java-17-openjdk security and bug fix update

[1:17.0.8.0.7-2.0.1]

• OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036)
• OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041)
• OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049)
• harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193)
• OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006)
• OpenJDK: modulo operator array indexing issue (8304460) (CVE-2023-22044)
• OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045)
• Add Oracle vendor bug URL [Orabug: 34340155]
  [1:17.0.8.0.6-0.1.ea]
• Update to jdk-17.0.8+6 (EA)
• Sync the copy of the portable specfile with the latest update
• Resolves: rhbz#2217716
  [1:17.0.8.0.1-0.1.ea]
• Update to jdk-17.0.8+1 (EA)
• Update release notes to 17.0.8+1
• Switch to EA mode
• Drop local inclusion of JDK-8274864 & JDK-8305113 as they are included in 17.0.8+1
• Bump bundled LCMS version to 2.15 as in jdk-17.0.8+1.
• Bump bundled HarfBuzz version to 7.0.1 as in jdk-17.0.8+1
• Use tapsets from the misc tarball
• Introduce ‘prelease’ for the portable release versioning, to handle EA builds
• Make sure root installation directory is created first
• Use in-place substitution for all but the first of the tapset changes
• Related: rhbz#2217716
  [1:17.0.7.0.7-4]
• Introduce vm_variant global for consistency with future JDK builds
• Related: rhbz#2203412
  [1:17.0.7.0.7-4]
• Exclude classes_nocoops.jsa on i686 and arm32
• Related: rhbz#2203412
  [1:17.0.7.0.7-4]
• Following JDK-8005165, class data sharing can be enabled on all JIT architectures
• Related: rhbz#2203412
  [1:17.0.7.0.7-4]
• Fix packaging of CDS archives
• Resolves: rhbz#2203412