/hg/icedtea6: 3 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Mar 30 17:37:48 PDT 2010
changeset ecb1cacd7a34 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=ecb1cacd7a34
author: Andrew John Hughes <ahughes at redhat.com>
date: Tue Mar 30 23:23:15 2010 +0100
Add security updates.
2009-03-30 Andrew John Hughes <ahughes at redhat.com>
* Makefile.am: Add new security patches.
* NEWS: List new security patches.
* patches/security/20100330/6626217.patch,
* patches/security/20100330/6633872.patch,
* patches/security/20100330/6639665.patch,
* patches/security/20100330/6736390.patch,
* patches/security/20100330/6745393.patch,
* patches/security/20100330/6887703.patch,
* patches/security/20100330/6888149.patch,
* patches/security/20100330/6892265.patch,
* patches/security/20100330/6893947.patch,
* patches/security/20100330/6893954.patch,
* patches/security/20100330/6898622.patch,
* patches/security/20100330/6898739.patch,
* patches/security/20100330/6899653.patch,
* patches/security/20100330/6902299.patch,
* patches/security/20100330/6904691.patch,
* patches/security/20100330/6909597.patch,
* patches/security/20100330/6910590.patch,
* patches/security/20100330/6914823.patch,
* patches/security/20100330/6914866.patch,
* patches/security/20100330/6932480.patch,
* patches/security/20100330/hotspot/hs16/6894807.patch,
* patches/security/20100330/hotspot/original/6894807.patch:
New security and hardening patches
http://www.oracle.com/technology/deploy/security/critical-patch-
updates/javacpumar2010.html
changeset f625a9f9cdab in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=f625a9f9cdab
author: Andrew John Hughes <ahughes at redhat.com>
date: Wed Mar 31 01:36:09 2010 +0100
Support hs16 with security patches.
2009-03-31 Andrew John Hughes <ahughes at redhat.com>
* patches/security/20100330/6894807.patch,
* patches/security/20100330/hotspot/hs16/6894807.patch,
* patches/security/20100330/hotspot/original/6894807.patch:
Move 6894807 patch to top-level; same for both hs14 and hs16.
* Makefile.am: Use $(HSBUILD) appropriately.
* patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch:
Fix paths.
* patches/security/20100330/6626217.patch,
* patches/security/20100330/hotspot/hs16/6626217.patch,
* patches/security/20100330/hotspot/original/6626217.patch:
Split 6626217 into hs14 and hs16 versions.
changeset 924b3dc09a33 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=924b3dc09a33
author: Andrew John Hughes <ahughes at redhat.com>
date: Wed Mar 31 01:37:16 2010 +0100
Merge
diffstat:
27 files changed, 3739 insertions(+), 27 deletions(-)
ChangeLog | 47
Makefile.am | 23
NEWS | 22
acinclude.m4 | 1
patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch | 52
patches/security/20100330/6633872.patch | 443 +++
patches/security/20100330/6639665.patch | 51
patches/security/20100330/6736390.patch | 18
patches/security/20100330/6745393.patch | 1233 +++++++++++
patches/security/20100330/6887703.patch | 28
patches/security/20100330/6888149.patch | 33
patches/security/20100330/6892265.patch | 35
patches/security/20100330/6893947.patch | 86
patches/security/20100330/6893954.patch | 248 ++
patches/security/20100330/6894807.patch | 27
patches/security/20100330/6898622.patch | 20
patches/security/20100330/6898739.patch | 437 +++
patches/security/20100330/6899653.patch | 27
patches/security/20100330/6902299.patch | 104
patches/security/20100330/6904691.patch | 166 +
patches/security/20100330/6909597.patch | 74
patches/security/20100330/6910590.patch | 10
patches/security/20100330/6914823.patch | 80
patches/security/20100330/6914866.patch | 118 +
patches/security/20100330/6932480.patch | 43
patches/security/20100330/hotspot/hs16/6626217.patch | 160 +
patches/security/20100330/hotspot/original/6626217.patch | 180 +
diffs (truncated from 3985 to 500 lines):
diff -r 911fc7449289 -r 924b3dc09a33 ChangeLog
--- a/ChangeLog Tue Mar 30 20:37:12 2010 +0100
+++ b/ChangeLog Wed Mar 31 01:37:16 2010 +0100
@@ -1,3 +1,50 @@ 2010-03-30 Andrew John Hughes <ahughes
+2009-03-31 Andrew John Hughes <ahughes at redhat.com>
+
+ * patches/security/20100330/6894807.patch,
+ * patches/security/20100330/hotspot/hs16/6894807.patch,
+ * patches/security/20100330/hotspot/original/6894807.patch:
+ Move 6894807 patch to top-level; same for both hs14 and hs16.
