IcedTea


We are pleased to announce the release of IcedTea 3.8.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the April 2018 security fixes from OpenJDK 8 u171.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.8.0 (2018-05-29)

  • Security fixes
  • New features
    • PR3493: Run AES test to test intrinsics
  • Import of OpenJDK 8 u162 build 12
    • S4354680: Runtime.runFinalization() silently clears interrupted flag in the calling thread
    • S6618335: ThreadReference.stop(null) throws NPE instead of InvalidTypeException
    • S6651256: jstack: DeleteGlobalRef method call doesn’t lead to descreasing of global refs count shown by jstack
    • S6656031: SA: jmap -permstat number of classes is off by 1
    • S6977426: sun/tools tests can intermittently fail to find app’s Java pid
    • S6988950: JDWP exit error JVMTI_ERROR_WRONG_PHASE(112)
    • S7124271: [macosx] RealSync test failure
    • S7162125: [macosx] A font has different behaviour for ligatures depending on its creation mod
    • S8023667: SA: ExceptionBlob and other C2 classes not available in client VM
    • S8031661: java/net/Authenticator/B4769350.java failed intermittently
    • S8046778: Better error messages when starting JMX agent via attach or jcmd
    • S8066185: VM crashed with SIGSEGV VirtualMemoryTracker::add_reserved_region
    • S8072428: Enable UseLoopCounter ergonomically if on-stack-replacement is enabled
    • S8073670: TypeF::eq and TypeD::eq do not handle NaNs correctly
    • S8074812: More specific error message when the .java_pid well-known file is not secure
    • S8078269: JTabbedPane UI Property TabbedPane.tabAreaBackground no longer works
    • S8080504: [macosx] SunToolkit.realSync() may hang
    • S8087291: InitialBootClassLoaderMetaspaceSize and CompressedClassSpaceSize should be checked consistent from MaxMetaspaceSize
    • S8132374: AIX: fix value of os.version property
    • S8134103: JVMTI_ERROR_WRONG_PHASE(112): on checking for an interface
    • S8139218: Dialog that opens and closes quickly changes focus in original focusowner
    • S8147002: [macosx] Arabic character cannot be rendered on MacOS X
    • S8148786: xml.tranform fails on x86-64
    • S8155197: Focus transition issue
    • S8157896: TestDSAGenParameterSpec.java test fails with timeout
    • S8158633: BASE64 encoded cert not correctly parsed with UTF-16
    • S8159432: [PIT][macosx] StackOverflow in closed/java/awt/Dialog/DialogDeadlock/DialogDeadlockTest
    • S8162530: src/jdk.management/share/native/libmanagement_ext/GcInfoBuilder.c doesn’t handle JNI exceptions properly
    • S8164954: split_if creates empty phi and region nodes
    • S8166742: SIGFPE in C2 Loop IV elimination
    • S8169961: Memory leak after debugging session
    • S8172751: OSR compilation at unreachable bci causes C1 crash
    • S8175340: Possible invalid memory accesses due to ciMethodData::bci_to_data() returning NULL
    • S8177026: jvm.dll file version not updated since 8u72
    • S8177414: Missing key events on Mac Os
    • S8177958: Possible uninitialized char* in vm_version_solaris_sparc.cpp
    • S8178047: Aliasing problem with raw memory accesses
    • S8179086: java.time.temporal.ValueRange has poor hashCode()
    • S8180370: Characters are skipped on input of Korean text on OS X
    • S8180855: Null pointer dereference in OopMapSet::all_do of oopMap.cpp:394
    • S8181659: Create an alternative fix for JDK-8167102, whose fix was backed out
    • S8181786: Extra runLater causes impossible states to be possible using javafx.embed.singleThread=true
    • S8182402: Tooltip for Desktop button is in English when non-English locale is set
    • S8182996: Incorrect mapping Long type to JavaScript equivalent
    • S8184009: Missing null pointer check in InterpreterRuntime::update_mdp_for_ret()
    • S8184271: Time related C1 intrinsics produce inconsistent results when floating around
    • S8184328: JDK 8u131 socketRead0 hang at SSL read
    • S8184893: jdk8u152 b06 : issues with nashorn when running kraken benchmarks
    • S8185346: Relax RMI Registry Serial Filter to allow arrays of any type
    • S8187023: Cannot read pkcs11 config file in UTF-16 environment
    • S8189918: Remove Trailing whitespace from file while syncing 8u into 8u162-b03
    • S8190280: [macos] Font2DTest demo started failing for Arabic range from JDK 8 u162 b01 on Mac
    • S8190542: 8u162 L10n resource file update
    • S8192794: 8u162 L10n resource file update md20
  • Import of OpenJDK 8 u171 build 11
    • S8054213: Class name repeated in output of Type.toString()
    • S8068778: [TESTBUG] CompressedClassSpaceSizeInJmapHeap.java fails if SA not available
    • S8150530: Improve javax.crypto.BadPaddingException messages
    • S8153955: increase java.util.logging.FileHandler MAX_LOCKS limit
    • S8169080: Improve documentation examples for crypto applications
    • S8175075: Add 3DES to the default disabled algorithm security property
    • S8179665: [Windows] java.awt.IllegalComponentStateException: component must be showing on the screen to determine its location
    • S8186032: Disable XML Signatures signed with EC keys less than 224 bits
    • S8186441: Change of behavior in the getMessage () method of the SOAPMessageContextImpl class
    • S8187496: Possible memory leak in java.apple.security.KeychainStore.addItemToKeychain
    • S8189851: [TESTBUG] runtime/RedefineTests/RedefineInterfaceCall.java fails
    • S8191358: Restore TSA certificate expiration check
    • S8191909: Nightly failures in nashorn suite
    • S8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile
    • S8194259: keytool error: java.io.IOException: Invalid secret key format
    • S8196952: Bad primeCertainty value setting in DSAParameterGenerator
    • S8197030: Perf regression on all platforms with 8u171-b03 – early lambda use
    • S8198494: 8u171 and 8u172 – Build failure on non-SE Linux Platforms
    • S8198662: Incompatible internal API change in JDK8u161: signature of method exportObject()
    • S8198963: Fix new rmi property name
    • S8199001: [TESTBUG] RMIConnectionFilterTest.java test fails in compilation
    • S8199141: Windows: new warning messaging for JRE installer UI in non-MOS cases
    • S8200314: JDK 8u171 l10n resource file update – msg drop 40
  • Backports
  • Bug fixes
    • S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations
    • S8199936, PR3591: Fix for bug 3533 doesn’t add -mstackrealign to JDK code
    • PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build
    • PR3549: Desktop file doesn’t reference versioned icon
    • PR3550: Additional category used in jconsole.desktop.in is incorrect
    • PR3559: Use ldrexd for atomic reads on ARMv7.
    • PR3575, RH1567204: System cacerts database handling should not affect jssecacerts
    • PR3592: Skip AES test on AArch64 due to VM crash
    • PR3593: s390 needs to use ‘%z’ format specifier for size_t arguments as size_t != int
    • PR3594: Patch for bug 3593 breaks Shenandoah build
    • PR3597: Potential bogus -Wformat-overflow warning with -Wformat enabled
  • Shenandoah
    • PR3573: Fix TCK crash with Shenandoah
    • Remove oop cast in oopMap.cpp again, as oopDesc::operator== has additional checking in Shenandoah.
    • Fix new code for Shenandoah after the 8u171 merge
    • Revert accidental OpSpinWait matching
    • UseBiasedLocking should be disabled only for Shenandoah
  • AArch32 port
    • PR3548: Add missing return values for AArch32 port

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • ef1a9110294d0a905833f1db30da0c8a88bd2bde8d92ddb711d72ec763cd25b0 icedtea-3.8.0.tar.gz
  • 5ed72a7475d91e6ef863449f39c12f810d1352d815b4dd4d9a0b8b04d8604949 icedtea-3.8.0.tar.gz.sig
  • ff9d3737ca5cc8712bad31c565c50939d8b062234d3d49c5efa083bbaa24c3e6 icedtea-3.8.0.tar.xz
  • cb93df3c4b632d75b0b7c4e5280b868f109a0aef26f59f0455d5e6a1992b344c icedtea-3.8.0.tar.xz.sig

The checksums can be downloaded from:

A 3.8.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.8.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.8.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.8.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the April 2018 security fixes from OpenJDK 7 u181.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.14 (2018-05-23)

  • Security fixes
  • Import of OpenJDK 7 u181 build 0
    • S7132338: Use @code friendly idiom for ‘\’ in javadoc
    • S8001419: Build the JCE portion of JDK-8000970
    • S8019360: Cleanup of the javadoc <code> tag in java.security.*
    • S8020842: IDN do not throw IAE when hostname ends with a trailing dot
    • S8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java fails
    • S8026982: javadoc errors in core libs
    • S8029020: Check src/share/native/java/util/zip code for JNI pending exceptions
    • S8029475: Fix more doclint issues in javax.security
    • S8034031: [parfait] JNI exception pending in jdk/src/macosx/native/apple/security/KeystoreImpl.m
    • S8054213: Class name repeated in output of Type.toString()
    • S8064524: Compiler code generation improvements
    • S8150530: Improve javax.crypto.BadPaddingException messages
    • S8153955: increase java.util.logging.FileHandler MAX_LOCKS limit
    • S8169080: Improve documentation examples for crypto applications
    • S8175075: Add 3DES to the default disabled algorithm security property
    • S8179665: [Windows] java.awt.IllegalComponentStateException: component must be showing on the screen to determine its location
    • S8186032: Disable XML Signatures signed with EC keys less than 224 bits
    • S8187496: Possible memory leak in java.apple.security.KeychainStore.addItemToKeychain
    • S8189789: tomcat gzip-compressed response bodies appear to be broken in update 151
    • S8191358: Restore TSA certificate expiration check
    • S8191909: Nightly failures in nashorn suite
    • S8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile
    • S8194259: keytool error: java.io.IOException: Invalid secret key format
    • S8198494: 8u171 and 8u172 – Build failure on non-SE Linux Platforms
    • S8198963: Fix new rmi property name
    • S8200760: java.security-linux was missed in backport of JDK-8160104
  • Import of OpenJDK 7 u181 build 1
    • S8200314: JDK 8u171 l10n resource file update – msg drop 40
    • S8202850: Fix for 8189123 doesn’t include precompiled header
  • Backports
  • Bug fixes
    • PR3551: Additional category used in jconsole.desktop.in is incorrect
    • PR3576, RH1567204: System cacerts database handling should not affect jssecacerts
    • PR3595: Bootstrapping with IcedTea 2.x as the bootstrap JDK broken by import of 7u181-b01

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • a486ceedb439218b4a88875665a9523e0795d621abc162f9c370c2785e7cec02 icedtea-2.6.14.tar.gz
  • 266c5a91794c4eba40341c66a8b9087cc81f5272cabbc17ef15200a12f46dd5f icedtea-2.6.14.tar.gz.sig
  • d4ecb24eb1c7fa08d35ee0893476256732a49dccd2b98fa38fc8257106a6f69a icedtea-2.6.14.tar.xz
  • 363de40dfcf53b1fab45413cbc7b8ce4167ba22a947410082e317a88a096734f icedtea-2.6.14.tar.xz.sig

The checksums can be downloaded from:

A 2.6.14 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.14.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.14.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.14/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.7.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the January 2018 security fixes from OpenJDK 8 u161.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.7.0 (2018-02-28)

  • Security fixes
  • Import of OpenJDK 8 u152 build 16
    • S4953367: MAWT: Java should be more careful manipulating NLSPATH, XFILESEARCHPATH env variables
    • S6772009: java/util/concurrent/locks/ReentrantLock/CancelledLockLoops.java test failed with ‘Completed != 2′
    • S6947916: JarURLConnection does not handle useCaches correctly
    • S6980209: Make tracking SecondaryLoop.enter/exit methods easier
    • S7052625: com/sun/net/httpserver/bugs/6725892/Test.java fails intermittently
    • S7102702: java/net/PortUnreachableException/OneExceptionOnly.java failing
    • S7131356: (props) “No Java runtime present, requesting install” when creating VM from JNI [macosx]
    • S7172652: With JDK 1.7 text field does not obtain focus when using mnemonic Alt/Key combin
    • S8022291: Mac OS: Unexpected JavaLaunchHelper message displaying
    • S8022580: sun.net.ftp.impl.FtpClient.nameList(String path) handles “null” incorrectly
    • S8025306: Inet[4|6]Address class and fieldID initialization in networking native code
    • S8028363: XmlGregorianCalendarImpl.getTimeZone() bug when offset is less than 10 minutes
    • S8028725: [Parfait] warnings from b116 for jdk.src.solaris.native.java.net: JNI pending exceptions
    • S8028769: Check src/share/native/java/lang/*.c for cases when JNI calls are used with pending warnings
    • S8029018: (bf) Check src/share/native/java/nio/Bits.c for JNI pending exceptions
    • S8030116: (process) Check Parfait warnings in src/solaris/native/java/lang/*
    • S8031586: Check jdk/src/*/native/com/sun/security/auth/module for pending JNI exceptions
    • S8033371: jdk/src/solaris/native/java/lang/ProcessEnvironment.c environ doesn’t check for JNI pending exceptions
    • S8033372: Check jdk/src/share/native/java/lang for JNI pending exception issues
    • S8034102: Check solaris/native/sun/nio/fs/MacOSXNativeDispatcher.c for JNI pending exceptions
    • S8034249: need more workarounds for suspend equivalent condition issue
    • S8035158: Remove dependency on sun.misc.RegexpPool and friends
    • S8035568: [macosx] Cursor management unification
    • S8035653: InetAddress.getLocalHost crash
    • S8037346: Need to terminate server process if client runs into problems
    • S8037909: JNI warnings in jdk/src/windows/native/java/nio/MappedByteBuffer.c
    • S8038075: JNI warnings in jdk/src/share/native/sun/misc/VMSupport.c
    • S8038348: Instance field load is replaced by wrong data Phi
    • S8039412: Stack overflow on Linux using DialogTypeSelection.NATIVE
    • S8040322: TextArea.replaceRange() and insert() are broken with setText(null)
    • S8040635: [macosx] Printing a shape filled with a texture doesn’t work under Mac OS X
    • S8043913: remove legacy code in SPARC’s VM_Version::platform_features
    • S8046768: com/sun/jndi/ldap/LdapTimeoutTest.java fails intermittently
    • S8046893: JNI exception pending in jdk/src/solaris/native/java/net: ExtendedOptionsImpl.c, PlainDatagramSocketImpl.c
    • S8046901: Check jdk/src/solaris/native/sun/nio for Parfait flagged uninitialized memory
    • S8049717: expose L1_data_cache_line_size for diagnostic/sanity checks
    • S8050478: [macosx] Cursor not updating correctly after closing a modal dialog
    • S8054214: JapaneseEra.getDisplayName doesn’t return names if it’s an additional era
    • S8055204: Memory leak in jdk/src/windows/native/java/lang/java_props_md.c
    • S8058316: lookupDefaultPrintService returns null on Solaris 11
    • S8061258: [macosx] PrinterJob’s native Print Dialog does not reflect specified Copies or Page Ranges
    • S8064470: JNI exception pending in jdk/src/java/base/unix/native/libjava/FileDescriptor_md.c
    • S8066250: compiler/dependencies/MonomorphicObjectCall/TestMonomorphicObjectCall.java fails product
    • S8067059: PrinterJob.pageDialog() with DialogSelectionType.NATIVE returns a PageFormat when cancelled.
    • S8071424: JCK test api/java_net/Socket/descriptions.html#Bind crashes on Windows
    • S8075516: Deleting a file from either the open or save java.awt.FileDialog hangs.
    • S8076249: NPE in AccessBridge while editing JList model
    • S8076554: [macosx] Custom Swing text components need to allow standard accessibility
    • S8080486: JNI exception pending in jdk/src/java.base/windows/native/libnet/DualStackPlainSocketImpl.c
    • S8081219: hs_err improvement: Add event logging for class redefinition to the hs_err file
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8087342: Crash in klassItable::initialize_itable_for_interface
    • S8089573: [macosx] Incorrect char to glyph mapping printing on OSX 10.10
    • S8129361: ISO 4217 amendment 160
    • S8130041: TsacertOptionTest.java intermittently fails on Mac
    • S8132209: DiagnosticCommandImpl.getNotificationInfo() may expose internal representation
    • S8132455: com/sun/jndi/ldap/LdapTimeoutTest.java fails at handleNamingException
    • S8134119: Use new API to get cache line sizes
    • S8134389: Crash in HotSpot with jvm.dll+0x42b48 ciObjectFactory::create_new_metadata
    • S8134918: C2: Type speculation produces mismatched unsafe accesses
    • S8135124: com/sun/jndi/ldap/LdapTimeoutTest.java failed intermittently
    • S8136570: Stop changing user environment variables related to /usr/dt
    • S8139189: VK_OEM_102 dead key detected as VK_UNDEFINED
    • S8140309: [REDO] failed: no mismatched stores, except on raw memory: StoreB StoreI
    • S8140525: AwtFrame::WmShowWindow() may steal focus
    • S8141370: com/sun/jndi/ldap/LdapTimeoutTest.java failed intermittently
    • S8143897: Weblogic12medrec assert(handler_address == SharedRuntime::compute_compiled_exc_handler(nm, pc, exception, force_unwind, true)) failed: Must be the same
    • S8145207: [macosx] JList, VO can’t access non-visible list items
    • S8145732: Duplicate entry in http.nonProxyHosts will ignore subsequent entries
    • S8145952: ISO 4217 amendment 161
    • S8145981: (fs) LinuxWatchService can reports events against wrong directory
    • S8146961: Fix PermGen memory leaks caused by static final Exceptions
    • S8147772: Update KerberosTicket to describe behavior if it has been destroyed and fix NullPointerExceptions
    • S8149521: automatic discovery of LDAP servers with Kerberos authentication
    • S8149714: [parfait] char array lengths don’t match in awt_Font.cpp:1701
    • S8152000: Java FlightRecorder does not run on Java 8 compact 3 profile since u65
    • S8152172: PPC64: Support AES intrinsics
    • S8152730: File Leak in CompileBroker::init_compiler_thread_log of compileBroker.cpp:1665.
    • S8152981: Double icons with JMenuItem setHorizontalTextPosition on Win 10
    • S8153134: Infinite loop in handle_wrong_method in jmod
    • S8153176: ParOldGC: Use correct TaskQueueSet for ParallelTaskTerminator in marking.
    • S8153267: nmethod’s exception cache not multi-thread safe
    • S8153925: (fs) WatchService hangs on GetOverlappedResult and locks directory (win)
    • S8154945: Enable 8130150 and 8081778 intrinsics by default
    • S8155691: Update GIFlib library to the latest up-to-date
    • S8155781: C2: opaque unsafe access triggers an assert
    • S8156116: [macosx] two JNI locals to delete in AWTWindow.m, CGraphicsEnv.m
    • S8156723: JVM crash at sun.java2d.windows.GDIBlitLoops.nativeBlit
    • S8157035: Use stronger algorithms and keys for JSSE testing
    • S8157181: Compilers accept modification of final fields outside initializer methods
    • S8157184: java/lang/invoke/LFCaching/LFMultiThreadCachingTest.java failed with a fatal error
