Changelog |
* Wed Jan 17 2024 Release Engineering <releng@rockylinux.org> - 21.0.2.0.13-1
- Build for Rocky Linux 8
* Tue Jan 09 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.2.0.13-1
- Update to jdk-21.0.2+13 (GA)
- Update release notes to 21.0.2+13
- Drop no longer needed local patch to fix versioning
- ** This tarball is embargoed until 2024-01-16 @ 1pm PT. **
* Mon Jan 08 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.2.0.12-1
- Update to jdk-21.0.2+12 (GA)
- Update release notes to 21.0.2+12
- ** This tarball is embargoed until 2024-01-16 @ 1pm PT. **
* Sat Jan 06 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.2.0.11-1
- Update to jdk-21.0.2+11 (GA)
- Update release notes to 21.0.2+11
- Bump libpng version to 1.6.40 following JDK-8316030
- Bump HarfBuzz version to 8.2.2 following JDK-8313643
- Drop local JDK-8311630 patch which is now upstream
- Locally patch versioning to be 21.0.2 released on 2014-01-16
- ** This tarball is embargoed until 2024-01-16 @ 1pm PT. **
* Mon Nov 06 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.1.0.12-2
- Include JDK-8311630 patch to implement Foreign Function & Memory preview API on s390x
* Sun Oct 29 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.1.0.12-1
- Update to jdk-21.0.1.0+12 (GA)
- Update release notes to 21.0.1.0+12
- Update openjdk_news script to specify subdirectory last
- Add missing discover_trees script required by openjdk_news
- Synchronise bundled versions with 21u sources (FreeType, LCMS, HarfBuzz, libpng)
- Sync generate_tarball.sh with 11u & 17u version
- Update bug URL for RHEL to point to the Red Hat customer portal
- Fix upstream release URL for OpenJDK source
- Update buildjdkver to match the featurever
- Re-enable SystemTap support and perform only substitutions possible without final NVR available
- Fix typo which stops the EA designator being included in the build
- Include tapsets in the miscellaneous tarball
- Drop unused globals for tapset installation
- Rebuild jmods using the stripped binaries in release builds
- Make sure the unstripped JDK is customised by the installjdk function
* Sat Oct 28 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:21.0.0.0.35-1
- Update to jdk-21.0.0+35
- Update release notes to 21.0.0+35
- Update documentation (README.md)
- Update system crypto policy & FIPS patch from new fips-21u tree
- Update generate_tarball.sh to sync with upstream vanilla script inc. no more ECC removal
- Drop fakefeaturever now it is no longer needed
- Hardcode buildjdkver while the build JDK is not yet 21
- Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball
- Use upstream release URL for OpenJDK source
- Re-enable tzdata tests now we are on the latest JDK and things are back in sync
- Fix trailing '.' in tarball name
- Use rpmrelease in vendor version to avoid inclusion of dist tag
- Replace alt-java patch with a binary separate from the JDK
- Drop stale patches that are of little use any more:
- * nss.cfg has been disabled since early PKCS11 work and long superseded by FIPS work
- * No accessibility subpackage to warrant RH1648242 patch any more
- * No use of system libjpeg turbo to warrant RH649512 patch any more
- Replace RH1684077 pcsc-lite-libs patch with better JDK-8009550 fix being upstreamed
* Sat Oct 28 2023 Petra Alice Mikova <pmikova@redhat.com> - 1:21.0.0.0.35-1
- Replace smoke test files used in the staticlibs test, as fdlibm was removed by JDK-8303798
- Related: rhbz#2192749
* Fri Oct 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:20.0.2.0.9-1.1
- Update to jdk-20.0.2+9
- Update release notes to 20.0.2+9
- Update system crypto policy & FIPS patch from new fips-20u tree
- Update generate_tarball.sh ICEDTEA_VERSION
- Update CLDR reference data following update to 42 (Rocky Mountain-Normalzeit => Rocky-Mountain-Normalzeit)
- Related: rhbz#2192749
* Fri Oct 27 2023 Jiri Vanek <jvanek@redhat.com> - 1:20.0.0.0.36-1
- Dropped JDK-8295447, JDK-8296239 & JDK-8299439 patches now upstream
- Adapted rh1750419-redhat_alt_java.patch
- Related: rhbz#2192749
* Fri Oct 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:19.0.1.0.10-1
- Update to jdk-19.0.2 release
- Update release notes to 19.0.2
- Rebase FIPS patches from fips-19u branch
- Remove references to sample directory removed by JDK-8284999
- Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag
- Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases
- Related: rhbz#2192749
* Tue Oct 24 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:18.0.2.0.9-1
- Update to jdk-18.0.2 release
- Update release notes to actually reflect OpenJDK 18
- Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so in the server directory
- Rebase FIPS patches from fips-18u branch
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Automatically turn off building a fresh HotSpot first, if the bootstrap JDK is not the same major version as that being built
- Drop tzdata patches added for 17.0.7 which will eventually appear in the upstream tarball when we reach OpenJDK 21
- Switch bootjdkver to java-21-openjdk
- Disable tzdata tests until we are on the latest JDK and things are back in sync
- Drop bootstrap JDKs and use the java-21-openjdk-rhel7 build
- Related: rhbz#2192749
* Tue Oct 24 2023 Petra Alice Mikova <pmikova@redhat.com> - 1:18.0.0.0.37-1
- Update to ea version of jdk18
- Adjust rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
* Tue Aug 22 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-2
- Define architectures we build on to avoid those without DTS 10 (e.g. s390)
* Tue Aug 22 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-2
- Switch to DTS 10
- Related: rhbz#2192749
* Mon May 15 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-2
- Create java-21-openjdk-portable package based on java-17-openjdk-portable
- Related: rhbz#2192749
* Thu Apr 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-1
- Update to jdk-17.0.7.0+7
- Update release notes to 17.0.7.0+7
- Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113
- Reintroduce generate_source_tarball.sh from RHEL 9
- Update generate_tarball.sh to add support for passing a boot JDK to the configure run
- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace
- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs
- Update FIPS support against 17.0.7+6 and bring in latest changes:
- * RH2134669: Add missing attributes when registering services in FIPS mode.
- * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class
- * RH1940064: Enable XML Signature provider in FIPS mode
- * RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized
- ** This tarball is embargoed until 2023-04-18 @ 1pm PT. **
- Resolves: rhbz#2185182
- Resolves: rhbz#2134669
- Resolves: rhbz#1940064
- Resolves: rhbz#2173781
* Tue Feb 21 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-6
- Add docs, icons and samples to the portable output
- Make sure generated checksums work and don't include full path
- The docs directory is a subdirectory of images, so remove confusing separate copying
* Wed Feb 15 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-5
- Build with internal debuginfo as in RHEL and then create a stripped variant ourselves for the portable release build
- Restore compiler flags to those used in RHEL
- Drop unused static library patch
- Drop syslookup workaround which was fixed by JDK-8276572 over a year ago
* Tue Feb 14 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-4
- Separate JDK packaging into a separate function
- Use variables to make it clearer what is going on
- Use a package output directory as we do for building and installing
- Workaround missing manpage directory in the JRE image
* Sun Feb 12 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-3
- Adapt the portable build to use the same system library handling as RHEL builds
* Sat Jan 14 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-3
- Add missing release note for JDK-8295687
- Resolves: rhbz#2160111
* Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-2
- Update FIPS support to bring in latest changes
- * Add nss.fips.cfg support to OpenJDK tree
- * RH2117972: Extend the support for NSS DBs (PKCS11) in FIPS mode
- * Remove forgotten dead code from RH2020290 and RH2104724
- * OJ1357: Fix issue on FIPS with a SecurityManager in place
- Drop local nss.fips.cfg.in handling now this is handled in the patched OpenJDK build
- Resolves: rhbz#2118493
* Fri Jan 13 2023 Stephan Bergmann <sbergman@redhat.com> - 1:17.0.6.0.10-2
- Fix flatpak builds by disabling TestTranslations test due to missing tzdb.dat
- Related: rhbz#2160111
* Wed Jan 11 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-1
- Update to jdk-17.0.6.0+10
- Update release notes to 17.0.6.0+10
- Re-enable EA upstream status check now it is being actively maintained.
- Drop JDK-8294357 (tzdata2022d) & JDK-8295173 (tzdata2022e) local patches which are now upstream
- Drop JDK-8275535 local patch now this has been accepted and backported upstream
- Drop local copy of JDK-8293834 now this is upstream
- Require tzdata 2022g due to inclusion of JDK-8296108, JDK-8296715 & JDK-8297804
- Update TestTranslations.java to test the new America/Ciudad_Juarez zone
- ** This tarball is embargoed until 2023-01-17 @ 1pm PT. **
- Resolves: rhbz#2160111
* Sat Oct 15 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-2
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
- Update CLDR data with Europe/Kyiv (JDK-8293834)
- Drop JDK-8292223 patch which we found to be unnecessary
- Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream
- Related: rhbz#2160111
* Thu Oct 13 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-1
- Update to jdk-17.0.5+8 (GA)
- Update release notes to 17.0.5+8 (GA)
- Switch to GA mode for final release.
