SUSE-IU-2024:1912-1: Security update of containers/apache-tomcat
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Dec 2 12:18:47 UTC 2024
SUSE Image Update Advisory: containers/apache-tomcat
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1912-1
Image Tags : containers/apache-tomcat:9-openjdk17 , containers/apache-tomcat:9.0.97-openjdk17 , containers/apache-tomcat:9.0.97-openjdk17-59.4
Image Release : 59.4
Severity : important
Type : security
References : 1201684 1201685 1201692 1201694 1203476 1204468 1204472 1204473
1204475 1204480 1205916 1205916 1206549 1207246 1207248 1207922
1209333 1210392 1210628 1210631 1210632 1210634 1210635 1210636
1210637 1211259 1211679 1213470 1213473 1213474 1213475 1213479
1213481 1213482 1214790 1216339 1216374 1218903 1218905 1218907
1218908 1218909 1218911 1219662 1222979 1222983 1222986 1222987
1227298 1228046 1228047 1228048 1228051 1228052 1231702 1231711
1231716 1231719 CVE-2022-21540 CVE-2022-21541 CVE-2022-21549
CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21628 CVE-2022-34169
CVE-2022-39399 CVE-2023-21835 CVE-2023-21843 CVE-2023-21930 CVE-2023-21937
CVE-2023-21938 CVE-2023-21939 CVE-2023-21954 CVE-2023-21967 CVE-2023-21968
CVE-2023-22006 CVE-2023-22025 CVE-2023-22036 CVE-2023-22041 CVE-2023-22044
CVE-2023-22045 CVE-2023-22049 CVE-2023-22081 CVE-2023-25193 CVE-2024-20918
CVE-2024-20919 CVE-2024-20921 CVE-2024-20932 CVE-2024-20945 CVE-2024-20952
CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094 CVE-2024-21131
CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 CVE-2024-21208
CVE-2024-21210 CVE-2024-21217 CVE-2024-21235
-----------------------------------------------------------------
The container containers/apache-tomcat was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2660-1
Released: Wed Aug 3 21:06:01 2022
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1201684,1201685,1201692,1201694,CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-34169
This update for java-17-openjdk fixes the following issues:
Update to upstream tag jdk-17.0.4+8 (July 2022 CPU)
- CVE-2022-21540: Improve class compilation (bsc#1201694)
- CVE-2022-21541: Enhance MethodHandle invocations (bsc#1201692)
- CVE-2022-34169: Improve Xalan supports (bsc#1201684)
- CVE-2022-21549: java.util.random does not correctly sample exponential or Gaussian distributions (bsc#1201685)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4079-1
Released: Fri Nov 18 15:36:28 2022
Summary: Security update for java-17-openjdk
Type: security
Severity: moderate
References: 1203476,1204468,1204472,1204473,1204475,1204480,CVE-2022-21618,CVE-2022-21619,CVE-2022-21624,CVE-2022-21628,CVE-2022-39399
This update for java-17-openjdk fixes the following issues:
- Update to jdk-17.0.5+8 (October 2022 CPU)
- CVE-2022-39399: Improve HTTP/2 client usage(bsc#1204480)
- CVE-2022-21628: Better HttpServer service (bsc#1204472)
- CVE-2022-21624: Enhance icon presentations (bsc#1204475)
- CVE-2022-21619: Improve NTLM support (bsc#1204473)
- CVE-2022-21618: Wider MultiByte (bsc#1204468)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:297-1
Released: Tue Feb 7 13:17:47 2023
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: moderate
References: 1205916
This update for java-17-openjdk fixes the following issues:
- Modified patches:
Revert fips patch to a version used with 17.0.4.0 (bsc#1205916)
Apply nss-security-provider patch after the fips patch, thus rediff the hunk to changed context.
- Fix jconsole.desktop icon
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:435-1
Released: Thu Feb 16 11:06:29 2023
Summary: Security update for java-17-openjdk
Type: security
Severity: moderate
References: 1205916,1207246,1207248,CVE-2023-21835,CVE-2023-21843
This update for java-17-openjdk fixes the following issues:
Updated to version jdk-17.0.6.0+10:
- CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).
- CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).
Bugfixes:
- Avoid calling C_GetInfo() too early, before cryptoki is initialized (bsc#1205916).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1632-1
Released: Tue Mar 28 12:53:57 2023
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: important
References: 1206549
This update for java-17-openjdk fixes the following issues:
- Remove the accessibility RPM sub-package because it causes problems (bsc#1206549)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2110-1
Released: Fri May 5 14:10:21 2023
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1209333,1210628,1210631,1210632,1210634,1210635,1210636,1210637,CVE-2023-21930,CVE-2023-21937,CVE-2023-21938,CVE-2023-21939,CVE-2023-21954,CVE-2023-21967,CVE-2023-21968
This update for java-17-openjdk fixes the following issues:
Update to upstrem tag jdk-17.0.7+7 (April 2023 CPU)
Security fixes:
- CVE-2023-21930: Fixed AES support (bsc#1210628).
- CVE-2023-21937: Fixed String platform support (bsc#1210631).
- CVE-2023-21938: Fixed runtime support (bsc#1210632).
- CVE-2023-21939: Fixed Swing platform support (bsc#1210634).
- CVE-2023-21954: Fixed object reclamation process (bsc#1210635).
- CVE-2023-21967: Fixed TLS session negotiation (bsc#1210636).
- CVE-2023-21968: Fixed path handling (bsc#1210637).
Other fixes:
- Fixed socket setTrafficClass not working for IPv4 connections when IPv6 is enabled (bsc#1209333).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2340-1
Released: Thu Jun 1 09:46:52 2023
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: moderate
References: 1210392,1211259
This update for java-17-openjdk fixes the following issues:
- In SSLSessionImpl, interpret length of SNIServerName as an unsigned byte so that it can have length up to 255 rather
than 127 (SG#65673, bsc#1210392)
- Do not install separate nss.fips.cfg file, since there is now one in the tree and the install happens automatically
- Enable system property file by default, without which the FIPS mode would never get enabled (bsc#1211259)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2825-1
Released: Fri Jul 14 11:21:46 2023
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: moderate
References: 1211679
This update for java-17-openjdk fixes the following issues:
- Bring back our nss.fips.cfg file, as the variable expansion
in the upstream file does not work (bsc#1211679)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3023-1
Released: Fri Jul 28 21:59:48 2023
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1207922,1213473,1213474,1213475,1213479,1213481,1213482,CVE-2023-22006,CVE-2023-22036,CVE-2023-22041,CVE-2023-22044,CVE-2023-22045,CVE-2023-22049,CVE-2023-25193
This update for java-17-openjdk fixes the following issues:
Updated to version jdk-17.0.8+7 (July 2023 CPU):
- CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473).
- CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474).
- CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475).
- CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479).
- CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481).
- CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482).
- CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922).
- JDK-8294323: Improve Shared Class Data
- JDK-8296565: Enhanced archival support
- JDK-8298676, JDK-8300891: Enhanced Look and Feel
- JDK-8300285: Enhance TLS data handling
- JDK-8300596: Enhance Jar Signature validation
- JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1
- JDK-8302475: Enhance HTTP client file downloading
- JDK-8302483: Enhance ZIP performance
- JDK-8303376: Better launching of JDI
- JDK-8304460: Improve array usages
- JDK-8304468: Better array usages
- JDK-8305312: Enhanced path handling
- JDK-8308682: Enhance AES performance
Bugfixes:
- JDK-8178806: Better exception logging in crypto code
- JDK-8201516: DebugNonSafepoints generates incorrect
information
- JDK-8224768: Test ActalisCA.java fails
- JDK-8227060: Optimize safepoint cleanup subtask order
- JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java
fails with AssertionError
- JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
- JDK-8244976: vmTestbase/nsk/jdi/Event/request/request001.java
doesn' initialize eName
- JDK-8245877: assert(_value != __null) failed: resolving NULL
_value in JvmtiExport::post_compiled_method_load
- JDK-8248001: javadoc generates invalid HTML pages whose
ftp:// links are broken
- JDK-8252990: Intrinsify Unsafe.storeStoreFence
- JDK-8254711: Add java.security.Provider.getService JFR Event
- JDK-8257856: Make ClassFileVersionsTest.java robust to JDK
version updates
- JDK-8261495: Shenandoah: reconsider update references memory
ordering
- JDK-8268288: jdk/jfr/api/consumer/streaming/
/TestOutOfProcessMigration.java fails with 'Error:
ShouldNotReachHere()'
- JDK-8268298: jdk/jfr/api/consumer/log/TestVerbosity.java
fails: unexpected log message
- JDK-8268582: javadoc throws NPE with --ignore-source-errors
option
- JDK-8269821: Remove is-queue-active check in inner loop of
write_ref_array_pre_work
- JDK-8270434: JDI+UT: Unexpected event in JDI tests
- JDK-8270859: Post JEP 411 refactoring: client libs with
maximum covering > 10K
- JDK-8270869: G1ServiceThread may not terminate
- JDK-8271519: java/awt/event/SequencedEvent/
/MultipleContextsFunctionalTest.java failed with 'Total [200]
- Expected [400]'
- JDK-8273909: vmTestbase/nsk/jdi/Event/request/request001 can
still fail with 'ERROR: new event is not ThreadStartEvent'
- JDK-8274243: Implement fast-path for ASCII-compatible
CharsetEncoders on aarch64
- JDK-8274615: Support relaxed atomic add for linux-aarch64
- JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile
- JDK-8275233: Incorrect line number reported in exception
stack trace thrown from a lambda expression
- JDK-8275287: Relax memory ordering constraints on updating
instance class and array class counters
- JDK-8275721: Name of UTC timezone in a locale changes
depending on previous code
- JDK-8275735: [linux] Remove deprecated Metrics api (kernel
memory limit)
- JDK-8276058: Some swing test fails on specific CI macos system
- JDK-8277407: javax/swing/plaf/synth/SynthButtonUI/6276188/
/bug6276188.java fails to compile after JDK-8276058
- JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -
add 4357905
- JDK-8278146: G1: Rework VM_G1Concurrent VMOp to clearly
identify it as pause
- JDK-8278434: timeouts in test java/time/test/java/time/
/format/TestZoneTextPrinterParser.java
- JDK-8278834: Error 'Cannot read field 'sym' because
'this.lvar[od]' is null' when compiling
- JDK-8282077: PKCS11 provider C_sign() impl should handle
CKR_BUFFER_TOO_SMALL error
- JDK-8282201: Consider removal of expiry check in
VerifyCACerts.java test
- JDK-8282227: Locale information for nb is not working properly
- JDK-8282704: runtime/Thread/StopAtExit.java may leak memory
- JDK-8283057: Update GCC to version 11.2.0 for Oracle builds
on Linux
- JDK-8283062: Uninitialized warnings in libgtest with GCC 11.2
- JDK-8283520: JFR: Memory leak in dcmd_arena
- JDK-8283566: G1: Improve G1BarrierSet::enqueue performance
- JDK-8284331: Add sanity check for signal handler modification
warning.
