Security


The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the October 2016 security fixes from OpenJDK 7 u121.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.8 (2016-11-13)

  • Security fixes
  • Import of OpenJDK 7 u121 build 0
    • S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.java
    • S6882559: new JEditorPane(“text/plain”,”") fails for null context class loader
    • S7090158: Networking Libraries don’t build with javac -Werror
    • S7125055: ContentHandler.getContent API changed in error
    • S7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on windows
    • S7187051: ShortRSAKeynnn.sh tests should do cleanup before start test
    • S8000626: Implement dead key detection for KeyEvent on Linux
    • S8003890: corelibs test scripts should pass TESTVMOPTS
    • S8005629: javac warnings compiling java.awt.EventDispatchThread and sun.awt.X11.XIconWindow
    • S8010297: Missing isLoggable() checks in logging code
    • S8010782: clean up source files containing carriage return characters
    • S8014431: cleanup warnings indicated by the -Wunused-value compiler option on linux
    • S8015265: revise the fix for 8007037
    • S8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
    • S8020708: NLS mnemonics missing in SwingSet2/JInternalFrame demo
    • S8024756: method grouping tabs are not selectable
    • S8026741: jdk8 l10n resource file translation update 5
    • S8048147: Privilege tests with JAAS Subject.doAs
    • S8048357: PKCS basic tests
    • S8049171: Additional tests for jarsigner’s warnings
    • S8059177: jdk8u40 l10n resource file translation update 1
    • S8075584: test for 8067364 depends on hardwired text advance
    • S8076486: [TESTBUG] javax/security/auth/Subject/doAs/NestedActions.java fails if extra VM options are given
    • S8077953: [TEST_BUG] com/sun/management/OperatingSystemMXBean/TestTotalSwap.java Compilation failed after JDK-8077387
    • S8080628: No mnemonics on Open and Save buttons in JFileChooser
    • S8083601: jdk8u60 l10n resource file translation update 2
    • S8140530: Creating a VolatileImage with size 0,0 results in no longer working g2d.drawString
    • S8142926: OutputAnalyzer’s shouldXXX() calls return this
    • S8143134: L10n resource file translation update
    • S8147077: IllegalArgumentException thrown by api/java_awt/Component/FlipBufferStrategy/indexTGF_General
    • S8148127: IllegalArgumentException thrown by JCK test api/java_awt/Component/FlipBufferStrategy/indexTGF_General in opengl pipeline
    • S8150611: Security problem on sun.misc.resources.Messages*
    • S8157653: [Parfait] Uninitialised variable in awt_Font.cpp
    • S8158734: JEditorPane.createEditorKitForContentType throws NPE after 6882559
    • S8159684: (tz) Support tzdata2016f
    • S8160934: isnan() is not available on older MSVC compilers
    • S8162411: Service Menu services 2
    • S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh failing after JDK-8155968
    • S8162511: 8u111 L10n resource file updates
    • S8162792: Remove constraint DSA keySize < 1024 from jdk.jar.disabledAlgorithms in jdk8
    • S8164452: 8u111 L10n resource file update – msgdrop 20
    • S8165816: jarsigner -verify shows jar unsigned if it was signed with a weak algorithm
    • S8166381: Back out changes to the java.security file to not disable MD5
  • Backports
    • S6604109, PR3162: javax.print.PrintServiceLookup.lookupPrintServices fails SOMETIMES for Cups
    • S6907252, PR3162: ZipFileInputStream Not Thread-Safe
    • S8024046, PR3162: Test sun/security/krb5/runNameEquals.sh failed on 7u45 Embedded linux-ppc*
    • S8028479, PR3162: runNameEquals still cannot precisely detect if a usable native krb5 is available
    • S8034057, PR3162: Files.getFileStore and Files.isWritable do not work with SUBST’ed drives (win)
    • S8038491, PR3162: Improve synchronization in ZipFile.read()
    • S8038502, PR3162: Deflater.needsInput() should use synchronization
    • S8059411, PR3162: RowSetWarning does not correctly chain warnings
    • S8062198, PR3162: Add RowSetMetaDataImpl Tests and add column range validation to isdefinitlyWritable
    • S8066188, PR3162: BaseRowSet returns the wrong default value for escape processing
    • S8072466, PR3162: Deadlock when initializing MulticastSocket and DatagramSocket
    • S8075118, PR3162: JVM stuck in infinite loop during verification
    • S8076579, PR3162: Popping a stack frame after exception breakpoint sets last method param to exception
    • S8078495, PR3162: End time checking for native TGT is wrong
    • S8078668, PR3162: jar usage string mentions unsupported option ‘-n’
    • S8080115, PR3162: (fs) Crash in libgio when calling Files.probeContentType(path) from parallel threads
    • S8081794, PR3162: ParsePosition getErrorIndex returns 0 for TimeZone parsing problem
    • S8129957, PR3162: Deadlock in JNDI LDAP implementation when closing the LDAP context
    • S8130136, PR3162: Swing window sometimes fails to repaint partially when it becomes exposed
    • S8130274, PR3162: java/nio/file/FileStore/Basic.java fails when two successive stores in an iteration are determined to be equal
    • S8132551, PR3162: Initialize local variables before returning them in p11_convert.c
    • S8133207, PR3162: [TEST_BUG] ParallelProbes.java test fails after changes for JDK-8080115
    • S8133666, PR3162: OperatingSystemMXBean reports abnormally high machine CPU consumption on Linux
    • S8135002, PR3162: Fix or remove broken links in objectMonitor.cpp comments
    • S8137121, PR3162: (fc) Infinite loop FileChannel.truncate
    • S8137230, PR3162: TEST_BUG: java/nio/channels/FileChannel/LoopingTruncate.java timed out
    • S8139373, PR3162: [TEST_BUG] java/net/MulticastSocket/MultiDead.java failed with timeout
    • S8140249, PR3162: JVM Crashing During startUp If Flight Recording is enabled
    • S8141491, PR3160, G592292: Unaligned memory access in Bits.c
    • S8144483, PR3162: One long Safepoint pause directly after each GC log rotation
    • S8149611, PR3160, G592292: Add tests for Unsafe.copySwapMemory
  • Bug fixes
    • S8078628, PR3151: Zero build fails with pre-compiled headers disabled
    • PR3128: pax-mark-vm script calls “exit -1″ which is invalid in dash
    • PR3131: PaX marking fails on filesystems which don’t support extended attributes
    • PR3135: Makefile.am rule stamps/add/tzdata-support-debug.stamp has a typo in add-tzdata dependency
    • PR3141: Pass $(CC) and $(CXX) to OpenJDK build
    • PR3166: invalid zip timestamp handling leads to error building bootstrap-javac
    • PR3202: Update infinality configure test
    • PR3212: Disable ARM32 JIT by default
  • CACAO
    • PR3136: CACAO is broken due to 2 new native methods in sun.misc.Unsafe (from S8158260)
  • JamVM
    • PR3134: JamVM is broken due to 2 new native methods in sun.misc.Unsafe (from S8158260)
  • AArch64 port
    • S8167200, PR3204: AArch64: Broken stack pointer adjustment in interpreter
    • S8168888: Port S8160591: Improve internal array handling to AArch64.
    • PR3211: AArch64 build fails with pre-compiled headers disabled

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • e5f0a14077de47a1e6bcba672042880f1cb28859468fe95570555593a28fe02b icedtea-2.6.8.tar.gz
  • 65628538255b2657b1228b534c18ffb74e52be11d1d25cf694d02f39efabf70d icedtea-2.6.8.tar.gz.sig
  • 854030ff1b580d896dbabbdb0e64dc0ef3537786285808a7b3cdfcb80520255d icedtea-2.6.8.tar.xz
  • 23336d9d5aa7256cfc267f9b86eb46b69e0439af3b479405d215f12932ebbe63 icedtea-2.6.8.tar.xz.sig

The checksums can be downloaded from:

A 2.6.8 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.8.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.8.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.8/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.2.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the October 2016 security fixes from OpenJDK 8 u111. It also adds a number of features familiar from IcedTea 2.x:

  • Support for toggling the inclusion of native (--disable-native-debuginfo) and Java (--disable-java-debuginfo) debugging information.
  • Support for splitting native debuginfo into separate files (--enable-split-debuginfo)
  • Allow linking against the system Kerberos installation in order to obtain the cache location. (--enable-system-kerberos)
  • Allow linking against the system libpcsclite at compile-time. (--enable-system-pcsc)
  • Allow linking against the system libsctp at compile-time. (--enable-system-sctp)

and introduces a number of new features:

  • Support for building without pre-compiled headers (--disable-precompiled-headers)
  • The ability to use the system cryptography policies provided by the crypto-policies package on Fedora.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.2.0 (2016-11-08)

