------------------------------------------------------------------- Tue Oct 25 08:41:33 UTC 2016 - tchvatal@suse.com - Add patch for bnc#992537 provided by IBM ------------------------------------------------------------------- Fri Aug 12 12:02:13 UTC 2016 - pjanouch@suse.de - Version update to 8.0-3.10 bnc#992537: CVE-2016-3485 CVE-2016-3511 CVE-2016-3511 CVE-2016-3598 - Add hwkeytool binary for s390x ------------------------------------------------------------------- Fri Apr 29 13:04:56 UTC 2016 - pjanouch@suse.de - IBM Java 80-3.0 released: (bnc#977646 bnc#977648 bnc#977650 bsc#979252) CVE-2016-0376 CVE-2016-0264 CVE-2016-0363 CVE-2016-3443 CVE-2016-0687 CVE-2016-0686 CVE-2016-3427 CVE-2016-3449 CVE-2016-3422 CVE-2016-3426 ------------------------------------------------------------------- Tue Feb 9 14:45:41 UTC 2016 - tchvatal@suse.com - There is no HtmlConverter and apt provided by jdk8 bnc#965665 ------------------------------------------------------------------- Fri Jan 29 10:10:02 UTC 2016 - tchvatal@suse.com - Version update to 8.0-2.10 bnc#963937: CVE-2015-5041 CVE-2016-0494 CVE-2016-0483 CVE-2015-8126 CVE-2015-8472 CVE-2016-0475 CVE-2016-0466 CVE-2016-0402 CVE-2015-7575 CVE-2016-0448 ------------------------------------------------------------------- Thu Jan 7 13:23:17 UTC 2016 - tchvatal@suse.com - Move %_jvmdir/%sdklnk from main to develpkg for sle10 to avoid hickups - Move %_jvmjardir/%sdkcompatdir from develprj to main for the same ------------------------------------------------------------------- Fri Jan 1 13:15:09 UTC 2016 - tchvatal@suse.com - Move the pre phase to the baselibs.conf too bnc#960402 ------------------------------------------------------------------- Mon Nov 23 11:06:16 UTC 2015 - tchvatal@suse.com - Version update to 8.0-2.0 bnc#955131: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 ------------------------------------------------------------------- Thu Aug 13 08:48:40 UTC 2015 - tchvatal@suse.com - Regen qa filelists and fix summary to say java8 not java 7.1 ------------------------------------------------------------------- Wed Aug 5 12:03:22 UTC 2015 - tchvatal@suse.com - Add backcompat symlinks for sdkdir - Fix bnc#941939 to provide %{name} instead of %{sdklnk} only in _jvmprivdir ------------------------------------------------------------------- Wed Jul 22 11:05:05 UTC 2015 - tchvatal@suse.com - Add file %{_jvmdir}/%{sdkdir}/jre/lib/jexec.diz - Version update to 8.0.1.10 bnc#938895: CVE-2015-1931 CVE-2015-2638 CVE-2015-4733 CVE-2015-4732 CVE-2015-2590 CVE-2015-4731 CVE-2015-4760 CVE-2015-4748 CVE-2015-2664 CVE-2015-2632 CVE-2015-2637 CVE-2015-2619 CVE-2015-2621 CVE-2015-2613 CVE-2015-2601 CVE-2015-4749 CVE-2015-4000 CVE-2015-4729 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0486 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 ------------------------------------------------------------------- Thu Jul 2 12:24:33 UTC 2015 - tchvatal@suse.com - Version update to 8.0-1.1 bnc#935540 for the logjam attack - Lets consider this the point we sattisfy the fate#317988 ------------------------------------------------------------------- Wed Jun 17 07:24:29 UTC 2015 - tchvatal@suse.com - Sync spec and baselibs.conf - Remove obsolete parts of update-alternatives from baselibs.conf - Do not bother with non-etc-marked-as-conf - Move plugin desktop/icon to proper subpackage - Fix fdupes usage and javapackages-tools vs jpackage-utils dependencies - Drop creation of 0 size xlfd support files as they are never regenerated anyway - Cleanup with spec-cleaner ------------------------------------------------------------------- Wed Jun 3 09:57:08 UTC 2015 - tchvatal@suse.com - Filter out cuda requires/provides as it ain't provided in SUSE bnc#931693 ------------------------------------------------------------------- Tue Jun 2 14:34:02 UTC 2015 - tchvatal@suse.com - Fix removeing links before update-alternatives run. bnc#931702 ------------------------------------------------------------------- Tue Jun 2 12:50:04 UTC 2015 - tchvatal@suse.com - Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives ------------------------------------------------------------------- Tue Jun 2 11:50:09 UTC 2015 - tchvatal@suse.com - Fix bnc#912447, use system cacerts ------------------------------------------------------------------- Mon Jun 1 11:13:29 UTC 2015 - tchvatal@suse.com - Add condition for fdupes to build on sle10 ------------------------------------------------------------------- Tue May 19 08:49:54 UTC 2015 - tchvatal@suse.com - Remove ppc from plugin archs, seems not to be around this time ------------------------------------------------------------------- Wed May 13 11:35:53 UTC 2015 - tchvatal@suse.com - Drop jdbc subpackage as it is empty ------------------------------------------------------------------- Wed May 13 11:21:35 UTC 2015 - tchvatal@suse.com - No