- * This tarball is embargoed until 2022-10-18 @ 1pm PT. *
- Resolves: rhbz#2133695
* Fri Sep 02 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-2
- Update FIPS support to bring in latest changes
- * RH2023467: Enable FIPS keys export
- * RH2104724: Avoid import/export of DH private keys
- * RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode
- * Build the systemconf library on all platforms
- * RH2048582: Support PKCS#12 keystores
- * RH2020290: Support TLS 1.3 in FIPS mode
- Resolves: rhbz#2123579
- Resolves: rhbz#2123580
- Resolves: rhbz#2123581
- Resolves: rhbz#2123583
- Resolves: rhbz#2123584
* Sun Aug 21 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.1.1-1
- Added a missing change to portable NEWS file from upstream.
* Sun Aug 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-1
- Update to jdk-17.0.4.1+1
- Update release notes to 17.0.4.1+1
- Add patch to provide translations for Europe/Kyiv added in tzdata2022b
- Add test to ensure timezones can be translated
- Resolves: rhbz#2119532
* Mon Jul 18 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.8-1
- Commented out: fipsver f8142a23d0a which was from rhel-9-main
- Picked 17.0.4+8 GA tag from rhel-9.0.0
- For Jul 2022 CPU fipsver is 765f970aef1 on rhel-9.0.0
* Mon Jul 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-1
- Update to jdk-17.0.4.0+8 (GA)
- Update release notes to 17.0.4.0+8
- Need to include the '.S' suffix in debuginfo checks after JDK-8284661
- Switch to GA mode for release
- ** This tarball is embargoed until 2022-07-19 @ 1pm PT. **
* Thu Jul 14 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.1-0.2.ea
- Fix issue where CheckVendor.java test erroneously passes when it should fail.
- Add proper quoting so '&' is not treated as a special character by the shell.
- Related: rhbz#2084779
* Tue Jul 12 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.1-0.1.ea
- Tweaked line to print release information for portable
* Tue Jul 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.1-0.1.ea
- Update to jdk-17.0.4.0+1
- Update release notes to 17.0.4.0+1
- Switch to EA mode for 17.0.4 pre-release builds.
- Print release file during build, which should now include a correct SOURCE value from .src-rev
- Update tarball script with IcedTea GitHub URL and .src-rev generation
- Include script to generate bug list for release notes
- Update tzdata requirement to 2022a to match JDK-8283350
- Move EA designator check to prep so failures can be caught earlier
- Make EA designator check non-fatal while upstream is not maintaining it
- Related: rhbz#2084218
* Thu Jun 30 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.3.0.7-8
- Comment line for portable: System security properties to be off by default
* Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@redhat.com> - 1:17.0.3.0.7-8
- RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode
- Resolves: rhbz#2102433
* Wed Jun 29 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.3.0.7-7
- System security properties are disabled by default on portable.
- Commented out lines which are not applicable for portable.
* Wed Jun 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-7
- Update FIPS support to bring in latest changes
- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
- * RH2090378: Revert to disabling system security properties and FIPS mode support together
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Enable system security properties in the RPM (now disabled by default in the FIPS repo)
- Improve security properties test to check both enabled and disabled behaviour
- Run security properties test with property debugging on
- Resolves: rhbz#2099844
- Resolves: rhbz#2100677
* Tue Jun 28 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.3.0.7-6
- Removed upstreamed patch2001: aqaCheckSecurityAndProviderFileSocketPermissions.patch
* Sun Jun 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-6
- Rebase FIPS patches from fips-17u branch and simplify by using a single patch from that repository
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- RH2023467: Enable FIPS keys export
- RH2094027: SunEC runtime permission for FIPS
- Resolves: rhbz#2029657
- Resolves: rhbz#2096117
* Wed May 25 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5
- Exclude s390x from the gdb test on RHEL 7 where we see failures with the portable build
* Tue May 24 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.3.0.7-4
- to pass aqa, fixing genuie failure in :
- java/lang/SecurityManager/CheckAccessClassInPackagePermissions.java#CheckAccessClassInPackagePermissions
- javax/xml/crypto/dsig/FileSocketPermissions.java#FileSocketPermissions
- added and applied patch2001: aqaCheckSecurityAndProviderFileSocketPermissions.patch
- this, properly named, patch must go to all our jdk17 builds, and to the fips repo
* Thu May 19 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.3.0.7-3
- to pass aqa:
- removed copy system tzdb in favour of in-tree
- removed Patch2: rh1648644-java_access_bridge_privileged_security.patch
- This is not intended to release untill we decide proper steps
* Thu May 19 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.3.0.7-2
- Include BOOT_JDK for s390x for portable
- BOOT_JDK downlaoded form hydra as
java-17-temurin-17.0.3.7-0.private.ojdk17~upstream.hotspot.release.sdk.el7.s390x.tarxz
and renamed
- Added cosmetic changes to bypass a failure for s390x
* Wed Apr 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-1
- April 2022 security update to jdk 17.0.3+7
- Remove JDK-8284548 and JDK-8284920 they are upstreamed now
- Resolves: rhbz#2073579
* Sat Apr 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.6-3
- Add JDK-8284920 fix for XPath regression
- Related: rhbz#2073575
* Fri Apr 15 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.6-2
- Remove the patch jdk8283911-default_promoted_version_pre.patch which missed in previous commit
- JDK-8275082 should be listed as also resolving JDK-8278008 & CVE-2022-21476
- Related: rhbz#2073575
* Mon Apr 11 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.6-1
- April 2022 security update to jdk 17.0.3+6
- Update to jdk-17.0.3.0+6 pre-release tarball (17usec.17.0.3+5-220408)
- Add JDK-8284548 regression fix missing from pre-release tarball but in jdk-17.0.3+6/jdk-17.0.3-ga
- Update release notes to 17.0.3.0+6
- Add missing README.md and generate_source_tarball.sh
- Introduce tests/tests.yml, based on the one in java-11-openjdk
- JDK-8283911 patch no longer needed now we're GA...
