| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Ride previous PKGREVISION bump.
|
|
potentially changes the package.
|
|
* Include a patch from PR pkg/51221
Changelog:
security-libs/java.security
SunPKCS11 Provider no longer offering SecureRandom by default
SecureRandom.PKCS11 from the SunPKCS11 Provider is disabled by default on Solaris because the native PKCS11 implementation has poor performance and is not recommended. If your application requires SecureRandom.PKCS11, you can re-enable it by removing "SecureRandom" from the disabledMechanisms list in conf/security/sunpkcs11-solaris.cfg
Performance improvements have also been made in the java.security.SecureRandom class. Improvements in the JDK implementation have allowed for synchronization to be removed from the java.security.SecureRandom.nextBytes(byte[] bytes) method.
See JDK-8098581
Fix following security bugs:
CVE-2016-5556
CVE-2016-5582
CVE-2016-5573
CVE-2016-5597
CVE-2016-5554
CVE-2016-5542
|
|
Changelog:
IANA Data 2016d
JDK 8u102 contains IANA time zone data version 2016d. For more
information, refer to Timezone Data Versions in the JRE Software.
See JDK-8151876
Enhancements
core-libs/java.lang.invoke
Internal package sun.invoke.anon has been removed
The internal package sun.invoke.anon has been removed. The
functionality it used to provide, namely anonymous class loading
with possible constant pool patches, is available via the
Unsafe.defineAnonymousClass() method.
See JDK-8081512
hotspot/runtime
New property jdk.lang.processReaperUseDefaultStackSize
When a large TLS (Thread local storage) size is set for Threads,
the JVM results in a stack overflow exception. The reason for this
behavior is that the reaper thread was created with a low stack
size of 32768k. When a large TLS size is set, it steals space from
the threads stack, which eventually results in a stack overflow.
This is a known glibc bug. To overcome this issue, we have introduced
a workaround (jdk.lang.processReaperUseDefaultStackSize) in which
the user can set the reaper threads stack size to a default instead
of to 32768. This gives the reaper thread a bigger stack size, so
for a large TLS size, such as 32k, the process will not fail.
Users can set this flag in one of two ways:
1. -Djdk.lang.processReaperUseDefaultStackSize=true
2. System.setProperty("jdk.lang.processReaperUseDefaultStackSize",
"true")
The problem has been observed only when JVM is started from JNI
code in which TLS is declared using "__thread"
See JDK-8130425
hotspot/compiler
Implemented performance improvements for BigInteger.montgomeryMultiply
We have implemented improvements that will improve performance of
several security algorithms, especially when using ciphers with
key lengths of 2048-bit or greater. To turn on these improvements,
use the options -XX:+UseMontgomeryMultiplyIntrinsic and
-XX:+UseMontgomerySquareIntrinsic. This improvement is only for
Linux and Solaris on x86_64 architecture.
See JDK-8130150
Changes
security-libs/javax.crypto
MSCAPI KeyStore can handle same-named certificates
Java SE KeyStore does not allow certificates that have the same
aliases
(http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html).
However, on Windows, multiple certificates stored in one keystore
are allowed to have non-unique friendly names.The fix for JDK-6483657
makes it possible to operate on such non-uniquely named certificates
through the Java API by artificially making the visible aliases
unique.
Please note, this fix does not enable creating same-named certificates
with the Java API. It only allows you to deal with same-named
certificates that were added to the keystore by 3rd party tools.
It is still recommended that your design not use multiple certificates
with the same name. In particular, the following sentence will not
be removed from the Java documentation: "In order to avoid problems,
it is recommended not to use aliases in a KeyStore that only differ
in case."
(http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html)
See JDK-6483657
security-libs/javax.net.ssl
Modify requirements on Authority Key Identifier extension field
during X509 certificate chain building
The requirement to have the Authority Key Identifier (AKID) and
Subject Key Identifier (SKID) fields matching when building X509
certificate chains has been modified for some cases.
See JDK-8072463
hotspot/gc
Providing more granular levels for GC verification
This enhancement provides a way to specify more granular levels
for the GC verification enabled using the VerifyBeforeGC, VerifyAfterGC,
and VerifyDuringGC diagnostic options. It introduces a new diagnostic
option VerifySubSet with which one can specify the subset of the
memory system that should be verified.
With this new option, one or more sub-systems can be specified in
a comma separated string. Valid memory sub-systems are: threads,
heap, symbol_table, string_table, codecache, dictionary,
classloader_data_graph, metaspace, jni_handles, c-heap, and
codecache_oops.
During the GC verification, only the sub-systems specified using
VerifySubSet get verified:
D:\\tests>java -XX:+UnlockDiagnosticVMOptions -XX:+VerifyBeforeGC
-XX:VerifySubSet="threads,c-heap" -Xlog:gc+verify=debug Test
[0.095s][debug ][gc,verify] Threads
[0.099s][debug ][gc,verify] C-heap
[0.105s][info ][gc,verify] Verifying Before GC (0.095s, 0.105s) 10.751ms
[0.120s][debug ][gc,verify] Threads
[0.124s][debug ][gc,verify] C-heap
[0.130s][info ][gc,verify] Verifying Before GC (0.120s, 0.130s) 9.951ms
[0.148s][debug ][gc,verify] Threads
[0.152s][debug ][gc,verify] C-heap
If any invalid memory sub-systems are specified with VerifySubSet,
the Java process exits with the following error message:
D:\\tests>java -XX:+UnlockDiagnosticVMOptions -XX:+VerifyBeforeGC
-XX:VerifySubSet="threads,c-heap,hello" -Xlog:gc+verify=debug oom
Error occurred during initialization of VM VerifySubSet: 'hello'
memory sub-system is unknown, please correct it
See JDK-8072725
hotspot/compiler
Removed PICL warning message
In 8u40 and 7u80, a new feature was introduced to use the PICL
library on Solaris to get some system information. If this library
was not found, we printed an error message:
Java HotSpot(TM) Server VM warning: PICL (libpicl.so.1) is missing.
Performance will not be optimal.
This warning was misleading. Not finding the PICL library is a very
minor issue, and the warnings mostly lead to confusion. In this
release, the warning was removed.
See JDK-8144957
core-libs/javax.naming
Improved exception handling for bad LDAP referral replies
The JDK was throwing a NullPointerException when a non-compliant
REFERRAL status result was sent but no referral values were included.
With this change, a NamingException with message value of "Illegal
encoding: referral is empty" will be thrown in such circumstances.
See JDK-8149450 and JDK-8154304
Bug Fixes
The following are some of the notable bug fixes included in this
release:
security-libs/javax.net.ssl
Fix to resolve "Unable to process PreMasterSecret, may be too big"
issue
Recent JDK updates introduced an issue for applications that depend
on having a delayed provider selection mechanism. The issue was
introduced in JDK 8u71, JDK 7u95 and JDK 6u111. The main error seen
corresponded to an exception like the following :
handling exception: javax.net.ssl.SSLProtocolException: Unable to
process PreMasterSecret, may be too big
See JDK-8149017
This release also contains fixes for security vulnerabilities
described in the Oracle Java SE Critical Patch Update Advisory.
For a more complete list of the bug fixes included in this release,
see the JDK 8u102 Bug Fixes page.
|
|
|
|
which is resolved at runtime. Fixes build on SunOS at least.
|
|
Changelog:
Bug Fixes
The following table lists the bug fixes included in JDK 8u92 release:
Bug Id Category Subcategory Description
JDK-8041900 client-libs 2d [macosx] Java forces the use of discrete GPU
JDK-8132890 client-libs 2d Text Overlapping on Dot Matrix Printers
JDK-8132503 client-libs java.awt [macosx] Chinese full stop symbol cannot be entered with Pinyin IM on OS X
JDK-8138764 client-libs java.awt In some cases the usage of TreeLock can be replaced by other synchronization
JDK-8041501 client-libs javax.imageio ImageIO reader is not capable of reading JPEGs without JFIF header
JDK-8134828 client-libs javax.swing Scrollbar thumb disappears with Nimbus L&F
JDK-8131129 core-libs java.lang.invoke Attempt to define a duplicate BMH$Species class
JDK-8067800 core-libs java.time Clarify java.time.chrono.Chronology.isLeapYear for out of range years
JDK-8062901 core-libs java.util Iterators is spelled incorrectly in the Javadoc for Spliterator
JDK-8140587 core-libs java.util.concurrent Atomic*FieldUpdaters should use Class.isInstance instead of direct class check
JDK-8145539 core-libs java.util:collections (coll) AbstractMap.keySet and .values should not be volatile
JDK-8143297 core-libs jdk.nashorn Nashorn compilation time reported in nanoseconds
JDK-8143896 core-libs jdk.nashorn java.lang.Long is implicitly converted to double
JDK-8144020 core-libs jdk.nashorn Remove long as an internal numeric type
JDK-8144131 core-libs jdk.nashorn ArrayData.getInt implementations do not convert to int32
JDK-8146147 core-libs jdk.nashorn Java linker indexed property getter does not work for computed nashorn string
JDK-8147845 core-libs jdk.nashorn Varargs Array functions still leaking longs
JDK-8147857 core-svc javax.management RMIConnector logs attribute names incorrectly
JDK-8140244 core-svc tools Port fix of JDK-8075773 to AIX and possibly MacOSX
JDK-8139773 deploy Add more debug traces to deployment registration process (RegFx.cpp)
JDK-8142982 deploy Race Condition can cause CacheEntry.getJarSigningData() to return null.
JDK-8143294 deploy cookie handler can't get JSESSIONID on linux
JDK-8145217 deploy Fix GenericCookieHandlerTest
JDK-8143314 deploy packager Runtime not respected with INI-configuration while creating native bundle
JDK-8139389 deploy webstart Register a protocol handler for Java Webstart
JDK-6869327 hotspot compiler Add new C2 flag to keep safepoints in counted loops.
JDK-8058563 hotspot compiler InstanceKlass::_dependencies list isn't cleared from empty nmethodBucket entries
JDK-8080650 hotspot compiler Enable stubs to use frame pointers correctly
JDK-8129847 hotspot compiler Compiling methods generated by Nashorn triggers high memory usage in C2
JDK-8131782 hotspot compiler C1 Class.cast optimization breaks when Class is loaded from static final
JDK-8139421 hotspot compiler PPC64LE: MacroAssembler::bxx64_patchable kills register R12
JDK-8140483 hotspot compiler Atomic*FieldUpdaters final fields should be trusted
JDK-8144487 hotspot compiler PhaseIdealLoop::build_and_optimize() must restore major_progress flag if skip_loop_opts is true
JDK-8144935 hotspot compiler C2: safepoint is pruned from a non-counted loop
JDK-8145754 hotspot compiler PhaseIdealLoop::is_scaled_iv_plus_offset() does not match AddI
JDK-8065579 hotspot gc WB method to start G1 concurrent mark cycle should be introduced
JDK-8138966 hotspot gc Intermittent SEGV running ParallelGC
JDK-8145442 hotspot gc Add the facility to verify remembered sets for G1
JDK-8029630 hotspot runtime Thread id should be displayed as hex number in error report
JDK-8046611 hotspot runtime Build errors with gcc on sparc/fastdebug
JDK-8087120 hotspot runtime [GCC5] java.lang.StackOverflowError on Zero JVM initialization on non x86 platforms
JDK-8138745 hotspot runtime Implement ExitOnOutOfMemory and CrashOnOutOfMemory in HotSpot
JDK-8139258 hotspot runtime PPC64LE: argument passing problem when passing 15 floats in native call
JDK-8143963 hotspot runtime improve ClassLoader::trace_class_path to accept an additional outputStream* arg
JDK-8029726 hotspot svc On OS X some dtrace probe names are mismatched with Solaris
JDK-8029727 hotspot svc On OS X dtrace probes Call<type>MethodA/Call<type>MethodV are not fired.
JDK-8029728 hotspot svc On OS X dtrace probes SetStaticBooleanField are not fired
JDK-8130910 hotspot svc hsperfdata file is created in wrong directory and not cleaned up if /tmp/hsperfdata_<username> has wrong permissions
JDK-8140031 hotspot svc SA: Searching for a value in Threads does not work
JDK-8144885 hotspot svc agent/src/os/linux/libproc.h needs to support Linux/SPARC builds
JDK-8145099 hotspot svc Better error message when SA can't attach to a process
JDK-8074935 security-libs java.security jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
JDK-8139436 security-libs java.security sun.security.mscapi.KeyStore might load incomplete data
JDK-8064330 security-libs javax.net.ssl Remove SHA224 from the default support list if SunMSCAPI enabled
JDK-8131665 security-libs javax.net.ssl Bad exception message in HandshakeHash.getFinishedHash
JDK-8136442 security-libs javax.net.ssl Don't tie Certificate signature algorithms to ciphuites
JDK-8038184 security-libs javax.xml.crypto XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
JDK-8038349 security-libs javax.xml.crypto Signing XML with DSA throws Exception when key is larger than 1024 Exception when calling super with Object<>()
JDK-8066974 tools javac Compiler doesn't infer method's generic type information in lambda body
JDK-8068254 tools javac Method reference uses wrong qualifying type
JDK-8130506 tools javac javac Assertien invoking MethodHandle.invoke with lambda parameter
JDK-8134007 tools javac Improve string folding
JDK-8134759 tools javac jdb: Incorrect stepping inside finally block
JDK-8139751 tools javac Javac crash with -XDallowStringFolding=false
JDK-8145466 tools javac javac: No line numbers in compilation error
JDK-8145722 tools javadoc(tool) NullPointerException in javadoc
JDK-8133924 xml jaxp NPE may be thrown when xsltc select a non-existing node after JDK-8062518
|
|
Originally reported from abs@ on tech-pkg@.
From random(4) man page:
Applications should read from /dev/urandom when they need randomly
generated data, e.g. key material for cryptography or seeds for
simulations.
|
|
Might fix "ld: fatal: library -lXrender: not found" seen in SmartOS bulk build.
|
|
Changelog:
Fix following security vulnerabilities:
CVE-2016-0499
CVE-2015-4925
CVE-2016-0472
CVE-2015-4921
CVE-2016-0467
CVE-2016-0461
CVE-2015-4923
Bug fixes:
Bug Id Category Subcategory Description
JDK-8133917 client-libs Please backport X11FontManager refactor to Java 8!
JDK-8130136 client-libs 2d Swing window sometimes fails to repaint partially when it becomes exposed
JDK-8132850 client-libs 2d java.lang.ArrayIndexOutOfBoundsException during text rendering with many fonts installed
JDK-8137106 client-libs 2d EUDC (End User Defined Characters) are not displayed on Windows with Java 8u60+
JDK-8065081 client-libs demo Intermittent NPE in Java2Demo applet on Stop/Restart in appletviewer
JDK-8081485 client-libs java.awt EDT auto shutdown is broken in case of new event queue usage
JDK-8081787 client-libs java.awt [macosx] MalformedURLException is thrown during reading data for application/x-java-url;class=java.net.URL flavor
JDK-8086038 client-libs java.awt [macosx] No available data flavors when copying from Microsoft Word for Mac
JDK-8130776 client-libs java.awt Remove EmbeddedFrame.requestFocusToEmbedder() method
JDK-8132382 client-libs java.awt [macosx] Crash during JMC or JavaFX execution when NSApplication is controlled by SWT or JavaFX libraries
JDK-8136763 client-libs java.awt [macosx] java always returns only one value for "text/uri-list" dataflavor even if several files were copied
JDK-8134828 client-libs javax.swing Scrollbar thumb disappears with Nimbus L&F
JDK-8134917 client-libs javax.swing [macosx] JOptionPane doesn't receive mouse events when opened from a drop event
JDK-8134356 core-libs {@code} tag contains < and > sequences
JDK-8134569 core-libs Add tests for prototype callsites
JDK-8134939 core-libs Improve toString method of Dynalink DynamicMethod objects
JDK-8133249 core-libs java.io Occasional SIGSEGV: non thread-safe use of strerr in getLastErrorString
JDK-8073644 core-libs java.lang.invoke Assertion in LambdaFormEditor.bindArgumentType is too strict
JDK-8030785 core-libs java.lang:reflect Missing "since 1.8" javadoc for java.lang.reflect.Method:getParameterCount
JDK-8072466 core-libs java.net Deadlock when initializing MulticastSocket and DatagramSocket
JDK-8087190 core-libs java.net Regression in sun.net.util.IPAddressUtil.isIPv4LiteralAddress(String)
JDK-8133015 core-libs java.net InetAddress.isReachable(tmout) returning wrong value on Windows for IPv6
JDK-8143397 core-libs java.net It looks like InetAddress.isReachable(timeout) works incorrectly
JDK-6857566 core-libs java.nio (bf) DirectByteBuffer garbage creation can outpace reclamation
JDK-8029516 core-libs java.nio (fs) WatchKey cancel unreliable on Windows
JDK-8034057 core-libs java.nio Files.getFileStore and Files.isWritable do not work with SUBST'ed drives (win)
JDK-8080115 core-libs java.nio (fs) Crash in libgio when calling Files.probeContentType(path) from parallel threads
JDK-8130274 core-libs java.nio java/nio/file/FileStore/Basic.java fails when two successive stores in an iteration are determined to be equal
JDK-8133232 core-libs java.nio [fs] Regex has redundant | in the char class
JDK-8133647 core-libs java.nio (ch) Test java/nio/channels/AsynchronousSocketChannel/StressLoopback.java fails for Windows XP
JDK-8137121 core-libs java.nio (fc) Infinite loop FileChannel.truncate
JDK-8138819 core-libs java.nio (se) File descriptor leak when Selector.open fails
JDK-8081794 core-libs java.text ParsePosition getErrorIndex returns 0 for TimeZone parsing problem
JDK-8074032 core-libs java.time Instant.ofEpochMilli(millis).toEpochMilli() can throw arithmetic overflow in toEpochMilli()
JDK-8133022 core-libs java.time Instant.toEpochMilli() silently overflows
JDK-8139107 core-libs java.time DateTimeFormatter with Locale.UK throw a NullPointerException when parsing zone
JDK-6907252 core-libs java.util.jar ZipFileInputStream Not Thread-Safe
JDK-8038502 core-libs java.util.jar Deflater.needsInput() should use synchronization
JDK-8134505 core-libs java.util:i18n Cleanup of "TimeZone_md.c"
JDK-8129957 core-libs javax.naming Deadlock in JNDI LDAP implementation when closing the LDAP context
JDK-8027137 core-libs jdk.nashorn Merge ScriptFunction and ScriptFunctionImpl
JDK-8055917 core-libs jdk.nashorn jdk.nashorn.internal.codegen.CompilationPhase$N should be renamed to proper classes
JDK-8068901 core-libs jdk.nashorn Surprising behavior with more than one functional interface on a class
JDK-8068903 core-libs jdk.nashorn Can't invoke vararg @FunctionalInterface methods
JDK-8073613 core-libs jdk.nashorn Here documents: how to avoid string interpolation?
