Security


We are pleased to announce the release of IcedTea 3.7.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the January 2018 security fixes from OpenJDK 8 u161.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.7.0 (2018-02-28)

  • Security fixes
  • Import of OpenJDK 8 u152 build 16
    • S4953367: MAWT: Java should be more careful manipulating NLSPATH, XFILESEARCHPATH env variables
    • S6772009: java/util/concurrent/locks/ReentrantLock/CancelledLockLoops.java test failed with ‘Completed != 2′
    • S6947916: JarURLConnection does not handle useCaches correctly
    • S6980209: Make tracking SecondaryLoop.enter/exit methods easier
    • S7052625: com/sun/net/httpserver/bugs/6725892/Test.java fails intermittently
    • S7102702: java/net/PortUnreachableException/OneExceptionOnly.java failing
    • S7131356: (props) “No Java runtime present, requesting install” when creating VM from JNI [macosx]
    • S7172652: With JDK 1.7 text field does not obtain focus when using mnemonic Alt/Key combin
    • S8022291: Mac OS: Unexpected JavaLaunchHelper message displaying
    • S8022580: sun.net.ftp.impl.FtpClient.nameList(String path) handles “null” incorrectly
    • S8025306: Inet[4|6]Address class and fieldID initialization in networking native code
    • S8028363: XmlGregorianCalendarImpl.getTimeZone() bug when offset is less than 10 minutes
    • S8028725: [Parfait] warnings from b116 for jdk.src.solaris.native.java.net: JNI pending exceptions
    • S8028769: Check src/share/native/java/lang/*.c for cases when JNI calls are used with pending warnings
    • S8029018: (bf) Check src/share/native/java/nio/Bits.c for JNI pending exceptions
    • S8030116: (process) Check Parfait warnings in src/solaris/native/java/lang/*
    • S8031586: Check jdk/src/*/native/com/sun/security/auth/module for pending JNI exceptions
    • S8033371: jdk/src/solaris/native/java/lang/ProcessEnvironment.c environ doesn’t check for JNI pending exceptions
    • S8033372: Check jdk/src/share/native/java/lang for JNI pending exception issues
    • S8034102: Check solaris/native/sun/nio/fs/MacOSXNativeDispatcher.c for JNI pending exceptions
    • S8034249: need more workarounds for suspend equivalent condition issue
    • S8035158: Remove dependency on sun.misc.RegexpPool and friends
    • S8035568: [macosx] Cursor management unification
    • S8035653: InetAddress.getLocalHost crash
    • S8037346: Need to terminate server process if client runs into problems
    • S8037909: JNI warnings in jdk/src/windows/native/java/nio/MappedByteBuffer.c
    • S8038075: JNI warnings in jdk/src/share/native/sun/misc/VMSupport.c
    • S8038348: Instance field load is replaced by wrong data Phi
    • S8039412: Stack overflow on Linux using DialogTypeSelection.NATIVE
    • S8040322: TextArea.replaceRange() and insert() are broken with setText(null)
    • S8040635: [macosx] Printing a shape filled with a texture doesn’t work under Mac OS X
    • S8043913: remove legacy code in SPARC’s VM_Version::platform_features
    • S8046768: com/sun/jndi/ldap/LdapTimeoutTest.java fails intermittently
    • S8046893: JNI exception pending in jdk/src/solaris/native/java/net: ExtendedOptionsImpl.c, PlainDatagramSocketImpl.c
    • S8046901: Check jdk/src/solaris/native/sun/nio for Parfait flagged uninitialized memory
    • S8049717: expose L1_data_cache_line_size for diagnostic/sanity checks
    • S8050478: [macosx] Cursor not updating correctly after closing a modal dialog
    • S8054214: JapaneseEra.getDisplayName doesn’t return names if it’s an additional era
    • S8055204: Memory leak in jdk/src/windows/native/java/lang/java_props_md.c
    • S8058316: lookupDefaultPrintService returns null on Solaris 11
    • S8061258: [macosx] PrinterJob’s native Print Dialog does not reflect specified Copies or Page Ranges
    • S8064470: JNI exception pending in jdk/src/java/base/unix/native/libjava/FileDescriptor_md.c
    • S8066250: compiler/dependencies/MonomorphicObjectCall/TestMonomorphicObjectCall.java fails product
    • S8067059: PrinterJob.pageDialog() with DialogSelectionType.NATIVE returns a PageFormat when cancelled.
    • S8071424: JCK test api/java_net/Socket/descriptions.html#Bind crashes on Windows
    • S8075516: Deleting a file from either the open or save java.awt.FileDialog hangs.
    • S8076249: NPE in AccessBridge while editing JList model
    • S8076554: [macosx] Custom Swing text components need to allow standard accessibility
    • S8080486: JNI exception pending in jdk/src/java.base/windows/native/libnet/DualStackPlainSocketImpl.c
    • S8081219: hs_err improvement: Add event logging for class redefinition to the hs_err file
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8087342: Crash in klassItable::initialize_itable_for_interface
    • S8089573: [macosx] Incorrect char to glyph mapping printing on OSX 10.10
    • S8129361: ISO 4217 amendment 160
    • S8130041: TsacertOptionTest.java intermittently fails on Mac
    • S8132209: DiagnosticCommandImpl.getNotificationInfo() may expose internal representation
    • S8132455: com/sun/jndi/ldap/LdapTimeoutTest.java fails at handleNamingException
    • S8134119: Use new API to get cache line sizes
    • S8134389: Crash in HotSpot with jvm.dll+0x42b48 ciObjectFactory::create_new_metadata
    • S8134918: C2: Type speculation produces mismatched unsafe accesses
    • S8135124: com/sun/jndi/ldap/LdapTimeoutTest.java failed intermittently
    • S8136570: Stop changing user environment variables related to /usr/dt
    • S8139189: VK_OEM_102 dead key detected as VK_UNDEFINED
    • S8140309: [REDO] failed: no mismatched stores, except on raw memory: StoreB StoreI
    • S8140525: AwtFrame::WmShowWindow() may steal focus
    • S8141370: com/sun/jndi/ldap/LdapTimeoutTest.java failed intermittently
    • S8143897: Weblogic12medrec assert(handler_address == SharedRuntime::compute_compiled_exc_handler(nm, pc, exception, force_unwind, true)) failed: Must be the same
    • S8145207: [macosx] JList, VO can’t access non-visible list items
    • S8145732: Duplicate entry in http.nonProxyHosts will ignore subsequent entries
    • S8145952: ISO 4217 amendment 161
    • S8145981: (fs) LinuxWatchService can reports events against wrong directory
    • S8146961: Fix PermGen memory leaks caused by static final Exceptions
    • S8147772: Update KerberosTicket to describe behavior if it has been destroyed and fix NullPointerExceptions
    • S8149521: automatic discovery of LDAP servers with Kerberos authentication
    • S8149714: [parfait] char array lengths don’t match in awt_Font.cpp:1701
    • S8152000: Java FlightRecorder does not run on Java 8 compact 3 profile since u65
    • S8152172: PPC64: Support AES intrinsics
    • S8152730: File Leak in CompileBroker::init_compiler_thread_log of compileBroker.cpp:1665.
    • S8152981: Double icons with JMenuItem setHorizontalTextPosition on Win 10
    • S8153134: Infinite loop in handle_wrong_method in jmod
    • S8153176: ParOldGC: Use correct TaskQueueSet for ParallelTaskTerminator in marking.
    • S8153267: nmethod’s exception cache not multi-thread safe
    • S8153925: (fs) WatchService hangs on GetOverlappedResult and locks directory (win)
    • S8154945: Enable 8130150 and 8081778 intrinsics by default
    • S8155691: Update GIFlib library to the latest up-to-date
    • S8155781: C2: opaque unsafe access triggers an assert
    • S8156116: [macosx] two JNI locals to delete in AWTWindow.m, CGraphicsEnv.m
    • S8156723: JVM crash at sun.java2d.windows.GDIBlitLoops.nativeBlit
    • S8157035: Use stronger algorithms and keys for JSSE testing
    • S8157181: Compilers accept modification of final fields outside initializer methods
    • S8157184: java/lang/invoke/LFCaching/LFMultiThreadCachingTest.java failed with a fatal error
    • S8157548: JVM crashes sometimes while starting
    • S8157665: ProblemList.txt needs to be updated as 7041639 closed
    • S8158325: [macosx] Memory leak in com.apple.laf.ScreenMenu
    • S8158356: SIGSEGV when attempting to rotate BufferedImage using AffineTransform by NaN degrees
    • S8158639: C2 compilation fails with SIGSEGV
    • S8159035: CTSMode.java test crashed due to unhandled case of cipher length value as 0
    • S8159696: java.beans.MethodRef#get throws NullPointerException
    • S8160024: jdb returns invalid argument count if first parameter to Arrays.asList is null
    • S8160119: Utils.tryFindJvmPid sometimes find incorrect pid
    • S8160174: java.net.NetworkInterface – fixes and improvements for network interface listing
    • S8160370: System.getProperty(“os.version”) returns “Unknown” on Mac
    • S8160551: assert(c == Bytecodes::_putfield) failed: must be putfield
    • S8160570: [macosx] modal dialog can skip the activation/focus events
    • S8160623: [PIT] Exception running java/awt/event/KeyEvent/KeyChar/KeyCharTest.java
    • S8160664: JVM crashed with font manager on Solaris 12
    • S8160696: IllegalArgumentException: adding a component to a container on a different GraphicsDevice
    • S8160893: [macosx] JMenuItems in JPopupMenu are not accessible
    • S8160913: [TEST_BUG] javax/management/security/SecurityTest.java fails due to missing keyStore file
    • S8160941: “text/uri-list” dataflavor concats the first two strings
    • S8161039: System.getProperty(“os.version”) returns incorrect version number on Mac
    • S8161664: Memory leak in com.apple.laf.AquaProgressBarUI removed progress bar still referenced
    • S8161733: [parfait] Memory leak in imageioJPEG.c:2803
    • S8161742: [parfait] Uninitialised memory in isXTestAvailable of awt_Robot.c:65
    • S8161761: [parfait] 2 JNI exception pending defect groups in GraphicsPrimitiveMgr.c
    • S8162101: C2: Handle “wide” aliases for unsafe accesses
    • S8162488: JDK should be updated to use LittleCMS 2.8
    • S8162496: missing precedence edge for anti_dependence
    • S8162598: XSLTC transformer swallows empty namespace declaration which is needed to undeclare default namespace
    • S8162603: Unrecognized VM option ‘UseCountedLoopSafepoints’
    • S8162766: Unsafe_DefineClass0 accesses raw oops while in _thread_in_native
    • S8162795: [REDO] MemberNameTable doesn’t purge stale entries
    • S8162796: [macosx] LinearGradientPaint and RadialGradientPaint are not printed on OS X.
    • S8163104: Unexpected NPE still possible on some Kerberos ticket calls
    • S8163181: Further improvements for Unix NetworkInterface native implementation
    • S8163518: Integer overflow in StringBufferInputStream.read() and CharArrayReader.read/skip()
    • S8163877: Tests added in JDK-8163518 fail on some platforms
    • S8163896: Finalizing one key of a KeyPair invalidates the other key
    • S8163945: Honor Number type hint in toPrimitive on Numbers
    • S8163969: Cyclic interface initialization causes JVM crash
    • S8163979: [macosx] Chinese text shows as Latin w/ openVanilla input method
    • S8164002: Add a new CPU family (S_family) for SPARC S7 and above processors
    • S8164119: MoveToOtherScreenTest fails due wrong key attribute
    • S8164366: ZoneOffset.ofHoursMinutesSeconds() does not reject invalid input
    • S8164501: Uninitialised memory in byteArrayToPacket of SharedMemoryConnection.c
    • S8164508: unexpected profiling mismatch in c1 generated code
    • S8164784: ISO 4217 amendment 162
    • S8164846: CertificateException missing cause of underlying exception
    • S8165153: Crash in rebuild_cpu_to_node_map
    • S8165243: Base64.Encoder.wrap(os).write(byte[],int,int) with incorrect arguments should not produce output
    • S8165320: Small flaw when integrating 8160174 to JDK8
    • S8165428: Security Warning dialog should be always on the top when multiple applets with APPLICATION_MODAL dialog launched in a browser
    • S8165482: java in ldoms, with cpu-arch=generic has problems
    • S8165717: [macosx] Various memory leaks in jdk9
    • S8165751: NPE hit with java.security.debug=provider
    • S8165829: Android Studio 2.x crashes with NPE at sun.lwawt.macosx.CAccessibility.getAccessibleIndexInParent
    • S8165988: Test JarURLConnectionUseCaches.java fails at windows: failed to clean up files after test
    • S8166248: tools/pack200/Pack200Test.java fails on Win32: Could not reserve enough space
