OpenJDK


The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

This release updates our OpenJDK 7 support to include the latest security updates. We recommend that users upgrade to the latest release from the
appropriate branch as soon as possible. The security fixes are as follows:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the releases can be found below.

What’s New?

New in release 2.3.9 (2013-04-21)

The tarballs can be downloaded from:

SHA256 checksums:

  • 7e1fdd4c53c9772337c971b6f6f8058dabd99d7f4c4fcc85c88d836c9005c6da icedtea-2.3.9.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.3.9.tar.gz
$ cd icedtea-2.3.9

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new security release, 1.11.10. This contains the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.11.10 (2013-04-17)

The tarball can be downloaded from:

SHA256 checksums:

  • 6c362135db9e0477eb9308b02a2adef26fc56cdabf2eda3286ce4301eb6e951e icedtea6-1.11.10.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-1.11.10.tar.gz

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea6-build
$ cd icedtea6-build
$ ../icedtea6-1.11.10/configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 7 series: 2.1.7, 2.2.7 & 2.3.8. We recommend that users upgrade to the latest release from the
appropriate branch as soon as possible. The releases contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 2.3.8 (2013-03-11)

  • Security fixes
  • Backports
    • S8002344: Krb5LoginModule config class does not return proper KDC list from DNS
    • S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c
    • S8006179: JSR292 MethodHandles lookup with interface using findVirtual()
    • S8006882: Proxy generated classes in sun.proxy package breaks JMockit
  • Bug fixes
    • PR1303: Correct #ifdef to #if
    • PR1340: Simplify the rhino class rewriter to avoid use of concurrency
    • Revert S7017193 and add the missing free call, until a better fix is ready.

New in release 2.2.7 (2013-03-11)

  • Security fixes
  • Backports
    • S8002344: Krb5LoginModule config class does not return proper KDC list from DNS
    • S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c
    • S8006179: JSR292 MethodHandles lookup with interface using findVirtual()
    • S8006882: Proxy generated classes in sun.proxy package breaks JMockit
  • Bug fixes
    • PR1303: Correct #ifdef to #if
    • PR1340: Simplify the rhino class rewriter to avoid use of concurrency
    • Revert S7017193 and add the missing free call, until a better fix is ready.

New in release 2.1.7 (2013-03-11)

  • Security fixes
  • Backports
    • S8002344: Krb5LoginModule config class does not return proper KDC list from DNS
    • S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c
    • S8006179: JSR292 MethodHandles lookup with interface using findVirtual()
    • S8006882: Proxy generated classes in sun.proxy package breaks JMockit
  • Bug fixes
    • PR1303: Correct #ifdef to #if
    • Stop libraries being stripped in the OpenJDK build.
    • PR1340: Simplify the rhino class rewriter to avoid use of concurrency
    • Revert S7017193 and add the missing free call, until a better fix is ready.

The tarballs can be downloaded from:

SHA256 checksums:

  • e23d7715b9b27635f721414614be4bc5e52d32fb9739bc2e5dd1abcd8183dbee icedtea-2.1.7.tar.gz
  • 070a14f450569f98bd7b1ce5c42a9240c81ac5c234e2b39f8897f11d3d625ecc icedtea-2.2.7.tar.gz
  • 750a4c6e3e22369aa7dcfb0751fe85d5ea7a36b32871861c5063dbcadddc7153 icedtea-2.3.8.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew Hughes (applying all security patches & backports, creation & testing of bug fixes, reproducer testing, release management)
  • Matthias Klose (reported & fixed PR1340)
  • Omair Majid (applied security fixes)
  • Bernhard Rosenkränzer (reported issue with PR1303)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

Original announcement courtesy of Omair Majid.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 6 series: 1.11.9 & 1.12.4. We recommend that users upgrade to the latest release from the
appropriate branch as soon as possible. The releases contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.11.9 (2013-03-04)

New in release 1.12.4 (2013-03-04)

The tarballs can be downloaded from:

SHA256 checksums:

  • 0c134bea8d48c77ad5d41d4a0f98f471c381faaa0ef0c215d48687e709e93f3f icedtea6-1.11.9.tar.gz
  • eb326c6ae0147ca4abe4bd79e52c1edc2ef08e5e008230e24bee3abb39e14dda icedtea6-1.12.4.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using Omair’s public key. See details below.

  • PGP Key: 66484681 (http://pgp.mit.edu/)
  • Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681

The following people helped with these releases:

  • Severin Gehwolf (creation of fix for S8007675)
  • Omair Majid (applying all security patches, reproducer runs, release management)
  • Mario Torre (creation of fix for S8007675)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 7 series: 2.1.6, 2.2.6 & 2.3.7. These contain the following security fixes:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the releases can be found below.

What’s New?

New in release 2.3.7 (2013-02-20)

New in release 2.2.6 (2013-02-20)

New in release 2.1.6 (2013-02-20)

The tarballs can be downloaded from:

SHA256 checksums:

  • e6a65923acb29b87b9f8492adc6f00152b489441e788b64e2869301cc7fa29ba icedtea-2.1.6.tar.gz
  • 90adf40e725d7a301c3e23efdb75fcb992b0e645d8be0250cd4d058d85488f33 icedtea-2.2.6.tar.gz
  • 378f67f6f84bfb6c705f600b47b68a61b18d67648dd7eaf8498b152587695940 icedtea-2.3.7.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Elliott Baron (production of reproducer for S8006439)
  • Severin Gehwolf (production of reproducer for S8006777)
  • Andrew John Hughes (application of security fixes & backports, creation & testing of bug fixes, reproducer testing, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz

where ${version} is the version of IcedTea being used.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 6 series: 1.11.8 & 1.12.3. These contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.11.8 (2013-02-19)

New in release 1.12.3 (2013-02-19)

The tarballs can be downloaded from:

SHA256 checksums:

  • 62620b5544d5e1df7508d7c777fb78532c75eec43b99c8c7d1a3c84f352c1ea3 icedtea6-1.11.8.tar.gz
  • db9dc14fa537fb22616fcd9e5b80758aa7baa66e0b6f8adfe3d5e80414574b4c icedtea6-1.12.3.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Severin Gehwolf (production of reproducer for 8006777)
  • Andrew John Hughes (application of security fixes & backports, creation & testing of bug fixes, reproducer testing, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

These releases update our older OpenJDK7 support to include the latest security updates just released:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

Note that this will be the last release in the 2.2.x series with 2.4.0 being imminent. The 2.1.x series will unfortunately have to be supported until the ARM32 port is moved to a newer release, but we hope this won’t be for much longer.

What’s New?

New in release 2.1.5 (2013-02-13)

New in release 2.2.5 (2013-02-13)

The tarballs can be downloaded from:

SHA256 checksums:

  • f8144e370379371d5d4db6955b43b371f4fa8a99a9dca404995a12af21d46974 icedtea-2.1.5.tar.gz
  • cf79e99c1a8ad8d0dcc1ef66c30a776d159ab4a64290d9c1affa0e304ba2e7b5 icedtea-2.2.5.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz

where ${version} is the version of IcedTea being used.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

This release updates our OpenJDK7 support to include the latest security updates just released:

This release has been delayed because the original patches supplied to us by Oracle introduced a number of regressions which were not resolved until fixes were made available over a week later in the OpenJDK 7u-dev repository. Most notably, building with OpenJDK6 was broken and we felt it unwise to ship in this state.

The regressions are as follows:

  • S8002068: Build broken: corba code changes unable to use new JDK 7 classes
  • S8004341: Two JCK tests fails with 7u11 b06
  • S8005615: Java Logger fails to load tomcat logger implementation (JULI)

Given the delay, we have also taken the opportunity to sync the repository with the upstream 7u-dev repository at the tag “jdk7u13-b20″. Oracle have continually omitted providing branches for security releases. Only the releases developed in the open (u2, u4 and u6) have branches and apparently the goal of 7u to ‘develop updates’ does not include developing ‘security updates’ as one would naturally assume. However, it has become clear that there must be such a branch internally as the security patches are pulled into the 7u repository and merged with its current state. Thus, although it is not possible to work on top of 7u13-b20 in the 7u trees (as the merge and later fixes are piled on top), we can pull just that tag and retrieve just the changesets we need without the ones destined for u8/u12/u14/whatever it’s called next week.

In short, examining the changesets resulting from “hg in -r jdk7u13-b20″ showed that there was no major changes in there, just a few fixes believed to be included
in u10 and upstream versions of the security patches. So we’ve included these changesets in this release in the hope of bringing something closer to u13 in IcedTea7 2.3.6, though obviously we can’t make any guarantees about how the two compare as the code of u13 is proprietary.

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below. Note that 2.3.5 was tagged in the forest and used by Fedora, but ended up being a forest-only release after the regressions were found.

What’s New?

New in release 2.3.6 (2013-02-12)

  • Security fixes
  • Backports
    • S7057320: test/java/util/concurrent/Executors/AutoShutdown.java failing intermittently
    • S7083664: TEST_BUG: test hard code of using c:/temp but this dir might not exist
    • S7107613: scalability blocker in javax.crypto.CryptoPermissions
    • S7107616: scalability blocker in javax.crypto.JceSecurityManager
    • S7146424: Wildcard expansion for single entry classpath
    • S7160609: [macosx] JDK crash in libjvm.dylib ( C [GeForceGLDriver+0x675a] gldAttachDrawable+0×941)
    • S7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar
    • S7162488: VM not printing unknown -XX options
    • S7169395: Exception throws due to the changes in JDK 7 object tranversal and break backward compatibility
    • S7175616: Port fix for TimeZone from JDK 8 to JDK 7
    • S7176485: (bf) Allow temporary buffer cache to grow to IOV_MAX
    • S7179908: Fork hs23.3 hsx from hs22.2 for jdk7u7 and reinitialize build number
    • S7184326: TEST_BUG: java/awt/Frame/7024749/bug7024749.java has a typo
    • S7185245: Licensee source bundle tries to compile JFR
    • S7185471: Avoid key expansion when AES cipher is re-init w/ the same key
    • S7186371: [macosx] Main menu shortcuts not displayed (7u6 regression)
    • S7187834: [macosx] Usage of private API in macosx 2d implementation causes Apple Store rejection
    • S7188114: (launcher) need an alternate command line parser for Windows
    • S7189136: Fork hs23.5 hsx from hs23.4 for jdk7u9 and reinitialize build number
    • S7189350: Fix failed for CR 7162144
    • S7190550: REGRESSION: Some closed/com/oracle/jfr/api tests fail to compile becuse of fix 7185245
    • S7193219: JComboBox serialization fails in JDK 1.7
    • S7193977: REGRESSION:Java 7′s JavaBeans persistence ignoring the “transient” flag on properties
    • S7195106: REGRESSION : There is no way to get Icon inf, once Softreference is released
    • S7195301: XML Signature DOM implementation should not use instanceof to determine type of Node
    • S7195931: UnsatisfiedLinkError on PKCS11.C_GetOperationState while using NSS from jre7u6+
    • S7197071: Makefiles for various security providers aren’t including the default manifest.
    • S7197652: Impossible to run any signed JNLP applications or applets, OCSP off by default
    • S7198146: Another new regression test does not compile on windows-amd64
    • S7198570: (tz) Support tzdata2012f
    • S7198640: new hotspot build – hs23.6-b04
    • S7199488: [TEST] runtime/7158800/InternTest.java failed due to false-positive on PID match.
    • S7199645: Increment build # of hs23.5 to b02
    • S7199669: Update tags in .hgtags file for CPU release rename
    • S7200720: crash in net.dll during NTLM authentication
    • S7200742: (se) Selector.select does not block when starting Coherence (sol11u1)
    • S7200762: [macosx] Stuck in sun.java2d.opengl.CGLGraphicsConfig.getMaxTextureSize(Native Method)
    • S8000285: Deadlock between PostEventQueue.noEvents, EventQueue.isDispatchThread and SwingUtilities.invokeLater
    • S8000286: [macosx] Views keep scrolling back to the drag position after DnD
    • S8000297: REGRESSION: closed/java/awt/EventQueue/PostEventOrderingTest.java fails
    • S8000307: Jre7cert: focusgained does not get called for all focus req when do alt + tab
    • S8000822: Fork hs23.7 hsx from hs23.6 for jdk7u11 and reinitialize build number
    • S8001124: jdk7u ProblemList.txt updates (10/2012)
    • S8001242: Improve RMI HTTP conformance
    • S8001808: Create a test for 8000327
    • S8001876: Create regtest for 8000283
    • S8002068: Build broken: corba code changes unable to use new JDK 7 classes
    • S8002091: tools/launcher/ToolsOpts.java test started to fail since 7u11 b01 on Windows
    • S8002114: fix failed for JDK-7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar
    • S8002225: (tz) Support tzdata2012i
    • S8003402: (dc) test/java/nio/channels/DatagramChannel/SendToUnresovled.java failing after 7u11 cleanup issues
    • S8003403: Test ShortRSAKeyWithinTLS and ClientJSSEServerJSSE failing after 7u11 cleanup
    • S8003948: NTLM/Negotiate authentication problem
    • S8004175: Restricted packages added in java.security are missing in java.security-{macosx, solaris, windows}
    • S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01
    • S8004341: Two JCK tests fails with 7u11 b06
    • S8005615: Java Logger fails to load tomcat logger implementation (JULI)
  • Bug fixes
    • Fix build using Zero’s HotSpot so all patches apply again.
    • PR1295: jamvm parallel unpack failure