- JDK-8285635: javax/swing/JRootPane/DefaultButtonTest.java
failed with Default Button not pressed for L&F:
com.sun.java.swing.plaf.motif.MotifLookAndFeel
- JDK-8285987: executing shell scripts without #! fails on
Alpine linux
- JDK-8286191: misc tests fail due to JDK-8285987
- JDK-8286287: Reading file as UTF-16 causes Error which
'shouldn't happen'
- JDK-8286331: jni_GetStringUTFChars() uses wrong heap allocator
- JDK-8286346: 3-parameter version of AllocateHeap should not
ignore AllocFailType
- JDK-8286398: Address possibly lossy conversions in
jdk.internal.le
- JDK-8287007: [cgroups] Consistently use stringStream
throughout parsing code
- JDK-8287246: DSAKeyValue should check for missing params
instead of relying on KeyFactory provider
- JDK-8287541: Files.writeString fails to throw IOException for
charset 'windows-1252'
- JDK-8287854: Dangling reference in ClassVerifier::verify_class
- JDK-8287876: The recently de-problemlisted
TestTitledBorderLeak test is unstable
- JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md
with information on 4th party dependencies
- JDK-8288589: Files.readString ignores encoding errors for
UTF-16
- JDK-8289509: Improve test coverage for XPath Axes:
descendant, descendant-or-self, following, following-sibling
- JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space
- JDK-8289949: Improve test coverage for XPath: operators
- JDK-8290822: C2: assert in PhaseIdealLoop::do_unroll() is
subject to undefined behavior
- JDK-8291226: Create Test Cases to cover scenarios for
JDK-8278067
- JDK-8291637: HttpClient default keep alive timeout not
followed if server sends invalid value
- JDK-8291638: Keep-Alive timeout of 0 should close connection
immediately
- JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage()
is lower than expected
- JDK-8292301: [REDO v2] C2 crash when allocating array of size
too large
- JDK-8292407: Improve Weak CAS VarHandle/Unsafe tests
resilience under spurious failures
- JDK-8292713: Unsafe.allocateInstance should be intrinsified
without UseUnalignedAccesses
- JDK-8292755: Non-default method in interface leads to a stack
overflow in JShell
- JDK-8292990: Improve test coverage for XPath Axes: parent
- JDK-8293295: Add type check asserts to
java_lang_ref_Reference accessors
- JDK-8293492: ShenandoahControlThread missing from hs-err log
and thread dump
- JDK-8293858: Change PKCS7 code to use default SecureRandom
impl instead of SHA1PRNG
- JDK-8293887: AArch64 build failure with GCC 12 due to
maybe-uninitialized warning in libfdlibm k_rem_pio2.c
- JDK-8294183: AArch64: Wrong macro check in
SharedRuntime::generate_deopt_blob
- JDK-8294281: Allow warnings to be disabled on a per-file basis
- JDK-8294673: JFR: Add SecurityProviderService#threshold to
TestActiveSettingEvent.java
- JDK-8294717: (bf) DirectByteBuffer constructor will leak if
allocating Deallocator or Cleaner fails with OOME
- JDK-8294906: Memory leak in PKCS11 NSS TLS server
- JDK-8295564: Norwegian Nynorsk Locale is missing formatting
- JDK-8295974: jni_FatalError and Xcheck:jni warnings should
print the native stack when there are no Java frames
- JDK-8296084: javax/swing/JSpinner/4788637/bug4788637.java
fails intermittently on a VM
- JDK-8296318: use-def assert: special case undetected loops
nested in infinite loops
- JDK-8296343: CPVE thrown on missing content-length in OCSP
response
- JDK-8296412: Special case infinite loops with unmerged
backedges in IdealLoopTree::check_safepts
- JDK-8296545: C2 Blackholes should allow load optimizations
- JDK-8296934: Write a test to verify whether Undecorated Frame
can be iconified or not
- JDK-8297000: [jib] Add more friendly warning for proxy issues
- JDK-8297154: Improve safepoint cleanup logging
- JDK-8297450: ScaledTextFieldBorderTest.java fails when run
with -show parameter
- JDK-8297587: Upgrade JLine to 3.22.0
- JDK-8297730: C2: Arraycopy intrinsic throws incorrect
exception
- JDK-8297955: LDAP CertStore should use LdapName and not
String for DNs
- JDK-8298488: [macos13] tools/jpackage tests failing with
'Exit code: 137' on macOS
- JDK-8298887: On the latest macOS+XCode the Robot API may
report wrong colors
- JDK-8299179: ArrayFill with store on backedge needs to reduce
length by 1
- JDK-8299259: C2: Div/Mod nodes without zero check could be
split through iv phi of loop resulting in SIGFPE
- JDK-8299544: Improve performance of CRC32C intrinsics
(non-AVX-512) for small inputs
- JDK-8299570: [JVMCI] Insufficient error handling when
CodeBuffer is exhausted
- JDK-8299959: C2: CmpU::Value must filter overflow computation
against local sub computation
- JDK-8300042: Improve CPU related JFR events descriptions
- JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy
due to constant NULL src argument
- JDK-8300823: UB: Compile::_phase_optimize_finished is
initialized too late
- JDK-8300939: sun/security/provider/certpath/OCSP/
/OCSPNoContentLength.java fails due to network errors
- JDK-8301050: Detect Xen Virtualization on Linux aarch64
- JDK-8301119: Support for GB18030-2022
- JDK-8301123: Enable Symbol refcounting underflow checks in
PRODUCT
- JDK-8301190: [vectorapi] The typeChar of LaneType is
incorrect when default locale is tr
- JDK-8301216: ForkJoinPool invokeAll() ignores timeout
- JDK-8301338: Identical branch conditions in
CompileBroker::print_heapinfo
- JDK-8301491: C2: java.lang.StringUTF16::indexOfChar intrinsic
called with negative character argument
- JDK-8301637: ThreadLocalRandom.current().doubles().parallel()
contention
- JDK-8301661: Enhance os::pd_print_cpu_info on macOS and
Windows
- JDK-8302151: BMPImageReader throws an exception reading BMP
images
- JDK-8302172: [JVMCI] HotSpotResolvedJavaMethodImpl.canBeInlined
must respect ForceInline
- JDK-8302320: AsyncGetCallTrace obtains too few frames in
sanity test
- JDK-8302491: NoClassDefFoundError omits the original cause of
an error
- JDK-8302508: Add timestamp to the output TraceCompilerThreads
- JDK-8302594: use-after-free in Node::destruct
- JDK-8302595: use-after-free related to GraphKit::clone_map
- JDK-8302791: Add specific ClassLoader object to Proxy
IllegalArgumentException message
- JDK-8302849: SurfaceManager might expose partially
constructed object
- JDK-8303069: Memory leak in CompilerOracle::parse_from_line
- JDK-8303102: jcmd: ManagementAgent.status truncates the text
longer than O_BUFLEN
- JDK-8303130: Document required Accessibility permissions on
macOS
- JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m
needs CFRelease call in early potential CHECK_NULL return
- JDK-8303433: Bump update version for OpenJDK: jdk-17.0.8
- JDK-8303440: The 'ZonedDateTime.parse' may not accept the
'UTC+XX' zone id
- JDK-8303465: KeyStore of type KeychainStore, provider Apple
does not show all trusted certificates
- JDK-8303476: Add the runtime version in the release file of a
JDK image
- JDK-8303482: Update LCMS to 2.15
- JDK-8303508: Vector.lane() gets wrong value on x86
- JDK-8303511: C2: assert(get_ctrl(n) == cle_out) during
unrolling
- JDK-8303564: C2: 'Bad graph detected in build_loop_late'
after a CMove is wrongly split thru phi
- JDK-8303575: adjust Xen handling on Linux aarch64
- JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs
CFRelease call in early potential CHECK_NULL return
- JDK-8303588: [JVMCI] make JVMCI source directories conform
with standard layout
- JDK-8303809: Dispose context in SPNEGO NegotiatorImpl
- JDK-8303822: gtestMain should give more helpful output
- JDK-8303861: Error handling step timeouts should never be
blocked by OnError and others
- JDK-8303937: Corrupted heap dumps due to missing retries for
os::write()
- JDK-8303949: gcc10 warning Linux ppc64le - note: the layout
of aggregates containing vectors with 8-byte alignment has
changed in GCC 5
- JDK-8304054: Linux: NullPointerException from
FontConfiguration.getVersion in case no fonts are installed
- JDK-8304063: tools/jpackage/share/AppLauncherEnvTest.java
fails when checking LD_LIBRARY_PATH
- JDK-8304134: jib bootstrapper fails to quote filename when
checking download filetype
- JDK-8304291: [AIX] Broken build after JDK-8301998
- JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998
- JDK-8304350: Font.getStringBounds calculates wrong width for
TextAttribute.TRACKING other than 0.0
- JDK-8304671: javac regression: Compilation with --release 8
fails on underscore in enum identifiers
- JDK-8304683: Memory leak in WB_IsMethodCompatible
- JDK-8304760: Add 2 Microsoft TLS roots
- JDK-8304867: Explicitly disable dtrace for ppc builds
- JDK-8304880: [PPC64] VerifyOops code in C1 doesn't work with
ZGC
- JDK-8305088: SIGSEGV in Method::is_method_handle_intrinsic
- JDK-8305113: (tz) Update Timezone Data to 2023c
- JDK-8305400: ISO 4217 Amendment 175 Update
- JDK-8305403: Shenandoah evacuation workers may deadlock
- JDK-8305481: gtest is_first_C_frame failing on ARM
- JDK-8305690: [X86] Do not emit two REX prefixes in
Assembler::prefix
- JDK-8305711: Arm: C2 always enters slowpath for monitorexit
- JDK-8305721: add `make compile-commands` artifacts to
.gitignore
- JDK-8305975: Add TWCA Global Root CA
- JDK-8305993: Add handleSocketErrorWithMessage to extend nio
Net.c exception message
- JDK-8305994: Guarantee eventual async monitor deflation
- JDK-8306072: Open source several AWT MouseInfo related tests
- JDK-8306133: Open source few AWT Drag & Drop related tests
- JDK-8306409: Open source AWT KeyBoardFocusManger,
LightWeightComponent related tests
- JDK-8306432: Open source several AWT Text Component related
tests
- JDK-8306466: Open source more AWT Drag & Drop related tests
- JDK-8306489: Open source AWT List related tests
- JDK-8306543: GHA: MSVC installation is failing
- JDK-8306640: Open source several AWT TextArea related tests
- JDK-8306652: Open source AWT MenuItem related tests
- JDK-8306658: GHA: MSVC installation could be optional since
it might already be pre-installed
- JDK-8306664: GHA: Update MSVC version to latest stepping
- JDK-8306681: Open source more AWT DnD related tests
- JDK-8306683: Open source several clipboard and color AWT tests
- JDK-8306752: Open source several container and component AWT
tests
- JDK-8306753: Open source several container AWT tests
- JDK-8306755: Open source few Swing JComponent and
AbstractButton tests
- JDK-8306768: CodeCache Analytics reports wrong threshold
- JDK-8306774: Make runtime/Monitor/
/GuaranteedAsyncDeflationIntervalTest.java more reliable
- JDK-8306825: Monitor deflation might be accidentally disabled
by zero intervals
- JDK-8306850: Open source AWT Modal related tests
- JDK-8306871: Open source more AWT Drag & Drop tests
- JDK-8306883: Thread stacksize is reported with wrong units in
os::create_thread logging
- JDK-8306941: Open source several datatransfer and dnd AWT
tests
- JDK-8306943: Open source several dnd AWT tests
- JDK-8306954: Open source five Focus related tests
- JDK-8306955: Open source several JComboBox jtreg tests
- JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep
- JDK-8306996: Open source Swing MenuItem related tests
- JDK-8307080: Open source some more JComboBox jtreg tests
- JDK-8307128: Open source some drag and drop tests 4
- JDK-8307130: Open source few Swing JMenu tests
- JDK-8307133: Open source some JTable jtreg tests
- JDK-8307134: Add GTS root CAs
- JDK-8307135: java/awt/dnd/NotReallySerializableTest/
/NotReallySerializableTest.java failed
- JDK-8307331: Correctly update line maps when class redefine
rewrites bytecodes
- JDK-8307346: Add missing gc+phases logging for
ObjectCount(AfterGC) JFR event collection code
- JDK-8307347: serviceability/sa/ClhsdbDumpclass.java could
leave files owned by root on macOS
- JDK-8307378: Allow collectors to provide specific values for
GC notifications' actions
- JDK-8307381: Open Source JFrame, JIF related Swing Tests
- JDK-8307425: Socket input stream read burns CPU cycles with
back-to-back poll(0) calls
- JDK-8307799: Newly added java/awt/dnd/MozillaDnDTest.java has
invalid jtreg `@requires` clause
- JDK-8308554: [17u] Fix commit of 8286191. vm.musl was not
removed from ExternalEditorTest
- JDK-8308880: [17u] micro bench ZoneStrings missed in backport
of 8278434
- JDK-8308884: [17u/11u] Backout JDK-8297951
- JDK-8311467: [17u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.8
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3649-1
Released: Mon Sep 18 15:45:04 2023
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: important
References:
This update for java-17-openjdk fixes the following issues:
- Fix a regression where the validation would reject valid zip64 (zip with 64-bit offset extensions)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4289-1
Released: Tue Oct 31 09:15:08 2023
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1214790,1216339,1216374,CVE-2023-22025,CVE-2023-22081
This update for java-17-openjdk fixes the following issues:
- Updated to JDK 17.0.9+9 (October 2023 CPU):
- CVE-2023-22081: Fixed a partial denial of service issue that could
be triggered via HTTPS (bsc#1216374).
- CVE-2023-22025: Fixed a memory corruption issue in applications
using AVX-512 (bsc#1216339).
Please visit the Oracle Release Notes page for the full changelog:
https://www.oracle.com/java/technologies/javase/17all-relnotes.html
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:325-1
Released: Mon Feb 5 11:39:10 2024
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1218903,1218905,1218907,1218908,1218909,1218911,CVE-2024-20918,CVE-2024-20919,CVE-2024-20921,CVE-2024-20932,CVE-2024-20945,CVE-2024-20952
This update for java-17-openjdk fixes the following issues:
Updated to version 17.0.10 (January 2024 CPU):
- CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM
due to a missing bounds check (bsc#1218907).
- CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class
file verifier (bsc#1218903).
- CVE-2024-20921: Fixed an incorrect optimization in the Hotspot JVM
that could lead to corruption of JVM memory (bsc#1218905).
- CVE-2024-20932: Fixed an incorrect handling of ZIP files with
duplicate entries (bsc#1218908).
- CVE-2024-20945: Fixed a potential private key leak through debug
logs (bsc#1218909).
- CVE-2024-20952: Fixed an RSA padding issue and timing side-channel
attack against TLS (bsc#1218911).
Find the full release notes at:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029089.html
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:948-1
Released: Wed Mar 20 15:36:58 2024
Summary: Recommended update for java-17-openjdk
Type: recommended
Severity: moderate
References: 1219662
This update for java-17-openjdk fixes the following issues:
- Recommend mozilla-nss-sysinit in order to have available the /etc/pki/nssdb directory and its content, required in
fips mode (bsc#1219662).
- Do not install our crafted nss.fips.cfg file, but use the one that the build produces with our fips.patch applied.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1499-1
Released: Mon May 6 09:44:56 2024
Summary: Security update for java-17-openjdk
Type: security
Severity: low
References: 1213470,1222979,1222983,1222986,1222987,CVE-2024-21011,CVE-2024-21012,CVE-2024-21068,CVE-2024-21094
This update for java-17-openjdk fixes the following issues:
- CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979)
- CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987)
- CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983)
- CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with 'Exceeded _node_regs array' (JDK-8317507,JDK-8325348,bsc#1222986)
Other fixes:
- Update to upstream tag jdk-17.0.11+9 (April 2024 CPU)
* Security fixes
+ JDK-8318340: Improve RSA key implementations
* Other changes
+ JDK-6928542: Chinese characters in RTF are not decoded
+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/
/bug4517214.java fails on MacOS
+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the
combobox popup does not appear.
