Originally reported from abs@ on tech-pkg@.
From random(4) man page:
Applications should read from /dev/urandom when they need randomly
generated data, e.g. key material for cryptography or seeds for
simulations.
Changelog:
Fix following security vulnerabilities:
CVE-2016-0499
CVE-2015-4925
CVE-2016-0472
CVE-2015-4921
CVE-2016-0467
CVE-2016-0461
CVE-2015-4923
Bug fixes:
Bug Id Category Subcategory Description
JDK-8133917 client-libs Please backport X11FontManager refactor to Java 8!
JDK-8130136 client-libs 2d Swing window sometimes fails to repaint partially when it becomes exposed
JDK-8132850 client-libs 2d java.lang.ArrayIndexOutOfBoundsException during text rendering with many fonts installed
JDK-8137106 client-libs 2d EUDC (End User Defined Characters) are not displayed on Windows with Java 8u60+
JDK-8065081 client-libs demo Intermittent NPE in Java2Demo applet on Stop/Restart in appletviewer
JDK-8081485 client-libs java.awt EDT auto shutdown is broken in case of new event queue usage
JDK-8081787 client-libs java.awt [macosx] MalformedURLException is thrown during reading data for application/x-java-url;class=java.net.URL flavor
JDK-8086038 client-libs java.awt [macosx] No available data flavors when copying from Microsoft Word for Mac
JDK-8130776 client-libs java.awt Remove EmbeddedFrame.requestFocusToEmbedder() method
JDK-8132382 client-libs java.awt [macosx] Crash during JMC or JavaFX execution when NSApplication is controlled by SWT or JavaFX libraries
JDK-8136763 client-libs java.awt [macosx] java always returns only one value for "text/uri-list" dataflavor even if several files were copied
JDK-8134828 client-libs javax.swing Scrollbar thumb disappears with Nimbus L&F
JDK-8134917 client-libs javax.swing [macosx] JOptionPane doesn't receive mouse events when opened from a drop event
JDK-8134356 core-libs {@code} tag contains < and > sequences
JDK-8134569 core-libs Add tests for prototype callsites
JDK-8134939 core-libs Improve toString method of Dynalink DynamicMethod objects
JDK-8133249 core-libs java.io Occasional SIGSEGV: non thread-safe use of strerr in getLastErrorString
JDK-8073644 core-libs java.lang.invoke Assertion in LambdaFormEditor.bindArgumentType is too strict
JDK-8030785 core-libs java.lang:reflect Missing "since 1.8" javadoc for java.lang.reflect.Method:getParameterCount
JDK-8072466 core-libs java.net Deadlock when initializing MulticastSocket and DatagramSocket
JDK-8087190 core-libs java.net Regression in sun.net.util.IPAddressUtil.isIPv4LiteralAddress(String)
JDK-8133015 core-libs java.net InetAddress.isReachable(tmout) returning wrong value on Windows for IPv6
JDK-8143397 core-libs java.net It looks like InetAddress.isReachable(timeout) works incorrectly
JDK-6857566 core-libs java.nio (bf) DirectByteBuffer garbage creation can outpace reclamation
JDK-8029516 core-libs java.nio (fs) WatchKey cancel unreliable on Windows
JDK-8034057 core-libs java.nio Files.getFileStore and Files.isWritable do not work with SUBST'ed drives (win)
JDK-8080115 core-libs java.nio (fs) Crash in libgio when calling Files.probeContentType(path) from parallel threads
JDK-8130274 core-libs java.nio java/nio/file/FileStore/Basic.java fails when two successive stores in an iteration are determined to be equal
JDK-8133232 core-libs java.nio [fs] Regex has redundant | in the char class
JDK-8133647 core-libs java.nio (ch) Test java/nio/channels/AsynchronousSocketChannel/StressLoopback.java fails for Windows XP
JDK-8137121 core-libs java.nio (fc) Infinite loop FileChannel.truncate
JDK-8138819 core-libs java.nio (se) File descriptor leak when Selector.open fails
JDK-8081794 core-libs java.text ParsePosition getErrorIndex returns 0 for TimeZone parsing problem
JDK-8074032 core-libs java.time Instant.ofEpochMilli(millis).toEpochMilli() can throw arithmetic overflow in toEpochMilli()
JDK-8133022 core-libs java.time Instant.toEpochMilli() silently overflows
JDK-8139107 core-libs java.time DateTimeFormatter with Locale.UK throw a NullPointerException when parsing zone
JDK-6907252 core-libs java.util.jar ZipFileInputStream Not Thread-Safe
JDK-8038502 core-libs java.util.jar Deflater.needsInput() should use synchronization
JDK-8134505 core-libs java.util:i18n Cleanup of "TimeZone_md.c"
JDK-8129957 core-libs javax.naming Deadlock in JNDI LDAP implementation when closing the LDAP context
JDK-8027137 core-libs jdk.nashorn Merge ScriptFunction and ScriptFunctionImpl
JDK-8055917 core-libs jdk.nashorn jdk.nashorn.internal.codegen.CompilationPhase$N should be renamed to proper classes
JDK-8068901 core-libs jdk.nashorn Surprising behavior with more than one functional interface on a class
JDK-8068903 core-libs jdk.nashorn Can't invoke vararg @FunctionalInterface methods
JDK-8073613 core-libs jdk.nashorn Here documents: how to avoid string interpolation?
JDK-8073733 core-libs jdk.nashorn TypeError messages with "call" and "new" could be improved
JDK-8087292 core-libs jdk.nashorn nashorn should have a "fail-fast" option for scripting, analog to bash "set -e"
JDK-8087312 core-libs jdk.nashorn PropertyMapWrapper.equals should compare className
JDK-8114838 core-libs jdk.nashorn Anonymous functions escape to surrounding scope when defined under "with" statement
JDK-8129950 core-libs jdk.nashorn Wrong condition for checking absence of logger in MethodHandleFactory
JDK-8129959 core-libs jdk.nashorn DebugLogger has unnecessary API methods
JDK-8130234 core-libs jdk.nashorn Get rid of JSType.isNegativeZero
JDK-8130307 core-libs jdk.nashorn improve Nashorn Javadoc target
JDK-8130424 core-libs jdk.nashorn if directory specified with --dest-dir does not exist, only .class files are dumped and .js files are not
JDK-8130476 core-libs jdk.nashorn Remove unused methods in Global.java
JDK-8130663 core-libs jdk.nashorn 6 fields can be static fields in Global class
JDK-8130853 core-libs jdk.nashorn Non-extensible global is not handled property
JDK-8131039 core-libs jdk.nashorn after adding a function property to Object.prototype, JSON.parse with reviver function goes into infinite loop
JDK-8131340 core-libs jdk.nashorn Varargs function is recompiled each time it is linked
JDK-8131683 core-libs jdk.nashorn Delete fails over multiple scopes
JDK-8133119 core-libs jdk.nashorn Error message associated with TypeError for call and new should include stringified Node
JDK-8133300 core-libs jdk.nashorn Ensure symbol table immutability in Nashorn AST
JDK-8133785 core-libs jdk.nashorn SharedScopeCall should be enabled for non-optim call sites even with optimistic compilation
JDK-8134150 core-libs jdk.nashorn Make Nashorn Timing class both threadsafe and efficient
JDK-8134484 core-libs jdk.nashorn disallow backquotes as heredoc end marker delimiters
JDK-8134488 core-libs jdk.nashorn0 core-libs jdk.nashorn Dead var statement evacuation incorrectly descends into nested functions
JDK-8134502 core-libs jdk.nashorn introduce abstraction for basic NodeVisitor usage
JDK-8134609 core-libs jdk.nashorn Allow constructors with same prototoype e-libs jdk.nashorn Defer stack trace walking of NashornException for extracting line number and file name
JDK-8134931 core-libs jdk.nashorn jdk.nashorn.internal.codegen.TypeMap should not use Map
JDK-8134973 core-libs jdk.nashorn Control flow exceptions s
JDK-8135075 core-libs jdk.nashorn Reorder short-circuit tests in ApplySpecialization to run cheapest first
JDK-8135190 core-libs jdk.nashorn Method code too large in Babel browser.js script