    • S8166507: ConcurrentSkipListSet.clear() can leave the Set in an invalid state
    • S8166747: Add invalid network / computer name cases to isReachable known failure switch
    • S8166799: ASSEMBLY_EXCEPTION contains historical company name
    • S8166840: Synthetic bridge constructor in ArrayList$Itr blocks inlining
    • S8166872: GPL header in /hotspot/src/share/vm/gc_implementation/g1/g1RemSetSummary.cpp
    • S8166902: Nested object literal property maps not reset in optimistic recompilation
    • S8167102: [macosx] PrintRequestAttributeSet breaks page size set using PageFormat
    • S8168115: Remove and retag jdk8u122-b03 in 8u repo
    • S8168364: [macosx] Delete unused class NSPrintinfo
    • S8168373: don’t emit conversions for symbols outside their lexical scope
    • S8168405: Pending exceptions in java.base/windows/native
    • S8168751: Two “Direct Clip” threads are created to play the same “AudioClip” object, what makes clip sound corrupted
    • S8168914: Crash in ClassLoaderData/JNIHandleBlock::oops_do during concurrent marking
    • S8169056: StringIndexOutOfBoundsException in Pattern.compile with CANON_EQ flag
    • S8169112: java.lang.VerifyError: (class: GregorSamsa, method: template-bash signature: (LGregorSamsa8;)V) Register 10 contains wrong type
    • S8169229: RSAClientKeyExchange debug info is incorrect
    • S8169355: Diacritics input works incorrectly on Windows if Spanish (Latin American) keyboard layout is used
    • S8169481: StackOverflowError on start when parsing PAC file to autodetect Proxy settings
    • S8169556: Wrapping of FileInputStream’s native skip and available methods
    • S8169865: Downport minor fixes in java.net native code from JDK 9 to JDK 8
    • S8170153: PPC64/s390x/aarch64: Poor StrictMath performance due to non-optimized compilation
    • S8170278: ticket renewal won’t happen with debugging turned on
    • S8170409: CMS: Crash in CardTableModRefBSForCTRS::process_chunk_boundaries
    • S8170465: JNI exception pending in jni_util.c:190
    • S8170466: JNI exception pending in jni_util.c:190
    • S8170536: Uninitialised memory in set_uintx_flag of attachListener.cpp
    • S8170552: [macosx] Wrong rendering of diacritics on macOS
    • S8170565: JSObject call() is passed undefined for the argument ‘thiz’
    • S8170578: CUPS Printing is broken with Ubuntu 16.10 (CUPS 2.2)
    • S8170594: >>>=0 generates invalid bytecode for BaseNode LHS
    • S8170913: Java “1.8.0_112″ on Windows 10 displays different characters for EUDCs from ones created in eudcedit.exe.
    • S8170950: Text is displayed in bold when fonts are installed into symlinked folder
    • S8170977: SparseArrayData should not grow its underlying dense array data
    • S8171151: JDK8u ProblemList.txt Updates
    • S8171155: Scanning method file for initialized final field updates can fail for non-existent fields
    • S8171194: Exception “Duplicate field name&signature in class file” should report the name and signature of the field
    • S8171219: Missing checks in sparse array shift() implementation
    • S8171808: Performance problems in dialogs with large tables when JAB activated
    • S8171849: Collection and Queue conversions not prioritized for Arrays
    • S8171909: [PIT] on Windows, failure of java/awt/Dialog/DialogAboveFrame/DialogAboveFrameTest.java
    • S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked.
    • S8172053: (ppc64) Downport of 8170153 breaks build on linux/ppc64 (big endian)
    • S8172145: C2: anti dependence missed because store hidden by membar
    • S8173373: C1: NPE is thrown instead of LinkageError when accessing inaccessible field on NULL receiver
    • S8173423: Wrong display name for supplemental Japanese era
    • S8173581: performance regression in com/sun/crypto/provider/OutputFeedback.java
    • S8173654: Regression since 8u60: System.getenv doesn’t return env var set in JNI code
    • S8173664: Typo in https://java.net/downloads/heap-snapshot/hprof-binary-format.html
    • S8173853: IllegalArgumentException in java.awt.image.ReplicateScaleFilter
    • S8173876: Fast precise scrolling and DeltaAccumulator fix for macOS Sierra 10.12.2
    • S8174736: [JCP] [Mac]Cannot launch JCP on Mac os with language set to “Chinese, Simplified” while region is not China
    • S8174779: Locale issues with Mac 10.12
    • S8175025: The copyright section in the test/java/awt/font/TextLayout/DiacriticsDrawingTest.java should be updated
    • S8175131: sun.rmi.transport.tcp.TCPChannel.createConnection close connection on timeout
    • S8175345: Reported null pointer dereference defect groups
    • S8175915: NullPointerException from JComboBox and JList when Accessibility enabled
    • S8176287: [macosx] The print test crashed with Nimbus L&F
    • S8176490: [macosx] Sometimes NSWindow.isZoomed hangs
    • S8176511: JSObject property access is broken for numeric keys outside the int range
    • S8176530: JDK support for JavaFX modal print dialogs
    • S8177095: Range check dependent CastII/ConvI2L is prematurely eliminated
    • S8177450: javax.swing.text.html.parser.Parser parseScript ignores a character after commend end
    • S8177678: Overstatement of universality of Era.getDisplayName() implementation
    • S8177776: Create an equivalent test case for JDK9′s SupplementalJapaneseEraTest
    • S8177817: Remove assertions in 8u that were removed by 8056124 in 9.
    • S8179515: Class java.util.concurrent.ThreadLocalRandom fails to Initialize when using SecurityManager
    • S8180511: Null pointer dereference in Matcher::ReduceInst()
    • S8180565: Null pointer dereferences of ConstMethod::method()
    • S8180575: Null pointer dereference in LoadNode::Identity()
    • S8180576: Null pointer dereference in Matcher::xform()
    • S8180617: Null pointer dereference in InitializeNode::complete_stores
    • S8180660: missing LNT entry for finally block
    • S8180813: Null pointer dereference of CodeCache::find_blob() result
    • S8180934: PutfieldError failed with UnsupportedClassVersionError
    • S8180949: Correctly handle exception in TCPChannel.createConnection
    • S8181191: getUint32 returning Long
    • S8181192: [macos] javafx.print.PrinterJob.showPrintDialog() hangs on macOS
    • S8181205: JRE fails to load/register security providers when started from UNC pathname
    • S8181500: [TESTBUG] com/sun/jdi/LineNumberInfo.java fails with jArrayIndexOutOfBoundsException
    • S8182672: Java 8u121 on Linux intermittently returns null for MAC address
    • S8185779: 8u152 L10n resource file update
    • S8186532: 8u152 L10n resource file update md20
  • Import of OpenJDK 8 u161 build 12
    • S8035105: DNS provider cleanups
    • S8137255: sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java timeouts intermittently
    • S8140436: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
    • S8148108: Disable Diffie-Hellman keys less than 1024 bits
    • S8148421, PR3504: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
    • S8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java fails on solaris
    • S8156502: Use short name of SupportedEllipticCurvesExtension.java
    • S8158116: com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java failed with timeout
    • S8159240: XSOM parser incorrectly processes type names with whitespaces
    • S8159377: JMX Connections need white-list filters
    • S8161598: Kitchensink fails: assert(nm->insts_contains(original_pc)) failed: original PC must be in nmethod/CompiledMethod
    • S8163237: Restrict the use of EXPORT cipher suites
    • S8166362: [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01
    • S8169944: sun/security/tools tests fail with CompilationError
    • S8170157: Enable unlimited cryptographic policy by default in OracleJDK
    • S8170245: [TEST_BUG] Cipher tests fail when running with unlimited policy
    • S8170911: 8170823 changes in 8u131 causing signature-test failure in jck runtime8b suite
    • S8171262: Stability fixes for lcms
    • S8172297: In java 8, the marshalling with JAX-WS does not escape carriage return
    • S8173631: Backout three hotspot fixes from 8u121-bpr repo
    • S8176536: Improved algorithm constraints checking
    • S8177144: [TEST BUG] sun/net/www/http/HttpClient/B8025710.java should run in ovm mode
    • S8177750: Forgot TestSocketFactory testcase in 8163958 changeset
    • S8178536: OOM ERRORS + SERVICE-THREAD TAKES A PROCESSOR TO 100%
    • S8178728: Check the AlgorithmParameters in algorithm constraints
    • S8179223: Integrate 8176490 into 8u131-bpr repo
    • S8181439: Test the jdk.tls.namedGroups System Property
    • S8181975: Run sun/security/pkcs11 tests on Mac
    • S8182614: Backout JDK-8140436 from 8u161
    • S8183939: Import JDK-8182672 into 8u141-bpr repo
    • S8184016: Text in native popup is not always updated with Sogou IME
    • S8185572: Enable AssumeMP by default on SPARC machines
    • S8185628: Backport jdk/test/lib/testlibrary/CompilerUtils.java to jdk8u which is helpful in test development
    • S8185719: rmi TestSocketFactory does not flush
    • S8185909: Disable JARs signed with DSA keys less than 1024 bits
    • S8186539: [testlibrary] TestSocketFactory should allow triggers before match/replace
    • S8187482: Backout JDK-8159377
    • S8187556: Backout of a fix reintroduced a dependency that had since been removed
    • S8188880: A JAXB JCK test failure found after 8186080
    • S8190258, PR3499: (tz) Support tzdata2017c
    • S8190259, PR3499: test tck.java.time.zone.TCKZoneRules is broken by tzdata2017c
    • S8190266: closed/java/awt/ComponentOrientation/WindowTest.java throws java.util.MissingResourceException.
    • S8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java fails on Solaris x64 5.10
    • S8190497: DHParameterSpec.getL() returns zero after JDK-8072452
    • S8190541: 8u161 L10n resource file update
    • S8190789: sun/security/provider/certpath/LDAPCertStore/TestURICertStoreParameters.java fails after JDK-8186606
    • S8191137, PR3503: keytool fails to format resource strings for keys for some languages after JDK-8171319
    • S8191340: 8ux linux builds failing – com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl (unknown type)
    • S8191352: Remove 8u161-b07 and 8u162-b07 tag to include 8191340 for b07
    • S8191907: PPC64 part of JDK-8174962: Better interface invocations
    • S8192793: 8u161 L10n resource file update md20
    • S8193683: Increase the number of clones in the CloneableDigest
  • Backports
    • S8165996, PR3506: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite
    • S8170523, PR3506: Some PKCS11 test cases are ignored with security manager
    • S8187667, PR3517: Disable deprecation warning for readdir_r
    • S8189789, PR3530: tomcat gzip-compressed response bodies appear to be broken in update 151
    • S8194739, PR3520: Zero port of 8174962: Better interface invocations
    • S8194828, PR3520: Fix for 8194739: Zero port of 8174962: Better interface invocations
    • S8195837, PR3522: (tz) Upgrade time-zone data to tzdata2018c
    • S8196516, PR3523: [REDO] [linux] libfontmanager should be linked against headless awt library
    • S8196978, PR3517: JDK-8187667 fails on GCC 4.4.7 as found on RHEL 6
  • Bug fixes
    • PR3489: Incomplete reading of directory containing tzdb.dat
    • PR3501: Revert 8165320 so as not to revert the work of 8034174 (PR2290)
    • PR3526: configure fails to parse GCC version
  • AArch64 port
    • S8164113, PR3519: AArch64: follow-up the fix for 8161598
    • S8193133, PR3519: Assertion failure because 0xDEADDEAD can be in-heap
    • S8194686, PR3519: AArch64 port of 8174962: Better interface invocations
    • S8195859, PR3519: AArch64: vtableStubs gtest fails after 8174962
    • S8196136, PR3519: AArch64: Correct register use in patch for JDK-8194686
    • S8196221, PR3519: AArch64: Mistake in committed patch for JDK-8195859
    • PR3519: Fix functions with missing return value.
    • PR3519: Fix further functions with a missing return value.
  • AArch32 port
    • S8140584: [aarch32] nmethod::oops_do_marking_epilogue always runs verification code
    • S8174962: [aarch32] Better interface invocations
  • Shenandoah
    • Fix post-CPU merge Shenandoah regressions

