Your message dated Mon, 23 Jan 2017 15:14:41 +0000 with message-id <[email protected]> and subject line Bug#851053: fixed in openjdk-8 8u121-b13-1 has caused the Debian Bug report #851053, regarding openjdk-8-jre-headless: Can't run a command with Runtime.exec() on kfreebsd-* - errcode 127 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 851053: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851053 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: openjdk-8-jre-headless Version: 8u111-b14-2 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, While investigating about ant FTBFS on kfreebsd-* [1][2], I tried the very simple testcase below. It fails with errcode 127 on kfreebsd-*: $ cat MyTest.java public class MyTest { public static void main(String[] args) throws Exception { String[] cmd = { "ls" }; Process process = Runtime.getRuntime().exec(cmd); int ret = process.waitFor(); System.err.format("retcode: %d\n", ret); } } $ javac MyTest.java $ java MyTest retcode: 127 $ java -version openjdk version "1.8.0_111" OpenJDK Runtime Environment (build 1.8.0_111-8u111-b14-2-b14) OpenJDK Server VM (build 25.111-b14, mixed mode) This test was run on porterboxes fischer.d.o and jalla.d.o under a clean sid chroot. Thanks, [1] https://buildd.debian.org/status/fetch.php?pkg=ant&arch=kfreebsd-i386&ver=1.9.8-1&stamp=1483664640 [2] https://buildd.debian.org/status/fetch.php?pkg=ant&arch=kfreebsd-amd64&ver=1.9.8-1&stamp=1484162770 _g. -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEoJObzArDE05WtIyR7+hsbH/+z4MFAlh2k4AACgkQ7+hsbH/+ z4MXcQf/fPKB+I9VuWlSF69wvm1PZxqVI3EqZKHO3U6N2cKTN19TxMYA3gDOoejp eY2xR9kR2xPxrr3dRAH6Wqky3/Fr7mvg+q/iHJvOejFUQr0NkjKBBX2GpilykWpu NZCn/xdJYj1bjgFpJMeoZ3v8dDyTTZ7BUW1kx/VRn0xAxKkvdRnspNXeyOj3ONoN giNjF11iuXPSDBHubCgj9dTMx6ZUNE3dGhl5x6vMzYTNk+Kvh+fOSI2wJGIQaUIA V/ywKE2r5kOaoJq3CTlFZsyujk8S6hyarecFcsx+tXbtx7uphSJCICO8J0JeaGeT f8ufBbjAlvAzkuHZXYD927FB7BhydA== =Vos0 -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: openjdk-8 Source-Version: 8u121-b13-1 We believe that the bug you reported is fixed in the latest version of openjdk-8, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Klose <[email protected]> (supplier of updated openjdk-8 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 23 Jan 2017 11:03:55 +0100 Source: openjdk-8 Binary: openjdk-8-jdk-headless openjdk-8-jre-headless openjdk-8-jdk openjdk-8-jre openjdk-8-demo openjdk-8-source openjdk-8-doc openjdk-8-dbg openjdk-8-jre-zero Architecture: source Version: 8u121-b13-1 Distribution: unstable Urgency: high Maintainer: OpenJDK Team <[email protected]> Changed-By: Matthias Klose <[email protected]> Description: openjdk-8-dbg - Java runtime based on OpenJDK (debugging symbols) openjdk-8-demo - Java runtime based on OpenJDK (demos and examples) openjdk-8-doc - OpenJDK Development Kit (JDK) documentation openjdk-8-jdk - OpenJDK Development Kit (JDK) openjdk-8-jdk-headless - OpenJDK Development Kit (JDK) (headless) openjdk-8-jre - OpenJDK Java runtime, using ${vm:Name} openjdk-8-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless) openjdk-8-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark openjdk-8-source - OpenJDK Development Kit (JDK) source files Closes: 841229 841269 842132 851053 851667 Changes: openjdk-8 (8u121-b13-1) unstable; urgency=high . * Update to 8u121-b13, Hotspot 8u112-b16 for AArch64. . [ Matthias Klose ] * Build using the default flags (POWER8) on ppc64el. * Add a breaks for ca-certificates-java (<< 20160321~). Closes: #851667. * Stop building JamVM for the stretch release, the VM is not working with recent OpenJDK 8 updates. Closes: #841229, #842132. * Fix location of jspawnhelper for KFreeBSD. Closes: #851053. . [ Tiago Stürmer Daitx ] * debian/rules: add -O3 to DEB_CFLAGS_MAINT_STRIP and DEB_CXXFLAGS_MAINT_STRIP for dpkg_buildflags_jdk and dpkg_buildflags_hs as ppc64le has -O3 by default. LP: #1640845. * Update to 8u121-b13, including security fixes. - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. * d/p/8132051-zero.diff: Superseeded by upstream fix S8154210; removed. * d/p/hotspot-JDK-8158260-ppc64el.patch: Applied upstream; removed. * d/p/6926048.diff: Already applied upstream; removed. * d/p/jdk-ppc64el-S8170153.patch, d/p/openjdk-ppc64el-S8170153.patch: Improve StrictMath performance on ppc64el. LP: #1646927. * d/p/jdk-841269-filechooser.patch: Fix FileChooser behavior when displaying links to non-existant files. Closes: #841269. * Refreshed various patches. Checksums-Sha1: de3b3f3cd198c95b8b135096b5c6ba34cd999b2b 4483 openjdk-8_8u121-b13-1.dsc 0e41c8b3ac17f8022e524db705af86780e86c2d1 63884892 openjdk-8_8u121-b13.orig.tar.xz f630e66f43d9fd3834bf73173a3e86e0f0084f9b 235072 openjdk-8_8u121-b13-1.debian.tar.xz Checksums-Sha256: b51e13766a5d26d2babd246ab14f27b273a37287fc280f7139fb7e03aa762b3c 4483 openjdk-8_8u121-b13-1.dsc 78f64c05575fa36ae35e712e3d23b3ac139aaeb328eebca705705652b5985699 63884892 openjdk-8_8u121-b13.orig.tar.xz f08822fd68026ede9551c863066697c24572bfc49dc1842a2703725ef7c61b9f 235072 openjdk-8_8u121-b13-1.debian.tar.xz Files: 110c4cdad2d191bf40676f5b3943882f 4483 java optional openjdk-8_8u121-b13-1.dsc 9d3a1b7c672bc1b5ffbbf30aa4eed4b3 63884892 java optional openjdk-8_8u121-b13.orig.tar.xz e83030ae23d57e3fdf5b5e2f697a3794 235072 java optional openjdk-8_8u121-b13-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAliGCYMQHGRva29AdWJ1 bnR1LmNvbQAKCRC9fqpgd4+m9eWzEACeKFOdkmu7DiuIjhLUAot1Oy93ZyzUoEN0 sIyjSXn8u+g68mg5/qVSKMOCkiXIMXdISLDAtvi1f1538E4XbU7otr1RJB/KCeB0 0QiW2NyY9rm0YkDxBTiQtAOdsN7ZSvoUVyiBBT43bc1gs/YVBjV/zvnnf44ZrWct wKiYsJijrW9yzkPqUlDO1KdSJeuk9guSQh6HChx96NbO3Wo3wSYkTqcfeTMjVrrv uJvu8QmW5FzxtUZ9mGZgVxgHBdIIeuxhPHl8yaUdOFNtZeDvcsqNS9TrJ6Z9HwmF X9/MEmcHbyzDu69fTY0WihN3My8K9lPFJtCbjuG20Wc/f4VG7RWKrcggSccAa2nn jRectOLnOulNAexsy0rzz8BdXHgk0bMtjuR1CpeXLfJg84sNVBGBAJGz8KsgHE4J 03DrcOh+LQYA+BPZvfbEZVDDDBSXC81ThUgHrED/IVmU0Fn+Xt/YlgtXjGxr5j0w Le/Arw+WpRpD/bo2wK5yFE8y7xB0dcokYMaBFOsh7Y6q5j0rU6nbesU/19LbXiEg rtHEFzvQU3uUuw3kwL4orM9YkRk6M4cnRPECpeBG2WTj3Rx3H/61Z6b7J60pdeu8 O6qkmQgMlOq8dgmYUNXD3uyzsmeVvh7cyDLTVPwnle75njX0VB19cvr0u7yutzO0 uxGCYbdHrg== =2vnJ -----END PGP SIGNATURE-----
--- End Message ---
