------------------------------------------------------------------- Tue Mar 20 12:09:51 UTC 2018 - pmonrealgonzalez@suse.com - Renamed the update-alternatives link names for the different policy options to avoid collisions [bsc#1085018] * Available options: - jce_1.8.0_ibm_unlimited_local_policy [default] - jce_1.8.0_ibm_unlimited_us_export_policy - jce_1.8.0_ibm_limited_local_policy - jce_1.8.0_ibm_limited_us_export_policy ------------------------------------------------------------------- Fri Mar 16 15:40:55 UTC 2018 - pmonrealgonzalez@suse.com - Fixed priorities of alternatives [bsc#1085018] ------------------------------------------------------------------- Wed Mar 14 10:09:20 UTC 2018 - pmonrealgonzalez@suse.com - Fixed symlinks to policy files on update [bsc#1085018] ------------------------------------------------------------------- Tue Feb 27 10:18:38 UTC 2018 - pmonrealgonzalez@suse.com - Removed java-1_8_0-ibm-alsa and java-1_8_0-ibm-plugin entries in baselibs.conf due to errors in osc source_validator ------------------------------------------------------------------- Mon Feb 26 13:48:07 UTC 2018 - pmonrealgonzalez@suse.com - Version update to 8.0.5.10 [bsc#1082810] * Security fixes: CVE-2018-2639 CVE-2018-2638 CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588 CVE-2018-2579 * Defect fixes: - IJ02608 Class Libraries: Change of namespace definitions with handlers that implement javax.xml.ws.handler.soap.soaphandler - IJ04280 Class Libraries: Deploy Upgrade to Oracle level 8u161-b12 - IJ03390 Class Libraries: JCL Upgrade to Oracle level 8u161-b12 - IJ04001 Class Libraries: Performance improvement with child process on AIX - IJ04281 Class Libraries: Startup time increase after applying apar IV96905 - IJ03822 Class Libraries: Update timezone information to tzdata2017c - IJ03440 Java Virtual Machine: Assertion failure during class creation - IJ03717 Java Virtual Machine: Assertion for gencon with concurrent scavenger on ZOS64 - IJ03513 Java Virtual Machine: Assertion in concurrent scavenger if initial heap memory size -Xms is set too low - IJ03994 Java Virtual Machine: Class.getmethods() does not return all methods - IJ03413 Java Virtual Machine: Hang creating thread after redefining classes - IJ03852 Java Virtual Machine: ICH408I message when groupaccess is specified with -xshareclasses - IJ03716 Java Virtual Machine: java/lang/linkageerror from sun/misc/unsafe.definean onymousclass() - IJ03116 Java Virtual Machine: java.fullversion string contains an extra space - IJ03347 Java Virtual Machine: java.lang.IllegalStateException in related class MemoryMXBean - IJ03878 Java Virtual Machine: java.lang.StackOverflowError is thrown when custom security manager in place - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump, trace, log was not enabled by default - IJ04248 JIT Compiler: ArrayIndexOutOfBoundsException is thrown when converting BigDecimal to String - IJ04250 JIT Compiler: Assertion failure with concurrentScavenge on Z14 - IJ03606 JIT Compiler: Java crashes with -version - IJ04251 JIT Compiler: JIT compiled method that takes advantage of AutoSIMD produces an incorrect result on x86 - IJ03854 JIT Compiler: JVM info message appears in stdout - IJ03607 JIT Compiler: Result String contains a redundant dot when converted from BigDecimal with 0 on all platforms - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01 - IJ03715 Security: Add additional support for the IBMJCEPlus provider, add support for new IBMJCEPlusFIPS provider - IJ03800 Security: A fix in CMS provider for KDB integrity - IJ04282 Security: Change in location and default of jurisdiction policy files - IJ03853 Security: IBMCAC provider does not support SHA224 - IJ02679 Security: IBMPKCS11Impl – Bad sessions are being allocated internally - IJ02706 Security: IBMPKCS11Impl – Bad sessions are being allocated internally - IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot specification attribute - IJ01901 Security: IBMPKCS11Impl – SecureRandom.setSeed() exception - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with stash, JKS Chain issue and JVM argument parse issue with iKeyman - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE - PI93233 z/OS Extentions: Cipher.doFinal() fails when using AES/GCM/nopadding with AAD data of 13 bytes and a block size of 4081 to 4096 * Fixes in 8.0.5.7: - IJ02605 Class Libraries: Update IBM-1371 charset with new specification support - IJ02541 Java Virtual Machine: Assertions in GC when jvmti runs with Concurrent Scavenger - IJ02443 Java Virtual Machine: Committed eden region size is bigger than maximum eden region size - IJ02378 Java Virtual Machine: Existing signal action for SIG_IGN/SIG_DFL is not detected properly - IJ02758 JIT Compiler: Crash in JIT module during method compilation - IJ02733 JIT Compiler: Crash in jit module when compiling in non-default configuration * Fixes in 8.0.5.6: - IJ02283 Java Virtual Machine: IllegalAccessException due to a missing access check for the same class in MethodHandle apis - IJ02082 Java Virtual Machine: The default value for class unloading kick off threshold is not set - IJ02018 JIT Compiler: Crash or assertion while attempting to acquire VM access - IJ02284 JIT Compiler: Division by zero in JIT compiler - IV88941 JIT Compiler: JIT compiler takes far too long to compile a method - IJ02285 JIT Compiler: Performance degradation during class unloading in Java 8 SR5 ------------------------------------------------------------------- Wed Nov 29 16:17:32 UTC 2017 - pmonrealgonzalez@suse.com - Version update to 8.0.5.5 [bsc#1070162] * CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10309 CVE-2017-10356 CVE-2017-10293 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355 CVE-2017-10357 CVE-2017-10348 CVE-2017-10349 CVE-2017-10347 CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345 ------------------------------------------------------------------- Mon Sep 25 16:19:17 UTC 2017 - pmonrealgonzalez@suse.com - Fixed jpackage-java-1_8_0-ibm-webstart.desktop file to allow Java jnlp files run from Firefox. [bsc#1057460, bsc#1076390] ------------------------------------------------------------------- Fri Sep 22 10:21:07 UTC 2017 - pmonrealgonzalez@suse.com - Version update to 8.0-5.0 [bsc#1059808, fate#322435] * New features/enhancements. - IV99474 Security: Add support for the IBMJCEPlus provider * Fixes: - IV98234 Java JIT: Compiler time crash in analyzeexitedges() - IV99877 Class Libraries: Including Oracle update number in java -version ouput - IV99875 Class Libraries: Including Oracle update number in the release file - IV99598 Class Libraries: java.lang.reflect.Method.toGenericString() produce different output for generics which takes primitive array types - IV99876 Class Libraries: Update Xscmx description in IBM -X help output - IV99596 JVM: Calling Thread.getStackTrace on the current thread returns extra stack frames - IV99856 JVM: Crash during JVM shutdown - IV98626 JVM: Crash in JIT - IV96569 JVM: Extra 2GB page allocated for the object heap on z/OS or zLinux - IV99768 JVM: GC assertion in MM_ParallelTask or MM_ParallelScavengeTask after scavenger backout - IV81824 JVM: java.lang.Class.getMethods() does not return all interface methods - IV99741 JVM: Java synchronization improvements - IV99824 JVM: Java VM fails due to assertion in stringtable.cpp - IV99784 JVM: JVMTI API SetEventNotificationMode() fails for event type JVMTI_EVENT_RESOURCE_EXHAUSTED - IV93219 JVM: MethodHandle asType and invoke throw incorrect exception when return type doesn't match - IV99192 JVM: Method resolution reports default method conflict on virtual invocations - IV99769 JVM: Missing package private class java.lang.AbstractStringBuilder during verification - IV96433 JVM: Performance regression in JVMTI class redefinition - IV99821 JVM: System core file is missing when the Linux core file (not command) pattern contains %c and user's core file size limit is 0 - IV99770 JVM: The VerifyError message contained an incorrect type to be matched for 'aastore' bytecodes - IV91274 JVM: Unexpected IllegalArgumentException requesting a BufferPoolMXBean by name - IV99742 JVM: Unnecessary message printed out when resetting a shared cache - IV99771 JVM: Verifier incorrectly rejected uses of uninitialized objects in 'monitorenter/monitorexit' bytecodes - IV99754 JVM: VM crashes when printing trace