  • Security fixes
  • New features
    • PR1370: Provide option to build without debugging
    • PR1375: Provide option to strip and link debugging info after build
    • PR1537: Handle alternative Kerberos credential cache locations
    • PR1978: Allow use of system PCSC
    • PR2445: Support system libsctp
    • PR3182: Support building without pre-compiled headers
    • PR3183: Support Fedora/RHEL system crypto policy
    • PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries
  • Import of OpenJDK 8 u102 build 14
    • S4515292: ReferenceType.isStatic() returns true for arrays
    • S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S6976636: JVM/TI test ex03t001 fails assertion
    • S7185591: jcmd-big-script.sh ERROR: could not find app’s Java pid.
    • S8017462: G1: guarantee fails with UseDynamicNumberOfGCThreads
    • S8034168: ThreadMXBean/Locks.java failed, blocked on wrong object
    • S8036006: [TESTBUG] sun/tools/native2ascii/NativeErrors.java fails: Process exit code was 0, but error was expected.
    • S8041781: Need new regression tests for PBE keys
    • S8041787: Need new regressions tests for buffer handling for PBE algorithms
    • S8043836: Need new tests for AES cipher
    • S8044199: Tests for RSA keys and key specifications
    • S8044772: TempDirTest.java still times out with -Xcomp
    • S8046339: sun.rmi.transport.DGCAckHandler leaks memory
    • S8047031: Add SocketPermission tests for legacy socket types
    • S8048052: Permission tests for setFactory
    • S8048138: Tests for JAAS callbacks
    • S8048147: Privilege tests with JAAS Subject.doAs
    • S8048356: SecureRandom default provider tests
    • S8048357: PKCS basic tests
    • S8048360: Test signed jar files
    • S8048362: Tests for doPrivileged with accomplice
    • S8048596: Tests for AEAD ciphers
    • S8048599: Tests for key wrap and unwrap operations
    • S8048603: Additional tests for MAC algorithms
    • S8048604: Tests for strong crypto ciphers
    • S8048607: Test key generation of DES and DESEDE
    • S8048610: Implement regression test for bug fix of 4686632 in JCE
    • S8048617: Tests for PKCS12 read operations
    • S8048618: Tests for PKCS12 write operations.
    • S8048619: Implement tests for converting PKCS12 keystores
    • S8048624: Tests for SealedObject
    • S8048819: Implement reliability test for DH algorithm
    • S8048820: Implement tests for SecretKeyFactory
    • S8048830: Implement tests for new functionality provided in JEP 166
    • S8049237: Need new tests for X509V3 certificates
    • S8049321: Support SHA256WithDSA in JSSE
    • S8049429: Tests for java client server communications with various TLS/SSL combinations.
    • S8049432: New tests for TLS property jdk.tls.client.protocols
    • S8049814: Additional SASL client-server tests
    • S8050281: New permission tests for JEP 140
    • S8050370: Need new regressions tests for messageDigest with DigestIOStream
    • S8050371: More MessageDigest tests
    • S8050374: More Signature tests
    • S8050427: LoginContext tests to cover JDK-4703361
    • S8050460: JAAS login/logout tests with LoginContext
    • S8050461: Tests for syntax checking of JAAS configuration file
    • S8054278: Refactor jps utility tests
    • S8055530: assert(_exits.control()->is_top() || !_gvn.type(ret_phi)->empty()) failed: return value must be well defined
    • S8055844: [TESTBUG] test/runtime/NMT/VirtualAllocCommitUncommitRecommit.java fails on Solaris Sparc due to incorrect page size being used
    • S8059677: Thread.getName() instantiates Strings
    • S8061464: A typo in CipherTestUtils test
    • S8062536: [TESTBUG] Conflicting GC combinations in jdk tests
    • S8065076: java/net/SocketPermission/SocketPermissionTest.java fails intermittently
    • S8065078: NetworkInterface.getNetworkInterfaces() triggers intermittent test failures
    • S8066871: java.lang.VerifyError: Bad local variable type – local final String
    • S8068427: Hashtable deserialization reconstitutes table with wrong capacity
    • S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210
    • S8069253: javax/net/ssl/TLS/TestJSSE.java failed on Mac
    • S8071125: Improve exception messages in URLPermission
    • S8072081: Supplementary characters are rejected in comments
    • S8072463: Remove requirement that AKID and SKID have to match when building certificate chain
    • S8072725: Provide more granular levels for GC verification
    • S8073400: Some Monospaced logical fonts have a different width
    • S8073872: Schemagen fails with StackOverflowError if element references containing class
    • S8074931: Additional tests for CertPath API
    • S8075286: Additional tests for signature algorithm OIDs and transformation string
    • S8076486: [TESTBUG] javax/security/auth/Subject/doAs/NestedActions.java fails if extra VM options are given
    • S8076545: Text size is twice bigger under Windows L&F on Win 8.1 with HiDPI display
    • S8076995: gc/ergonomics/TestDynamicNumberOfGCThreads.java failed with java.lang.RuntimeException: ‘new_active_workers’ missing from stdout/stderr
    • S8079138: Additional negative tests for XML signature processing
    • S8081512: Remove sun.invoke.anon classes, or move / co-locate them with tests
    • S8081771: ProcessTool.createJavaProcessBuilder() needs new addTestVmAndJavaOptions argument
    • S8129419: heapDumper.cpp: assert(length_in_bytes > 0) failed: nothing to copy
    • S8130150: Implement BigInteger.montgomeryMultiply intrinsic
    • S8130242: DataFlavorComparator transitivity exception
    • S8130304: Inference: NodeNotFoundException thrown with deep generic method call chain
    • S8130425: libjvm crash due to stack overflow in executables with 32k tbss/tdata
    • S8133023: ParallelGCThreads is not calculated correctly
    • S8134111: Unmarshaller unmarshalls XML element which doesn’t have the expected namespace
    • S8135259: InetAddress.getAllByName only reports “unknown error” instead of actual cause
    • S8136506: Include sun.arch.data.model as a property that can be queried by jtreg
    • S8137068: Tests added in JDK-8048604 fail to compile
    • S8139040: Fix initializations before ShouldNotReachHere() etc. and enable -Wuninitialized on linux.
    • S8139581: AWT components are not drawn after removal and addition to a container
    • S8141243: Unexpected timezone returned after parsing a date
    • S8141420: Compiler runtime entries don’t hold Klass* from being GCed
    • S8141445: Use of Solaris/SPARC M7 libadimalloc.so can generate unknown signal in hs_err file
    • S8141551: C2 can not handle returns with inccompatible interface arrays
    • S8143377: Test PKCS8Test.java fails
    • S8143647: Javac compiles method reference that allows results in an IllegalAccessError
    • S8144144: ORB destroy() leaks filedescriptors after unsuccessful connection
    • S8144593: Suppress not recognized property/feature warning messages from SAXParser
    • S8144957: Remove PICL warning message
    • S8145039: JAXB marshaller fails with ClassCastException on classes generated by xjc
    • S8145228: Java Access Bridge, getAccessibleStatesStringFromContext doesn’t wrap the call to getAccessibleRole
    • S8145388: URLConnection.guessContentTypeFromStream returns image/jpg for some JPEG images
    • S8145974: XMLStreamWriter produces invalid XML for surrogate pairs on OutputStreamWriter
    • S8146035: Windows – With LCD antialiasing, some glyphs are not rendered correctly
    • S8146192: Add test for JDK-8049321
    • S8146274: Thread spinning on WeakHashMap.getEntry() with concurrent use of nashorn
    • S8147468: Allow users to bound the size of buffers cached in the per-thread buffer caches
    • S8147645: get_ctrl_no_update() code is wrong
    • S8147807: crash in libkcms.so on linux-sparc
    • S8148379: jdk.nashorn.api.scripting spec. adjustments, clarifications
    • S8148627: RestrictTestMaxCachedBufferSize.java to 64-bit platforms
    • S8148820: Missing @since Javadoc tag in Logger.log(Level, Supplier)
    • S8148926: Call site profiling fails on braces-wrapped anonymous function
    • S8149017: Delayed provider selection broken in RSA client key exchange
    • S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks
    • S8149330: Capacity of StringBuilder should not get close to Integer.MAX_VALUE unless necessary
    • S8149334: JSON.parse(JSON.stringify([])).push(10) creates an array containing two elements
    • S8149368: [hidpi] JLabel font is twice bigger than JTextArea font on Windows 7,HiDPI, Windows L&F
    • S8149411: PKCS12KeyStore cannot extract AES Secret Keys
    • S8149417: Use final restricted flag
    • S8149450: LdapCtx.processReturnCode() throwing Null Pointer Exception
    • S8149453: [hidpi] JFileChooser does not scale properly on Windows with HiDPI display and Windows L&F
    • S8149543: range check CastII nodes should not be split through Phi
    • S8149743: JVM crash after debugger hotswap with lambdas
    • S8149744: fix testng.jar delivery in Nashorn build.xml
    • S8149915: enabling validate-annotations feature for xsd schema with annotation causes NPE
    • S8150002: Check for the validity of oop before printing it in verify_remembered_set
    • S8150470: JCK: api/xsl/conf/copy/copy19 test failure
    • S8150518: G1 GC crashes at G1CollectedHeap::do_collection_pause_at_safepoint(double)
    • S8150533: Test java/util/logging/LogManagerAppContextDeadlock.java times out intermittently.
    • S8150704: XALAN: ERROR: ‘No more DTM IDs are available’ when transforming with lots of temporary result trees
    • S8150780: Repeated offer and remove on ConcurrentLinkedQueue lead to an OutOfMemoryError
    • S8151064: com/sun/jdi/RedefineAddPrivateMethod.sh fails intermittently
    • S8151197: [TEST_BUG] Need to backport fix for test/javax/net/ssl/TLS/TestJSSE.java
    • S8151352: jdk/test/sample fails with “effective library path is outside the test suite”
    • S8151431: DateFormatSymbols triggers this.clone() in the constructor
    • S8151535: TESTBUG: java/lang/invoke/AccessControlTest.java should be modified to run with JTREG 4.1 b13
    • S8151731: Add new jtreg keywords to jdk 8
    • S8151998: VS2010 ThemeReader.cpp(758) : error C3861: ’round’: identifier not found
    • S8152927: Incorrect GPL header in StubFactoryDynamicBase.java reported
    • S8153252: SA: Hotspot build on Windows fails if make/closed folder does not exist
    • S8153531: Improve exception messaging for RSAClientKeyExchange
    • S8153641: assert(thread_state == _thread_in_native) failed: Assumed thread_in_native while heap dump
    • S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S8154304: NullpointerException at LdapReferralException.getReferralContext
    • S8154722: Test gc/ergonomics/TestDynamicNumberOfGCThreads.java fails
    • S8157078: 8u102 L10n resource file updates
    • S8157838: Personalized Windows Font Size is not taken into account in Java8u102
  • Import of OpenJDK 8 u111 build 14
    • S6882559: new JEditorPane(“text/plain”,”") fails for null context class loader
    • S8049171: Additional tests for jarsigner’s warnings
    • S8063086: Math.pow yields different results upon repeated calls
    • S8140530: Creating a VolatileImage with size 0,0 results in no longer working g2d.drawString
    • S8142926: OutputAnalyzer’s shouldXXX() calls return this
    • S8147077: IllegalArgumentException thrown by api/java_awt/Component/FlipBufferStrategy/indexTGF_General
    • S8148127: IllegalArgumentException thrown by JCK test api/java_awt/Component/FlipBufferStrategy/indexTGF_General in opengl pipeline
    • S8150611: Security problem on sun.misc.resources.Messages*
    • S8153399: Constrain AppCDS behavior (back port)
    • S8157653: [Parfait] Uninitialised variable in awt_Font.cpp
    • S8158734: JEditorPane.createEditorKitForContentType throws NPE after 6882559
    • S8158994: Service Menu services
    • S8159684: (tz) Support tzdata2016f
    • S8160904: Typo in code from 8079718 fix : enableCustomValueHanlde
    • S8160934: isnan() is not available on older MSVC compilers
    • S8161141: correct bugId for JDK-8158994 fix push
    • S8162411: Service Menu services 2
    • S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh failing after JDK-8155968
    • S8162511: 8u111 L10n resource file updates
    • S8162792: Remove constraint DSA keySize < 1024 from jdk.jar.disabledAlgorithms in jdk8
    • S8164452: 8u111 L10n resource file update – msgdrop 20
    • S8165816: jarsigner -verify shows jar unsigned if it was signed with a weak algorithm
    • S8166381: Back out changes to the java.security file to not disable MD5
  • Backports
    • S8078628, PR3208: Zero build fails with pre-compiled headers disabled
    • S8141491, PR3159, G592292: Unaligned memory access in Bits.c
    • S8157306, PR3121: Random infrequent null pointer exceptions in javac (enabled on AArch64 only)
    • S8162384, PR3122: Performance regression: bimorphic inlining may be bypassed by type speculation
  • Bug fixes
    • PR3123: Some object files built without -fPIC on x86 only
    • PR3126: pax-mark-vm script calls “exit -1″ which is invalid in dash
    • PR3127, G590348: Only apply PaX markings by default on running PaX kernels
    • PR3199: Invalid nashorn URL
    • PR3201: Update infinality configure test
    • PR3218: PR3159 leads to build failure on clean tree
  • AArch64 port
    • S8131779, PR3220: AARCH64: add Montgomery multiply intrinsic
    • S8167200, PR3220: AArch64: Broken stack pointer adjustment in interpreter
    • S8167421, PR3220: AArch64: in one core system, fatal error: Illegal threadstate encountered
    • S8167595, PR3220: AArch64: SEGV in stub code cipherBlockChaining_decryptAESCrypt
    • S8168888, PR3220: Port 8160591: Improve internal array handling to AArch64.
  • Shenandoah
    • PR3224: Shenandoah broken when building without pre-compiled headers

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 88cc563d5cf4d7d0e8a394800ba580c922c5703dded4922551eb1a2425010b86 icedtea-3.2.0.tar.gz
  • 4cfd6876c99e5717b604e70460006e869ca77dea43fb97b3a697a2deb389b066 icedtea-3.2.0.tar.gz.sig
  • f2a197734cc1f820f14a6ba0aef0f198c24c77e9f026d14ddf185b684b178f80 icedtea-3.2.0.tar.xz
  • b92db947d9ba1b71c917bb16d7a312d1b01c1d99682a6b476c8302f9d2a981ae icedtea-3.2.0.tar.xz.sig

The checksums can be downloaded from:

A 3.2.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.2.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.2.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.2.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the July 2016 security fixes from OpenJDK 6 b40.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.12 (2016-08-24)

  • Security fixes
  • Import of OpenJDK6 b40
    • S6496269: Many warnings generated from com/sun/java/util/jar/pack/*.cpp when compiled on Linux
    • S6522789: [zh_CN] translation of “enclosing class” in doclet is incorrect
    • S6575373: Error verifying signatures of pack200 files in some cases [TEST ONLY]
    • S6579775: l10n update after 6212566
    • S6600143: Remove another 450 unnecessary casts
    • S6611629: Avoid hardcoded cygwin paths for memory detection
    • S6690018: RSAClientKeyExchange NullPointerException
    • S6712743: pack200: should default to 150.7 pack format for classfiles without any classes.
    • S6714842: CertPathBuilder returns incorrect CertPath for BasicConstraints in builderParams
    • S6726309: Compiler warnings in nio code
    • S6727683: Cleanup use of COMPILER_WARNINGS_FATAL in makefiles
    • S6755847: (launcher) will trigger assertions in debug build
    • S6852744: PIT b61: PKI test suite fails because self signed certificates are being rejected
    • S6858127: Missing -DNDEBUG on Linux and Windows native code compiles
    • S6864028: Update the java launcher to use the new entry point JVM_FindClassFromBootLoader
    • S6875904: Java 7 message synchronization 1
    • S6882437: CertPath/X509CertPathDiscovery/Test fails on jdk7/pit/b62
    • S6888127: java.util.jar.Pack200.Packer Memory Leak
    • S6888925: SunMSCAPI’s Cipher can’t use RSA public keys obtained from other sources.
    • S6889552: Sun provider should not require LDAP CertStore to be present
    • S6941936: Broken pipe error of test case DNSIdentities.java [Test only]
    • S6951599: Rename package of security tools for modularization
    • S6953295: Move few sun.security.{util, x509, pkcs} classes used by keytool/jarsigner to another package
    • S6958026: Problem with PKCS12 keystore
    • S6966737: (pack200) the pack200 regression tests need to be more robust.
    • S6982312: (pack200) pack200 fails with the jdk7 class files
    • S6985763: Pack200.Packer.pack(…) and Pack200.Unpacker.unpack(…) throw unspecified exceptions
    • S6990106: FindBugs scan – Malicious code vulnerability Warnings in com.sun.java.util.jar.pack.*
    • S6994413: JDK_GetVersionInfo0 only expects a two digit build number
    • S7000752: Duplicate entry in RowSetResourceBundles.properties
    • S7001094: Can’t initialize SunPKCS11 more times than PKCS11 driver maxSessionCount
    • S7003227: (pack200) intermittent failures compiling pack200
    • S7004706: l10n of 7000752 Duplicate entry in RowSetResourceBundles.properties
    • S7006704: (pack200) add missing file for 6990106
    • S7011497: Improve trust anchor searching method during cert path validation
    • S7017734: jdk7 message drop 1 translation integration
    • S7023416: (pack200) fix parfait issues
    • S7029680: fix test/sun/misc/Version/Version.java build parsing
    • S7038175: Expired PKITS certificates causing CertPathBuilder and CertPathValidator regression test failures
    • S7050826, PR2956, RH1334465: Hebrew characters are not rendered on OEL 5.6
    • S7055363: jdk_security3 test target cleanup
    • S7060849: Eliminate pack200 build warnings
    • S7064075: Security libraries don’t build with javac -Xlint:all,-deprecation -Werror
    • S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertiticates.java failing
    • S7092825: javax.crypto.Cipher.Transform.patternCache is synchronizedMap and became scalability bottleneck.
    • S7105780: Add SSLSocket client/SSLEngine server to templates directory
    • S7107613: scalability blocker in javax.crypto.CryptoPermissions
    • S7107616: scalability blocker in javax.crypto.JceSecurityManager
    • S7109274: Restrict the use of certificates with RSA keys less than 1024 bits
    • S7129083: CookieManager does not store cookies if url is read before setting cookie manager
    • S7152582: PKCS11 tests should use the NSS libraries available in the OS
    • S7166955: (pack200) JNI_GetCreatedJavaVMs needs additional checking
    • S7196855: autotest.sh fails on ubuntu because libsoftokn.so not found
    • S7200682: TEST_BUG: keytool/autotest.sh still has problems with libsoftokn.so
    • S8002306: (se) Selector.open fails if invoked with thread interrupt status set [win]
    • S8009634: TEST_BUG: sun/misc/Version/Version.java handle 2 digit minor in VM version
    • S8010166: TEST_BUG: fix for 8009634 overlooks possible version strings (sun/misc/Version/Version.java)
    • S8013228: Create new system properties to control allowable OCSP clock skew and CRL connection timeout
    • S8019341: Update CookieHttpsClientTest to use the newer framework.
    • S8022228: Intermittent test failures in sun/security/ssl/javax/net/ssl/NewAPIs
    • S8022594: Potential deadlock in <clinit> of sun.nio.ch.Util/IOUtil
    • S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
    • S8026794: Test tools/pack200/TimeStamp.java fails while opening golden.jar.native.IST on linux-ppc(v2)
    • S8027026: Change keytool -genkeypair to use -keyalg RSA
    • S8029177: [Parfait] warnings from b117 for jdk.src.share.native.com.sun.java.util.jar: JNI exception pending
    • S8029646: [pack200] should support the new zip64 format.
    • S8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
    • S8037557: test SessionCacheSizeTests.java timeout
    • S8074839: Resolve disabled warnings for libunpack and the unpack200 binary
    • S8079410: Hotspot version to share the same update and build version from JDK
    • S8130735: javax.swing.TimerQueue: timer fires late when another timer starts
    • S8139436: sun.security.mscapi.KeyStore might load incomplete data
    • S8140344: add support for 3 digit update release numbers
    • S8144313: Test SessionTimeOutTests can be timeout
    • S8145017: Add support for 3 digit hotspot minor version numbers
    • S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed out
    • S8146669: Test SessionTimeOutTests fails intermittently
    • S8146993: Several javax/management/remote/mandatory regression tests fail after JDK-8138811
    • S8147857: [TEST] RMIConnector logs attribute names incorrectly
    • S8151841, PR3099: Build needs additional flags to compile with GCC 6
    • S8151876: (tz) Support tzdata2016d
    • S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow not known.
    • S8162344: The API changes made by CR 7064075 need to be reverted
    • S8162818: Sync src/share/native/com/sun/media code with OpenJDK 7
    • S8162828: Sync imageioJPEG.c with initial OpenJDK 7 version
    • S8163022, PR2954: Remove @Override annotation on interfaces added by 2016/04 security fixes
    • S8164181: Remove @Override annotation on interfaces added by 2016/07 security fixes
    • S8164426: Normalise whitespace in src/share/classes/com/sun/java/util/jar/pack
    • S8164554: test/sun/security/provider/certpath/X509CertPath/IllegalCertiticates.java still failing
    • S8164555: pack200: Leave ZipFile open on exceptions
  • Backports
    • S2178143, PR2959: JVM crashes if the number of bound CPUs changed during runtime
    • S6260348, PR3068: GTK+ L&F JTextComponent not respecting desktop caret blink rate
    • S6961123, PR2975: setWMClass fails to null-terminate WM_CLASS string
  • Bug fixes
    • PR2800: Files are missing from resources.jar
    • PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
    • PR2961: Latest security update broke bundled LCMS2 build
    • PR2962: System default check doesn’t match all GNU/Linux systems
    • PR2969: ENABLE_SYSTEM_LCMS is not defined if ENABLE_LCMS2 is not set
    • PR3092: SystemTap is heavily confused by multiple JDKs
    • PR3117: Add tests for Java debug info and source files
    • PR3129: pax-mark-vm script calls “exit -1″ which is invalid in dash
    • PR3130: Avoid giving PAX_COMMAND a value if no PaX utility is available
    • PR3132: PaX marking fails on filesystems which don’t support extended attributes
    • PR3137: GTKLookAndFeel does not honor gtk-alternative-button-order
    • PR3140: Pass $(CC) and $(CXX) to OpenJDK build
    • PR3142: Don’t assume system mime.types supports text/x-java-source
    • PR3144: Test subdirectory of build tree not emptied

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • c5880dcac39e144e9097f83589da694d20f48ba834825b387384b1ddbc2d5b14 icedtea6-1.13.12.tar.gz
  • afe43d51211a58be90e5d1dfd416b57d075a590ea1db008bf6d2a98cf79d57e1 icedtea6-1.13.12.tar.gz.sig
  • 48d66845f43361eee804210c5ba1cb54e7393f83181bc9dbe048e2df46c5b1e0 icedtea6-1.13.12.tar.xz
  • b8f0b1a8f7d917b79dc70ce7aa1bbde4e265dad9165d6a38a56576e1fb93055a icedtea6-1.13.12.tar.xz.sig

The checksums can be downloaded from:

A 1.13.12 ebuild for Gentoo is available.

The following people helped with these releases:

  • Andrew Hughes (all backports and bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.12.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.12.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.12/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the July 2016 security fixes from OpenJDK 7 u111.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.7 (2016-07-28)

  • Security fixes
  • Import of OpenJDK 7 u111 build 0
    • S6953295: Move few sun.security.{util, x509, pkcs} classes used by keytool/jarsigner to another package
    • S7060849: Eliminate pack200 build warnings
    • S7064075: Security libraries don’t build with javac -Xlint:all,-deprecation -Werror
    • S7069870: Parts of the JDK erroneously rely on generic array initializers with diamond
    • S7102686: Restructure timestamp code so that jars and modules can more easily share the same code
    • S7105780: Add SSLSocket client/SSLEngine server to templates directory
    • S7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done
    • S7152582: PKCS11 tests should use the NSS libraries available in the OS
    • S7192202: Make sure keytool prints both unknown and unparseable extensions
    • S7194449: String resources for Key Tool and Policy Tool should be in their respective packages
    • S7196855: autotest.sh fails on ubuntu because libsoftokn.so not found
    • S7200682: TEST_BUG: keytool/autotest.sh still has problems with libsoftokn.so
    • S8002306: (se) Selector.open fails if invoked with thread interrupt status set [win]
    • S8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as defined in RFC3161
    • S8019341: Update CookieHttpsClientTest to use the newer framework.
    • S8022228: Intermittent test failures in sun/security/ssl/javax/net/ssl/NewAPIs
    • S8022439: Fix lint warnings in sun.security.ec
    • S8022594: Potential deadlock in <clinit> of sun.nio.ch.Util/IOUtil
    • S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
    • S8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
    • S8037557: test SessionCacheSizeTests.java timeout
    • S8038837: Add support to jarsigner for specifying timestamp hash algorithm
    • S8079410: Hotspot version to share the same update and build version from JDK
    • S8130735: javax.swing.TimerQueue: timer fires late when another timer starts
    • S8139436: sun.security.mscapi.KeyStore might load incomplete data
    • S8144313: Test SessionTimeOutTests can be timeout
    • S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed out
    • S8146669: Test SessionTimeOutTests fails intermittently
    • S8146993: Several javax/management/remote/mandatory regression tests fail after JDK-8138811
    • S8147857: [TEST] RMIConnector logs attribute names incorrectly
    • S8151841, PR3098: Build needs additional flags to compile with GCC 6
    • S8151876: (tz) Support tzdata2016d
    • S8157077: 8u101 L10n resource file updates
    • S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow not known.
  • Import of OpenJDK 7 u111 build 1
    • S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java failing
    • S8140344: add support for 3 digit update release numbers
    • S8145017: Add support for 3 digit hotspot minor version numbers
    • S8162344: The API changes made by CR 7064075 need to be reverted
  • Backports
    • S2178143, PR2958: JVM crashes if the number of bound CPUs changed during runtime
    • S4900206, PR3101: Include worst-case rounding tests for Math library functions
    • S6260348, PR3067: GTK+ L&F JTextComponent not respecting desktop caret blink rate
    • S6934604, PR3075: enable parts of EliminateAutoBox by default
    • S7043064, PR3020: sun/java2d/cmm/ tests failed against RI b141 & b138-nightly
    • S7051394, PR3020: NullPointerException when running regression tests LoadProfileTest by using openjdk-7-b144
    • S7086015, PR3013: fix test/tools/javac/parser/netbeans/JavacParserTest.java
    • S7119487, PR3013: JavacParserTest.java test fails on Windows platforms
    • S7124245, PR3020: [lcms] ColorConvertOp to color space CS_GRAY apparently converts orange to 244,244,0
    • S7159445, PR3013: (javac) emits inaccurate diagnostics for enhanced for-loops
    • S7175845, PR1437, RH1207129: ‘jar uf’ changes file permissions unexpectedly
    • S8005402, PR3020: Need to provide benchmarks for color management
    • S8005530, PR3020: [lcms] Improve performance of ColorConverOp for default destinations
    • S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not transferred from source to destination.
    • S8013430, PR3020: REGRESSION: closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java fails with java.io.StreamCorruptedException: invalid type code: EE since 8b87
    • S8014286, PR3075: failed java/lang/Math/DivModTests.java after 6934604 changes
    • S8014959, PR3075: assert(Compile::current()->live_nodes() < (uint)MaxNodeLimit) failed: Live Node limit exceeded limit
    • S8019247, PR3075: SIGSEGV in compiled method c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object
    • S8024511, PR3020: Crash during color profile destruction
    • S8025429, PR3020: [parfait] warnings from b107 for sun.java2d.cmm: JNI exception pending
    • S8026702, PR3020: Fix for 8025429 breaks jdk build on windows
    • S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for Java_awt test suit
    • S8047066, PR3020: Test test/sun/awt/image/bug8038000.java fails with ClassCastException
    • S8069181, PR3012, RH1015612: java.lang.AssertionError when compiling JDK 1.4 code in JDK 8
    • S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt can lead to the generation of illegal instructions
    • S8159244, PR3075: Partially initialized string object created by C2′s string concat optimization may escape
  • Bug fixes
    • PR2799, RH1195203: Files are missing from resources.jar
    • PR2900: Don’t use WithSeed versions of NSS functions as they don’t fully process the seed
    • PR3091: SystemTap is heavily confused by multiple JDKs
    • PR3102: Extend 8022594 to AixPollPort
    • PR3103: Handle case in clean-fonts where linux.fontconfig.Gentoo.properties.old has not been created
    • PR3111: Provide option to disable SystemTap tests
    • PR3114: Don’t assume system mime.types supports text/x-java-source
    • PR3115: Add check for elliptic curve cryptography implementation
    • PR3116: Add tests for Java debug info and source files
    • PR3118: Path to agpl-3.0.txt not updated
    • PR3119: Makefile handles cacerts as a symlink, but the configure check doesn’t
  • AArch64 port
    • S8148328, PR3100: aarch64: redundant lsr instructions in stub code.
    • S8148783, PR3100: aarch64: SEGV running SpecJBB2013
    • S8148948, PR3100: aarch64: generate_copy_longs calls align() incorrectly
    • S8150045, PR3100: arraycopy causes segfaults in SATB during garbage collection
    • S8154537, PR3100: AArch64: some integer rotate instructions are never emitted
    • S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads in wrong mode
    • S8157906, PR3100: aarch64: some more integer rotate instructions are never emitted

