- Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation (JDK-8281859) - CVE-2022-21541: Enhance MethodHandle invocations (JDK-8281866) - CVE-2022-34169: Improve Xalan supports (JDK-8285407) - Security fixes in 7u341: - CVE-2022-21426: Better XPath expression handling (JDK-8270504) - CVE-2022-21434: Better invocation handler handling (JDK-8277672) - CVE-2022-21443: Improved Object Identification (JDK-8275151) - CVE-2022-21476: Improve Santuario processing (JDK-8278008) - CVE-2022-21496: Improve URL supports (JDK-8278972) - Security fixes in 7u331: - CVE-2022-21248: Enhance cross VM serialization (JDK-8264934) - CVE-2022-21282: Better resolution of URIs (JDK-8270492) - CVE-2022-21283: Better String matching (JDK-8268813) - CVE-2022-21293: Improve String constructions (JDK-8270392) - CVE-2022-21294: Enhance construction of Identity maps (JDK-8270416) - CVE-2022-21296: Improve SAX Parser configuration management (JDK-8270498) - CVE-2022-21299: Improved scanning of XML entities (JDK-8270646) - CVE-2022-21305: Better array indexing (JDK-8272014) - CVE-2022-21340: Verify Jar Verification (JDK-8272026) - CVE-2022-21341: Improve serial forms for transport (JDK-8272236) - CVE-2022-21349: Improve Solaris font rendering (JDK-8273748) - CVE-2022-21360: Enhance BMP image support (JDK-8273756) - CVE-2022-21365: Enhanced BMP processing (JDK-8273838) - Security fixes in 7u321: - CVE-2021-35550: Update the default enabled cipher suites preference (JDK-8163326) - CVE-2021-35556: Richer Text Editors (JDK-8265167) - CVE-2021-35559: Enhanced style for RTF kit (JDK-8265580) - CVE-2021-35561: Better hashing support (JDK-8266097) - CVE-2021-35564: Improve Keystore integrity (JDK-8266137) - CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close (JDK-8254967) - CVE-2021-35586: Better BMP support (JDK-8267735) - CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0 (JDK-8130183) - CVE-2021-35603: Better session identification (JDK-8269618) - Security fixes in 7u311: - CVE-2021-2341: Improve file transfers (JDK-8258432) - CVE-2021-2369: Better jar file validation (JDK-8260967) - CVE-2021-2432: Provide better LDAP provider support (JDK-8267412) - Security fixes in 7u301: - CVE-2021-2161: Less ambiguous processing (JDK-8250568) - CVE-2021-2163: Enhance opening JARs (JDK-8249906) - Security fixes in 7u281: - CVE-2020-14779: Enhance support of Proxy class (JDK-8236862) - CVE-2020-14781: Enhanced LDAP contexts (JDK-8237990) - CVE-2020-14782: Enhance certificate processing (JDK-8237995) - CVE-2020-14792: Better range handling (JDK-8241114) - CVE-2020-14796: Improved URI Support (JDK-8242680) - CVE-2020-14797: Better Path Validation (JDK-8242685) - CVE-2020-14798: Enhanced buffer support (JDK-8242695) - CVE-2020-14803: Improved Buffer supports (JDK-8244136) - Security fixes in 7u271: - CVE-2020-14577: Enhance certificate verification (JDK-8237592) - CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() (JDK-8028591) - CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) (JDK-8028431) - CVE-2020-14581: Better matrix operations (JDK-8238002) - CVE-2020-14583: Better Buffer support (JDK-8238920) - CVE-2020-14593: Less Affine Transformations (JDK-8240119) - CVE-2020-14621: Better XML namespace handling (JDK-8242136) - Update tzdata requirement to 2022a to match JDK-8283350 - Update NEWS from IcedTea - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after bump OpenJDK version