+ * Makefile.am: Use $(HSBUILD) appropriately.
+ * patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch:
+ Fix paths.
+ * patches/security/20100330/6626217.patch,
+ * patches/security/20100330/hotspot/hs16/6626217.patch,
+ * patches/security/20100330/hotspot/original/6626217.patch:
+ Split 6626217 into hs14 and hs16 versions.
+
+2010-03-31 Matthias Klose <doko at ubuntu.com>
+
+ * acinclude.m4 (ENABLE_ZERO_BUILD): Depend on IT_SET_ARCH_SETTINGS.
+
+2009-03-30 Andrew John Hughes <ahughes at redhat.com>
+
+ * Makefile.am: Add new security patches.
+ * NEWS: List new security patches.
+ * patches/security/20100330/6626217.patch,
+ * patches/security/20100330/6633872.patch,
+ * patches/security/20100330/6639665.patch,
+ * patches/security/20100330/6736390.patch,
+ * patches/security/20100330/6745393.patch,
+ * patches/security/20100330/6887703.patch,
+ * patches/security/20100330/6888149.patch,
+ * patches/security/20100330/6892265.patch,
+ * patches/security/20100330/6893947.patch,
+ * patches/security/20100330/6893954.patch,
+ * patches/security/20100330/6898622.patch,
+ * patches/security/20100330/6898739.patch,
+ * patches/security/20100330/6899653.patch,
+ * patches/security/20100330/6902299.patch,
+ * patches/security/20100330/6904691.patch,
+ * patches/security/20100330/6909597.patch,
+ * patches/security/20100330/6910590.patch,
+ * patches/security/20100330/6914823.patch,
+ * patches/security/20100330/6914866.patch,
+ * patches/security/20100330/6932480.patch,
+ * patches/security/20100330/hotspot/hs16/6894807.patch,
+ * patches/security/20100330/hotspot/original/6894807.patch:
+ New security and hardening patches
+ http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
+
2010-03-30 Andrew John Hughes <ahughes at redhat.com>
* patches/openjdk/6873059-javac-versioning-hotspot.patch:
diff -r 911fc7449289 -r 924b3dc09a33 Makefile.am
--- a/Makefile.am Tue Mar 30 20:37:12 2010 +0100
+++ b/Makefile.am Wed Mar 31 01:37:16 2010 +0100
@@ -314,7 +314,28 @@ ICEDTEA_PATCHES = \
patches/icedtea-jtreg-httpTest.patch \
patches/openjdk/6873059-javac-versioning-corba.patch \
patches/hotspot/$(HSBUILD)/6873059-javac-versioning-hotspot.patch \
- patches/openjdk/6873059-javac-versioning-jdk.patch
+ patches/openjdk/6873059-javac-versioning-jdk.patch \
+ patches/security/20100330/hotspot/$(HSBUILD)/6626217.patch \
+ patches/security/20100330/6633872.patch \
+ patches/security/20100330/6639665.patch \
+ patches/security/20100330/6736390.patch \
+ patches/security/20100330/6745393.patch \
+ patches/security/20100330/6887703.patch \
+ patches/security/20100330/6888149.patch \
+ patches/security/20100330/6892265.patch \
+ patches/security/20100330/6893947.patch \
+ patches/security/20100330/6893954.patch \
+ patches/security/20100330/6894807.patch \
+ patches/security/20100330/6898622.patch \
+ patches/security/20100330/6898739.patch \
+ patches/security/20100330/6899653.patch \
+ patches/security/20100330/6902299.patch \
+ patches/security/20100330/6904691.patch \
+ patches/security/20100330/6909597.patch \
+ patches/security/20100330/6910590.patch \
+ patches/security/20100330/6914823.patch \
+ patches/security/20100330/6914866.patch \
+ patches/security/20100330/6932480.patch
if WITH_RHINO
ICEDTEA_PATCHES += \
diff -r 911fc7449289 -r 924b3dc09a33 NEWS
--- a/NEWS Tue Mar 30 20:37:12 2010 +0100
+++ b/NEWS Wed Mar 31 01:37:16 2010 +0100
@@ -7,6 +7,28 @@ New in release 1.8 (2010-XX-XX):
- Addition of security updates applied in IcedTea6 1.6.2.