JDK-8135262 core-libs jdk.nashorn Sanitize CodeInstaller and ComJDK-8135337 core-libs jdk.nashorn NativeDebug.dumpCounters with incorrect scope count
JDK-8136349 core-libs jdk.nashorn Typos patch for nashorn sources submitted on Sep 10, 2015
JDK-8136544 core-libs jdk.nashorn Call site switching to megamorphic causes incorrect property read
JDK-8136694 core-libs jdk.nashorn Megemorphic scope access does not throw ReferenceError when property is missing
JDK-8137258 core-libs jdk.nashorn JSObjectLinker and BrowserJSObjectLinker should not expose internal JS objects
JDK-8137281 core-libs jdk.nashorn OutOfMemoryError with large numeric keys in JSON.parse
JDK-8137333 core-libs jdk.nashorn Boundless soft caching of property map histories causes high memory pressure
JDK-8138616 core-libs jdk.nashorn invokeFunction fails if function calls a function defined in GLOBAL_SCOPE
JDK-8138632 core-libs jdk.nashorn Sparse array does not handle growth of underlying dense array
JDK-8074696 core-svc debugger Remote debugging session hangs for several minutes when calling findBootType
JDK-8074368 core-svc java.lang.management ThreadMXBean.getThreadInfo() corrupts memory when called with empty array for thread ids
JDK-8133666 core-svc java.lang.management OperatingSystemMXBean reports abnormally high machine CPU consumption on Linux
JDK-8075773 core-svc tools jps running as root fails after the fix of JDK-8050807
JDK-8139613 deploy push of backport of JDK-8081846 broke build
JDK-8138650 deploy packager Packager cannot bundle Mac App Store Apps because JavaFX WebKit uses apple private APIs
JDK-8133985 deploy plugin "Apply" button is permanently disabled in JCP, after roaming profile option is changed
JDK-8134109 deploy plugin Applet2Manager.getMainDeploymentRuleSet ignores jar version.
JDK-8134495 deploy plugin Cannot enable debugging on JNLP applet with java-vm-args params
JDK-7156268 deploy webstart app is stuck when launching with javaagent if there is no jre info in deployment.properties
JDK-8055464 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - java part
JDK-8056013 deploy webstart Web Start looks in currently directory for all classes prior to jars - slow
JDK-8077380 deploy webstart JNLPSigning exception when signed jnlp is launched from local tomcat server
JDK-8081846 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - Windows registration part
JDK-8135115 deploy webstart DRS1.3: App is not blocked when there is a invalid attribute in jnlp-checksum
JDK-8135227 deploy webstart DRS 1.3 enhancements doesn't work as expected when load no href jnlp by "javaws <local_path_of_jnlp_file>"
JDK-8136906 deploy webstart Extreme Application Startup Time due to frequent requests for the jnlp-6.0.dtd
JDK-8139323 deploy webstart JNLPSignedResourcesHelperTest shows regression caused by JDK-8129600
JDK-8140264 deploy webstart create junit test for JDK-8136906
JDK-8140740 deploy webstart Test jnlp_file/applicationDesc/index.html\#args is failing
JDK-8011858 hotspot compiler Use Compile::live_nodes() instead of Compile::unique() in appropriate places
JDK-8058737 hotspot compiler CodeCache::find_blob fails with 'unsafe access to zombie method'
JDK-8075805 hotspot compiler Crash while trying to release CompiledICHolder
JDK-8134031 hotspot compiler Incorrect JIT compilation of complex code with inlining and escape analysis
JDK-8134493 hotspot compiler Cleaning inline caches of unloaded nmethods should be done in sweeper
JDK-8133193 hotspot gc Memory leak in G1 because G1RootProcessor doesn't have desctructor
JDK-8029453 hotspot runtime java/util/concurrent/locks/ReentrantLock/TimeoutLockLoops.java failed by timeout
JDK-8135002 hotspot runtime Fix or remove broken links in objectMonitor.cpp comments
JDK-8139150 hotspot runtime ClassVerifier frees exception message while it's still in use
