RedHat has issued an advisory on May 21: https://access.redhat.com/errata/RHSA-2018:1649 This update is not yet available in Fedora.
Assigning to the Java Stack maintainers, CC'ing the registered maintainer.
CC: (none) => mageia, marja11Assignee: bugsquad => java
Hi, I tried to synch with fedora (java-1.8.0-openjdk-1.8.0.172-3.b11.fc29) but the build fail: """ BuildJaxws.gmk:110: Building /home/iurt/rpmbuild/BUILD/java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga7.x86_64/openjdk/build/jdk8.build-slowdebug/jaxws/dist/lib/src.zip [...] /usr/bin/touch /home/iurt/rpmbuild/BUILD/java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga7.x86_64/openjdk/build/jdk8.build-slowdebug/jaxws/dist/lib/src.zip + /usr/bin/touch /home/iurt/rpmbuild/BUILD/java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga7.x86_64/openjdk/build/jdk8.build-slowdebug/jaxws/dist/lib/src.zip I: [iurt_root_command] ERROR: chroot """ See, for example: http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20180614094159.ns80.duvel.16124/log/java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga7/build.0.20180614094207.log. I do not understand what the problem is.
CC: (none) => nicolas.salguero
Tips on updating this package: 1) Sync with the oldest still-supported Fedora release (to make sure there aren't any changes that won't work with our older Java stack) 2) Only sync changes that were actually changed since the last sync, i.e. 3) Don't do a full re-sync Once I re-did the update as such, all I had to do was disable systemtap for now (not clear why that wasn't working as it looked like it should) and it built. Maybe in Mageia 6 it'll work with systemtap; we'll see.
Suggested advisory: ======================== The updated packages fix a security vulnerability: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. (CVE-2018-3639) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 ======================== Updated package in core/updates_testing: ======================== java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-headless-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-devel-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-demo-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-src-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-javadoc-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-javadoc-zip-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-accessibility-1.8.0.172-1.b11.1.mga6 from SRPMS: java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga6.src.rpm
Status: NEW => ASSIGNEDCVE: (none) => CVE-2018-3639Assignee: java => qa-bugs
Changes synced into Mageia 5 SVN. Not pushing a build for this issue.
We should include the copy-jdk-configs update with this: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4I24YKXTTHZRA6EVCABUSI7PP5DLAAIL/
Suggested advisory: ======================== The updated packages fix a security vulnerability: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. (CVE-2018-3639) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 ======================== Updated package in core/updates_testing: ======================== copy-jdk-configs-3.7-1.mga6 java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-headless-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-devel-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-demo-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-src-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-javadoc-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-javadoc-zip-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-accessibility-1.8.0.172-1.b11.1.mga6 from SRPMS: copy-jdk-configs-3.7-1.mga6.src.rpm java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga6.src.rpm
Thanks. copy-jdk-configs update checked into Mageia 5 SVN as well.
MGA6-32 on IBM Thinkpad R50e No installation issues. Searching installed jar on the machine, found bsh.jar. Run that one and found an example at http://www.beanshell.org/manual/quickstart.html, works OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA6-32-OK
Installed and tested without issues. Tested using several applications and tools (e.g. netbeans, yuicompressor, htmlcleaner, nvidia-visual-profiler, nvidia-nsight, freecol). No regressions noticed. System: Mageia 6, x86_64, Plasma DE, LXQt DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver. $ uname -a Linux marte 4.14.50-desktop-2.mga6 #1 SMP Mon Jun 18 11:23:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep java-1.8.0 java-1.8.0-openjdk-1.8.0.172-1.b11.1.mga6 java-1.8.0-openjdk-headless-1.8.0.172-1.b11.1.mga6
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OKCC: (none) => mageia
Advisory committed to svn. Validating the update.
Keywords: (none) => advisory, validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0298.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED