My thoughts on Slackware, life and everything

Tag: jre (Page 2 of 3)

OpenJDK 7 security update Jan ’17

icedteaAndrew Hughes (aka GNU/Andrew) has created a new release for IcedTea 2.6.x (which is the series targeting Java7) to allow the creation of an OpenJDK 7 package with the Java security fixes for January 2017 included.

I do realize that Java8 is the more popular version currently but as long as there are security updates for OpenJDK 7, I will try to put those into Slackware packages. So today, here’s OpenJDK 7u131_b00 – or “Java 7 Update 131 Build 00” for you. In fact two packages as always: the JRE and the JDK (which includes the JRE).

As is customary, Andrew provides release notes on his blog that list the vulnerabilities (CVE’s) which are being plugged with the new release. I used to paste those into my own blog articles but I rather give Andrew the credits, so please visit his latest post dubbed “[SECURITY] IcedTea 2.6.9 for OpenJDK 7 Released!“.

If you are still in need of Java 7 and have my older package installed, please upgrade your OpenJDK 7 to this new release. Here is where you can download the Slackware packages:

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository.

Note about usage:

My Java 7 and Java 8 packages (e.g. openjdk7 and openjdk… or openjre7 and openjre) can not co-exist on your computer because they use the same installation directory. You must install either Java 7 or Java 8.

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. Oracle’s JDK contains a browser plugin, but that one is closed-source. Therefore Icedtea offers an open source variant which does a decent job.

Plugin support in Web Browsers:

Note that icedtea-web is a NPAPI plugin – this prevents the use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course. For how long, I do not know. Mozilla have announced they will deprecate NPAPI in their browsers back in 2015.
And even though the plugins are still supported (but require manual activation now) there’s a very recent post on the blog of Firefox software engineer Mike Kaply where he mentions that Firefox 52 will be the first release that will no longer support NPAPI plugins at all (except for Flash but only for a few more releases to come). Remember, we are currently at Firefox version 51. Mike Kaply also mentions that the ESR releases of Firefox (i.e. the Extended Support Releases) will continue to support the NPAPI plugins!
So: Firefox 52: no more plugins. And Firefox ESR 52: plugins still supported.

Have fun! Eric

Openjdk (Java8) updated with January fixes

icedteaThe icedtea project have released version 3.3.0 of their IcedTea build framework. This release updates the OpenJDK 8 support with the October 2016 bug fixes from OpenJDK 8 u112 and the January 2017 security fixes from OpenJDK 8 u121. Another point of notice is that improved font rendering is being worked on. The ‘infinality patches’ to freetype will be used for this. While I did not enable it in my package, IcedTea no longer requires a patched freetype. Infinality support should be enabled by default from IcedTea 3.4.0 onwards.

Compiling OpenJDK using IcedTea has resulted in the openjdk-8u121_b13 package for Slackware (Java 8 Update 121 Build 13). Next to the JDK there’s also the JRE package of course.

Here is list of security fixes and CVE‘s as taken from the announcement on Andrew Hughes’s blog:

Download locations for the JDK and JRE packages:

If your applications are not yet ready for Java 8, I still maintain the Java 7 packages under new names:”openjdk7″ and “openjre7”. Note that my Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory.

There is no more need for a separate “rhino” package (implementation of the JavaScript engine used by OpenJDK) because in OpenJDK 8, this functionality is provided natively using the internal “nashorn” library.

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

Java 7 (openjdk) gets a security update

icedteaMany people who have a need for Java, will already have switched to Java 8. Nevertheless there are still many places where Java 7 is preferred or even required. So, I am riding on the Q4 security updates for OpenJDK and used the recently released icedtea 2.6.8 to compile OpenJDK 7u121_b00 or “Java 7 Update 121 Build 00”. As always, there is a JDK and a JRE package.

Andrew Hughes has posted about this new release, and I copied the security related changes here:

Obviously, you are strongly urged to upgrade your OpenJDK 7 to this new release. Download locations for the JDK and JRE packages (Java 7 version):

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository.

Note about usage:

My Java 7 and Java 8 packages (e.g. openjdk7 and openjdk… or openjre7 and openjre) can not co-exist on your computer because they use the same installation directory. You must install either Java 7 or Java 8.

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

July ’16 security fixes for Java 8

icedteaOn the heels of Oracle’s July 2016 security updates for Java 8, the icedtea folks have released version 3.1.0 of their build framework so that I could create packages for OpenJDK 8u101_b13 or “Java 8 Update 101 Build 13”  (and the JRE too of course).

Here is the list of security fixes and CVE‘s as taken from the announcement on Andrew Hughes’s blog:

Download locations:

If your applications are not yet ready for Java 8, I still maintain the Java 7 packages under new names:”openjdk7″ and “openjre7”. Note that my Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory.

There is no more need for a separate “rhino” package (implementation of the JavaScript engine used by OpenJDK) because in OpenJDK 8, this functionality is provided natively using the internal “nashorn” library.

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

April security updates for (open) Java 7 and 8

icedteaUpdates are available both for Java 7 and java 8. These updates sync the OpenJDK releases to the April 2016 updates from Oracle’s Java.

Java 8

The recently released icedtea-3.0.1 builds OpenJDK 8u91_b14 aka Java 8 Update 91, with security fixes and CVE‘s related to Oracle’s April 2016 updates:

  • S8129952, CVE-2016-0686: Ensure thread consistency
  • S8132051, CVE-2016-0687: Better byte behavior
  • S8138593, CVE-2016-0695: Make DSA more fair
  • S8139008: Better state table management
  • S8143167, CVE-2016-3425: Better buffering of XML strings
  • S8143945, CVE-2016-3426: Better GCM validation
  • S8144430, CVE-2016-3427: Improve JMX connections
  • S8146494: Better ligature substitution
  • S8146498: Better device table adjustments

Java 8 contains its own JavaScript engine so there is no longer a dependency on a separate “rhino” package.

Download locations:

Java 7

If your applications are not yet ready for Java 8, I still maintain the Java 7 packages under new names:”openjdk7″ and “openjre7”. Note that my Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory.

The icedtea-2.6.6 release builds OpenJDK 7u101_b00 aka Java 7 Update 101. There’s a list of security fixes attached to this release, almost identical to the Java 8 list:

  • S8129952, CVE-2016-0686: Ensure thread consistency
  • S8132051, CVE-2016-0687: Better byte behavior
  • S8138593, CVE-2016-0695: Make DSA more fair
  • S8139008: Better state table management
  • S8143167, CVE-2016-3425: Better buffering of XML strings
  • S8144430, CVE-2016-3427: Improve JMX connections
  • S8146494: Better ligature substitution
  • S8146498: Better device table adjustments

The Java 7 package (openjre7 as well as openjdk7) has one dependency: rhino provides JavaScript support for OpenJDK.

Download locations:

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