Update Java from 1.8.0_131 to 1.8.0_141 #437
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From [1][2][3][4]: > This release contains fixes for security vulnerabilities described in > the Oracle Java SE Critical Patch Update Advisory. For a more complete > list of the bug fixes included in this release, see the JDK 8u141 Bug > Fixes page. The Debian change-log for OpenJDK [5] lists the issues. > * Security fixes from 8u141: > - CVE-2017-10102, S8163958: Improved garbage collection. > - CVE-2017-10053, S8169209: Improved image post-processing steps. > - CVE-2017-10067, S8169392: Additional jar validation steps. > - CVE-2017-10081, S8170966: Right parenthesis issue. > - CVE-2017-10078, S8171539: Better script accessibility for JavaScript. > - CVE-2017-10087, S8172204: Better Thread Pool execution. > - CVE-2017-10089, S8172461: Service Registration Lifecycle. > - CVE-2017-10090, S8172465: Better handling of channel groups. > - CVE-2017-10096, S8172469: Transform Transformer Exceptions. > - CVE-2017-10101, S8173286: Better reading of text catalogs. > - CVE-2017-10107, S8173697: Less Active Activations. > - CVE-2017-10074, S8173770: Image conversion improvements. > - CVE-2017-10110, S8174098: Better image fetching. > - CVE-2017-10108, S8174105: Better naming attribution. > - CVE-2017-10109, S8174113: Better sourcing of code. > - CVE-2017-10115, S8175106: Higher quality DSA operations. > - CVE-2017-10118, S8175110: Higher quality ECDSA operations. > - CVE-2017-10116, S8176067: Proper directory lookup processing. > - CVE-2017-10135, S8176760: Better handling of PKCS8 material. > - CVE-2017-10176, S8178135: Additional elliptic curve support. > - CVE-2017-10193, S8179101: Improve algorithm constraints implementation. > - CVE-2017-10198, S8179998: Clear certificate chain connections. > - S8174770: Check registry registration location. > - S8174873: Improved certificate procesing. > - S8176055: JMX diagnostic improvements. > - S8176536: Improved algorithm constraints checking. > - S8181420: PPC: Image conversion improvements. > - S8182054: Improve wsdl support. > - S8184185: Rearrange MethodHandle arrangements. > > * CVE-2017-10243 is also fixed in 8u141-b15 (S8182054). [1] https://www.oracle.com/technetwork/java/javase/downloads/index.html [2] https://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html [3] https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [4] https://www.oracle.com/technetwork/java/javase/2col/8u141-bugfixes-3720387.html [5] http://metadata.ftp-master.debian.org/changelogs/main/o/openjdk-8/openjdk-8_8u141-b15-3_changelog
pmenzel
force-pushed
the
update-java-from-1.8.0_131-to-1.8.0_141
branch
from
afd778b
to
e082c6b
Compare
Sign in
to join this conversation on GitHub.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Tested on keineahnung.