[PATCH][IcedTea6] Fix Backport from S6657673

Elliott Baron ebaron at redhat.com
Mon Apr 22 08:55:53 PDT 2013


On 04/22/2013 07:03 AM, Andrew Hughes wrote:
> ----- Original Message -----
>> Hi Andrew,
>>
>> On 04/19/2013 02:59 PM, Andrew Hughes wrote:
>>> ----- Original Message -----
>>>> Hi,
>>>>
>>>> This patch improves our backport of the Java 7 S6657673 security fix.
>>>> This fixes a problem where
>>>> javax.xml.parsers.DocumentBuilderFactory.newInstance would fail due to
>>>> package access restrictions on Xerces.
>>>> Okay to push?
>>>>
>>> No.  If you're backporting patches, as has been said before, they should
>>> be in the openjdk directory named with the bug ID so they can be traced.
>>> This is hard for me to read now, never mind for long term maintenance.
>>>
>>>> Thanks,
>>>> Elliott
>>>>
>> There were actually a couple of patches I backported, and they were just
>> partial backports. I didn't think it was suitable to classify it as a
>> proper OpenJDK patch. The commit policy says only direct backports
>> should be placed in the openjdk subdirectory.
>>
>> Thanks,
>> Elliott
>>
> Can you provide more details on:
>
> * The repository these changes came from and which changesets

 From the ChangeLog:
>   * patches/security/20130416/6657673-jaxp-backport-factoryfinder.patch:
>   Backported {parser,transform}.FactoryFinder fixes
>   from jdk7u-dev changesets: 4a61ac055189 & 38d4d23d167c.


> * What subset of the patches were used?

The first changeset 4a61ac055189: Adding the parameter useBSClassLoader 
to getProviderClass and newInstance. Other portions of the patch that 
updated the usage of these two methods to include useBSClassLoader were 
also backported.
The second changeset 38d4d23d167c: Is a fixed backport of S6657673 for 
these two FactoryFinder classes that actually sets useBSClassLoader.

Elliott



More information about the distro-pkg-dev mailing list