Created by Matthias Klose on 2010-07-13 and last modified on 2018-04-02
Get this branch:
bzr branch lp:~openjdk/openjdk/openjdk7
Members of OpenJDK can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information


Recent revisions

622. By Matthias Klose on 2018-04-02

openjdk-7 (7u171-2.6.13-1) experimental; urgency=high

  [ Tiago Stürmer Daitx ]
  * IcedTea release 2.6.13 (based on 7u171). Closes: #891330.
  * Security fixes:
    - S8160104: CORBA communication improvements
    - S8172525, CVE-2018-2579: Improve key keying case
    - S8174756: Extra validation for public keys
    - S8175932: Improve host instance supports
    - S8176458: Revise default document styling
    - S8178449, CVE-2018-2588: Improve LDAP logins
    - S8178458: Better use of certificates in LDAP
    - S8178466: Better RSA parameters
    - S8179536: Cleaner print job handling
    - S8179990: Cleaner palette entry handling
    - S8180011: Cleaner native graphics device handling
    - S8180015: Cleaner AWT robot handling
    - S8180020: Improve SymbolHashMap entry handling
    - S8180433: Cleaner CLR invocation handling
    - S8180877: More deeply colored ICC spaces
    - S8181664: Improve JVM UTF String handling
    - S8181670: Improve implementation of keystores
    - S8182125, CVE-2018-2599: Improve reliability of DNS lookups
    - S8182387, CVE-2018-2603: Improve PKCS usage
    - S8182601, CVE-2018-2602: Improve usage messages
    - S8185292, CVE-2018-2618: Stricter key generation
    - S8185325, CVE-2018-2641: Improve GTK initialization
    - S8186080: Transform XML interfaces
    - S8186212, CVE-2018-2629: Improve GSS handling
    - S8186600, CVE-2018-2634: Improve property negotiations
    - S8186606, CVE-2018-2633: Improve LDAP lookup robustness
    - S8186867: Improve native glyph layouts
    - S8186998, CVE-2018-2637: Improve JMX supportive features
    - S8189284, CVE-2018-2663: More refactoring for deserialization cases
    - S8190289, CVE-2018-2677: More refactoring for client deserialization cases
    - S8191142, CVE-2018-2678: More refactoring for naming deserialization cases
  * Remove multiarch-support pre-dependency. Closes: #887858.

  [ Matthias Klose ]
  * Bump standards version.
  * Disable bootstrap on sid/buster, gcj is removed.
  * Remove Damien Raude-Morvan as uploader. Closes: #889378.

 -- Matthias Klose <email address hidden> Mon, 02 Apr 2018 10:36:32 +0200

621. By Matthias Klose on 2018-04-02

 7u161-2.6.12-1 upload

620. By Matthias Klose on 2017-11-23

  * Build-depend on g++-4.7 on wheezy. This is the default on some
    architectures such as amd64 or i386, but not on armhf or armel,
    which default to 4.6. There the build was working before because
    the bootstrap build pulled gcj-jdk, which depends on gcj-4.7-jdk
    and that in turn depends on g++-4.7. However since we have
    disabled the bootstrap build now, g++-4.7 is no longer installed
    on arm* builds, causing the build failure which couldn't be seen
    on amd64 (Emilio Pozuelo Monfort).

619. By Matthias Klose on 2017-11-23

  * Disable Hotspot workaround for Exec Shield (Debian only).
    Addresses: #876051.

618. By Matthias Klose on 2017-11-23

openjdk-7 (7u151-2.6.11-3) experimental; urgency=medium

  [ Matthias Klose ]
  * Disable bootstrap on wheezy, it currently fails due to the last round
    of 8u151 security patches (Emilio Pozuelo Monfort).

