[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2183 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5546 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5547 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5548 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5552 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3231 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3241 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3252 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3253 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3260 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3261 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3272 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3289 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5549 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
This bug was fixed in the package openjdk-8 - 8u121-b13-0ubuntu1.16.10.2 --- openjdk-8 (8u121-b13-0ubuntu1.16.10.2) yakkety-security; urgency=medium * debian/buildwatch.sh: updated to stop it if no 'make' process is running, as it probably means that the build failed - otherwise buildwatch keeps the builder alive until it exits after the timer (3 hours by default) expires. * debian/rules: updated jtreg tests to use agentvm and auto concurrency. openjdk-8 (8u121-b13-0ubuntu1.16.10.1) yakkety-security; urgency=medium * Update to 8u121-b13, including security fixes: - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. * debian/patches/8132051-zero.diff: superseeded by upstream fix S8154210; deleted. * debian/patches/hotspot-JDK-8158260-ppc64el.patch: applied upstream; deleted. * debian/patches/6926048.diff: already applied upstream; deleted. * debian/patches/jdk-ppc64el-S8170153.patch: improve StrictMath performance on ppc64el. LP: #1646927. * debian/patches/openjdk-ppc64el-S8170153.patch: same. * debian/patches/jdk-841269-filechooser.patch: fix FileChooser behavior when displaying links to non-existant files. Closes: #841269. * Refreshed various patches. openjdk-8 (8u111-b14-3) unstable; urgency=high [ Tiago Stürmer Daitx ] * Remove cacao references, updated jtreg tests to use agentvm and auto concurrency. * Run the jtreg tests on autopkg testing. -- Tiago Stürmer DaitxMon, 23 Jan 2017 11:22:24 + ** Changed in: openjdk-8 (Ubuntu) Status: New => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2183 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5546 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5547 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5548 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5549 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5552 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3231 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3241 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3252 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3253 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3260 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3261 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3272 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-3289 ** Changed in: openjdk-8 (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to:
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
This bug was fixed in the package openjdk-8 - 8u121-b13-0ubuntu1.16.04.2 --- openjdk-8 (8u121-b13-0ubuntu1.16.04.2) xenial-security; urgency=medium * Backport to 16.04. openjdk-8 (8u121-b13-0ubuntu1.16.10.2) yakkety-security; urgency=medium * debian/buildwatch.sh: updated to stop it if no 'make' process is running, as it probably means that the build failed - otherwise buildwatch keeps the builder alive until it exits after the timer (3 hours by default) expires. * debian/rules: updated jtreg tests to use agentvm and auto concurrency. openjdk-8 (8u121-b13-0ubuntu1.16.04.1) xenial-security; urgency=medium * Backport to 16.04. openjdk-8 (8u121-b13-0ubuntu1.16.10.1) yakkety-security; urgency=medium * Update to 8u121-b13, including security fixes. - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. * debian/patches/8132051-zero.diff: superseeded by upstream fix S8154210; deleted. * debian/patches/hotspot-JDK-8158260-ppc64el.patch: applied upstream; deleted. * debian/patches/6926048.diff: already applied upstream; deleted. * debian/patches/jdk-ppc64el-S8170153.patch: improve StrictMath performance on ppc64el. LP: #1646927. * debian/patches/openjdk-ppc64el-S8170153.patch: same. * debian/patches/jdk-841269-filechooser.patch: fix FileChooser behavior when displaying links to non-existant files. Closes: #841269. * Refreshed various patches. -- Tiago Stürmer DaitxMon, 23 Jan 2017 11:23:44 + -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
Sorry, I didn't understand your point. The patch is already on 9 and 8u upstream. Could you clarify please? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
could these be proposed for an upstream backport? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
** Changed in: openjdk-8 (Ubuntu) Assignee: Taco Screen team (taco-screen-team) => Tiago Stürmer Daitx (tdaitx) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
Yes, absolutely. I'll request it and update this bug. Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1646927] Re: PPC64: Poor StrictMath performance due to non-optimized compilation
would it be possible to propose this patch upstream for backporting to jdk8u? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1646927 Title: PPC64: Poor StrictMath performance due to non-optimized compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1646927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs