Группа :: Разработка/Java
Пакет: java-11-openjdk
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
24 августа 2023 Andrey Cherepanov <cas at altlinux.org> 0:11.0.20.0.8-alt1_1jpp11
- New version.
- Security fixes
+ CVE-2023-22006
+ CVE-2023-22036
+ CVE-2023-22041
+ CVE-2023-22044
+ CVE-2023-22045
+ CVE-2023-22049
+ CVE-2023-25193 - Removed implicit requirements.
- New version.
- Security fixes
+ CVE-2023-21930
+ CVE-2023-21937
+ CVE-2023-21938
+ CVE-2023-21939
+ CVE-2023-21954
+ CVE-2023-21967
+ CVE-2023-21968
- New version.
- Security fixes
+ CVE-2023-21835
+ CVE-2023-21843
+ JDK-8286077, CVE-2022-21618: Wider MultiByte conversions
+ JDK-8286526, CVE-2022-21619: Improve NTLM support
+ JDK-8286533, CVE-2022-21626: Key X509 usages
+ JDK-8286910, CVE-2022-21624: Improve JNDI lookups
+ JDK-8286918, CVE-2022-21628: Better HttpServer service
+ JDK-8289366, CVE-2022-39399: Improve HTTP/2 client usage
- New version.
- New version.
- Security fixes
+ JDK-8281859, CVE-2022-21540: Improve class compilation
+ JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
+ JDK-8285407, CVE-2022-34169: Improve Xalan supports
- New version.
- Security fixes
+ JDK-8270504, CVE-2022-21426: Better XPath expression handling
+ JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0
+ JDK-8275151, CVE-2022-21443: Improved Object Identification
+ JDK-8277672, CVE-2022-21434: Better invocation handler handling
+ JDK-8278972, CVE-2022-21496: Improve URL supports
- NMU: corrected libjvm.so provides.
- New version.
- Security fixes
+ JDK-8217375: jarsigner breaks old signature with long lines in manifest
+ JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
+ JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
+ JDK-8268488: More valuable DerValues
+ JDK-8268494: Better inlining of inlined interfaces
+ JDK-8268512: More content for ContentInfo
+ JDK-8268795: Enhance digests of Jar files
+ JDK-8268801: Improve PKCS attribute handling
+ JDK-8268813, CVE-2022-21283: Better String matching
+ JDK-8269151: Better construction of EncryptedPrivateKeyInfo
+ JDK-8269944: Better HTTP transport redux
+ JDK-8270386, CVE-2022-21291: Better verification of scan methods
+ JDK-8270392, CVE-2022-21293: Improve String constructions
+ JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
+ JDK-8270492, CVE-2022-21282: Better resolution of URIs
+ JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
+ JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
+ JDK-8270952, CVE-2022-21277: Improve TIFF file handling
+ JDK-8271962: Better TrueType font loading
+ JDK-8271968: Better canonical naming
+ JDK-8271987: Manifest improved manifest entries
+ JDK-8272014, CVE-2022-21305: Better array indexing
+ JDK-8272026, CVE-2022-21340: Verify Jar Verification
+ JDK-8272236, CVE-2022-21341: Improve serial forms for transport
+ JDK-8272272: Enhance jcmd communication
+ JDK-8272462: Enhance image handling
+ JDK-8273290: Enhance sound handling
+ JDK-8273756, CVE-2022-21360: Enhance BMP image support
+ JDK-8273838, CVE-2022-21365: Enhanced BMP processing
+ JDK-8274096, CVE-2022-21366: Improve decoding of image files
+ JDK-8279541: Improve HarfBuzz - Fixed linking libraries.
- Removed duplicated files with legal information from packages.
- New version.
- Ignore possible fail of %post scriptlet (ALT #40831).
- Optionally disable %check by default.
- New version.
- Security fixes:
+ CVE-2021-35550 Update the default enabled cipher suites preference
+ CVE-2021-35565 com.sun.net.HttpsServer spins on TLS session close
+ CVE-2021-35556 Richer Text Editors
+ CVE-2021-35559 Enhanced style for RTF kit
+ CVE-2021-35561 Better hashing support
+ CVE-2021-35564 Improve Keystore integrity
+ CVE-2021-35567 More Constrained Delegation
+ CVE-2021-35578 Improve TLS client handshaking
+ CVE-2021-35586 Better BMP support
+ CVE-2021-35603 Better session identification
- New version.