    • S8157548: JVM crashes sometimes while starting
    • S8157665: ProblemList.txt needs to be updated as 7041639 closed
    • S8158325: [macosx] Memory leak in com.apple.laf.ScreenMenu
    • S8158356: SIGSEGV when attempting to rotate BufferedImage using AffineTransform by NaN degrees
    • S8158639: C2 compilation fails with SIGSEGV
    • S8159035: CTSMode.java test crashed due to unhandled case of cipher length value as 0
    • S8159696: java.beans.MethodRef#get throws NullPointerException
    • S8160024: jdb returns invalid argument count if first parameter to Arrays.asList is null
    • S8160119: Utils.tryFindJvmPid sometimes find incorrect pid
    • S8160174: java.net.NetworkInterface – fixes and improvements for network interface listing
    • S8160370: System.getProperty(“os.version”) returns “Unknown” on Mac
    • S8160551: assert(c == Bytecodes::_putfield) failed: must be putfield
    • S8160570: [macosx] modal dialog can skip the activation/focus events
    • S8160623: [PIT] Exception running java/awt/event/KeyEvent/KeyChar/KeyCharTest.java
    • S8160664: JVM crashed with font manager on Solaris 12
    • S8160696: IllegalArgumentException: adding a component to a container on a different GraphicsDevice
    • S8160893: [macosx] JMenuItems in JPopupMenu are not accessible
    • S8160913: [TEST_BUG] javax/management/security/SecurityTest.java fails due to missing keyStore file
    • S8160941: “text/uri-list” dataflavor concats the first two strings
    • S8161039: System.getProperty(“os.version”) returns incorrect version number on Mac
    • S8161664: Memory leak in com.apple.laf.AquaProgressBarUI removed progress bar still referenced
    • S8161733: [parfait] Memory leak in imageioJPEG.c:2803
    • S8161742: [parfait] Uninitialised memory in isXTestAvailable of awt_Robot.c:65
    • S8161761: [parfait] 2 JNI exception pending defect groups in GraphicsPrimitiveMgr.c
    • S8162101: C2: Handle “wide” aliases for unsafe accesses
    • S8162488: JDK should be updated to use LittleCMS 2.8
    • S8162496: missing precedence edge for anti_dependence
    • S8162598: XSLTC transformer swallows empty namespace declaration which is needed to undeclare default namespace
    • S8162603: Unrecognized VM option ‘UseCountedLoopSafepoints’
    • S8162766: Unsafe_DefineClass0 accesses raw oops while in _thread_in_native
    • S8162795: [REDO] MemberNameTable doesn’t purge stale entries
    • S8162796: [macosx] LinearGradientPaint and RadialGradientPaint are not printed on OS X.
    • S8163104: Unexpected NPE still possible on some Kerberos ticket calls
    • S8163181: Further improvements for Unix NetworkInterface native implementation
    • S8163518: Integer overflow in StringBufferInputStream.read() and CharArrayReader.read/skip()
    • S8163877: Tests added in JDK-8163518 fail on some platforms
    • S8163896: Finalizing one key of a KeyPair invalidates the other key
    • S8163945: Honor Number type hint in toPrimitive on Numbers
    • S8163969: Cyclic interface initialization causes JVM crash
    • S8163979: [macosx] Chinese text shows as Latin w/ openVanilla input method
    • S8164002: Add a new CPU family (S_family) for SPARC S7 and above processors
    • S8164119: MoveToOtherScreenTest fails due wrong key attribute
    • S8164366: ZoneOffset.ofHoursMinutesSeconds() does not reject invalid input
    • S8164501: Uninitialised memory in byteArrayToPacket of SharedMemoryConnection.c
    • S8164508: unexpected profiling mismatch in c1 generated code
    • S8164784: ISO 4217 amendment 162
    • S8164846: CertificateException missing cause of underlying exception
    • S8165153: Crash in rebuild_cpu_to_node_map
    • S8165243: Base64.Encoder.wrap(os).write(byte[],int,int) with incorrect arguments should not produce output
    • S8165320: Small flaw when integrating 8160174 to JDK8
    • S8165428: Security Warning dialog should be always on the top when multiple applets with APPLICATION_MODAL dialog launched in a browser
    • S8165482: java in ldoms, with cpu-arch=generic has problems
    • S8165717: [macosx] Various memory leaks in jdk9
    • S8165751: NPE hit with java.security.debug=provider
    • S8165829: Android Studio 2.x crashes with NPE at sun.lwawt.macosx.CAccessibility.getAccessibleIndexInParent
    • S8165988: Test JarURLConnectionUseCaches.java fails at windows: failed to clean up files after test
    • S8166248: tools/pack200/Pack200Test.java fails on Win32: Could not reserve enough space
    • S8166507: ConcurrentSkipListSet.clear() can leave the Set in an invalid state
    • S8166747: Add invalid network / computer name cases to isReachable known failure switch
    • S8166799: ASSEMBLY_EXCEPTION contains historical company name
    • S8166840: Synthetic bridge constructor in ArrayList$Itr blocks inlining
    • S8166872: GPL header in /hotspot/src/share/vm/gc_implementation/g1/g1RemSetSummary.cpp
    • S8166902: Nested object literal property maps not reset in optimistic recompilation
    • S8167102: [macosx] PrintRequestAttributeSet breaks page size set using PageFormat
    • S8168115: Remove and retag jdk8u122-b03 in 8u repo
    • S8168364: [macosx] Delete unused class NSPrintinfo
    • S8168373: don’t emit conversions for symbols outside their lexical scope
    • S8168405: Pending exceptions in java.base/windows/native
    • S8168751: Two “Direct Clip” threads are created to play the same “AudioClip” object, what makes clip sound corrupted
    • S8168914: Crash in ClassLoaderData/JNIHandleBlock::oops_do during concurrent marking
    • S8169056: StringIndexOutOfBoundsException in Pattern.compile with CANON_EQ flag
    • S8169112: java.lang.VerifyError: (class: GregorSamsa, method: template-bash signature: (LGregorSamsa8;)V) Register 10 contains wrong type
    • S8169229: RSAClientKeyExchange debug info is incorrect
    • S8169355: Diacritics input works incorrectly on Windows if Spanish (Latin American) keyboard layout is used
    • S8169481: StackOverflowError on start when parsing PAC file to autodetect Proxy settings
    • S8169556: Wrapping of FileInputStream’s native skip and available methods
    • S8169865: Downport minor fixes in java.net native code from JDK 9 to JDK 8
    • S8170153: PPC64/s390x/aarch64: Poor StrictMath performance due to non-optimized compilation
    • S8170278: ticket renewal won’t happen with debugging turned on
    • S8170409: CMS: Crash in CardTableModRefBSForCTRS::process_chunk_boundaries
    • S8170465: JNI exception pending in jni_util.c:190
    • S8170466: JNI exception pending in jni_util.c:190
    • S8170536: Uninitialised memory in set_uintx_flag of attachListener.cpp
    • S8170552: [macosx] Wrong rendering of diacritics on macOS
    • S8170565: JSObject call() is passed undefined for the argument ‘thiz’
    • S8170578: CUPS Printing is broken with Ubuntu 16.10 (CUPS 2.2)
    • S8170594: >>>=0 generates invalid bytecode for BaseNode LHS
    • S8170913: Java “1.8.0_112″ on Windows 10 displays different characters for EUDCs from ones created in eudcedit.exe.
    • S8170950: Text is displayed in bold when fonts are installed into symlinked folder
    • S8170977: SparseArrayData should not grow its underlying dense array data
    • S8171151: JDK8u ProblemList.txt Updates
    • S8171155: Scanning method file for initialized final field updates can fail for non-existent fields
    • S8171194: Exception “Duplicate field name&signature in class file” should report the name and signature of the field
    • S8171219: Missing checks in sparse array shift() implementation
    • S8171808: Performance problems in dialogs with large tables when JAB activated
    • S8171849: Collection and Queue conversions not prioritized for Arrays
    • S8171909: [PIT] on Windows, failure of java/awt/Dialog/DialogAboveFrame/DialogAboveFrameTest.java
    • S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked.
    • S8172053: (ppc64) Downport of 8170153 breaks build on linux/ppc64 (big endian)
    • S8172145: C2: anti dependence missed because store hidden by membar
    • S8173373: C1: NPE is thrown instead of LinkageError when accessing inaccessible field on NULL receiver
    • S8173423: Wrong display name for supplemental Japanese era
    • S8173581: performance regression in com/sun/crypto/provider/OutputFeedback.java
    • S8173654: Regression since 8u60: System.getenv doesn’t return env var set in JNI code
    • S8173664: Typo in https://java.net/downloads/heap-snapshot/hprof-binary-format.html
    • S8173853: IllegalArgumentException in java.awt.image.ReplicateScaleFilter
    • S8173876: Fast precise scrolling and DeltaAccumulator fix for macOS Sierra 10.12.2
    • S8174736: [JCP] [Mac]Cannot launch JCP on Mac os with language set to “Chinese, Simplified” while region is not China
    • S8174779: Locale issues with Mac 10.12
    • S8175025: The copyright section in the test/java/awt/font/TextLayout/DiacriticsDrawingTest.java should be updated
    • S8175131: sun.rmi.transport.tcp.TCPChannel.createConnection close connection on timeout
    • S8175345: Reported null pointer dereference defect groups
    • S8175915: NullPointerException from JComboBox and JList when Accessibility enabled
    • S8176287: [macosx] The print test crashed with Nimbus L&F
    • S8176490: [macosx] Sometimes NSWindow.isZoomed hangs
    • S8176511: JSObject property access is broken for numeric keys outside the int range
    • S8176530: JDK support for JavaFX modal print dialogs
    • S8177095: Range check dependent CastII/ConvI2L is prematurely eliminated
    • S8177450: javax.swing.text.html.parser.Parser parseScript ignores a character after commend end
    • S8177678: Overstatement of universality of Era.getDisplayName() implementation
    • S8177776: Create an equivalent test case for JDK9′s SupplementalJapaneseEraTest
    • S8177817: Remove assertions in 8u that were removed by 8056124 in 9.
    • S8179515: Class java.util.concurrent.ThreadLocalRandom fails to Initialize when using SecurityManager
    • S8180511: Null pointer dereference in Matcher::ReduceInst()
    • S8180565: Null pointer dereferences of ConstMethod::method()
    • S8180575: Null pointer dereference in LoadNode::Identity()
    • S8180576: Null pointer dereference in Matcher::xform()
    • S8180617: Null pointer dereference in InitializeNode::complete_stores
    • S8180660: missing LNT entry for finally block
    • S8180813: Null pointer dereference of CodeCache::find_blob() result
    • S8180934: PutfieldError failed with UnsupportedClassVersionError
    • S8180949: Correctly handle exception in TCPChannel.createConnection
    • S8181191: getUint32 returning Long
    • S8181192: [macos] javafx.print.PrinterJob.showPrintDialog() hangs on macOS
    • S8181205: JRE fails to load/register security providers when started from UNC pathname
    • S8181500: [TESTBUG] com/sun/jdi/LineNumberInfo.java fails with jArrayIndexOutOfBoundsException
    • S8182672: Java 8u121 on Linux intermittently returns null for MAC address
    • S8185779: 8u152 L10n resource file update
    • S8186532: 8u152 L10n resource file update md20
  • Import of OpenJDK 8 u161 build 12
    • S8035105: DNS provider cleanups
    • S8137255: sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java timeouts intermittently
    • S8140436: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
    • S8148108: Disable Diffie-Hellman keys less than 1024 bits
    • S8148421, PR3504: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
    • S8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java fails on solaris
    • S8156502: Use short name of SupportedEllipticCurvesExtension.java
    • S8158116: com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java failed with timeout
    • S8159240: XSOM parser incorrectly processes type names with whitespaces
    • S8159377: JMX Connections need white-list filters
    • S8161598: Kitchensink fails: assert(nm->insts_contains(original_pc)) failed: original PC must be in nmethod/CompiledMethod
    • S8163237: Restrict the use of EXPORT cipher suites
    • S8166362: [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01
    • S8169944: sun/security/tools tests fail with CompilationError
    • S8170157: Enable unlimited cryptographic policy by default in OracleJDK
    • S8170245: [TEST_BUG] Cipher tests fail when running with unlimited policy
    • S8170911: 8170823 changes in 8u131 causing signature-test failure in jck runtime8b suite
    • S8171262: Stability fixes for lcms
    • S8172297: In java 8, the marshalling with JAX-WS does not escape carriage return
    • S8173631: Backout three hotspot fixes from 8u121-bpr repo
    • S8176536: Improved algorithm constraints checking
    • S8177144: [TEST BUG] sun/net/www/http/HttpClient/B8025710.java should run in ovm mode
    • S8177750: Forgot TestSocketFactory testcase in 8163958 changeset
    • S8178536: OOM ERRORS + SERVICE-THREAD TAKES A PROCESSOR TO 100%
    • S8178728: Check the AlgorithmParameters in algorithm constraints
    • S8179223: Integrate 8176490 into 8u131-bpr repo
    • S8181439: Test the jdk.tls.namedGroups System Property
    • S8181975: Run sun/security/pkcs11 tests on Mac
    • S8182614: Backout JDK-8140436 from 8u161
    • S8183939: Import JDK-8182672 into 8u141-bpr repo
    • S8184016: Text in native popup is not always updated with Sogou IME
    • S8185572: Enable AssumeMP by default on SPARC machines
    • S8185628: Backport jdk/test/lib/testlibrary/CompilerUtils.java to jdk8u which is helpful in test development
    • S8185719: rmi TestSocketFactory does not flush
    • S8185909: Disable JARs signed with DSA keys less than 1024 bits
    • S8186539: [testlibrary] TestSocketFactory should allow triggers before match/replace
    • S8187482: Backout JDK-8159377
    • S8187556: Backout of a fix reintroduced a dependency that had since been removed
    • S8188880: A JAXB JCK test failure found after 8186080
    • S8190258, PR3499: (tz) Support tzdata2017c
    • S8190259, PR3499: test tck.java.time.zone.TCKZoneRules is broken by tzdata2017c
    • S8190266: closed/java/awt/ComponentOrientation/WindowTest.java throws java.util.MissingResourceException.
    • S8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java fails on Solaris x64 5.10
    • S8190497: DHParameterSpec.getL() returns zero after JDK-8072452
    • S8190541: 8u161 L10n resource file update
    • S8190789: sun/security/provider/certpath/LDAPCertStore/TestURICertStoreParameters.java fails after JDK-8186606
    • S8191137, PR3503: keytool fails to format resource strings for keys for some languages after JDK-8171319
    • S8191340: 8ux linux builds failing – com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl (unknown type)
    • S8191352: Remove 8u161-b07 and 8u162-b07 tag to include 8191340 for b07
    • S8191907: PPC64 part of JDK-8174962: Better interface invocations
    • S8192793: 8u161 L10n resource file update md20
    • S8193683: Increase the number of clones in the CloneableDigest
  • Backports
    • S8165996, PR3506: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite
    • S8170523, PR3506: Some PKCS11 test cases are ignored with security manager
    • S8187667, PR3517: Disable deprecation warning for readdir_r
    • S8189789, PR3530: tomcat gzip-compressed response bodies appear to be broken in update 151
    • S8194739, PR3520: Zero port of 8174962: Better interface invocations
    • S8194828, PR3520: Fix for 8194739: Zero port of 8174962: Better interface invocations
    • S8195837, PR3522: (tz) Upgrade time-zone data to tzdata2018c
    • S8196516, PR3523: [REDO] [linux] libfontmanager should be linked against headless awt library
    • S8196978, PR3517: JDK-8187667 fails on GCC 4.4.7 as found on RHEL 6
  • Bug fixes
    • PR3489: Incomplete reading of directory containing tzdb.dat
    • PR3501: Revert 8165320 so as not to revert the work of 8034174 (PR2290)
    • PR3526: configure fails to parse GCC version
  • AArch64 port
    • S8164113, PR3519: AArch64: follow-up the fix for 8161598
    • S8193133, PR3519: Assertion failure because 0xDEADDEAD can be in-heap
    • S8194686, PR3519: AArch64 port of 8174962: Better interface invocations
    • S8195859, PR3519: AArch64: vtableStubs gtest fails after 8174962
    • S8196136, PR3519: AArch64: Correct register use in patch for JDK-8194686
    • S8196221, PR3519: AArch64: Mistake in committed patch for JDK-8195859
    • PR3519: Fix functions with missing return value.
    • PR3519: Fix further functions with a missing return value.
  • AArch32 port
    • S8140584: [aarch32] nmethod::oops_do_marking_epilogue always runs verification code
    • S8174962: [aarch32] Better interface invocations
  • Shenandoah
    • Fix post-CPU merge Shenandoah regressions

