SECURITY: Fedora 33 Update: java-11-openjdk-11.0.10.0.9-0.fc33
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-5dcdf8b2b1
2021-02-05 01:57:58.090764
--------------------------------------------------------------------------------
Name : java-11-openjdk
Product : Fedora 33
Version : 11.0.10.0.9
Release : 0.fc33
URL : http://openjdk.java.net/
Summary : OpenJDK 11 Runtime Environment
Description :
The OpenJDK 11 runtime environment.
--------------------------------------------------------------------------------
Update Information:
# New in release OpenJDK 11.0.10 (2021-01-19): Live versions of these release
notes can be found at: * https://bitly.com/openjdk11010 *
https://builds.shipilev.net/backports-monitor/release-notes-11.0.10.txt ##
Security fixes * JDK-8247619: Improve Direct Buffering of Characters ## Other
changes * [JDK-8213821]( https://bugs.openjdk.java.net/browse/JDK-8213821):
-groupname Option Added to keytool Key Pair Generation e.g. `keytool -genkeypair
-keyalg EC -groupname secp384r1` *
[JDK-8248263]( https://bugs.openjdk.java.net/browse/JDK-8248263): jarsigner
Preserves POSIX File Permission and symlink Attributes *
[JDK-8225764]( https://bugs.openjdk.java.net/browse/JDK-8225764): Support for
X25519 and X448 in TLS * OpenJDK now uses the system HarfBuzz installation
instead of a bundled copy * Default to RSA when using keytool, as DSA is only
supported by the LEGACY crypto policy. * SystemTap directories are correctly
named on all supported architectures. * Class data sharing is now supported on
all architectures with a JIT (x86, x86_64, AArch64, ppc64, ppc64le, s390x,
armv7hl)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Andrew Hughes - 1:11.0.10.0.9-0
- Update to jdk-11.0.10.0+9
- Update release notes to 11.0.10.0+9
- Use JEP-322 Time-Based Versioning so we can handle a future 11.0.9.1-like release correctly.
- Still use 11.0.x rather than 11.0.x.0 for file naming, as the trailing zero is omitted from tags.
- Revert configure and built_doc_archive hacks to build 11.0.9.1 from 11.0.9.0 sources, and synced with RHEL version.
- Drop JDK-8250861, JDK-8222286 & JDK-8254177 as applied upstream
- Use system harfbuzz now this is supported.
- Update tarball generation script to use PR3818 which handles JDK-8171279 changes
- Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY
- Adjust RH1842572 RSA default patch due to context change from JDK-8213400
- Following JDK-8005165, class data sharing can be enabled on all JIT architectures
- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64)
- Need to support noarch for creating source RPMs for non-scratch builds.
- Include a test in the RPM to check the build has the correct vendor information.
- Update build documentation to reflect this is java-11-openjdk, not java-1.8.0-openjdk
- Cleanup debug package descriptions and version number placement.
- Remove redundant closure and immediate reopening of include_normal_build block.
- Fix location and comment differences from RHEL.
- Introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java or java is patched
- Patch600 rh1750419-redhat_alt_java.patch amended to die, if it is used wrongly
- Introduce ssbd_arches with currently only valid arch of x86_64 to separate real alt-java architectures
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-5dcdf8b2b1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
A java-11-openjdk security update has been released for Fedora 33.