- Fix some license names according to SPDX.
- Use system libharfbuzz.
- new version
- security fixes:
+ CVE-2021-2341: Improve file transfers
+ CVE-2021-2369: Better jar file validation
+ CVE-2021-2388: Enhance compiler validation
+ CVE-2021-2161: Less ambiguous processing
+ CVE-2021-2163: Enhance opening JARs
+ CVE-2020-14779: Enhance support of Proxy class
+ CVE-2020-14781: Enhanced LDAP contexts
+ CVE-2020-14782: Enhance certificate processing
+ CVE-2020-14792: Better range handling
+ CVE-2020-14796: Improved URI Support
+ CVE-2020-14797: Better Path Validation
+ CVE-2020-14798: Enhanced buffer support
+ CVE-2020-14803: Improved Buffer supports
+ CVE-2020-14562: Enhance TIFF support
+ CVE-2020-14573: Enhance Graal interface handling
+ CVE-2020-14556: Better ForkJoinPool behavior
+ CVE-2020-14577: Enhance certificate verification
+ CVE-2020-14581: Better matrix operations
+ CVE-2020-14583: Better Buffer support
+ CVE-2020-14593: Less Affine Transformations
+ CVE-2020-14621: Better XML namespace handling
+ CVE-2020-2754: Forward references to Nashorn
+ CVE-2020-2755: Improve Nashorn matching
+ CVE-2020-2756: Better mapping of serial ENUMs
+ CVE-2020-2757: Less Blocking Array Queues
+ CVE-2020-2773: Better signatures in XML
+ CVE-2020-2778: More constrained algorithms
+ CVE-2020-2767: Improve TLS verification
+ CVE-2020-2781: Improve TLS session handling
+ CVE-2020-2800: Better Headings for HTTP Servers
+ CVE-2020-2803: Enhance buffering of byte buffers
+ CVE-2020-2805: Enhance typing of methods
+ CVE-2020-2816: Enhance TLS connectivity
+ CVE-2020-2830: Better Scanner conversions
+ CVE-2020-2583: Unlink Set of LinkedHashSets
+ CVE-2020-2590: Improve Kerberos interop capabilities
+ CVE-2020-2593: Normalize normalization for all
+ CVE-2020-2601: Better Ticket Granting Services
+ CVE-2020-2604: Better serial filter handling
+ CVE-2020-2655: Better TLS messaging support
+ CVE-2020-2654: Improve Object Identifier Processing
+ CVE-2019-2933: Windows file handling redux
+ CVE-2019-2945: Better socket support
+ CVE-2019-2949: Better Kerberos ccache handling
+ CVE-2019-2958: Build Better Processes
+ CVE-2019-2964: Better support for patterns
+ CVE-2019-2962: Better Glyph Images
+ CVE-2019-2973: Better pattern compilation
+ CVE-2019-2975: Unexpected exception in jjs
+ CVE-2019-2978: Improved handling of jar files
+ CVE-2019-2977: Improve String index handling
+ CVE-2019-2981: Better Path supports
+ CVE-2019-2983: Better serial attributes
+ CVE-2019-2987: Better rendering of native glyphs
+ CVE-2019-2988: Better Graphics2D drawing
+ CVE-2019-2989: Improve TLS connection support
+ CVE-2019-2992: Enhance font glyph mapping
+ CVE-2019-2999: Commentary on Javadoc comments
+ CVE-2019-2894: Enhance ECDSA operations
+ CVE-2019-2762: Exceptional throw cases
+ CVE-2019-2766: Improve file protocol handling
+ CVE-2019-2769: Better copies of CopiesList
+ CVE-2019-2786: More limited privilege usage
+ CVE-2019-7317: Improve PNG support options
+ CVE-2019-2818: Better Poly1305 support
+ CVE-2019-2816: Normalize normalization
+ CVE-2019-2821: Improve TLS negotiation
+ CVE-2019-2602: Better String parsing
+ CVE-2019-2684: More dynamic RMI interactions
+ CVE-2019-2698: Fuzzing TrueType fonts: setCurrGlyphID()
- added alternatives for keytool, policytool, etc
- new version
- new version
- new version