| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
fixes #9314
|
| |
|
| |
|
|
|
|
|
| |
fixes #3678
ref https://github.com/alpinelinux/aports/pull/3678
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #7579
S8163958, CVE-2017-10102: Improved garbage collection
S8167228: Update to libpng 1.6.28
S8169209, CVE-2017-10053: Improved image post-processing steps
S8169392, CVE-2017-10067: Additional jar validation steps
S8170966, CVE-2017-10081: Right parenthesis issue
S8171539, CVE-2017-10078: Better script accessibility for JavaScript
S8172204, CVE-2017-10087: Better Thread Pool execution
S8172461, CVE-2017-10089: Service Registration Lifecycle
S8172465, CVE-2017-10090: Better handling of channel groups
S8172469, CVE-2017-10096: Transform Transformer Exceptions
S8173286, CVE-2017-10101: Better reading of text catalogs
S8173697, CVE-2017-10107: Less Active Activations
S8173770, CVE-2017-10074: Image conversion improvements
S8174098, CVE-2017-10110: Better image fetching
S8174105, CVE-2017-10108: Better naming attribution
S8174113, CVE-2017-10109: Better sourcing of code
S8174770: Check registry registration location
S8174873: Improved certificate procesing
S8175106, CVE-2017-10115: Higher quality DSA operations
S8175110, CVE-2017-10118: Higher quality ECDSA operations
S8176055: JMX diagnostic improvements
S8176067, CVE-2017-10116: Proper directory lookup processing
S8176760, CVE-2017-10135: Better handling of PKCS8 material
S8178135, CVE-2017-10176: Additional elliptic curve support
S8179101, CVE-2017-10193: Improve algorithm constraints implementation
S8179998, CVE-2017-10198: Clear certificate chain connections
S8181420, CVE-2017-10074: PPC: Image conversion improvements
S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements
S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115
on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation
errors for some clients.
Root cause appears to be OpenJDK announcing support for NIST curves the
underlying NSS library does doesn't. This patch limits OpenJDK's
announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25
(secp521r1).
Related issues:
* https://github.com/docker-library/openjdk/issues/115
* https://bugs.alpinelinux.org/issues/7404
* https://access.redhat.com/discussions/2339811
* https://bugzilla.redhat.com/show_bug.cgi?id=1022017
* https://bugzilla.redhat.com/show_bug.cgi?id=1348525
ref #7404
|
|
|
|
|
|
|
|
|
|
|
|
| |
Java will only use 1024 byte buffer for parsing mounts. Unlike glibc
will musl return error when this is not big enough instead of truncating
it.
We solve it by allocating a much bigger buffer.
ref #9073
We also build without precompiled headers, which does not work eith PIE.
|
|
|
|
|
|
|
|
| |
since icedtea 3.4 the configure script will select aarch32 hotspot build
due to better performace. Our patches does not apply to this so for now
we use the default hotspot, even if it is slower on armhf.
http://blog.fuseyism.com/index.php/2017/05/17/security-icedtea-3-4-0-for-openjdk-8-armed-and-ready-released/
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Musl on Power does not define regs member as a pt_regs pointer type,
hence it's necessary to use member gp_regs instead.
|
| |
|
|
|
|
|
|
| |
This is related to new version of abuild running with `set -e`.
The build failed on armhf; classes.jsa is apparently not generated on
this platform and hence failed to be removed.
|
|
|
|
| |
needs nss-static for libfreebl.a
|
| |
|
| |
|
|
|
|
|
|
| |
- fix the script to work with split subpkg directory layout
- make apkbuild abort on marking error
- rebuild with new abuild that has xattr issue fixed
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
enable sunec (ref #6809)
S8138725: Add options for Javadoc generation
S8140353: Improve signature checking
S8151934, CVE-2017-3231: Resolve class resolution
S8156804, CVE-2017-3241: Better constraint checking
S8158406: Limited Parameter Processing
S8158997: JNDI Protocols Switch
S8159507: RuntimeVisibleAnnotation validation
S8161218: Better bytecode loading
S8161743, CVE-2017-3252: Provide proper login context
S8162577: Standardize logging levels
S8162973: Better component components
S8164143, CVE-2017-3260: Improve components for menu items
S8164147, CVE-2017-3261: Improve streaming socket output
S8165071, CVE-2016-2183: Expand TLS support
S8165344, CVE-2017-3272: Update concurrency support
S8166988, CVE-2017-3253: Improve image processing performance
S8167104, CVE-2017-3289: Additional class construction refinements
S8167223, CVE-2016-5552: URL handling improvements
S8168705, CVE-2016-5547: Better ObjectIdentifier validation
S8168714, CVE-2016-5546: Tighten ECDSA validation
S8168728, CVE-2016-5548: DSA signing improvments
S8168724, CVE-2016-5549: ECDSA signing improvments
|
|
|
|
| |
fixes #6386
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ref #6388
S8146490: Direct indirect CRL checks
S8151921: Improved page resolution
S8155968: Update command line options
S8155973, CVE-2016-5542: Tighten jar checks
S8156794: Extend data sharing
S8157176: Improved classfile parsing
S8157739, CVE-2016-5554: Classloader Consistency Checking
S8157749: Improve handling of DNS error replies
S8157753: Audio replay enhancement
S8157759: LCMS Transform Sampling Enhancement
S8157764: Better handling of interpolation plugins
S8158302: Handle contextual glyph substitutions
S8158993, CVE-2016-5568: Service Menu services
S8159495: Fix index offsets
S8159503: Amend Annotation Actions
S8159511: Stack map validation
S8159515: Improve indy validation
S8159519, CVE-2016-5573: Reformat JDWP messages
S8160090: Better signature handling in pack200
S8160094: Improve pack200 layout
S8160098: Clean up color profiles
S8160591, CVE-2016-5582: Improve internal array handling
S8160838, CVE-2016-5597: Better HTTP service
PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read()
|
| |
|
|
|
|
|
| |
This lib should not be needed for headless, Fedora also excludes it from
the headless package.
|
| |
|
| |
|
| |
|
|
|
|
| |
fixes https://github.com/docker-library/openjdk/issues/77
|
|
|
|
|
|
|
|
|
| |
CVE-2016-0686
CVE-2016-0687
CVE-2016-0695
CVE-2016-3425
CVE-2016-3426
CVE-2016-3427
|
| |
|
| |
|
| |
|
|
|
|
|
| |
move plugins out that depend on xorg stuff, and add java-cacerts
dependency. fixes #5132.
|
|
|
|
| |
gnu find seems to not support the '-perm +006' anymore. use '-perm /006'
|
|
|
|
|
| |
Fixes CVE-2016-0483, CVE-2016-0494, CVE-2015-8126, CVE-2016-0475,
CVE-2016-0402, CVE-2016-0466, CVE-2016-0448, CVE-2015-7575.
|
|
|
|
| |
ref #4128
|
|
|
|
|
| |
ct.sym needs read permission for javac to work, fix that. and
split demos and samples to separate package.
|
|
|
|
| |
this is now latest GA release
|
|
|