I cannot find release notes for OpenJDK7, I will quote from Oracle's
JDK 7u51 release notes.
Changelog:
7u51: http://www.oracle.com/technetwork/java/javase/7u51-relnotes-2085002.html
Olson Data 2013h
JDK 7u51 contains Olson time zone data version 2013h.
New Features and Changes
Jarsigner updated to encourage timestamping
Timestamping for a signed jar is now strongly recommended. The Jarsigner tool will print out an informational warning at signing or verifying when timestamp is missing. For more information, see Signing JAR Files.
See 8023338.
Changes to Security Slider:
The following changes to Security Slider were included in this release(7u51):
Block Self-Signed and Unsigned applets on High Security Setting
Require Permissions Attribute for High Security Setting
Warn users of missing Permissions Attributes for Medium Security Setting
For more information, see Java Control Panel documentation.
Prompt users to clear previously remembered decisions:
In JDK 7u51, users are given an option to restore the security prompts, for any prompts that were hidden prior to installing the latest release. For more information, see Install Documentation for Windows.
It is recommended that users restore security prompts after every 30 days to ensure better protection.
Note: This option is offered only during Auto update on Mac OS.
Exception Site List:
The Exception Site List feature allows end users to run Java applets and Java Web Start applications that do not meet the latest security requirements. Rich Internet Applications that are hosted on a site in the exception site list are allowed to run with the applicable security prompts.
For more information, see Exception Site List documentation.
Change in Default Socket Permissions
The default socket permissions assigned to all code including untrusted code have been changed in this release. Previously, all code was able to bind any socket type to any port number greater than or equal to 1024. It is still possible to bind sockets to the ephemeral port range on each system. The exact range of ephemeral ports varies from one operating system to another, but it is typically in the high range (such as from 49152 to 65535). The new restriction is that binding sockets outside of the ephemeral range now requires an explicit permission in the system security policy.
Most applications using client tcp sockets and a security manager will not see any problem, as these typically bind to ephemeral ports anyway. Applications using datagram sockets or server tcp sockets (and a security manager) may encounter security exceptions where none were seen before. If this occurs, users should review whether the port number being requested is expected, and if this is the case, a socket permission grant can be added to the local security policy, to resolve the issue.
See 8011786 (not public).
Change in JAXP Xalan Extension Functions
In JDK 7u51, a change has been made in JAXP Xalan Extension functions to always use the default DOM implementation when Security Manager is present. This change affects the NodeSet created by DOM Document.
Before this change, the DOM implementation is located through the DOM factory lookup process. With this change, when security is enabled, the lookup process is skipped and the default DOM implementation is used.
This change will only affect those applications that use a 3rd party DOM implementation. In general, the NodeSet structure is expected to be compatible with that of the JDK default implementation.
Bug Fixes
This release contains fixes for security vulnerabilities. For more information, see Oracle Java SE Critical Patch Update Advisory.
For a list of bug fixes included in this release, see JDK 7u51 Bug Fixes page.
The following are some of the notable bug fixes in this release:
Area: tools/jar
Synopsis: Clarify jar verifications
The jarsigner tool prints out more messages when there are severe warnings and -strict is on. For details, see the jarsigner tool documentation (Windows)(Solaris/Linux).
See 8024302 (not public).
any longer. Change LICENSE to modified-bsd per upstream.
Changes:
2.7.1 (2013-09-07)
Improved OFX parsing. (#369)
Fixed rounding error when changing split amounts. (#367)
Fixed Qt import window glitch. (#371)
Improved currency rates fetching reliability.
Fixed occasional hard crashes on accounts drag & drop. [Mac] (#354)
2.7.0 (2013-05-26)
Added support for custom currencies. (#33)
Fixed amount parsing bug with currencies with many decimals.
Fixed cache folder bug causing cached files to be misplaced. [Linux, Windows]
Dropped 32-bit support on Mac OS X.
2.6.3 (2013-03-23)
Fixed a selection glitch on New Account. (#358)
Fixed a schedule spawning bug. (#362)
Removed the fairware dialog (More Info).
Added a 64-bit build for Windows.
Added Spanish localization by Enrique G. Paredes.
2.6.2 (2013-01-06)
Fixed a bug causing transaction imbalance after import. (#351)
Fixed glitch in bar graph drawing. (#352)
Fixed a bug in QIF exports. (#353)
Fixed a crash on print. [Linux, Windows] (#349)
Assembler issues still seem to be there at least on SunOS.
* Version 3.2.9 (released 2014-01-24)
** libgnutls: The %DUMBFW option in priority string only
appends data to client hello if the expected size is in the
"black hole" range.
** libgnutls: %COMPAT implies %DUMBFW.
** libgnutls: gnutls_session_get_desc() returns a more compact
ciphersuite description.
* libgnutls: In PKCS #11 allow deleting multiple non-certificate data.
** libgnutls: When a PKCS #11 trust store is specified (e.g. using the
configure option --with-default-trust-store-pkcs11), then the PKCS #11
token is used on demand to obtain the trusted anchors, rather than
preloading all trusted certificates. That delegates CA certificate management
and blacklist checking to the PKCS #11 module.
** libgnutls: When a PKCS #11 trust store is specified in configure option
or in gnutls_x509_trust_list_add_trust_file(), then the module is used
to obtain the verification anchors and any required blacklists as in
http://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-pkcs11.html
** libgnutls: Fix in OCSP certificate status extension handling
in non-blocking servers. Patch by Nils Maier.
** p11tool: Added --so-login option to force login as security
officer (admin).
** API and ABI modifications:
No changes since last version.
Alex Deucher (16):
radeon: disallow glamor on pre-R600 asics
radeon/kms: add berlin pci ids
radeon: enable glamor by default (v4)
glamor: require 0.5.1 or newer
radeon: fix limit handling for cards with >4G of ram
radeon: add glamor Xv support (v2)
Revert "radeon: add glamor Xv support (v2)"
drm/radeon: fix non-glamor build
radeon: fix the non-glamor build harder...
radeon: enable tiling on SI by default (v2)
radeon: add support for Hawaii
radeon/kms: add Hawaii pci ids
drm/radeon: fix SUMO2 pci id
radeon/exa: Always use a scratch surface for UTS to vram
Require glamor 0.6.0
radeon: bump version for release
Christopher James Halse Rogers (1):
EXA/evergreen: Paranoia around linear tiling. (v2)
Dave Airlie (1):
radeon: use glamor Xv support if present.
Jerome Glisse (1):
radeon/glamor: with new pixmap for dri2 drawable no need to
create new texture
Maarten Lankhorst (1):
bump version post release
Mark Kettenis (1):
Fix shadowfb on big-endian machines
Michel Dänzer (3):
DRI2: Install client callback only once
dri2: Make last_vblank_seq local unsigned to match dpms_last_seq
Don't require the glamoregl module to be pre-loaded with xserver >= 1.15
Robert Millan (2):
radeon: Set first parameter of drmOpen() to NULL
radeon: Restore kernel module load on FreeBSD.
Vadim Girlin (1):
radeon: disable 2D tiling on buffers < 128 pixels
3.01a22:
mkisofs includes a new option, -legacy, that allows it to reenable
the short options -H/-L/-P; these have been disabled in 2006 for
compatibility with scripts that have not been updated during the
past 10 years. libsiconv now only tries to open a file when the
argument includes a slash in its name. libschily::printf() now
includes support for %n$ argument reordering for the first 30
arguments.
Ben Widawsky (3):
intel: squash unused variable 'bo_gem'
intel: Handle malloc fails in context create
intel: Merge latest i915_drm.h
Eric Anholt (2):
drm: Initialize or valgrind-clear modesetting ioctl arguments.
intel: Track whether a buffer is idle to avoid trips to the kernel.
Hyungwon Hwang (1):
tests/kmstest: support exynos
Keith Packard (1):
Mark debug_print with __attribute__ ((format(__printf__, 1, 0)))
Kenneth Graunke (2):
intel: Create a new drm_intel_bo offset64 field.
Bump the version to 2.4.52
Rob Clark (1):
freedreno: add fd_device_new_dup()
Vincent ABRIOU (1):
modetest: add the possibility to select the refresh frequency for a mode
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
