This bug was fixed in the package openjdk-8 - 8u131-b11-2ubuntu1.17.04.2 --------------- openjdk-8 (8u131-b11-2ubuntu1.17.04.2) zesty-security; urgency=medium * patches/hotspot-ppc64el-S8181055-use-numa-v2-api.patch: mbind invalid argument message is still seen after S8175813; use numa_interleave_memory v2 api when available. LP: #1705763. openjdk-8 (8u131-b11-2ubuntu1.17.04.1) zesty-security; urgency=medium * Security fixes from 8u141: - CVE-2017-10102, S8163958: Improved garbage collection. - CVE-2017-10053, S8169209: Improved image post-processing steps. - CVE-2017-10067, S8169392: Additional jar validation steps. - CVE-2017-10081, S8170966: Right parenthesis issue. - CVE-2017-10078, S8171539: Better script accessibility for JavaScript. - CVE-2017-10087, S8172204: Better Thread Pool execution. - CVE-2017-10089, S8172461: Service Registration Lifecycle. - CVE-2017-10090, S8172465: Better handling of channel groups. - CVE-2017-10096, S8172469: Transform Transformer Exceptions. - CVE-2017-10101, S8173286: Better reading of text catalogs. - CVE-2017-10107, S8173697: Less Active Activations. - CVE-2017-10074, S8173770: Image conversion improvements. - CVE-2017-10110, S8174098: Better image fetching. - CVE-2017-10108, S8174105: Better naming attribution. - CVE-2017-10109, S8174113: Better sourcing of code. - CVE-2017-10115, S8175106: Higher quality DSA operations. - CVE-2017-10118, S8175110: Higher quality ECDSA operations. - CVE-2017-10116, S8176067: Proper directory lookup processing. - CVE-2017-10135, S8176760: Better handling of PKCS8 material. - CVE-2017-10176, S8178135: Additional elliptic curve support. - CVE-2017-10193, S8179101: Improve algorithm constraints implementation. - CVE-2017-10198, S8179998: Clear certificate chain connections. - S8174770: Check registry registration location. - S8174873: Improved certificate procesing. - S8176055: JMX diagnostic improvements. - S8176536: Improved algorithm constraints checking. - S8181420: PPC: Image conversion improvements. - S8182054: Improve wsdl support. - S8184185: Rearrange MethodHandle arrangements. * debian/rules: - enable apport hook on Ubuntu and derivatives only. - remove with_zenhai logic. - remove unused with_tzdata logic, move tzdata build dependency to control.in. - add Breaks:tzdata-java except for wheezy, jessie or trusty. - re-enable jamvm for Xenial only. - run debian/control before build so we won't build with a invalid control file. - remove logic to select between ttf or font packages and depend on fonts-wqy-microhei and fonts-wqy-zenhei instead * debian/apport-hook.py: add an apport hook to include conffiles modified by the user on any report and the hs_err log file on crash report only. LP: #1696886. * patches/fontconfig-arphic-uming.diff: only enabled when with_zenhai was false; not required since lenny. * patches/hotspot-ppc64el-S8175813-mbind-invalid-argument.patch: prevent invalid argument message when invoking UseNUMA on a system with non-consecutive numa topology. LP: #1697348. openjdk-8 (8u131-b11-2) unstable; urgency=medium * Tighten dependency on libatk-wrapper-java-jni. Closes: #862508. openjdk-8 (8u131-b11-1) unstable; urgency=high * Update to 8u131-b11, Hotspot 8u112-b12 for AArch64. * Security fixes: - S8167110, CVE-2017-3514: Windows peering issue. - S8165626, CVE-2017-3512: Improved window framing. - S8163528, CVE-2017-3511: Better library loading. - S8169011, CVE-2017-3526: Resizing XML parse trees. - S8163520, CVE-2017-3509: Reuse cache entries. - S8171533, CVE-2017-3544: Better email transfer. - S8170222, CVE-2017-3533: Better transfers of files. - S8171121, CVE-2017-3539: Enhancing jar checking. [ Tiago Stürmer Daitx ] * d/p/jdk-ppc64el-S8165231.diff: fixes java.nio.Bits.unaligned() on ppc64el. LP: #1677612. * debian/buildwatch.sh: updated to stop it if no 'make' process is running, as it probably means that the build failed - otherwise buildwatch keeps the builder alive until it exits after the timer (3 hours by default) expires. [ Matthias Klose ] * openjdk-8-jre-headless: Add a break for tzdata-java. Closes: #857992. * Use fonts-wqy-microhei and fonts-wqy-zenhei instead of transitional package names. Closes: #859528. -- Tiago Stürmer Daitx