+ JDK-7167356: (javac) investigate failing tests in
JavacParserTest
+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking
+ JDK-8054572: [macosx] JComboBox paints the border incorrectly
+ JDK-8169475: WheelModifier.java fails by timeout
+ JDK-8205076: [17u] Inet6AddressImpl.c: `lookupIfLocalHost`
accesses `int InetAddress.preferIPv6Address` as a boolean
+ JDK-8209595: MonitorVmStartTerminate.java timed out
+ JDK-8210410: Refactor java.util.Currency:i18n shell tests to
plain java tests
+ JDK-8261404: Class.getReflectionFactory() is not thread-safe
+ JDK-8261837: SIGSEGV in ciVirtualCallTypeData::translate_from
+ JDK-8263256: Test java/net/Inet6Address/serialize/
/Inet6AddressSerializationTest.java fails due to dynamic
reconfigurations of network interface during test
+ JDK-8269258: java/net/httpclient/ManyRequestsLegacy.java
failed with connection timeout
+ JDK-8271118: C2: StressGCM should have higher priority than
frequency-based policy
+ JDK-8271616: oddPart in MutableBigInteger::mutableModInverse
contains info on final result
+ JDK-8272811: Document the effects of building with
_GNU_SOURCE in os_posix.hpp
+ JDK-8272853: improve `JavadocTester.runTests`
+ JDK-8273454: C2: Transform (-a)*(-b) into a*b
+ JDK-8274060: C2: Incorrect computation after JDK-8273454
+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java
fails in Windows 11
+ JDK-8274621: NullPointerException because listenAddress[0] is
null
+ JDK-8274632: Possible pointer overflow in PretouchTask chunk
claiming
+ JDK-8274634: Use String.equals instead of String.compareTo in
java.desktop
+ JDK-8276125: RunThese24H.java SIGSEGV in
JfrThreadGroup::thread_group_id
+ JDK-8278028: [test-library] Warnings cleanup of the test
library
+ JDK-8278312: Update SimpleSSLContext keystore to use SANs for
localhost IP addresses
+ JDK-8278363: Create extented container test groups
+ JDK-8280241: (aio) AsynchronousSocketChannel init fails in
IPv6 only Windows env
+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/
/ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from
problemlist.
+ JDK-8281543: Remove unused code/headerfile dtraceAttacher.hpp
+ JDK-8281585: Remove unused imports under test/lib and jtreg/gc
+ JDK-8283400: [macos] a11y : Screen magnifier does not reflect
JRadioButton value change
+ JDK-8283626: AArch64: Set relocInfo::offset_unit to 4
+ JDK-8283994: Make Xerces DatatypeException stackless
+ JDK-8286312: Stop mixing signed and unsigned types in bit
operations
+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java fails on mac aarch64
+ JDK-8287832: jdk/jfr/event/runtime/TestActiveSettingEvent.java
failed with 'Expected two batches of Active Setting events'
+ JDK-8288663: JFR: Disabling the JfrThreadSampler commits only
a partially disabled state
+ JDK-8288846: misc tests fail 'assert(ms < 1000) failed:
Un-interruptable sleep, short time use only'
+ JDK-8289764: gc/lock tests failed with 'OutOfMemoryError:
Java heap space: failed reallocation of scalar replaced
objects'
+ JDK-8290041: ModuleDescriptor.hashCode is inconsistent
+ JDK-8290203: ProblemList vmTestbase/nsk/jvmti/scenarios/
/capability/CM03/cm03t001/TestDescription.java on linux-all
+ JDK-8290399: [macos] Aqua LAF does not fire an action event
if combo box menu is displayed
+ JDK-8292458: Atomic operations on scoped enums don't build
with clang
+ JDK-8292946: GC lock/jni/jnilock001 test failed
'assert(gch->gc_cause() == GCCause::_scavenge_alot ||
!gch->incremental_collection_failed()) failed: Twice in a row'
+ JDK-8293117: Add atomic bitset functions
+ JDK-8293547: Add relaxed add_and_fetch for macos aarch64
atomics
+ JDK-8294158: HTML formatting for PassFailJFrame instructions
+ JDK-8294254: [macOS] javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java failure
+ JDK-8294535: Add screen capture functionality to
PassFailJFrame
+ JDK-8295068: SSLEngine throws NPE parsing CertificateRequests
+ JDK-8295124: Atomic::add to pointer type may return wrong
value
+ JDK-8295274: HelidonAppTest.java fails
'assert(event->should_commit()) failed: invariant' from
compiled frame'
+ JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts
+ JDK-8297968: Crash in PrintOptoAssembly
+ JDK-8298087: XML Schema Validation reports an required
attribute twice via ErrorHandler
+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java
failed: ExceptionInInitializerError: target class not found
+ JDK-8300269: The selected item in an editable JComboBox with
titled border is not visible in Aqua LAF
+ JDK-8301306: java/net/httpclient/* fail with -Xcomp
+ JDK-8301310: The SendRawSysexMessage test may cause a JVM
crash
+ JDK-8301787: java/net/httpclient/SpecialHeadersTest failing
after JDK-8301306
+ JDK-8301846: Invalid TargetDataLine after screen lock when
using JFileChooser or COM library
+ JDK-8302017: Allocate BadPaddingException only if it will be
thrown
+ JDK-8302149: Speed up compiler/jsr292/methodHandleExceptions/
/TestAMEnotNPE.java
+ JDK-8303605: Memory leaks in Metaspace gtests
+ JDK-8304074: [JMX] Add an approximation of total bytes
allocated on the Java heap by the JVM
+ JDK-8304696: Duplicate class names in dynamicArchive tests
can lead to test failure
+ JDK-8305356: Fix ignored bad CompileCommands in tests
+ JDK-8305900: Use loopback IP addresses in security policy
files of httpclient tests
+ JDK-8305906: HttpClient may use incorrect key when finding
pooled HTTP/2 connection for IPv6 address
+ JDK-8305962: update jcstress to 0.16
+ JDK-8305972: Update XML Security for Java to 3.0.2
+ JDK-8306014: Update javax.net.ssl TLS tests to use
SSLContextTemplate or SSLEngineTemplate
+ JDK-8306408: Fix the format of several tables in building.md
+ JDK-8307185: pkcs11 native libraries make JNI calls into java
code while holding GC lock
+ JDK-8307926: Support byte-sized atomic bitset operations
+ JDK-8307955: Prefer to PTRACE_GETREGSET instead of
PTRACE_GETREGS in method 'ps_proc.c::process_get_lwp_regs'
+ JDK-8307990: jspawnhelper must close its writing side of a
pipe before reading from it
+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC
while allocating
+ JDK-8308245: Add -proc:full to describe current default
annotation processing policy
+ JDK-8308336: Test java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use
+ JDK-8309302: java/net/Socket/Timeouts.java fails with
AssertionError on test temporal post condition
+ JDK-8309305: sun/security/ssl/SSLSocketImpl/
/BlockedAsyncClose.java fails with jtreg test timeout
+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/
/agentthr001/TestDescription.java crashing due to empty while
loop
+ JDK-8309733: [macOS, Accessibility] VoiceOver: Incorrect
announcements of JRadioButton
+ JDK-8309870: Using -proc:full should be considered requesting
explicit annotation processing
+ JDK-8310106: sun.security.ssl.SSLHandshake
.getHandshakeProducer() incorrectly checks handshakeConsumers
+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails
+ JDK-8310380: Handle problems in core-related tests on macOS
when codesign tool does not work
+ JDK-8310631: test/jdk/sun/nio/cs/TestCharsetMapping.java is
spuriously passing
+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
timed out
+ JDK-8310838: Correct range notations in MethodTypeDesc
specification
+ JDK-8310844: [AArch64] C1 compilation fails because monitor
offset in OSR buffer is too large for immediate
+ JDK-8310923: Refactor Currency tests to use JUnit
+ JDK-8311081: KeytoolReaderP12Test.java fail on localized
Windows platform
+ JDK-8311160: [macOS, Accessibility] VoiceOver: No
announcements on JRadioButtonMenuItem and JCheckBoxMenuItem
+ JDK-8311581: Remove obsolete code and comments in TestLVT.java
+ JDK-8311645: Memory leak in jspawnhelper spawnChild after
JDK-8307990
+ JDK-8311986: Disable runtime/os/TestTracePageSizes.java for
ShenandoahGC
+ JDK-8312428: PKCS11 tests fail with NSS 3.91
+ JDK-8312434: SPECjvm2008/xml.transform with CDS fails with
'can't seal package nu.xom'
+ JDK-8313081: MonitoringSupport_lock should be unconditionally
initialized after 8304074
+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in
makefiles
+ JDK-8313206: PKCS11 tests silently skip execution
+ JDK-8313575: Refactor PKCS11Test tests
+ JDK-8313621: test/jdk/jdk/internal/math/FloatingDecimal/
/TestFloatingDecimal should use RandomFactory
+ JDK-8313643: Update HarfBuzz to 8.2.2
+ JDK-8313816: Accessing jmethodID might lead to spurious
crashes
+ JDK-8314164: java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fails intermittently
in timeout
+ JDK-8314220: Configurable InlineCacheBuffer size
+ JDK-8314830: runtime/ErrorHandling/ tests ignore external VM
flags
+ JDK-8315034: File.mkdirs() occasionally fails to create
folders on Windows shared folder
+ JDK-8315042: NPE in PKCS7.parseOldSignedData
+ JDK-8315594: Open source few headless Swing misc tests
+ JDK-8315600: Open source few more headless Swing misc tests
+ JDK-8315602: Open source swing security manager test
+ JDK-8315611: Open source swing text/html and tree test
+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should
run with -Xbatch
+ JDK-8315731: Open source several Swing Text related tests
+ JDK-8315761: Open source few swing JList and JMenuBar tests
+ JDK-8315920: C2: 'control input must dominate current
control' assert failure
+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/
/bug4654927.java: component must be showing on the screen to
determine its location
+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use
createTestJvm
+ JDK-8316028: Update FreeType to 2.13.2
+ JDK-8316030: Update Libpng to 1.6.40
+ JDK-8316106: Open source few swing JInternalFrame and
JMenuBar tests
+ JDK-8316304: (fs) Add support for BasicFileAttributes
.creationTime() for Linux
+ JDK-8316392: compiler/interpreter/
/TestVerifyStackAfterDeopt.java failed with SIGBUS in
PcDescContainer::find_pc_desc_internal
+ JDK-8316414: C2: large byte array clone triggers 'failed:
malformed control flow' assertion failure on linux-x86
+ JDK-8316415: Parallelize
sun/security/rsa/SignedObjectChain.java subtests
+ JDK-8316418: containers/docker/TestMemoryWithCgroupV1.java
get OOM killed with Parallel GC
+ JDK-8316445: Mark com/sun/management/HotSpotDiagnosticMXBean/
/CheckOrigin.java as vm.flagless
+ JDK-8316679: C2 SuperWord: wrong result, load should not be
moved before store if not comparable
+ JDK-8316693: Simplify at-requires checkDockerSupport()
+ JDK-8316929: Shenandoah: Shenandoah degenerated GC and full
GC need to cleanup old OopMapCache entries
+ JDK-8316947: Write a test to check textArea triggers
MouseEntered/MouseExited events properly
+ JDK-8317039: Enable specifying the JDK used to run jtreg
+ JDK-8317144: Exclude sun/security/pkcs11/sslecc/
/ClientJSSEServerJSSE.java on Linux ppc64le
+ JDK-8317307: test/jdk/com/sun/jndi/ldap/
/LdapPoolTimeoutTest.java fails with ConnectException:
Connection timed out: no further information
+ JDK-8317603: Improve exception messages thrown by
sun.nio.ch.Net native methods (win)
+ JDK-8317771: [macos14] Expand/collapse a JTree using keyboard
freezes the application in macOS 14 Sonoma
+ JDK-8317807: JAVA_FLAGS removed from jtreg running in
JDK-8317039
+ JDK-8317960: [17u] Excessive CPU usage on
AbstractQueuedSynchronized.isEnqueued
+ JDK-8318154: Improve stability of WheelModifier.java test
+ JDK-8318183: C2: VM may crash after hitting node limit
+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/
/BootClassPathTest.sh fails on Japanese Windows
+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails
with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1
+ JDK-8318490: Increase timeout for JDK tests that are close to
the limit when run with libgraal
+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java
+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni
tests
+ JDK-8318608: Enable parallelism in
vmTestbase/nsk/stress/threads tests
+ JDK-8318689: jtreg is confused when folder name is the same
as the test name
+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with
'transport error 202: bind failed: Address already in use'
+ JDK-8318951: Additional negative value check in JPEG decoding
+ JDK-8318955: Add ReleaseIntArrayElements in
Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to
early return
+ JDK-8318957: Enhance agentlib:jdwp help output by info about
allow option
+ JDK-8318961: increase javacserver connection timeout values
and max retry attempts
+ JDK-8318971: Better Error Handling for Jar Tool When
Processing Non-existent Files
+ JDK-8318983: Fix comment typo in PKCS12Passwd.java
+ JDK-8319124: Update XML Security for Java to 3.0.3
+ JDK-8319213: Compatibility.java reads both stdout and stderr
of JdkUtils
+ JDK-8319436: Proxy.newProxyInstance throws NPE if loader is
null and interface not visible from class loader
+ JDK-8319456: jdk/jfr/event/gc/collection/
/TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker
Initiated GC' not in the valid causes
+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh
+ JDK-8319922: libCreationTimeHelper.so fails to link in JDK 21
+ JDK-8319961: JvmtiEnvBase doesn't zero _ext_event_callbacks
+ JDK-8320001: javac crashes while adding type annotations to
the return type of a constructor
+ JDK-8320168: handle setsocktopt return values
+ JDK-8320208: Update Public Suffix List to b5bf572
+ JDK-8320300: Adjust hs_err output in malloc/mmap error cases
+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks
wrong, missed optimization opportunity
+ JDK-8320597: RSA signature verification fails on signed data
that does not encode params correctly
+ JDK-8320798: Console read line with zero out should zero out
underlying buffer
+ JDK-8320885: Bump update version for OpenJDK: jdk-17.0.11
+ JDK-8320921: GHA: Parallelize hotspot_compiler test jobs
+ JDK-8320937: support latest VS2022 MSC_VER in
abstract_vm_version.cpp
+ JDK-8321151: JDK-8294427 breaks Windows L&F on all older
Windows versions
+ JDK-8321215: Incorrect x86 instruction encoding for VSIB
addressing mode
+ JDK-8321408: Add Certainly roots R1 and E1
+ JDK-8321480: ISO 4217 Amendment 176 Update
+ JDK-8321599: Data loss in AVX3 Base64 decoding
+ JDK-8321815: Shenandoah: gc state should be synchronized to
java threads only once per safepoint
+ JDK-8321972: test runtime/Unsafe/InternalErrorTest.java
timeout on linux-riscv64 platform
+ JDK-8322098: os::Linux::print_system_memory_info enhance the
THP output with
/sys/kernel/mm/transparent_hugepage/hpage_pmd_size
+ JDK-8322321: Add man page doc for -XX:+VerifySharedSpaces
+ JDK-8322417: Console read line with zero out should zero out
when throwing exception
+ JDK-8322583: RISC-V: Enable fast class initialization checks
+ JDK-8322725: (tz) Update Timezone Data to 2023d
+ JDK-8322750: Test 'api/java_awt/interactive/
/SystemTrayTests.html' failed because A blue ball icon is
added outside of the system tray
+ JDK-8322772: Clean up code after JDK-8322417
+ JDK-8322783: prioritize /etc/os-release over
/etc/SuSE-release in hs_err/info output
+ JDK-8322968: [17u] Amend Atomics gtest with 1-byte tests
+ JDK-8323008: filter out harmful -std* flags added by autoconf
from CXX
+ JDK-8323021: Shenandoah: Encountered reference count always
attributed to first worker thread
+ JDK-8323086: Shenandoah: Heap could be corrupted by oom
during evacuation
+ JDK-8323243: JNI invocation of an abstract instance method
corrupts the stack
+ JDK-8323331: fix typo hpage_pdm_size
+ JDK-8323428: Shenandoah: Unused memory in regions compacted
during a full GC should be mangled
+ JDK-8323515: Create test alias 'all' for all test roots
+ JDK-8323637: Capture hotspot replay files in GHA
+ JDK-8323640: [TESTBUG]testMemoryFailCount in
jdk/internal/platform/docker/TestDockerMemoryMetrics.java
always fail because OOM killed
+ JDK-8323806: [17u] VS2017 build fails with warning after
8293117.
+ JDK-8324184: Windows VS2010 build failed with 'error C2275:
'int64_t''
+ JDK-8324280: RISC-V: Incorrect implementation in
VM_Version::parse_satp_mode
+ JDK-8324347: Enable 'maybe-uninitialized' warning for
FreeType 2.13.1
+ JDK-8324514: ClassLoaderData::print_on should print address
of class loader
+ JDK-8324647: Invalid test group of lib-test after JDK-8323515
+ JDK-8324659: GHA: Generic jtreg errors are not reported
+ JDK-8324937: GHA: Avoid multiple test suites per job
+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/
/AKISerialNumber.java is failing
+ JDK-8325150: (tz) Update Timezone Data to 2024a
+ JDK-8325585: Remove no longer necessary calls to
set/unset-in-asgct flag in JDK 17
+ JDK-8326000: Remove obsolete comments for class
sun.security.ssl.SunJSSE
+ JDK-8327036: [macosx-aarch64] SIGBUS in
MarkActivationClosure::do_code_blob reached from
Unsafe_CopySwapMemory0
+ JDK-8327391: Add SipHash attribution file
+ JDK-8329836: [17u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.11
- Removed the possibility to use the system timezone-java (bsc#1213470).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2628-1
Released: Tue Jul 30 09:09:07 2024
Summary: Security update for java-17-openjdk
Type: security
Severity: important
References: 1227298,1228046,1228047,1228048,1228051,1228052,CVE-2024-21131,CVE-2024-21138,CVE-2024-21140,CVE-2024-21145,CVE-2024-21147
This update for java-17-openjdk fixes the following issues:
Updated to version 17.0.12+7 (July 2024 CPU):
- CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046).
- CVE-2024-21138: Fixed an infinite loop due to excessive symbol
length (bsc#1228047).
- CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check
Elimination (bsc#1228048).
- CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling
(bsc#1228052).
