[PATCH][IcedTea6] Fix Backport from S6657673
Elliott Baron
ebaron at redhat.com
Mon Apr 22 08:55:53 PDT 2013
On 04/22/2013 07:03 AM, Andrew Hughes wrote:
> ----- Original Message -----
>> Hi Andrew,
>>
>> On 04/19/2013 02:59 PM, Andrew Hughes wrote:
>>> ----- Original Message -----
>>>> Hi,
>>>>
>>>> This patch improves our backport of the Java 7 S6657673 security fix.
>>>> This fixes a problem where
>>>> javax.xml.parsers.DocumentBuilderFactory.newInstance would fail due to
>>>> package access restrictions on Xerces.
>>>> Okay to push?
>>>>
>>> No. If you're backporting patches, as has been said before, they should
>>> be in the openjdk directory named with the bug ID so they can be traced.
>>> This is hard for me to read now, never mind for long term maintenance.
>>>
>>>> Thanks,
>>>> Elliott
>>>>
>> There were actually a couple of patches I backported, and they were just
>> partial backports. I didn't think it was suitable to classify it as a
>> proper OpenJDK patch. The commit policy says only direct backports
>> should be placed in the openjdk subdirectory.
>>
>> Thanks,
>> Elliott
>>
> Can you provide more details on:
>
> * The repository these changes came from and which changesets
From the ChangeLog:
> * patches/security/20130416/6657673-jaxp-backport-factoryfinder.patch:
> Backported {parser,transform}.FactoryFinder fixes
> from jdk7u-dev changesets: 4a61ac055189 & 38d4d23d167c.
> * What subset of the patches were used?
The first changeset 4a61ac055189: Adding the parameter useBSClassLoader
to getProviderClass and newInstance. Other portions of the patch that
updated the usage of these two methods to include useBSClassLoader were
also backported.
The second changeset 38d4d23d167c: Is a fixed backport of S6657673 for
these two FactoryFinder classes that actually sets useBSClassLoader.
Elliott
More information about the distro-pkg-dev
mailing list