RedHat has issued an advisory today (July 16): https://access.redhat.com/errata/RHSA-2020:2972 Nicolas Salguero has packaged it already: java-1.8.0-openjdk-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-headless-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-devel-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-demo-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-src-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-javadoc-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-javadoc-zip-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-accessibility-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-openjfx-1.8.0.262-1.b09.1.mga7 java-1.8.0-openjdk-openjfx-devel-1.8.0.262-1.b09.1.mga7
Corresponding Oracle CPU: https://www.oracle.com/security-alerts/cpujul2020.html
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Bypass of boundary checks in nio.Buffer via concurrent access. (CVE-2020-14583) Incomplete bounds checks in Affine Transformations. (CVE-2020-14593) Incorrect handling of access control context in ForkJoinPool. (CVE-2020-14556) Unexpected exception raised by DerInputStream. (CVE-2020-14578) Unexpected exception raised by DerValue.equals(). (CVE-2020-14579) XML validation manipulation due to incomplete application of the use-grammar-pool-only feature. (CVE-2020-14621) HostnameChecker does not ensure X.509 certificate names are in normalized form. (CVE-2020-14577) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14583 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14593 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14556 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14578 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14579 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14621 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14577 https://access.redhat.com/errata/RHSA-2020:2972 https://www.oracle.com/security-alerts/cpujul2020.html ======================== Updated packages in core/updates_testing: ======================== java-1.8.0-openjdk-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-headless-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-devel-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-demo-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-src-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-javadoc-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-javadoc-zip-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-accessibility-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-openjfx-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-openjfx-devel-1.8.0.262-1.b10.1.mga7 from SRPMS: java-1.8.0-openjdk-1.8.0.262-1.b10.1.mga7.src.rpm
Assignee: nicolas.salguero => qa-bugsStatus: NEW => ASSIGNED
64 bit simple test OK in my normal use System: i7, Plasma, Nvidia proprietary. Installed, rebooted $ java -version openjdk version "1.8.0_262" OpenJDK Runtime Environment (build 1.8.0_262-b10) OpenJDK 64-Bit Server VM (build 25.262-b10, mixed mode) My Invoicing and bookkeeping program FriBok still works as before: cd "/Path/To/FriBok" ; _JAVA_OPTIONS="-Dawt.useSystemAAFontSettings=on" java -jar *.jar
CC: (none) => fri
Installed and tested without issues. Have 49 packages installed that depend on java or java-headless packages. Tested explicitly using netbeans (12.0 from upstream), projectlibre, sweethome3d, htmlcleaner and yuicompressor. No issues found. System: Mageia 7, x86_64, Plasma DE, LXQt DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver. $ uname -a Linux marte 5.6.14-desktop-2.mga7 #1 SMP Wed May 20 23:14:20 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep java-1.8.0-openjdk java-1.8.0-openjdk-1.8.0.262-1.b10.1.mga7 java-1.8.0-openjdk-headless-1.8.0.262-1.b10.1.mga7 $ rpm -q --whatrequires java java-headless | sort apache-commons-io-2.6-3.mga7 apache-commons-logging-1.2-9.mga7 batik-1.10-1.mga7 batik-css-1.10-1.mga7 bouncycastle-1.61-1.mga7 bouncycastle-mail-1.61-1.mga7 bouncycastle-pkix-1.61-1.mga7 flute-1.3.0-9.mga7 hawtjni-runtime-1.16-2.mga7 htmlcleaner-2.2.1-9.mga7 htmlcleaner-2.2.1-9.mga7 icedtea-web-1.8-2.1.mga7 itext-core-2.1.7-37.mga7 jai-imageio-core-1.2-0.21.20100217cvs.2.mga7 janino-2.7.8-9.mga7 jansi-1.17.1-1.mga7 jansi-native-1.7-3.mga7 jargs-1.0-10.mga7 java3d-1.5.2-15.mga7 jaxen-1.1.6-12.mga7 jdom-1.1.3-12.mga7 jline-2.14.6-2.mga7 libbase-1.1.6-8.mga7 libfonts-1.1.6-10.mga7 libformula-1.1.6-9.mga7 liblayout-0.2.10-11.mga7 libloader-1.1.6-9.mga7 libreoffice-core-6.4.4.2-1.mga7 librepository-1.1.6-11.mga7 libserializer-1.1.6-11.mga7 ongres-scram-1.0.0~beta.2-1.mga7 ongres-scram-client-1.0.0~beta.2-1.mga7 pentaho-libxml-1.1.6-10.mga7 pentaho-reporting-flow-engine-0.9.4-13.mga7 postgresql-jdbc-42.2.5-1.mga7 projectlibre-1.9.0-5.mga7 rhino-1.7.7.1-4.mga7 sac-1.3-28.mga7 sunflow-sweethome3d-0.07.3i-1.mga7 sweethome3d-6.1-1.1.mga7 tagsoup-1.2.1-14.mga7 vecmath-1.6.0-0.1.20130710git41fddda.7.mga7 vecmath-1.6.0-0.1.20130710git41fddda.7.mga7 xalan-j2-2.7.1-35.mga7 xerces-j2-2.11.0-29.mga7 xml-commons-apis-1.4.01-23.mga7 xml-commons-resolver-1.2-22.mga7 xmlgraphics-commons-2.2-2.mga7 yuicompressor-2.4.8-2.mga7
CC: (none) => mageia
$ uname -a Linux localhost 5.6.14-desktop-2.mga7 #1 SMP Wed May 20 23:14:20 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux The following 6 packages are going to be installed: - java-1.8.0-openjdk-1.8.0.262-1.b10.1.mga7.x86_64 - java-1.8.0-openjdk-devel-1.8.0.262-1.b10.1.mga7.x86_64 - java-1.8.0-openjdk-headless-1.8.0.262-1.b10.1.mga7.x86_64 - java-1.8.0-openjdk-openjfx-1.8.0.262-1.b10.1.mga7.x86_64 - java-1.8.0-openjdk-openjfx-devel-1.8.0.262-1.b10.1.mga7.x86_64 - java-1.8.0-openjfx-1.8.0.202-1.b07.3.mga7.x86_64 179MB of additional disk space will be used. $ java -version openjdk version "1.8.0_262" $ javac -version javac 1.8.0_262 I ran an old app I wrote in java years ago. It worked. Compiled it from command line that worked and application functioned properly. Looks good to me.
CC: (none) => brtians1
MGA7-64 Plasma on Lenovo B50 No installation issues Ref bug 20220 for test file $ java -version openjdk version "1.8.0_262" OpenJDK Runtime Environment (build 1.8.0_262-b10) OpenJDK 64-Bit Server VM (build 25.262-b10, mixed mode) javac helloworld.java $ java helloworld Gtk-Message: 14:01:52.973: Failed to load module "canberra-gtk-module" Hello World! Hello World! Output twice because I pressed the OK button twice. Good to go
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
Lots of tests - thank you, everyone! Validating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0309.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED