openjdk team mailing list archive

Thread
Date
[Bug 1735482] Re: OpenJDK JRE should be ported to GTK3

To: openjdk@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1735482@xxxxxxxxxxxxxxxxxx>
Date: Fri, 16 Mar 2018 05:32:04 -0000
Reply-to: Bug 1735482 <1735482@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package openjdk-8 - 8u162-b12-1

---------------
openjdk-8 (8u162-b12-1) unstable; urgency=high

  [ Tiago Stürmer Daitx ]
  * Update to 8u162-b12. Hotspot 8u162-b12 for aarch32 and 8u161-b16
    for aarch64 (wth 8u162-b12 patches).
  * Security updates:
    - CVE-2018-2633,S8186606: Improve LDAP lookup robustness.
    - CVE-2018-2637,S8186998: Improve JMX supportive features.
    - CVE-2018-2634,S8186600: Improve property negotiations.
    - CVE-2018-2582,S8174962: Better interface invocations.
    - CVE-2018-2641,S8185325: Improve GTK initialization.
    - CVE-2018-2618,S8185292: Stricter key generation.
    - CVE-2018-2629,S8186212: Improve GSS handling.
    - CVE-2018-2603,S8182387: Improve PKCS usage.
    - CVE-2018-2599,S8182125: Improve reliability of DNS lookups.
    - CVE-2018-2602,S8182601: Improve usage messages.
    - CVE-2018-2588,S8178449: Improve LDAP logins.
    - CVE-2018-2678,S8191142: More refactoring for naming deserialization
      cases.
    - CVE-2018-2677,S8190289: More refactoring for client deserialization
      cases.
    - CVE-2018-2663,S8189284: More refactoring for deserialization cases.
    - CVE-2018-2579,S8172525: Improve key keying case.
  * d/p/aarch64-hotspot-8u162-b12.patch: update aarch64 hotspot to 8u162-b12.
  * d/p/icedtea-4953367.patch: removed, fixed upstream by "S8136570: Stop
    changing user environment variables related to /usr/dt".
  * d/p/gcc6.diff: removed, fixed upstream.
  * d/p/jdk-getAccessibleValue.diff: updated, removed chunks fixed upstream
    by "S8076249: NPE in AccessBridge while editing JList model" and
    "S8145207: [macosx] JList, VO can't access non-visible list items".
  * d/p/openjdk-ppc64el-S8170153.patch, d/p/8164293.diff,
    d/p/hotspot-ppc64el-S8145913-montgomery-multiply-intrinsic.patch,
    d/p/hotspot-ppc64el-S8168318-cmpldi.patch,
    d/p/hotspot-ppc64el-S8170328-andis.patch,
    d/p/hotspot-ppc64el-S8175813-mbind-invalid-argument.patch,
    d/p/hotspot-ppc64el-S8181055-use-numa-v2-api.patch,
    d/p/hotspot-ppc64el-S8181810-leverage-extrdi.patch: removed,
    applied upstream.
  * d/rules, d/control: depend on GKT3 instead of GTK2 for newer releases.
    LP: #1735482.
  * d/rules: wait 10 seconds before issuing SIGKILL to buildwatch.
  * d/buildwatch.sh: find hs_err files and cat them to help debugging build
    failures.
  * S8173853: IllegalArgumentException in java.awt.image.ReplicateScaleFilter.
    LP: #8173853.

  [ Matthias Klose ]
  * Disable Hotspot workaround for Exec Shield (Debian only).
    Closes: #876051.
  * Fix some lintian warnings.

 -- Matthias Klose <doko@xxxxxxxxxx>  Thu, 15 Mar 2018 18:19:50 +0100

** Changed in: openjdk-8 (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2579

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2582

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2588

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2599

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2602

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2603

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2618

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2629

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2633

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2634

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2637

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2641

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2663

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2677

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-2678

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-8 in Ubuntu.
https://bugs.launchpad.net/bugs/1735482

Title:
  OpenJDK JRE should be ported to GTK3

Status in openjdk-10 package in Ubuntu:
  New
Status in openjdk-8 package in Ubuntu:
  Fix Released
Status in openjdk-9 package in Ubuntu:
  New

Bug description:
  As requested by doko, I'm filing this tracking bug.

  Both openjdk-8-jre and openjdk-9-jre depend on libgtk2.0-0 which is
  blocking the demotion of gtk2 to universe.

  GTK3 has been in long-term stable support status since the 3.22
  release in September 2016. Since then, gtk2 has gotten one bugfix
  release (in early 2018).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-10/+bug/1735482/+subscriptions
References

[Bug 1735482] [NEW] OpenJDK JRE should be ported to GTK3
From: Jeremy Bicha, 2017-11-30