UbuntuUpdates.org

Package "openjdk-7"

Name: openjdk-7

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Alternative JVM for OpenJDK, using JamVM
  • Java runtime based on OpenJDK (debugging symbols)
  • Java runtime based on OpenJDK (demos and examples)
  • OpenJDK Development Kit (JDK) documentation

Latest version: 7u181-2.6.14-0ubuntu0.3
Release: trusty (14.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "openjdk-7": https://www.ubuntuupdates.org/openjdk-7



Other versions of "openjdk-7" in Trusty

Repository Area Version
base universe 7u51-2.4.6-1ubuntu4
base main 7u51-2.4.6-1ubuntu4
security universe 7u181-2.6.14-0ubuntu0.3
updates main 7u181-2.6.14-0ubuntu0.3
updates universe 7u181-2.6.14-0ubuntu0.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 7u181-2.6.14-0ubuntu0.3 2018-11-15 23:06:11 UTC

  openjdk-7 (7u181-2.6.14-0ubuntu0.3) trusty-security; urgency=medium

  * Apply 7u201-b00 security patches.
  * Security fixes:
    - CVE-2018-3136, S8194534: Manifest better support.
    - CVE-2018-3139, S8196902: Better HTTP redirection support.
    - CVE-2018-3149, S8199177: Enhance JNDI lookups.
    - CVE-2018-3169, S8199226: Improve field accesses.
    - CVE-2018-3180, S8202613: Improve TLS connections stability.
  * debian/patches/jdk-freetypeScaler-crash.diff: removed, it caused
    a memory leak and has been fixed upstream already, albeit in a
    different way. Closes: #910672.
  * debian/patches/jdk-8132985-backport-double-free.patch,
    debian/patches/jdk-8139803-backport-warning.patch: fix crash in
    freetypescaler due to double free, thanks to Heikki Aitakangas for
    the report and patches. (Closes: #911847)
  * debian/rules: run only the hotspot testsuite for jamvm and zero
    alternative vms to make build faster.

 -- Tiago Stürmer Daitx <email address hidden> Thu, 11 Oct 2018 01:47:12 +0000

Source diff to previous version
910672 openjdk-8: Debian patch jdk-freetypeScaler-crash.diff causes a memory leak - Debian Bug report logs
911847 openjdk-8: Backport fix to JDK-8132985: crash in freetypescaler due to double free - Debian Bug report logs
CVE-2018-3136 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE
CVE-2018-3139 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java
CVE-2018-3149 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Ja
CVE-2018-3169 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE:
CVE-2018-3180 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Ja

Version: 7u181-2.6.14-0ubuntu0.2 2018-08-10 01:07:12 UTC

  openjdk-7 (7u181-2.6.14-0ubuntu0.2) trusty-security; urgency=medium

  * Apply 8u181 security backports.
  * Security fixes:
    - CVE-2018-2938, S8197871: Support Derby connections.
    - CVE-2018-2952, S8199547: Exception to Pattern Syntax.
    - S8191239: Improve desktop file usage.
    - S8193419: Better Internet address support.
    - S8197925: Better stack walking.
    - S8200666: Improve LDAP support.
  * debian/patches/hotspot-S8207151-fix-bad-klassoop.patch: fix bug introduced
    by the backport of S8189123. LP: #1778930.

 -- Tiago Stürmer Daitx <email address hidden> Mon, 23 Jul 2018 20:03:03 +0000

Source diff to previous version
1778930 JVM crash with SIGSEGV as tomcat start with 7u181
CVE-2018-2938 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and
CVE-2018-2952 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected

Version: 7u181-2.6.14-0ubuntu0.1 2018-06-21 19:06:44 UTC

  openjdk-7 (7u181-2.6.14-0ubuntu0.1) trusty-security; urgency=medium

  * IcedTea release 2.6.14 (based on 7u181). Closes: #898976.
  * Security fixes:
    - S8162488: JDK should be updated to use LittleCMS 2.8
    - S8180881: Better packaging of deserialization
    - S8182362: Update CipherOutputStream Usage
    - S8183032: Upgrade to LittleCMS 2.9
    - S8189123: More consistent classloading
    - S8189969, CVE-2018-2790: Manifest better manifest entries
    - S8189977, CVE-2018-2795: Improve permission portability
    - S8189981, CVE-2018-2796: Improve queuing portability
    - S8189985, CVE-2018-2797: Improve tabular data portability
    - S8189989, CVE-2018-2798: Improve container portability
    - S8189993, CVE-2018-2799: Improve document portability
    - S8189997, CVE-2018-2794: Enhance keystore mechanisms
    - S8190478: Improved interface method selection
    - S8190877: Better handling of abstract classes
    - S8191696: Better mouse positioning
    - S8192025, CVE-2018-2814: Less referential references
    - S8192030: Better MTSchema support
    - S8192757, CVE-2018-2815: Improve stub classes implementation
    - S8193409: Improve AES supporting classes
    - S8193414: Improvements in MethodType lookups
    - S8193833, CVE-2018-2800: Better RMI connection support
  * debian/patches/hotspot-disable-exec-shield-workaround.patch: removed,
    upstream fixed i386 stack guard support in S8197429 (hotspot's mercurial
    commit 6636:d673ec579604).
  * debian/patches/hotspot-powerpcspe.diff: removed, support added upstream by
    S8186461 in hotspot's mercurial commit 6638:7517e77dd338.
  * debian/patches/it-patch-updates.diff: remove unnecessary hunks.
  * debian/rules: remove hotspot-powerpcspe.diff and
    hotspot-disable-exec-shield-workaround.patch from applied patches.

