JDK-8258884: [TEST_BUG] Convert applet-based test open/test/jdk/javax/swing/JMenuItem/8031573/bug8031573.java to a regular java test + - JDK-8259007: This test printed a blank page + - JDK-8259049: Uninitialized variable after JDK-8257513 + - JDK-8259451: Zero: skip serviceability/sa tests, set vm.hasSA to false + - JDK-8259580: Shenandoah: uninitialized label in VerifyThreadGCState + - JDK-8259231: Epsilon: improve performance under contention during virtual space expansion + - JDK-8259271: gc/parallel/TestDynShrinkHeap.java still fails "assert(covered_region.contains(new_memregion)) failed: new region is not in covered_region" + - JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert will expire in 90 days + - JDK-8259319: Illegal package access when SunPKCS11 requires SunJCE's classes + - JDK-8259339: AllocateUninitializedArray C2 intrinsic fails with void.class input + - JDK-8259428: AlgorithmId.getEncodedParams() should return copy + - JDK-8259446: runtime/jni/checked/TestCheckedReleaseArrayElements.java fails with stderr not empty + - JDK-8259949: x86 32-bit build fails when -fcf-protection is passed in the compiler flags + - JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use condition is incorrect + - JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE after JDK-8244543 + - JDK-8259706: C2 compilation fails with assert(vtable_index == Method::invalid_vtable_index) failed: correct sentinel value + - JDK-8259707: LDAP channel binding does not work with StartTLS extension + - JDK-8259773: Incorrect encoding of AVX-512 kmovq instruction + - JDK-8259849: Shenandoah: Rename store-val to IU-barrier + - JDK-8259954: gc/shenandoah/mxbeans tests fail with -Xcomp + - JDK-8260029: aarch64: fix typo in verify_oop_array + - JDK-8260308: Update LogCompilation junit to 4.13.1 + - JDK-8260338: Some fields in HaltNode is not cloned + - JDK-8260349: Cannot programmatically retrieve Metaspace max set via JAVA_TOOL_OPTIONS + - JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a + - JDK-8260378: [TESTBUG] DcmdMBeanTestCheckJni.java reports false positive + - JDK-8260497: Shenandoah: Improve SATB flushing + - JDK-8260502: [s390] NativeMovRegMem::verify() fails because it's too strict + - JDK-8260632: Build failures after JDK-8253353 + - JDK-8260704: ParallelGC: oldgen expansion needs release-store for _end + - JDK-8261022: Fix incorrect result of Math.abs() with char type + - JDK-8261089: [TESTBUG] native library of test TestCheckedReleaseCriticalArray.java fails to compile with gcc 4.x + - JDK-8261183: Follow on to Make lists of normal filenames + - JDK-8261209: isStandalone property: remove dependency on pretty-print + - JDK-8261231: Windows IME was disabled after DnD operation + - JDK-8261251: Shenandoah: Use object size for full GC humongous compaction + - JDK-8261310: PPC64 Zero build fails with 'VMError::controlled_crash(int)::FunctionDescriptor functionDescriptor' has incomplete type and cannot be defined + - JDK-8261334: NMT: tuning statistic shows incorrect hash distribution + - JDK-8261413: Shenandoah: Disable class-unloading in I-U mode + - JDK-8261522: [PPC64] AES intrinsics write beyond the destination array + - JDK-8261534: Test sun/security/pkcs11/KeyAgreement/IllegalPackageAccess.java fails on platforms where no nsslib artifacts are defined + - JDK-8261585: Restore HandleArea used in Deoptimization::uncommon_trap + - JDK-8261753: Test java/lang/System/OsVersionTest.java still failing on BigSur patch versions after JDK-8253702 + - JDK-8261829: Exclude tools/jlink/JLinkReproducibleTest.java in 11u + - JDK-8261912: Code IfNode::fold_compares_helper more defensively + - JDK-8261920: [AIX] jshell command throws java.io.IOError on non English locales + - JDK-8262018: Wrong format in SAP copyright header of OsVersionTest + - JDK-8263069: Exclude some failing tests from