specific i386 stuff for plugin anymore ------------------------------------------------------------------- Wed May 13 11:08:14 UTC 2015 - tchvatal@suse.com - Remove not distributed files jrping and jibvdevinfo java_vm javad.options - remove jdbc as it seems not distributed anymore - Add jjs and jdeps as files and %{_jvmdir}/%{sdkdir}/jre/lib/tools/ folder ------------------------------------------------------------------- Wed May 13 10:33:34 UTC 2015 - tchvatal@suse.com - Actually deploy installer and use proper rpmlintrc ------------------------------------------------------------------- Wed May 13 09:10:39 UTC 2015 - tchvatal@suse.com - Update baselibs.conf to refference java 1.8.0 ------------------------------------------------------------------- Wed May 13 08:25:27 UTC 2015 - tchvatal@suse.com - Rename all stuff to try to accomodate java 1.8.0 ------------------------------------------------------------------- Mon Feb 9 15:54:17 UTC 2015 - tchvatal@suse.com - Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891 - javad binary seems to be no more, so remove ------------------------------------------------------------------- Tue Nov 18 13:11:32 UTC 2014 - tchvatal@suse.com - bnc#904889 java 1.7.1_sr1.2 released - CVE-2014-3065: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (bnc#) - CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. (bnc#901223 901254 901277 901748 901757 901759 901889 901968 902229 902476 902912 903684 903690 903692) - CVE-2014-6513: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. (bnc#901239 901242 901246) - CVE-2014-6456: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (bnc#901239 901242 901246) - CVE-2014-6503: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6532: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503. (bnc#901239 901242 901246) - CVE-2014-4288: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6493: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6492: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6458: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6466: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Internet Explorer, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6506: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6476: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527. (bnc#901239 901242 901246) - CVE-2014-6515: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6511: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D. (bnc#901239 901242 901246) - CVE-2014-6531: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6512: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6457: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. (bnc#901239 901242 901246) - CVE-2014-6527: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476. (bnc#901239 901242 901246) - CVE-2014-6502: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6558: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security. (bnc#901239 901242 901246) ------------------------------------------------------------------- Fri Aug 8 07:11:56 UTC 2014 - tchvatal@suse.com - Version bump to 7.1-1.0 bnc#890434: * Maintenance update for the 7.1 series matching oracle jaca 7u65 ------------------------------------------------------------------- Thu Aug 7 08:04:18 UTC 2014 - tchvatal@suse.com - Replace SuSE with SUSE. bnc#889006 ------------------------------------------------------------------- Wed May 14 08:47:10 UTC 2014 - tchvatal@suse.com - Version bump to 7.1-1.0 (bnc#877465): * support for ppc64le * zEC12 and System z hardware compression acceleration support * Improved workload management facilities on z/OS * Native record processing with Data Access Accelerator * see http://www-01.ibm.com/support/docview.wss?uid=swg21657707 ------------------------------------------------------------------- Wed Mar 5 16:28:17 CET 2014 - ro@suse.de - Fix build on i586 and s390 * Remove bogus dependency on libstdc++33 ------------------------------------------------------------------- Mon Feb 17 09:57:18 UTC 2014 - mvyskocil@suse.com - Limit package to sle12 compatible architectures - Use SUSE-NonFree License as suggested by legal team - Adapt filelist to much stricter rpm in SLE12 ------------------------------------------------------------------- Tue Dec 10 12:06:55 UTC 2013 - mvyskocil@suse.com - package IBM Java Version 7 Release 1 (FATE#316606) IBM(R) SDK, Java Technology Edition, Version 7 Release 1 is the latest release of the Java SE 7 application programming interfaces (APIs). This release contains the latest virtual machine technology from IBM and is for users who wish to use Java SE 7 APIs to: * utilize enhanced native record processing * exploit the new zEC12 capabilities * improve monitoring and diagnostics * evaluate IBM's latest cloud enablement technology * see http://www-01.ibm.com/support/docview.wss?uid=swg21657707