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • d6d92e9b20e321d51b2f428868b6de3d3ebc2b4eedde19e5cf2e2452da6d0fde icedtea-2.6.6.tar.gz
  • 765e3dfbaa5eef6fccd9cc53c153681ad2c70384b31fe3691e44709dbeeae3d2 icedtea-2.6.6.tar.gz.sig
  • 79949744436158d9ded3a758c22da7629f843ea3913afdffc65ea0f1a26d544a icedtea-2.6.6.tar.xz
  • a8049026f7b7f8503ce7ff25c28b822e97cce5c495fdaa0c9b734315d99596bd icedtea-2.6.6.tar.xz.sig

The checksums can be downloaded from:

A 2.6.7 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.7.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.7.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.7/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

We are pleased to announce the release of IcedTea 3.1.0!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support with the July 2016 security fixes from OpenJDK 8 u101. It also introduces a number of new features:

  • Gtk+3 support has been backported from OpenJDK 9. The particular version to use can be explicitly requested using -Djdk.gtk.version.
  • Headless builds are now supported by passing --enable-headless.
  • Builds on x86_64 can include the Shenandoah ultra-low pause time garbage collector if --with-hotspot-build=shenandoah is passed. The garbage collector is used at runtime by specifying -XX:+UseShenandoahGC
  • Use of the infinality support in fontconfig/FreeType has been forward-ported from IcedTea 2.x.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.1.0 (2016-07-25)

