OpenJDK


The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the April 2016 security fixes.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.11 (2016-05-04)

  • Security fixes
  • Import of OpenJDK6 b38
    • S4459600: java -jar fails to run Main-Class if classname followed by whitespace.
    • S6378099: RFE: Use libfontconfig to create/synthesise a fontconfig.properties
    • S6452854: Provide a flag to print the java configuration
    • S6742159: (launcher) improve the java launching mechanism
    • S6752622: java.awt.Font.getPeer throws “java.lang.InternalError: Not implemented” on Linux
    • S6758881: (launcher) needs to throw NoClassDefFoundError instead of JavaRuntimeException
    • S6856415: Enabling java security manager will make program thrown wrong exception ( main method not found )
    • S6892493: potential memory leaks in 2D font code indentified by parfait.
    • S6925851: Localize JRE into pt_BR (corba)
    • S6968053: (launcher) hide exceptions under certain launcher failures
    • S6977738: Deadlock between java.lang.ClassLoader and java.util.Properties
    • S6981001: (launcher) EnsureJREInstallation is not being called in order
    • S7017734: jdk7 message drop 1 translation integration
    • S7026184: (launcher) Regression: class with unicode name can’t be launched by java.
    • S7104161: test/sun/tools/jinfo/Basic.sh fails on Ubuntu
    • S7125442: jar application located in two bytes character named folder cannot be run with JRE 7 u1/u2
    • S7127906: (launcher) convert the launcher regression tests to java
    • S7141141: Add 3 new test scenarios for testing Main-Class attribute in jar manifest file
    • S7158988: jvm crashes while debugging on x86_32 and x86_64
    • S7189944: (launcher) test/tools/launcher/Arrrrghs.java needs a couple of minor fixes
    • S7193318: C2: remove number of inputs requirement from Node’s new operator
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
    • S8023990: Regression: postscript size increase from 6u18
    • S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
    • S8028537: PPC64: Updated the JDK regression tests to run on AIX
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8067364: Printing to Postscript doesn’t support dieresis
    • S8072753: Nondeterministic wrong answer on arithmetic
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8075584: test for 8067364 depends on hardwired text advance
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
    • S8154210: Zero: Better byte behaviour
    • S8155261: Zero broken since HS23 update
    • S8155699: Resolve issues created by backports in OpenJDK 6 b39
    • S8155746: Sync Windows export list in make/java/jli/Makefile with make/java/jli/mapfile-vers
  • Backports
  • Bug fixes
    • PR2887: Location of ‘stap’ executable is hard-coded
    • PR2890: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
    • PR2952: test/tapset/jstaptest.pl requires Perl
    • PR2953: make dist fails after PR2887 made jstaptest.pl auto-generated

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • f69ab75ccf594931ae5bf5ebc16bce233878d9793516b4abc72f08d7188f5861 icedtea6-1.13.11.tar.gz
  • f12d470c3aefc599388e5f897367c6ca0ef0902f95ba187be12b3adc4b689f1f icedtea6-1.13.11.tar.gz.sig
  • 526ecdf6fec35c10160df305e87cb477f5fe1ea32f02f6c9b1c865a2d28833bf icedtea6-1.13.11.tar.xz
  • 1c01648a7139c8c3b7cd4626652a0509664b797469c234a020a864dead51d2e6 icedtea6-1.13.11.tar.xz.sig

The checksums can be downloaded from:

A 1.13.11 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.11.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.11.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.11/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support in the 3.0.x series with the April 2016 security fixes from OpenJDK 8 u91.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.0.1 (2016-04-23)

  • Security fixes
  • Import of OpenJDK 8 u91 build 14
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT explicitly turned on
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8067422: Lambda method names are unnecessarily unstable
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8130212: Thread::current() might access freed memory on Solaris
    • S8132890: Text Overlapping on Dot Matrix Printers
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8134828: Scrollbar thumb disappears with Nimbus L&F
    • S8138589: Correct limits on unlimited cryptography
    • S8138811: Construction of static protection domains
    • S8140268: Generate link to specification license for JavaDoc API documentation
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8143959: Certificates requiring blacklisting
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146518: Zero interpreter broken with better byte behaviour
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8148487: PPC64: Better byte behavior
    • S8148522: Backout JDK-8138811 from 2016 Apr CPU repo
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
  • Backports
    • S8148752, PR2943: Compiled StringBuilder code throws StringIndexOutOfBoundsException
    • S8154210: Zero: Better byte behaviour
    • S8154413: AArch64: Better byte behaviour
  • Bug fixes
    • PR2933: Support ccache 3.2 and later
    • PR2934, G579676: SunEC provider throwing KeyException with current NSS

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 8babade1717fff48bcc4e1e2f3159c2c7d97cfb44ef10124bbab3f7dc34a0582 icedtea-3.0.1.tar.gz
  • 8a5e702a114117ed301a632b1a41651d0577c9c59cfae4d10ff41f6a52185fc7 icedtea-3.0.1.tar.gz.sig
  • 346ce30de1de6c493729b79b246f250438fc5b8df7eae47229a97f9000a73af2 icedtea-3.0.1.tar.xz
  • b440f83a05788157b752cc3b1a239261bcbb52bf82211c93173e93cb4f3fa760 icedtea-3.0.1.tar.xz.sig

The checksums can be downloaded from:

A 3.0.1 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.0.1.tar.gz

or:

$ tar x -I xz -f icedtea-3.0.1.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.0.1/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the April 2016 security fixes from OpenJDK 7 u101.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.6 (2016-04-21)

  • Security fixes
  • Import of OpenJDK 7 u101 build 0
    • S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S7127906: (launcher) convert the launcher regression tests to java
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
    • S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT explicitly turned on
    • S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
    • S8028537: PPC64: Updated the JDK regression tests to run on AIX
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8072753: Nondeterministic wrong answer on arithmetic
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
    • S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S8154210: Zero: Better byte behaviour
  • Bug fixes
    • PR2889: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
    • PR2929: configure: error: “A JDK home directory could not be found.”
    • PR2935: Check that freetype defines FT_CONFIG_OPTION_INFINALITY_PATCHSET if enabling infinality
    • PR2938: Fix build of 8148487 backport
    • PR2939: Remove rogue ReleaseStringUTFChars line remaining from merge of 7u101 b00
  • PPC & AIX port
  • AArch64 port
    • S8154413: AArch64: Better byte behaviour
    • PR2914: byte_map_base is not page aligned on OpenJDK 7
  • JamVM
    • PR2665: icedtea/jamvm 2.6 fails as a build VM for icedtea

