java-1.8.0-openjdk 보안 업데이트
업데이트 : 2016.10.26
이름 : java-1.8.0-openjdk-5:1.8.0.111-1.b15.el7_2
벤더 : AnNyung Packaging Team
설명 :
The OpenJDK runtime environment.
변경사항
- update 1.8.0-111.b15
- Keep debug architecture set the same on RHEL 7.2
- Resolves: rhbz#1381990
- Bump release for rebuild.
- Resolves: rhbz#1381990
- Turn debug builds on for all JIT architectures. Always AssumeMP on RHEL.
- Resolves: rhbz#1381990
- Update to aarch64-jdk8u111-b15, with AArch64 fix for S8160591.
- Swap java.security md5sum for 7.2.z version with ECC patch.
- Resolves: rhbz#1381990
- Update to aarch64-jdk8u111-b14.
- Add latest md5sum for java.security file due to jar signing property addition.
- Drop S8157306 and the CORBA typo fix, both of which appear upstream in u111.
- Add LCMS 2 patch to fix Red Hat security issue RH1367357 in the local OpenJDK copy.
- Resolves: rhbz#1381990
- declared check_sum_presented_in_spec and used in prep and check
- it is checking that latest packed java.security is mentioned in listing
- Resolves: rhbz#1368440
- New variable, @prefix@, needs to be substituted in tapsets (rhbz1371005)
- Resolves: rhbz#1368440
- Update to aarch64-jdk8u102-b14.
- Drop 8140620, 8148752 and 6961123, all of which appear upstream in u102.
- Move 8159244 to 8u111 section as it only appears to be in unpublished u102 b31.
- Move 8158260 to 8u112 section following its backport to 8u.
- Resolves: rhbz#1368440
- Update to aarch64-jdk8u101-b15.
- Rebase SystemTap tarball on IcedTea 3.1.0 versions so as to avoid patching.
- Drop additional hunk for 8147771 which is now applied upstream.
- Resolves: rhbz#1368440
- security fix
. CVE-2016-5542
allows remote attackers to affect integrity via vectors related to Libraries.
. CVE-2016-5554
allows remote attackers to affect integrity via vectors related to JMX.
. CVE-2016-5573
allows remote attackers to affect confidentiality, integrity, and availability
via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
. CVE-2016-5582
allows remote attackers to affect confidentiality, integrity, and availability
via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
. CVE-2016-5597
allows remote attackers to affect confidentiality via vectors related to Networking.
업데이트 패키지
SRPMS:
. java-1.8.0-openjdk-1.8.0.111-1.b15.el7_2.src.rpm
x86_64:
. java-1.8.0-openjdk-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-accessibility-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-demo-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-devel-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-devel-gui-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-headless-1.8.0.111-1.b15.el7_2.x86_64.rpm
. java-1.8.0-openjdk-src-1.8.0.111-1.b15.el7_2.x86_64.rpm
noarch:
. java-1.8.0-openjdk-javadoc-1.8.0.111-1.b15.el7_2.noarch.rpm
|