Your message dated Mon, 23 Jan 2017 15:14:41 +0000
with message-id <e1cvgkp-000av7...@fasolo.debian.org>
and subject line Bug#841229: fixed in openjdk-8 8u121-b13-1
has caused the Debian Bug report #841229,
regarding openjdk-8-jre-jamvm: OutOfMemoryError in ConcurrentHashMap
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
841229: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841229
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openjdk-8-jre-jamvm
Version: 8u102-b14.1-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
Using JamVM causes the following exception to be thrown running the most
simplest programs from "Hello World" to the Java compiler:
Error: A JNI error has occurred, please check your installation and try
again java.lang.OutOfMemoryError
at
java.util.concurrent.ConcurrentHashMap.initTable(ConcurrentHashMap.java:2233)
at
java.util.concurrent.ConcurrentHashMap.putVal(ConcurrentHashMap.java:1017)
at
java.util.concurrent.ConcurrentHashMap.put(ConcurrentHashMap.java:1006)
at
sun.util.locale.LocaleObjectCache.put(LocaleObjectCache.java:87) at
sun.util.locale.BaseLocale.createInstance(BaseLocale.java:69) at
java.util.Locale.createConstant(Locale.java:709) at
java.util.Locale.<clinit>(Locale.java:490) at
java.lang.String.toLowerCase(String.java:2670) at
java.net.URL.<init>(URL.java:385) at java.net.URL.<init>(URL.java:310)
at java.net.URL.<init>(URL.java:333)
at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:272)
at sun.misc.Launcher.getFileURL(Launcher.java:484)
at
sun.misc.Launcher$ExtClassLoader.getExtURLs(Launcher.java:194) at
sun.misc.Launcher$ExtClassLoader.<init>(Launcher.java:164) at
sun.misc.Launcher$ExtClassLoader$1.run(Launcher.java:148) at
sun.misc.Launcher$ExtClassLoader$1.run(Launcher.java:142) at
java.security.AccessController.doPrivileged(Native Method) at
sun.misc.Launcher$ExtClassLoader.getExtClassLoader(Launcher.java:141)
at sun.misc.Launcher.<init>(Launcher.java:71)
at sun.misc.Launcher.<clinit>(Launcher.java:57)
at
java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451) at
java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436) at
sun.launcher.LauncherHelper.<clinit>(LauncherHelper.java:92)
HotSpot Zero (which is far slower) is not affected by this issue.
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: powerpc (ppc)
Kernel: Linux 4.7.0-1-powerpc
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openjdk-8-jre-jamvm depends on:
ii libc6 2.24-3
ii openjdk-8-jre-headless 8u102-b14.1-2
ii zlib1g 1:1.2.8.dfsg-2+b1
openjdk-8-jre-jamvm recommends no packages.
openjdk-8-jre-jamvm suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: openjdk-8
Source-Version: 8u121-b13-1
We believe that the bug you reported is fixed in the latest version of
openjdk-8, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 841...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthias Klose <d...@ubuntu.com> (supplier of updated openjdk-8 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 23 Jan 2017 11:03:55 +0100
Source: openjdk-8
Binary: openjdk-8-jdk-headless openjdk-8-jre-headless openjdk-8-jdk
openjdk-8-jre openjdk-8-demo openjdk-8-source openjdk-8-doc openjdk-8-dbg
openjdk-8-jre-zero
Architecture: source
Version: 8u121-b13-1
Distribution: unstable
Urgency: high
Maintainer: OpenJDK Team <open...@lists.launchpad.net>
Changed-By: Matthias Klose <d...@ubuntu.com>
Description:
openjdk-8-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-8-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-8-doc - OpenJDK Development Kit (JDK) documentation
openjdk-8-jdk - OpenJDK Development Kit (JDK)
openjdk-8-jdk-headless - OpenJDK Development Kit (JDK) (headless)
openjdk-8-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-8-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-8-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-8-source - OpenJDK Development Kit (JDK) source files
Closes: 841229 841269 842132 851053 851667
Changes:
openjdk-8 (8u121-b13-1) unstable; urgency=high
.
* Update to 8u121-b13, Hotspot 8u112-b16 for AArch64.
.
[ Matthias Klose ]
* Build using the default flags (POWER8) on ppc64el.
* Add a breaks for ca-certificates-java (<< 20160321~). Closes: #851667.
* Stop building JamVM for the stretch release, the VM is not working
with recent OpenJDK 8 updates. Closes: #841229, #842132.
* Fix location of jspawnhelper for KFreeBSD. Closes: #851053.
.
[ Tiago Stürmer Daitx ]
* debian/rules: add -O3 to DEB_CFLAGS_MAINT_STRIP and
DEB_CXXFLAGS_MAINT_STRIP for dpkg_buildflags_jdk and
dpkg_buildflags_hs as ppc64le has -O3 by default. LP: #1640845.
* Update to 8u121-b13, including security fixes.
- S8165344, CVE-2017-3272: A protected field can be leveraged into type
confusion.
- S8167104, CVE-2017-3289: Custom class constructor code can bypass the
required call to super.init allowing for uninitialized objects to be
created.
- S8156802, CVE-2017-3241: RMI deserialization should limit the types
deserialized to prevent attacks that could escape the sandbox.
- S8164143, CVE-2017-3260: It is possible to corrupt memory by calling
dispose() on a CMenuComponentmultiple times.
- S8168714, CVE-2016-5546: ECDSA will accept signatures that have various
extraneous bytes added to them whereas the signature is supposed to be
unique.
- S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt
sections to be 2^32-1 bytes long so these should not be uncompressed
unless the user explicitly requests it.
- S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may
leak information about k.
- S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may
leak information about k.
- S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to
deserialize responses from an LDAP server when an LDAP context is
expected.
- S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how
users or external applications would interpret them leading to possible
security issues.
- S8168705, CVE-2016-5547: A value from an InputStream is read directly
into the size argument of a new byte[] without validation.
- S8164147, CVE-2017-3261: An integer overflow exists in
SocketOutputStream which can lead to memorydisclosure.
- S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will
dispatch HTTP GET requests where the invoker does not have permission.
- S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when
long running sessions are allowed.
* d/p/8132051-zero.diff: Superseeded by upstream fix S8154210; removed.
* d/p/hotspot-JDK-8158260-ppc64el.patch: Applied upstream; removed.
* d/p/6926048.diff: Already applied upstream; removed.
* d/p/jdk-ppc64el-S8170153.patch, d/p/openjdk-ppc64el-S8170153.patch: Improve
StrictMath performance on ppc64el. LP: #1646927.
* d/p/jdk-841269-filechooser.patch: Fix FileChooser behavior when displaying
links to non-existant files. Closes: #841269.
* Refreshed various patches.
Checksums-Sha1:
de3b3f3cd198c95b8b135096b5c6ba34cd999b2b 4483 openjdk-8_8u121-b13-1.dsc
0e41c8b3ac17f8022e524db705af86780e86c2d1 63884892
openjdk-8_8u121-b13.orig.tar.xz
f630e66f43d9fd3834bf73173a3e86e0f0084f9b 235072
openjdk-8_8u121-b13-1.debian.tar.xz
Checksums-Sha256:
b51e13766a5d26d2babd246ab14f27b273a37287fc280f7139fb7e03aa762b3c 4483
openjdk-8_8u121-b13-1.dsc
78f64c05575fa36ae35e712e3d23b3ac139aaeb328eebca705705652b5985699 63884892
openjdk-8_8u121-b13.orig.tar.xz
f08822fd68026ede9551c863066697c24572bfc49dc1842a2703725ef7c61b9f 235072
openjdk-8_8u121-b13-1.debian.tar.xz
Files:
110c4cdad2d191bf40676f5b3943882f 4483 java optional openjdk-8_8u121-b13-1.dsc
9d3a1b7c672bc1b5ffbbf30aa4eed4b3 63884892 java optional
openjdk-8_8u121-b13.orig.tar.xz
e83030ae23d57e3fdf5b5e2f697a3794 235072 java optional
openjdk-8_8u121-b13-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAliGCYMQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9eWzEACeKFOdkmu7DiuIjhLUAot1Oy93ZyzUoEN0
sIyjSXn8u+g68mg5/qVSKMOCkiXIMXdISLDAtvi1f1538E4XbU7otr1RJB/KCeB0
0QiW2NyY9rm0YkDxBTiQtAOdsN7ZSvoUVyiBBT43bc1gs/YVBjV/zvnnf44ZrWct
wKiYsJijrW9yzkPqUlDO1KdSJeuk9guSQh6HChx96NbO3Wo3wSYkTqcfeTMjVrrv
uJvu8QmW5FzxtUZ9mGZgVxgHBdIIeuxhPHl8yaUdOFNtZeDvcsqNS9TrJ6Z9HwmF
X9/MEmcHbyzDu69fTY0WihN3My8K9lPFJtCbjuG20Wc/f4VG7RWKrcggSccAa2nn
jRectOLnOulNAexsy0rzz8BdXHgk0bMtjuR1CpeXLfJg84sNVBGBAJGz8KsgHE4J
03DrcOh+LQYA+BPZvfbEZVDDDBSXC81ThUgHrED/IVmU0Fn+Xt/YlgtXjGxr5j0w
Le/Arw+WpRpD/bo2wK5yFE8y7xB0dcokYMaBFOsh7Y6q5j0rU6nbesU/19LbXiEg
rtHEFzvQU3uUuw3kwL4orM9YkRk6M4cnRPECpeBG2WTj3Rx3H/61Z6b7J60pdeu8
O6qkmQgMlOq8dgmYUNXD3uyzsmeVvh7cyDLTVPwnle75njX0VB19cvr0u7yutzO0
uxGCYbdHrg==
=2vnJ
-----END PGP SIGNATURE-----
--- End Message ---