JDK-8073733 core-libs jdk.nashorn TypeError messages with "call" and "new" could be improved
JDK-8087292 core-libs jdk.nashorn nashorn should have a "fail-fast" option for scripting, analog to bash "set -e"
JDK-8087312 core-libs jdk.nashorn PropertyMapWrapper.equals should compare className
JDK-8114838 core-libs jdk.nashorn Anonymous functions escape to surrounding scope when defined under "with" statement
JDK-8129950 core-libs jdk.nashorn Wrong condition for checking absence of logger in MethodHandleFactory
JDK-8129959 core-libs jdk.nashorn DebugLogger has unnecessary API methods
JDK-8130234 core-libs jdk.nashorn Get rid of JSType.isNegativeZero
JDK-8130307 core-libs jdk.nashorn improve Nashorn Javadoc target
JDK-8130424 core-libs jdk.nashorn if directory specified with --dest-dir does not exist, only .class files are dumped and .js files are not
JDK-8130476 core-libs jdk.nashorn Remove unused methods in Global.java
JDK-8130663 core-libs jdk.nashorn 6 fields can be static fields in Global class
JDK-8130853 core-libs jdk.nashorn Non-extensible global is not handled property
JDK-8131039 core-libs jdk.nashorn after adding a function property to Object.prototype, JSON.parse with reviver function goes into infinite loop
JDK-8131340 core-libs jdk.nashorn Varargs function is recompiled each time it is linked
JDK-8131683 core-libs jdk.nashorn Delete fails over multiple scopes
JDK-8133119 core-libs jdk.nashorn Error message associated with TypeError for call and new should include stringified Node
JDK-8133300 core-libs jdk.nashorn Ensure symbol table immutability in Nashorn AST
JDK-8133785 core-libs jdk.nashorn SharedScopeCall should be enabled for non-optim call sites even with optimistic compilation
JDK-8134150 core-libs jdk.nashorn Make Nashorn Timing class both threadsafe and efficient
JDK-8134484 core-libs jdk.nashorn disallow backquotes as heredoc end marker delimiters
JDK-8134488 core-libs jdk.nashorn0 core-libs jdk.nashorn Dead var statement evacuation incorrectly descends into nested functions
JDK-8134502 core-libs jdk.nashorn introduce abstraction for basic NodeVisitor usage
JDK-8134609 core-libs jdk.nashorn Allow constructors with same prototoype e-libs jdk.nashorn Defer stack trace walking of NashornException for extracting line number and file name
JDK-8134931 core-libs jdk.nashorn jdk.nashorn.internal.codegen.TypeMap should not use Map
JDK-8134973 core-libs jdk.nashorn Control flow exceptions s
JDK-8135075 core-libs jdk.nashorn Reorder short-circuit tests in ApplySpecialization to run cheapest first
JDK-8135190 core-libs jdk.nashorn Method code too large in Babel browser.js script
JDK-8135262 core-libs jdk.nashorn Sanitize CodeInstaller and ComJDK-8135337 core-libs jdk.nashorn NativeDebug.dumpCounters with incorrect scope count
JDK-8136349 core-libs jdk.nashorn Typos patch for nashorn sources submitted on Sep 10, 2015
JDK-8136544 core-libs jdk.nashorn Call site switching to megamorphic causes incorrect property read
JDK-8136694 core-libs jdk.nashorn Megemorphic scope access does not throw ReferenceError when property is missing
JDK-8137258 core-libs jdk.nashorn JSObjectLinker and BrowserJSObjectLinker should not expose internal JS objects
JDK-8137281 core-libs jdk.nashorn OutOfMemoryError with large numeric keys in JSON.parse
JDK-8137333 core-libs jdk.nashorn Boundless soft caching of property map histories causes high memory pressure
JDK-8138616 core-libs jdk.nashorn invokeFunction fails if function calls a function defined in GLOBAL_SCOPE
JDK-8138632 core-libs jdk.nashorn Sparse array does not handle growth of underlying dense array
