Updated java-1.7.0-openjdk packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs.
- The TLS/SSL implementation in OpenJDK previously failed to handle Diffie-Hellman (DH) keys with more than 1024 bits. This caused client applications using Java Secure Socket Extension (JSSE) to fail to establish TLS/SSL connections to servers using larger DH keys during the connection handshake. This update adds support for DH keys with size up to 2048 bits, thus fixing this bug.
- Previously, the OpenJDK utility displayed characters containing the umlaut diacritical mark (such as ä, ö, or ü) and the eszett character (ß) in PostScript output incorrectly. A patch with support for umlaut and eszett characters has been applied, and OpenJDK now displays these characters correctly.
- The jhat man page URL was broken. A patch has been applied to fix this bug, and the URL now functions as expected.
- Previously, it was not possible to use the Serviceability Agent (SA) tool when the target application contained symbols using non-ASCII characters. Java Virtual Machine (JVM) and SA calculated different hashes for strings with such characters, and SA terminated with an error. A patch has been applied to fix this bug, and SA no longer crashes when non-ASCII characters are used.
- Previously, jvmtiStringPrimitiveCallback was invoked when a string value was null. Consequently, Java Virtual Machine (JVM) could terminate unexpectedly. A patch has been applied to fix this bug, and JVM no longer crashes in this situation.
- Prior to this update, the Java Native Interface (JNI) code handling fonts used an incorrect function parameter when setting context. Consequently, Java Virtual Machine (JVM) could terminate unexpectedly when disposing of certain fonts. The use of function parameters by the JNI code has been amended, and JVM no longer crashes in this situation.
- Previously, calling the Files.probeContentType() function with the default GnomeFileTypeDetector using the libgio library caused Java Virtual Machine (JVM) to terminate unexpectedly at a thread's end. A patch has been applied, and the process now exits without problems.
- Due to a regression, the Java Heap/CPU Profiling Tool (HPROF) produced truncated output when used with the "doe=n" argument. Consequently, the output file contained only the header, the data was missing. A patch has been applied, and the output of HPROF is now correct when using "doe=n".
- Support for elliptic curve cryptography, the SunEC provider, has been added to OpenJDK 7. OpenJDK 7 can now establish Transport Layer Security or Secure Sockets Layer connections or perform encryption and decryption using this technology.
Users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. All running instances of OpenJDK Java must be restarted for the update to take effect.