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 936302694e193791885e81cf72097eeadee5b68ba220889228b0aafbfb2cb654 icedtea-3.7.0.tar.gz
  • 1361859f0436dd542bb3aa0e1441331158217fcc4e12ead9c1b23654811cf7ea icedtea-3.7.0.tar.gz.sig
  • bc50a4df0e9f81cb58e0e0cbd10bc7efda4f7ff11026b43d3b9ab19b91fdd827 icedtea-3.7.0.tar.xz
  • 4c252427ca9164663e4090279143a28889adf8cf6fd8240b6b34a023a71b4eb3 icedtea-3.7.0.tar.xz.sig

The checksums can be downloaded from:

A 3.7.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.7.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.7.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.7.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the January 2018 security fixes from OpenJDK 7 u171.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.13 (2018-02-27)

  • Security fixes
  • Import of OpenJDK 7 u171 build 0
    • S7171982: Cipher getParameters() throws RuntimeException: Cannot find SunJCE provider
    • S7172652: With JDK 1.7 text field does not obtain focus when using mnemonic Alt/Key combin
    • S8022532: [parfait] Potential memory leak in gtk2_interface.c
    • S8031003: [Parfait] warnings from jdk/src/share/native/sun/security/jgss/wrapper: JNI exception pending
    • S8035105: DNS provider cleanups
    • S8041781: Need new regression tests for PBE keys
    • S8041787: Need new regressions tests for buffer handling for PBE algorithms
    • S8044193: Need to add known answer tests for AES cipher
    • S8048601: Tests for JCE crypto ciphers (part 1)
    • S8048819: Implement reliability test for DH algorithm
    • S8072452: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
    • S8075286: Additional tests for signature algorithm OIDs and transformation string
    • S8137255: sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java timeouts intermittently
    • S8141243: Unexpected timezone returned after parsing a date
    • S8144593: Suppress not recognized property/feature warning messages from SAXParser
    • S8147969: Print size of DH keysize when errors are encountered
    • S8148108: Disable Diffie-Hellman keys less than 1024 bits
    • S8148421, PR3505: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
    • S8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java fails on solaris
    • S8156502: Use short name of SupportedEllipticCurvesExtension.java
    • S8157548: JVM crashes sometimes while starting
    • S8157603: TestCipher.java doesn’t check one of the decrypted message as expected
    • S8158116: com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java failed with timeout
    • S8159240: XSOM parser incorrectly processes type names with whitespaces
    • S8163237: Restrict the use of EXPORT cipher suites
    • S8163958: Improved garbage collection [test case]
    • S8166248: tools/pack200/Pack200Test.java fails on Win32: Could not reserve enough space
    • S8166362: [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01
    • S8170157: Enable unlimited cryptographic policy by default in OracleJDK
    • S8170245: [TEST_BUG] Cipher tests fail when running with unlimited policy
    • S8170536: Uninitialised memory in set_uintx_flag of attachListener.cpp
    • S8177144: [TEST BUG] sun/net/www/http/HttpClient/B8025710.java should run in ovm mode
    • S8178728: Check the AlgorithmParameters in algorithm constraints
    • S8180048: Interned string and symbol table leak memory during parallel unlinking
    • S8184016: Text in native popup is not always updated with Sogou IME
    • S8185628: Backport jdk/test/lib/testlibrary/CompilerUtils.java to jdk8u which is helpful in test development
    • S8185719: rmi TestSocketFactory does not flush
    • S8185909: Disable JARs signed with DSA keys less than 1024 bits
    • S8186539: [testlibrary] TestSocketFactory should allow triggers before match/replace
    • S8187667, PR3518: Disable deprecation warning for readdir_r
    • S8188880: A JAXB JCK test failure found after 8186080
    • S8190258, PR3500: (tz) Support tzdata2017c
    • S8190259, PR3500: test tck.java.time.zone.TCKZoneRules is broken by tzdata2017c
    • S8190266: closed/java/awt/ComponentOrientation/WindowTest.java throws java.util.MissingResourceException.
    • S8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java fails on Solaris x64 5.10
    • S8190497: DHParameterSpec.getL() returns zero after JDK-8072452
    • S8190541: 8u161 L10n resource file update
    • S8190789: sun/security/provider/certpath/LDAPCertStore/TestURICertStoreParameters.java fails after JDK-8186606
    • S8192793: 8u161 L10n resource file update md20
    • S8193683: Increase the number of clones in the CloneableDigest
    • S8194859: Bad backport of 8024468 breaks Zero build due to lack of 8010862 in OpenJDK 7
    • S8195837: (tz) Upgrade time-zone data to tzdata2018c
  • Import of OpenJDK 7 u171 build 1
    • S8007772: G1: assert(!hr->isHumongous() || mr.start() == hr->bottom()) failed: the start of HeapRegion and MemRegion should be consistent for humongous regions
    • S8022956: Clang: enable return type warnings on BSD
    • S8043029: Change 8037816 breaks HS build with older GCC versions which don’t support diagnostic pragmas
    • S8048169: Change 8037816 breaks HS build on PPC64 and CPP-Interpreter platforms
    • S8062808: Turn on the -Wreturn-type warning
    • S8064786: Fix debug build after 8062808: Turn on the -Wreturn-type warning
    • S8143245: Zero build requires disabled warnings
    • S8196952, PR3525: Bad primeCertainty value setting in DSAParameterGenerator
    • S8196978: JDK-8187667 fails on GCC 4.4.7 as found on RHEL 6
    • S8197510: fastdebug builds fail due to lack of p2i
    • S8197801: Zero debug build fails on “assert(labs(istate->_stack_base – istate->_stack_limit) == (istate->_method->max_stack() + extra_stack_entries + 1)) failed: bad stack limit”
  • Import of OpenJDK 7 u171 build 2
    • S8197981: Missing return statement in __sync_val_compare_and_swap_8
  • Backports
    • S7189886, PR3507: (aio) Add test coverage for AsynchronousChannelGroup.withThreadPool
    • S7200306, PR3507: SunPKCS11 provider delays the check of DSA key size for SHA1withDSA to sign() instead of init()
    • S8012930, PR3507: (fs) Eliminate recursion from FileTreeWalker
    • S8013647, PR3507: JPRT unable to clean-up after tests that leave file trees with loops
    • S8020321, PR3507: Problem in PKCS11 regression test TestRSAKeyLength
    • S8022313, PR3507: sun/security/pkcs11/rsa/TestKeyPairGenerator.java failed in aurora
    • S8027218, PR3507: TEST_BUG: sun/security/pkcs11/ec tests fail because of ever-changing key size restrictions
    • S8029158, PR3507: sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run)
    • S8031113, PR3507: TEST_BUG: java/nio/channels/AsynchronousChannelGroup/Basic.java fails intermittently
    • S8048603, PR3507: Additional tests for MAC algorithms
    • S8048622, PR3507: Enhance tests for PKCS11 keystores with NSS
    • S8075565, PR3337: Define @intermittent jtreg keyword and mark intermittently failing jdk tests
    • S8075670, PR3507: Remove intermittent keyword from some tests
    • S8078334, PR3507: Mark regression tests using randomness
    • S8078880, PR3507: Mark a few more intermittently failuring security-libs
    • S8133318, PR3507: Exclude intermittent failing PKCS11 tests on Solaris SPARC 11.1 and earlier
    • S8144539, PR3507: Update PKCS11 tests to run with security manager
    • S8151731, PR3337: Add new jtreg keywords to jdk 8
    • S8165996, PR3507: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite
    • S8170523, PR3507: Some PKCS11 test cases are ignored with security manager
    • S8196516, PR3524: [REDO] [linux] libfontmanager should be linked against headless awt library
  • AArch64 port
    • S8193133, PR3521: Assertion failure because 0xDEADDEAD can be in-heap
    • PR3521: Fix functions with missing return value.
    • PR3521: Fix further functions with a missing return value.

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 7528c905da9b1c09aef16a938e7d879c8cdb14f93b1a25f0ec041307572c3d4f icedtea-2.6.13.tar.gz
  • f4f98da8894fbcf9e55a1a5cec9f23b6281aa0cb4cc1714be61b0a25e916383f icedtea-2.6.13.tar.gz.sig
  • 104e84205d1176e217e24f770784c53d1cd666aeb23ab0bae8ac858e5b0e63f0 icedtea-2.6.13.tar.xz
  • 7e81a4d785484e1dbc504ca418be84d8393b5d790cc11f1cd61c8f6cefa0543c icedtea-2.6.13.tar.xz.sig

The checksums can be downloaded from:

A 2.6.13 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.13.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.13.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.13/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the October 2017 security fixes from OpenJDK 7 u161.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.12 (2017-12-05)

  • Security fixes
  • Import of OpenJDK 7 u161 build 0
    • S6475361: Attempting to remove help menu from java.awt.MenuBar throws NullPointerException
    • S6637288: Add OCSP support to PKIX CertPathBuilder implementation
    • S6854712: Revocation checking enhancements (JEP-124)
    • S6904367: (coll) IdentityHashMap is resized before exceeding the expected maximum size
    • S7015157: String “Tabular Navigation” should be rephrased for avoiding mistranslation
    • S7115744: Do not call File::deleteOnExit in security tests
    • S7126011: ReverseBuilder.getMatchingCACerts may throws NPE
    • S7147336: clarification on warning of keytool -printcrl
    • S7162687: enhance KDC server availability detection
    • S7176627: CertPath/jep124/PreferCRL_SoftFail test fails (Could not determine revocation status)
    • S7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with NullPointerException
    • S7196382: PKCS11 provider should support 2048-bit DH
    • S7197672: There are issues with shared data on windows
    • S7199939: DSA 576 and 640 bit keys fail when initializing for No precomputed parameters
    • S8002074: Support for AES on SPARC
    • S8005408: KeyStore API enhancements
    • S8006863: javadoc cleanup for 8005408
    • S8006946: PKCS12 test failure due to incorrect alias name
    • S8006951: Avoid storing duplicate PKCS12 attributes
    • S8006994: Cleanup PKCS12 tests to ensure streams get closed
    • S8007483: attributes are ignored when loading keys from a PKCS12 keystore
    • S8007967: Infinite loop can happen in sun.security.provider.certpath.SunCertPathBuilder.depthFirstSearchForward()
    • S8010112: NullPointerException in sun.security.provider.certpath.CertId()
    • S8012900: CICO ignores AAD in GCM mode (with refactoring from 6996769)
    • S8015571: OCSP validation fails if ocsp.responderCertSubjectName is set
    • S8016252: More defensive HashSet.readObject
    • S8025215: jdk8 l10n resource file translation update 4
    • S8026943: SQE test jce/Global/Cipher/SameBuffer failed
    • S8027575: b113 causing a lot of memory allocation and regression for wls_webapp_atomics
    • S8029659: Keytool, print key algorithm of certificate or key entry
    • S8029788: Certificate validation – java.lang.ClassCastException
    • S8031825: OCSP client can’t find responder cert if it uses a different subject key id algorithm than responderID
    • S8033117: PPC64: Adapt to 8002074: Support for AES on SPARC
    • S8035623: [parfait] JNI exception pending in jdk/src/windows/native/sun/windows/awt_Font.cpp
    • S8049312: AES/CICO test failed with on several modes
    • S8050374: More Signature tests
    • S8057810: New defaults for DSA keys in jarsigner and keytool
    • S8062552: Support keystore type detection for JKS and PKCS12 keystores
    • S8068427: Hashtable deserialization reconstitutes table with wrong capacity
    • S8068881: SIGBUS in C2 compiled method weblogic.wsee.jaxws.framework.jaxrpc.EnvironmentFactory$SimulatedWsdlDefinitions.<init>
    • S8075484, PR3474, RH1490713: SocketInputStream.socketRead0 can hang even with soTimeout set
    • S8077670: sun/security/krb5/auto/MaxRetries.java may fail with BindException
    • S8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8136534: Loading JKS keystore using non-null InputStream results in closed stream
    • S8149411: PKCS12KeyStore cannot extract AES Secret Keys
    • S8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout
    • S8157561: Ship the unlimited policy files in JDK Updates
    • S8158517: Minor optimizations to ISO10126PADDING
    • S8164846: CertificateException missing cause of underlying exception
    • S8165751: NPE hit with java.security.debug=provider
    • S8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
    • S8173853: IllegalArgumentException in java.awt.image.ReplicateScaleFilter
    • S8176536: Improved algorithm constraints checking
    • S8177569: keytool should not warn if signature algorithm used in cacerts is weak
    • S8178714: PKIX validator nameConstraints check failing after change 8175940
    • S8179423: 2 security tests started failing for JDK 1.6.0 u161 b05
    • S8179564: Missing @bug for tests added with JDK-8165367
    • S8181048: Refactor existing providers to refer to the same constants for default values for key length
    • S8182879: Add warnings to keytool when using JKS and JCEKS
    • S8184673, PR3476: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers
    • S8184937: LCMS error 13: Couldn’t link the profiles
    • S8185039: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185040: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185778: 8u151 L10n resource file update
    • S8185845: Add SecurityTools.java test library
    • S8186503: sun/security/tools/jarsigner/DefaultSigalg.java failed after backport to JDK 6/7/8
    • S8186533: 8u151 L10n resource file update md20
    • S8191137: keytool fails to format resource strings for keys for some languages after JDK-8171319
    • S8191840: Update localizations with positional arguments following JDK-8191137
    • S8191845: [TEST_BUG] Too many new-lines in backport of WeakAlg test
  • Import of OpenJDK 7 u151 build 1
    • S8035640: JNU_CHECK_EXCEPTION should support c++ JNI syntax
  • Backports
  • Bug fixes
  • AArch64 port
    • S8145438, PR3443, RH1482244: Guarantee failures since 8144028: Use AArch64 bit-test instructions in C2
    • PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 90183fc86a001d8832ef5b9ba8617d11bde1c5f595d3da6493de7f4d7c35b68a icedtea-2.6.12.tar.gz
  • 9f0c534914188c61b88662c4072bcf87c6dafac6aedef98f3752e30c1794c25d icedtea-2.6.12.tar.gz.sig
  • f3de9f5ea1a447fe8a290cde5012d33b1534f0d3d484b2664a4be9202b801f68 icedtea-2.6.12.tar.xz
  • d242e506c297925beb47c805da7ebdee2e66057d1403c666aa8d4bffa6ab7fc8 icedtea-2.6.12.tar.xz.sig

The checksums can be downloaded from:

A 2.6.12 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.12.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.12.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.12/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.6.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the October 2017 security fixes from OpenJDK 8 u151.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.6.0 (2017-10-31)

  • Security fixes
  • New features
    • PR3469: Alternative path to tzdb.dat
    • PR3483: Separate addition of nss.cfg and tz.properties into separate targets
    • PR3484: Move SystemTap support to its own target
    • PR3485: Support additional targets for the bootstrap build
  • Import of OpenJDK 8 u151 build 12
    • S8029659: Keytool, print key algorithm of certificate or key entry
    • S8057810: New defaults for DSA keys in jarsigner and keytool
    • S8075484, PR3473, RH1490713: SocketInputStream.socketRead0 can hang even with soTimeout set
    • S8077670: sun/security/krb5/auto/MaxRetries.java may fail with BindException
    • S8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less
    • S8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout
    • S8157561: Ship the unlimited policy files in JDK Updates
    • S8158517: Minor optimizations to ISO10126PADDING
    • S8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
    • S8177569: keytool should not warn if signature algorithm used in cacerts is weak
    • S8177837: need to upgrade install tools
    • S8178714: PKIX validator nameConstraints check failing after change 8175940
    • S8179423: 2 security tests started failing for JDK 1.6.0 u161 b05
    • S8179564: Missing @bug for tests added with JDK-8165367
    • S8181048: Refactor existing providers to refer to the same constants for default values for key length
    • S8182879: Add warnings to keytool when using JKS and JCEKS
    • S8184937: LCMS error 13: Couldn’t link the profiles
    • S8185039: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185040: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8185778: 8u151 L10n resource file update
    • S8185845: Add SecurityTools.java test library
    • S8186503: sun/security/tools/jarsigner/DefaultSigalg.java failed after backport to JDK 6/7/8
    • S8186533: 8u151 L10n resource file update md20
    • S8186674: Remove JDK-8174109 from CPU Aug 21 week builds
  • Backports
    • S8035496, PR3487: G1 ARM: missing remset entry noticed by VerifyAfterGC for vm/gc/concurrent/lp50yp10rp70mr30st0
    • S8146086, PR3439, RH1478402: Publishing two webservices on same port fails with “java.net.BindException: Address already in use”
    • S8184673, PR3475, RH1487266: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers
    • S8185164, PR3438: GetOwnedMonitorInfo() returns incorrect owned monitor
    • S8187822, PR3478, RH1494230: C2 conditonal move optimization might create broken graph
  • Bug fixes
  • PPC port
  • AArch64 port
    • S8161190, PR3488: AArch64: Fix overflow in immediate cmp instruction
    • S8187224, PR3488: aarch64: some inconsistency between aarch64_ad.m4 and aarch64.ad
  • SystemTap
    • PR3467, RH1492139: Hotspot object_alloc tapset uses HeapWordSize incorrectly
  • Shenandoah
    • Add missing UseShenandoahGC checks to C2
    • [backport] Add JVMTI notifications to Shenandoah GC pauses.
    • [backport] After Evac verification should run consistently
    • [backport] All definitions should start with Shenandoah*
    • [backport] Allocation latency tracing
    • [backport] Allow allocations in pinned regions
    • [backport] Assorted monitoring support fixes
    • [backport] Avoid Full STW GC on System.gc() + related fixes
    • [backport] BrooksPointer tracing overwhelms -Xlog:gc=trace
    • [backport] Cannot do more than 1000 Full GCs
    • [backport] Cap heap size for TestRegionSizeArgs test
    • [backport] Cleanup “dirty” mentions
    • [backport] Cleanup unused methods and statements + Trivial cleanup: removed unused field, etc.
    • [backport] Common pause marker to capture everything before/after pause
    • [backport] Consistent print_on and tty handling
    • [backport] “continuous” heuristics
    • [backport] Disable biased locking by default
    • [backport] Fix build error: avoid loops with empty bodies
    • [backport] Fix build error: switches over enums should take all enums
    • [backport] Fix build error: verifier liveness should not be implicitly casted to size_t
    • [backport] Fixed assertion failures when printing heap region to trace output
    • [backport] Fixed C calling convention of shenandoah_wb() on Windows
    • [backport] LotsOfCycles test always degrades to Full GC
    • [backport] Made ShenandoahPrinter debug only
    • [backport] Make sure different Verifier levels work
    • [backport] Make sure we have at least one memory pool per memory manager (JMX) + JMX double-counts heap used size
    • [backport] Mark heuristics diagnostic/experimental
    • [backport] Move Verifier “start” message under (gc,start)
    • [backport] On-demand commit as heap resizing strategy
    • [backport] Periodic GC
    • [backport] PhiNode::has_only_data_users() needs to apply to shenandoah barrier only
    • [backport] Pinning humongous regions should be allowed
    • [backport] Reclaimed humongous regions should count towards immediate garbage
    • [backport] Refactor region flags into finite state machine
    • [backport] Refactor ShConcThread dispatch
    • [backport] Refactor ShenandoahFreeSet + Fast-forward over humongous regions to keep “current” non-humongous
    • [backport] Refactor ShenandoahHeapLock
    • [backport] Refactor ShenandoahHeapRegionSet
    • [backport] Region (byte|word) shifts as the replacement for divisions
    • [backport] Rehash -XX:-UseTLAB in tests + Rehash allocation tests
    • [backport] Rename inline guards
    • [backport] Selectable humongous threshold + Humongous top() should be correct for iteration
    • [backport] Shortcut concurrent cycle when enough immediate garbage is reclaimed
    • [backport] Templatize and improve inlining of arraycopy and clone barriers.
    • [backport] TestRegionSampling test
    • [backport] TestSmallHeap test for Shenandoah
    • [backport] Uncommit heap regions after given delay
    • [backport] Underflow in adaptive free_threshold calculation
    • [backport] Unlock more GC-specific tests for Shenandoah
    • [backport] Update counters on slow-path more rarely
    • [backport] Verifier should avoid pushing on stack when walking objects past TAMS
    • [backport] Verifier should walk cset and humongous regions
    • [backport] Verify humongous regions liveness
    • [backport] Verify liveness data
    • Correct way to fix Windows call convention issue
    • Fix build error in release config.
    • Fixed Fixed message logging
    • Handle Java heap initialization and expansion failures
    • Make sure -verbose:gc, PrintGC, PrintGCDetails work consistently
    • Missing barriers on constant oops + acmp rework + cas fix + write barrier on constant oop fix
    • Missing UseShenandoahGC check in LibraryCallKit::inline_multiplyToLen()
    • Missing UseShenandoahGC check to C2
    • OOME in SurrogateLockerThread deadlocks the GC cycle
    • Properly unlock ShenandoahVerify
    • Remove unused memory_for, fixing the build
    • Remove useless code following acmp rework
    • Revert accidental G1 closure rename
    • Test bug: test library and flags in TestHeapAlloc
    • UnlockDiagnosticVMOptions flag is needed for ShenandoahVerify
    • Write barrier pin and expand cleanup

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 74a43c4e027c72bb1c324f8f73af21565404326c9998f534f234ec2a36ca1cdb icedtea-3.6.0.tar.gz
  • 6050c8e69974a33641b764afdbd91f07725336abd20e7f260e2a0dbf562f8b32 icedtea-3.6.0.tar.gz.sig
  • d0a0a9ce58b3ed29f2deecef8b78f28a79315f4a6330ee833410f79cbf48417e icedtea-3.6.0.tar.xz
  • 2de4119e3e59cf7acbb1f9c93a5760397c846116067d3c45504bd3ff6297f9a8 icedtea-3.6.0.tar.xz.sig

The checksums can be downloaded from:

A 3.6.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.6.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.6.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.6.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the July 2017 security fixes from OpenJDK 7 u151.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.11 (2017-08-08)

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 5dfbe0f40d8b6004d49add4ec398d1c91d4c02b11716297055e5d73919fb85be icedtea-2.6.11.tar.gz
  • f100c3bfffa5ea0b9a2184346856a1d3db7f8d2a45c74523ad928dcf179ad0e3 icedtea-2.6.11.tar.gz.sig
  • 20063c314535e4ed4b8099e497b880e4f346c85e7315a2573d0f398b973777c5 icedtea-2.6.11.tar.xz
  • 43bf76c60d219ef76b0e03484ee92d0d7657dafae51f21ed088ee5bb5ee654ca icedtea-2.6.11.tar.xz.sig

The checksums can be downloaded from:

A 2.6.11 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.11.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.11.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.11/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.5.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the July 2017 security fixes from OpenJDK 8 u141.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.5.0 (2017-07-20)

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 2c92e18fa70edaf73517fcf91bc2a7cc2ec2aa8ffdf22bb974fa6f9bc3065f30 icedtea-3.5.0.tar.gz
  • d27c337e87221c9de158f83e43823bf2c5ec2ebf78c8fa5b9a11b182acb68ee1 icedtea-3.5.0.tar.gz.sig
  • 9aa89e00ecc07baa6b37a6b1e363c3d7128253e95374c74d1d2706f36c3ccab5 icedtea-3.5.0.tar.xz
  • 59089156b3ea0973304c6d89d598ca6a149e594f9555fd35c9c0a78101ce7e65 icedtea-3.5.0.tar.xz.sig

The checksums can be downloaded from:

A 3.5.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.5.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.5.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.5.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the April 2017 security fixes from OpenJDK 7 u141.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.10 (2017-05-16)

  • Security fixes
  • New features
    • PR3347: jstack.stp should support AArch64
  • Import of OpenJDK 7 u141 build 0
    • S4717864: setFont() does not update Fonts of Menus already on screen
    • S6474807: (smartcardio) CardTerminal.connect() throws CardException instead of CardNotPresentException
    • S6518907: cleanup IA64 specific code in Hotspot
    • S6869327: Add new C2 flag to keep safepoints in counted loops.
    • S7112912: Message “Error occurred during initialization of VM” on boxes with lots of RAM
    • S7124213: [macosx] pack() does ignore size of a component; doesn’t on the other platforms
    • S7124219: [macosx] Unable to draw images to fullscreen
    • S7124552: [macosx] NullPointerException in getBufferStrategy()
    • S7148275: [macosx] setIconImages() not working correctly (distorted icon when minimized)
    • S7154841: [macosx] Popups appear behind taskbar
    • S7155957: closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java hangs on win 64 bit with jdk8
    • S7160627: [macosx] TextArea has wrong initial size
    • S7167293: FtpURLConnection connection leak on FileNotFoundException
    • S7168851: [macosx] Netbeans crashes in CImage.nativeCreateNSImageFromArray
    • S7197203: sun/misc/URLClassPath/ClassnameCharTest.sh failed, compile error
    • S8005255: [macosx] Cleanup warnings in sun.lwawt
    • S8006088: Incompatible heap size flags accepted by VM
    • S8007295: Reduce number of warnings in awt classes
    • S8010722: assert: failed: heap size is too big for compressed oops
    • S8011059: [macosx] Support automatic @2x images loading on Mac OS X
    • S8014058: Regression tests for 8006088
    • S8014489: tests/gc/arguments/Test(Serial|CMS|Parallel|G1)HeapSizeFlags jtreg tests invoke wrong class
    • S8016302: Change type of the number of GC workers to unsigned int (2)
    • S8024662: gc/arguments/TestUseCompressedOopsErgo.java does not compile.
    • S8024669: Native OOME when allocating after changes to maximum heap supporting Coops sizing on sparcv9
    • S8024926: [macosx] AquaIcon HiDPI support
    • S8025974: l10n for policytool
    • S8027025: [macosx] getLocationOnScreen returns 0 if parent invisible
    • S8028212: Custom cursor HiDPI support
    • S8028471: PPC64 (part 215): opto: Extend ImplicitNullCheck optimization.
    • S8031573: [macosx] Checkmarks of JCheckBoxMenuItems aren’t rendered in high resolution on Retina
    • S8033534: [macosx] Get MultiResolution image from native system
    • S8033786: White flashing when opening Dialogs and Menus using Nimbus with dark background
    • S8035568: [macosx] Cursor management unification
    • S8041734: JFrame in full screen mode leaves empty workspace after close
    • S8059803: Update use of GetVersionEx to get correct Windows version in hs_err files
    • S8066504: GetVersionEx in java.base/windows/native/libjava/java_props_md.c might not get correct Windows version 0
    • S8079595: Resizing dialog which is JWindow parent makes JVM crash
    • S8080729: [macosx] java 7 and 8 JDialogs on multiscreen jump to parent frame on focus
    • S8130769: The new menu can’t be shown on the menubar after clicking the “Add” button.
    • S8133357: 8u65 l10n resource file translation update
    • S8146602: jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test fails with NullPointerException
    • S8147842: IME Composition Window is displayed at incorrect location
    • S8147910: Cache initial active_processor_count
    • S8150490: Update OS detection code to recognize Windows Server 2016
    • S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is enabled
    • S8161195: Regression: closed/javax/swing/text/FlowView/LayoutTest.java
    • S8161993: G1 crashes if active_processor_count changes during startup
    • S8162603: Unrecognized VM option ‘UseCountedLoopSafepoints’
    • S8162876: [TEST_BUG] sun/net/www/protocol/http/HttpInputStream.java fails intermittently
    • S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java failed with “Error while cleaning up threads after test”
    • S8167179: Make XSL generated namespace prefixes local to transformation process
    • S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections
    • S8169589: [macosx] Activating a JDialog puts to back another dialog
    • S8170307: Stack size option -Xss is ignored
    • S8170316: (tz) Support tzdata2016j
    • S8170814: Reuse cache entries (part II)
    • S8171388: Update JNDI Thread contexts
    • S8171949: [macosx] AWT_ZoomFrame Automated tests fail with error: The bitwise mask Frame.ICONIFIED is not setwhen the frame is in ICONIFIED state
    • S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked.
    • S8173931: 8u131 L10n resource file update
    • S8174844: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8175087: [bsd] Fix build after “8024900: PPC64: Enable new build on AIX (jdk part)”
    • S8175163: [bsd] Fix build after “8005629: javac warnings compiling java.awt.EventDispatchThread…”
    • S8176044: (tz) Support tzdata2017a
  • Import of OpenJDK 7 u141 build 1
    • S8043723: max_heap_for_compressed_oops() declared with size_t, but defined with uintx
  • Import of OpenJDK 7 u141 build 2
    • S8011123: serialVersionUID of java.awt.dnd.InvalidDnDOperationException changed in JDK8-b82
  • Backports
  • Bug fixes
    • PR3349: Architectures unsupported by SystemTap tapsets throw a parse error
    • PR3370: Disable ARM32 JIT by default in jdk_generic_profile.sh
    • PR3379: Perl should be mandatory
    • PR3390: javac.in and javah.in should use @PERL@ rather than a hardcoded path
  • CACAO
    • PR2732: Raise javadoc memory limits for CACAO again!
  • AArch64 port
    • S8177661, PR3367: Correct ad rule output register types from iRegX to iRegXNoSp

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 02af605d4437e314a55c85a334321719d16be3ff670064de8972c15e30f5ceed icedtea-2.6.10.tar.gz
  • 48f7b14d67c9a67e5e29c5ada64e8b9875f3feefacf07df1dc66dd668166d8df icedtea-2.6.10.tar.gz.sig
  • 1c49fd735cc908677044935b6899e59434356b7e65d163bb5033e32f6621a92a icedtea-2.6.10.tar.xz
  • abcd0e05aad77528da4957e5ccebd02282adae0938b02685100244e93da27eac icedtea-2.6.10.tar.xz.sig

The checksums can be downloaded from:

A 2.6.10 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.10.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.10.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.10/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.4.0: ARMed and Ready!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the April 2017 security fixes from OpenJDK 8 u131.

We also add support for building using the AArch32 HotSpot port. This is now
the default on arm[32], which should lead to significant performance increases over the previous default Zero assembler build.

AArch64 also gets some love, with support for this architecture in the Shenandoah HotSpot build (PR3297) and the SystemTap JDK tapsets (PR3340).

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.4.0 (2017-05-16)

  • Security fixes
  • New features
    • PR1969: Add AArch32 JIT port
    • PR3297: Allow Shenandoah to be used on AArch64
    • PR3340: jstack.stp should support AArch64
  • Import of OpenJDK 8 u131 build 11
    • S6474807: (smartcardio) CardTerminal.connect() throws CardException instead of CardNotPresentException
    • S6515172, PR3346: Runtime.availableProcessors() ignores Linux taskset command
    • S7155957: closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java hangs on win 64 bit with jdk8
    • S7167293: FtpURLConnection connection leak on FileNotFoundException
    • S8035568: [macosx] Cursor management unification
    • S8079595: Resizing dialog which is JWindow parent makes JVM crash
    • S8130769: The new menu can’t be shown on the menubar after clicking the “Add” button.
    • S8146602: jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test fails with NullPointerException
    • S8147842: IME Composition Window is displayed at incorrect location
    • S8147910, PR3346: Cache initial active_processor_count
    • S8150490: Update OS detection code to recognize Windows Server 2016
    • S8160951: [TEST_BUG] javax/xml/bind/marshal/8134111/UnmarshalTest.java should be added into :needs_jre group
    • S8160958: [TEST_BUG] java/net/SetFactoryPermission/SetFactoryPermission.java should be added into :needs_compact2 group
    • S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is enabled
    • S8161195: Regression: closed/javax/swing/text/FlowView/LayoutTest.java
    • S8161993, PR3346: G1 crashes if active_processor_count changes during startup
    • S8162876: [TEST_BUG] sun/net/www/protocol/http/HttpInputStream.java fails intermittently
    • S8162916: Test sun/security/krb5/auto/UnboundSSL.java fails
    • S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java failed with “Error while cleaning up threads after test”
    • S8167179: Make XSL generated namespace prefixes local to transformation process
    • S8168774: Polymorhic signature method check crashes javac
    • S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections
    • S8169589: [macosx] Activating a JDialog puts to back another dialog
    • S8170307: Stack size option -Xss is ignored
    • S8170316: (tz) Support tzdata2016j
    • S8170814: Reuse cache entries (part II)
    • S8170888, PR3314, RH1284948: [linux] Experimental support for cgroup memory limits in container (ie Docker) environments
    • S8171388: Update JNDI Thread contexts
    • S8171949: [macosx] AWT_ZoomFrame Automated tests fail with error: The bitwise mask Frame.ICONIFIED is not setwhen the frame is in ICONIFIED state
    • S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog test fails as DummyButton on Dialog did not gain focus when clicked.
    • S8173030: Temporary backout fix #8035568 from 8u131-b03
    • S8173031: Temporary backout fix #8171952 from 8u131-b03
    • S8173783, PR3328: IllegalArgumentException: jdk.tls.namedGroups
    • S8173931: 8u131 L10n resource file update
    • S8174844: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle
    • S8174985: NTLM authentication doesn’t work with IIS if NTLM cache is disabled
    • S8176044: (tz) Support tzdata2017a
  • Backports
  • Bug fixes
    • PR3348: Architectures unsupported by SystemTap tapsets throw a parse error
    • PR3378: Perl should be mandatory
    • PR3389: javac.in and javah.in should use @PERL@ rather than a hardcoded path
  • AArch64 port
    • S8168699, PR3372: Validate special case invocations [AArch64 support]
    • S8170100, PR3372: AArch64: Crash in C1-compiled code accessing References
    • S8172881, PR3372: AArch64: assertion failure: the int pressure is incorrect
    • S8173472, PR3372: AArch64: C1 comparisons with null only use 32-bit instructions
    • S8177661, PR3372: Correct ad rule output register types from iRegX to iRegXNoSp
  • AArch32 port
    • PR3380: Zero should not be enabled by default on arm with the AArch32 HotSpot build
    • PR3384, S8139303, S8167584: Add support for AArch32 architecture to configure and jdk makefiles
    • PR3385: aarch32 does not support -Xshare:dump
    • PR3386, S8164652: AArch32 jvm.cfg wrong for C1 build
    • PR3387: Installation fails on arm with AArch32 port as INSTALL_ARCH_DIR is arm, not aarch32
    • PR3388: Wrong path for jvm.cfg being used on arm with AArch32 build
  • Shenandoah
    • Fix Shenandoah argument checking on 32bit builds.
    • Import from Shenandoah tag aarch64-shenandoah-jdk8u101-b14-shenandoah-merge-2016-07-25
    • Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-02-20
    • Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-06
    • Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-09
    • Import from Shenandoah tag aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-23

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 2b606bbbf4ca5bcf2c8e811ea9060da30744860f3d63e1b3149fb5550a90b92b icedtea-3.4.0.tar.gz
  • 15391447e489cb939277a6981ff9dbc2a57d50c6d3682e0159a1dab04a05da02 icedtea-3.4.0.tar.gz.sig
  • b518f389c44d45bb264d7e954b3c0b836d3d23ba9fbd620ff7c68f934a012e9a icedtea-3.4.0.tar.xz
  • 32e80eacf27e3ec31dd698486e2f79a92bc146c4bc37c76bb7e3d8b7e34a7084 icedtea-3.4.0.tar.xz.sig

The checksums can be downloaded from:

A 3.4.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.4.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.4.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.4.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the January 2017 security fixes from OpenJDK 7 u131.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.9 (2017-02-14)

  • Security fixes
  • Import of OpenJDK 7 u131 build 0
    • S6253144: Long narrowing conversion should describe the algorithm used and implied “risks”
    • S6328537: Improve javadocs for Socket class by adding references to SocketOptions
    • S6978886: javadoc shows stacktrace after print error resulting from disk full
    • S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
    • S6996372: synchronizing handshaking hash
    • S7027045: (doc) java/awt/Window.java has several typos in javadoc
    • S7054969: Null-check-in-finally pattern in java/security documentation
    • S7072353: JNDI libraries do not build with javac -Xlint:all -Werror
    • S7075563: Broken link in “javax.swing.SwingWorker”
    • S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11
    • S7088502: Security libraries don’t build with javac -Werror
    • S7092447: Clarify the default locale used in each locale sensitive operation
    • S7093640: Enable client-side TLS 1.2 by default
    • S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed
    • S7117360: Warnings in java.util.concurrent.atomic package
    • S7117465: Warning cleanup for IMF classes
    • S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error
    • S8000418: javadoc should used a standard “generated by javadoc” string
    • S8000666: javadoc should write directly to Writer instead of composing strings
    • S8000673: remove dead code from HtmlWriter and subtypes
    • S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
    • S8001669: javadoc internal DocletAbortException should set cause when appropriate
    • S8008949: javadoc stopped copying doc-files
    • S8011402: Move blacklisting certificate logic from hard code to data
    • S8011547: Update XML Signature implementation to Apache Santuario 1.5.4
    • S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
    • S8016217: More javadoc warnings
    • S8017325: Cleanup of the javadoc <code> tag in java.security.cert
    • S8017326: Cleanup of the javadoc <code> tag in java.security.spec
    • S8019772: Fix doclint issues in javax.crypto and javax.security subpackages
    • S8020557: javadoc cleanup in javax.security
    • S8020688: Broken links in documentation at http://docs.oracle.com/javase/6/docs/api/index.
    • S8021108: Clean up doclint warnings and errors in java.text package
    • S8021417: Fix doclint issues in java.util.concurrent
    • S8021833: javadoc cleanup in java.net
    • S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
    • S8022175: Fix doclint warnings in javax.print
    • S8022406: Fix doclint issues in java.beans
    • S8022746: List of spelling errors in API doc
    • S8024779: [macosx] SwingNode crashes on exit
    • S8025085: [javadoc] some errors in javax/swing
    • S8025218: [javadoc] some errors in java/awt classes
    • S8025249: [javadoc] fix some javadoc errors in javax/swing/
    • S8025409: Fix javadoc comments errors and warning reported by doclint report
    • S8026021: more fix of javadoc errors and warnings reported by doclint, see the description
    • S8037099: [macosx] Remove all references to GC from native OBJ-C code
    • S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
    • S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
    • S8049244: XML Signature performance issue caused by unbuffered signature data
    • S8049432: New tests for TLS property jdk.tls.client.protocols
    • S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio
    • S8059212: Modify sun/security/smartcardio manual regression tests so that they do not just fail if no cardreader found
    • S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName
    • S8068491: Update the protocol for references of docs.oracle.com to HTTPS.
    • S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210
    • S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u
    • S8139565: Restrict certificates with DSA keys less than 1024 bits
    • S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions
    • S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check
    • S8143959: Certificates requiring blacklisting
    • S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
    • S8148516: Improve the default strength of EC in JDK
    • S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks
    • S8151893: Add security property to configure XML Signature secure validation mode
    • S8155760: Implement Serialization Filtering
    • S8156802: Better constraint checking
    • S8161228: URL objects with custom protocol handlers have port changed after deserializing
    • S8161571: Verifying ECDSA signatures permits trailing bytes
    • S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar
    • S8164908: ReflectionFactory support for IIOP and custom serialization
    • S8165230: RMIConnection addNotificationListeners failing with specific inputs
    • S8166393: disabledAlgorithms property should not be strictly parsed
    • S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only)
    • S8166739: Improve extensibility of ObjectInputFilter information passed to the filter
    • S8166875: (tz) Support tzdata2016g
    • S8166878: Connection reset during TLS handshake
    • S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed
    • S8167459: Add debug output for indicating if a chosen ciphersuite was legacy
    • S8167472: Chrome interop regression with JDK-8148516
    • S8167591: Add MD5 to signed JAR restrictions
    • S8168861: AnchorCertificates uses hardcoded password for cacerts keystore
    • S8168993: JDK8u121 L10n resource file update
    • S8169191: (tz) Support tzdata2016i
    • S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU
    • S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304
    • S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property
    • S8170268: 8u121 L10n resource file update – msgdrop 20
    • S8173622: Backport of 7180907 is incomplete
    • S8173849: Fix use of java.util.Base64 in test cases
    • S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760
  • Backports
  • Bug fixes
    • PR3318: Replace ‘infinality’ with ‘improved font rendering’ (–enable-improved-font-rendering)
    • PR3318: Fix compatibility with vanilla Fontconfig
    • PR3318: Fix glyph y advance
    • PR3318: Always round glyph advance in 26.6 space
    • PR3318: Simplify glyph advance handling
    • PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989
  • AArch64 port

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 86d0fb6182e10f2f92785dce919d03602694928f5e585d42034a3f8ff3bda079 icedtea-2.6.9.tar.gz
  • 6660ee155cd6738cef2b7dcd83ce15eded595c801100900b51906c76d83b5f62 icedtea-2.6.9.tar.gz.sig
  • 8e4f3eb8d41ef66f1797825343141046973c124b18bf7d4698fae0a9a25495ea icedtea-2.6.9.tar.xz
  • ef7b9886ba619bc206a0b540b80ea11f85bac44e0658ea5588833830579c7c81 icedtea-2.6.9.tar.xz.sig

The checksums can be downloaded from:

A 2.6.9 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.9.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.9.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.9/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.3.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the October 2016 bug fixes from OpenJDK 8 u112 and the January 2017 security fixes from OpenJDK 8 u121.

The ‘infinality’ feature has been improved and is now known as ‘improved font rendering’. It no longer requires a patched FreeType and we intend to enable it by default from IcedTea 3.4.0 onwards.

We also make the build a little easier on some platforms by removing the requirement for wget to be installed if downloading is disabled,
and supporting older Kerberos installations which don’t use pkg-config. We also add support for picking up the strangely named JVM installation locations on RHEL 6 multilib platforms.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.3.0 (2017-01-28)

  • Security fixes
  • New features
    • PR3300: wget not required when downloading is disabled
    • PR3301: Support RHEL multilib installations which use the /usr/lib/jvm/java-1.x.0-openjdk.${arch} naming
    • PR3303: Allow Kerberos to be detected by old libs & headers method if pkg-config check fails
  • Import of OpenJDK 8 u112 build 16
    • S6477756: GraphicsDevice.getConfigurations() is slow taking 3 or more seconds
    • S7172749: Xrender: Class cast exception in 2D code running an AWT regression test
    • S8017629: G1: UseSHM in combination with a G1HeapRegionSize > os::large_page_size() falls back to use small pages
    • S8022203: Intermittent test failures in demo/jvmti/hprof
    • S8022582: Relax response flags checking in sun.security.krb5.KrbKdcRep.check.
    • S8027575: b113 causing a lot of memory allocation and regression for wls_webapp_atomics
    • S8028486: java/awt/Window/WindowsLeak/WindowsLeak.java fails
    • S8030780: test/com/sun/corba/cachedSocket/7056731.sh leaves HelloServer behind
    • S8036630: Null ProtectionDomain in JVM can cause NPE because principals field is not initialized to an empty array
    • S8042660: vm/mlvm/anonloader/stress/byteMutation failed with: assert(index >=0 && index < _length) failed: symbol index overflow
    • S8044193: Need to add known answer tests for AES cipher
    • S8044575: testlibrary_tests/whitebox/vm_flags/UintxTest.java failed: assert(!res || TypeEntriesAtCall::arguments_profiling_enabled()) failed: no profiling of arguments
    • S8048601: Tests for JCE crypto ciphers (part 1)
    • S8048621: Implement basic keystore tests
    • S8048622: Enhance tests for PKCS11 keystores with NSS
    • S8049021: Add smartcardio tests with APDU buffer
    • S8049312: AES/CICO test failed with on several modes
    • S8050402: Tests to check for use of policy files
    • S8050409: Test for JAAS getPrivateCredentials
    • S8054326: Confusing message in “Current rem set statistics”
    • S8055772: get_source.sh : version check assumes English localization
    • S8057791: Selection in JList is drawn with wrong colors in Nimbus L&F
    • S8058865: JMX Test Refactoring
    • S8067964: Native2ascii doesn’t close one of the streams it opens
    • S8071487: javax/management/monitor/GaugeMonitorDeadlockTest.java timed out
    • S8071909: Port testlibrary improvments in jdk/test to hotspot/test as required for DCMD test port
    • S8073542: File Leak in jdk/src/java/base/unix/native/libnet/PlainDatagramSocketImpl.c
    • S8074784: Additional tests for XML DSig API
    • S8075007: Additional tests for krb5-related cipher suites with unbound server
    • S8075297: Tests for RFEs 4515853 and 4745056
    • S8075299: Additional tests for krb5 settings
    • S8075301: Tests for sun.security.krb5.principal system property
    • S8077276: allocating heap with UseLargePages and HugeTLBFS may trash existing memory mappings (linux)
    • S8078268: javax.swing.text.html.parser.Parser parseScript incorrectly optimized
    • S8078382: Wrong glyph is displayed for a derived font
    • S8080729: [macosx] java 7 and 8 JDialogs on multiscreen jump to parent frame on focus
    • S8085903: New fix for memory leak in ProtectionDomain cache
    • S8098581: SecureRandom.nextBytes() hurts performance with small size requests
    • S8129740: Incorrect class file created when passing lambda in inner class constructor
    • S8130127: streamline input parameter of Nashorn scripting $EXEC function
    • S8130309: Need to bailout cleanly if creation of stubs fails when codecache is out of space
    • S8130317: “ant test” fails to complete on Windows when run under cygwin shell
    • S8133070: Hot lock on BulkCipher.isAvailable
    • S8133309: Some unicode characters do not display any more after upgrading to Windows 10
    • S8134232: KeyStore.load() throws an IOException with a wrong cause in case of wrong password
    • S8135322: ConstantPool::release_C_heap_structures not run in some circumstances
    • S8136998: JComboBox prevents wheel mouse scrolling of JScrollPane
    • S8137240: Negative lookahead in RegEx breaks backreference
    • S8138906: [TEST_BUG] Test test/script/trusted/JDK-8087292.js intermittently fails.
    • S8141148: LDAP “follow” throws ClassCastException with Java 8
    • S8141541: Simplify Nashorn’s Context class loader handling
    • S8143640: Showing incorrect result while passing specific argument in the Java launcher tools
    • S8143642: Nashorn shebang argument handling is broken
    • S8144160: Regression: two tests fail on Windows with “ant test” target
    • S8144221: fix Nashorn shebang argument handling on Mac/Linux
    • S8144703: ClassCastException: sun.font.CompositeFont cannot be cast to PhysicalFont
    • S8145305: fix Nashorn shebang handling on Cygwin
    • S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
    • S8146975: NullPointerException in IIOPInputStream.inputClassFields
    • S8147026: Convert an assert in ClassLoaderData to a guarantee
    • S8147451: Crash in Method::checked_resolve_jmethod_id(_jmethodID*)
    • S8147585: Annotations with lambda expressions has parameter result in wrong behavior.
    • S8147969: Print size of DH keysize when errors are encountered
    • S8148140: arguments are handled differently in apply for JS functions and AbstractJSObjects
    • S8148984: [macosx] Chinese Comma cannot be entered using Pinyin Input Method on OS X
    • S8150219: ReferenceError in 1.8.0_72
    • S8150234: Windows 10 App Containers disallow access to ICMP calls
    • S8150814: correct package declaration in Nashorn test
    • S8151722: TESTBUG: New test compiler/native/TestDirtyInt.sh should be modified
    • S8153149: Uninitialised memory in WinAccessBridge.cpp:1128
    • S8153192: (se) Selector.select(long) uses wrong timeout after EINTR (lnx)
    • S8153781: Issue in XMLScanner: EXPECTED_SQUARE_BRACKET_TO_CLOSE_INTERNAL_SUBSET when skipping large DOCTYPE section with CRLF at wrong place
    • S8153948: sun/security/mscapi/ShortRSAKey1024.sh fails with “Field length overflow”
    • S8154009: Some methods of java.security.Security require more permissions, than necessary
    • S8154069: Jaws reads wrong values from comboboxes when no element is selected
    • S8154144: Tests in com/sun/jdi fails intermittently with “jdb input stream closed prematurely”
    • S8154469: Update FSF address
    • S8154553: Incorrect GPL header in package-info.java reported
    • S8154558: Incorrect GPL header in ProcessEnvironment_md.c reported
    • S8154816: Caps Lock doesn’t work as expected when using Pinyin Simplified input method
    • S8154831: CastII/ConvI2L for a range check is prematurely eliminated
    • S8155001: SystemTray.remove() leaks GDI Objects in Windows
    • S8155106: MHs.Lookup.findConstructor returns handles for array classes
    • S8155214: java/lang/invoke/PermuteArgsTest.java fails due to exhausted code cache
    • S8156478: 3 Buffer overrun defect groups in jexec.c
    • S8156521: Minor fixes and cleanups in NetworkInterface.c
    • S8156714: Parsing issue with automatic semicolon insertion
    • S8156836: SIGSEGV: Test test/compiler/jsr292/VMAnonymousClasses.java fails with JTREG 4.2 b02
    • S8156896: Script stack trace should display function names
    • S8157160: JSON.stringify does not work on ScriptObjectMirror objects
    • S8157242: Some java/lang/invoke tests miss othervm
    • S8157444: exclude jjs shebang handling test from runs
    • S8157603: TestCipher.java doesn’t check one of the decrypted message as expected
    • S8157680: Callback parameter of any JS builtin implementation should accept any Callable
    • S8157819: TypeError when a java.util.Comparator object is invoked as a function
    • S8158059: The fix for 8050402 was partially committed
    • S8158072: Need a test for JDK-7172749
    • S8158111: Make handling of 3rd party providers more stable
    • S8158178: java.awt.SplashScreen.getSize() returns incorrect size for high dpi splash screens
    • S8158338: Nashorn’s ScriptLoader split delegation has to be adjusted
    • S8158373: SIGSEGV: Metadata::mark_on_stack
    • S8158467: AccessControlException is thrown on public Java class access if “script app loader” is set to null
    • S8158495: CCE: sun.java2d.NullSurfaceData cannot be cast to sun.java2d.opengl.OGLSurfaceData
    • S8158802: com.sun.jndi.ldap.SimpleClientId produces wrong hash code
    • S8158871: Long response times with G1 and StringDeduplication
    • S8159822: Non-synchronized access to shared members of com.sun.jndi.ldap.pool.Pool
    • S8160122: Backport of JDK-8159244 used wrong version of the JDK 9 fix
    • S8160518: Semicolon is not recognized as comment starting character (Kerberos)
    • S8160693: ScriptRunData.java uses bitwise AND instead of logical AND
    • S8161144: Fix for JDK-8147451 failed: Crash in Method::checked_resolve_jmethod_id(_jmethodID*)
    • S8162510: 8u112 L10n resource file updates
    • S8164453: 8u112 L10n resource file update – msgdrop 20
  • Import of OpenJDK 8 u121 build 13
    • S8037099: [macosx] Remove all references to GC from native OBJ-C code
    • S8059212: Modify sun/security/smartcardio manual regression tests so that they do not just fail if no cardreader found
    • S8139565: Restrict certificates with DSA keys less than 1024 bits
    • S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions
    • S8148516: Improve the default strength of EC in JDK
    • S8151893: Add security property to configure XML Signature secure validation mode
    • S8152438: Threads may do significant work out of the non-shared overflow buffer
    • S8153438: Avoid repeated “Please insert a smart card” popup windows
    • S8154005: Add algorithm constraint that specifies the restriction date
    • S8154015: Apply algorithm constraints to timestamped code
    • S8159410: InetAddress.isReachable returns true for non existing IP adresses
    • S8160108: Implement Serialization Filtering
    • S8161228: URL objects with custom protocol handlers have port changed after deserializing
    • S8161571: Verifying ECDSA signatures permits trailing bytes
    • S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar
    • S8163583: [macosx] Press “To Back” button on the Dialog,the Dialog moves behind the Frame
    • S8164908: ReflectionFactory support for IIOP and custom serialization
    • S8165230: RMIConnection addNotificationListeners failing with specific inputs
    • S8166389: [TEST_BUG] closed/java/security/Security/ReadProp/ReadProp.sh failing
    • S8166393: disabledAlgorithms property should not be strictly parsed
    • S8166432: Bad 8u112 merge of sun/security/tools/jarsigner/warnings/Test.java
    • S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only)
    • S8166739: Improve extensibility of ObjectInputFilter information passed to the filter
    • S8166875: (tz) Support tzdata2016g
    • S8166878: Connection reset during TLS handshake
    • S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed
    • S8167459: Add debug output for indicating if a chosen ciphersuite was legacy
    • S8167472: Chrome interop regression with JDK-8148516
    • S8167591: Add MD5 to signed JAR restrictions
    • S8168861: AnchorCertificates uses hardcoded password for cacerts keystore
    • S8168963: Backout JDK-8154005
    • S8168993: JDK8u121 L10n resource file update
    • S8169072: Backout JDK-8154015
    • S8169191: (tz) Support tzdata2016i
    • S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU
    • S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304
    • S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property
    • S8170268: 8u121 L10n resource file update – msgdrop 20
  • Bug fixes
    • PR3271: Always round glyph advance in 26.6 space
    • PR3271: Fix compatibility with vanilla Fontconfig
    • PR3271: Fix glyph y advance
    • PR3271: Replace ‘infinality’ with ‘improved font rendering’ (–enable-improved-font-rendering)
    • PR3271: Simplify glyph advance handling
    • PR3286: -ffp-contract not available on older GCCs
    • PR3302: zip should be optional, as it’s only used in the manually invoked dist-openjdk and dist-openjdk-fsg rules
    • PR3304: zip still a requirement of the underlying OpenJDK build
  • PPC port
    • S8170873, PR3280: PPC64/aarch64: Poor StrictMath performance due to non-optimized compilation
  • AArch64 port
    • S8130309, PR3280: Need to bailout cleanly if creation of stubs fails when codecache is out of space (AArch64 changes)
    • S8132875, PR3280: AArch64: Fix error introduced into AArch64 CodeCache by commit for 8130309
    • S8165673, PR3280: AArch64: Fix JNI floating point argument handling
    • S8170188, PR3280: jtreg test compiler/types/TestMeetIncompatibleInterfaceArrays.java causes JVM crash
    • S8170873, PR3280: PPC64/aarch64: Poor StrictMath performance due to non-optimized compilation

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • ce74a343759bfe6a7332301835e7c6e77d01db588a1dab672816c9ce338474b1 icedtea-3.3.0.tar.gz
  • efed173fa928897f02eed70c63b0e764800593c4800cb0e055a450df0d1aa045 icedtea-3.3.0.tar.gz.sig
  • b764ff09674f9139f94dfe9df8f6393ed55af149c7bb1033fbf119f68cea750b icedtea-3.3.0.tar.xz
  • 4ca9acdbec277afe2028508d36f30309a06a4317125f9207c9e95dce9335a0a0 icedtea-3.3.0.tar.xz.sig

The checksums can be downloaded from:

A 3.3.0 ebuild for Gentoo is available.

The following people helped with these releases:

  • Matthias Dahl (PR3271 font rendering improvements)
  • Andrew Hughes (all other bug fixes and backports, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.3.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.3.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.3.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

Next Page »