 -- Tiago Stürmer Daitx <email address hidden> Mon, 04 Jun 2018 23:11:45 +0000

Source diff to previous version
898976 openjdk-7: 2018 Q2 security update - Debian Bug report logs
CVE-2018-2790 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE
CVE-2018-2795 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected ar
CVE-2018-2796 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected
CVE-2018-2797 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Jav
CVE-2018-2798 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Jav
CVE-2018-2799 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Ja
CVE-2018-2794 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181,
CVE-2018-2814 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE:
CVE-2018-2815 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affect
CVE-2018-2800 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171

Version: 7u171-2.6.13-0ubuntu0.14.04.2 2018-04-02 18:07:34 UTC

  openjdk-7 (7u171-2.6.13-0ubuntu0.14.04.2) trusty-security; urgency=medium

  * IcedTea release 2.6.13 (based on 7u171). (Closes: #891330).
  * Security fixes:
    - S8160104: CORBA communication improvements
    - S8172525, CVE-2018-2579: Improve key keying case
    - S8174756: Extra validation for public keys
    - S8175932: Improve host instance supports
    - S8176458: Revise default document styling
    - S8178449, CVE-2018-2588: Improve LDAP logins
    - S8178458: Better use of certificates in LDAP
    - S8178466: Better RSA parameters
    - S8179536: Cleaner print job handling
    - S8179990: Cleaner palette entry handling
    - S8180011: Cleaner native graphics device handling
    - S8180015: Cleaner AWT robot handling
    - S8180020: Improve SymbolHashMap entry handling
    - S8180433: Cleaner CLR invocation handling
    - S8180877: More deeply colored ICC spaces
    - S8181664: Improve JVM UTF String handling
    - S8181670: Improve implementation of keystores
    - S8182125, CVE-2018-2599: Improve reliability of DNS lookups
    - S8182387, CVE-2018-2603: Improve PKCS usage
    - S8182601, CVE-2018-2602: Improve usage messages
    - S8185292, CVE-2018-2618: Stricter key generation
    - S8185325, CVE-2018-2641: Improve GTK initialization
    - S8186080: Transform XML interfaces
    - S8186212, CVE-2018-2629: Improve GSS handling
    - S8186600, CVE-2018-2634: Improve property negotiations
    - S8186606, CVE-2018-2633: Improve LDAP lookup robustness
    - S8186867: Improve native glyph layouts
    - S8186998, CVE-2018-2637: Improve JMX supportive features
    - S8189284, CVE-2018-2663: More refactoring for deserialization cases
    - S8190289, CVE-2018-2677: More refactoring for client deserialization cases
    - S8191142, CVE-2018-2678: More refactoring for naming deserialization cases
  * Remove multiarch-support pre-dependency. (Closes: #887858).

Source diff to previous version
891330 openjdk-7: several vulnerabilities - Debian Bug report logs
887858 openjdk-7: hardcoded Pre-Depends on multiarch-support - Debian Bug report logs
CVE-2018-2579 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected a
CVE-2018-2588 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Ja
CVE-2018-2599 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Ja
CVE-2018-2603 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected a
CVE-2018-2602 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u
CVE-2018-2618 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Jav
CVE-2018-2641 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u1
CVE-2018-2629 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Ja
CVE-2018-2634 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u
CVE-2018-2633 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Ja
CVE-2018-2637 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Jav
CVE-2018-2663 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected a
CVE-2018-2677 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u1
CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Ja

Version: 7u151-2.6.11-2ubuntu0.14.04.1 2017-11-29 09:06:38 UTC

  openjdk-7 (7u151-2.6.11-2ubuntu0.14.04.1) trusty-security; urgency=medium

  * Backport to 14.04.
  * debian/patches/hotspot-aarch64-S8145438-fix-field-too-big-for-insn.patch:
    the S8144028 fix was incomplete and followed up by S8145438; without it
    aarch64 JVM can fail with "Internal Error, failed: Field too big for
    insn".

 -- Tiago Stürmer Daitx <email address hidden> Tue, 21 Nov 2017 02:10:21 +0000




About   -   Send Feedback to @ubuntu_updates