JDK-8074696 core-svc debugger Remote debugging session hangs for several minutes when calling findBootType
JDK-8074368 core-svc java.lang.management ThreadMXBean.getThreadInfo() corrupts memory when called with empty array for thread ids
JDK-8133666 core-svc java.lang.management OperatingSystemMXBean reports abnormally high machine CPU consumption on Linux
JDK-8075773 core-svc tools jps running as root fails after the fix of JDK-8050807
JDK-8139613 deploy push of backport of JDK-8081846 broke build
JDK-8138650 deploy packager Packager cannot bundle Mac App Store Apps because JavaFX WebKit uses apple private APIs
JDK-8133985 deploy plugin "Apply" button is permanently disabled in JCP, after roaming profile option is changed
JDK-8134109 deploy plugin Applet2Manager.getMainDeploymentRuleSet ignores jar version.
JDK-8134495 deploy plugin Cannot enable debugging on JNLP applet with java-vm-args params
JDK-7156268 deploy webstart app is stuck when launching with javaagent if there is no jre info in deployment.properties
JDK-8055464 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - java part
JDK-8056013 deploy webstart Web Start looks in currently directory for all classes prior to jars - slow
JDK-8077380 deploy webstart JNLPSigning exception when signed jnlp is launched from local tomcat server
JDK-8081846 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - Windows registration part
JDK-8135115 deploy webstart DRS1.3: App is not blocked when there is a invalid attribute in jnlp-checksum
JDK-8135227 deploy webstart DRS 1.3 enhancements doesn't work as expected when load no href jnlp by "javaws <local_path_of_jnlp_file>"
JDK-8136906 deploy webstart Extreme Application Startup Time due to frequent requests for the jnlp-6.0.dtd
JDK-8139323 deploy webstart JNLPSignedResourcesHelperTest shows regression caused by JDK-8129600
JDK-8140264 deploy webstart create junit test for JDK-8136906
JDK-8140740 deploy webstart Test jnlp_file/applicationDesc/index.html\#args is failing
JDK-8011858 hotspot compiler Use Compile::live_nodes() instead of Compile::unique() in appropriate places
JDK-8058737 hotspot compiler CodeCache::find_blob fails with 'unsafe access to zombie method'
JDK-8075805 hotspot compiler Crash while trying to release CompiledICHolder
JDK-8134031 hotspot compiler Incorrect JIT compilation of complex code with inlining and escape analysis
JDK-8134493 hotspot compiler Cleaning inline caches of unloaded nmethods should be done in sweeper
JDK-8133193 hotspot gc Memory leak in G1 because G1RootProcessor doesn't have desctructor
JDK-8029453 hotspot runtime java/util/concurrent/locks/ReentrantLock/TimeoutLockLoops.java failed by timeout
JDK-8135002 hotspot runtime Fix or remove broken links in objectMonitor.cpp comments
JDK-8139150 hotspot runtime ClassVerifier frees exception message while it's still in use
JDK-8140249 hotspot runtime JVM Crashing During startUp If Flight Recording is enabled
JDK-7194452 security-libs java.security Remove "Reverse" PKIX CertPathBuilder implementation
JDK-8130875 security-libs java.security Ucrypto library leaks memory when null output buffer is specified
JDK-8136534 security-libs java.security Loading JKS keystore using non-null InputStream results in closed stream
JDK-8132551 security-libs javax.crypto:pkcs11 Initialize local variables before returning them in p11_convert.c
JDK-8067422 tools javac Lambda method names are unnecessarily unstable
JDK-8071291 tools javac Compiler crashes trying to cast UnionType to IntersectionClassType
JDK-8073519 xml jaxb schemagen does not report errors while generating xsd files
|
|
because this is a GNU configure script and without it we do not get
config.{sub,guess} overrides.