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • d6d92e9b20e321d51b2f428868b6de3d3ebc2b4eedde19e5cf2e2452da6d0fde icedtea-2.6.6.tar.gz
  • 765e3dfbaa5eef6fccd9cc53c153681ad2c70384b31fe3691e44709dbeeae3d2 icedtea-2.6.6.tar.gz.sig
  • 79949744436158d9ded3a758c22da7629f843ea3913afdffc65ea0f1a26d544a icedtea-2.6.6.tar.xz
  • a8049026f7b7f8503ce7ff25c28b822e97cce5c495fdaa0c9b734315d99596bd icedtea-2.6.6.tar.xz.sig

The checksums can be downloaded from:

A 2.6.6 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.6.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.6.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.6/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to (finally) announce the release of IcedTea 3.0.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release begins our OpenJDK 8 support with the first release based on OpenJDK 8 u77.

There are still some remaining issues with OpenJDK 8 support in the alternate virtual machines, JamVM and CACAO. Both will build against OpenJDK 8 but the resulting virtual machine crashes. We hope this will improve with time, but for now, we recommend sticking with HotSpot, and thus the use of the zero-assembler projects for those architectures yet to have a native port.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.0.0 (2016-04-08)

  • Rebase on jdk8u77-b03
  • Backports
    • S4890063, PR2304, RH1214835: HPROF: default text truncated when using doe=n option
    • S6425769, PR2859: Allow specifying an address to bind JMX remote connector
    • S8000650, PR2462: unpack200.exe should check gzip crc
    • S8031668, PR2842: TOOLCHAIN_FIND_COMPILER unexpectedly resolves symbolic links
    • S8035341: Allow using a system installed libpng
    • S8038392: Generating prelink cache breaks JAVA ‘jinfo’ utility normal behavior
    • S8042159: Allow using a system-installed lcms2
    • S8042806: Splashscreen uses libjpeg-internal macros
    • S8043805: Allow using a system-installed libjpeg
    • S8044235: src.zip should include all sources
    • S8074839, PR2462: Resolve disabled warnings for libunpack and the unpack200 binary
    • S8074859, PR1937: Turn on warnings as error
    • S8087218, PR2740: Constant fold loads from final instance fields in VM anonymous classes
    • S8139932, PR2739: Typo in makefile changes for 8043805 [Allow using a system-installed libjpeg]
    • S8140483, PR2740: Atomic*FieldUpdaters final fields should be trusted
    • S8140620, PR2769: Find and load default.sf2 as the default soundbank on Linux
    • S8145096, PR2854: Undefined behaviour in HotSpot
    • S8145982, PR2859: JMXInterfaceBindingTest is failing intermittently
    • S8146015, PR2859: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses
    • S8148351, PR2842: Only display resolved symlink for compiler, do not change path
    • S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell
  • Bug fixes
    • S8041658: Use of -fdevirtualize on macroAssembler_x86.o (via -O2) with gcc 4.9.0 creates broken VM
    • PR94: empty install target in Makefile.am
    • PR729: GTKLookAndFeel should be the system look&feel on all GNU/Linux desktops
    • PR1275: Provide option to turn off downloading of tarballs
    • PR1281, RH513605: Updating/Installing OpenJDK should recreate the shared class-data archive
    • PR1289: Allow JARs to be optionally compressed by setting COMPRESS_JARS
    • PR1291: Ensure unlimited crypto policy is in place.
    • PR1325: Only add classes to rt-source-files.txt if actually needed
    • PR1341: Remove Rhino support
    • PR1346: Filter out -j option to make
    • PR1347: Update list of checked JDKs
    • PR1348: java -version output is broken
    • PR1357: Make XRender mandatory
    • PR1359: Check for /usr/lib64 JVMs and generic JPackage alternative
    • PR1364: Replace hgforest support
    • PR1367: Support using the system installation of LCMS
    • PR1368: Ensure debug data is available for all libraries and binaries without redundant files
    • PR1369: Remove outdated bootstrap configure tests or make them fail on error
    • PR1377: Forwardport javac detection / usability test from IcedTea 2.x
    • PR1379: Add build support for Zero AArch64
    • PR1413: Undefined reference to libz during link of unpack200
    • PR1741: Break PulseAudio provider out into IcedTea-Sound
    • PR1766: Expand architecture support
    • PR1774: Support GIF lib v5
    • PR1774: Correct #ifdef to #if
    • PR1796: make fails with “computed checksum did NOT match”
    • PR1806: Support Debian/Ubuntu 7 & 8 OpenJDK Installs as Boot JDK
    • PR1812: Unable to locate HotSpot checksum when downloading
    • PR1813: HotSpot URL should be used with –enable-hg
    • PR1815: Split download/extraction rules for OpenJDK so they can run in parallel
    • PR1829: Support AM_MAINTAINER_MODE
    • PR1834, RH1022017: Report elliptic curves supported by NSS, not the SunEC library
    • PR1845: jstack.stp in OpenJDK8 is broken
    • PR1869: Avoid x86 workaround when running Zero rather than a JIT
    • PR1889: Allow tarball checksumming to be disabled
    • PR1935: HotSpot extraction needs to depend on the tarball being downloaded
    • PR1937: Add configure option for -Werror
    • PR1938: Zero broken by enforced use of -Werror
    • PR1942: Bug reports lack IcedTea version & distribution packaging information
    • PR1950: Add build support for Zero SH
    • PR1965, G498288: Allow builds on PaX kernels
    • PR1968: Move to new OpenJDK bug URL format
    • PR1975: SystemTap probes for the garbage collector.
    • PR1977: Support using the system installation of Zlib
    • PR1979: Support using the system installation of libjpeg
    • PR1980: Support using the system installation of giflib
    • PR1981: Support using the system installation of libpng
    • PR1983: Support using the system installation of NSS with the SunEC provider
    • PR1994: make dist broken
    • PR2001: Synchronise HEAD tarball paths with release branch paths
    • PR2066: Unset OS before running OpenJDK build
    • PR2095, RH1163501: 2048-bit DH upper bound too small for Fedora infrastructure
    • PR2126: Synchronise elliptic curves in sun.security.ec.NamedCurve with those listed by NSS
    • PR2127: SunEC provider crashes when built using system NSS
    • PR2199: Support giflib 5.1.0
    • PR2212: DGifCloseFile call should check the return value, not the error code, for failure
    • PR2227: giflib 5.1 conditional excludes 6.0, 7.0, etc.
    • PR2237, RH1194378: ppc64le should report its os.arch as ppc64le so tools can detect it
    • PR2248: HotSpot tarball fails verification after download
    • PR2256: Add SystemTap tests
    • PR2257: clean-extract-nashorn rule is never run
    • PR2321: Checksum of policy JAR files changes on every build
    • PR2329: jamvm parallel unpack failures
    • PR2339: Fail early if there is no native HotSpot JIT & all other options are disabled
    • PR2348: Avoid following symlinks for CACAO and JamVM patches
    • PR2351: Split CACAO rule into configure and make stages
    • PR2352: Split JamVM rule into configure, make and make install stages
    • PR2358: Add aliases for all stamp targets
    • PR2362: Update HACKING & fsg.sh.in
    • PR2363: Remove EC source code prior to build
    • PR2369: SunEC provider is partially installed
    • PR2377: PaX mark the installed JDK so it runs on hardened systems
    • PR2383: Location of docs directory in install-data-local is incorrect
    • PR2392: Make elliptic curve removal optional
    • PR2400, RH1206656: Zero JVM crashes on startup when built with GCC 5
    • PR2407: Fix automatic enabling of the Zero build on non-JIT architectures which don’t use CACAO or JamVM
    • PR2408: Enable Zero when Shark is enabled
    • PR2409: Update Zero macro to match one in IcedTea 2.x
    • PR2410: Support PPC64 JIT on ppc64le
    • PR2411: Fix references to hotspot.map following PR2001
    • PR2413: OpenJDK doesn’t auto-select Zero on architectures where no server JVM is available
    • PR2414: CFLAGS, CXXFLAGS and LDFLAGS should be passed to OpenJDK build
    • PR2415: JVM -Xmx requirement is too high on s390
    • PR2428: OpenJDK build can’t handle commas in LDFLAGS
    • PR2429: OpenJDK build does not copy a symlinked cacerts file
    • PR2432: ppc64 JIT doesn’t support class data sharing
    • PR2433: ppc64le does not support -Xshare:dump
    • PR2434: SystemTap support is no longer optional
    • PR2439: NSS PKCS11 regression – due to java.security automatic loading
    • PR2443: install stage fails where BUILD_ARCH_DIR != INSTALL_ARCH_DIR
    • PR2447: Allow greater control of Javadoc installation directory
    • PR2448: Install TRADEMARK, COPYING and ChangeLog as RPM spec file does
    • PR2454: install-data-local needs to check that classes.jsa actually exists
    • PR2456: Installation path for hotspot_gc.stp is wrong, due to changed j2sdk-image location
    • PR2459: Policy JAR files should be timestamped with the date of the policy file they hold
    • PR2511: Reset success following calls in LayoutManager.cpp
    • PR2541: Allow the user to specify the cacerts file to use
    • PR2544: Desktop files do not allow installation from multiple versions of IcedTea
    • PR2547: Extend tarball checksumming option to allow the checksum to be specified
    • PR2631: jvm.cfg missing for ppc64le
    • PR2633: s390 builds still fail as BUILD_NUM_BITS is never set
    • PR2675: Update ppc64le autotools infrastructure following PR2237
    • PR2691, G564746: ./configure is unable to compile using distcc for icedtea-3.0.0_pre06
    • PR2737: Allow multiple PKCS11 library initialisation to be a non-critical error.
    • PR2738: java.lang.UnsatisfiedLinkError: no javalcms in java.library.path
    • PR2743: Remove bad AArch64 merge fragment
    • PR2759: LCMS library should be named javalcms, not lcms, to avoid potential conflicts with the system library
    • PR2766: Remove all references to GCJ
    • PR2767: Remove remaining rogue binaries from OpenJDK tree
    • PR2768: Move SystemTap GCC 4.5 patch to OpenJDK tree or discard if no longer needed
    • PR2777: Fix MAX/MIN template usage on s390
    • PR2804: test/tapset/jstaptest.pl should be executable
    • PR2815: Race condition in SunEC provider with system NSS
    • PR2825: Placement of -lfreebl matters when using bfd linker
    • PR2826: Provide option to disable SystemTap tests
    • PR2841: Parallelism issues resulting from PR2459
    • PR2863: IcedTea doesn’t pass through build and host triplets to OpenJDK’s configure
    • PR2865: Handle uninstallation.
    • PR2869: Revert CRC fix (S8000650) backported as part of PR2462
    • PR2873: Fix make distcheck.
    • PR2880: Add missing test directory in make check.
    • PR2885: Location of ‘stap’ executable is hard-coded
    • PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
    • PR2899: Don’t use WithSeed versions of NSS functions as they don’t fully process the seed
    • PR2906: Support prefixed variants of GNU tools used on *BSD systems
    • PR2907: Replace –with-abs-install-dir with usual –prefix
    • PR2917: Don’t pass –with-cacerts-file to build if USE_ALT_CACERTS_FILE is not set
    • PR2918: Makefile handles cacerts as a symlink, but the configure check doesn’t
    • PR2920: PaX marking fails on filesystems which don’t support extended attributes
    • PR2921: Uninstallation of docs deletes too much
    • Don’t substitute ‘j’ for ‘-j’ inside -I directives
    • Extend 8041658 to all files in the HotSpot build.
    • Remove jcheck
  • AArch64 port
    • PR1970: Imported from aarch64 jdk8 repository.
    • PR2853: Fix build for aarch64/zero
    • PR2853: Remaining miscellaneous synchronisation changes from aarch64/jdk8u
    • PR2853: Remove AArch64-specific code in generateOptoStub.cpp.
    • PR2853: Remove some AArch64-specific code in share/.
    • PR2853: Remove some unnecessary divergences from jdk8u.
    • PR2853: Revert AArch64 jvm.cfg divergence
    • PR2853: Revert changes to libpng source code now 8078245 is in place.
    • PR2922: Import latest AArch64 changes from aarch64-port/jdk8u (aarch64-jdk8u77-b03)
    • S8150652, PR2922: Remove unused code in AArch64 back end
  • JamVM
    • JSR 292: Invoke Dynamic
    • JSR 308: Type Annotations
    • JSR 335: Lambda Expressions
    • JSR 901: VM support for method parameter reflection
    • JEP 171: Implement fence methods in sun.misc.Unsafe
    • sun.misc.Unsafe: additional methods get/putAddress.
    • FreeClassData: adjust method count for Miranda methods
    • Fix invokesuper check in invokespecial opcode
    • Fix non-direct interpreter invokespecial super-class check
    • When GC’ing a native method don’t try to free code
    • Do not free unprepared Miranda method code data
    • Set anonymous class protection domain
    • JVM_IsVMGeneratedMethodIx stub
    • Dummy implementation of sun.misc.Perf natives
    • JVM_NewMultiArray: element class may be an array
    • jtreg test java/lang/reflect/Array/ExceedMaxDim
    • OpenJDK: Fix Local/Anonymous class checks
    • classlibMarkThreadTerminated should return Object*
    • Fix race-condition in constant-pool resolution code
    • JSR 292: MethodHandle constant-pool refs may be resolved
    • JSR 292: bootstrap method args error handling
    • JSR 308: update to match OpenJDK changes
    • JSR 292: correct intrinsic cache COMPARE function
    • Race condition in setting up imethod table
    • GC: Minor performance improvement
    • PR2034: –enable-jamvm builds broken, missing JVM_GetTemporaryDirectory impl
    • PR2336: JamVM lacks JVM_FindClassFromCaller
    • PR2523: Add executable stack markings to callNative.S on JamVM
    • PR2775: JamVM lacks JVM_GetResourceLookupCacheURLs introduced by jdk8u40
  • CACAO
    • PR1277: Synchronise CACAO rules between IcedTea6/7/8 where possible
    • PR1279: Synchronise CACAO versions between IcedTea6/7/8 where possible
    • PR2035: –enable-cacao builds broken, missing JVM_GetTemporaryDirectory impl.
    • PR2330, CA172, G453612: Add ARM hardfloat support to CACAO on Gentoo
    • PR2331: IcedTea8 fails to build with IcedTea7 CACAO due to low max heap size
    • PR2335: CACAO lacks JVM_FindClassFromCaller
    • PR2347: Fix CACAO patches to apply again
    • PR2349: ‘struct jvm_version_info’ has no member named ‘is_kernel_jvm’
    • PR2350: Update to latest CACAO
    • PR2354: stamps/cacao.stamp tries to touch a file in a directory which doesn’t exist
    • PR2355: CACAO build fails to use JRE layout
    • PR2776: CACAO lacks JVM_GetResourceLookupCacheURLs introduced by jdk8u40
    • PR2832, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any’ failed
    • PR2908: Add missing functions for CACAO OpenJDK JVM implementation
    • PR2909: Install CACAO in same way as JamVM
    • PR2910: Add rudimentary support for OpenJDK 8 class files to CACAO
    • PR2916: Update CACAO drop to use the latest from cacao-staging

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • db874ae8dd14ab3eaed7b21a2895d6bfb3a4426e27289bbfaaf83f17bb5ed730 icedtea-3.0.0.tar.gz
  • a6a4da4e9012cb5b97823689700c82c573e0fc23a4c8b56977a4778ca69668cf icedtea-3.0.0.tar.gz.sig
  • 947add69b3b89d7685cb0c9e2b51fc561e27f6e7c0bf1ea98dac8156fa8629a9 icedtea-3.0.0.tar.xz
  • e616412bc6a144c592f3c0dea51be2ea6d6fedcb173c3944f68f78eb7a8cd546 icedtea-3.0.0.tar.xz.sig

The checksums can be downloaded from:

A 3.0.0 ebuild for Gentoo is available.

The following people helped with these releases:

  • Lukas Berk (garbage collection probes for SystemTap)
  • James Le Cuirot (PR2863)
  • Taigo Sturmer Daitx (ppc64le support)
  • Andrew Hughes (all other backports & bug fixes, release management)
  • Radim Kolar (PR2906)
  • Xerxes Rånby (CACAO & JamVM support)
  • Ralph Sennhauser (initial PaX support)
  • Yasumasa Suenaga (PR1845 and other SystemTap work)
  • Mario Torre (S8150954)
  • Jon VanAlten (SystemTap tests)
  • Michal Vyskocil (PR1357 & PR1359)
  • Mark Wielaard (SystemTap fixes & tests)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.0.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.0.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.0.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the March 2016 interim security fix from OpenJDK 7 u99.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.5 (2016-03-24)

  • Security fixes
  • Import of OpenJDK 7 u99 build 0
    • S6425769, PR2858: Allow specifying an address to bind JMX remote connector
    • S6961123: setWMClass fails to null-terminate WM_CLASS string
    • S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently
    • S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses
  • Backports
    • S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions
    • S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp
    • S8071705, PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically
    • S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell
  • Bug fixes
    • PR2803: Make system CUPS optional
    • PR2886: Location of ‘stap’ executable is hard-coded
    • PR2893: test/tapset/jstaptest.pl should be executable
    • PR2894: Add missing test directory in make check.
  • CACAO
    • PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any’ failed
  • AArch64 port
    • PR2852: Add support for large code cache
    • PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only.
    • S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter
    • S8131483, PR2852: aarch64: illegal stlxr instructions
    • S8133352, PR2852: aarch64: generates constrained unpredictable instructions
    • S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32
    • S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation
    • S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0
    • S8138575, PR2852: Improve generated code for profile counters
    • S8138641, PR2852: Disable C2 peephole by default for aarch64
    • S8138966, PR2852: Intermittent SEGV running ParallelGC
    • S8143067, PR2852: aarch64: guarantee failure in javac
    • S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved
    • S8143584, PR2852: Load constant pool tag and class status with load acquire
    • S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with –enable-unlimited-crypto
    • S8144582, PR2852: AArch64 does not generate correct branch profile data
    • S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base
    • S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject
    • S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac
  • PPC & AIX port
    • S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280
    • S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call
    • S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • d8bce93bd33b299a52236f03fb57d42ae9de808c8337e6185930799dbfc78795 icedtea-2.6.5.tar.gz
  • 0a12f5916c144879812dc086bfbb506569ee3abb056a81031287d00914652313 icedtea-2.6.5.tar.gz.sig
  • e752304496bb11ae9952beb11e6743dd84e55b340eaca716f310c5a0f48b53f7 icedtea-2.6.5.tar.xz
  • 7bd1b00d3f59e32e80ba41a705a5730de87dd76f138d94dd94995b9a394d9dad icedtea-2.6.5.tar.xz.sig

The checksums can be downloaded from:

A 2.6.5 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.5.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.5.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.5/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the January 2016 security fixes.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.10 (2016-01-22)

  • Security fixes
  • Import of OpenJDK6 b38
    • OJ69: Windows build broken after b37 changes
    • OJ70: Allow versions of ALSA >= 1.1.0
    • S6720721: CRL check with circular depency support needed
    • S6852744: PIT b61: PKI test suite fails because self signed certificates are being rejected [Tests only]
    • S7166570: JSSE certificate validation has started to fail for certificate chains
    • S7167988: PKIX CertPathBuilder in reverse mode doesn’t work if more than one trust anchor is specified
    • S7171223: Building ExtensionSubtables.cpp should use -fno-strict-aliasing
    • S8068761: [TEST_BUG] java/nio/channels/ServerSocketChannel/AdaptServerSocket.java failed with SocketTimeoutException
    • S8074068: Cleanup in src/share/classes/sun/security/x509/
    • S8075773: jps running as root fails after the fix of JDK-8050807
    • S8081297: SSL Problem with Tomcat
    • S8134605: Partial rework of the fix for 8081297
    • S8135307: CompletionFailure thrown when calling FieldDoc.type, if the field’s type is missing
    • S8138716: (tz) Support tzdata2015g
    • S8141213: [Parfait]Potentially blocking function GetArrayLength called in JNI critical region at line 239 of jdk/src/share/native/sun/awt/image/jpeg/jpegdecoder.c in function GET_ARRAYS
    • S8141287: Add MD5 to jdk.certpath.disabledAlgorithms – Take 2
    • S8142928: [TEST_BUG] sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java 8u71 failure
    • S8144955: Wrong changes were pushed with 8143942
    • S8145551: Test failed with Crash for Improved font lookups
    • S8147466: Add -fno-strict-overflow to IndicRearrangementProcessor{,2}.cpp
  • Backports
    • S7169111, PR2757: Unreadable menu bar with Ambiance theme in GTK L&F
    • S8140620, PR2711: Find and load default.sf2 as the default soundbank on Linux

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • e467fbdbae88897c4447b400be32f3176a798d3c7d84a311b7a24420e955e93a icedtea6-1.13.10.tar.gz
  • 59a4eef6f98a1ef5951e3fd64f94a3e8f818513fa2cf721ffb60b20601eed92d icedtea6-1.13.10.tar.gz.sig
  • a08907fa5a99a84c1bb480c9a0438264ff01c6215a7e1618e08e4ae79d4600d7 icedtea6-1.13.10.tar.xz
  • 4dac256f93799aa0e75062c94c242f956bd2372b1fb70c220dcb02d4b2d028a5 icedtea6-1.13.10.tar.xz.sig

The checksums can be downloaded from:

A 1.13.10 ebuild for Gentoo is available.

The following people helped with these releases:

  • Andrew Hughes (all backports and bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.10.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.10.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.10/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the January 2016 security fixes from OpenJDK 7 u95.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.4 (2016-01-19)

  • Security fixes
  • Import of OpenJDK 7 u95 build 0
    • S7167988: PKIX CertPathBuilder in reverse mode doesn’t work if more than one trust anchor is specified
    • S8068761: [TEST_BUG] java/nio/channels/ServerSocketChannel/AdaptServerSocket.java failed with SocketTimeoutException
    • S8074068: Cleanup in src/share/classes/sun/security/x509/
    • S8075773: jps running as root fails after the fix of JDK-8050807
    • S8081297: SSL Problem with Tomcat
    • S8131181: Increment minor version of HSx for 7u95 and initialize the build number
    • S8132082: Let OracleUcrypto accept RSAPrivateKey
    • S8134605: Partial rework of the fix for 8081297
    • S8134861: XSLT: Extension func call cause exception if namespace URI contains partial package name
    • S8135307: CompletionFailure thrown when calling FieldDoc.type, if the field’s type is missing
    • S8138716: (tz) Support tzdata2015g
    • S8140244: Port fix of JDK-8075773 to MacOSX
    • S8141213: [Parfait]Potentially blocking function GetArrayLength called in JNI critical region at line 239 of jdk/src/share/native/sun/awt/image/jpeg/jpegdecoder.c in function GET_ARRAYS
    • S8141287: Add MD5 to jdk.certpath.disabledAlgorithms – Take 2
    • S8142928: [TEST_BUG] sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java 8u71 failure
    • S8143132: L10n resource file translation update
    • S8144955: Wrong changes were pushed with 8143942
    • S8145551: Test failed with Crash for Improved font lookups
    • S8147466: Add -fno-strict-overflow to IndicRearrangementProcessor{,2}.cpp
  • Backports
    • S8140244: Port fix of JDK-8075773 to AIX

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • ef5dd43c5f87742ac28519420055ad24acaca55b005b5b2e339cf3e451d716c1 icedtea-2.6.4.tar.gz
  • 59acd169e88ab8071f37481351a70b04e4eacd341dba1ecc3588bf5d42ef6b7d icedtea-2.6.4.tar.gz.sig
  • d20a365feea95a4c01c9f9db1f7562f471f638bc672db9de6c6e654d2d826164 icedtea-2.6.4.tar.xz
  • fc90dc9a58db1309d2105766cc9b41f295c1c12981cf1fc0afc04efa860d3f61 icedtea-2.6.4.tar.xz.sig

The checksums can be downloaded from:

A 2.6.4 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.4.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.4.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.4/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with an additional October 2015 security fix from OpenJDK 7 u91.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.3 (2015-11-13)

  • Security fixes
    • S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed
  • Backports

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net)
  • Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

I’m transitioning to the use of a new key for signing releases over the next year. Signatures made with this key are available at:

and the new key is:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this newer key.

SHA256 checksums:

  • 89183993d3dd794b4e2a428a8a0a35f1ce77c4ae64563e53f3a08c058ea134cc icedtea-2.6.3.tar.gz
  • 2d1b8e71739cc0d3c0afbab61a2093fb501ffa28b92f6d2630c684ae9ac48551 icedtea-2.6.3.tar.gz.sig
  • d89fea821068d38f1ca9e34bbc08ca1f6da985589d7064d7a5734d66dfd20c4f icedtea-2.6.3.tar.gz.sig.ec
  • df38aa10b4d30f3bae089dcc72f4c32fb2385cb541491791c12829960f53c612 icedtea-2.6.3.tar.xz
  • b7c377c64bcc20865a063b397b4c1cd44dad782a433d6da0ce89b690e54a6c94 icedtea-2.6.3.tar.xz.sig
  • f9373d52f121b97330f77e06064753eca949e703a5b32e501a70fd1dd8f007c0 icedtea-2.6.3.tar.xz.sig.ec

The checksums can be downloaded from:

A 2.6.3 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.3.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.3.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.3/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the October 2015 security fixes.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.9 (2015-11-13)

  • Security fixes
  • Import of OpenJDK6 b37
    • OJ64: Backport hashtable to map changes from jaxp
    • OJ65: Remove @Override annotation on interfaces added by 2015/10/20 security fixes
    • OJ66: Revert 7110373 & 7149751 test removals now 6706974 is present (krb5 test infrastructure)
    • OJ67: Fix copyright headers on imported files
    • OJ68: Ensure SharedSecrets are initialised
    • S6570619: (bf) DirectByteBuffer.get/put(byte[]) does not scale well
    • S6590930: reed/write does not match for ccache
    • S6648972: KDCReq.init always read padata
    • S6676075: RegistryContext (com.sun.jndi.url.rmi.rmiURLContext) coding problem
    • S6682516: SPNEGO_HTTP_AUTH/WWW_KRB and SPNEGO_HTTP_AUTH/WWW_SPNEGO failed on all non-windows platforms
    • S6710360: export Kerberos session key to applications
    • S6733095: Failure when SPNEGO request non-Mutual
    • S6785456: Read Kerberos setting from Windows environment variables
    • S6821190: more InquireType values for ExtendedGSSContext
    • S6843127: krb5 should not try to access unavailable kdc too often
    • S6844193: support max_retries in krb5.conf
    • S6844907: krb5 etype order should be from strong to weak
    • S6844909: support allow_weak_crypto in krb5.conf
    • S6849275: enhance krb5 reg tests
    • S6853328: Support OK-AS-DELEGATE flag
    • S6854308: more ktab options
    • S6856069: PrincipalName.clone() does not invoke super.clone()
    • S6857795: krb5.conf ignored if system properties on realm and kdc are provided
    • S6857802: GSS getRemainingInitLifetime method returns milliseconds not seconds
    • S6858589: more changes to Config on system properties
    • S6862679: ESC: AD Authentication with user with umlauts fails
    • S6877357: IPv6 address does not work
    • S6888701: Change all template java source files to a .java-template file suffix
    • S6893158: AP_REQ check should use key version number
    • S6907425: JCK Kerberos tests fail since b77
    • S6919610: KeyTabInputStream uses static field for per-instance value
    • S6932525: Incorrect encryption types of KDC_REQ_BODY of AS-REQ with pre-authentication
    • S6946669: SSL/Krb5 should not call EncryptedData.reset(data, false)
    • S6950546: “ktab -d name etype” to “ktab -d name [-e etype] [kvno | all | old]“
    • S6951366: kerberos login failure on win2008 with AD set to win2000 compat mode
    • S6952519: kdc_timeout is not being honoured when using TCP
    • S6959292: regression: cannot login if session key and preauth does not use the same etype
    • S6960894: Better AS-REQ creation and processing
    • S6966259: Make PrincipalName and Realm immutable
    • S6975866: api/org_ietf/jgss/GSSContext/index.html#wrapUnwrapIOTest started to fail since jdk7 b102
    • S6984764: kerberos fails if service side keytab is generated using JDK ktab
    • S6997740: ktab entry related test compilation error
    • S7018928: test failure: sun/security/krb5/auto/SSL.java
    • S7032354: no-addresses should not be used on acceptor side
    • S7061379: [Kerberos] Cross-realm authentication fails, due to nameType problem
    • S7142596: RMI JPRT tests are failing
    • S7157610: NullPointerException occurs when parsing XML doc
    • S7158329: NPE in sun.security.krb5.Credentials.acquireDefaultCreds()
    • S7197159: accept different kvno if there no match
    • S8004317: TestLibrary.getUnusedRandomPort() fails intermittently, but exception not reported
    • S8005226: java/rmi/transport/pinClientSocketFactory/PinClientSocketFactory.java fails intermittently
    • S8006534: CLONE – TestLibrary.getUnusedRandomPort() fails intermittently-doesn’t retry enough times
    • S8014097: add doPrivileged methods with limited privilege scope
    • S8021191: Add isAuthorized check to limited doPrivileged methods
    • S8022213: Intermittent test failures in java/net/URLClassLoader
    • S8028583: Add helper methods to test libraries
    • S8028780: JDK KRB5 module throws OutOfMemoryError when CCache is corrupt
    • S8058608: JVM crash during Kerberos logins using des3-cbc-md5 on OSX
    • S8064331: JavaSecurityAccess.doIntersectionPrivilege() drops the information about the domain combiner of the stack ACC
    • S8072932: Test fails with java.security.AccessControlException: access denied (“java.security.SecurityPermission” “getDomainCombiner”)
    • S8078822: 8068842 fix missed one new file PrimeNumberSequenceGenerator.java
    • S8079323: Serialization compatibility for Templates: need to exclude Hashtable from serialization
    • S8087118: Remove missing package from java.security files
    • S8098547: (tz) Support tzdata2015e
    • S8130253: ObjectStreamClass.getFields too restrictive
    • S8133196, RH1251935: HTTPS hostname invalid issue with InetAddress
    • S8133321: (tz) Support tzdata2015f
    • S8135043: ObjectStreamClass.getField(String) too restrictive
  • Backports
    • S6440786, PR363: Cannot create a ZIP file containing zero entries
    • S6599383, PR363: Unable to open zip files more than 2GB in size
    • S6763122, PR363: ZipFile ctor does not throw exception when file is not a zip file
    • S6929479, PR363: Add a system property sun.zip.disableMemoryMapping to disable mmap use in ZipFile
    • S7105461, PR2662: Large JTables are not rendered correctly with Xrender pipeline
    • S7150134, PR2662: JCK api/java_awt/Graphics/index.html#DrawLine fails with OOM for jdk8 with XRender pipeline
  • Bug fixes
    • PR2513: Reset success following calls in LayoutManager.cpp

