changelog updates for release

adding patch list for each version updating changelog for release Q12024
corretto · Jan 16, 2024 · a9d4f3e · a9d4f3e
1 parent 7fad97c
commit a9d4f3e
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,44 @@
 
 The following sections describe the changes for each release of Amazon Corretto 17.
 
+## Corretto version: 17.0.10.7.1
+Release Date: January 16, 2024
+**Target Platforms <sup>1</sup>**
+
++ RPM-based Linux using glibc 2.12 or later, x86, x86_64
++ Debian-based Linux using glibc 2.12 or later, x86, x86_64
++ RPM-based Linux using glibc 2.17 or later, aarch64
++ Debian-based Linux using glibc 2.17 or later, aarch64
++ Alpine-based Linux, x86_64
++ Alpine-based Linux, aarch64
++ Windows 10 or later, x86_64
++ macos 12.0 and later, x86_64
++ macos 12.0 and later, aarch64
+
+**1.** This is the platform targeted by the build. See [Using Amazon Corretto](https://aws.amazon.com/corretto/faqs/#Using_Amazon_Corretto)
+in the Amazon Corretto FAQ for supported platforms
+
+The following issues are addressed in 17.0.10.7.1:
+
+| Issue Name           | Platform | Description                                                                          | Link                                                                  |
+|----------------------|----------|--------------------------------------------------------------------------------------|-----------------------------------------------------------------------|
+| Import jdk-17.0.10+7 | All | Updates Corretto baseline to OpenJDK 17.0.10+7   | [jdk-17.0.10+7](https://github.com/openjdk/jdk17u/releases/tag/jdk-17.0.10+7)                                 |
+| Data loss in AVX3 Base64 decoding | All | Base64 appears to give different (wrong) results in some rare cases when AVX3 is enabled.| [JDK-8321599](https://bugs.openjdk.org/browse/JDK-8321599)|
+| (tz) Update Timezone Data to 2023d | All | Update Timezone Data to 2023d |  [JDK-8322725](https://bugs.openjdk.org/browse/JDK-8322725)                        |
+| NPE in PKCS7.parseOldSignedData    | All | fixes exception PKCS7.parseOldSignedDat | [JDK-8315042](https://bugs.openjdk.org/browse/JDK-8315042)                                              |
+|Enable Neoverse N1 optimizations for Neoverse V2| ALL      |Enable Neoverse N1 optimizations for Neoverse V2| [JDK-8321025](https://bugs.openjdk.org/browse/JDK-8321025)                      |
+|Enable UseCryptoPmullForCRC32 for Neoverse V2| ALL      |Enable UseCryptoPmullForCRC32| [JDK-8321105](https://bugs.openjdk.org/browse/JDK-8321105)                                         |
+The following CVEs are addressed in 17.0.10.7.1:
+
+| CVE            | CVSS | Component                      |
+|----------------|------|--------------------------------|
+| CVE-2024-20918 | 7.4  | hotspot/compiler               |
+| CVE-2024-20952 | 7.4  | security-libs/java.security    |
+| CVE-2024-20919 | 5.9  | hotspot/runtime                |
+| CVE-2024-20921 | 5.9  | hotspot/compiler               |
+| CVE-2024-20945 | 4.7  | security-libs/javax.xml.crypto |
+
+
 ## Corretto version: 17.0.9.8.1
 Release Date: October 17, 2023