Instead, pass --disable-option-checking to the configure script so that
unrecognized options that appear when using pkgsrc iconv are discarded.
|
|
|
|
Changelog:
From: https://www.java.com/en/download/faq/release_changes.xml
Java 8 Update 60 (8u60)
Release Highlights
IANA Data 2015e
JDK 8u60 contains IANA time zone data version 2015e. For more information, refer to Timezone Data Versions in the JRE Software.
Bug Fix: dns_lookup_realm should be false by default
The dns_lookup_realm setting in Kerberos' krb5.conf file is by default false. See 8080637.
Bug Fix: Disable RC4 cipher suites
RC4-based TLS ciphersuites (e.g. TLS_RSA_WITH_RC4_128_SHA) are now considered compromised and should no longer be used (see RFC 7465). Accordingly, RC4-based TLS ciphersuites have been deactivated by default in the Oracle JSSE implementation by adding "RC4" to "jdk.tls.disabledAlgorithms" security property, and by removing them from the default enabled ciphersuites list. These cipher suites can be reactivated by removing "RC4" form "jdk.tls.disabledAlgorithms" security property in the java.security file or by dynamically calling Security.setProperty(), and also readding them to the enabled ciphersuite list using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. You can also use the -Djava.security.properties command line option to override the jdk.tls.disabledAlgorithms security property. For example:
java -Djava.security.properties=my.java.security ...
where my.java.security is a file containing the property without RC4:
jdk.tls.disabledAlgorithms=SSLv3
Even with this option set from commandline, the RC4 based ciphersuites need to be re-added to the enabled ciphersuite list by using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. See 8076221.
Bug Fix: Support keystore type detection for JKS and PKCS12 keystores
Keystore Compatibility Mode: To aid interoperability, the Java keystore type JKS now supports keystore compatibility mode by default. This mode enables JKS keystores to access both JKS and PKCS12 file formats. To disable keystore compatibility mode set the Security property keystore.type.compat to the string value false. See 8062552.
Bug Fix: Deprecate Unsafe monitor methods in JDK 8u release
The methods monitorEnter, monitorExit and tryMonitorEnter on sun.misc.Unsafe are marked as deprecated in JDK 8u60 and will be removed in a future release. These methods are not used within the JDK itself and are very rarely used outside of the JDK. See 8069302.
Bug Fix: Extract JFR recording from the core file using SA
DumpJFR is a Serviceability Agent based tool that can be used to extract Java Flight Recorder(JFR) data from the core files and live Hotspot processes. DumpJFR can be used in one of the following methods:
Attach DumpJFR to a live process:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <pid>
Attach DumpJFR to a core file:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <java> <core>
DumpJFR tool dumps the JFR data to a file called recording.jfr in the current working folder. See 8065301 (not public).
Bug Fix: Local variables named 'enum' lead to spurious compiler crashes
The javac parser is incorrectly parsing local variables with name 'enum'; this results in spurious failures when a program containing such local variables is compiled with a 'source' flag corresponding to a release in which the enum construct is not available (such as '-source 1.4'). See 8069181.
Java Development Kit for ARM Release 8u60
This release includes Java Development Kit for ARM Release 8u60 (JDK 8u60 for ARM). For ARM device support information, see JDK for ARM Downloads page. For system requirements, installation instructions and troubleshooting tips, see Installation Instructions page.
Limitation: Native Memory Tracking support is limited in JDK for ARM. The java command line option XX:NativeMemoryTracking=detail is not supported for ARM targets (an error message is displayed to user). Instead, use the following option:
XX:NativeMemoryTracking=summary
Documentation Updates due to Nashorn Enhancements
JDK 8u60 includes new enhancements to Nashorn. As a result the following documentation changes should be read in conjunction with the current Nashorn documentation:
Addition: In the previous section, we mentioned that every JavaScript object when exposed to Java APIs implements the java.util.Map interface. This is true even for JavaScript arrays. However, this behavior is often not desired or expected when the Java code expects JSON-parsed objects. Java libraries that manipulate JSON-parsed objects usually expect arrays to expose the java.util.List interface instead. If you need to expose your JavaScript objects so that arrays are exposed as lists and not maps, you can use the Java.asJSONCompatible(obj) function, where obj is the root of your JSON object tree.
Correction: The caution mentioned at the end of Mapping Data Types section, is no longer applicable. Nashorn ensures that internal JavaScript strings are converted to java.lang.String when exposed externally.
Correction: The statement in the section Mapping Data Types, that mentions "For example, arrays must be explicitly converted,..." is not correct. Arrays are automatically converted to Java array types, such as java.util.List, java.util.Collection, java.util.Queue and java.util.Deque and so on.
