Hello community, here is the log from the commit of package java-1_8_0-openjdk for openSUSE:Factory checked in at 2015-10-28 17:15:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/java-1_8_0-openjdk (Old) and /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "java-1_8_0-openjdk" Changes: -------- --- /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/java-1_8_0-openjdk.changes 2015-08-21 12:42:19.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/java-1_8_0-openjdk.changes 2015-10-28 17:15:38.000000000 +0100 @@ -1,0 +2,59 @@ +Thu Oct 22 12:19:38 UTC 2015 - fst...@suse.com + +- Upgrade to upstream tag jdk8u65-b17 + * Security fix release of October 21, 2015 (bsc#951376) +- Security issues fixed: + * CVE-2015-4734: A remote user can exploit a flaw in the Embedded + JGSS component to partially access data + * CVE-2015-4803: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4805: A remote user can exploit a flaw in the Embedded + Serialization component to gain elevated privileges + * CVE-2015-4806: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to partially access and partially + modify data + * CVE-2015-4835: A remote user can exploit a flaw in the Embedded + CORBA component to gain elevated privileges + * CVE-2015-4842: A remote user can exploit a flaw in the Embedded + JAXP component to partially access data + * CVE-2015-4843: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to gain elevated privileges + * CVE-2015-4844: A remote user can exploit a flaw in the Embedded + 2D component to gain elevated privileges + * CVE-2015-4860: A remote user can exploit a flaw in the Embedded + RMI component to gain elevated privileges + * CVE-2015-4872: A remote user can exploit a flaw in the JRockit + Security component to partially modify data []. + * CVE-2015-4881: A remote user can exploit a flaw in the Embedded + CORBA component to gain elevated privileges + * CVE-2015-4882: A remote user can exploit a flaw in the Embedded + CORBA component to cause partial denial of service conditions + * CVE-2015-4883: A remote user can exploit a flaw in the Embedded + RMI component to gain elevated privileges + * CVE-2015-4893: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4902: A remote user can exploit a flaw in the Java SE + Deployment component to partially modify data + * CVE-2015-4903: A remote user can exploit a flaw in the Embedded + RMI component to partially access data + * CVE-2015-4911: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4810: A local user can exploit a flaw in the Java SE + Deployment component to gain elevated privileges + * CVE-2015-4840: A remote user can exploit a flaw in the Embedded + 2D component to partially access data + * CVE-2015-4868: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to gain elevated privileges + * CVE-2015-4901: A remote user can exploit a flaw in the JavaFX + component to gain elevated privileges + * CVE-2015-4906: A remote user can exploit a flaw in the JavaFX + component to partially access data + * CVE-2015-4908: A remote user can exploit a flaw in the JavaFX + component to partially access data + * CVE-2015-4916: A remote user can exploit a flaw in the JavaFX + component to partially access data +- Modified patch: + * s390-size_t.patch + - Account for an additional uintptr_t <-> size_t mismatch + +------------------------------------------------------------------- @@ -15 +74 @@ -Modified patches +- Modified patches Old: ---- 10ad4b9d79f9.tar.bz2 72a33aed7dcc.tar.bz2 8ec803e97a0d.tar.bz2 8f260851e051.tar.bz2 975eb04d1795.tar.bz2 afbc08ea922b.tar.bz2 be922f27d059.tar.bz2 d50c3672fd18.tar.bz2 e8e293d0db49.tar.bz2 New: ---- 14a4b0a9a0b7.tar.bz2 1ac6501881b2.tar.bz2 8e9c73f18f7e.tar.bz2 b6b6756b041d.tar.bz2 c684352da3e3.tar.bz2 d038f63e5167.tar.bz2 d9c2dcdd835c.tar.bz2 dbdfb913c528.tar.bz2 df0218bcade3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_8_0-openjdk.spec ++++++ --- /var/tmp/diff_new_pack.30qBSk/_old 2015-10-28 17:15:40.000000000 +0100 +++ /var/tmp/diff_new_pack.30qBSk/_new 2015-10-28 17:15:40.000000000 +0100 @@ -29,21 +29,21 @@ %global syslibdir %{_libdir} %global archname %{name} # Standard JPackage naming and versioning defines. -%global updatever 60 -%global buildver b27 +%global updatever 65 +%global buildver b17 %global root_project jdk8u -%global root_repository jdk8u60 -%global root_revision d50c3672fd18 -%global corba_revision be922f27d059 -%global hotspot_revision 10ad4b9d79f9 -%global jaxp_revision 8f260851e051 -%global jaxws_revision 975eb04d1795 -%global jdk_revision afbc08ea922b -%global langtools_revision e8e293d0db49 -%global nashorn_revision 72a33aed7dcc +%global root_repository jdk8u +%global root_revision c684352da3e3 +%global corba_revision d9c2dcdd835c +%global hotspot_revision 8e9c73f18f7e +%global jaxp_revision b6b6756b041d +%global jaxws_revision dbdfb913c528 +%global jdk_revision 14a4b0a9a0b7 +%global langtools_revision d038f63e5167 +%global nashorn_revision df0218bcade3 %global aarch64_project aarch64-port -%global aarch64_repository jdk8 -%global aarch64_hotspot_revision 8ec803e97a0d +%global aarch64_repository jdk8u60 +%global aarch64_hotspot_revision 1ac6501881b2 %global icedtea_sound_version 1.0.1 # priority must be 6 digits in total %global priority 1805 ++++++ 10ad4b9d79f9.tar.bz2 -> 14a4b0a9a0b7.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/14a4b0a9a0b7.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> 1ac6501881b2.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/1ac6501881b2.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> 8e9c73f18f7e.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/8e9c73f18f7e.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> b6b6756b041d.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/b6b6756b041d.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> c684352da3e3.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/c684352da3e3.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> d038f63e5167.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/d038f63e5167.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> d9c2dcdd835c.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/d9c2dcdd835c.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> dbdfb913c528.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/dbdfb913c528.tar.bz2 differ: char 11, line 1 ++++++ 10ad4b9d79f9.tar.bz2 -> df0218bcade3.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_8_0-openjdk/10ad4b9d79f9.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_8_0-openjdk.new/df0218bcade3.tar.bz2 differ: char 11, line 1 ++++++ s390-size_t.patch ++++++ --- /var/tmp/diff_new_pack.30qBSk/_old 2015-10-28 17:15:41.000000000 +0100 +++ /var/tmp/diff_new_pack.30qBSk/_new 2015-10-28 17:15:41.000000000 +0100 @@ -1,5 +1,5 @@ ---- jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp 2015-02-06 12:41:58.252468796 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp 2015-02-06 12:42:56.781083256 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp 2015-10-21 17:15:39.485338783 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp 2015-10-21 17:17:24.211977506 +0200 @@ -2659,7 +2659,7 @@ if (ResizeOldPLAB && CMSOldPLABResizeQuicker) { size_t multiple = _num_blocks[word_sz]/(CMSOldPLABToleranceFactor*CMSOldPLABNumRefills*n_blks); @@ -9,8 +9,8 @@ } assert(n_blks > 0, "Error"); _cfls->par_get_chunk_of_blocks(word_sz, n_blks, fl); ---- jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2015-02-06 12:41:58.252468796 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2015-02-06 12:42:56.784083185 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2015-10-21 17:15:39.486338760 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2015-10-21 17:17:24.213977461 +0200 @@ -957,7 +957,7 @@ if (free_percentage < desired_free_percentage) { size_t desired_capacity = (size_t)(used() / ((double) 1 - desired_free_percentage)); @@ -20,7 +20,7 @@ if (PrintGCDetails && Verbose) { size_t desired_capacity = (size_t)(used() / ((double) 1 - desired_free_percentage)); gclog_or_tty->print_cr("\nFrom compute_new_size: "); -@@ -6575,7 +6575,7 @@ +@@ -6577,7 +6577,7 @@ HeapWord* curAddr = _markBitMap.startWord(); while (curAddr < _markBitMap.endWord()) { size_t remaining = pointer_delta(_markBitMap.endWord(), curAddr); @@ -29,7 +29,7 @@ _markBitMap.clear_large_range(chunk); if (ConcurrentMarkSweepThread::should_yield() && !foregroundGCIsActive() && -@@ -6874,7 +6874,7 @@ +@@ -6875,7 +6875,7 @@ return; } // Double capacity if possible @@ -38,9 +38,9 @@ // Do not give up existing stack until we have managed to // get the double capacity that we desired. ReservedSpace rs(ReservedSpace::allocation_align_size_up( ---- jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp 2015-02-06 12:41:58.253468772 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp 2015-02-06 12:42:56.785083162 +0100 -@@ -3902,7 +3902,7 @@ +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp 2015-10-21 17:15:39.487338738 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/concurrentMark.cpp 2015-10-21 17:17:24.214977439 +0200 +@@ -3903,7 +3903,7 @@ // of things to do) or totally (at the very end). size_t target_size; if (partially) { @@ -49,9 +49,9 @@ } else { target_size = 0; } ---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp 2015-02-06 12:41:58.254468748 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp 2015-02-06 12:42:56.787083115 +0100 -@@ -1738,7 +1738,7 @@ +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp 2015-10-21 17:15:39.487338738 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp 2015-10-21 17:17:24.215977416 +0200 +@@ -1726,7 +1726,7 @@ verify_region_sets_optional(); @@ -60,8 +60,19 @@ ergo_verbose1(ErgoHeapSizing, "attempt heap expansion", ergo_format_reason("allocation request failed") ---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp 2015-02-06 12:41:58.255468724 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp 2015-02-06 12:42:56.787083115 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1PageBasedVirtualSpace.hpp 2015-10-21 17:15:39.488338715 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1PageBasedVirtualSpace.hpp 2015-10-21 17:17:24.217977371 +0200 +@@ -89,7 +89,7 @@ + void pretouch_internal(size_t start_page, size_t end_page); + + // Returns the index of the page which contains the given address. +- uintptr_t addr_to_page_index(char* addr) const; ++ size_t addr_to_page_index(char* addr) const; + // Returns the address of the given page index. + char* page_start(size_t index) const; + +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp 2015-10-21 17:15:39.489338692 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupQueue.cpp 2015-10-21 17:17:24.216977394 +0200 @@ -38,7 +38,7 @@ _cancel(false), _empty(true), @@ -71,8 +82,8 @@ _queues = NEW_C_HEAP_ARRAY(G1StringDedupWorkerQueue, _nqueues, mtGC); for (size_t i = 0; i < _nqueues; i++) { new (_queues + i) G1StringDedupWorkerQueue(G1StringDedupWorkerQueue::default_segment_size(), _max_cache_size, _max_size); ---- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp 2015-02-06 12:41:58.255468724 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp 2015-02-06 12:42:56.788083092 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp 2015-10-21 17:15:39.489338692 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/g1StringDedupTable.cpp 2015-10-21 17:17:24.216977394 +0200 @@ -110,7 +110,7 @@ }; @@ -82,9 +93,9 @@ _lists = PaddedArray<G1StringDedupEntryFreeList, mtGC>::create_unfreeable((uint)_nlists); } ---- jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp 2015-02-06 12:41:58.256468700 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp 2015-02-06 12:42:56.788083092 +0100 -@@ -147,7 +147,7 @@ +--- jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp 2015-10-21 17:15:39.489338692 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp 2015-10-21 17:17:24.216977394 +0200 +@@ -109,7 +109,7 @@ if (FLAG_IS_DEFAULT(G1HeapRegionSize)) { size_t average_heap_size = (initial_heap_size + max_heap_size) / 2; region_size = MAX2(average_heap_size / HeapRegionBounds::target_number(), @@ -93,8 +104,8 @@ } int region_size_log = log2_long((jlong) region_size); ---- jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2015-02-06 12:41:58.258468651 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2015-02-06 12:42:56.789083068 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2015-10-21 17:15:39.492338625 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2015-10-21 17:17:24.217977371 +0200 @@ -910,8 +910,8 @@ void PSParallelCompact::initialize_dead_wood_limiter() { @@ -106,8 +117,8 @@ _dwl_first_term = 1.0 / (sqrt(2.0 * M_PI) * _dwl_std_dev); DEBUG_ONLY(_dwl_initialized = true;) _dwl_adjustment = normal_distribution(1.0); ---- jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2015-02-06 12:41:58.257468675 +0100 -+++ jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2015-02-06 12:42:56.790083045 +0100 +--- jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2015-10-21 17:15:39.490338670 +0200 ++++ jdk8/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2015-10-21 17:17:24.218977349 +0200 @@ -194,7 +194,7 @@ const size_t num_overflow_elems = of_stack->size(); const size_t space_available = queue->max_elems() - queue->size(); @@ -117,8 +128,8 @@ num_overflow_elems); // Transfer the most recent num_take_elems from the overflow // stack to our work queue. ---- jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-02-06 12:41:58.263468530 +0100 -+++ jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-02-06 12:42:56.790083045 +0100 +--- jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-10-21 17:15:39.497338512 +0200 ++++ jdk8/hotspot/src/share/vm/memory/collectorPolicy.cpp 2015-10-21 17:17:24.218977349 +0200 @@ -385,7 +385,7 @@ uintx calculated_size = NewSize + OldSize; double shrink_factor = (double) MaxHeapSize / calculated_size; @@ -175,8 +186,8 @@ _initial_gen1_size = OldSize; // If the user has explicitly set an OldSize that is inconsistent ---- jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-02-06 12:41:58.264468506 +0100 -+++ jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-02-06 12:42:56.791083021 +0100 +--- jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-10-21 17:15:39.498338490 +0200 ++++ jdk8/hotspot/src/share/vm/memory/metaspace.cpp 2015-10-21 17:17:24.219977326 +0200 @@ -1455,7 +1455,7 @@ void MetaspaceGC::post_initialize() { @@ -213,8 +224,8 @@ _first_class_chunk_word_size = align_word_size_up(_first_class_chunk_word_size); // Arbitrarily set the initial virtual space to a multiple // of the boot class loader size. ---- jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-02-06 12:41:58.267468433 +0100 -+++ jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-02-06 12:42:56.792082998 +0100 +--- jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-10-21 17:15:39.501338422 +0200 ++++ jdk8/hotspot/src/share/vm/oops/objArrayKlass.inline.hpp 2015-10-21 17:17:24.219977326 +0200 @@ -48,7 +48,7 @@ const size_t beg_index = size_t(index); assert(beg_index < len || len == 0, "index too large"); @@ -233,8 +244,8 @@ const size_t end_index = beg_index + stride; T* const base = (T*)a->base(); T* const beg = base + beg_index; ---- jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-02-06 12:41:58.277468191 +0100 -+++ jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-02-06 12:42:56.794082951 +0100 +--- jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-10-21 17:15:39.512338174 +0200 ++++ jdk8/hotspot/src/share/vm/runtime/arguments.cpp 2015-10-21 17:17:24.220977303 +0200 @@ -1277,7 +1277,7 @@ // NewSize was set on the command line and it is larger than // preferred_max_new_size.