Package Details: jdk8 8u202-1

Git Clone URL: https://aur.archlinux.org/jdk8.git (read-only)
Package Base: jdk8
Description: Oracle Java 8 Development Kit
Upstream URL: http://www.oracle.com/technetwork/java/javase/downloads/index.html
Keywords: java-environment-jdk java-openjfx java-runtime-headless-jre java-runtime-jre java-web-start-jre
Licenses: custom:Oracle
Provides: java-environment=8, java-environment-jdk=8, java-openjfx=8, java-runtime=8, java-runtime-headless=8, java-runtime-headless-jre=8, java-runtime-jre=8, java-web-start=8, java-web-start-jre=8
Submitter: Det
Maintainer: severach
Last Packager: severach
Votes: 69
Popularity: 5.441160
First Submitted: 2017-09-21 22:18
Last Updated: 2019-01-19 22:40

Dependencies (9)

Required by (1000)

Sources (6)

Latest Comments

1 2 3 Next › Last »

severach commented on 2019-01-19 22:41

I didn't notice there were two versions on the same page.

Musikolo commented on 2019-01-19 04:00

@severach, out of curiosity, why are you using build u201 instead of u202? Shouldn't build u202 be newer and come with additional bug fixes?

severach commented on 2019-01-18 19:24

@x4fyr: Validation for jce_policy-8.zip and jdk-8u201-linux-x64.tar.gz fails

I pulled a new copy. All checksums good and it builds. My java app runs in jdk8. Can you give me an example of what worked in 192 and doesn't work in 201?

Musikolo commented on 2019-01-17 03:21

@wulftone, yes, I was also having the same issue. The problem is that the package isn't up-to-date, and old version is no longer available. However, if you want to solve it, just follow the next few steps:

1.- Download and extract https://aur.archlinux.org/cgit/aur.git/snapshot/jdk8.tar.gz

2.- Download this patch (https://pastebin.com/ibkbvRfV) and save it as jdk8-update.patch

3.- Apply the patch: patch PKGBUILD < jdk8-update.patch

4.- Build and install: makepkg -crsi

I hope it works!

wulftone commented on 2019-01-16 23:48

Anyone else having issues downloading this package? It's 404ing due to a license agreement check that oracle is doing on that file now. Looking at the URL you get from the browser, there's an additional AuthParam query param on the url, e.g. https://download.oracle.com/otn-pub/java/jdk/8u201-b09/42970487e3af4f5aa5bca3f542482c60/jdk-8u201-linux-x64.tar.gz?AuthParam=1547682810_edf64a570bffeb36da56c21e3eb8f9fb (I changed the param, FYI, so this link doesn't work as is).

EDIT: I think it just needs updated to the latest version/build/hash/md5sum and it will work fine.

Det commented on 2018-07-21 16:37

AFAIK the best public MD5 preimage attack is at 2^123.4. Dividing it in half (50% chance of finding collision) gives 7.0×10^36. If you generated distinct hashes with multiple GPUs at speeds of 200 billion/sec, you would find a match with those odds in 1.1 billion billion years (7.0×10^36/(200×10^9×60×60×24×365.2524) ≈ 1.1*10^18) (the universe is 14 billion years old).

I don't get the last part?

Musikolo commented on 2018-07-21 16:10

I agree it's probably very hard to achieve, but it's still possible.

Is this a reason to keeping using a very-hard-to-break but still vulnerable hashing algorithm?

If the discussion is about what color is best, you win...

Det commented on 2018-07-21 16:03

How hard can it be :(: https://www.google.com/search?q=preimage+vs+collision

Musikolo commented on 2018-07-21 16:02

@Det: Some more detailed articles:

As a cryptography ignorant, I'm not gonna tell anybody what algorithms they should use. However, cryptography experts deprecated md5sum algorithm long time ago, and recommended using stronger ones such as sha256sum & sha512sum since. Beside this, even if md5sum was super-safe today, I think nobody can argue that sha256sum & sha512sum are safer. So, why using a weaker hashing algorithm?

Thank you!

Det commented on 2018-07-20 14:20

That's a really poor article. Have a look at the actual MD5 one, along with collision vs. preimage resistance.