The tarball can be downloaded from:

SHA256 checksums:

  • f55f2f2e5cdfa8b0429eaa56b4ecba7d63c701e867dbb636883c03cd8e64f4f9 icedtea-2.3.6.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (application of security fixes & backports, creation & testing of bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.3.6.tar.gz

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.3.6/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

This pair of releases for IcedTea6 is provided to fix a number of regressions introduced by the recent security releases (1.11.6 & 1.12.1). These patches were not included in the initial set of security patches from Oracle, but only became available when they pushed the changes to the OpenJDK Mercurial repositories.

The fixes are as follows:

  • S8004341: Two JCK tests fails with 7u11 b06
  • S8005615: Java Logger fails to load tomcat logger implementation (JULI)

We’ve also taken this opportunity to provide bug fixes for a couple of build issues which have been reported in the interim between this release and the last.

Full details of each release can be found below.

What’s New

New in release 1.11.7 (2013-02-11)

  • Backports
    • S8004341: Two JCK tests fails with 7u11 b06
    • S8005615: Java Logger fails to load tomcat logger implementation (JULI)
  • Bug fixes
    • PR1297: cacao and jamvm parallel unpack failures

New in release 1.12.2 (2013-02-11)

  • Backports
    • S8004341: Two JCK tests fails with 7u11 b06
    • S8005615: Java Logger fails to load tomcat logger implementation (JULI)
  • Bug fixes
    • PR1297: cacao and jamvm parallel unpack failures
    • PR1301: PR1171 causes builds of Zero to fail

The tarballs can be downloaded from:

SHA256 checksums:

  • 5a2c5a72a1cab0f2f1a9aa69cbfa462412816d4821426183c6e964cec5171543 icedtea6-1.11.7.tar.gz
  • 897a8834b8ddd6891f0eef46c0f799d11cbecf168c4383cfb26d0dad80328794 icedtea6-1.12.2.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (application of backports, creation & testing of bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

Many thanks to Omair Majid for preparing the 1.12.1 release while I was still returning home from FOSDEM. Much appreciated!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new security release is now available for the OpenJDK 6 series: 1.12.1. Regarding 7, we’ve hit bootstrapping issues that we’re trying to work around so it can still be built with OpenJDK 6, but if you fancy rolling your own using an earlier build of 7, the forests are already up-to-date for 2.3 as is the IcedTea7 2.3 repository.

The update contains the following security fixes:

Full details can be found below.

What’s New?

New in release 1.12.1 (2012-02-04)

The tarball can be downloaded from:

SHA256 checksum:

  • 8e73a3939ba8c2cca888defc6c90811c959273a9bc7bd1352338a72cefcf1157 icedtea6-1.12.1.tar.gz

The tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using Omair’s public key. See details below.

  • PGP Key: 66484681 (http://pgp.mit.edu/)
  • Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681

The following people helped with these releases:

  • Andrew John Hughes (applying all security patches & backports, release testing)
  • Omair Majid (identification of ordering issues with security patches, porting security patches to 1.12)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-1.12.1.tar.gz
$ cd icedtea-1.12.1

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

« Previous PageNext Page »