Mercurial > hg > icedtea7

changeset 2907:7e5ce31d9d31

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add 2.6.9 release notes. 2017-04-03 Andrew John Hughes <gnu_andrew@member.fsf.org> * NEWS: Add 2.6.9 release notes.
author Andrew John Hughes <gnu_andrew@member.fsf.org>
date Tue, 04 Apr 2017 03:02:35 +0100
parents 39e5553e0695
children 01cf9369e77a
files ChangeLog NEWS
diffstat 2 files changed, 134 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Mon Feb 06 19:39:41 2017 +0000
+++ b/ChangeLog	Tue Apr 04 03:02:35 2017 +0100
@@ -1,3 +1,8 @@
+2017-04-03  Andrew John Hughes  <gnu_andrew@member.fsf.org>
+
+	* NEWS:
+	Add 2.6.9 release notes.
+
 2017-01-24  Andrew John Hughes  <gnu_andrew@member.fsf.org>
 
 	PR3318: Replace 'infinality' with
--- a/NEWS	Mon Feb 06 19:39:41 2017 +0000
+++ b/NEWS	Tue Apr 04 03:02:35 2017 +0100
@@ -17,22 +17,142 @@
 * New features
   - PR3180: Support building without pre-compiled headers
 * Backports
-  - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems.
-  - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned
   - S8076221, PR2809, RH1302385: Disable RC4 cipher suites
-  - S8153711, PR3313, RH1284948: [REDO] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
-  - S8170888, PR3316, RH1390708: [linux] Experimental support for cgroup memory limits in container (ie Docker) environments
 * Bug fixes
   - PR3162: Remove reference to AbstractPlainDatagramSocketImpl.c, removed in 8072466
-  - PR3318: Always round glyph advance in 26.6 space
+* AArch64 port
+  - PR3209: Backed out changeset 3cc3ab869ccf
+
+New in release 2.6.9 (2017-02-14):
+
+* Security fixes
+  - S8138725: Add options for Javadoc generation
+  - S8140353: Improve signature checking
+  - S8151934, CVE-2017-3231: Resolve class resolution
+  - S8156804, CVE-2017-3241: Better constraint checking
+  - S8158406: Limited Parameter Processing
+  - S8158997: JNDI Protocols Switch
+  - S8159507: RuntimeVisibleAnnotation validation
+  - S8161218: Better bytecode loading
+  - S8161743, CVE-2017-3252: Provide proper login context
+  - S8162577: Standardize logging levels
+  - S8162973: Better component components
+  - S8164143, CVE-2017-3260: Improve components for menu items
+  - S8164147, CVE-2017-3261: Improve streaming socket output
+  - S8165071, CVE-2016-2183: Expand TLS support
+  - S8165344, CVE-2017-3272: Update concurrency support
+  - S8166988, CVE-2017-3253: Improve image processing performance
+  - S8167104, CVE-2017-3289: Additional class construction refinements
+  - S8167223, CVE-2016-5552: URL handling improvements
+  - S8168705, CVE-2016-5547: Better ObjectIdentifier validation
+  - S8168714, CVE-2016-5546: Tighten ECDSA validation
+  - S8168728, CVE-2016-5548: DSA signing improvments
+  - S8168724, CVE-2016-5549: ECDSA signing improvments
+* Import of OpenJDK 7 u131 build 0
+  - S6253144: Long narrowing conversion should describe the algorithm used and implied "risks"
+  - S6328537: Improve javadocs for Socket class by adding references to SocketOptions
+  - S6978886: javadoc shows stacktrace after print error resulting from disk full
+  - S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
+  - S6996372: synchronizing handshaking hash
+  - S7027045: (doc) java/awt/Window.java has several typos in javadoc
+  - S7054969: Null-check-in-finally pattern in java/security documentation
+  - S7072353: JNDI libraries do not build with javac -Xlint:all -Werror
+  - S7075563: Broken link in "javax.swing.SwingWorker"
+  - S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11
+  - S7088502: Security libraries don't build with javac -Werror
+  - S7092447: Clarify the default locale used in each locale sensitive operation
+  - S7093640: Enable client-side TLS 1.2 by default
+  - S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed
+  - S7117360: Warnings in java.util.concurrent.atomic package
+  - S7117465: Warning cleanup for IMF classes
+  - S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error
+  - S8000418: javadoc should used a standard "generated by javadoc" string
+  - S8000666: javadoc should write directly to Writer instead of composing strings
+  - S8000673: remove dead code from HtmlWriter and subtypes
+  - S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
+  - S8001669: javadoc internal DocletAbortException should set cause when appropriate
+  - S8008949: javadoc stopped copying doc-files
+  - S8011402: Move blacklisting certificate logic from hard code to data
+  - S8011547: Update XML Signature implementation to Apache Santuario 1.5.4
+  - S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
+  - S8016217: More javadoc warnings
+  - S8017325: Cleanup of the javadoc <code> tag in java.security.cert
+  - S8017326: Cleanup of the javadoc <code> tag in java.security.spec
+  - S8019772: Fix doclint issues in javax.crypto and javax.security subpackages
+  - S8020557: javadoc cleanup in javax.security
