Tag: jre (Page 2 of 4)

Security update for OpenJDK7

December 7, 2017 / alienbob / 1 Comment

IcedTea release manager Andrew Hughes (aka GNU/Andrew) announced the announced a new release for IcedTea. The version 2.6.12 builds OpenJDK 7u161_b01. This release includes the October 2017 security fixes for Java 7. The announcement page contains a list of the security issues that have been fixed with this release. It is recommended that you upgrade your OpenJDK 7 to the latest version. If you have already moved to Java 8 then this article is obviously not relevant for you.

Here is where you can download the Slackware packages for openjdk7 and openjre7:

http://www.slackware.com/~alien/slackbuilds/openjdk7/
http://slackware.nl/people/alien/slackbuilds/openjdk7/
(rsync also available: rsync://slackware.nl/mirrors/people/alien/slackbuilds/)

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository. If you want to compile OpenJDK7 yourself you will need apache-ant as well.

Note about usage:

My Java 7 and Java 8 packages (e.g. openjdk7 and openjdk… or openjre7 and openjre) can not co-exist on your computer because they use the same installation directory. You must install either Java 7 or Java 8.

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

OpenJDK 7 security update Jan ’17

February 15, 2017 / alienbob / 1 Comment

Andrew Hughes (aka GNU/Andrew) has created a new release for IcedTea 2.6.x (which is the series targeting Java7) to allow the creation of an OpenJDK 7 package with the Java security fixes for January 2017 included.

I do realize that Java8 is the more popular version currently but as long as there are security updates for OpenJDK 7, I will try to put those into Slackware packages. So today, here’s OpenJDK 7u131_b00 – or “Java 7 Update 131 Build 00” for you. In fact two packages as always: the JRE and the JDK (which includes the JRE).

As is customary, Andrew provides release notes on his blog that list the vulnerabilities (CVE’s) which are being plugged with the new release. I used to paste those into my own blog articles but I rather give Andrew the credits, so please visit his latest post dubbed “[SECURITY] IcedTea 2.6.9 for OpenJDK 7 Released!“.

If you are still in need of Java 7 and have my older package installed, please upgrade your OpenJDK 7 to this new release. Here is where you can download the Slackware packages:

http://www.slackware.com/~alien/slackbuilds/openjdk7/
http://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk7/
(rsync URI: rsync://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk7/)

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository.

Note about usage:

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. Oracle’s JDK contains a browser plugin, but that one is closed-source. Therefore Icedtea offers an open source variant which does a decent job.

Plugin support in Web Browsers:

Note that icedtea-web is a NPAPI plugin – this prevents the use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course. For how long, I do not know. Mozilla have announced they will deprecate NPAPI in their browsers back in 2015.
And even though the plugins are still supported (but require manual activation now) there’s a very recent post on the blog of Firefox software engineer Mike Kaply where he mentions that Firefox 52 will be the first release that will no longer support NPAPI plugins at all (except for Flash but only for a few more releases to come). Remember, we are currently at Firefox version 51. Mike Kaply also mentions that the ESR releases of Firefox (i.e. the Extended Support Releases) will continue to support the NPAPI plugins!
So: Firefox 52: no more plugins. And Firefox ESR 52: plugins still supported.

Have fun! Eric

Openjdk (Java8) updated with January fixes

January 29, 2017 / alienbob / 3 Comments

The icedtea project have released version 3.3.0 of their IcedTea build framework. This release updates the OpenJDK 8 support with the October 2016 bug fixes from OpenJDK 8 u112 and the January 2017 security fixes from OpenJDK 8 u121. Another point of notice is that improved font rendering is being worked on. The ‘infinality patches’ to freetype will be used for this. While I did not enable it in my package, IcedTea no longer requires a patched freetype. Infinality support should be enabled by default from IcedTea 3.4.0 onwards.

Compiling OpenJDK using IcedTea has resulted in the openjdk-8u121_b13 package for Slackware (Java 8 Update 121 Build 13). Next to the JDK there’s also the JRE package of course.

Here is list of security fixes and CVE‘s as taken from the announcement on Andrew Hughes’s blog:

S8138725: Add options for Javadoc generation
S8140353: Improve signature checking
S8151934, CVE-2017-3231: Resolve class resolution
S8156804, CVE-2017-3241: Better constraint checking
S8158406: Limited Parameter Processing
S8158997: JNDI Protocols Switch
S8159507: RuntimeVisibleAnnotation validation
S8161218: Better bytecode loading
S8161743, CVE-2017-3252: Provide proper login context
S8162577: Standardize logging levels
S8162973: Better component components
S8164143, CVE-2017-3260: Improve components for menu items
S8164147, CVE-2017-3261: Improve streaming socket output
S8165071, CVE-2016-2183: Expand TLS support
S8165344, CVE-2017-3272: Update concurrency support
S8166988, CVE-2017-3253: Improve image processing performance
S8167104, CVE-2017-3289: Additional class construction refinements
S8167223, CVE-2016-5552: URL handling improvements
S8168705, CVE-2016-5547: Better ObjectIdentifier validation
S8168714, CVE-2016-5546: Tighten ECDSA validation
S8168728, CVE-2016-5548: DSA signing improvments
S8168724, CVE-2016-5549: ECDSA signing improvments

Download locations for the JDK and JRE packages:

http://www.slackware.com/~alien/slackbuilds/openjdk/
http://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/ (rsync URI: rsync://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/)

If your applications are not yet ready for Java 8, I still maintain the Java 7 packages under new names:”openjdk7″ and “openjre7”. Note that my Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory.

There is no more need for a separate “rhino” package (implementation of the JavaScript engine used by OpenJDK) because in OpenJDK 8, this functionality is provided natively using the internal “nashorn” library.

Note about usage:

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Have fun! Eric

Java 7 (openjdk) gets a security update

November 15, 2016 / alienbob / 3 Comments

Many people who have a need for Java, will already have switched to Java 8. Nevertheless there are still many places where Java 7 is preferred or even required. So, I am riding on the Q4 security updates for OpenJDK and used the recently released icedtea 2.6.8 to compile OpenJDK 7u121_b00 or “Java 7 Update 121 Build 00”. As always, there is a JDK and a JRE package.

Andrew Hughes has posted about this new release, and I copied the security related changes here:

S8151921: Improved page resolution
S8155968: Update command line options
S8155973, CVE-2016-5542: Tighten jar checks
S8157176: Improved classfile parsing
S8157739, CVE-2016-5554: Classloader Consistency Checking
S8157749: Improve handling of DNS error replies
S8157753: Audio replay enhancement
S8157759: LCMS Transform Sampling Enhancement
S8157764: Better handling of interpolation plugins
S8158302: Handle contextual glyph substitutions
S8158993, CVE-2016-5568: Service Menu services
S8159495: Fix index offsets
S8159503: Amend Annotation Actions
S8159511: Stack map validation
S8159515: Improve indy validation
S8159519, CVE-2016-5573: Reformat JDWP messages
S8160090: Better signature handling in pack200
S8160094: Improve pack200 layout
S8160098: Clean up color profiles
S8160591, CVE-2016-5582: Improve internal array handling
S8160838, CVE-2016-5597: Better HTTP service
PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read()

Obviously, you are strongly urged to upgrade your OpenJDK 7 to this new release. Download locations for the JDK and JRE packages (Java 7 version):

http://www.slackware.com/~alien/slackbuilds/openjdk7/
http://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk7/
(rsync URI: rsync://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk7/)

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository.

Note about usage:

Have fun! Eric

July ’16 security fixes for Java 8

July 27, 2016 / alienbob / 6 Comments

On the heels of Oracle’s July 2016 security updates for Java 8, the icedtea folks have released version 3.1.0 of their build framework so that I could create packages for OpenJDK 8u101_b13 or “Java 8 Update 101 Build 13” (and the JRE too of course).

Here is the list of security fixes and CVE‘s as taken from the announcement on Andrew Hughes’s blog:

S8079718, CVE-2016-3458: IIOP Input Stream Hooking
S8145446, CVE-2016-3485: Perfect pipe placement (Windows only)
S8146514: Enforce GCM limits
S8147771: Construction of static protection domains under Javax custom policy
S8148872, CVE-2016-3500: Complete name checking
S8149070: Enforce update ordering
S8149962, CVE-2016-3508: Better delineation of XML processing
S8150752: Share Class Data
S8151925: Font reference improvements
S8152479, CVE-2016-3550: Coded byte streams
S8153312: Constrain AppCDS behavior
S8154475, CVE-2016-3587: Clean up lookup visibility
S8155981, CVE-2016-3606: Bolster bytecode verification
S8155985, CVE-2016-3598: Persistent Parameter Processing
S8158571, CVE-2016-3610: Additional method handle validation

Download locations:

http://www.slackware.com/~alien/slackbuilds/openjdk/
http://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/
(rsync URI: rsync://bear.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/)

Note about usage:

Have fun! Eric

July 2024
M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Thu, 25 Jul 2024 13:18:00 GMT July 25, 2024
15.0/aaa_glibc-solibs-2.33_multilib-x86_64-7alien.txz: Rebuilt. 15.0/glibc-2.33_multilib-x86_64-7alien.txz: Rebuilt. Addresses CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 (* Security fix *) 15.0/glibc-i18n-2.33_multilib-x86_64-7alien.txz: Rebuilt. 15.0/glibc-profile-2.33_multilib-x86_64-7alien.txz: Rebuilt. 15.0/slackware64-compat32: Refreshed the *compat32 packages.
Tue, 23 Jul 2024 20:32:35 GMT July 23, 2024
current/gcc-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. Baking the new default compile flags into the toolchain. current/gcc-g++-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-gdc-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-gfortran-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-gm2-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-gnat-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-go-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/gcc-objc-14.12.0_multilib-x86_64-2alien.txz: Rebuilt. current/aaa_glibc-solibs-2.40_multilib-x86_64-1alien.txz: Upgraded. current/glibc-2.40_multilib-x86_64-1alien.txz: Upgraded. This update fixes security issues in nscd. current/glibc-i18n-2.40_multilib-x86_64-1alien.txz: Upgraded. current/glibc-profile-2.40_multilib-x86_64-1alien.txz: Upgraded. current/slackware64-compat32: Refreshed the *compat32 packages.

Fri, 26 Jul 2024 18:26:05 GMT July 26, 2024
a/cracklib-2.10.1-x86_64-1.txz: Upgraded. a/kernel-firmware-20240726_8bdce1c-noarch-1.txz: Upgraded. l/pangomm2-2.54.0-x86_64-1.txz: Upgraded. n/NetworkManager-1.48.6-x86_64-1.txz: Upgraded. n/nmap-7.95-x86_64-2.txz: Rebuilt. Make sure zenmap.desktop has an icon in /usr/share/pixmaps. Thanks to USUARIONUEVO. n/rpcbind-1.2.7-x86_64-1.txz: Upgraded. x/ibus-libpinyin-1.15.8-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.31-x86_64-1.txz: Upgraded. xap/blueman-2.4.3-x86_64-1.txz: Upgraded.

SlackBuilds.org changes for Sat, 20 Jul 2024 01:10:07 GMT
academic/ngspice: Updated for version 43. academic/openboard: Replaced backtick cmdsub. academic/sword-data-kjv: Replaced backtick cmdsub. audio/caps: Fixed chown syntax audio/gogglesmm: Fixed chown syntax audio/musikcube: Updated for version 3.0.4. audio/ncspot: Updated for version 1.1.2. audio/ogmtools: Fixed chown syntax audio/tauonmb: Update script. audio/tuner: Updated for version 1.5.2. audio/yabridge: Fix dbus problem desktop/crystalcursors: Fixed chown syntax desktop/fvwm95: Replaced backtick cmdsub. […]

Tag: jre (Page 2 of 4)

Security update for OpenJDK7

Note about usage:

OpenJDK 7 security update Jan ’17

Note about usage:

Plugin support in Web Browsers:

Openjdk (Java8) updated with January fixes

Note about usage:

Java 7 (openjdk) gets a security update

Note about usage:

July ’16 security fixes for Java 8

Note about usage:

About this blog

Sponsoring

Categories

Subscribe to Blog via Email

My Favourites

Online me

Slackware

Calendar

slackbuilds

multilib

Slackware64-current

SBo

Meta

Top Posts & Pages

Recent posts

Recent comments