- Many bug fixes:
http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html
+- Latest security updates and hardening patches:
+ - (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299)
+ - (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
+ - (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653)
+ - (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217)
+ - (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954)
+ - (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390)
+ - (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703)
+ - (CVE-2010-0088): Inflater/Deflater clone issues (6745393)
+ - (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
+ - (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149)
+ - (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
+ - (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
+ - (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)
+ - (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823)
+ - (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866)
+ - (CVE-2009-3555): TLS: MITM attacks via session renegotiation
+ - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups
+ - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs
+ - 6910590: Application can modify command array in ProcessBuilder
+ - 6909597: JPEGImageReader stepX Integer Overflow Vulnerability
+ - 6932480: Crash in CompilerThread/Parser. Unloaded array klass?
- Old plugin removed; NPPlugin is now the default and is controlled by
--enable/disable-plugin. As with the old plugin, it produces a
IcedTeaPlugin.so library rather than IcedTeaNPPlugin.so.
diff -r 911fc7449289 -r 924b3dc09a33 acinclude.m4
--- a/acinclude.m4 Tue Mar 30 20:37:12 2010 +0100
+++ b/acinclude.m4 Wed Mar 31 01:37:16 2010 +0100
@@ -726,6 +726,7 @@ AC_DEFUN([FIND_TOOL],
AC_DEFUN([ENABLE_ZERO_BUILD],
[
+ AC_REQUIRE([IT_SET_ARCH_SETTINGS])
AC_MSG_CHECKING([whether to use the zero-assembler port])
use_zero=no
AC_ARG_ENABLE([zero],
diff -r 911fc7449289 -r 924b3dc09a33 patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch
--- a/patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch Tue Mar 30 20:37:12 2010 +0100
+++ b/patches/hotspot/hs16/6873059-javac-versioning-hotspot.patch Wed Mar 31 01:37:16 2010 +0100
@@ -8,8 +8,8 @@ Reviewed-by: jcoomes
Reviewed-by: jcoomes
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/linux/makefiles/jvmti.make
---- a/make/linux/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/linux/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/linux/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/linux/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
@@ -70,10 +70,10 @@
both = $(JvmtiGenClass) $(JvmtiSrcDir)/jvmti.xml $(JvmtiSrcDir)/jvmtiLib.xsl
@@ -24,8 +24,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(JvmtiOutDir)/jvmtiEnter.cpp: $(both) $(JvmtiSrcDir)/jvmtiEnter.xsl
@echo Generating $@
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/linux/makefiles/rules.make
---- a/make/linux/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/linux/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/linux/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/linux/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
@@ -122,12 +122,20 @@
endif
endif
@@ -48,8 +48,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
ifeq ($(findstring j,$(MFLAGS)),j)
COMPILE_DONE = && { echo Done with $<; }
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/linux/makefiles/sa.make
---- a/make/linux/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/linux/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/linux/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/linux/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
@@ -74,8 +74,8 @@
mkdir -p $(SA_CLASSDIR); \
fi
@@ -62,8 +62,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(QUIETLY) $(REMOTE) $(COMPILE.RMIC) -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer
$(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES)
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/linux/makefiles/top.make
---- a/make/linux/makefiles/top.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/linux/makefiles/top.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/linux/makefiles/top.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/linux/makefiles/top.make Sat Sep 12 12:50:07 2009 +0100
@@ -24,7 +24,7 @@
# top.make is included in the Makefile in the build directories.
@@ -83,8 +83,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
@rm -f $(Incremental_Lists)
@$(CDG) echo >$(Cached_plat)
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/solaris/makefiles/jvmti.make
---- a/make/solaris/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/solaris/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/solaris/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/solaris/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
@@ -69,10 +69,10 @@
both = $(JvmtiGenClass) $(JvmtiSrcDir)/jvmti.xml $(JvmtiSrcDir)/jvmtiLib.xsl
@@ -99,8 +99,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(JvmtiOutDir)/jvmtiEnter.cpp: $(both) $(JvmtiSrcDir)/jvmtiEnter.xsl
@echo Generating $@
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/solaris/makefiles/rules.make
---- a/make/solaris/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/solaris/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/solaris/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/solaris/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
@@ -122,12 +122,20 @@
endif
endif
@@ -123,8 +123,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
ifeq ($(findstring j,$(MFLAGS)),j)
COMPILE_DONE = && { echo Done with $<; }
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/solaris/makefiles/sa.make
---- a/make/solaris/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/solaris/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/solaris/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/solaris/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
@@ -67,8 +67,8 @@
$(QUIETLY) if [ ! -d $(SA_CLASSDIR) ] ; then \
mkdir -p $(SA_CLASSDIR); \
@@ -137,8 +137,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(QUIETLY) $(COMPILE.RMIC) -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer
$(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES)
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/solaris/makefiles/top.make
---- a/make/solaris/makefiles/top.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/solaris/makefiles/top.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/solaris/makefiles/top.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/solaris/makefiles/top.make Sat Sep 12 12:50:07 2009 +0100
@@ -24,7 +24,7 @@
# top.make is included in the Makefile in the build directories.
@@ -158,8 +158,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
@rm -f $(Incremental_Lists)
@$(CDG) echo >$(Cached_plat)
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/windows/makefiles/generated.make
---- a/make/windows/makefiles/generated.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/windows/makefiles/generated.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/windows/makefiles/generated.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/windows/makefiles/generated.make Sat Sep 12 12:50:07 2009 +0100
@@ -91,7 +91,7 @@
classes/MakeDeps.class: $(MakeDepsSources)
if exist classes rmdir /s /q classes
@@ -170,8 +170,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
!if ("$(Variant)" == "compiler2") || ("$(Variant)" == "tiered")
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/windows/makefiles/jvmti.make
---- a/make/windows/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/windows/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/windows/makefiles/jvmti.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/windows/makefiles/jvmti.make Sat Sep 12 12:50:07 2009 +0100
@@ -68,10 +68,10 @@
@if not exist $(JvmtiOutDir) mkdir $(JvmtiOutDir)
@@ -186,8 +186,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(JvmtiOutDir)/jvmtiEnter.cpp: $(both) $(JvmtiSrcDir)/jvmtiEnter.xsl
@echo Generating $@
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/windows/makefiles/rules.make
---- a/make/windows/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/windows/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/windows/makefiles/rules.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/windows/makefiles/rules.make Sat Sep 12 12:50:07 2009 +0100
@@ -29,7 +29,7 @@
RUN_JAVAP=$(BootStrapDir)\bin\javap
RUN_JAVAH=$(BootStrapDir)\bin\javah
@@ -217,8 +217,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
!if "$(MSC_VER)" == "1200"
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/windows/makefiles/sa.make
---- a/make/windows/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/windows/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/windows/makefiles/sa.make Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/windows/makefiles/sa.make Sat Sep 12 12:50:07 2009 +0100
@@ -55,9 +55,9 @@
$(GENERATED)\sa-jdi.jar: $(AGENT_FILES1:/=\) $(AGENT_FILES2:/=\)
@if not exist $(SA_CLASSDIR) mkdir $(SA_CLASSDIR)
@@ -233,8 +233,8 @@ diff -r 682194ca1d8d -r 0fc81f0a8ca8 mak
$(QUIETLY) echo $(SA_BUILD_VERSION_PROP)> $(SA_PROPERTIES)
$(QUIETLY) rm -f $(SA_CLASSDIR)/sun/jvm/hotspot/utilities/soql/sa.js
diff -r 682194ca1d8d -r 0fc81f0a8ca8 make/windows/projectfiles/common/Makefile
---- a/make/windows/projectfiles/common/Makefile Thu Sep 10 09:04:41 2009 -0400
-+++ b/make/windows/projectfiles/common/Makefile Sat Sep 12 12:50:07 2009 +0100
+--- openjdk.orig/hotspot/make/windows/projectfiles/common/Makefile Thu Sep 10 09:04:41 2009 -0400
++++ openjdk/hotspot/make/windows/projectfiles/common/Makefile Sat Sep 12 12:50:07 2009 +0100
@@ -179,6 +179,6 @@
$(HOTSPOTBUILDSPACE)/classes/MakeDeps.class: $(MakeDepsSources)
@if exist $(HOTSPOTBUILDSPACE)\classes rmdir /s /q $(HOTSPOTBUILDSPACE)\classes
diff -r 911fc7449289 -r 924b3dc09a33 patches/security/20100330/6633872.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/20100330/6633872.patch Wed Mar 31 01:37:16 2010 +0100
@@ -0,0 +1,443 @@
+--- openjdk.orig/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Mar 15 10:28:30 2010
++++ openjdk/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Mar 15 10:28:30 2010
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
++ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -25,9 +25,15 @@
+
+ package java.security;
+
++import java.util.ArrayList;
++import java.util.Collections;
+ import java.util.Enumeration;
+ import java.util.List;
+-import java.util.ArrayList;
++import java.util.Map;
++import java.util.WeakHashMap;
++import sun.misc.JavaSecurityProtectionDomainAccess;
++import static sun.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache;
++import sun.misc.SharedSecrets;
+ import sun.security.util.Debug;
+ import sun.security.util.SecurityConstants;
+
+@@ -72,6 +78,11 @@
+ or dynamic (via a policy refresh) */
+ private boolean staticPermissions;
+
++ /*
++ * An object used as a key when the ProtectionDomain is stored in a Map.
++ */
++ final Key key = new Key();
++
+ private static final Debug debug = Debug.getInstance("domain");
+
+ /**
+@@ -238,7 +249,7 @@
+ /**
+ * Convert a ProtectionDomain to a String.
+ */
+- public String toString() {
++ @Override public String toString() {
+ String pals = "<no principals>";
+ if (principals != null && principals.length > 0) {
+ StringBuilder palBuf = new StringBuilder("(principals ");
+@@ -396,4 +407,29 @@
+
+ return mergedPerms;
+ }
++
++ /**
++ * Used for storing ProtectionDomains as keys in a Map.