+  - S8020688: Broken links in documentation at http://docs.oracle.com/javase/6/docs/api/index.
+  - S8021108: Clean up doclint warnings and errors in java.text package
+  - S8021417: Fix doclint issues in java.util.concurrent
+  - S8021833: javadoc cleanup in java.net
+  - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
+  - S8022175: Fix doclint warnings in javax.print
+  - S8022406: Fix doclint issues in java.beans
+  - S8022746: List of spelling errors in API doc
+  - S8024779: [macosx] SwingNode crashes on exit
+  - S8025085: [javadoc] some errors in javax/swing
+  - S8025218: [javadoc] some errors in java/awt classes
+  - S8025249: [javadoc] fix some javadoc errors in javax/swing/
+  - S8025409: Fix javadoc comments errors and warning reported by doclint report
+  - S8026021: more fix of javadoc errors and warnings reported by doclint, see the description
+  - S8037099: [macosx] Remove all references to GC from native OBJ-C code
+  - S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
+  - S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
+  - S8049244: XML Signature performance issue caused by unbuffered signature data
+  - S8049432: New tests for TLS property jdk.tls.client.protocols
+  - S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio
+  - S8059212: Modify sun/security/smartcardio manual regression tests so that they do not just fail if no cardreader found
+  - S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName
+  - S8068491: Update the protocol for references of docs.oracle.com to HTTPS.
+  - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210
+  - S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u
+  - S8139565: Restrict certificates with DSA keys less than 1024 bits
+  - S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions
+  - S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check
+  - S8143959: Certificates requiring blacklisting
+  - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
+  - S8148516: Improve the default strength of EC in JDK
+  - S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks
+  - S8151893: Add security property to configure XML Signature secure validation mode
+  - S8155760: Implement Serialization Filtering
+  - S8156802: Better constraint checking
+  - S8161228: URL objects with custom protocol handlers have port changed after deserializing
+  - S8161571: Verifying ECDSA signatures permits trailing bytes
+  - S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar
+  - S8164908: ReflectionFactory support for IIOP and custom serialization
+  - S8165230: RMIConnection addNotificationListeners failing with specific inputs
+  - S8166393: disabledAlgorithms property should not be strictly parsed
+  - S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only)
+  - S8166739: Improve extensibility of ObjectInputFilter information passed to the filter
+  - S8166875: (tz) Support tzdata2016g
+  - S8166878: Connection reset during TLS handshake
+  - S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed
+  - S8167459: Add debug output for indicating if a chosen ciphersuite was legacy
+  - S8167472: Chrome interop regression with JDK-8148516
+  - S8167591: Add MD5 to signed JAR restrictions
+  - S8168861: AnchorCertificates uses hardcoded password for cacerts keystore
+  - S8168993: JDK8u121 L10n resource file update
+  - S8169191: (tz) Support tzdata2016i
+  - S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU
+  - S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304
+  - S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property
+  - S8170268: 8u121 L10n resource file update - msgdrop 20
+  - S8173622: Backport of 7180907 is incomplete
+  - S8173849: Fix use of java.util.Base64 in test cases
+  - S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760
+* Backports
+  - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems.
+  - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned
+  - S8153711, PR3315, RH1284948: [REDO] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
+  - S8170888, PR3316, RH1390708: [linux] Experimental support for cgroup memory limits in container (ie Docker) environments
+* Bug fixes
+  - PR3318: Replace 'infinality' with 'improved font rendering' (--enable-improved-font-rendering)
   - PR3318: Fix compatibility with vanilla Fontconfig
   - PR3318: Fix glyph y advance
-  - PR3318: Replace 'infinality' with 'improved font rendering' (--enable-improved-font-rendering)
+  - PR3318: Always round glyph advance in 26.6 space
   - PR3318: Simplify glyph advance handling
+  - PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989
 * AArch64 port
-  - S8165673: AArch64: Fix JNI floating point argument handling
-  - PR3209: Backed out changeset 3cc3ab869ccf
-  - PR3211: AArch64 build fails with pre-compiled headers disabled
+  - S8165673, PR3320: AArch64: Fix JNI floating point argument handling
 
 New in release 2.6.8 (2016-11-13):