security/infra/java/security/cert/CertPathValidator + +Notes on individual issues: +=========================== + +core-libs/javax.naming: + +JDK-8258824: LDAP Channel Binding Support for Java GSS/Kerberos +=============================================================== +A new JNDI environment property "com.sun.jndi.ldap.tls.cbtype" has +been added to enable TLS Channel Binding data in LDAP authentication +over SSL/TLS protocol to the Windows AD server. The only valid value +at present is "tls-server-end-point", where channel binding data is +created on the base of the TLS server certificate. See RFC-5929 [0] +and the module description of the `java.naming` module for further +details. + +[0] RFC-5929 "Channel Bindings for TLS": https://www.ietf.org/rfc/rfc5929.txt + +security-libs/java.security: + +JDK-8260597: Added 2 HARICA Root CA Certificates +================================================ +The following root certificates have been added to the cacerts truststore: + +Alias Name: haricarootca2015 +Distinguished Name: CN=Hellenic Academic and Research Institutions RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR + +Alias Name: haricaeccrootca2015 +Distinguished Name: CN=Hellenic Academic and Research Institutions ECC RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR + +security-libs/javax.net.ssl: + +JDK-8256490: Disable TLS 1.0 and 1.1 +==================================== +TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer +considered secure and have been superseded by more secure and modern +versions (TLS 1.2 and 1.3). + +These versions have now been disabled by default. If you encounter +issues, you can, at your own risk, re-enable the versions by removing +"TLSv1" and/or "TLSv1.1" from the `jdk.tls.disabledAlgorithms` +security property in the `java.security` configuration file. + +tools: + +JDK-8214213: jdeps --print-module-deps Reports Transitive Dependencies +====================================================================== +`jdeps --print-module-deps`, `--list-deps`, and `--list-reduce-deps` +options have been enhanced as follows. + +1. By default, they perform transitive module dependence analysis on +libraries on the class path and module path, both directly and +indirectly, as required by the given input JAR files or +classes. Previously, they only reported the modules required by the +given input JAR files or classes. The `--no-recursive` option can be +used to request non-transitive dependence analysis. + +2. By default, they flag any missing dependency, i.e. not found from +class path and module path, as an error. The `--ignore-missing-deps` +option can be used to suppress missing dependence errors. Note that a +custom image is created with the list of modules output by jdeps when +using the `--ignore-missing-deps` option for a non-modular +application. Such an application, running on the custom image, might +fail at runtime when missing dependence errors are suppressed. + +xml/jaxp: + +JDK-8249867 XML declaration is not followed by a newline +======================================================== + +The DOM Load and Save `LSSerializer` does not have an explicit control +for whether or not the XML Declaration ends with a newline. In this +release, a JDK implementation specific property +`http://www.oracle.com/xml/jaxp/properties/isStandalone` and +corresponding System property `jdk.xml.isStandalone` are added to +control the addition of a newline and act independently without +having to set the pretty-print property. This property can be used to +reverse the incompatible change introduced in Java SE 7 Update 4 with +an update of Xalan 2.7.1 where a newline is omitted when pretty-print +is required. + +For details, please refer to the bug report and the java.xml module-summary. + +Usage: + +// to set the property, get an instance of LSSerializer and set it