/hg/release/icedtea7-2.1: Add 2013/01/15 security update.
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Jan 15 09:44:02 PST 2013
changeset c117045cbb6d in /hg/release/icedtea7-2.1
details: http://icedtea.classpath.org/hg/release/icedtea7-2.1?cmd=changeset;node=c117045cbb6d
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Tue Jan 15 17:43:51 2013 +0000
Add 2013/01/15 security update.
2013-01-15 Andrew John Hughes <gnu_andrew at member.fsf.org>
* Makefile.am:
(CORBA_CHANGESET): Update to IcedTea7 2.1 forest head;
the tag icedtea-2.1.4.
(HOTSPOT_CHANGESET): Likewise.
(JAXP_CHANGESET): Likewise.
(JAXWS_CHANGESET): Likewise.
(JDK_CHANGESET): Likewise.
(LANGTOOLS_CHANGESET): Likewise.
(OPENJDK_CHANGESET): Likewise.
(CORBA_SHA256SUM): Likewise.
(HOTSPOT_SHA256SUM): Likewise.
(JAXP_SHA256SUM): Likewise.
(JAXWS_SHA256SUM): Likewise.
(JDK_SHA256SUM): Likewise.
(LANGTOOLS_SHA256SUM): Likewise.
(OPENJDK_SHA256SUM): Likewise.
* NEWS: List security fixes and set release date.
* patches/boot/ecj-stringswitch.patch:
Updated to work post-security-patches.
diffstat:
ChangeLog | 22 ++++++++++++++++++++++
Makefile.am | 28 ++++++++++++++--------------
NEWS | 7 ++++++-
patches/boot/ecj-stringswitch.patch | 35 ++++++++++++++++++++++++++++++++---
4 files changed, 74 insertions(+), 18 deletions(-)
diffs (137 lines):
diff -r 815ed44765eb -r c117045cbb6d ChangeLog
--- a/ChangeLog Wed Oct 24 17:47:28 2012 +0100
+++ b/ChangeLog Tue Jan 15 17:43:51 2013 +0000
@@ -1,3 +1,25 @@
+2013-01-15 Andrew John Hughes <gnu_andrew at member.fsf.org>
+
+ * Makefile.am:
+ (CORBA_CHANGESET): Update to IcedTea7 2.1 forest head;
+ the tag icedtea-2.1.4.
+ (HOTSPOT_CHANGESET): Likewise.
+ (JAXP_CHANGESET): Likewise.
+ (JAXWS_CHANGESET): Likewise.
+ (JDK_CHANGESET): Likewise.
+ (LANGTOOLS_CHANGESET): Likewise.
+ (OPENJDK_CHANGESET): Likewise.
+ (CORBA_SHA256SUM): Likewise.
+ (HOTSPOT_SHA256SUM): Likewise.
+ (JAXP_SHA256SUM): Likewise.
+ (JAXWS_SHA256SUM): Likewise.
+ (JDK_SHA256SUM): Likewise.
+ (LANGTOOLS_SHA256SUM): Likewise.
+ (OPENJDK_SHA256SUM): Likewise.
+ * NEWS: List security fixes and set release date.
+ * patches/boot/ecj-stringswitch.patch:
+ Updated to work post-security-patches.
+
2012-10-24 Andrew John Hughes <gnu.andrew at redhat.com>
* NEWS: Corrected bad CVE number
diff -r 815ed44765eb -r c117045cbb6d Makefile.am
--- a/Makefile.am Wed Oct 24 17:47:28 2012 +0100
+++ b/Makefile.am Tue Jan 15 17:43:51 2013 +0000
@@ -4,21 +4,21 @@
JDK_UPDATE_VERSION = 03
COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION)
-CORBA_CHANGESET = 79ee8535bc51
-HOTSPOT_CHANGESET = a456d0771ba0
-JAXP_CHANGESET = 77e7219c7424
-JAXWS_CHANGESET = d92eda447bca
-JDK_CHANGESET = d7ecb57d3c61
-LANGTOOLS_CHANGESET = fd2fdb20d858
-OPENJDK_CHANGESET = f89009ada191
+CORBA_CHANGESET = fccd14ecf86c
+HOTSPOT_CHANGESET = 3f345e5f65eb
+JAXP_CHANGESET = fb08c190f504
+JAXWS_CHANGESET = 77e7849c5e50
+JDK_CHANGESET = e7d1cb36e005
+LANGTOOLS_CHANGESET = de674a569978
+OPENJDK_CHANGESET = bc612c7c99ec
-CORBA_SHA256SUM = f61dad8d484e4a9e645b7fb73da87bc44f9986a074629154f37ed46be05f5b84
-HOTSPOT_SHA256SUM = 09a64fca0beff0759ef1b461d63ed6a00e43032972781bb3a55e49d8b93f67d0
-JAXP_SHA256SUM = 9cfbc0efaface20f7188870b9bf5b0ebc73d745cd9a49d013cd4e81ba223ccdc
-JAXWS_SHA256SUM = 6d0858d46b68d6e8488e70d1675e5b656aeb4ef51e8ee4e330e77219f92c1c0c
-JDK_SHA256SUM = 11146763409098a42dd9896f3fb7e7324a58c5cff5298009eb347ad26abeed51