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 936302694e193791885e81cf72097eeadee5b68ba220889228b0aafbfb2cb654 icedtea-3.7.0.tar.gz
  • 1361859f0436dd542bb3aa0e1441331158217fcc4e12ead9c1b23654811cf7ea icedtea-3.7.0.tar.gz.sig
  • bc50a4df0e9f81cb58e0e0cbd10bc7efda4f7ff11026b43d3b9ab19b91fdd827 icedtea-3.7.0.tar.xz
  • 4c252427ca9164663e4090279143a28889adf8cf6fd8240b6b34a023a71b4eb3 icedtea-3.7.0.tar.xz.sig

The checksums can be downloaded from:

A 3.7.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.7.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.7.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.7.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the January 2018 security fixes from OpenJDK 7 u171.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.13 (2018-02-27)

  • Security fixes
  • Import of OpenJDK 7 u171 build 0
    • S7171982: Cipher getParameters() throws RuntimeException: Cannot find SunJCE provider
    • S7172652: With JDK 1.7 text field does not obtain focus when using mnemonic Alt/Key combin
    • S8022532: [parfait] Potential memory leak in gtk2_interface.c
    • S8031003: [Parfait] warnings from jdk/src/share/native/sun/security/jgss/wrapper: JNI exception pending
    • S8035105: DNS provider cleanups
    • S8041781: Need new regression tests for PBE keys
    • S8041787: Need new regressions tests for buffer handling for PBE algorithms
    • S8044193: Need to add known answer tests for AES cipher
    • S8048601: Tests for JCE crypto ciphers (part 1)
    • S8048819: Implement reliability test for DH algorithm
    • S8072452: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
    • S8075286: Additional tests for signature algorithm OIDs and transformation string
    • S8137255: sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java timeouts intermittently
    • S8141243: Unexpected timezone returned after parsing a date
    • S8144593: Suppress not recognized property/feature warning messages from SAXParser
    • S8147969: Print size of DH keysize when errors are encountered
    • S8148108: Disable Diffie-Hellman keys less than 1024 bits
    • S8148421, PR3505: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
    • S8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java fails on solaris
    • S8156502: Use short name of SupportedEllipticCurvesExtension.java
    • S8157548: JVM crashes sometimes while starting
    • S8157603: TestCipher.java doesn’t check one of the decrypted message as expected
    • S8158116: com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java failed with timeout
    • S8159240: XSOM parser incorrectly processes type names with whitespaces
    • S8163237: Restrict the use of EXPORT cipher suites
    • S8163958: Improved garbage collection [test case]
    • S8166248: tools/pack200/Pack200Test.java fails on Win32: Could not reserve enough space
    • S8166362: [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01
    • S8170157: Enable unlimited cryptographic policy by default in OracleJDK
    • S8170245: [TEST_BUG] Cipher tests fail when running with unlimited policy
    • S8170536: Uninitialised memory in set_uintx_flag of attachListener.cpp
    • S8177144: [TEST BUG] sun/net/www/http/HttpClient/B8025710.java should run in ovm mode
    • S8178728: Check the AlgorithmParameters in algorithm constraints
    • S8180048: Interned string and symbol table leak memory during parallel unlinking
    • S8184016: Text in native popup is not always updated with Sogou IME
    • S8185628: Backport jdk/test/lib/testlibrary/CompilerUtils.java to jdk8u which is helpful in test development
    • S8185719: rmi TestSocketFactory does not flush
    • S8185909: Disable JARs signed with DSA keys less than 1024 bits
    • S8186539: [testlibrary] TestSocketFactory should allow triggers before match/replace
    • S8187667, PR3518: Disable deprecation warning for readdir_r
    • S8188880: A JAXB JCK test failure found after 8186080
    • S8190258, PR3500: (tz) Support tzdata2017c
    • S8190259, PR3500: test tck.java.time.zone.TCKZoneRules is broken by tzdata2017c
    • S8190266: closed/java/awt/ComponentOrientation/WindowTest.java throws java.util.MissingResourceException.
    • S8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java fails on Solaris x64 5.10
    • S8190497: DHParameterSpec.getL() returns zero after JDK-8072452
    • S8190541: 8u161 L10n resource file update
    • S8190789: sun/security/provider/certpath/LDAPCertStore/TestURICertStoreParameters.java fails after JDK-8186606
    • S8192793: 8u161 L10n resource file update md20
    • S8193683: Increase the number of clones in the CloneableDigest
    • S8194859: Bad backport of 8024468 breaks Zero build due to lack of 8010862 in OpenJDK 7
    • S8195837: (tz) Upgrade time-zone data to tzdata2018c
  • Import of OpenJDK 7 u171 build 1
    • S8007772: G1: assert(!hr->isHumongous() || mr.start() == hr->bottom()) failed: the start of HeapRegion and MemRegion should be consistent for humongous regions
    • S8022956: Clang: enable return type warnings on BSD
    • S8043029: Change 8037816 breaks HS build with older GCC versions which don’t support diagnostic pragmas
    • S8048169: Change 8037816 breaks HS build on PPC64 and CPP-Interpreter platforms
    • S8062808: Turn on the -Wreturn-type warning
    • S8064786: Fix debug build after 8062808: Turn on the -Wreturn-type warning
    • S8143245: Zero build requires disabled warnings
    • S8196952, PR3525: Bad primeCertainty value setting in DSAParameterGenerator
    • S8196978: JDK-8187667 fails on GCC 4.4.7 as found on RHEL 6
    • S8197510: fastdebug builds fail due to lack of p2i
    • S8197801: Zero debug build fails on “assert(labs(istate->_stack_base – istate->_stack_limit) == (istate->_method->max_stack() + extra_stack_entries + 1)) failed: bad stack limit”
  • Import of OpenJDK 7 u171 build 2
    • S8197981: Missing return statement in __sync_val_compare_and_swap_8
  • Backports
    • S7189886, PR3507: (aio) Add test coverage for AsynchronousChannelGroup.withThreadPool
    • S7200306, PR3507: SunPKCS11 provider delays the check of DSA key size for SHA1withDSA to sign() instead of init()
    • S8012930, PR3507: (fs) Eliminate recursion from FileTreeWalker
    • S8013647, PR3507: JPRT unable to clean-up after tests that leave file trees with loops
    • S8020321, PR3507: Problem in PKCS11 regression test TestRSAKeyLength
    • S8022313, PR3507: sun/security/pkcs11/rsa/TestKeyPairGenerator.java failed in aurora
    • S8027218, PR3507: TEST_BUG: sun/security/pkcs11/ec tests fail because of ever-changing key size restrictions
    • S8029158, PR3507: sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run)
    • S8031113, PR3507: TEST_BUG: java/nio/channels/AsynchronousChannelGroup/Basic.java fails intermittently
    • S8048603, PR3507: Additional tests for MAC algorithms
    • S8048622, PR3507: Enhance tests for PKCS11 keystores with NSS
    • S8075565, PR3337: Define @intermittent jtreg keyword and mark intermittently failing jdk tests
    • S8075670, PR3507: Remove intermittent keyword from some tests
    • S8078334, PR3507: Mark regression tests using randomness
    • S8078880, PR3507: Mark a few more intermittently failuring security-libs
    • S8133318, PR3507: Exclude intermittent failing PKCS11 tests on Solaris SPARC 11.1 and earlier
    • S8144539, PR3507: Update PKCS11 tests to run with security manager
    • S8151731, PR3337: Add new jtreg keywords to jdk 8
    • S8165996, PR3507: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite
    • S8170523, PR3507: Some PKCS11 test cases are ignored with security manager
    • S8196516, PR3524: [REDO] [linux] libfontmanager should be linked against headless awt library
  • AArch64 port
    • S8193133, PR3521: Assertion failure because 0xDEADDEAD can be in-heap
    • PR3521: Fix functions with missing return value.
    • PR3521: Fix further functions with a missing return value.

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 7528c905da9b1c09aef16a938e7d879c8cdb14f93b1a25f0ec041307572c3d4f icedtea-2.6.13.tar.gz
  • f4f98da8894fbcf9e55a1a5cec9f23b6281aa0cb4cc1714be61b0a25e916383f icedtea-2.6.13.tar.gz.sig
  • 104e84205d1176e217e24f770784c53d1cd666aeb23ab0bae8ac858e5b0e63f0 icedtea-2.6.13.tar.xz
  • 7e81a4d785484e1dbc504ca418be84d8393b5d790cc11f1cd61c8f6cefa0543c icedtea-2.6.13.tar.xz.sig

The checksums can be downloaded from:

A 2.6.13 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.13.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.13.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.13/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the October 2017 security fixes from OpenJDK 7 u161.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.12 (2017-12-05)