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net)
  • Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

I’m transitioning to the use of a new key for signing releases over the next year. Signatures made with this key are available at:

and the new key is:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this newer key.

SHA256 checksums:

  • 41baf774c52c1d2a0a094a6355635942e8ecb80cf7853fb6827da80f7818ba33 icedtea6-1.13.9.tar.gz
  • 49a01399630b5477af4ac7e240aaddb04d93578d54d659b560f5f02e687fd98c icedtea6-1.13.9.tar.gz.sig
  • 3a18bb1e540a0694ca1359e5adebaa5e1af66b4ba739b4e0d3ea733683a8330a icedtea6-1.13.9.tar.gz.sig.ec
  • 61e0fb2ed0fc2d793a42e24d2192423f8a7ccb04f130d82d5889a0ecf52bc965 icedtea6-1.13.9.tar.xz
  • bf4c66cd3f64c2ca7510f8584c7bdd67012f4307d73e1f6232a1475df64c1caa icedtea6-1.13.9.tar.xz.sig
  • 51acad266f7c8a6cfd0662a1deab21a91acea88c46af2de2521897e81077b902 icedtea6-1.13.9.tar.xz.sig.ec

The checksums can be downloaded from:

A 1.13.9 ebuild for Gentoo is available.

The following people helped with these releases:

  • Andrew Hughes (all backports and bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.9.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.9.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.9/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the October 2015 security fixes from OpenJDK 7 u91.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Please Note: The fix for S8086092 below affects the build of the in-tree copy of LCMS. If the default of using the system LCMS is used, this will not take effect. Users should either switch to in-tree LCMS or (ideally) apply the fix to the system build of LCMS.

Full details of the release can be found below.

What’s New?

New in release 2.6.2 (2015-10-22)

  • Security fixes
  • Import of OpenJDK 7 u85 build 2
    • S8133968: Revert 8014464 on OpenJDK 7
    • S8133993: [TEST_BUG] Make CipherInputStreamExceptions compile on OpenJDK 7
    • S8134248: Fix recently backported tests to work with OpenJDK 7u
    • S8134610: Mac OS X build fails after July 2015 CPU
    • S8134618: test/javax/xml/jaxp/transform/8062923/XslSubstringTest.java has bad license header
  • Import of OpenJDK 7 u91 build 0
    • S6854417: TESTBUG: java/util/regex/RegExTest.java fails intermittently
    • S6966259: Make PrincipalName and Realm immutable
    • S8005226: java/rmi/transport/pinClientSocketFactory/PinClientSocketFactory.java fails intermittently
    • S8014097: add doPrivileged methods with limited privilege scope
    • S8021191: Add isAuthorized check to limited doPrivileged methods
    • S8028780: JDK KRB5 module throws OutOfMemoryError when CCache is corrupt
    • S8064331: JavaSecurityAccess.doIntersectionPrivilege() drops the information about the domain combiner of the stack ACC
    • S8076506: Increment minor version of HSx for 7u91 and initialize the build number
    • S8078822: 8068842 fix missed one new file PrimeNumberSequenceGenerator.java
    • S8079323: Serialization compatibility for Templates: need to exclude Hashtable from serialization
    • S8087118: Remove missing package from java.security files
    • S8098547: (tz) Support tzdata2015e
    • S8130253: ObjectStreamClass.getFields too restrictive
    • S8133321: (tz) Support tzdata2015f
    • S8135043: ObjectStreamClass.getField(String) too restrictive
  • Import of OpenJDK 7 u91 build 1
    • S8072932: Test fails with java.security.AccessControlException: access denied (“java.security.SecurityPermission” “getDomainCombiner”)
  • Backports
    • S6880559, PR2674: Enable PKCS11 64-bit windows builds
    • S6904403, PR2674: assert(f == k->has_finalizer(),"inconsistent has_finalizer") with debug VM
    • S7011441, PR2674: jndi/ldap/Connection.java needs to avoid spurious wakeup
    • S7059542, PR2674: JNDI name operations should be locale independent
    • S7105461, PR2571: Large JTables are not rendered correctly with Xrender pipeline
    • S7105883, PR2560, RH1245855: JDWP: agent crash if there exists a ThreadGroup with null name
    • S7107611, PR2674: sun.security.pkcs11.SessionManager is scalability blocker
    • S7127066, PR2674: Class verifier accepts an invalid class file
    • S7150092, PR2674: NTLM authentication fail if user specified a different realm
    • S7150134, PR2571: JCK api/java_awt/Graphics/index.html#DrawLine fails with OOM for jdk8 with XRender pipeline
    • S7152582, PR2674: PKCS11 tests should use the NSS libraries available in the OS
    • S7156085, PR2674: ArrayIndexOutOfBoundsException throws in UTF8Reader of SAXParser
    • S7177045, PR2674: Rework the TestProviderLeak.java regression test, it is too fragile to low memory errors.
    • S7190945, PR2674: pkcs11 problem loading NSS libs on Ubuntu
    • S8005226, PR2674: java/rmi/transport/pinClientSocketFactory/PinClientSocketFactory.java fails intermittently
    • S8009438, PR2674: sun/security/pkcs11/Secmod tests failing on Ubuntu 12.04
    • S8011709, PR2509: [parfait] False positive: memory leak in jdk/src/share/native/sun/font/layout/CanonShaping.cpp
    • S8012971, PR2674: PKCS11Test hiding exception failures
    • S8016105, PR2560, RH1245855: Add complementary RETURN_NULL allocation macros in allocation.hpp
    • S8020424, PR2674: The NSS version should be detected before running crypto tests
    • S8020443, PR2674: Frame is not created on the specified GraphicsDevice with two monitors
    • S8021897, PR2560, RH1245855: EXCEPTION_ACCESS_VIOLATION on debugging String.contentEquals()
    • S8022683, PR2560, RH1245855: JNI GetStringUTFChars should return NULL on allocation failure not abort the VM
    • S8023052, PR2509: JVM crash in native layout
    • S8025922, PR2560, RH1245855: JNI access to Strings need to check if the value field is non-null
    • S8026119, PR2679: Regression test DHEKeySizing.java failing intermittently
    • S8027624, PR2674: com/sun/crypto/provider/KeyFactory/TestProviderLeak.java unstable again
    • S8033069, PR2674: mouse wheel scroll closes combobox popup
    • S8035150, PR2674: ShouldNotReachHere() in ConstantPool::copy_entry_to
    • S8039212, PR2674: SecretKeyBasic.sh needs to avoid NSS libnss3 and libsoftokn3 version mismatches
    • S8042855, PR2509: [parfait] Potential null pointer dereference in IndicLayoutEngine.cpp
    • S8044364, PR2674: runtime/RedefineFinalizer test fails on windows
    • S8048353, PR2674: jstack -l crashes VM when a Java mirror for a primitive type is locked
    • S8050123, PR2674: Incorrect property name documented in CORBA InputStream API
    • S8056122, PR1896: Upgrade JDK to use LittleCMS 2.6
    • S8056124, PR2674: Hotspot should use PICL interface to get cacheline size on SPARC
    • S8057934, PR1896: Upgrade to LittleCMS 2.6 breaks AIX build
    • S8059200, PR2674: Promoted JDK9 b31 for Solaris-amd64 fails (Error: dl failure on line 744, no picl library) on Solaris 11.1
    • S8059588, PR2674: deadlock in java/io/PrintStream when verbose java.security.debug flags are set
    • S8062518, PR2674: AIOBE occurs when accessing to document function in extended function in JAXP
    • S8062591, PR2674: SPARC PICL causes significantly longer startup times
    • S8072863, PR2674: Replace fatal() with vm_exit_during_initialization() when an incorrect class is found on the bootclasspath
    • S8073453, PR2674: Focus doesn’t move when pressing Shift + Tab keys
    • S8074350, PR2674: Support ISO 4217 “Current funds codes” table (A.2)
    • S8074869, PR2674: C2 code generator can replace -0.0f with +0.0f on Linux
    • S8075609, PR2674: java.lang.IllegalArgumentException: aContainer is not a focus cycle root of aComponent
    • S8075773, PR2674: jps running as root fails after the fix of JDK-8050807
    • S8076040, PR2674: Test com/sun/crypto/provider/KeyFactory/TestProviderLeak.java fails with -XX:+UseG1GC
    • S8076328, PR2679: Enforce key exchange constraints
    • S8076455, PR2674: IME Composition Window is displayed on incorrect position
    • S8076968, PR2674: PICL based initialization of L2 cache line size on some SPARC systems is incorrect
    • S8077102, PR2674: dns_lookup_realm should be false by default
    • S8077409, PR2674: Drawing deviates when validate() is invoked on java.awt.ScrollPane
    • S8078113, PR2674: 8011102 changes may cause incorrect results
    • S8078331, PR1896: Upgrade JDK to use LittleCMS 2.7
    • S8080012, PR2674: JVM times out with vdbench on SPARC M7-16
    • S8081392, PR2674: getNodeValue should return ‘null’ value for Element nodes
    • S8081470, PR2674: com/sun/jdi tests are failing with “Error. failed to clean up files after test” with jtreg 4.1 b12
    • S8081756, PR1896: Mastering Matrix Manipulations
    • S8130297, PR2674: com/sun/crypto/provider/KeyFactory/TestProviderLeak.java still failing after JDK-8076040
    • S8133636, PR2674: [TEST_BUG] Import/add tests for the problem seen in 8076110
  • Bug fixes
    • PR2512: Reset success following calls in LayoutManager.cpp
    • PR2557, G390663: Update Gentoo font configuration and allow font directory to be specified
    • PR2568: openjdk causes a full desktop crash on RHEL 6 i586
    • PR2683: AArch64 port has broken Zero on AArch64
    • PR2684: AArch64 port not selected on architectures where host_cpu != aarch64
    • PR2686: Add generated Fedora & Gentoo font configurations for bootstrap stage
  • CACAO
    • PR2652: Set classLoader field in java.lang.Class as expected by JDK

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net)
  • Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

I’m transitioning to the use of a new key for signing releases over the next year. Signatures made with this key are available at:

and the new key is:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this newer key.

SHA256 checksums:

  • c19eafacd23c81179934acab123511c424cd07c094739fa33778bf7cc80e14d0 icedtea-2.6.2.tar.gz
  • 38570f916c85ae77c80da1e3ab3eb5c98266042b5bae89b34894063bb0dcbaa2 icedtea-2.6.2.tar.gz.sig
  • 18d1e0ec86fe4973b890d00e9b9cb2bef109ba8f1ca5a1d8e2958918f1bc955e icedtea-2.6.2.tar.gz.sig.ec
  • bee8565c507a484ea876b62474aec379ac0e434acb9de8213279f47e1fe22076 icedtea-2.6.2.tar.xz
  • 43e5f03e561b52a97015a347de1e0c1a445f3a73dd6e38d29c4b8ca4a71dc033 icedtea-2.6.2.tar.xz.sig
  • aea216e14e5c5389836634285d303728b4cbf93e1ccb974b1a1c458eb8379e43 icedtea-2.6.2.tar.xz.sig.ec

The checksums can be downloaded from:

A 2.6.2 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.2.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.2.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.2/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

Next Page »