PPC64: Use andis instead of lis/and is absent in OpenJDK 8

Bug #1723862 reported by bugproxy on 2017-10-16
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
The Ubuntu-power-systems project
Medium
Unassigned
openjdk-8 (Ubuntu)
Low
Tiago Stürmer Daitx

Bug Description

Dear maintainer, could the following change be applied to OpenJDK 8 on next update please in order to solve the issue here described?

http://hg.openjdk.java.net/jdk8u/jdk8u-dev/hotspot/rev/7c3dc80542b6

Thank you.

bugproxy (bugproxy) on 2017-10-16
tags: added: architecture-ppc64le bugnameltc-160103 severity-medium targetmilestone-inin16043
Changed in ubuntu:
assignee: nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage)
affects: ubuntu → openjdk-8 (Ubuntu)
Changed in ubuntu-power-systems:
importance: Undecided → Medium
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Manoj Iyer (manjo) on 2017-10-16
tags: added: triage-g
Steve Langasek (vorlon) on 2017-10-16
Changed in openjdk-8 (Ubuntu):
assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) → Tiago Stürmer Daitx (tdaitx)
Changed in ubuntu-power-systems:
assignee: Canonical Foundations Team (canonical-foundations) → nobody
tags: added: id-59e4f509d958abb7eadbe8ee
Dimitri John Ledkov (xnox) wrote :

This is https://bugs.openjdk.java.net/browse/JDK-8170328

This bug is currently scheduled to be included in the 8u162 security update, to be released in January 2018 across all Ubuntu release.

Changed in openjdk-8 (Ubuntu):
milestone: none → ubuntu-18.01
importance: Undecided → Low
status: New → Triaged
Launchpad Janitor (janitor) wrote :
Download full text (4.2 KiB)

This bug was fixed in the package openjdk-8 - 8u151-b12-1

---------------
openjdk-8 (8u151-b12-1) unstable; urgency=high

  * Update to 8u151-b12. Hotspot 8u144-b01 for aarch32 with 8u151 hotspot
    patches.

  [ Tiago Stürmer Daitx ]
  * Security patches:
    - CVE-2017-10274, S8169026: Handle smartcard clean up better. If a
      CardImpl can be recovered via finalization, then separate instances
      pointing to the same device can be created.
    - CVE-2017-10281, S8174109: Better queuing priorities. PriorityQueue's
      readObject allocates an array based on data in the stream which could
      cause an OOM.
    - CVE-2017-10285, S8174966: Unreferenced references. RMI's Unreferenced
      thread can be used as the root of a Trusted Method Chain.
    - CVE-2017-10295, S8176751: Better URL connections. On Ubuntu (and
      possibly other Linux flavors) CR-NL in the host field are ignored and
      can be used to inject headers in an HTTP request stream.
    - CVE-2017-10388, S8178794: Correct Kerberos ticket grants. Kerberos
      implementations can incorrectly take information from the unencrypted
      portion of the ticket from the KDC. This can lead to an MITM attack
      impersonating Kerberos services.
    - CVE-2017-10346, S8180711: Better alignment of special invocations. A
      missing load constraint for some invokespecial cases can allow invoking
      a method from an unrelated class.
    - CVE-2017-10350, S8181100: Better Base Exceptions. An array is allocated
      based on data in the serial stream without a limit onthe size.
    - CVE-2017-10347, S8181323: Better timezone processing. An array is
      allocated based on data in the serial stream without a limit on the
      size.
    - CVE-2017-10349, S8181327: Better Node predications. An array is
      allocated based on data in the serial stream without a limit onthe size.
    - CVE-2017-10345, S8181370: Better keystore handling. A malicious
      serialized object in a keystore can cause a DoS when using keytool.
    - CVE-2017-10348, S8181432: Better processing of unresolved permissions.
      An array is allocated based on data in the serial stream without a limit
      onthe size.
    - CVE-2017-10357, S8181597: Process Proxy presentation. A malicious
      serialized stream could cause an OOM due to lack on checking on the
      number of interfaces read from the stream for a Proxy.
    - CVE-2017-10355, S8181612: More stable connection processing. If an
      attack can cause an application to open a connection to a malicious FTP
      server (e.g., via XML), then a thread can be tied up indefinitely in
      accept(2).
    - CVE-2017-10356, S8181692: Update storage implementations. JKS and JCEKS
      keystores should be retired from common use in favor of more modern
      keystore protections.
    - CVE-2016-10165, S8183028: Improve CMS header processing. Missing bounds
      check could lead to leaked memory contents.
    - CVE-2016-9841, S8184682: Upgrade compression library. There were four
      off by one errors found in the zlib library. Two of them are long typed
      which could lead to RCE.
  * debian/rules:
    - openjdk8 now ships limited and ...

Read more...

Changed in openjdk-8 (Ubuntu):
status: Triaged → Fix Released
Changed in ubuntu-power-systems:
status: New → Fix Released

------- Comment From <email address hidden> 2018-01-12 08:35 EDT-------
VERIFIED. It's OK. Thanks.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers