Alien Pastures

My thoughts on Slackware, life and everything

Tag: icedtea (Page 3 of 5)

July ’16 security fixes for Java 8

July 27, 2016 / / 6 Comments

icedteaOn the heels of Oracle’s July 2016 security updates for Java 8, the icedtea folks have released version 3.1.0 of their build framework so that I could create packages for OpenJDK 8u101_b13 or “Java 8 Update 101 Build 13”  (and the JRE too of course).

Here is the list of security fixes and CVE‘s as taken from the announcement on Andrew Hughes’s blog:

Download locations:

If your applications are not yet ready for Java 8, I still maintain the Java 7 packages under new names:”openjdk7″ and “openjre7”. Note that my Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory.

There is no more need for a separate “rhino” package (implementation of the JavaScript engine used by OpenJDK) because in OpenJDK 8, this functionality is provided natively using the internal “nashorn” library.

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

OpenJDK updated to 7u95_b00

January 22, 2016 / / 15 Comments

icedteaVersion 2.6.4 of IcedTea was released last week. The IcedTea “build harness” for OpenJDK will compile OpenJDK 7 “Update 95 Build 00“. In Slackware terminology: here is the package openjdk-7u95_b00. The release synchronizes with Oracle’s January 2016 updates to OpenJDK. Read more about the release on the blog of release maintainer Andrew Hughes.

This is the list of security fixes and CVE‘s which have been addressed and fixed in this release.

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The Java package (openjre as well as openjdk) has one dependency: rhino provides JavaScript support for OpenJDK.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Download locations:

Have fun! Eric

July ’15 OpenJDK security update: 7u85_b01

July 23, 2015 / / 1 Comment

icedtea A new release of IcedTea  is available. Version 2.6.1 came right after last week’s 2.6.0 which paved the way for OpenJDK 7 “Update 85 Build 01” (resulting in a Slackware package openjdk-7u85_b01). This latest version of icedtea encompasses the July 2015 security updates for Java7. The release announcement can be found on the blog of release maintainer Andrew Hughes.

The upcoming release of icedtea 3.0.0 will move us to OpenJDK 8, but for now it is Java 7 you’ll still be using if you install my packages. A bit of patience is required.

A list of  CVE’s is associated with the new release. Here are all security fixes mentioned in the post:

 

Note about usage:

Remember that I release packages for the JRE (runtime) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package. Get them here.

The Java package (openjre as well as openjdk) has one dependency: rhino provides JavaScript support for OpenJDK.

Optionally: If you want to use Java in a web browser (which supports NPAPI plugins – this excludes Chrome & Chromium but you’ll be OK with all Mozilla [-compatible] browsers) then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job.

If you want to test your browser plugin, check out the Java Tester page, or Oracle’s own verification page which of course urges you to upgrade to its own Java 8 instead:

OpenJDK-7u85_b01

If you want to compile this OpenJDK package yourself, you need to install apache-ant additionally. Note that the previous requirements of xalan & xerces packages have been dropped; ant will provide all required build functionality on its own now.

Have fun! Eric

Java update: openjdk 7u75 available

January 22, 2015 / / 5 Comments

icedtea A new release of IcedTea  is available. Version 2.5.4 of the “Java build framework” will create OpenJDK 7 “Update 75 Build 13” (resulting in a Slackware package openjdk-7u75_b13).

The release announcement can be found on the distro-pkg-dev mailing list. It has a long long list of improvements and bugfixes – probably caused by the large hiatus between this and the previous release.

A list of  CVE’s is associated with the new release. Here is the skinny – all security fixes mentioned in the post:

  - S8046656: Update protocol support
  - S8047125, CVE-2015-0395: (ref) More phantom object references
  - S8047130: Fewer escapes from escape analysis
  - S8048035, CVE-2015-0400: Ensure proper proxy protocols
  - S8049253: Better GC validation
  - S8050807, CVE-2015-0383: Better performing performance data handling
  - S8054367, CVE-2015-0412: More references for endpoints
  - S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel
  - S8055309, CVE-2015-0408: RMI needs better transportation considerations
  - S8055479: TLAB stability
  - S8055489, CVE-2014-6585: Better substitution formats
  - S8056264, CVE-2014-6587: Multicast support improvements
  - S8056276, CVE-2014-6591: Fontmanager feature improvements
  - S8057555, CVE-2014-6593: Less cryptic cipher suite management
  - S8058982, CVE-2014-6601: Better verification of an exceptional invokespecial
  - S8059485, CVE-2015-0410: Resolve parsing ambiguity
  - S8061210, CVE-2014-3566: Issues in TLS

 

The new Java is properly detected by Oracle’s Java version tester at http://java.com/en/download/testjava.jsp :

slackware_java_7u75

Note about usage:

Remember that I release packages for the JRE (runtime) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package. Get them here.

The Java package (openjre as well as openjdk) has one dependency: rhino provides JavaScript support for OpenJDK.

Optionally: If you want to use Java in a web browser (which supports NPAPI plugins – this excludes Chrome & Chromium but you’ll be OK with all Mozilla [-compatible] browsers) then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job.

If you want to compile this OpenJDK package yourself, you need to install apache-ant additionally. Note that the previous requirements of xalan & xerces packages have been dropped; ant will provide all required build functionality on its own now.

Have fun! Eric

New OpenJDK 7: Update 71 with lots of fixes

October 15, 2014 / / 4 Comments

icedtea Oracle’s patch & release cycle culminated in two updates of their Java (runtime and development kit) since the last release of OpenJDK for which I provided packages. Today, we can enjoy a new IcedTea and therefore an updated OpenJDK which synchronizes to Oracle’s October security patch release (which offers Java 7 Update 71).

IcedTea (my favourite build harness for a spiced-up OpenJDK) went up to version 2.5.3 and it builds OpenJDK 7 “Update 71 Build 14” (resulting in a package openjdk-7u71_b14).

The release announcement is conveniently posted to the release manager’s blog. Read all about it on GNU/Andrew’s site.

Noteworthy is that “alternate virtual machines (e.g. CACAO, JamVM) will be broken by this release, until such a time as they introduce support for JVM_FindClassFromCaller, a new virtual machine interface function added by S8015256” which is bad news for people who want to compile this on ARM. Those are the two which I enable to get some speed into Java on the ARM platform.

Also important to mention is the CVE’s which are addressed by this security update. A pretty bunch and therefore a speedy upgrade is recommended:

openjdk_7u71

Note about usage:

Remember that I release packages for the JRE (runtime) and the JDK (development kit) simultaneously, but you only need to nstall one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The package has one dependency: rhino provides JavaScript support for OpenJDK.

If you want to compile this OpenJDK package yourself, you need to install apache-ant additionally. Note that the previous requirements of xalan & xerces packages have been dropped; ant will provide all required build functionality on its own now.

Have fun! Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