++ */
++ final class Key {}
++
++ static {
++ SharedSecrets.setJavaSecurityProtectionDomainAccess(
++ new JavaSecurityProtectionDomainAccess() {
++ public ProtectionDomainCache getProtectionDomainCache() {
++ return new ProtectionDomainCache() {
++ private final Map<Key, PermissionCollection> map =
++ Collections.synchronizedMap
++ (new WeakHashMap<Key, PermissionCollection>());
++ public void put(ProtectionDomain pd,
++ PermissionCollection pc) {
++ map.put((pd == null ? null : pd.key), pc);
++ }
++ public PermissionCollection get(ProtectionDomain pd) {
++ return pd == null ? map.get(null) : map.get(pd.key);
++ }
++ };
++ }
++ });
++ }
+ }
+--- openjdk.orig/jdk/src/share/classes/java/security/Policy.java Mon Mar 15 10:28:30 2010
++++ openjdk/jdk/src/share/classes/java/security/Policy.java Mon Mar 15 10:28:30 2010
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
++ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -28,22 +28,19 @@
+
+ import java.io.*;
+ import java.lang.RuntimePermission;
++import java.lang.reflect.*;
+ import java.net.MalformedURLException;
+ import java.net.URL;
+ import java.util.Enumeration;
+ import java.util.Hashtable;
+-import java.util.Vector;
+-import java.util.StringTokenizer;
+ import java.util.PropertyPermission;
+-
+-import java.lang.reflect.*;
+-
++import java.util.StringTokenizer;
++import java.util.Vector;
+ import java.util.WeakHashMap;
+-import sun.security.util.Debug;
+ import sun.security.jca.GetInstance;
++import sun.security.util.Debug;
+ import sun.security.util.SecurityConstants;
+
+-
+ /**
+ * A Policy object is responsible for determining whether code executing
+ * in the Java runtime environment has permission to perform a
+@@ -113,8 +110,8 @@
+
+ private static final Debug debug = Debug.getInstance("policy");
+
+- // Cache mapping ProtectionDomain to PermissionCollection
+- private WeakHashMap<ProtectionDomain, PermissionCollection> pdMapping;
++ // Cache mapping ProtectionDomain.Key to PermissionCollection
++ private WeakHashMap<ProtectionDomain.Key, PermissionCollection> pdMapping;
+
+ /** package private for AccessControlContext */
+ static boolean isSet()
+@@ -307,7 +304,7 @@
+ synchronized (p) {
+ if (p.pdMapping == null) {
+ p.pdMapping =
+- new WeakHashMap<ProtectionDomain, PermissionCollection>();
++ new WeakHashMap<ProtectionDomain.Key, PermissionCollection>();
+ }
+ }
+
+@@ -323,7 +320,7 @@
+
+ synchronized (p.pdMapping) {
+ // cache of pd to permissions
+- p.pdMapping.put(policyDomain, policyPerms);
++ p.pdMapping.put(policyDomain.key, policyPerms);
+ }
+ }
+ return;
+@@ -638,7 +635,7 @@
+ }
+
+ synchronized (pdMapping) {
+- pc = pdMapping.get(domain);
++ pc = pdMapping.get(domain.key);
+ }
+
+ if (pc != null) {
+@@ -697,7 +694,7 @@
+ }
+
+ synchronized (pdMapping) {
+- pc = pdMapping.get(domain);
++ pc = pdMapping.get(domain.key);
+ }
+
+ if (pc != null) {
+@@ -711,7 +708,7 @@
+
+ synchronized (pdMapping) {
+ // cache it
+- pdMapping.put(domain, pc);
++ pdMapping.put(domain.key, pc);
+ }
+
+ return pc.implies(permission);
+@@ -747,21 +744,25 @@
+ this.params = params;
+ }
+
+- public String getType() { return type; }
++ @Override public String getType() { return type; }
+
+- public Policy.Parameters getParameters() { return params; }
++ @Override public Policy.Parameters getParameters() { return params; }
+
+- public Provider getProvider() { return p; }
++ @Override public Provider getProvider() { return p; }
+
++ @Override
+ public PermissionCollection getPermissions(CodeSource codesource) {
+ return spi.engineGetPermissions(codesource);
+ }
++ @Override
+ public PermissionCollection getPermissions(ProtectionDomain domain) {
+ return spi.engineGetPermissions(domain);
+ }
++ @Override
+ public boolean implies(ProtectionDomain domain, Permission perm) {
+ return spi.engineImplies(domain, perm);
+ }
++ @Override
+ public void refresh() {
+ spi.engineRefresh();
+ }
+@@ -803,7 +804,7 @@
+ * @exception SecurityException - if this PermissionCollection object
+ * has been marked readonly
+ */
+- public void add(Permission permission) {
++ @Override public void add(Permission permission) {
+ perms.add(permission);
+ }
+
+@@ -816,7 +817,7 @@
+ * @return true if "permission" is implied by the permissions in
+ * the collection, false if not.
+ */
+- public boolean implies(Permission permission) {
++ @Override public boolean implies(Permission permission) {
+ return perms.implies(permission);
+ }
+
+@@ -826,7 +827,7 @@
+ *
+ * @return an enumeration of all the Permissions.
+ */
More information about the distro-pkg-dev
mailing list