JDK-8140249 hotspot runtime JVM Crashing During startUp If Flight Recording is enabled
JDK-7194452 security-libs java.security Remove "Reverse" PKIX CertPathBuilder implementation
JDK-8130875 security-libs java.security Ucrypto library leaks memory when null output buffer is specified
JDK-8136534 security-libs java.security Loading JKS keystore using non-null InputStream results in closed stream
JDK-8132551 security-libs javax.crypto:pkcs11 Initialize local variables before returning them in p11_convert.c
JDK-8067422 tools javac Lambda method names are unnecessarily unstable
JDK-8071291 tools javac Compiler crashes trying to cast UnionType to IntersectionClassType
JDK-8073519 xml jaxb schemagen does not report errors while generating xsd files
Changelog:
http://www.oracle.com/technetwork/java/javase/8u66-relnotes-2692847.html
New Features and Changes
The following are some of the notable new features and changes in this release:
Support ISO 4217 "Current funds codes" table (A.2)
This enhancement adds support for ISO 4217 table A.2 fund codes. Previously the JDK only supported those currencies listed in table A.1.
See JDK-8074350.
Bug Fixes
This release contains fixes for security vulnerabilities. For more information, see Oracle Critical Patch Update Advisory. For a list of bug fixes included in this release, see JDK 8u66 Bug Fixes page.
The following are some of the notable bug fixes included in this release:
Hotspot should use PICL interface to get cacheline size on SPARC The libpicl library is now required on Solaris/SPARC to determine the size of the cache lines. In case the library is not present or the PICL service is not available the JVM will display a warning and compiler optimizations that utilize the BIS (Block Initializing Store) instruction will be turned off.
See JDK-8056124.
Preloading libjsig.dylib causes deadlock when signal() is called
Applications need to preload the libjsig library to enable signal chaining. Previously, on OS X, after libjsig.dylib was preloaded, any call from native code to signal() caused a deadlock. This has been corrected.
See JDK-8072147.
VM crash when class is redefined with Instrumentation.redefineClasses
The JVM could crash when a class was redefined with Instrumentation.redefineClasses(). The crash could either be a segmentation fault at SystemDictionary::resolve_or_null, or an internal error with the message "tag mismatch with resolution error table". This has now been fixed .
See JDK-8076110.
JDK-8087201 client-libs 2D
OGL: rendering of lcd text is slow
JDK-8130938 client-libs 2D [solaris] Incomplete 8ux fix for 8071710: libfontmanager & t2k should link against headless awt on solaris
JDK-8037371 client-libs java.awt [macosx] Test closed/java/awt/dnd/ImageTransferTest/ImageTransferTest.html fails
JDK-8131752 client-libs java.awt [Regression] Test java/awt/GraphicsDevice/CheckDisplayModes.java fails
JDK-8134453 client-libs javax.accessibility JAWS crashes in WindowsAccessBridge.DLL on 32 bit 8u60 running on 32 bit Win 7
JDK-8134403 core-libs jdk.nashorn Nashorn react.js benchmark performance regression
JDK-8079618 deploy plugin AccessControlException with deployment cache and RMI
JDK-8135116 globalization translation [de] Missing the link of license agreement
JDK-6904403 hotspot jvmti assert(f == k->has_finalizer(),"inconsistent has_finalizer") with debug VM
JDK-8048353 hotspot runtime jstack -l crashes VM when a Java mirror for a primitive type is locked
JDK-8072147 hotspot runtime Preloading libjsig.dylib causes deadlock when signal() is called
JDK-8076110 hotspot runtime VM crash when class is redefined with Instrumentation.redefineClasses
JDK-8133191 install NVDA screen reader and JAWS can't read the "Look and Feel" Selections.