  • Security fixes
  • New features
    • S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3 on Linux
    • PR2821: Support building OpenJDK with –disable-headful
    • PR2931, G478960: Provide Infinality Support via fontconfig
    • PR3079: Provide option to build Shenandoah on x86_64
  • Import of OpenJDK 8 u92 build 14
    • S6869327: Add new C2 flag to keep safepoints in counted loops.
    • S8022865: [TESTBUG] Compressed Oops testing needs to be revised
    • S8029630: Thread id should be displayed as a hex number in error report
    • S8029726: On OS X some dtrace probe names are mismatched with Solaris
    • S8029727: On OS X dtrace probes Call<type>MethodA/Call<type>MethodV are not fired.
    • S8029728: On OS X dtrace probes SetStaticBooleanField are not fired
    • S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
    • S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
    • S8041501: ImageIO reader is not capable of reading JPEGs without JFIF header
    • S8041900: [macosx] Java forces the use of discrete GPU
    • S8044363: Remove special build options for unpack200 executable
    • S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value for hotspot ARCH
    • S8046611: Build errors with gcc on sparc/fastdebug
    • S8047763: Recognize sparc64 as a sparc platform
    • S8048232: Fix for 8046471 breaks PPC64 build
    • S8052396: Catch exceptions resulting from missing font cmap
    • S8058563: InstanceKlass::_dependencies list isn’t cleared from empty nmethodBucket entries
    • S8061624: [TESTBUG] Some tests cannot be ran under compact profiles and therefore shall be excluded
    • S8062901: Iterators is spelled incorrectly in the Javadoc for Spliterator
    • S8064330: Remove SHA224 from the default support list if SunMSCAPI enabled
    • S8065579: WB method to start G1 concurrent mark cycle should be introduced
    • S8065986: Compiler fails to NullPointerException when calling super with Object<>()
    • S8066974: Compiler doesn’t infer method’s generic type information in lambda body
    • S8067800: Clarify java.time.chrono.Chronology.isLeapYear for out of range years
    • S8068033: JNI exception pending in jdk/src/share/bin/java.c
    • S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c for JNI pending
    • S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed: OLD and/or OBSOLETE method(s) found
    • S8068254: Method reference uses wrong qualifying type
    • S8074696: Remote debugging session hangs for several minutes when calling findBootType
    • S8074935: jdk8 keytool doesn’t validate pem files for RFC 1421 correctness, as jdk7 did
    • S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java relies on system locale
    • S8080492: [Parfait] Uninitialised variable in jdk/src/java/desktop/windows/native/libawt/
    • S8080650: Enable stubs to use frame pointers correctly
    • S8122944: perfdata used is seen as too high on sparc zone with jdk1.9 and causes a test failure
    • S8129348: Debugger hangs in trace mode with TRACE_SENDS
    • S8129847: Compiling methods generated by Nashorn triggers high memory usage in C2
    • S8130506: javac AssertionError when invoking MethodHandle.invoke with lambda parameter
    • S8130910: hsperfdata file is created in wrong directory and not cleaned up if /tmp/hsperfdata_<username> has wrong permissions
    • S8131129: Attempt to define a duplicate BMH$Species class
    • S8131665: Bad exception message in HandshakeHash.getFinishedHash
    • S8131782: C1 Class.cast optimization breaks when Class is loaded from static final
    • S8132503: [macosx] Chinese full stop symbol cannot be entered with Pinyin IM on OS X
    • S8133207: ParallelProbes.java test fails after changes for JDK-8080115
    • S8133924: NPE may be thrown when xsltc select a non-existing node after JDK-8062518
    • S8134007: Improve string folding
    • S8134759: jdb: Incorrect stepping inside finally block
    • S8134963: [Newtest] New stress test for changing the coarseness level of G1 remembered set
    • S8136442: Don’t tie Certificate signature algorithms to ciphersuites
    • S8137106: EUDC (End User Defined Characters) are not displayed on Windows with Java 8u60+
    • S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory in HotSpot
    • S8138764: In some cases the usage of TreeLock can be replaced by other synchronization
    • S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java failed with timeout
    • S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc] void InstanceKlass::oop_oop_iterate_oop_maps_specialized<true,oopDesc*,MarkAndPushClosure>
    • S8139436: sun.security.mscapi.KeyStore might load incomplete data
    • S8139751: Javac crash with -XDallowStringFolding=false
    • S8139863: [TESTBUG] Need to port tests for JDK-8134903 to 8u-dev
    • S8139985: JNI exception pending in jdk/src/jdk/hprof/agent/share/native/libhprof
    • S8140031: SA: Searching for a value in Threads does not work
    • S8140249: JVM Crashing During startUp If Flight Recording is enabled
    • S8140344: add support for 3 digit update release numbers
    • S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check
    • S8141260: isReachable crash in windows xp
    • S8143297: Nashorn compilation time reported in nanoseconds
    • S8143397: It looks like InetAddress.isReachable(timeout) works incorrectly
    • S8143855: Bad printf formatting in frame_zero.cpp
    • S8143896: java.lang.Long is implicitly converted to double
    • S8143963: improve ClassLoader::trace_class_path to accept an additional outputStream* arg
    • S8144020: Remove long as an internal numeric type
    • S8144131: ArrayData.getInt implementations do not convert to int32
    • S8144483: One long Safepoint pause directly after each GC log rotation
    • S8144487: PhaseIdealLoop::build_and_optimize() must restore major_progress flag if skip_loop_opts is true
    • S8144885: agent/src/os/linux/libproc.h needs to support Linux/SPARC builds
    • S8144935: C2: safepoint is pruned from a non-counted loop
    • S8144937: [TEST_BUG] testlibrary_tests should be excluded for compact1 and compact2 execution
    • S8145017: Add support for 3 digit hotspot minor version numbers
    • S8145099: Better error message when SA can’t attach to a process
    • S8145442: Add the facility to verify remembered sets for G1
    • S8145466: javac: No line numbers in compilation error
    • S8145539: (coll) AbstractMap.keySet and .values should not be volatile
    • S8145550: Megamorphic invoke should use CompiledFunction variants without any LinkLogic
    • S8145669: apply2call optimized callsite fails after becoming megamorphic
    • S8145722: NullPointerException in javadoc
    • S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not match AddI
    • S8146147: Java linker indexed property getter does not work for computed nashorn string
    • S8146566: OpenJDK build can’t handle commas in LDFLAGS
    • S8146725: Issues with SignatureAndHashAlgorithm.getSupportedAlgorithms
    • S8146979: Backport of 8046471 breaks ppc64 build in jdk8u because 8072383 was badly backported before
    • S8147087: Race when reusing PerRegionTable bitmaps may result in dropped remembered set entries
    • S8147630: Wrong test result pushed to 8u-dev
    • S8147845: Varargs Array functions still leaking longs
    • S8147857: RMIConnector logs attribute names incorrectly
    • S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC
    • S8150791: 8u76 L10n resource file translation update
  • Import of OpenJDK 8 u101 build 13
    • S6483657: MSCAPI provider does not create unique alias names
    • S6675699: need comprehensive fix for unconstrained ConvI2L with narrowed type
    • S8037557: test SessionCacheSizeTests.java timeout
    • S8038837: Add support to jarsigner for specifying timestamp hash algorithm
    • S8081778: Use Intel x64 CPU instructions for RSA acceleration
    • S8130150: Implement BigInteger.montgomeryMultiply intrinsic
    • S8130735: javax.swing.TimerQueue: timer fires late when another timer starts
    • S8143913: MSCAPI keystore should accept Certificate[] in setEntry()
    • S8144313: Test SessionTimeOutTests can be timeout
    • S8146240: Three nashorn files contain “GNU General Public License” header
    • S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed out
    • S8146669: Test SessionTimeOutTests fails intermittently
    • S8146993: Several javax/management/remote/mandatory regression tests fail after JDK-8138811
    • S8147994: [macosx] JScrollPane jitters up/down during trackpad scrolling on MacOS/Aqua
    • S8151522: Disable 8130150 and 8081778 intrinsics by default
    • S8151876: (tz) Support tzdata2016d
    • S8152098: Fix 8151522 caused test compiler/intrinsics/squaretolen/TestSquareToLen.java to fail
    • S8157077: 8u101 L10n resource file updates
  • Backports
    • S6260348, PR3066: GTK+ L&F JTextComponent not respecting desktop caret blink rate
    • S6778087, PR1061: getLocationOnScreen() always returns (0, 0) for mouse wheel events
    • S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS string
    • S8008657, PR3077: JSpinner setComponentOrientation doesn’t affect on text orientation
    • S8014212, PR2866: Robot captures black screen
    • S8029339, PR1061: Custom MultiResolution image support on HiDPI displays
    • S8031145, PR3077: Re-examine closed i18n tests to see it they can be moved to the jdk repository.
    • S8034856, PR3095: gcc warnings compiling src/solaris/native/sun/security/pkcs11
    • S8034857, PR3095: gcc warnings compiling src/solaris/native/sun/management