- Switch to GA mode for release
- ** This tarball is embargoed until 2022-04-19 @ 1pm PT. **
- Resolves: rhbz#2073575
* Wed Apr 06 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.5-0.1.ea
- Update to jdk-17.0.3.0+5
- Update release notes to 17.0.3.0+5
- Resolves: rhbz#2050460
* Tue Mar 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.1-0.1.ea
- Update to jdk-17.0.3.0+1
- Update release notes to 17.0.3.0+1
- Switch to EA mode for 17.0.3 pre-release builds.
- Add JDK-8283911 to fix bad DEFAULT_PROMOTED_VERSION_PRE value
- Related: rhbz#2050456
* Mon Feb 28 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.2.0.8-10
- Update icedtea_sync.sh with suitable message for portable
* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-10
- Restructure the build so a minimal initial build is then used for the final build (with docs)
- This reduces pressure on the system JDK and ensures the JDK being built can do a full build
- Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le.
- Handle Fedora in distro conditionals that currently only pertain to RHEL.
- Run OpenJDK normalizer script on the spec file to fix further rogue whitespace
- Sync gdb test with java-1.8.0-openjdk and improve architecture restrictions.
- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64)
- Need to support noarch for creating source RPMs for non-scratch builds.
- Replace -mstackrealign with -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4 on x86_32 for stack alignment
- Support a HotSpot-only build so a freshly built libjvm.so can then be used in the bootstrap JDK.
- Explicitly list JIT architectures rather than relying on those with slowdebug builds
- Disable the serviceability agent on Zero architectures even when the architecture itself is supported
- Resolves: rhbz#2022822
* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-9
- Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode
- Correction to previous changelog entry
- Resolves: rhbz#2052070
* Sun Feb 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-8
- Detect NSS at runtime for FIPS detection
- Resolves: rhbz#2051605
* Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-7
- Add JDK-8275535 patch to fix LDAP authentication issue.
- Resolves: rhbz#2053521
* Tue Feb 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-6
- Minor cosmetic improvements to make spec more comparable between variants
- Related: rhbz#2022822
* Thu Feb 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-5
- Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes (_heap->_heaps) and @JAVA_SPEC_VER@
- Related: rhbz#2022822
* Thu Feb 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-4
- Extend LTS check to exclude EPEL.
- Related: rhbz#2022822
* Tue Jan 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-3
- Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent
* Mon Jan 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-2
- Fix FIPS issues in native code and with initialisation of java.security.Security
- Related: rhbz#2039366
* Wed Jan 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-1
- January 2022 security update to jdk 17.0.2+8
- Rebase RH1995150 & RH1996182 patches following JDK-8275863 addition to module-info.java
- Resolves: rhbz#2039366
- Minor change to the OUTPUT_FILE value to separate the name from the version with '-'
* Mon Nov 29 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.1.0.12-3
- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy
secmod.db file as part of nss
- Resolves: rhbz#2023537
* Tue Oct 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-2
- Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1
- October CPU update to jdk 17.0.1+12
- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false
- Add patch to allow plain key import.
* Mon Oct 25 2021 Jiri Vanek <jvanek@redhat.com> - 1:17.0.0.0.35-5
- cacerts symlink is resolved before passed to configure
- https://issues.redhat.com/browse/OPENJDK-487
- Disable FIPS mode detection using NSS in favour of using /proc/sys/crypto/fips_enabled for now, so we don't link against NSS
-- effectively disabled Patch1008: rh1929465-improve_system_FIPS_detection.patch by settng --enable-sysconf-nss to --disable-sysconf-nss
-- the enable-sysconf-nss was bringing in hard depndence on nss. Without nss, even in non fips, jvm had not even started
* Thu Sep 30 2021 Jiri Vanek <jvanek@redhat.com> - 1:17.0.0.0.35-4
- initial import, based on jdk11 portbale, merged with jdk17 rpms and java-latest-openjdk for epel7
|