points - IV98212 Java JIT: Assertion in GC - IV99215 Java JIT: Crash during JIT compilation in Java 8 - IV99780 Java JIT: Crashes in JIT-compiled java code containing loops - IV99783 Java JIT: Crashes in JIT-compiled java code on power platforms - IV99785 Java JIT: Crash in DAA API compiled code - IV99779 Java JIT: GC assertion when walking a JIT compiled frame - IV99778 Java JIT: Incorrect index used when accessing array - IV99782 Java JIT: InvocationTargetException in JSR 292 Java code - IV98001 Java JIT: ompiler crash - IV99693 Java JIT: Compiler crash in OSR processing during inlining - IV97890 Java JIT: Compiler problem handling empty control flow block - IV97950 Java JIT: JVM crashes in MethodHandle implementation - IV91208 Reliability and Serviceability: Crash calling com.ibm.jvm.Trace.registerApplication() - IV99823 Reliability and Serviceability: Phd files may be incomplete when using the balanced garbage collection policy - IJ00042 Build: Define the dependency of libstdc++.so.6 in the installer on pppc le - IV98625 Security: Connection reset during TLS handshake - IV98628 Security: NullPointerException performing SSL handshake using Chrome browser ------------------------------------------------------------------- Mon Aug 14 10:08:03 UTC 2017 - pmonrealgonzalez@suse.com - Version update to 8.0-4.10 [bsc#1053431] * CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101 CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087 CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10078 CVE-2017-10115 CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109 CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081 ------------------------------------------------------------------- Mon May 15 13:36:27 UTC 2017 - tchvatal@suse.com - Version update to 8.0-4.5 bsc#1038505 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ------------------------------------------------------------------- Mon Mar 6 11:53:51 UTC 2017 - tchvatal@suse.com - Include also in SLE13 fate#322435 - Version update to 8.0-4.1 bnc#1027038 CVE-2016-2183 ------------------------------------------------------------------- Thu Feb 16 13:52:14 UTC 2017 - tchvatal@suse.com - Require the main pkg in post phase of devel bsc#1025506 ------------------------------------------------------------------- Wed Feb 8 09:36:53 UTC 2017 - tchvatal@suse.com - Version update to 8.0-4.0 bnc#1024218: CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2017-3252 ------------------------------------------------------------------- Wed Nov 16 13:25:55 UTC 2016 - tchvatal@suse.com - Version update to 8.0-3.21 bnc#1009280 CVE-2016-5568 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542 ------------------------------------------------------------------- Tue Oct 25 08:41:33 UTC 2016 - tchvatal@suse.com - Add patch for bnc#992537 provided by IBM ------------------------------------------------------------------- Fri Aug 12 12:02:13 UTC 2016 - pjanouch@suse.de - Version update to 8.0-3.10 bnc#992537: CVE-2016-3485 CVE-2016-3511 CVE-2016-3511 CVE-2016-3598 - Add hwkeytool binary for s390x ------------------------------------------------------------------- Fri Apr 29 13:04:56 UTC 2016 - pjanouch@suse.de - IBM Java 80-3.0 released: (bnc#977646 bnc#977648 bnc#977650 bsc#979252) CVE-2016-0376 CVE-2016-0264 CVE-2016-0363 CVE-2016-3443 CVE-2016-0687 CVE-2016-0686 CVE-2016-3427 CVE-2016-3449 CVE-2016-3422 CVE-2016-3426 ------------------------------------------------------------------- Tue Feb 9 14:45:41 UTC 2016 - tchvatal@suse.com - There is no HtmlConverter and apt provided by jdk8 bnc#965665 ------------------------------------------------------------------- Fri Jan 29 10:10:02 UTC 2016 - tchvatal@suse.com - Version update to 8.0-2.10 bnc#963937: CVE-2015-5041 CVE-2016-0494 CVE-2016-0483 CVE-2015-8126 CVE-2015-8472 CVE-2016-0475 CVE-2016-0466 CVE-2016-0402 CVE-2015-7575 CVE-2016-0448 ------------------------------------------------------------------- Thu Jan 7 13:23:17 UTC 2016 - tchvatal@suse.com - Move %_jvmdir/%sdklnk from main to develpkg for sle10 to avoid hickups - Move %_jvmjardir/%sdkcompatdir from develprj to main for the same ------------------------------------------------------------------- Fri Jan 1 13:15:09 UTC 2016 - tchvatal@suse.com - Move the pre phase to the baselibs.conf too bnc#960402 ------------------------------------------------------------------- Mon Nov 23 11:06:16 UTC 2015 - tchvatal@suse.com - Version update to 8.0-2.0 bnc#955131, bsc#929900: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 ------------------------------------------------------------------- Thu Aug 13 08:48:40 UTC 2015 - tchvatal@suse.com - Regen qa filelists and fix summary to say java8 not java 7.1 ------------------------------------------------------------------- Wed Aug 5 12:03:22 UTC 2015 - tchvatal@suse.com - Add backcompat symlinks for sdkdir - Fix bnc#941939 to provide %{name} instead of %{sdklnk} only in _jvmprivdir ------------------------------------------------------------------- Wed Jul 22 11:05:05 UTC 2015 - tchvatal@suse.com - Add file %{_jvmdir}/%{sdkdir}/jre/lib/jexec.diz - Version update to 8.0.1.10 bnc#938895: CVE-2015-1931 CVE-2015-2638 CVE-2015-4733 CVE-2015-4732 CVE-2015-2590 CVE-2015-4731 CVE-2015-4760 CVE-2015-4748 CVE-2015-2664 CVE-2015-2632 CVE-2015-2637 CVE-2015-2619 CVE-2015-2621 CVE-2015-2613 CVE-2015-2601 CVE-2015-4749 CVE-2015-4000 CVE-2015-4729 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0486 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 ------------------------------------------------------------------- Thu Jul 2 12:24:33 UTC 2015 - tchvatal@suse.com - Version update to 8.0-1.1 bnc#935540 for the logjam attack - Lets consider this the point we sattisfy the fate#317988 ------------------------------------------------------------------- Wed Jun 17 07:24:29 UTC 2015 - tchvatal@suse.com - Sync spec and baselibs.conf - Remove obsolete parts of update-alternatives from baselibs.conf - Do not bother with non-etc-marked-as-conf - Move plugin desktop/icon to proper subpackage - Fix fdupes usage and javapackages-tools vs jpackage-utils dependencies - Drop creation of 0 size xlfd support files as they are never regenerated anyway - Cleanup with spec-cleaner ------------------------------------------------------------------- Wed Jun 3 09:57:08 UTC 2015 - tchvatal@suse.com - Filter out cuda requires/provides as it ain't provided in SUSE bnc#931693 ------------------------------------------------------------------- Tue Jun 2 14:34:02 UTC 2015 - tchvatal@suse.com - Fix removeing links before update-alternatives run. bnc#931702 ------------------------------------------------------------------- Tue Jun 2 12:50:04 UTC 2015 - tchvatal@suse.com - Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives ------------------------------------------------------------------- Tue Jun 2 11:50:09 UTC 2015 - tchvatal@suse.com - Fix bnc#912447, use system cacerts ------------------------------------------------------------------- Mon Jun 1 11:13:29 UTC 2015 - tchvatal@suse.com - Add condition for fdupes to build on sle10 ------------------------------------------------------------------- Tue May 19 08:49:54 UTC 2015 - tchvatal@suse.com - Remove ppc from plugin archs, seems not to be around this time ------------------------------------------------------------------- Wed May 13 11:35:53 UTC 2015 - tchvatal@suse.com - Drop jdbc subpackage as it is empty ------------------------------------------------------------------- Wed May 13 11:21:35 UTC 2015 - tchvatal@suse.com - No specific i386 stuff for plugin anymore ------------------------------------------------------------------- Wed May 13 11:08:14 UTC 2015 - tchvatal@suse.com - Remove not distributed files jrping and jibvdevinfo java_vm javad.options - remove jdbc as it seems not distributed anymore - Add jjs and jdeps as files and %{_jvmdir}/%{sdkdir}/jre/lib/tools/ folder ------------------------------------------------------------------- Wed May 13 10:33:34 UTC 2015 - tchvatal@suse.com - Actually deploy installer and use proper rpmlintrc ------------------------------------------------------------------- Wed May 13 09:10:39 UTC 2015 - tchvatal@suse.com - Update baselibs.conf to refference java 1.8.0 ------------------------------------------------------------------- Wed May 13 08:25:27 UTC 2015 - tchvatal@suse.com - Rename all stuff to try to accomodate java 1.8.0 ------------------------------------------------------------------- Mon Feb 9 15:54:17 UTC 2015 - tchvatal@suse.com - Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891 - javad binary seems to be no more, so remove ------------------------------------------------------------------- Tue Nov 18 13:11:32 UTC 2014 - tchvatal@suse.com - bnc#904889 java 1.7.1_sr1.2 released - CVE-2014-3065: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (bnc#) - CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. (bnc#901223 901254 901277 901748 901757 901759 901889 901968 902229 902476 902912 903684 903690 903692) - CVE-2014-6513: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. (bnc#901239 901242 901246) - CVE-2014-6456: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (bnc#901239 901242 901246) - CVE-2014-6503: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6532: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503. (bnc#901239 901242 901246) - CVE-2014-4288: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6493: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532. (bnc#901239 901242 901246) - CVE-2014-6492: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6458: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6466: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Internet Explorer, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6506: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6476: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527. (bnc#901239 901242 901246) - CVE-2014-6515: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment. (bnc#901239 901242 901246) - CVE-2014-6511: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D. (bnc#901239 901242 901246) - CVE-2014-6531: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6512: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6457: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. (bnc#901239 901242 901246) - CVE-2014-6527: Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476. (bnc#901239 901242 901246) - CVE-2014-6502: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries. (bnc#901239 901242 901246) - CVE-2014-6558: Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security. (bnc#901239 901242 901246) ------------------------------------------------------------------- Fri Aug 8 07:11:56 UTC 2014 - tchvatal@suse.com - Version bump to 7.1-1.0 bnc#890434: * Maintenance update for the 7.1 series matching oracle jaca 7u65 ------------------------------------------------------------------- Thu Aug 7 08:04:18 UTC 2014 - tchvatal@suse.com - Replace SuSE with SUSE. bnc#889006 ------------------------------------------------------------------- Wed May 14 08:47:10 UTC 2014 - tchvatal@suse.com - Version bump to 7.1-1.0 (bnc#877465): * support for ppc64le * zEC12 and System z hardware compression acceleration support * Improved workload management facilities on z/OS * Native record processing with Data Access Accelerator * see http://www-01.ibm.com/support/docview.wss?uid=swg21657707 ------------------------------------------------------------------- Wed Mar 5 16:28:17 CET 2014 - ro@suse.de - Fix build on i586 and s390 * Remove bogus dependency on libstdc++33 ------------------------------------------------------------------- Mon Feb 17 09:57:18 UTC 2014 - mvyskocil@suse.com - Limit package to sle12 compatible architectures - Use SUSE-NonFree License as suggested by legal team - Adapt filelist to much stricter rpm in SLE12 ------------------------------------------------------------------- Tue Dec 10 12:06:55 UTC 2013 - mvyskocil@suse.com - package IBM Java Version 7 Release 1 (FATE#316606) IBM(R) SDK, Java Technology Edition, Version 7 Release 1 is the latest release of the Java SE 7 application programming interfaces (APIs). This release contains the latest virtual machine technology from IBM and is for users who wish to use Java SE 7 APIs to: * utilize enhanced native record processing * exploit the new zEC12 capabilities * improve monitoring and diagnostics * evaluate IBM's latest cloud enablement technology * see http://www-01.ibm.com/support/docview.wss?uid=swg21657707