    • S8035054, PR3095: JarFacade.c should not include ctype.h
    • S8035287, PR3095: gcc warnings compiling various libraries files
    • S8038631, PR3077: Create wrapper for awt.Robot with additional functionality
    • S8039279, PR3077: Move awt tests to openjdk repository
    • S8041561, PR3077: Inconsistent opacity behaviour between JCheckBox and JRadioButton
    • S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests to jdk
    • S8041915, PR3077: Move 8 awt tests to OpenJDK regression tests tree
    • S8043126, PR3077: move awt automated functional tests from AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository
    • S8043131, PR3077: Move ShapedAndTranslucentWindows and GC functional AWT tests to regression tree
    • S8044157, PR3077: [TEST_BUG] Improve recently submitted AWT_Mixing tests
    • S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and AltPlusNumberKeyCombinationsTest to jdk
    • S8044429, PR3077: move awt automated tests for AWT_Modality to OpenJDK repository
    • S8044762, PR2960: com/sun/jdi/OptionTest.java test time out
    • S8044765, PR3077: Move functional tests AWT_SystemTray/Automated to openjdk repository
    • S8047180, PR3077: Move functional tests AWT_Headless/Automated to OpenJDK repository
    • S8047367, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 2
    • S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional tests to OpenJDK
    • S8049226, PR2960: com/sun/jdi/OptionTest.java test times out again
    • S8049617, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 3
    • S8049694, PR3077: Migrate functional AWT_DesktopProperties/Automated tests to OpenJDK
    • S8050885, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 4
    • S8051440, PR3077: move tests about maximizing undecorated to OpenJDK
    • S8052012, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 5
    • S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3 of 3)
    • S8053657, PR3077: [TEST_BUG] move some 5 tests related to undecorated Frame/JFrame to JDK
    • S8054143, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 6
    • S8054358, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 7
    • S8054359, PR3077: move awt automated tests from AWT_Modality to OpenJDK repository – part 8
    • S8055360, PR3077: Move the rest part of AWT ShapedAndTranslucent tests to OpenJDK
    • S8055664, PR3077: move 14 tests about setLocationRelativeTo to jdk
    • S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK repository – part 9
    • S8056911, PR3077: Remove internal API usage from ExtendedRobot class
    • S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK repository – part 10
    • S8058959, PR1061: closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwiceTest.java failed automatically
    • S8062606, PR3077: Fix a typo in java.awt.Robot class
    • S8063102, PR3077: Change open awt regression tests to avoid sun.awt.SunToolkit.realSync, part 1
    • S8063104, PR3077: Change open awt regression tests to avoid sun.awt.SunToolkit.realSync, part 2
    • S8063106, PR3077: Change open swing regression tests to avoid sun.awt.SunToolkit.realSync, part 1
    • S8063107, PR3077: Change open swing regression tests to avoid sun.awt.SunToolkit.realSync, part 2
    • S8064573, PR3077: [TEST_BUG] javax/swing/text/AbstractDocument/6968363/Test6968363.java is asocial pressing VK_LEFT and not releasing
    • S8064575, PR3077: [TEST_BUG] javax/swing/JEditorPane/6917744/bug6917744.java 100 times press keys and never releases
    • S8064809, PR3077: [TEST_BUG] javax/swing/JComboBox/4199622/bug4199622.java contains a lot of keyPress and not a single keyRelease
    • S8067441, PR3077: Some tests fails with error: cannot find symbol getSystemMnemonicKeyCodes()
    • S8068228, PR3077: Test closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest fails with GTKLookAndFeel
    • S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not include scale factor
    • S8073320, PR1061: Windows HiDPI Graphics support
    • S8074807, PR3077: Fix some tests unnecessary using internal API
    • S8076315, PR3077: move 4 manual functional swing tests to regression suite
    • S8078504, PR3094: Zero lacks declaration of VM_Version::initialize()
    • S8129822, PR3077: Define “headful” jtreg keyword
    • S8132123, PR1061: MultiResolutionCachedImage unnecessarily creates base image to get its size
    • S8133539, PR1061: [TEST_BUG] Split java/awt/image/MultiResolutionImageTest.java in two to allow restricted access
    • S8137571, PR1061: Linux HiDPI Graphics support
    • S8142406, PR1061: [TEST] MultiResolution image: need test to cover the case when @2x image is corrupted
    • S8145188, PR2945: No LocalVariableTable generated for the entire JDK
    • S8150258, PR1061: [TEST] HiDPI: create a test for multiresolution menu items icons
    • S8150724, PR1061: [TEST] HiDPI: create a test for multiresolution icons
    • S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should be taken into account for OS X
    • S8151841, PR2882: Build needs additional flags to compile with GCC 6 [plus parts of 8149647 & 8032045]
    • S8155613, PR1061: [PIT] crash in AWT_Desktop/Automated/Exceptions/BasicTest
    • S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD incorrectly
    • S8156128, PR1061: Tests for [AWT/Swing] Conditional support for GTK 3 on Linux
    • S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt can lead to the generation of illegal instructions
    • S8159244, PR3074: Partially initialized string object created by C2′s string concat optimization may escape
    • S8159690, PR3077: [TESTBUG] Mark headful tests with @key headful.
    • S8160294, PR2882, PR3095: Some client libraries cannot be built with GCC 6
  • Bug fixes
    • PR1958: GTKLookAndFeel does not honor gtk-alternative-button-order
    • PR2822: Feed LIBS & CFLAGS into configure rather than make to avoid re-discovery by OpenJDK configure
    • PR2932: Support ccache in a non-automagic manner
    • PR2933: Support ccache 3.2 and later
    • PR2964: Set system defaults based on OS
    • PR2974, RH1337583: PKCS#10 certificate requests now use CRLF line endings rather than system line endings
    • PR3078: Remove duplicated line dating back to 6788347 and 6894807
    • PR3083, RH1346460: Regression in SSL debug output without an ECC provider
    • PR3089: Remove old memory limits patch
    • PR3090, RH1204159: SystemTap is heavily confused by multiple JDKs
    • PR3095: Fix warnings in URLClassPath.c
    • PR3096: Remove dead –disable-optimizations option
    • PR3105: Use version from hotspot.map to create tarball filename
    • PR3106: Handle both correctly-spelt property “enableCustomValueHandler” introduced by S8079718 and typo version
    • PR3108: Shenandoah patches not included in release tarball
    • PR3110: Update hotspot.map documentation in INSTALL
  • AArch64 port
    • S8145320, PR3078: Create unsafe_arraycopy and generic_arraycopy for AArch64
    • S8148328, PR3078: aarch64: redundant lsr instructions in stub code.
    • S8148783, PR3078: aarch64: SEGV running SpecJBB2013
    • S8148948, PR3078: aarch64: generate_copy_longs calls align() incorrectly
    • S8149080, PR3078: AArch64: Recognise disjoint array copy in stub code
    • S8149365, PR3078: aarch64: memory copy does not prefetch on backwards copy
    • S8149907, PR3078: aarch64: use load/store pair instructions in call_stub
    • S8150038, PR3078: aarch64: make use of CBZ and CBNZ when comparing narrow pointer with zero
    • S8150045, PR3078: arraycopy causes segfaults in SATB during garbage collection
    • S8150082, PR3078: aarch64: optimise small array copy
    • S8150229, PR3078: aarch64: pipeline class for several instructions is not set correctly
    • S8150313, PR3078: aarch64: optimise array copy using SIMD instructions
    • S8150394, PR3078: aarch64: add support for 8.1 LSE CAS instructions
    • S8151340, PR3078: aarch64: prefetch the destination word for write prior to ldxr/stxr loops.
    • S8151502, PR3078: optimize pd_disjoint_words and pd_conjoint_words
    • S8151775, PR3078: aarch64: add support for 8.1 LSE atomic operations
    • S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when comparing unsigned values with zero.
    • S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub routine
    • S8153713, PR3078: aarch64: improve short array clearing using store pair
    • S8153797, PR3078: aarch64: Add Arrays.fill stub code
    • S8154537, PR3078: AArch64: some integer rotate instructions are never emitted
    • S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads in wrong mode
    • S8155015, PR3078: Aarch64: bad assert in spill generation code
    • S8155100, PR3078: AArch64: Relax alignment requirement for byte_map_base
    • S8155612, PR3078: Aarch64: vector nodes need to support misaligned offset
    • S8155617, PR3078: aarch64: ClearArray does not use DC ZVA
    • S8155653, PR3078: TestVectorUnalignedOffset.java not pushed with 8155612
    • S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails due to _generic_arraycopy stub routine
    • S8157841, PR3078: aarch64: prefetch ignores cache line size
    • S8157906, PR3078: aarch64: some more integer rotate instructions are never emitted
    • S8158913, PR3078: aarch64: SEGV running Spark terasort
    • S8159052, PR3078: aarch64: optimise unaligned copies in pd_disjoint_words and pd_conjoint_words
    • S8159063, PR3078: aarch64: optimise unaligned array copy long
    • PR3078: Cleanup remaining differences from aarch64/jdk8u tree

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 694477835af753d59b5f03f4939a6015d7d4a00e5e5bb3d5c9e3e5186d3163e1 icedtea-3.1.0.tar.gz
  • ab2a540812ed7be2b5c6dfe26e4f5c1789aef921468fef6b0ef1322767de3741 icedtea-3.1.0.tar.gz.sig
  • 75616641ad6d8437124c32fed3fadddac67b14bba26757e15f6c2f69149233b4 icedtea-3.1.0.tar.xz
  • 4abef25de9618bc8a9f53b25f676fff80127c766f248b95e9c91861028a9607b icedtea-3.1.0.tar.xz.sig

The checksums can be downloaded from:

A 3.1.0 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.1.0.tar.gz

or:

$ tar x -I xz -f icedtea-3.1.0.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.1.0/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the April 2016 security fixes.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.11 (2016-05-04)

  • Security fixes
  • Import of OpenJDK6 b38
    • S4459600: java -jar fails to run Main-Class if classname followed by whitespace.
    • S6378099: RFE: Use libfontconfig to create/synthesise a fontconfig.properties
    • S6452854: Provide a flag to print the java configuration
    • S6742159: (launcher) improve the java launching mechanism
    • S6752622: java.awt.Font.getPeer throws “java.lang.InternalError: Not implemented” on Linux
    • S6758881: (launcher) needs to throw NoClassDefFoundError instead of JavaRuntimeException
    • S6856415: Enabling java security manager will make program thrown wrong exception ( main method not found )
    • S6892493: potential memory leaks in 2D font code indentified by parfait.
    • S6925851: Localize JRE into pt_BR (corba)
    • S6968053: (launcher) hide exceptions under certain launcher failures
    • S6977738: Deadlock between java.lang.ClassLoader and java.util.Properties
    • S6981001: (launcher) EnsureJREInstallation is not being called in order
    • S7017734: jdk7 message drop 1 translation integration
    • S7026184: (launcher) Regression: class with unicode name can’t be launched by java.
    • S7104161: test/sun/tools/jinfo/Basic.sh fails on Ubuntu
    • S7125442: jar application located in two bytes character named folder cannot be run with JRE 7 u1/u2
    • S7127906: (launcher) convert the launcher regression tests to java
    • S7141141: Add 3 new test scenarios for testing Main-Class attribute in jar manifest file
    • S7158988: jvm crashes while debugging on x86_32 and x86_64
    • S7189944: (launcher) test/tools/launcher/Arrrrghs.java needs a couple of minor fixes
    • S7193318: C2: remove number of inputs requirement from Node’s new operator
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
    • S8023990: Regression: postscript size increase from 6u18
    • S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
    • S8028537: PPC64: Updated the JDK regression tests to run on AIX
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8067364: Printing to Postscript doesn’t support dieresis
    • S8072753: Nondeterministic wrong answer on arithmetic
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8075584: test for 8067364 depends on hardwired text advance
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
    • S8154210: Zero: Better byte behaviour
    • S8155261: Zero broken since HS23 update
    • S8155699: Resolve issues created by backports in OpenJDK 6 b39
    • S8155746: Sync Windows export list in make/java/jli/Makefile with make/java/jli/mapfile-vers
  • Backports
  • Bug fixes
    • PR2887: Location of ‘stap’ executable is hard-coded
    • PR2890: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
    • PR2952: test/tapset/jstaptest.pl requires Perl
    • PR2953: make dist fails after PR2887 made jstaptest.pl auto-generated

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • f69ab75ccf594931ae5bf5ebc16bce233878d9793516b4abc72f08d7188f5861 icedtea6-1.13.11.tar.gz
  • f12d470c3aefc599388e5f897367c6ca0ef0902f95ba187be12b3adc4b689f1f icedtea6-1.13.11.tar.gz.sig
  • 526ecdf6fec35c10160df305e87cb477f5fe1ea32f02f6c9b1c865a2d28833bf icedtea6-1.13.11.tar.xz
  • 1c01648a7139c8c3b7cd4626652a0509664b797469c234a020a864dead51d2e6 icedtea6-1.13.11.tar.xz.sig

The checksums can be downloaded from:

A 1.13.11 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.11.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.11.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.11/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 8 support in the 3.0.x series with the April 2016 security fixes from OpenJDK 8 u91.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 3.0.1 (2016-04-23)

  • Security fixes
  • Import of OpenJDK 8 u91 build 14
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT explicitly turned on
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8067422: Lambda method names are unnecessarily unstable
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8130212: Thread::current() might access freed memory on Solaris
    • S8132890: Text Overlapping on Dot Matrix Printers
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8134828: Scrollbar thumb disappears with Nimbus L&F
    • S8138589: Correct limits on unlimited cryptography
    • S8138811: Construction of static protection domains
    • S8140268: Generate link to specification license for JavaDoc API documentation
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8143959: Certificates requiring blacklisting
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146518: Zero interpreter broken with better byte behaviour
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8148487: PPC64: Better byte behavior
    • S8148522: Backout JDK-8138811 from 2016 Apr CPU repo
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
  • Backports
    • S8148752, PR2943: Compiled StringBuilder code throws StringIndexOutOfBoundsException
    • S8154210: Zero: Better byte behaviour
    • S8154413: AArch64: Better byte behaviour
  • Bug fixes
    • PR2933: Support ccache 3.2 and later
    • PR2934, G579676: SunEC provider throwing KeyException with current NSS

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • 8babade1717fff48bcc4e1e2f3159c2c7d97cfb44ef10124bbab3f7dc34a0582 icedtea-3.0.1.tar.gz
  • 8a5e702a114117ed301a632b1a41651d0577c9c59cfae4d10ff41f6a52185fc7 icedtea-3.0.1.tar.gz.sig
  • 346ce30de1de6c493729b79b246f250438fc5b8df7eae47229a97f9000a73af2 icedtea-3.0.1.tar.xz
  • b440f83a05788157b752cc3b1a239261bcbb52bf82211c93173e93cb4f3fa760 icedtea-3.0.1.tar.xz.sig

The checksums can be downloaded from:

A 3.0.1 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-3.0.1.tar.gz

or:

$ tar x -I xz -f icedtea-3.0.1.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.0.1/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the April 2016 security fixes from OpenJDK 7 u101.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.6 (2016-04-21)

  • Security fixes
  • Import of OpenJDK 7 u101 build 0
    • S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S7127906: (launcher) convert the launcher regression tests to java
    • S8002116: This JdbReadTwiceTest.sh gets an exit 1
    • S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is set to true
    • S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT explicitly turned on
    • S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a background thread is generating events.
    • S8028537: PPC64: Updated the JDK regression tests to run on AIX
    • S8036132: Tab characters in test/com/sun/jdi files
    • S8038963: com/sun/jdi tests fail because cygwin’s ps sometimes misses processes
    • S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
    • S8059661: Test SoftReference and OOM behavior
    • S8072753: Nondeterministic wrong answer on arithmetic
    • S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
    • S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
    • S8134297: NPE in GSSNameElement nameType check
    • S8134650: Xsl transformation gives different results in 8u66
    • S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
    • S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    • S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    • S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java should use 4-args ProtectionDomain constructor
    • S8147567: InterpreterRuntime::post_field_access not updated for boolean in JDK-8132051
    • S8148446: (tz) Support tzdata2016a
    • S8148475: Missing SA Bytecode updates.
    • S8149170: Better byte behavior for native arguments
    • S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid encoding for PolicyQualifierInfo
    • S8150012: Better byte behavior for reflection
    • S8150790: 8u75 L10n resource file translation update
    • S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command
    • S8154210: Zero: Better byte behaviour
  • Bug fixes
    • PR2889: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
    • PR2929: configure: error: “A JDK home directory could not be found.”
    • PR2935: Check that freetype defines FT_CONFIG_OPTION_INFINALITY_PATCHSET if enabling infinality
    • PR2938: Fix build of 8148487 backport
    • PR2939: Remove rogue ReleaseStringUTFChars line remaining from merge of 7u101 b00
  • PPC & AIX port
  • AArch64 port
    • S8154413: AArch64: Better byte behaviour
    • PR2914: byte_map_base is not page aligned on OpenJDK 7
  • JamVM
    • PR2665: icedtea/jamvm 2.6 fails as a build VM for icedtea

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • d6d92e9b20e321d51b2f428868b6de3d3ebc2b4eedde19e5cf2e2452da6d0fde icedtea-2.6.6.tar.gz
  • 765e3dfbaa5eef6fccd9cc53c153681ad2c70384b31fe3691e44709dbeeae3d2 icedtea-2.6.6.tar.gz.sig
  • 79949744436158d9ded3a758c22da7629f843ea3913afdffc65ea0f1a26d544a icedtea-2.6.6.tar.xz
  • a8049026f7b7f8503ce7ff25c28b822e97cce5c495fdaa0c9b734315d99596bd icedtea-2.6.6.tar.xz.sig

The checksums can be downloaded from:

A 2.6.6 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.6.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.6.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.6/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 7 support in the 2.6.x series with the March 2016 interim security fix from OpenJDK 7 u99.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.6.5 (2016-03-24)

  • Security fixes
  • Import of OpenJDK 7 u99 build 0
    • S6425769, PR2858: Allow specifying an address to bind JMX remote connector
    • S6961123: setWMClass fails to null-terminate WM_CLASS string
    • S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently
    • S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses
  • Backports
    • S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions
    • S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp
    • S8071705, PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically
    • S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell
  • Bug fixes
    • PR2803: Make system CUPS optional
    • PR2886: Location of ‘stap’ executable is hard-coded
    • PR2893: test/tapset/jstaptest.pl should be executable
    • PR2894: Add missing test directory in make check.
  • CACAO
    • PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any’ failed
  • AArch64 port
    • PR2852: Add support for large code cache
    • PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only.
    • S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter
    • S8131483, PR2852: aarch64: illegal stlxr instructions
    • S8133352, PR2852: aarch64: generates constrained unpredictable instructions
    • S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32
    • S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation
    • S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0
    • S8138575, PR2852: Improve generated code for profile counters
    • S8138641, PR2852: Disable C2 peephole by default for aarch64
    • S8138966, PR2852: Intermittent SEGV running ParallelGC
    • S8143067, PR2852: aarch64: guarantee failure in javac
    • S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved
    • S8143584, PR2852: Load constant pool tag and class status with load acquire
    • S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with –enable-unlimited-crypto
    • S8144582, PR2852: AArch64 does not generate correct branch profile data
    • S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base
    • S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject
    • S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac
  • PPC & AIX port
    • S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280
    • S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call
    • S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • d8bce93bd33b299a52236f03fb57d42ae9de808c8337e6185930799dbfc78795 icedtea-2.6.5.tar.gz
  • 0a12f5916c144879812dc086bfbb506569ee3abb056a81031287d00914652313 icedtea-2.6.5.tar.gz.sig
  • e752304496bb11ae9952beb11e6743dd84e55b340eaca716f310c5a0f48b53f7 icedtea-2.6.5.tar.xz
  • 7bd1b00d3f59e32e80ba41a705a5730de87dd76f138d94dd94995b9a394d9dad icedtea-2.6.5.tar.xz.sig

The checksums can be downloaded from:

A 2.6.5 ebuild for Gentoo is available.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.6.5.tar.gz

or:

$ tar x -I xz -f icedtea-2.6.5.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.6.5/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with the January 2016 security fixes.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 1.13.10 (2016-01-22)

  • Security fixes
  • Import of OpenJDK6 b38
    • OJ69: Windows build broken after b37 changes
    • OJ70: Allow versions of ALSA >= 1.1.0
    • S6720721: CRL check with circular depency support needed
    • S6852744: PIT b61: PKI test suite fails because self signed certificates are being rejected [Tests only]
    • S7166570: JSSE certificate validation has started to fail for certificate chains
    • S7167988: PKIX CertPathBuilder in reverse mode doesn’t work if more than one trust anchor is specified
    • S7171223: Building ExtensionSubtables.cpp should use -fno-strict-aliasing
    • S8068761: [TEST_BUG] java/nio/channels/ServerSocketChannel/AdaptServerSocket.java failed with SocketTimeoutException
    • S8074068: Cleanup in src/share/classes/sun/security/x509/
    • S8075773: jps running as root fails after the fix of JDK-8050807
    • S8081297: SSL Problem with Tomcat
    • S8134605: Partial rework of the fix for 8081297
    • S8135307: CompletionFailure thrown when calling FieldDoc.type, if the field’s type is missing
    • S8138716: (tz) Support tzdata2015g
    • S8141213: [Parfait]Potentially blocking function GetArrayLength called in JNI critical region at line 239 of jdk/src/share/native/sun/awt/image/jpeg/jpegdecoder.c in function GET_ARRAYS
    • S8141287: Add MD5 to jdk.certpath.disabledAlgorithms – Take 2
    • S8142928: [TEST_BUG] sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java 8u71 failure
    • S8144955: Wrong changes were pushed with 8143942
    • S8145551: Test failed with Crash for Improved font lookups
    • S8147466: Add -fno-strict-overflow to IndicRearrangementProcessor{,2}.cpp
  • Backports
    • S7169111, PR2757: Unreadable menu bar with Ambiance theme in GTK L&F
    • S8140620, PR2711: Find and load default.sf2 as the default soundbank on Linux

The tarballs can be downloaded from:

We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

  • PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
  • Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222

GnuPG >= 2.1 is required to be able to handle this key.

SHA256 checksums:

  • e467fbdbae88897c4447b400be32f3176a798d3c7d84a311b7a24420e955e93a icedtea6-1.13.10.tar.gz
  • 59a4eef6f98a1ef5951e3fd64f94a3e8f818513fa2cf721ffb60b20601eed92d icedtea6-1.13.10.tar.gz.sig
  • a08907fa5a99a84c1bb480c9a0438264ff01c6215a7e1618e08e4ae79d4600d7 icedtea6-1.13.10.tar.xz
  • 4dac256f93799aa0e75062c94c242f956bd2372b1fb70c220dcb02d4b2d028a5 icedtea6-1.13.10.tar.xz.sig

The checksums can be downloaded from:

A 1.13.10 ebuild for Gentoo is available.

The following people helped with these releases:

  • Andrew Hughes (all backports and bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.10.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.10.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.10/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!

Next Page »