JDK-8078495 security-libs org.ietf.jgss:krb5 End time checking for native TGT is wrong
JDK-8131907 xml jaxp Numerous threads lock during XML processing while running Weblogic 12.1.3
Fixed securty bugs:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4835
CVE-2015-4881
CVE-2015-4843
CVE-2015-4883
CVE-2015-4860
CVE-2015-4805
CVE-2015-4844
CVE-2015-4901
CVE-2015-4868
CVE-2015-4810
CVE-2015-4806
CVE-2015-4871
CVE-2015-4902
CVE-2015-4840
CVE-2015-4882
CVE-2015-4842
CVE-2015-4734
CVE-2015-4903
CVE-2015-4803
CVE-2015-4893
CVE-2015-4911
CVE-2015-4872
CVE-2015-4906
CVE-2015-4916
CVE-2015-4908
because this is a GNU configure script and without it we do not get
config.{sub,guess} overrides.
Instead, pass --disable-option-checking to the configure script so that
unrecognized options that appear when using pkgsrc iconv are discarded.
Changelog:
From: https://www.java.com/en/download/faq/release_changes.xml
Java 8 Update 60 (8u60)
Release Highlights
IANA Data 2015e
JDK 8u60 contains IANA time zone data version 2015e. For more information, refer to Timezone Data Versions in the JRE Software.
Bug Fix: dns_lookup_realm should be false by default
The dns_lookup_realm setting in Kerberos' krb5.conf file is by default false. See 8080637.
Bug Fix: Disable RC4 cipher suites
RC4-based TLS ciphersuites (e.g. TLS_RSA_WITH_RC4_128_SHA) are now considered compromised and should no longer be used (see RFC 7465). Accordingly, RC4-based TLS ciphersuites have been deactivated by default in the Oracle JSSE implementation by adding "RC4" to "jdk.tls.disabledAlgorithms" security property, and by removing them from the default enabled ciphersuites list. These cipher suites can be reactivated by removing "RC4" form "jdk.tls.disabledAlgorithms" security property in the java.security file or by dynamically calling Security.setProperty(), and also readding them to the enabled ciphersuite list using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. You can also use the -Djava.security.properties command line option to override the jdk.tls.disabledAlgorithms security property. For example:
java -Djava.security.properties=my.java.security ...
where my.java.security is a file containing the property without RC4:
jdk.tls.disabledAlgorithms=SSLv3
Even with this option set from commandline, the RC4 based ciphersuites need to be re-added to the enabled ciphersuite list by using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. See 8076221.
Bug Fix: Support keystore type detection for JKS and PKCS12 keystores
Keystore Compatibility Mode: To aid interoperability, the Java keystore type JKS now supports keystore compatibility mode by default. This mode enables JKS keystores to access both JKS and PKCS12 file formats. To disable keystore compatibility mode set the Security property keystore.type.compat to the string value false. See 8062552.
Bug Fix: Deprecate Unsafe monitor methods in JDK 8u release
The methods monitorEnter, monitorExit and tryMonitorEnter on sun.misc.Unsafe are marked as deprecated in JDK 8u60 and will be removed in a future release. These methods are not used within the JDK itself and are very rarely used outside of the JDK. See 8069302.
Bug Fix: Extract JFR recording from the core file using SA
DumpJFR is a Serviceability Agent based tool that can be used to extract Java Flight Recorder(JFR) data from the core files and live Hotspot processes. DumpJFR can be used in one of the following methods:
Attach DumpJFR to a live process:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <pid>
Attach DumpJFR to a core file:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <java> <core>
DumpJFR tool dumps the JFR data to a file called recording.jfr in the current working folder. See 8065301 (not public).