  [ Tiago Stürmer Daitx ]
  * debian/patches/hotspot-aarch64-S8145438-fix-field-too-big-for-insn.patch:
    the S8144028 fix was incomplete and followed up by S8145438; without it
    aarch64 JVM can fail with "Internal Error, failed: Field too big for

 -- Matthias Klose <email address hidden> Thu, 23 Nov 2017 16:37:21 +0100

617. By Matthias Klose on 2017-11-21

- 7u151-2.6.11-2 upload

616. By Matthias Klose on 2017-08-23

 - 7u151-2.6.11 upload

615. By Matthias Klose on 2017-05-20

openjdk-7 (7u131-2.6.9-3) experimental; urgency=medium

  * Only include the failing tests in the packages, not the whole test world.
  * openjdk-7-jdk: Provide openjdk-7-jdk-headless.

 -- Matthias Klose <email address hidden> Sat, 20 May 2017 15:52:17 -0700

614. By Matthias Klose on 2017-05-17

openjdk-7 (7u131-2.6.9-2) experimental; urgency=high

  [ Tiago Stürmer Daitx ]
  * Fix JDK regression introduced by 7u131 upgrade: (LP: #1691126)
    - d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch:
      fix "IllegalArgumentException: jdk.tls.namedGroups" backported
      from http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f5d0aadb4d1c

 -- Matthias Klose <email address hidden> Tue, 16 May 2017 21:42:12 -0700

613. By Matthias Klose on 2017-05-16

openjdk-7 (7u131-2.6.9-1) experimental; urgency=high

  [ Tiago Stürmer Daitx ]
  * IcedTea release 2.6.9 (based on 7u131):
  * Security fixes
    - S8167110, CVE-2017-3514: Windows peering issue.
    - S8163528, CVE-2017-3511: Better library loading.
    - S8169011, CVE-2017-3526: Resizing XML parse trees.
    - S8163520, CVE-2017-3509: Reuse cache entries.
    - S8171533, CVE-2017-3544: Better email transfer.
    - S8170222, CVE-2017-3533: Better transfers of files.
    - S8171121, CVE-2017-3539: Enhancing jar checking.
    - S8172299: Improve class processing.
  * debian/compat: updated from 5 to 9.
  * debian/watch: using watch version 4 to download both icedtea and
    icedtea-sound. LP: #1642420.
  * debian/repack: simplified tarball download.
  * debian/rules:
    - removed 8u121 patches as they have been applied to 7u131.
    - building icedtea-sound on build/ directory
    - replaced 'dh_strip -k' calls by dh_prep
    - have the 'build' rule depend on 'debian/control' rule to force
      failure if debian/control gets regenerated.
    - added file 'security/blacklisted.cert' to be copied to etc dir
      (introduced by S8011402).
    - simplified build dependencies.
    - removed jtreg's xvfb-run call since icedtea takes care of calling it.
    - removed window manager as there are no additional significant failures
      on the jdk tests when not running one.
    - re-enabled jdk jtreg tests.
    - removed lpia arch.
    - use fonts-wqy-microhei and fonts-wqy-zenhei instead of transitional
      package names.
    - drop Recommends on obsolete GNOME libraries so they are not in a
      default GNOME desktop installation (Simon McVittie). Closes: #850270.
      + sun.net.spi.DefaultProxySelector prefers libglib2.0-0 (>= 2.24)
        over obsolete libgconf2-4.
      + sun.nio.fs.GnomeFileTypeDetector prefers libglib2.0-0 (>= 2.24)
        over libgnomevfs-2-0.
      + sun.xawt.awt_Desktop prefers libgtk2.0-0 (>= 2.14) over
  * debian/control.in: added static build dependencies as their previous
    selection logic in debian/rules is no longer required.
  * debian/control: regenerated.
  * debian/patches/icedtea-sound.diff: removed, now packing icedtea-sound
    1.0.1 which includes those fixes.
  * debian/upstream/signing-key.asc: add new signing key.

  [ Matthias Klose ]
  * Remove obsolete changelog entries from previous release.

 -- Matthias Klose <email address hidden> Tue, 16 May 2017 13:49:35 -0700

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.