- CVE-2024-21145: Fixed an index overflow in RangeCheckElimination
(bsc#1228051).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3963-1
Released: Sat Nov 9 17:39:08 2024
Summary: Security update for java-17-openjdk
Type: security
Severity: moderate
References: 1231702,1231711,1231716,1231719,CVE-2024-21208,CVE-2024-21210,CVE-2024-21217,CVE-2024-21235
This update for java-17-openjdk fixes the following issues:
- Update to upstream tag jdk-17.0.13+11 (October 2024 CPU)
* Security fixes
+ JDK-8307383: Enhance DTLS connections
+ JDK-8290367, JDK-8332643: Update default value and extend the
scope of com.sun.jndi.ldap.object.trustSerialData system property
+ JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client
+ JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization
+ JDK-8328726: Better Kerberos support
+ JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support
+ JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations
+ JDK-8335713: Enhance vectorization analysis
* Other changes
+ JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/
/ReadLongZipFileName.java leaks files if it fails
+ JDK-7026262: HttpServer: improve handling of finished HTTP exchanges
+ JDK-7124313: [macosx] Swing Popups should overlap taskbar
+ JDK-8005885: enhance PrintCodeCache to print more data
+ JDK-8051959: Add thread and timestamp options to
java.security.debug system property
+ JDK-8170817: G1: Returning MinTLABSize from
unsafe_max_tlab_alloc causes TLAB flapping
+ JDK-8183227: read/write APIs in class os shall return ssize_t
+ JDK-8193547: Regression automated test '/open/test/jdk/java/
/awt/Toolkit/DesktopProperties/rfe4758438.java' fails
+ JDK-8222884: ConcurrentClassDescLookup.java times out intermittently
+ JDK-8233725: ProcessTools.startProcess() has output issues
when using an OutputAnalyzer at the same time
+ JDK-8238169: BasicDirectoryModel getDirectories and
DoChangeContents.run can deadlock
+ JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due
to 'BindException: Address already in use'
+ JDK-8255898: Test java/awt/FileDialog/FilenameFilterTest/
/FilenameFilterTest.java fails on Mac OS
+ JDK-8256291: RunThese30M fails 'assert(_class_unload ? true :
((((JfrTraceIdBits::load(class_loader_klass)) &
((1 << 4) << 8)) != 0))) failed: invariant'
+ JDK-8257540: javax/swing/JFileChooser/8041694/bug8041694.java
failed with 'RuntimeException: The selected directory name is
not the expected 'd ' but 'D '.'
+ JDK-8259866: two java.util tests failed with 'IOException:
There is not enough space on the disk'
+ JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/
/MouseEventAfterStartDragTest.html test failed
+ JDK-8261433: Better pkcs11 performance for
libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit
+ JDK-8263031: HttpClient throws Exception if it receives a
Push Promise that is too large
+ JDK-8265919: RunThese30M fails
'assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8))
!= 0))))) failed: invariant'
+ JDK-8269428: java/util/concurrent/ConcurrentHashMap/
/ToArray.java timed out
+ JDK-8269657: Test java/nio/channels/DatagramChannel/
/Loopback.java failed: Unexpected message
+ JDK-8272232: javax/swing/JTable/4275046/bug4275046.java
failed with 'Expected value in the cell: 'rededited' but found
'redEDITED'.'
+ JDK-8272558: IR Test Framework README misses some flags
+ JDK-8272777: Clean up remaining AccessController warnings in test library
+ JDK-8273216: JCMD does not work across container boundaries with Podman
+ JDK-8273430: Suspicious duplicate condition in
java.util.regex.Grapheme#isExcludedSpacingMark
+ JDK-8273541: Cleaner Thread creates with normal priority
instead of MAX_PRIORITY - 2
+ JDK-8275851: Deproblemlist open/test/jdk/javax/swing/
/JComponent/6683775/bug6683775.java
+ JDK-8276660: Scalability bottleneck in
java.security.Provider.getService()
+ JDK-8277042: add test for 8276036 to compiler/codecache
+ JDK-8279068: IGV: Update to work with JDK 16 and 17
+ JDK-8279164: Disable TLS_ECDH_* cipher suites
+ JDK-8279222: Incorrect legacyMap.get in
java.security.Provider after JDK-8276660
+ JDK-8279337: The MToolkit is still referenced in a few places
+ JDK-8279641: Create manual JTReg tests for Swing accessibility
+ JDK-8279878: java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10
+ JDK-8280034: ProblemList jdk/jfr/api/consumer/recordingstream/
/TestOnEvent.java on linux-x64
+ JDK-8280392: java/awt/Focus/NonFocusableWindowTest/
/NonfocusableOwnerTest.java failed with 'RuntimeException: Test failed.'
+ JDK-8280970: Cleanup dead code in java.security.Provider
+ JDK-8280982: [Wayland] [XWayland] java.awt.Robot taking screenshots
+ JDK-8280988: [XWayland] Click on title to request focus test failures
+ JDK-8280990: [XWayland] XTest emulated mouse click does not
bring window to front
+ JDK-8280993: [XWayland] Popup is not closed on click outside
of area controlled by XWayland
+ JDK-8280994: [XWayland] Drag and Drop does not work in java
-> wayland app direction
+ JDK-8281944: JavaDoc throws java.lang.IllegalStateException: ERRONEOUS
+ JDK-8282354: Remove dependancy of TestHttpServer,
HttpTransaction, HttpCallback from open/test/jdk/ tests
+ JDK-8282526: Default icon is not painted properly
+ JDK-8283728: jdk.hotspot.agent: Wrong location for
RISCV64ThreadContext.java
+ JDK-8284316: Support accessibility ManualTestFrame.java for
non SwingSet tests
+ JDK-8284585: PushPromiseContinuation test fails
intermittently in timeout
+ JDK-8285497: Add system property for Java SE specification
maintenance version
+ JDK-8288568: Reduce runtime of java.security microbenchmarks
+ JDK-8289182: NMT: MemTracker::baseline should return void
+ JDK-8290966: G1: Record number of PLAB filled and number of
direct allocations
+ JDK-8291760: PipelineLeaksFD.java still fails: More or fewer
pipes than expected
+ JDK-8292044: HttpClient doesn't handle 102 or 103 properly
+ JDK-8292739: Invalid legacy entries may be returned by
Provider.getServices() call
+ JDK-8292948: JEditorPane ignores font-size styles in external
linked css-file
+ JDK-8293862: javax/swing/JFileChooser/8046391/bug8046391.java
failed with 'Cannot invoke
'java.awt.Image.getWidth(java.awt.image.ImageObserver)'
because 'retVal' is null'
+ JDK-8293872: Make runtime/Thread/ThreadCountLimit.java more robust
+ JDK-8294148: Support JSplitPane for instructions and test UI
+ JDK-8294691: dynamicArchive/RelativePath.java is running
other test case
+ JDK-8294994: Update Jarsigner and Keytool i18n tests to
validate i18n compliance
+ JDK-8295111: dpkg appears to have problems resolving
symbolically linked native libraries
+ JDK-8296410: HttpClient throws java.io.IOException: no
statuscode in response for HTTP2
+ JDK-8296812: sprintf is deprecated in Xcode 14
+ JDK-8297878: KEM: Implementation
+ JDK-8298381: Improve handling of session tickets for multiple SSLContexts
+ JDK-8298596: vmTestbase/nsk/sysdict/vm/stress/chain/chain008/
/chain008.java fails with 'NoClassDefFoundError: Could not
initialize class java.util.concurrent.ThreadLocalRandom'
+ JDK-8298809: Clean up vm/compiler/InterfaceCalls JMH
+ JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl
when connection is idle
+ JDK-8299254: Support dealing with standard assert macro
+ JDK-8299378: sprintf is deprecated in Xcode 14
+ JDK-8299395: Remove metaprogramming/removeCV.hpp
+ JDK-8299396: Remove metaprogramming/removeExtent.hpp
+ JDK-8299397: Remove metaprogramming/isFloatingPoint.hpp
+ JDK-8299398: Remove metaprogramming/isConst.hpp
+ JDK-8299399: Remove metaprogramming/isArray.hpp
+ JDK-8299402: Remove metaprogramming/isVolatile.hpp
+ JDK-8299479: Remove metaprogramming/decay.hpp
+ JDK-8299481: Remove metaprogramming/removePointer.hpp
+ JDK-8299482: Remove metaprogramming/isIntegral.hpp
+ JDK-8299487: Test java/net/httpclient/whitebox/
/SSLTubeTestDriver.java timed out
+ JDK-8299635: Hotspot update for deprecated sprintf in Xcode 14
+ JDK-8299779: Test tools/jpackage/share/jdk/jpackage/tests/
/MainClassTest.java timed out
+ JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java
fails with jtreg test timeout due to lost datagram
+ JDK-8299971: Remove metaprogramming/conditional.hpp
+ JDK-8299972: Remove metaprogramming/removeReference.hpp
+ JDK-8300169: Build failure with clang-15
+ JDK-8300260: Remove metaprogramming/isSame.hpp
+ JDK-8300264: Remove metaprogramming/isPointer.hpp
+ JDK-8300265: Remove metaprogramming/isSigned.hpp
+ JDK-8300806: Update googletest to v1.13.0
+ JDK-8300910: Remove metaprogramming/integralConstant.hpp
+ JDK-8301132: Test update for deprecated sprintf in Xcode 14
+ JDK-8301200: Don't scale timeout stress with timeout factor
+ JDK-8301274: update for deprecated sprintf for security components
+ JDK-8301279: update for deprecated sprintf for management components
+ JDK-8301686: TLS 1.3 handshake fails if server_name doesn't
match resuming session
+ JDK-8301704: Shorten the number of GCs in UnloadingTest.java
to verify a class loader not being unloaded
+ JDK-8302495: update for deprecated sprintf for java.desktop
+ JDK-8302800: Augment NaN handling tests of FDLIBM methods
+ JDK-8303216: Prefer ArrayList to LinkedList in
sun.net.httpserver.ServerImpl
+ JDK-8303466: C2: failed: malformed control flow. Limit type
made precise with MaxL/MinL
+ JDK-8303527: update for deprecated sprintf for
jdk.hotspot.agent
+ JDK-8303617: update for deprecated sprintf for jdk.jdwp.agent
+ JDK-8303830: update for deprecated sprintf for
jdk.accessibility
+ JDK-8303891: Speed up Zip64SizeTest using a small ZIP64 file
+ JDK-8303920: Avoid calling out to python in
DataDescriptorSignatureMissing test
+ JDK-8303942: os::write should write completely
+ JDK-8303965: java.net.http.HttpClient should reset the stream
if response headers contain malformed header fields
+ JDK-8304375: jdk/jfr/api/consumer/filestream/TestOrdered.java
failed with 'Expected at least some events to be out of order!
Reuse = false'
+ JDK-8304962: sun/net/www/http/KeepAliveCache/B5045306.java:
java.lang.RuntimeException: Failed: Initial Keep Alive
Connection is not being reused
+ JDK-8304963: HttpServer closes connection after processing
HEAD after JDK-7026262
+ JDK-8305072: Win32ShellFolder2.compareTo is inconsistent
+ JDK-8305079: Remove finalize() from compiler/c2/Test719030
+ JDK-8305081: Remove finalize() from
test/hotspot/jtreg/compiler/runtime/Test8168712
+ JDK-8305825: getBounds API returns wrong value resulting in
multiple Regression Test Failures on Ubuntu 23.04
+ JDK-8305959: x86: Improve itable_stub
+ JDK-8306583: Add JVM crash check in CDSTestUtils.executeAndLog
+ JDK-8306929: Avoid CleanClassLoaderDataMetaspaces safepoints
when previous versions are shared
+ JDK-8306946: jdk/test/lib/process/
/ProcessToolsStartProcessTest.java fails with 'wrong number of
lines in OutputAnalyzer output'
+ JDK-8307091: A few client tests intermittently throw
ConcurrentModificationException
+ JDK-8307193: Several Swing jtreg tests use class.forName on
L&F classes
+ JDK-8307352: AARCH64: Improve itable_stub
+ JDK-8307448: Test RedefineSharedClassJFR fail due to wrong assumption
+ JDK-8307779: Relax the java.awt.Robot specification
+ JDK-8307848: update for deprecated sprintf for jdk.attach
+ JDK-8307850: update for deprecated sprintf for jdk.jdi
+ JDK-8308022: update for deprecated sprintf for java.base
+ JDK-8308144: Uncontrolled memory consumption in
SSLFlowDelegate.Reader
+ JDK-8308184: Launching java with large number of jars in
classpath with java.protocol.handler.pkgs system property set
can lead to StackOverflowError
+ JDK-8308801: update for deprecated sprintf for libnet in java.base
+ JDK-8308891: TestCDSVMCrash.java needs @requires vm.cds
+ JDK-8309241: ClassForNameLeak fails intermittently as the
class loader hasn't been unloaded
+ JDK-8309621: [XWayland][Screencast] screen capture failure
with sun.java2d.uiScale other than 1
+ JDK-8309703: AIX build fails after JDK-8280982
+ JDK-8309756: Occasional crashes with pipewire screen capture on Wayland
+ JDK-8309934: Update GitHub Actions to use JDK 17 for building jtreg
+ JDK-8310070: Test:
javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out
+ JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when
EnableJVMCI is specified
+ JDK-8310201: Reduce verbose locale output in -XshowSettings
launcher option
+ JDK-8310334: [XWayland][Screencast] screen capture error
message in debug
+ JDK-8310628: GcInfoBuilder.c missing JNI Exception checks
+ JDK-8310683: Refactor StandardCharset/standard.java to use JUnit
+ JDK-8311208: Improve CDS Support
+ JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin
+ JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved
+ JDK-8312140: jdk/jshell tests failed with JDI socket timeouts
+ JDK-8312229: Crash involving yield, switch and anonymous classes
+ JDK-8313256: Exclude failing multicast tests on AIX
+ JDK-8313394: Array Elements in OldObjectSample event has the
incorrect description
+ JDK-8313674: (fc) java/nio/channels/FileChannel/
/BlockDeviceSize.java should test for more block devices
+ JDK-8313697: [XWayland][Screencast] consequent getPixelColor
calls are slow
+ JDK-8313873: java/nio/channels/DatagramChannel/
/SendReceiveMaxSize.java fails on AIX due to small default
RCVBUF size and different IPv6 Header interpretation
+ JDK-8313901: [TESTBUG] test/hotspot/jtreg/compiler/codecache/
/CodeCacheFullCountTest.java fails with
java.lang.VirtualMachineError
+ JDK-8314476: TestJstatdPortAndServer.java failed with
'java.rmi.NoSuchObjectException: no such object in table'
+ JDK-8314614: jdk/jshell/ImportTest.java failed with
'InternalError: Failed remote listen'
+ JDK-8314837: 5 compiled/codecache tests ignore VM flags
+ JDK-8315024: Vector API FP reduction tests should not test
for exact equality
+ JDK-8315362: NMT: summary diff reports threads count incorrectly
+ JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl
+ JDK-8315437: Enable parallelism in
vmTestbase/nsk/monitoring/stress/classload tests
+ JDK-8315442: Enable parallelism in
vmTestbase/nsk/monitoring/stress/thread tests
+ JDK-8315559: Delay TempSymbol cleanup to avoid symbol table churn
+ JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java
fails after JDK-8314837
+ JDK-8315651: Stop hiding AIX specific multicast socket errors
via NetworkConfiguration (aix)
+ JDK-8315684: Parallelize
sun/security/util/math/TestIntegerModuloP.java
+ JDK-8315774: Enable parallelism in vmTestbase/gc/g1/unloading tests
+ JDK-8315804: Open source several Swing JTabbedPane JTextArea
JTextField tests
+ JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test
+ JDK-8315965: Open source various AWT applet tests
+ JDK-8316104: Open source several Swing SplitPane and
RadioButton related tests
+ JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java
java.lang.Exception: Could not find leak
+ JDK-8316211: Open source several manual applet tests
+ JDK-8316240: Open source several add/remove MenuBar manual tests
+ JDK-8316285: Opensource JButton manual tests
+ JDK-8316306: Open source and convert manual Swing test
+ JDK-8316328: Test jdk/jfr/event/oldobject/
/TestSanityDefault.java times out for some heap sizes
+ JDK-8316387: Exclude more failing multicast tests on AIX
after JDK-8315651
+ JDK-8316389: Open source few AWT applet tests
+ JDK-8316468: os::write incorrectly handles partial write
+ JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm
+ JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java
+ JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm
+ JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java:
Press on the outside area didn't cause ungrab
+ JDK-8317316: G1: Make TestG1PercentageOptions use
createTestJvm
+ JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm
+ JDK-8317358: G1: Make TestMaxNewSize use createTestJvm
+ JDK-8317360: Missing null checks in JfrCheckpointManager and
JfrStringPool initialization routines
+ JDK-8317372: Refactor some NumberFormat tests to use JUnit
+ JDK-8317635: Improve GetClassFields test to verify
correctness of field order
+ JDK-8317831: compiler/codecache/CheckLargePages.java fails on
OL 8.8 with unexpected memory string
+ JDK-8318039: GHA: Bump macOS and Xcode versions
+ JDK-8318089: Class space not marked as such with NMT when CDS is off
+ JDK-8318474: Fix memory reporter for thread_count
+ JDK-8318479: [jmh] the test security.CacheBench failed for
multiple threads run
+ JDK-8318605: Enable parallelism in
vmTestbase/nsk/stress/stack tests
+ JDK-8318696: Do not use LFS64 symbols on Linux
+ JDK-8318986: Improve GenericWaitBarrier performance
+ JDK-8319103: Popups that request focus are not shown on Linux with Wayland
+ JDK-8319197: Exclude hb-subset and hb-style from compilation
+ JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates
+ JDK-8319713: Parallel: Remove
PSAdaptiveSizePolicy::should_full_GC
+ JDK-8320079: The ArabicBox.java test has no control buttons
+ JDK-8320379: C2: Sort spilling/unspilling sequence for better
ld/st merging into ldp/stp on AArch64
+ JDK-8320602: Lock contention in SchemaDVFactory.getInstance()
+ JDK-8320608: Many jtreg printing tests are missing the
@printer keyword
+ JDK-8320655: awt screencast robot spin and sync issues with
native libpipewire api
+ JDK-8320692: Null icon returned for .exe without custom icon
+ JDK-8320945: problemlist tests failing on latest Windows 11 update
+ JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2
+ JDK-8321176: [Screencast] make a second attempt on screencast failure
+ JDK-8321220: JFR: RecordedClass reports incorrect modifiers
+ JDK-8322008: Exclude some CDS tests from running with -Xshare:off
+ JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC
+ JDK-8322726: C2: Unloaded signature class kills argument value
+ JDK-8322971: KEM.getInstance() should check if a 3rd-party
security provider is signed
+ JDK-8323122: AArch64: Increase itable stub size estimate
+ JDK-8323584: AArch64: Unnecessary ResourceMark in
NativeCall::set_destination_mt_safe
+ JDK-8323670: A few client tests intermittently throw
ConcurrentModificationException
+ JDK-8323801: <s> tag doesn't strikethrough the text
+ JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max
limit on macOS >= 10.6 for RLIMIT_NOFILE
+ JDK-8324646: Avoid Class.forName in SecureRandom constructor
+ JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG
+ JDK-8324668: JDWP process management needs more efficient
file descriptor handling
+ JDK-8324753: [AIX] adjust os_posix after JDK-8318696
+ JDK-8324755: Enable parallelism in
vmTestbase/gc/gctests/LargeObjects tests
+ JDK-8324933: ConcurrentHashTable::statistics_calculate
synchronization is expensive