along with pretty-print +LSSerializer ser = impl.createLSSerializer(); +ser.getDomConfig().setParameter("format-pretty-print", true); +ser.getDomConfig().setParameter("http://www.oracle.com/xml/jaxp/properties/isStandalone", true); + +// to use the System property, set it before initializing a LSSerializer +System.setProperty("jdk.xml.isStandalone", “true”); + +// to clear the property, place the line anywhere after the LSSerializer is initialized +System.clearProperty("jdk.xml.isStandalone"); + New in release OpenJDK 11.0.10 (2021-01-19): ============================================= Live versions of these release notes can be found at: diff --git a/SOURCES/remove-intree-libraries.sh b/SOURCES/remove-intree-libraries.sh index f3be341..d475909 100644 --- a/SOURCES/remove-intree-libraries.sh +++ b/SOURCES/remove-intree-libraries.sh @@ -1,24 +1,52 @@ #!/bin/sh +# Arguments: +TREE=${1} +TYPE=${2} + ZIP_SRC=src/java.base/share/native/libzip/zlib/ JPEG_SRC=src/java.desktop/share/native/libjavajpeg/ GIF_SRC=src/java.desktop/share/native/libsplashscreen/giflib/ PNG_SRC=src/java.desktop/share/native/libsplashscreen/libpng/ LCMS_SRC=src/java.desktop/share/native/liblcms/ -cd openjdk +if test "x${TREE}" = "x"; then + echo "$0 (MINIMAL|FULL)"; + exit 1; +fi + +if test "x${TYPE}" = "x"; then + TYPE=minimal; +fi + +if test "x${TYPE}" != "xminimal" -a "x${TYPE}" != "xfull"; then + echo "Type must be minimal or full"; + exit 2; +fi + +echo "Removing in-tree libraries from ${TREE}" +echo "Cleansing operation: ${TYPE}"; + +cd ${TREE} echo "Removing built-in libs (they will be linked)" +# On full runs, allow for zlib having already been deleted by minimal echo "Removing zlib" -if [ ! -d ${ZIP_SRC} ]; then +if [ "x${TYPE}" = "xminimal" -a ! -d ${ZIP_SRC} ]; then echo "${ZIP_SRC} does not exist. Refusing to proceed." exit 1 fi rm -rvf ${ZIP_SRC} +# Minimal is limited to just zlib so finish here +if test "x${TYPE}" = "xminimal"; then + echo "Finished."; + exit 0; +fi + echo "Removing libjpeg" -if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that sound definitely exist +if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that should definitely exist echo "${JPEG_SRC} does not contain jpeg sources. Refusing to proceed." exit 1 fi diff --git a/SOURCES/rh1868740-cryptoki_access_to_sunjce.patch b/SOURCES/rh1868740-cryptoki_access_to_sunjce.patch deleted file mode 100644 index d673434..0000000 --- a/SOURCES/rh1868740-cryptoki_access_to_sunjce.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -r eba0f976c468 -r 1fceafb49be5 src/java.base/share/classes/module-info.java ---- openjdk/src/java.base/share/classes/module-info.java Thu Jul 30 15:05:22 2020 +0200 -+++ openjdk/src/java.base/share/classes/module-info.java Thu Aug 13 15:17:59 2020 +0200 -@@ -132,6 +132,8 @@ - // additional qualified exports may be inserted at build time - // see make/gensrc/GenModuleInfo.gmk - -+ exports com.sun.crypto.provider to -+ jdk.crypto.cryptoki; - exports com.sun.security.ntlm to - java.security.sasl; - exports jdk.internal to diff --git a/SOURCES/rh1868754-pkcs11_cancel_on_failure.patch b/SOURCES/rh1868754-pkcs11_cancel_on_failure.patch deleted file mode 100644 index 1c47913..0000000 --- a/SOURCES/rh1868754-pkcs11_cancel_on_failure.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -r e10f558e1df5 openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java Mon Aug 31 16:12:32 2020 +0100 -+++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java Mon Aug 31 15:17:50 2020 -0300 -@@ -628,7 +628,7 @@ - throw (ShortBufferException) - (new ShortBufferException().initCause(e)); - } -- reset(false); -+ reset(true); - throw new ProviderException("update() failed", e); - } - } -@@ -746,7 +746,7 @@ - throw (ShortBufferException) - (new ShortBufferException().initCause(e)); - } -- reset(false); -+ reset(true); - throw new