-LANGTOOLS_SHA256SUM = 3a4039348aa49547fffa96563b77b704c72e2ac3ead2c132843ba1e9fe4dbad2
-OPENJDK_SHA256SUM = 0f2e414fee619e78c33bceaee7c440efa598d651b23a75fd61e1282ad6001839
+CORBA_SHA256SUM = bc761a960972906ec67b208e94f557bd9d1ceb07ae9020776a4774674d57ff44
+HOTSPOT_SHA256SUM = fa482a6ace16f95dd53cb99c842da401e634a4536ef1a18280e5d3b7843954b0
+JAXP_SHA256SUM = 619254245e5876614689c95cff44124462252bc0c074c85c657a1bac76e04043
+JAXWS_SHA256SUM = 4a60a1af32b4a274579e9932b22d552df6aae00640a3caf6a27109bdc2fe5d5a
+JDK_SHA256SUM = 1397d8e1f15fb6cb28a8c37fe15c93f8b95d36d5a4c6753cf621d28af620d6bf
+LANGTOOLS_SHA256SUM = b8c28b2de175694d1b8d6ff94c5ba616250aa3f39f41123e188cfec0b0a14da8
+OPENJDK_SHA256SUM = 4ee8fda9898f0b90fa05ea31907c20cd28d65bef550a332d35e3bd2f412cd399
CACAO_VERSION = a567bcb7f589
CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9
diff -r 815ed44765eb -r c117045cbb6d NEWS
--- a/NEWS Wed Oct 24 17:47:28 2012 +0100
+++ b/NEWS Tue Jan 15 17:43:51 2013 +0000
@@ -10,7 +10,12 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 2.1.4 (20XX-XX-XX):
+New in release 2.1.4 (2013-01-15):
+
+* Security fixes
+ - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries
+ - S8006017, CVE-2013-0422: Improve lookup resolutions
+ - S8006125: Update MethodHandles library interactions
New in release 2.1.3 (2012-10-17):
diff -r 815ed44765eb -r c117045cbb6d patches/boot/ecj-stringswitch.patch
--- a/patches/boot/ecj-stringswitch.patch Wed Oct 24 17:47:28 2012 +0100
+++ b/patches/boot/ecj-stringswitch.patch Tue Jan 15 17:43:51 2013 +0000
@@ -302,9 +302,9 @@
throw new IllegalArgumentException(
diff -Nru openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java
---- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2012-10-17 03:48:53.678554395 +0100
-+++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2012-10-17 04:20:20.203700764 +0100
-@@ -411,89 +411,84 @@
+--- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2013-01-14 22:25:02.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java 2013-01-15 02:19:34.315049222 +0000
+@@ -411,104 +411,99 @@
static boolean isCallerSensitive(MemberName mem) {
assert(mem.isInvocable());
Class<?> defc = mem.getDeclaringClass();
@@ -319,6 +319,35 @@
- case "lookup":
+ } else if ("lookup".equals(memName)) {
return defc == java.lang.invoke.MethodHandles.class;
+- case "findStatic":
+- case "findVirtual":
+- case "findConstructor":
+- case "findSpecial":
+- case "findGetter":
+- case "findSetter":
+- case "findStaticGetter":
+- case "findStaticSetter":
+- case "bind":
+- case "unreflect":
+- case "unreflectSpecial":
+- case "unreflectConstructor":
+- case "unreflectGetter":
+- case "unreflectSetter":
++ } else if ("findStatic".equals(memName) ||
++ "findVirtual".equals(memName) ||
++ "findConstructor".equals(memName) ||
++ "findSpecial".equals(memName) ||
++ "findGetter".equals(memName) ||
++ "findSetter".equals(memName) ||
++ "findStaticGetter".equals(memName) ||
++ "findStaticSetter".equals(memName) ||
++ "bind".equals(memName) ||
++ "unreflect".equals(memName) ||
++ "unreflectSpecial".equals(memName) ||
++ "unreflectConstructor".equals(memName) ||
++ "unreflectGetter".equals(memName) ||
++ "unreflectSetter".equals(memName)) {
+ return defc == java.lang.invoke.MethodHandles.Lookup.class;
- case "invoke":
+ } else if ("invoke".equals(memName)) {
return defc == java.lang.reflect.Method.class;
More information about the distro-pkg-dev
mailing list