Bug Fix: Local variables named 'enum' lead to spurious compiler crashes
The javac parser is incorrectly parsing local variables with name 'enum'; this results in spurious failures when a program containing such local variables is compiled with a 'source' flag corresponding to a release in which the enum construct is not available (such as '-source 1.4'). See 8069181.
Java Development Kit for ARM Release 8u60
This release includes Java Development Kit for ARM Release 8u60 (JDK 8u60 for ARM). For ARM device support information, see JDK for ARM Downloads page. For system requirements, installation instructions and troubleshooting tips, see Installation Instructions page.
Limitation: Native Memory Tracking support is limited in JDK for ARM. The java command line option XX:NativeMemoryTracking=detail is not supported for ARM targets (an error message is displayed to user). Instead, use the following option:
XX:NativeMemoryTracking=summary
Documentation Updates due to Nashorn Enhancements
JDK 8u60 includes new enhancements to Nashorn. As a result the following documentation changes should be read in conjunction with the current Nashorn documentation:
Addition: In the previous section, we mentioned that every JavaScript object when exposed to Java APIs implements the java.util.Map interface. This is true even for JavaScript arrays. However, this behavior is often not desired or expected when the Java code expects JSON-parsed objects. Java libraries that manipulate JSON-parsed objects usually expect arrays to expose the java.util.List interface instead. If you need to expose your JavaScript objects so that arrays are exposed as lists and not maps, you can use the Java.asJSONCompatible(obj) function, where obj is the root of your JSON object tree.
Correction: The caution mentioned at the end of Mapping Data Types section, is no longer applicable. Nashorn ensures that internal JavaScript strings are converted to java.lang.String when exposed externally.
Correction: The statement in the section Mapping Data Types, that mentions "For example, arrays must be explicitly converted,..." is not correct. Arrays are automatically converted to Java array types, such as java.util.List, java.util.Collection, java.util.Queue and java.util.Deque and so on.
Changes in Deployment Rule Set v1.2
JDK 8u60 implements Deployment Rule Set (DRS) 1.2, which includes the following changes:
Add "checksum" element as sub element of "id" which can allow unsigned jars to be identified by the SHA-256 checksum of the uncompressed form of a jar:
The "checksum" element will match only unsigned jars, and the given hash will be compared only against the uncompressed form of the jar.
The "checksum" element (similar to "certificate" element) has two arguments "hash" and "algorithm", however, unlike "certificate" element, the only supported value for "algorithm" is "SHA-256". Any other value provided will be ignored.
Allow "message" element to apply to all rule types, where previously it only applied to a block rule:
In a run rule, a message sub element will cause a message dialog to be displayed where without a run rule, the default behavior would be to show certificate or unsigned dialog. The message will be displayed in the message dialog.
In a default rule, the message will only be displayed if the default action is to block. In such a case the message will be included in the block dialog.
Echo "customer" blocks in the Java Console, trace files, and Java Usage Tracker records.
Previous to DRS 1.2, "customer" elements could be included (with any sub-elements) in the ruleset.xml file. This element and all its sub elements are ignored. In DRS 1.2, the elements are still functionally ignored. However:
When parsing the ruleset.xml file, all "customer" blocks will be echoed to the Java Console and deployment trace file (if Console and Tracing are enabled).
When using a rule, all "customer" records included within that rule will be added to the Java Usage Tracker (JUT) record (if JUT is enabled).