ProviderException("update() failed", e); - } - } diff --git a/SOURCES/rh1883849-cryptoki_access_to_sunjce_with_security_manager.patch b/SOURCES/rh1883849-cryptoki_access_to_sunjce_with_security_manager.patch deleted file mode 100644 index 57bb977..0000000 --- a/SOURCES/rh1883849-cryptoki_access_to_sunjce_with_security_manager.patch +++ /dev/null @@ -1,60 +0,0 @@ -# HG changeset patch -# User Zdenek Zambersky -# Date 1601403587 -7200 -# Tue Sep 29 20:19:47 2020 +0200 -# Node ID f77ac813eee61b2e9616b2d71a2c5372d0cbd158 -# Parent d484fdfcc7d5c21812de8a0712236d077b0f2dde -Fixed default policy for jdk.crypto.cryptoki - -diff -r d484fdfcc7d5 -r f77ac813eee6 src/java.base/share/lib/security/default.policy ---- openjdk.orig/src/java.base/share/lib/security/default.policy Wed Sep 02 07:36:15 2020 +0200 -+++ openjdk/src/java.base/share/lib/security/default.policy Tue Sep 29 20:19:47 2020 +0200 -@@ -124,6 +124,8 @@ - grant codeBase "jrt:/jdk.crypto.cryptoki" { - permission java.lang.RuntimePermission - "accessClassInPackage.sun.security.*"; -+ permission java.lang.RuntimePermission -+ "accessClassInPackage.com.sun.crypto.provider"; - permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; - permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; - permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; -# HG changeset patch -# User Zdenek Zambersky -# Date 1601419086 -7200 -# Wed Sep 30 00:38:06 2020 +0200 -# Node ID 02c8b154f728be3dd06239a98519d654e2127186 -# Parent f77ac813eee61b2e9616b2d71a2c5372d0cbd158 -P11Util: Create provider in priviledged block - -diff -r f77ac813eee6 -r 02c8b154f728 src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java ---- openjdk.orig/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java Tue Sep 29 20:19:47 2020 +0200 -+++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java Wed Sep 30 00:38:06 2020 +0200 -@@ -87,14 +87,20 @@ - } - p = Security.getProvider(providerName); - if (p == null) { -- try { -- @SuppressWarnings("deprecation") -- Object o = Class.forName(className).newInstance(); -- p = (Provider)o; -- } catch (Exception e) { -- throw new ProviderException -- ("Could not find provider " + providerName, e); -- } -+ p = AccessController.doPrivileged( -+ new PrivilegedAction() { -+ public Provider run() { -+ try { -+ @SuppressWarnings("deprecation") -+ Object o = Class.forName(className).newInstance(); -+ return (Provider) o; -+ } catch (Exception e) { -+ throw new ProviderException -+ ("Could not find provider " + providerName, e); -+ } -+ } -+ } -+ ); - } - return p; - } diff --git a/SPECS/java-11-openjdk.spec b/SPECS/java-11-openjdk.spec index 6f684c1..3f77f67 100644 --- a/SPECS/java-11-openjdk.spec +++ b/SPECS/java-11-openjdk.spec @@ -19,9 +19,16 @@ %bcond_without slowdebug # Enable release builds by default on relevant arches. %bcond_without release +# Enable static library builds by default. +%bcond_without staticlibs # Workaround for stripping of debug symbols from static libraries +%if %{with staticlibs} %define __brp_strip_static_archive %{nil} +%global include_staticlibs 1 +%else +%global include_staticlibs 0 +%endif # The -g flag says to use strip -g instead of full strip on DSOs or EXEs. # This fixes detailed NMT and other tools which need minimal debug info. @@ -35,10 +42,14 @@ # (initiated in https://bugzilla.redhat.com/show_bug.cgi?id=1482192) %global debug_suffix_unquoted -slowdebug %global fastdebug_suffix_unquoted -fastdebug +%global main_suffix_unquoted -main +%global staticlibs_suffix_unquoted -staticlibs # quoted one for shell operations %global debug_suffix "%{debug_suffix_unquoted}" %global fastdebug_suffix "%{fastdebug_suffix_unquoted}" %global normal_suffix "" +%global main_suffix "%{main_suffix_unquoted}" +%global staticlibs_suffix "%{staticlibs_suffix_unquoted}" %global debug_warning This package is unoptimised with full debugging. Install only as needed and remove ASAP. %global fastdebug_warning This package is optimised with full debugging. Install only as needed and remove ASAP. @@ -145,6 +156,8 @@ %else %global include_fastdebug_build 0 %endif +%else +%global include_fastdebug_build 0 %endif %if %{include_debug_build} @@ -165,6 +178,12 @@ # Test slowdebug first as it provides the best diagnostics %global rev_build_loop %{slowdebug_build} %{fastdebug_build} %{normal_build} +%if %{include_staticlibs} +%global staticlibs_loop %{staticlibs_suffix} +%else +%global staticlibs_loop %{nil} +%endif + %ifarch %{bootstrap_arches} %global bootstrap_build 1 %else @@ -172,12 +191,20 @@ %endif %if %{bootstrap_build} -%global release_targets bootcycle-images static-libs-image docs-zip +%global release_targets bootcycle-images docs-zip %else -%global release_targets images docs-zip static-libs-image +%global release_targets images docs-zip %endif # No docs nor bootcycle for debug builds -%global debug_targets images static-libs-image +%global debug_targets images + +%if %{include_staticlibs} +# Extra target for producing the static-libraries. Separate from +# other targets since this target is configured to use in-tree +# AWT dependencies: lcms, libjpeg, libpng, libharfbuzz, giflib +# and possibly others +%global static_libs_target static-libs-image +%endif # Filter out flags from the optflags macro that cause problems with the OpenJDK build @@ -264,7 +291,7 @@ # New Version-String scheme-style defines %global featurever 11 %global interimver 0 -%global updatever 10 +%global updatever 11 %global patchver 0 # If you bump featurever, you must bump also vendor_version_string # Used via new version scheme. JDK 11 was @@ -285,7 +312,7 @@ # Define vendor information used by OpenJDK %global oj_vendor Red Hat, Inc. -%global oj_vendor_url "https://www.redhat.com/" +%global oj_vendor_url https://www.redhat.com/ # Define what url should JVM offer in case of a crash report # order may be important, epel may have rhel declared %if 0%{?epel} @@ -310,8 +337,9 @@ %global origin openjdk %global origin_nice OpenJDK %global top_level_dir_name %{origin} +%global top_level_dir_name_backup %{top_level_dir_name}-backup %global buildver 9 -%global rpmrelease 4 +%global rpmrelease 0 #%%global tagsuffix %%{nil} # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit %if %is_system_jdk @@ -360,7 +388,7 @@ %global jdkimage jdk %global static_libs_image static-libs # output dir stub -%define buildoutputdir() %{expand:openjdk/build%{?1}} +%define buildoutputdir() %{expand:build/jdk11.build%{?1}} # we can copy the javadoc to not arched dir, or make it not noarch %define uniquejavadocdir() %{expand:%{fullversion}.%{_arch}%{?1}} # main id and dir of this jdk @@ -971,8 +999,8 @@ Requires: ca-certificates # Require javapackages-filesystem for ownership of /usr/lib/jvm/ and macros Requires: javapackages-filesystem # Require zone-info data provided by tzdata-java sub-package -# 2020b required as of JDK-8254177 in October CPU -Requires: tzdata-java >= 2020b +# 2021a required as of JDK-8260356 in April 2021 CPU +Requires: tzdata-java >= 2021a # for support of kernel stream control # libsctp.so.1 is being `dlopen`ed on demand Requires: lksctp-tools%{?_isa} @@ -1191,10 +1219,6 @@ Patch1001: rh1655466-global_crypto_and_fips.patch Patch1002: rh1818909-fips_default_keystore_type.patch # RH1860986: Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available Patch1004: rh1860986-disable_tlsv1.3_in_fips_mode.patch -# RH1868740: FIPS: IllegalAccessException by pkcs11 provider -Patch1005: rh1868740-cryptoki_access_to_sunjce.patch -# RH1883849: FIPS: IllegalAccessException by pkcs11 provider with security manager on -Patch1006: rh1883849-cryptoki_access_to_sunjce_with_security_manager.patch # RH1915071: Always initialise JavaSecuritySystemConfiguratorAccess Patch1007: rh1915071-always_initialise_configurator_access.patch @@ -1220,8 +1244,6 @@ Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk1 Patch4: pr3694-rh1340845-support_fedora_rhel_system_crypto_policy.patch # PR3695: Allow use of system crypto policy to be disabled by the user Patch7: pr3695-toggle_system_crypto_policy.patch -# RH1868754: FIPS: Ciphers remain in broken state (unusable), after being supplied with wrongly sized buffer -Patch11: rh1868754-pkcs11_cancel_on_failure.patch ############################################# # @@ -1270,8 +1292,8 @@ BuildRequires: java-%{buildjdkver}-openjdk-devel %ifnarch %{jit_arches} BuildRequires: libffi-devel %endif -# 2020b required as of JDK-8254177 in October CPU -BuildRequires: tzdata-java >= 2020b +# 2021a required as of JDK-8260356 in April 2021 CPU +BuildRequires: tzdata-java >= 2021a # Earlier versions have a bug in tree vectorization on PPC BuildRequires: gcc >= 4.8.3-8 @@ -1378,6 +1400,8 @@ The %{origin_nice} %{featurever} development tools. %{fastdebug_warning} %endif +%if %{include_staticlibs} + %if %{include_normal_build} %package static-libs Summary: %{origin_nice} %{featurever} libraries for static linking @@ -1410,6 +1434,9 @@ The %{origin_nice} %{featurever} libraries for static linking. %{fastdebug_warning} %endif +# staticlibs +%endif + %if %{include_normal_build} %package jmods Summary: JMods for %{origin_nice} %{featurever} @@ -1584,16 +1611,16 @@ if [ $prioritylength -ne 8 ] ; then fi # OpenJDK patches +# Remove libraries that are linked by both static and dynamic builds +sh %{SOURCE12} %{top_level_dir_name} -# Remove libraries that are linked -sh %{SOURCE12} +# Patch the JDK pushd %{top_level_dir_name} %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch7 -p1 -%patch11 -p1 popd # openjdk %patch1000 @@ -1602,8 +1629,6 @@ popd # openjdk %patch1002 %patch1003 %patch1004 -%patch1005 -%patch1006 %patch1007 # Extract systemtap tapsets @@ -1696,13 +1721,34 @@ else debugbuild=`echo $suffix | sed "s/-//g"` fi -# Variable used in hs_err hook on build failures -top_dir_abs_path=$(pwd)/%{top_level_dir_name} +for loop in %{main_suffix} %{staticlibs_loop} ; do + +if test "x${loop}" = "x%{main_suffix}" ; then + # Copy the source tree so we can remove all in-tree libraries + cp -a %{top_level_dir_name} %{top_level_dir_name_backup} + # Remove all libraries that are linked + sh %{SOURCE12} %{top_level_dir_name} full + # Variable used by configure and hs_err hook on build failures + link_opt="system" + # Debug builds don't need same targets as release for + # build speed-up + maketargets="%{release_targets}" + if echo $debugbuild | grep -q "debug" ; then + maketargets="%{debug_targets}" + fi +else + # Variable used by configure and hs_err hook on build failures + link_opt="bundled" + # Static library cycle only builds the static libraries + maketargets="%{static_libs_target}" +fi -mkdir -p %{buildoutputdir -- $suffix} -pushd %{buildoutputdir -- $suffix} +top_dir_abs_src_path=$(pwd)/%{top_level_dir_name} +top_dir_abs_build_path=$(pwd)/%{buildoutputdir -- ${suffix}${loop}} +mkdir -p ${top_dir_abs_build_path} +pushd ${top_dir_abs_build_path} -bash ../configure \ +bash ${top_dir_abs_src_path}/configure \ %ifnarch %{jit_arches} --with-jvm-variants=zero \ %endif @@ -1722,11 +1768,11 @@ bash ../configure \ --with-native-debug-symbols=internal \ --enable-unlimited-crypto \ --with-zlib=system \ - --with-libjpeg=system \ - --with-giflib=system \ - --with-libpng=system \ - --with-lcms=system \ - --with-harfbuzz=system \ + --with-libjpeg=${link_opt} \ + --with-giflib=${link_opt} \ + --with-libpng=${link_opt} \ + --with-lcms=${link_opt} \ + --with-harfbuzz=${link_opt} \ --with-stdc++lib=dynamic \ --with-extra-cxxflags="$EXTRA_CPP_FLAGS" \ --with-extra-cflags="$EXTRA_CFLAGS" \ @@ -1737,33 +1783,37 @@ bash ../configure \ --with-jvm-features="%{shenandoah_feature},%{zgc_feature}" \ --disable-warnings-as-errors -# Debug builds don't need same targets as release for -# build speed-up -maketargets="%{release_targets}" -if echo $debugbuild | grep -q "debug" ; then - maketargets="%{debug_targets}" -fi make \ JAVAC_FLAGS=-g \ LOG=trace \ WARNINGS_ARE_ERRORS="-Wno-error" \ CFLAGS_WARNINGS_ARE_ERRORS="-Wno-error" \ - $maketargets || ( pwd; find $top_dir_abs_path -name "hs_err_pid*.log" | xargs cat && false ) + $maketargets || ( pwd; find ${top_dir_abs_src_path} ${top_dir_abs_build_path} -name "hs_err_pid*.log" | xargs cat && false ) + +popd >& /dev/null + +# Restore original source tree if we modified it by removing full in-tree sources +if [ -d %{top_level_dir_name_backup} ] ; then + rm -rf %{top_level_dir_name} + mv %{top_level_dir_name_backup} %{top_level_dir_name} +fi + +done # end of main / staticlibs loop + +top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}} # the build (erroneously) removes read permissions from some jars # this is a regression in OpenJDK 7 (our compiler): # http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1437 -find images/%{jdkimage} -iname '*.jar' -exec chmod ugo+r {} \; +find ${top_dir_abs_main_build_path}/images/%{jdkimage} -iname '*.jar' -exec chmod ugo+r {} \; # Build screws up permissions on binaries # https://bugs.openjdk.java.net/browse/JDK-8173610 -find images/%{jdkimage} -iname '*.so' -exec chmod +x {} \; -find images/%{jdkimage}/bin/ -exec chmod +x {} \; - -popd >& /dev/null +find ${top_dir_abs_main_build_path}/images/%{jdkimage} -iname '*.so' -exec chmod +x {} \; +find ${top_dir_abs_main_build_path}/images/%{jdkimage}/bin/ -exec chmod +x {} \; # Install nss.cfg right away as we will be using the JRE above -export JAVA_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{jdkimage} +export JAVA_HOME=${top_dir_abs_main_build_path}/images/%{jdkimage} # Install nss.cfg right away as we will be using the JRE above install -m 644 nss.cfg $JAVA_HOME/conf/security/ @@ -1783,14 +1833,19 @@ cat man/man1/java.1 >> man/man1/%{alt_java_name}.1 popd # build cycles -done +done # end of release / debug cycle loop %check # We test debug first as it will give better diagnostics on a crash for suffix in %{rev_build_loop} ; do -export JAVA_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{jdkimage} +top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}} +%if %{include_staticlibs} +top_dir_abs_staticlibs_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{staticlibs_loop}} +%endif + +export JAVA_HOME=${top_dir_abs_main_build_path}/images/%{jdkimage} #check Shenandoah is enabled %if %{use_shenandoah_hotspot} @@ -1807,7 +1862,7 @@ $JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||") # Check correct vendor values have been set $JAVA_HOME/bin/javac -d . %{SOURCE16} -$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" %{oj_vendor_url} %{oj_vendor_bug_url} +$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" "%{oj_vendor_url}" "%{oj_vendor_bug_url}" # Check java launcher has no SSB mitigation if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi @@ -1819,10 +1874,12 @@ nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi %endif +%if %{include_staticlibs} # Check debug symbols in static libraries (smoke test) -export STATIC_LIBS_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{static_libs_image} +export STATIC_LIBS_HOME=${top_dir_abs_staticlibs_build_path}/images/%{static_libs_image} readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep w_remainder.c readelf --debug-dump $STATIC_LIBS_HOME/lib/libfdlibm.a | grep e_remainder.c +%endif # Check debug symbols are present and can identify code find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib @@ -1908,12 +1965,17 @@ STRIP_KEEP_SYMTAB=libjvm* for suffix in %{build_loop} ; do +top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}} +%if %{include_staticlibs} +top_dir_abs_staticlibs_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{staticlibs_loop}} +%endif +jdk_image=${top_dir_abs_main_build_path}/images/%{jdkimage} + # Install the jdk mkdir -p $RPM_BUILD_ROOT%{_jvmdir} -cp -a %{buildoutputdir -- $suffix}/images/%{jdkimage} \ - $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix} +cp -a ${jdk_image} $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix} -pushd %{buildoutputdir $suffix}/images/%{jdkimage} +pushd ${jdk_image} %if %{with_systemtap} # Install systemtap support files @@ -1957,18 +2019,19 @@ pushd %{buildoutputdir $suffix}/images/%{jdkimage} popd # Install static libs artefacts +%if %{include_staticlibs} mkdir -p $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/lib/static/linux-%{archinstall}/glibc -cp -a %{buildoutputdir -- $suffix}/images/%{static_libs_image}/lib/*.a \ +cp -a ${top_dir_abs_staticlibs_build_path}/images/%{static_libs_image}/lib/*.a \ $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/lib/static/linux-%{archinstall}/glibc - +%endif if ! echo $suffix | grep -q "debug" ; then # Install Javadoc documentation install -d -m 755 $RPM_BUILD_ROOT%{_javadocdir} - cp -a %{buildoutputdir $suffix}/images/docs $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir $suffix} + cp -a ${top_dir_abs_main_build_path}/images/docs $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix} built_doc_archive=jdk-%{filever}%{ea_designator_zip}+%{buildver}%{lts_designator_zip}-docs.zip - cp -a %{buildoutputdir -- $suffix}/bundles/${built_doc_archive} \ - $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix}.zip || ls -l %{buildoutputdir -- $suffix}/bundles/ + cp -a ${top_dir_abs_main_build_path}/bundles/${built_doc_archive} \ + $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix}.zip || ls -l ${top_dir_abs_main_build_path}/bundles/ fi # Install release notes @@ -2194,8 +2257,10 @@ end %files devel %{files_devel %{nil}} +%if %{include_staticlibs} %files static-libs %{files_static_libs %{nil}} +%endif %files jmods %{files_jmods %{nil}} @@ -2226,8 +2291,10 @@ end %files devel-slowdebug %{files_devel -- %{debug_suffix_unquoted}} +%if %{include_staticlibs} %files static-libs-slowdebug %{files_static_libs -- %{debug_suffix_unquoted}} +%endif %files jmods-slowdebug %{files_jmods -- %{debug_suffix_unquoted}} @@ -2250,8 +2317,10 @@ end %files devel-fastdebug %{files_devel -- %{fastdebug_suffix_unquoted}} +%if %{include_staticlibs} %files static-libs-fastdebug %{files_static_libs -- %{fastdebug_suffix_unquoted}} +%endif %files jmods-fastdebug %{files_jmods -- %{fastdebug_suffix_unquoted}} @@ -2265,6 +2334,28 @@ end %endif %changelog +* Thu Apr 15 2021 Andrew Hughes - 1:11.0.11.0.9-0 +- Update to jdk-11.0.11.0+9 +- Update release notes to 11.0.11.0+9 +- Require tzdata 2020f to match upstream change JDK-8259048 +- Require tzdata 2021a to match upstream change JDK-8260356 +- Remove RH1868754 patch as this is now resolved upstream by JDK-8258833 +- Remove RH1868740 & RH1883849 patches as these are now resolved by JDK-8259319 +- This tarball is embargoed until 2021-04-20 @ 1pm PT. +- Resolves: rhbz#1938201 + +* Thu Apr 15 2021 Jayashree Huttanagoudar - 1:11.0.11.0.9-0 +- Fix issue where CheckVendor.java test erroneously passes when it should fail. +- Add proper quoting so '&' is not treated as a special character by the shell. +- Fixed not-including fastdebug build in case of --without fastdebug +- Resolves: rhbz#1938201 + +* Mon Feb 22 2021 Andrew Hughes - 1:11.0.10.0.9-5 +- Perform static library build on a separate source tree with bundled image libraries +- Make static library build optional +- Based on initial work by Severin Gehwolf +- Resolves: rhbz#1930513 + * Mon Jan 18 2021 Andrew Hughes - 1:11.0.10.0.9-4 - Fix accidental use of $ instead of % for variable reference. - Resolves: rhbz#1908972