Changes in Deployment Rule Set v1.2
JDK 8u60 implements Deployment Rule Set (DRS) 1.2, which includes the following changes:
Add "checksum" element as sub element of "id" which can allow unsigned jars to be identified by the SHA-256 checksum of the uncompressed form of a jar:
The "checksum" element will match only unsigned jars, and the given hash will be compared only against the uncompressed form of the jar.
The "checksum" element (similar to "certificate" element) has two arguments "hash" and "algorithm", however, unlike "certificate" element, the only supported value for "algorithm" is "SHA-256". Any other value provided will be ignored.
Allow "message" element to apply to all rule types, where previously it only applied to a block rule:
In a run rule, a message sub element will cause a message dialog to be displayed where without a run rule, the default behavior would be to show certificate or unsigned dialog. The message will be displayed in the message dialog.
In a default rule, the message will only be displayed if the default action is to block. In such a case the message will be included in the block dialog.
Echo "customer" blocks in the Java Console, trace files, and Java Usage Tracker records.
Previous to DRS 1.2, "customer" elements could be included (with any sub-elements) in the ruleset.xml file. This element and all its sub elements are ignored. In DRS 1.2, the elements are still functionally ignored. However:
When parsing the ruleset.xml file, all "customer" blocks will be echoed to the Java Console and deployment trace file (if Console and Tracing are enabled).
When using a rule, all "customer" records included within that rule will be added to the Java Usage Tracker (JUT) record (if JUT is enabled).
As a result of the above changes, the DTD for DRS 1.2 is as follows:
<!ELEMENT ruleset (rule*)>
<!ATTRIBUTE ruleset href CDATA #IMPLIED>
<!ATTRIBUTE ruleset version CDATA #REQUIRED>
<!ELEMENT rule (id, action)>
<!ELEMENT id (certificate?) (checksum?) >
<!ATTRIBUTE id title CDATA #IMPLIED>
<!ATTRIBUTE id location CDATA #IMPLIED>
<!ELEMENT certificate EMPTY>
<!ATTLIST certificate algorithm CDATA #IMPLIED>
<!ATTLIST certificate hash CDATA #REQUIRED>
<!ELEMENT checksum EMPTY>
<!ATTLIST checksum algorithm CDATA #IMPLIED>
<!ATTLIST checksum hash CDATA #REQUIRED>
<!ELEMENT action (message?)>
<!ATTRIBUTE permission (run | block | default) #REQUIRED>
<!ATTRIBUTE version CDATA #IMPLIED>
<!ATTRIBUTE force (true|false) "false">
<!ELEMENT message (#PCDATA)>
<!ATTLIST message locale CDATA #IMPLIED>
Java Expiration Date
The expiration date for 8u60 is October 20, 2015. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u60) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes
For a list of bug fixes included in this release, see JDK 8u60 Bug Fixes page.
|
|
|
|
|
|
This allows the JVM to work properly in a 2GB VA limit. Bump revision.
|
|
|
|
patches by jesse et al. Fixes build on SunOS.
|
|
will work comfortable within a 2GB limit.
|
|
|
|
My benchmark shows that they make the build at least 10% slower.
|
|
Bump.
|
|
No full changelog available but at least fixes the security issues noted
in the April 2015 Critical Patch Update from Oracle.
|
|
|
|
|
|
|
|
- don't use ALT_JDK_IMPORT_PATH on SunOS, just build like on other platforms
- regen all bootstraps to facilitate removal of the +UseSerialGC hacks
- bootstrap binaries on FTP are now PGP signed
- remove a handful of obsolete patches
|
|
feature test macros. Should fix "UINTPTR_MAX not declared" error.
|
|
|
|
For now, this should fix the spurious JVM initialization error:
"Unable to allocate XXX KB card tables for parallel garbage collection
for the requested YYY KB heap."
XXX: remember to remove all +UseSerialGC hacks after the bootstrap kits
have had a refresh.
|
|
|
|
- Run javac compiler in verbose mode so we get some indication of progress
- Fix compile errors when jdk-zero-vm and debug are both enabled
- Fix architecture names for ARM
- Use NetBSD atomic ops implementations on NetBSD/evbarm
- CreateJars.gmk: previous patch expanded to empty command, fix it for real
|
|
|
|
- add basic support for NetBSD/sparc64
- can use either cups-1.5 or cups-2.0 headers for build
- rerun configure after the 1st build pass, since boot jdk major changes
|
|
Bump PKGREVISION.
|
|
|
|
|
|
Open-source implementation of the Java Platform, Standard Edition.
|
