/hg/release/icedtea7-2.2: Add 2013/01/15 security update.
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Jan 15 06:01:00 PST 2013
changeset 9cc2d9873b77 in /hg/release/icedtea7-2.2
details: http://icedtea.classpath.org/hg/release/icedtea7-2.2?cmd=changeset;node=9cc2d9873b77
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Tue Jan 15 14:00:43 2013 +0000
Add 2013/01/15 security update.
2013-01-15 Andrew John Hughes <gnu_andrew at member.fsf.org>
* Makefile.am:
(CORBA_CHANGESET): Update to IcedTea7 2.2 forest head;
the tag icedtea-2.2.4.
(HOTSPOT_CHANGESET): Likewise.
(JAXP_CHANGESET): Likewise.
(JAXWS_CHANGESET): Likewise.
(JDK_CHANGESET): Likewise.
(LANGTOOLS_CHANGESET): Likewise.
(OPENJDK_CHANGESET): Likewise.
(CORBA_SHA256SUM): Likewise.
(HOTSPOT_SHA256SUM): Likewise.
(JAXP_SHA256SUM): Likewise.
(JAXWS_SHA256SUM): Likewise.
(JDK_SHA256SUM): Likewise.
(LANGTOOLS_SHA256SUM): Likewise.
(OPENJDK_SHA256SUM): Likewise.
* NEWS: List security fixes and set release date.
* patches/boot/ecj-stringswitch.patch:
Updated to work post-security-patches.
diffstat:
ChangeLog | 22 ++++++++++++++++++++++
Makefile.am | 29 ++++++++++++++---------------
NEWS | 7 ++++++-
patches/boot/ecj-stringswitch.patch | 35 ++++++++++++++++++++++++++++++++---
4 files changed, 74 insertions(+), 19 deletions(-)
diffs (138 lines):
diff -r 6decaea2de44 -r 9cc2d9873b77 ChangeLog
--- a/ChangeLog Wed Oct 31 11:37:21 2012 +0000
+++ b/ChangeLog Tue Jan 15 14:00:43 2013 +0000
@@ -1,3 +1,25 @@
+2013-01-15 Andrew John Hughes <gnu_andrew at member.fsf.org>
+
+ * Makefile.am:
+ (CORBA_CHANGESET): Update to IcedTea7 2.2 forest head;
+ the tag icedtea-2.2.4.
+ (HOTSPOT_CHANGESET): Likewise.
+ (JAXP_CHANGESET): Likewise.
+ (JAXWS_CHANGESET): Likewise.
+ (JDK_CHANGESET): Likewise.
+ (LANGTOOLS_CHANGESET): Likewise.
+ (OPENJDK_CHANGESET): Likewise.
+ (CORBA_SHA256SUM): Likewise.
+ (HOTSPOT_SHA256SUM): Likewise.
+ (JAXP_SHA256SUM): Likewise.
+ (JAXWS_SHA256SUM): Likewise.
+ (JDK_SHA256SUM): Likewise.
+ (LANGTOOLS_SHA256SUM): Likewise.
+ (OPENJDK_SHA256SUM): Likewise.
+ * NEWS: List security fixes and set release date.
+ * patches/boot/ecj-stringswitch.patch:
+ Updated to work post-security-patches.
+
2012-10-24 Andrew John Hughes <gnu.andrew at redhat.com>
* NEWS: Corrected bad CVE number
diff -r 6decaea2de44 -r 9cc2d9873b77 Makefile.am
--- a/Makefile.am Wed Oct 31 11:37:21 2012 +0000
+++ b/Makefile.am Tue Jan 15 14:00:43 2013 +0000
@@ -4,22 +4,21 @@
JDK_UPDATE_VERSION = 05
COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION)
-CORBA_CHANGESET = 12fee4f9ac22
-HOTSPOT_CHANGESET = 1a3dc05d59c2
-JAXP_CHANGESET = dc64245ac19d
-JAXWS_CHANGESET = b41293d57940
-JDK_CHANGESET = 4cf358fd012a
-LANGTOOLS_CHANGESET = e96efe42e3d5
-OPENJDK_CHANGESET = 32574ae3c2be
+CORBA_CHANGESET = f90e1b6ccfb6
+HOTSPOT_CHANGESET = 60d6e32e00a6
+JAXP_CHANGESET = 028a292be666
+JAXWS_CHANGESET = c620184ea425
+JDK_CHANGESET = 8fccb53fef83
+LANGTOOLS_CHANGESET = 206668cf21e5
+OPENJDK_CHANGESET = 431257be5014
-CORBA_SHA256SUM = bf314ffe9993f70ef9a0449b5c540883935b6326e28ee5afdc44f062039e0303
-HOTSPOT_SHA256SUM = 7a54b49cfd6ae6a4cc8aaba042f96e1622cf88f6ba0ffc61bbc36cc164a5d096
-JAXP_SHA256SUM = 5003576ed427cae1dda7ccf7c1af042ea8f62ad668e176583a84fba989f77e32
-JAXWS_SHA256SUM = a3bf4ec265fd044a5abce35dfc51b1977826a21bd13abe05a8336f25e8a8dd21
-JDK_SHA256SUM = 5cd45b036269d35ec916e0b99977a87d2a2addefe9aa2058fbc05d0269cd9008
-LANGTOOLS_SHA256SUM = f70752c14ec19fec5fffdb38b3d3aaaefd551ec4dfd109947541b3f4176245a6
-OPENJDK_SHA256SUM = 6a5e1a497c0a309fc17954909ca5890bef15b61e8af877b7a07d0f754d6875a4
-HS21_SHA256SUM = a2a2c610e9ebb97a3c95be233533035cf4f59c4cc45a553ba09e52106fbad113
+CORBA_SHA256SUM = 1480c0ae07c31a5a0c70791a5ac8576ebd4a606fbf7e97d901ffce98a121c5ba
+HOTSPOT_SHA256SUM = 8c22bcae21996ad394a00c8607f716f5b9156f0f8005f2558adda58cbcd48275
+JAXP_SHA256SUM = 578b309af7bca3290e1df62c3950701196b791579ecd97f93da3b8fee17fc689
+JAXWS_SHA256SUM = 33c1f30d67ef2bc290f53f852f5d02ea6815f7ef875140306fabfec15e57a816
+JDK_SHA256SUM = a3e05956d2979ac5a5ea1331857a9b04b9f31a1283dda2ec746435cd4fd551b9
+LANGTOOLS_SHA256SUM = d5a8460788cc1cb6af9bfd9d70c01811a60c2a27e31ce5331d4bf444bc1f5a17
+OPENJDK_SHA256SUM = 6fe4d91049da673a843ff2b41ec9e9601c9ff45ba37526d414b8f0a700fa33d5
CACAO_VERSION = a567bcb7f589
CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9
diff -r 6decaea2de44 -r 9cc2d9873b77 NEWS
--- a/NEWS Wed Oct 31 11:37:21 2012 +0000
+++ b/NEWS Tue Jan 15 14:00:43 2013 +0000
@@ -10,7 +10,12 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 2.2.4 (20XX-XX-XX):
+New in release 2.2.4 (2013-01-15):
+
+* Security fixes
+ - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries
+ - S8006017, CVE-2013-0422: Improve lookup resolutions
+ - S8006125: Update MethodHandles library interactions
New in release 2.2.3 (2012-10-17):
diff -r 6decaea2de44 -r 9cc2d9873b77 patches/boot/ecj-stringswitch.patch
--- a/patches/boot/ecj-stringswitch.patch Wed Oct 31 11:37:21 2012 +0000
+++ b/patches/boot/ecj-stringswitch.patch Tue Jan 15 14:00:43 2013 +0000
@@ -302,9 +302,9 @@
throw new IllegalArgumentException(
diff -Nru openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java
---- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2012-10-17 03:48:53.678554395 +0100
-+++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2012-10-17 04:20:20.203700764 +0100
-@@ -411,89 +411,84 @@
+--- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2013-01-14 22:25:02.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2013-01-15 02:19:34.315049222 +0000
+@@ -411,104 +411,99 @@
static boolean isCallerSensitive(MemberName mem) {
assert(mem.isInvocable());
Class<?> defc = mem.getDeclaringClass();
@@ -319,6 +319,35 @@
- case "lookup":
+ } else if ("lookup".equals(memName)) {
return defc == java.lang.invoke.MethodHandles.class;
+- case "findStatic":
+- case "findVirtual":
+- case "findConstructor":
+- case "findSpecial":
+- case "findGetter":
+- case "findSetter":
+- case "findStaticGetter":
+- case "findStaticSetter":
+- case "bind":
+- case "unreflect":
+- case "unreflectSpecial":
+- case "unreflectConstructor":
+- case "unreflectGetter":
+- case "unreflectSetter":
++ } else if ("findStatic".equals(memName) ||
++ "findVirtual".equals(memName) ||
++ "findConstructor".equals(memName) ||
++ "findSpecial".equals(memName) ||
++ "findGetter".equals(memName) ||
++ "findSetter".equals(memName) ||
++ "findStaticGetter".equals(memName) ||
++ "findStaticSetter".equals(memName) ||
++ "bind".equals(memName) ||
++ "unreflect".equals(memName) ||
++ "unreflectSpecial".equals(memName) ||
++ "unreflectConstructor".equals(memName) ||
++ "unreflectGetter".equals(memName) ||
++ "unreflectSetter".equals(memName)) {
+ return defc == java.lang.invoke.MethodHandles.Lookup.class;
- case "invoke":
+ } else if ("invoke".equals(memName)) {
return defc == java.lang.reflect.Method.class;
More information about the distro-pkg-dev
mailing list