  • Security fixes
  • Import of OpenJDK 7 u161 build 0
    • S6475361: Attempting to remove help menu from java.awt.MenuBar throws NullPointerException
    • S6637288: Add OCSP support to PKIX CertPathBuilder implementation
    • S6854712: Revocation checking enhancements (JEP-124)
    • S6904367: (coll) IdentityHashMap is resized before exceeding the expected maximum size
    • S7015157: String “Tabular Navigation” should be rephrased for avoiding mistranslation
    • S7115744: Do not call File::deleteOnExit in security tests
    • S7126011: ReverseBuilder.getMatchingCACerts may throws NPE
    • S7147336: clarification on warning of keytool -printcrl
    • S7162687: enhance KDC server availability detection
    • S7176627: CertPath/jep124/PreferCRL_SoftFail test fails (Could not determine revocation status)
    • S7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with NullPointerException
    • S7196382: PKCS11 provider should support 2048-bit DH
    • S7197672: There are issues with shared data on windows
    • S7199939: DSA 576 and 640 bit keys fail when initializing for No precomputed parameters
    • S8002074: Support for AES on SPARC
    • S8005408: KeyStore API enhancements
    • S8006863: javadoc cleanup for 8005408
    • S8006946: PKCS12 test failure due to incorrect alias name
    • S8006951: Avoid storing duplicate PKCS12 attributes
    • S8006994: Cleanup PKCS12 tests to ensure streams get closed
    • S8007483: attributes are ignored when loading keys from a PKCS12 keystore
    • S8007967: Infinite loop can happen in sun.security.provider.certpath.SunCertPathBuilder.depthFirstSearchForward()
    • S8010112: NullPointerException in sun.security.provider.certpath.CertId()
    • S8012900: CICO ignores AAD in GCM mode (with refactoring from 6996769)
    • S8015571: OCSP validation fails if ocsp.responderCertSubjectName is set
    • S8016252: More defensive HashSet.readObject
    • S8025215: jdk8 l10n resource file translation update 4
    • S8026943: SQE test jce/Global/Cipher/SameBuffer failed
    • S8027575: b113 causing a lot of memory allocation and regression for wls_webapp_atomics
    • S8029659: Keytool, print key algorithm of certificate or key entry
    • S8029788: Certificate validation – java.lang.ClassCastException
    • S8031825: OCSP client can’t find responder cert if it uses a different subject key id algorithm than responderID
    • S8033117: PPC64: Adapt to 8002074: Support for AES on SPARC
    • S8035623: [parfait] JNI exception pending in jdk/src/windows/native/sun/windows/awt_Font.cpp
    • S8049312: AES/CICO test failed with on several modes
    • S8050374: More Signature tests
    • S8057810: New defaults for DSA keys in jarsigner and keytool
    • S8062552: Support keystore type detection for JKS and PKCS12 keystores
    • S8068427: Hashtable deserialization reconstitutes table with wrong capacity
    • S8068881: SIGBUS in C2 compiled method weblogic.wsee.jaxws.framework.jaxrpc.EnvironmentFactory$SimulatedWsdlDefinitions.<init>
    • S8075484, PR3474, RH1490713: SocketInputStream.socketRead0 can hang even with soTimeout set
    • S8077670: sun/security/krb5/auto/MaxRetries.java may fail with BindException
    • S8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8136534: Loading JKS keystore using non-null InputStream results in closed stream
    • S8149411: PKCS12KeyStore cannot extract AES Secret Keys
    • S8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout
    • S8157561: Ship the unlimited policy files in JDK Updates
    • S8158517: Minor optimizations to ISO10126PADDING
    • S8164846: CertificateException missing cause of underlying exception
    • S8165751: NPE hit with java.security.debug=provider
    • S8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
    • S8173853: IllegalArgumentException in java.awt.image.ReplicateScaleFilter
    • S8176536: Improved algorithm constraints checking
    • S8177569: keytool should not warn if signature algorithm used in cacerts is weak
    • S8178714: PKIX validator nameConstraints check failing after change 8175940
    • S8179423: 2 security tests started failing for JDK 1.6.0 u161 b05
    • S8179564: Missing @bug for tests added with JDK-8165367
    • S8181048: Refactor existing providers to refer to the same constants for default values for key length
    • S8182879: Add warnings to keytool when using JKS and JCEKS
    • S8184673, PR3476: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers
    • S8184937: LCMS error 13: Couldn’t link the profiles
    • S8185039: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185040: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185778: 8u151 L10n resource file update
    • S8185845: Add SecurityTools.java test library
    • S8186503: sun/security/tools/jarsigner/DefaultSigalg.java failed after backport to JDK 6/7/8
    • S8186533: 8u151 L10n resource file update md20
    • S8191137: keytool fails to format resource strings for keys for some languages after JDK-8171319
    • S8191840: Update localizations with positional arguments following JDK-8191137
    • S8191845: [TEST_BUG] Too many new-lines in backport of WeakAlg test
  • Import of OpenJDK 7 u151 build 1
    • S8035640: JNU_CHECK_EXCEPTION should support c++ JNI syntax
  • Backports
  • Bug fixes
  • AArch64 port
    • S8145438, PR3443, RH1482244: Guarantee failures since 8144028: Use AArch64 bit-test instructions in C2
    • PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 90183fc86a001d8832ef5b9ba8617d11bde1c5f595d3da6493de7f4d7c35b68a icedtea-2.6.12.tar.gz
  • 9f0c534914188c61b88662c4072bcf87c6dafac6aedef98f3752e30c1794c25d icedtea-2.6.12.tar.gz.sig
  • f3de9f5ea1a447fe8a290cde5012d33b1534f0d3d484b2664a4be9202b801f68 icedtea-2.6.12.tar.xz
  • d242e506c297925beb47c805da7ebdee2e66057d1403c666aa8d4bffa6ab7fc8 icedtea-2.6.12.tar.xz.sig

The checksums can be downloaded from:

A 2.6.12 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.12.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.12.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.12/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.6.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the October 2017 security fixes from OpenJDK 8 u151.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.6.0 (2017-10-31)

  • Security fixes
  • New features
    • PR3469: Alternative path to tzdb.dat
    • PR3483: Separate addition of nss.cfg and tz.properties into separate targets
    • PR3484: Move SystemTap support to its own target
    • PR3485: Support additional targets for the bootstrap build
  • Import of OpenJDK 8 u151 build 12
    • S8029659: Keytool, print key algorithm of certificate or key entry
    • S8057810: New defaults for DSA keys in jarsigner and keytool
    • S8075484, PR3473, RH1490713: SocketInputStream.socketRead0 can hang even with soTimeout set
    • S8077670: sun/security/krb5/auto/MaxRetries.java may fail with BindException
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout
    • S8157561: Ship the unlimited policy files in JDK Updates
    • S8158517: Minor optimizations to ISO10126PADDING
    • S8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
    • S8177569: keytool should not warn if signature algorithm used in cacerts is weak
    • S8177837: need to upgrade install tools
    • S8178714: PKIX validator nameConstraints check failing after change 8175940
    • S8179423: 2 security tests started failing for JDK 1.6.0 u161 b05
    • S8179564: Missing @bug for tests added with JDK-8165367
    • S8181048: Refactor existing providers to refer to the same constants for default values for key length
    • S8182879: Add warnings to keytool when using JKS and JCEKS
    • S8184937: LCMS error 13: Couldn’t link the profiles
    • S8185039: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185040: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185778: 8u151 L10n resource file update
    • S8185845: Add SecurityTools.java test library
    • S8186503: sun/security/tools/jarsigner/DefaultSigalg.java failed after backport to JDK 6/7/8
    • S8186533: 8u151 L10n resource file update md20
    • S8186674: Remove JDK-8174109 from CPU Aug 21 week builds
  • Backports
    • S8035496, PR3487: G1 ARM: missing remset entry noticed by VerifyAfterGC for vm/gc/concurrent/lp50yp10rp70mr30st0
    • S8146086, PR3439, RH1478402: Publishing two webservices on same port fails with “java.net.BindException: Address already in use”
    • S8184673, PR3475, RH1487266: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers
    • S8185164, PR3438: GetOwnedMonitorInfo() returns incorrect owned monitor
    • S8187822, PR3478, RH1494230: C2 conditonal move optimization might create broken graph
  • Bug fixes
  • PPC port
  • AArch64 port
    • S8161190, PR3488: AArch64: Fix overflow in immediate cmp instruction
    • S8187224, PR3488: aarch64: some inconsistency between aarch64_ad.m4 and aarch64.ad
  • SystemTap
    • PR3467, RH1492139: Hotspot object_alloc tapset uses HeapWordSize incorrectly
  • Shenandoah
    • Add missing UseShenandoahGC checks to C2
    • [backport] Add JVMTI notifications to Shenandoah GC pauses.
    • [backport] After Evac verification should run consistently
    • [backport] All definitions should start with Shenandoah*
    • [backport] Allocation latency tracing
    • [backport] Allow allocations in pinned regions
    • [backport] Assorted monitoring support fixes
    • [backport] Avoid Full STW GC on System.gc() + related fixes
    • [backport] BrooksPointer tracing overwhelms -Xlog:gc=trace
    • [backport] Cannot do more than 1000 Full GCs
    • [backport] Cap heap size for TestRegionSizeArgs test
    • [backport] Cleanup “dirty” mentions
    • [backport] Cleanup unused methods and statements + Trivial cleanup: removed unused field, etc.
    • [backport] Common pause marker to capture everything before/after pause
    • [backport] Consistent print_on and tty handling
    • [backport] “continuous” heuristics
    • [backport] Disable biased locking by default
    • [backport] Fix build error: avoid loops with empty bodies
    • [backport] Fix build error: switches over enums should take all enums
    • [backport] Fix build error: verifier liveness should not be implicitly casted to size_t
    • [backport] Fixed assertion failures when printing heap region to trace output
    • [backport] Fixed C calling convention of shenandoah_wb() on Windows
    • [backport] LotsOfCycles test always degrades to Full GC
    • [backport] Made ShenandoahPrinter debug only
    • [backport] Make sure different Verifier levels work
    • [backport] Make sure we have at least one memory pool per memory manager (JMX) + JMX double-counts heap used size
    • [backport] Mark heuristics diagnostic/experimental
    • [backport] Move Verifier “start” message under (gc,start)
    • [backport] On-demand commit as heap resizing strategy
    • [backport] Periodic GC
    • [backport] PhiNode::has_only_data_users() needs to apply to shenandoah barrier only
    • [backport] Pinning humongous regions should be allowed
    • [backport] Reclaimed humongous regions should count towards immediate garbage
    • [backport] Refactor region flags into finite state machine
    • [backport] Refactor ShConcThread dispatch
    • [backport] Refactor ShenandoahFreeSet + Fast-forward over humongous regions to keep “current” non-humongous
    • [backport] Refactor ShenandoahHeapLock
    • [backport] Refactor ShenandoahHeapRegionSet
    • [backport] Region (byte|word) shifts as the replacement for divisions
    • [backport] Rehash -XX:-UseTLAB in tests + Rehash allocation tests
    • [backport] Rename inline guards
    • [backport] Selectable humongous threshold + Humongous top() should be correct for iteration
    • [backport] Shortcut concurrent cycle when enough immediate garbage is reclaimed
    • [backport] Templatize and improve inlining of arraycopy and clone barriers.
    • [backport] TestRegionSampling test
    • [backport] TestSmallHeap test for Shenandoah
    • [backport] Uncommit heap regions after given delay
    • [backport] Underflow in adaptive free_threshold calculation
    • [backport] Unlock more GC-specific tests for Shenandoah
    • [backport] Update counters on slow-path more rarely
    • [backport] Verifier should avoid pushing on stack when walking objects past TAMS
    • [backport] Verifier should walk cset and humongous regions
    • [backport] Verify humongous regions liveness
    • [backport] Verify liveness data
    • Correct way to fix Windows call convention issue
    • Fix build error in release config.
    • Fixed Fixed message logging
    • Handle Java heap initialization and expansion failures
    • Make sure -verbose:gc, PrintGC, PrintGCDetails work consistently
    • Missing barriers on constant oops + acmp rework + cas fix + write barrier on constant oop fix
    • Missing UseShenandoahGC check in LibraryCallKit::inline_multiplyToLen()
    • Missing UseShenandoahGC check to C2
    • OOME in SurrogateLockerThread deadlocks the GC cycle
    • Properly unlock ShenandoahVerify
    • Remove unused memory_for, fixing the build
    • Remove useless code following acmp rework
    • Revert accidental G1 closure rename
    • Test bug: test library and flags in TestHeapAlloc
    • UnlockDiagnosticVMOptions flag is needed for ShenandoahVerify
    • Write barrier pin and expand cleanup

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 74a43c4e027c72bb1c324f8f73af21565404326c9998f534f234ec2a36ca1cdb icedtea-3.6.0.tar.gz
  • 6050c8e69974a33641b764afdbd91f07725336abd20e7f260e2a0dbf562f8b32 icedtea-3.6.0.tar.gz.sig
  • d0a0a9ce58b3ed29f2deecef8b78f28a79315f4a6330ee833410f79cbf48417e icedtea-3.6.0.tar.xz
  • 2de4119e3e59cf7acbb1f9c93a5760397c846116067d3c45504bd3ff6297f9a8 icedtea-3.6.0.tar.xz.sig

The checksums can be downloaded from:

A 3.6.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.6.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.6.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.6.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the July 2017 security fixes from OpenJDK 7 u151.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.11 (2017-08-08)

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 5dfbe0f40d8b6004d49add4ec398d1c91d4c02b11716297055e5d73919fb85be icedtea-2.6.11.tar.gz
  • f100c3bfffa5ea0b9a2184346856a1d3db7f8d2a45c74523ad928dcf179ad0e3 icedtea-2.6.11.tar.gz.sig
  • 20063c314535e4ed4b8099e497b880e4f346c85e7315a2573d0f398b973777c5 icedtea-2.6.11.tar.xz
  • 43bf76c60d219ef76b0e03484ee92d0d7657dafae51f21ed088ee5bb5ee654ca icedtea-2.6.11.tar.xz.sig

The checksums can be downloaded from:

A 2.6.11 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.11.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.11.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.11/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.5.1!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the additional fix provided in OpenJDK 8 u144. It also brings in the latest Shenandoah updates.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.5.1 (2017-07-27)

  • Import of OpenJDK 8 u144 build 01
    • S8184993: Jar file verification failing with SecurityException: digest missing xxx
  • Shenandoah
    • Amend “ArrayCopy verification code fix” with 8u-specific node hierarchy test
    • Amend “Refactor asm acmp” with a few missing changes
    • [backport] aarch64 store check fix
    • [backport] Account “shared” out-of-LAB allocations separately
    • [backport] Adaptive should not be scared of user-requested System.gc()
    • [backport] Added assertion for page alignment of heap’s base address
    • [backport] Add “verify jcstress” acceptance test
    • [backport] “Allocation failure” cause should not be overwritten
    • [backport] ArrayCopy verification code fix
    • [backport] Assorted cleanups
    • [backport] “Before Full GC” verification is too strong for OOME-during-evac
    • [backport] C1 stores constants without read barriers
    • [backport] Cleanup AArch64 code
    • [backport] Cleanup class unloading and string intern code
    • [backport] Cleanup duplicated Shenandoah task queue declarations
    • [backport] Cleanups
    • [backport] Cleanup ShenandoahBarrierSet::write_barrier
    • [backport] Cleanup ShenandoahHeap::do_evacuation
    • [backport] Clean up unused fields and methods
    • [backport] Cleanup: update-refs check in_collection_set twice
    • [backport] Code cache roots styles
    • [backport] Concurrent code cache evacuation + bugfixes
    • [backport] Concurrent preclean + Fix weakref precleaning
    • [backport] Correct prefetch offset for marked object iteration
    • [backport] Deferred region cleanup.
    • [backport] Dense ShenandoahHeapRegion printout
    • [backport] Detailed ParallelCleanupTask statistics + Split out Full GC stats for parallel cleaning
    • [backport] Disable aggressive+verification test configs (jtreg eats up last configuration)
    • [backport] Do not abandon RP discovery on conc GC cancel, do that only before Full GC
    • [backport] Eliminating _num_regions variable in ShenandoahHeap
    • [backport] Ensure collection set and cset map are consistent
    • [backport] Fallback to shared allocation if GCLAB is not available
    • [backport] Fast synchronizer root scanning
    • [backport] “F: Code Cache Roots” is missing from gc+stats
    • [backport] Fix DerivedPointerTable handling when scanning roots twice in init-evac phase
    • [backport] Fixed a few of early returns that calling register_gc_end()
    • [backport] Fix live data accounting for humongous region
    • [backport] Fix memory Phis with only data uses
    • [backport] Fix recycled regions zapping
    • [backport] Fix up pointer volatility
    • [backport] Generic verification should not trust bitmaps
    • [backport] Heap/matrix verification for all reachable objects
    • [backport] Heap memory usage counting not longer needs to be atomic
    • [backport] Heap region recycling should call explicit clear() and request zapping
    • [backport] Heap region verification
    • [backport] Implementation of interpreter matrix barrier on aarch64
    • [backport] Implement early update references phase.
    • [backport] implicit null checks broken on aarch64
    • [backport] Increase timeout for EvilSyncBug test
    • [backport] Lazy parallel code cache iterator
    • [backport] Make statistics gathering span more operations
    • [backport] Make sure atomic operations are done on “volatile” fields
    • [backport] Make sure new_active_workers is used
    • [backport] Make {T,GC}LAB statistics unconditional
    • [backport] Mark-compact and heuristics should consistently process refs and unload classes
    • [backport] minor fix to optimization of java mirror comparison
    • [backport] more barrier on constant oop fixes + couple small unrelated fixes
    • [backport] More collection set and matrix cleanup
    • [backport] Nit: mark-compact phase 3 (Adjust Pointers) should announce itself as “Phase 3″
    • [backport] Optimize heap region size checks
    • [backport] Optimize heap verification
    • [backport] Out-of-TLAB evacuation should overwrite stale copies
    • [backport] Parallel code cache scanning
    • [backport] Parallel verification
    • [backport] Print correct message about gross times in stats
    • [backport] Print heap changes in phases that actually change heap occupancy
    • [backport] Print more detailed final UR stats
    • [backport] Print more details for weak ref and class unloading stats
    • [backport] Properly react on -ClassUnloading
    • [backport] Purge ealier version of redefined classes during class unloading
    • [backport] Purge ratio, global, connections heuristics.
    • [backport] Purge shenandoahHumongous.hpp
    • [backport] Purge ShenandoahVerify(Reads|Writes)ToFromSpace.
    • [backport] Reduce region retirement during tlab allocation
    • [backport] Refactor asm acmp (x86, aarch64, renames)
    • [backport] Refactor BrooksPointer asserts
    • [backport] Refactor heap verification
    • [backport] Reference processing deadlocks with -ParallelRefProcEnabled
    • [backport] Reference processors might use non-forwarded alive checks
    • [backport] Region sampling may not be enabled because last timetick is uninitialized
    • [backport] Rehash ShenandoahHeap section in hs_err
    • [backport] Reinstate “Purge” block in final-mark stats
    • [backport] Relax assert to not fire at safepoint
    • [backport] Remove heap printing routines from ShenandoahHeap
    • [backport] Remove obsolete compile_resolve_oop_runtime() methods
    • [backport] Rename final mark operations
    • [backport] Rename ShenandoahBarriersForConst
    • [backport] Replace ShHeapRegionSet::get with get_fast
    • [backport] Report correct total garbage data. Print out garbage and cset data with -Xlog:gc+ergo
    • [backport] Report oops and fwdptrs verification failures fully
    • [backport] Result of write barrier on constant not used
    • [backport] Separate Full GC root operations in GC stats
    • [backport] ShenandoahCollectionSet refactor
    • [backport] ShenandoahGCSession used wrong timer for full GC
    • [backport] ShenandoahHeap::evacuate_object() with boolean result flag.
    • [backport] Shenandoah options should be uintx
    • [backport] shenandoah_wb should fallback to slow path with -UseTLAB + Fix aarch64 compilation error due to shenandoah_wb change
    • [backport] ShenandoahWriteBarrierNode::memory_dominates_all_paths() assert failure when compiling methods using unsafe
    • [backport] Shortcut reference processing when no work is available
    • [backport] Simplify parallel synchronizer roots iterator
    • [backport] Skip RESOLVE when references update is not needed
    • [backport] Stats should attribute “Resize TLABs” properly, and mention “Pause” for init/final mark
    • [backport] Stats should not record past-shutdown events
    • [backport] “String/Symbol/CodeCache” -> “Str/Sym, Code Cache”
    • [backport] Tests should use all heuristics and pass heap verification + Disable aggressive+verification test configs
    • [backport] Total pauses should include final-mark pauses
    • [backport] Trim down native GC footprint
    • [backport] Update region sampling to include TLAB/GCLAB allocation data
    • [backport] Update roots should always handle derived pointers
    • [backport] Update ShenandoahHeapSampling to avoid double counting.
    • [backport] Update statistics to capture thread data accurately
    • [backport] Use CollectedHeap::base() instead of ShenandoahHeap::first_region_bottom()
    • [backport] Use lock version heap region memory allocator
    • [backport] Use scoped object for gc session/phases recording
    • [backport] Variable steps in adaptive heuristics
    • [backport] Verification error log is truncated
    • [backport] Verification levels
    • [backport] Verification should assert complete bitmaps in most phases + Disable complete bitmap verification in init mark
    • [backport] Verifier performance improvements: scan objects once, avoid double oop checks
    • [backport] Verifier should not assert cset in forwarded test block
    • [backport] Verifier should print extended info on referenced location
    • [backport] Verifier should use non-optimized root scans
    • [backport] Verify marked objects
    • [backport] Verify TAMS and object sizes
    • [backport] write barrier can get stuck below predicates resulting in unschedulable graph
    • S8140584: nmethod::oops_do_marking_epilogue always runs verification code
    • S8180175, S8180599: Cherry-pick/synchronize
    • Cleanup: Removed redundant ClassLoaderData::clear_claimed_marks() calls
    • Cleanup shared code.
    • Fixed memory leak in region garbage cache
    • Fix return type of ShenandoahHeapRegion::region_size_words_jint()
    • Improved comment about AArch64bit addressing in assembler.
    • Leak mutex in ShenandoahTaskTerminator
    • Make sure C2 arguments are not used when C2 is disabled.
    • Refactor parallel ClassLoaderData iterator
    • Revert G1 changes and bring shared BitMap
    • Add missing cmpoops() declaration to AArch64 macro assembler. Back out matrix related code from AArch64 interpreter.
    • Fix build without precompiled headers.
    • Fixed build issues on Windows

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • b229f2aa5d743ff850fa695e61f65139bb6eca1a9d10af5306ad3766fcea2eb2 icedtea-3.5.1.tar.gz
  • 801497164168171b7aedae37aabde7821e0df0cfe76736054a2a91f96ae3d0b0 icedtea-3.5.1.tar.gz.sig
  • 8eaa6ac93d4a1989460109246f78427acc5493f847c7b2fc80d3a5d918d811c9 icedtea-3.5.1.tar.xz
  • 9ac863f00398ac51bf62aa4a1e22889baf5a088256755f3dde849849a2bc518f icedtea-3.5.1.tar.xz.sig

The checksums can be downloaded from:

A 3.5.1 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.5.1.tar.gz

or:

$ tar x -I xz -f icedtea-3.5.1.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.5.1/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.5.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the July 2017 security fixes from OpenJDK 8 u141.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.5.0 (2017-07-20)

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 2c92e18fa70edaf73517fcf91bc2a7cc2ec2aa8ffdf22bb974fa6f9bc3065f30 icedtea-3.5.0.tar.gz
  • d27c337e87221c9de158f83e43823bf2c5ec2ebf78c8fa5b9a11b182acb68ee1 icedtea-3.5.0.tar.gz.sig
  • 9aa89e00ecc07baa6b37a6b1e363c3d7128253e95374c74d1d2706f36c3ccab5 icedtea-3.5.0.tar.xz
  • 59089156b3ea0973304c6d89d598ca6a149e594f9555fd35c9c0a78101ce7e65 icedtea-3.5.0.tar.xz.sig

The checksums can be downloaded from:

A 3.5.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.5.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.5.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.5.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the April 2017 security fixes from OpenJDK 7 u141.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.10 (2017-05-16)

  • Security fixes
  • New features
    • PR3347: jstack.stp should support AArch64
  • Import of OpenJDK 7 u141 build 0
    • S4717864: setFont() does not update Fonts of Menus already on screen
    • S6474807: (smartcardio) CardTerminal.connect() throws CardException instead of CardNotPresentException
    • S6518907: cleanup IA64 specific code in Hotspot
    • S6869327: Add new C2 flag to keep safepoints in counted loops.
    • S7112912: Message “Error occurred during initialization of VM” on boxes with lots of RAM
    • S7124213: [macosx] pack() does ignore size of a component; doesn’t on the other platforms
    • S7124219: [macosx] Unable to draw images to fullscreen
    • S7124552: [macosx] NullPointerException in getBufferStrategy()
    • S7148275: [macosx] setIconImages() not working correctly (distorted icon when minimized)
    • S7154841: [macosx] Popups appear behind taskbar
    • S7155957: closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java hangs on win 64 bit with jdk8
    • S7160627: [macosx] TextArea has wrong initial size
    • S7167293: FtpURLConnection connection leak on FileNotFoundException
    • S7168851: [macosx] Netbeans crashes in CImage.nativeCreateNSImageFromArray
    • S7197203: sun/misc/URLClassPath/ClassnameCharTest.sh failed, compile error
    • S8005255: [macosx] Cleanup warnings in sun.lwawt
    • S8006088: Incompatible heap size flags accepted by VM
    • S8007295: Reduce number of warnings in awt classes
    • S8010722: assert: failed: heap size is too big for compressed oops
    • S8011059: [macosx] Support automatic @2x images loading on Mac OS X
    • S8014058: Regression tests for 8006088
    • S8014489: tests/gc/arguments/Test(Serial|CMS|Parallel|G1)HeapSizeFlags jtreg tests invoke wrong class
    • S8016302: Change type of the number of GC workers to unsigned int (2)
    • S8024662: gc/arguments/TestUseCompressedOopsErgo.java does not compile.
    • S8024669: Native OOME when allocating after changes to maximum heap supporting Coops sizing on sparcv9
    • S8024926: [macosx] AquaIcon HiDPI support
    • S8025974: l10n for policytool
    • S8027025: [macosx] getLocationOnScreen returns 0 if parent invisible
    • S8028212: Custom cursor HiDPI support
    • S8028471: PPC64 (part 215): opto: Extend ImplicitNullCheck optimization.
    • S8031573: [macosx] Checkmarks of JCheckBoxMenuItems aren’t rendered in high resolution on Retina
    • S8033534: [macosx] Get MultiResolution image from native system
    • S8033786: White flashing when opening Dialogs and Menus using Nimbus with dark background
    • S8035568: [macosx] Cursor management unification
    • S8041734: JFrame in full screen mode leaves empty workspace after close
    • S8059803: Update use of GetVersionEx to get correct Windows version in hs_err files
    • S8066504: GetVersionEx in java.base/windows/native/libjava/java_props_md.c might not get correct Windows version 0
    • S8079595: Resizing dialog which is JWindow parent makes JVM crash
    • S8080729: [macosx] java 7 and 8 JDialogs on multiscreen jump to parent frame on focus
    • S8130769: The new menu can’t be shown on the menubar after clicking the “Add” button.
    • S8133357: 8u65 l10n resource file translation update
    • S8146602: jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test fails with NullPointerException
    • S8147842: IME Composition Window is displayed at incorrect location
    • S8147910: Cache initial active_processor_count
    • S8150490: Update OS detection code to recognize Windows Server 2016
    • S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is enabled
    • S8161195: Regression: closed/javax/swing/text/FlowView/LayoutTest.java
    • S8161993: G1 crashes if active_processor_count changes during startup
    • S8162603: Unrecognized VM option ‘UseCountedLoopSafepoints’
    • S8162876: [TEST_BUG] sun/net/www/protocol/http/HttpInputStream.java fails intermittently
    • S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java failed with “Error while cleaning up threads after test”
    • S8167179: Make XSL generated namespace prefixes local to transformation process
    • S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections
    • S8169589: [macosx] Activating a JDialog puts to back another dialog
    • S8170307: Stack size option -Xss is ignored
    • S8170316: (tz) Support tzdata2016j
    • S8170814: Reuse cache entries (part II)
    • S8171388: Update JNDI Thread contexts
    • S8171949: [macosx] AWT_ZoomFrame Automated tests fail with error: The bitwise mask Frame.ICONIFIED is not setwhen the frame is in ICONIFIED state
    • S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked.
    • S8173931: 8u131 L10n resource file update
    • S8174844: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8175087: [bsd] Fix build after “8024900: PPC64: Enable new build on AIX (jdk part)”
    • S8175163: [bsd] Fix build after “8005629: javac warnings compiling java.awt.EventDispatchThread…”
    • S8176044: (tz) Support tzdata2017a
  • Import of OpenJDK 7 u141 build 1
    • S8043723: max_heap_for_compressed_oops() declared with size_t, but defined with uintx
  • Import of OpenJDK 7 u141 build 2
    • S8011123: serialVersionUID of java.awt.dnd.InvalidDnDOperationException changed in JDK8-b82
  • Backports
  • Bug fixes
    • PR3349: Architectures unsupported by SystemTap tapsets throw a parse error
    • PR3370: Disable ARM32 JIT by default in jdk_generic_profile.sh
    • PR3379: Perl should be mandatory
    • PR3390: javac.in and javah.in should use @PERL@ rather than a hardcoded path
  • CACAO
    • PR2732: Raise javadoc memory limits for CACAO again!
  • AArch64 port
    • S8177661, PR3367: Correct ad rule output register types from iRegX to iRegXNoSp

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 02af605d4437e314a55c85a334321719d16be3ff670064de8972c15e30f5ceed icedtea-2.6.10.tar.gz
  • 48f7b14d67c9a67e5e29c5ada64e8b9875f3feefacf07df1dc66dd668166d8df icedtea-2.6.10.tar.gz.sig
  • 1c49fd735cc908677044935b6899e59434356b7e65d163bb5033e32f6621a92a icedtea-2.6.10.tar.xz
  • abcd0e05aad77528da4957e5ccebd02282adae0938b02685100244e93da27eac icedtea-2.6.10.tar.xz.sig

The checksums can be downloaded from:

A 2.6.10 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.10.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.10.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.10/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

Next Page »