regression on openjdk-8 caused by the S8169392 security update

Bug #1707082 reported by Tiago Stürmer Daitx on 2017-07-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openjdk-8 (Ubuntu)
Critical
Unassigned
Xenial
Critical
Steve Beattie
Zesty
Critical
Steve Beattie

Bug Description

The security update S8169392 introduced a regression on OpenJDK 8 and the regression was fixed by S8184993 (released as 8u144). This was reported on http://mail.openjdk.java.net/pipermail/jdk8u-dev/2017-July/006793.html

This affects OpenJDK-8 versions:
- Xenial: 8u131-b11-2ubuntu1.16.04.2
- Zesty: 8u131-b11-2ubuntu1.17.04.2
- Artful: 8u141-b15-3

Changed in openjdk-8 (Ubuntu):
importance: Undecided → Critical
Robie Basak (racb) wrote :

16:07 <tdaitx> hmm, I still need the tasks for Xenial and Zesty (Critical importance) on LP: #1707082,
could someone please create those?

Changed in openjdk-8 (Ubuntu Xenial):
importance: Undecided → Critical
Changed in openjdk-8 (Ubuntu Zesty):
importance: Undecided → Critical
Changed in openjdk-8 (Ubuntu):
status: New → Confirmed
Changed in openjdk-8 (Ubuntu Xenial):
status: New → Confirmed
Changed in openjdk-8 (Ubuntu Zesty):
status: New → Confirmed
Steve Beattie (sbeattie) on 2017-07-28
Changed in openjdk-8 (Ubuntu Xenial):
assignee: nobody → Steve Beattie (sbeattie)
Changed in openjdk-8 (Ubuntu Zesty):
assignee: nobody → Steve Beattie (sbeattie)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-8 - 8u131-b11-2ubuntu1.17.04.3

---------------
openjdk-8 (8u131-b11-2ubuntu1.17.04.3) zesty-security; urgency=medium

  * Fix regression introduced by security fix S8169392. LP: #1707082.
    - debian/rules: apply jdk-S8184993-fix-S8169392-regression.patch.
    - debian/patches/jdk-S8184993-fix-S8169392-regression.patch: upstream
      fix for the regression.

 -- Tiago Stürmer Daitx <email address hidden> Thu, 27 Jul 2017 21:26:44 +0000

Changed in openjdk-8 (Ubuntu Zesty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-8 - 8u131-b11-2ubuntu1.16.04.3

---------------
openjdk-8 (8u131-b11-2ubuntu1.16.04.3) xenial-security; urgency=medium

  * Fix regression introduced by security fix S8169392. LP: #1707082.
    - debian/rules: apply jdk-S8184993-fix-S8169392-regression.patch.
    - debian/patches/jdk-S8184993-fix-S8169392-regression.patch: upstream
      fix for the regression.

 -- Tiago Stürmer Daitx <email address hidden> Thu, 27 Jul 2017 21:26:44 +0000

Changed in openjdk-8 (Ubuntu Xenial):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-8 - 8u144-b01-1

---------------
openjdk-8 (8u144-b01-1) unstable; urgency=medium

  * Update to 8u144-b01.
    - fix regression introduced by security fix S8169392. LP: #1707082.

  [ Matthias Klose ]
  * Fix libjvm.so's .debug file names. LP: #1548434.
  * Remove dependency on multiarch-support. Closes: #870520.

  [ Tiago Stürmer Daitx ]
  * debian/apport-hook.py:
    - truncate hs_err if bigger than 100 KiB instead of ignoring it.
    - add message if hs_err file is not found at expected location.
    - report file size in human readble SI units.
  * debian/control.in:
    - move 'Breaks:' from openjdk-8-jdk-headless to openjdk-8-jre-headless.
    - remove jamvm references.
  * debian/control.jamvm-jre: removed.
  * debian/control.jamvm-trans: transactional package for jamvm.
  * debian/rules:
    - add aarch32 hotspot support.
    - build aarch32 using client jvm-variant (no server in aarch32 port).
    - use DEB_HOST_ARCH instead of DEB_HOST_ARCH_CPU as armel and armhf
      are both reported as arm.
    - explicitly add kfreebsd-i386, kfreebsd-amd64, hurd-i386 to arch_map
      and archdir_map due to usage of DEB_HOST_ARCH.
    - avoid building zero as an alternative vm for aarch32.
    - disable precompiled headers on Trusty to minimize g++-4.8 segfaults.
    - don't build zero alternate vm on Trusty, avoid g++-4.8 segfaults.
    - add a 'Breaks:' entry to ca-certificates-java for all releases
      except Trusty. LP: #1706567.
    - remove jamvm.
  * debian/patches/aarch64.diff: remove unnecessary chunks as aarch64 is
    now upstream.
  * debian/patches/aarch32.diff: add required changes to root and jdk to
    build aarch32.
  * debian/patches/hotspot-libpath-aarch32.diff: copied from
    hotspot-libpath-default.diff.
  * debian/patches/ppc64le-8036767.diff: updated.
  * debian/patches/jdk-ppc64el-S8170153.patch: updated to include aarch64.
  * debian/patches/jdk-java-nio-bits-unligned-aarch64.diff: Check for
    "aarch64" along with other unaligned access supporting architectures.

 -- Matthias Klose <email address hidden> Wed, 23 Aug 2017 21:41:07 +0200

Changed in openjdk-8 (Ubuntu):
status: Confirmed → Fix Released
tags: added: id-597a759458b0876477fa6321
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers