Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

My Favourites

Slackware

Calendar

October 2014
M T W T F S S
« Sep    
 12345
6789101112
13141516171819
20212223242526
2728293031  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

Meta

OpenJDK 7u51 (created with IcedTea 2.4.4).

Released today: new versions of IcedTea. It usually takes a while for an announcement to appear on Andrew’s blog, but the mailing list announcement was enough for me. Not quite unexpected, since Oracle was huffing and puffing yesterday when the company joined other security-challenged companies like Microsoft and Adobe in what’s lovingly called “patch tuesday“, so I was kind of expecting an OpenJDK follow-up. The flurry of patches that I saw today was a sure sign.

So I got to compile OpenJDK 7u51 using the IcedTea 2.4.4 framework. As with every Java release, this one fixes a slew of security holes. Let me say in full, “Update 51 Build 00” of OpenJDK 7  addresses these issues:

* Security fixes
  - S6727821: Enhance JAAS Configuration
  - S7068126, CVE-2014-0373: Enhance SNMP statuses
  - S8010935: Better XML handling
  - S8011786, CVE-2014-0368: Better applet networking
  - S8021257, S8025022, CVE-2013-5896 : com.sun.corba.se.** should be on restricted package list 
  - S8021271, S8021266, CVE-2014-0408: Better buffering in ObjC code 
  - S8022904: Enhance JDBC Parsers
  - S8022927: Input validation for byte/endian conversions
  - S8022935: Enhance Apache resolver classes
  - S8022945: Enhance JNDI implementation classes
  - S8023057: Enhance start up image display
  - S8023069, CVE-2014-0411: Enhance TLS connections
  - S8023245, CVE-2014-0423: Enhance Beans decoding
  - S8023301: Enhance generic classes
  - S8023338: Update jarsigner to encourage timestamping
  - S8023672: Enhance jar file validation
  - S8024302: Clarify jar verifications
  - S8024306, CVE-2014-0416: Enhance Subject consistency
  - S8024530: Enhance font process resilience
  - S8024867: Enhance logging start up
  - S8025014: Enhance Security Policy
  - S8025018, CVE-2014-0376: Enhance JAX-P set up
  - S8025026, CVE-2013-5878: Enhance canonicalization
  - S8025034, CVE-2013-5907: Improve layout lookups
  - S8025448: Enhance listening events
  - S8025758, CVE-2014-0422: Enhance Naming management
  - S8025767, CVE-2014-0428: Enhance IIOP Streams
  - S8026172: Enhance UI Management
  - S8026176: Enhance document printing
  - S8026193, CVE-2013-5884: Enhance CORBA stub factories
  - S8026204: Enhance auth login contexts
  - S8026417, CVE-2013-5910: Enhance XML canonicalization
  - S8026502: java/lang/invoke/MethodHandleConstants.java fails on all platforms
  - S8027201, CVE-2014-0376: Enhance JAX-P set up
  - S8029507, CVE-2013-5893: Enhance JVM method processing
  - S8029533: REGRESSION: closed/java/lang/invoke/8008140/Test8008140.java fails agains

* Bug fixes
  - PR1618: Include defs.make in vm.make so VM_LITTLE_ENDIAN is defined on Zero builds
  - D729448: 32-bit alignment on mips and mipsel
  - PR1623: Collision between OpenJDK 6 & 7 classes when bootstrapping with OpenJDK 6

Please update your installed openjdk or openjre packages with this new version! You’ll notice that browsers like Firefox and Chrome/Chromium no longer load Java applets by default and ask you for explicit approval to load and run them.

I tested as usual whether jMol and Minecraft (both standalone Java applications) were still working – they do! And again testing the browser plugin was a challenge. Orcacle’s java checker did not work… after the icedtea-web plugin itself loaded properly:

javacheck

This time the plugin triggered an error “net.sourceforge.jnlp.LaunchException: Fatal: Application Error: Unknown Main-Class. Could not determine the main class for this application.” The test at javatester.org was fine though.

Get my packages – they have been compiled on Slackware 13.37 and are usable on 13.37 as well as 14.0, 14.1 and -current! Get them preferably from a mirror site (faster downloads):

Further packages that are recommended/required:

  • Optional: If you want a Java browser-plugin you must install icedtea-web (OpenJDK itself does not contain such a plugin).
  • Required: The rhino package is a dependency of the openjdk/openjre package. It contains the JavaScript engine for OpenJDK.

Note that you should only install one of the two packages, either openjdk or openjre, do not install both at the same time or things will break! The openjdk package contains the jre (java runtime) as well as the java development kit.

Eric

Comments

Comment from Jen
Posted: January 15, 2014 at 20:29

I, and my nieces who also play on my minecraft server, thank you! :)

Comment from Eduardo
Posted: January 16, 2014 at 15:19

Thank you Eric!

Write a comment