+ JDK-8325022: Incorrect error message on client authentication
+ JDK-8325179: Race in BasicDirectoryModel.validateFileCache
+ JDK-8325194: GHA: Add macOS M1 testing
+ JDK-8325384: sun/security/ssl/SSLSessionImpl/
/ResumptionUpdateBoundValues.java failing intermittently when
main thread is a virtual thread
+ JDK-8325444: GHA: JDK-8325194 causes a regression
+ JDK-8325567: jspawnhelper without args fails with segfault
+ JDK-8325620: HTMLReader uses ConvertAction instead of
specified CharacterAction for <b>, <i>, <u>
+ JDK-8325621: Improve jspawnhelper version checks
+ JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes
survive minor garbage collections
+ JDK-8326106: Write and clear stack trace table outside of safepoint
+ JDK-8326332: Unclosed inline tags cause misalignment in
summary tables
+ JDK-8326446: The User and System of jdk.CPULoad on Apple M1 are inaccurate
+ JDK-8326734: text-decoration applied to <span> lost when
mixed with <u> or <s>
+ JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails
+ JDK-8327137: Add test for ConcurrentModificationException in
BasicDirectoryModel
+ JDK-8327312: [17u] Problem list
ReflectionCallerCacheTest.java due to 8324978
+ JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java
on all platforms with ZGC
+ JDK-8327650: Test java/nio/channels/DatagramChannel/
/StressNativeSignal.java timed out
+ JDK-8327787: Convert javax/swing/border/Test4129681.java
applet test to main
+ JDK-8327840: Automate javax/swing/border/Test4129681.java
+ JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/
/GetBoundsResizeTest.java applet test to main
+ JDK-8328075: Shenandoah: Avoid forwarding when objects don't
move in full-GC
+ JDK-8328110: Allow simultaneous use of PassFailJFrame with
split UI and additional windows
+ JDK-8328115: Convert java/awt/font/TextLayout/
/TestJustification.html applet test to main
+ JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest
to automatic main test
+ JDK-8328218: Delete test
java/awt/Window/FindOwner/FindOwner.html
+ JDK-8328234: Remove unused nativeUtils files
+ JDK-8328238: Convert few closed manual applet tests to main
+ JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful
+ JDK-8328273: sun/management/jmxremote/bootstrap/
/RmiRegistrySslTest.java failed with
java.rmi.server.ExportException: Port already in use
+ JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/
/ClickDuringKeypress.java imports Applet
+ JDK-8328561: test java/awt/Robot/ManualInstructions/
/ManualInstructions.java isn't used
+ JDK-8328642: Convert applet test
MouseDraggedOutCauseScrollingTest.html to main
+ JDK-8328647: TestGarbageCollectorMXBean.java fails with
C1-only and -Xcomp
+ JDK-8328896: Fontmetrics for large Fonts has zero width
+ JDK-8328953: JEditorPane.read throws ChangedCharSetException
+ JDK-8328999: Update GIFlib to 5.2.2
+ JDK-8329004: Update Libpng to 1.6.43
+ JDK-8329103: assert(!thread->in_asgct()) failed during
multi-mode profiling
+ JDK-8329109: Threads::print_on() tries to print CPU time for
terminated GC threads
+ JDK-8329126: No native wrappers generated anymore with
-XX:-TieredCompilation after JDK-8251462
+ JDK-8329134: Reconsider TLAB zapping
+ JDK-8329510: Update ProblemList for
JFileChooser/8194044/FileSystemRootTest.java
+ JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed
because The End and Start buttons are not placed correctly and
Tab focus does not move as expected
+ JDK-8329605: hs errfile generic events - move memory
protections and nmethod flushes to separate sections
+ JDK-8329663: hs_err file event log entry for thread
adding/removing should print current thread
+ JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771
+ JDK-8329995: Restricted access to `/proc` can cause JFR
initialization to crash
+ JDK-8330063: Upgrade jQuery to 3.7.1
+ JDK-8330524: Linux ppc64le compile warning with clang in os_linux_ppc.cpp
+ JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)
+ JDK-8330615: avoid signed integer overflows in zip_util.c
readCen / hashN
+ JDK-8331011: [XWayland] TokenStorage fails under Security Manager
+ JDK-8331063: Some HttpClient tests don't report leaks
+ JDK-8331077: nroff man page update for jar tool
+ JDK-8331164: createJMHBundle.sh download jars fail when url
needed to be redirected
+ JDK-8331265: Bump update version for OpenJDK: jdk-17.0.13
+ JDK-8331331: :tier1 target explanation in doc/testing.md is incorrect
+ JDK-8331466: Problemlist serviceability/dcmd/gc/
/RunFinalizationTest.java on generic-all
+ JDK-8331605:
jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure
+ JDK-8331746: Create a test to verify that the cmm id is not ignored
+ JDK-8331798: Remove unused arg of checkErgonomics() in
TestMaxHeapSizeTools.java
+ JDK-8331885: C2: meet between unloaded and speculative types
is not symmetric
+ JDK-8332008: Enable issuestitle check
+ JDK-8332113: Update nsk.share.Log to be always verbose
+ JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in
ff_Adlm.xml
+ JDK-8332248: (fc) java/nio/channels/FileChannel/
/BlockDeviceSize.java failed with RuntimeException
+ JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16
+ JDK-8332524: Instead of printing 'TLSv1.3,' it is showing 'TLS13'
+ JDK-8332898: failure_handler: log directory of commands
+ JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/
/TestDescription.java fails with no GC's recorded
+ JDK-8333270: HandlersOnComplexResetUpdate and
HandlersOnComplexUpdate tests fail with 'Unexpected reference'
if timeoutFactor is less than 1/3
+ JDK-8333353: Delete extra empty line in CodeBlob.java
+ JDK-8333398: Uncomment the commented test in test/jdk/java/
/util/jar/JarFile/mrjar/MultiReleaseJarAPI.java
+ JDK-8333477: Delete extra empty spaces in Makefiles
+ JDK-8333698: [17u] TestJstatdRmiPort fails after JDK-8333667
+ JDK-8333716: Shenandoah: Check for disarmed method before
taking the nmethod lock
+ JDK-8333724: Problem list security/infra/java/security/cert/
/CertPathValidator/certification/CAInterop.java
#teliasonerarootcav1
+ JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw
an exception with 0 failures
+ JDK-8334166: Enable binary check
+ JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java
should not depend on SecurityManager
+ JDK-8334332: TestIOException.java fails if run by root
+ JDK-8334333: MissingResourceCauseTestRun.java fails if run by root
+ JDK-8334335: [TESTBUG] Backport of 8279164 to 11u & 17u
includes elements of JDK-8163327
+ JDK-8334339: Test java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java fails on alinux3
+ JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14
+ JDK-8334482: Shenandoah: Deadlock when safepoint is pending
during nmethods iteration
+ JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java
fails on linux-aarch64
+ JDK-8334653: ISO 4217 Amendment 177 Update
+ JDK-8334769: Shenandoah: Move CodeCache_lock close to its use
in ShenandoahConcurrentNMethodIterator
+ JDK-8335536: Fix assertion failure in IdealGraphPrinter when
append is true
+ JDK-8335775: Remove extraneous 's' in comment of
rawmonitor.cpp test file
+ JDK-8335808: update for deprecated sprintf for jfrTypeSetUtils
+ JDK-8335918: update for deprecated sprintf for jvmti
+ JDK-8335967: 'text-decoration: none' does not work with 'A' HTML tags
+ JDK-8336301: test/jdk/java/nio/channels/
/AsyncCloseAndInterrupt.java leaves around a FIFO file upon
test completion
+ JDK-8336928: GHA: Bundle artifacts removal broken
+ JDK-8337038: Test java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java shoud set as /native
+ JDK-8337283: configure.log is truncated when build dir is on
different filesystem
+ JDK-8337664: Distrust TLS server certificates issued after
Oct 2024 and anchored by Entrust Root CAs
+ JDK-8337669: [17u] Backport of JDK-8284047 missed to delete a file
+ JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods
are inconsistent with their setVerbose methods
+ JDK-8338696: (fs) BasicFileAttributes.creationTime() falls
back to epoch if birth time is unavailable (Linux)
+ JDK-8339869: [21u] Test CreationTime.java fails with
UnsatisfiedLinkError after 8334339
+ JDK-8341057: Add 2 SSL.com TLS roots
+ JDK-8341059: Change Entrust TLS distrust date to November 12, 2024
+ JDK-8341673: [17u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13
The following package changes have been done:
- java-17-openjdk-headless-17.0.13.0-150400.3.48.2 added
- java-17-openjdk-17.0.13.0-150400.3.48.2 added
- java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 removed
- java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 removed
- libXcomposite1-0.4.4-1.23 removed
- lksctp-tools-1.0.17-150000.3.3.1 removed
More information about the sle-container-updates
mailing list