As a result of the above changes, the DTD for DRS 1.2 is as follows:
<!ELEMENT ruleset (rule*)>
<!ATTRIBUTE ruleset href CDATA #IMPLIED>
<!ATTRIBUTE ruleset version CDATA #REQUIRED>
<!ELEMENT rule (id, action)>
<!ELEMENT id (certificate?) (checksum?) >
<!ATTRIBUTE id title CDATA #IMPLIED>
<!ATTRIBUTE id location CDATA #IMPLIED>
<!ELEMENT certificate EMPTY>
<!ATTLIST certificate algorithm CDATA #IMPLIED>
<!ATTLIST certificate hash CDATA #REQUIRED>
<!ELEMENT checksum EMPTY>
<!ATTLIST checksum algorithm CDATA #IMPLIED>
<!ATTLIST checksum hash CDATA #REQUIRED>
<!ELEMENT action (message?)>
<!ATTRIBUTE permission (run | block | default) #REQUIRED>
<!ATTRIBUTE version CDATA #IMPLIED>
<!ATTRIBUTE force (true|false) "false">
<!ELEMENT message (#PCDATA)>
<!ATTLIST message locale CDATA #IMPLIED>
Java Expiration Date
The expiration date for 8u60 is October 20, 2015. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u60) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes
For a list of bug fixes included in this release, see JDK 8u60 Bug Fixes page.
Changelog:
Bugfixes
http://www.oracle.com/technetwork/java/javase/2col/8u51-bugfixes-2587594.html
Bug Id Category Subcategory Description
JDK-8071668 client-libs java.awt [macosx] Clipboard does not work with 3rd parties Clipboard Managers
JDK-8077685 core-libs java.util:i18n (tz) Support tzdata2015d
JDK-8075602 deploy Applet throws java.security AccessControlException in java console when playing it
JDK-8079223 deploy unnecessary performance degradation caused by fix to JDK-8052111
JDK-8069161 deploy plugin Slow cache performance since JRE 7u06
JDK-8076343 deploy plugin JNLP property apple.laf.useScreenMenuBar no longer treated as secure for Mac OS
JDK-8071897 deploy webstart JRE 8U25 and 8u31 b32 cannot launch Java Web Start with proxy pac but works fine for 7u67
JDK-8078815 deploy webstart Launching of jnlp app fails with JNLPException
JDK-8035938 hotspot jvmti Memory leak in JvmtiEnv::GetConstantPool
JDK-8064546 security-libs javax.crypto CipherInputStream throws BadPaddingException if stream is not fully read
JDK-8078439 security-libs org.ietf.jgss SPNEGO auth fails if client proposes MS krb5 OID
JDK-8073357 xml jaxb schema1.xsd has wrong content. Sequence of the enum values has been changed
JDK-8073385 xml jaxp Bad error message on parsing illegal character in XML attribute
JDK-8074297 xml jaxp substring in XSLT returns wrong character if string contains supplementary chars
Fix following security bugs.
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
CVE-2015-4760
CVE-2015-2628
CVE-2015-4731
CVE-2015-2590
CVE-2015-4732
CVE-2015-4733
CVE-2015-2638
CVE-2015-4736
CVE-2015-4748
CVE-2015-2597
CVE-2015-2664
CVE-2015-2632
CVE-2015-2601
CVE-2015-2613
CVE-2015-2621
CVE-2015-2659
CVE-2015-2619
CVE-2015-2637
CVE-2015-2596
CVE-2015-4749
CVE-2015-4729
CVE-2015-4000
CVE-2015-2808
CVE-2015-2627
CVE-2015-2625
- don't use ALT_JDK_IMPORT_PATH on SunOS, just build like on other platforms
- regen all bootstraps to facilitate removal of the +UseSerialGC hacks
- bootstrap binaries on FTP are now PGP signed
- remove a handful of obsolete patches
does not handle subnormal arithmetic, like on ARM in Flush-to-zero mode.
These workarounds avoid underflow conditions during the bootstrap so the
JDK can correctly build itself. Compiling or running programs other than
openjdk itself on such hardware may still cause unexpected behaviour.
For now, this should fix the spurious JVM initialization error:
"Unable to allocate XXX KB card tables for parallel garbage collection
for the requested YYY KB heap."
XXX: remember to remove all +UseSerialGC hacks after the bootstrap kits
have had a refresh.
