/hg/release/icedtea6-1.11: Add 2013/10/15 security fixes.
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Wed Oct 30 17:22:42 PDT 2013
changeset d667440f2973 in /hg/release/icedtea6-1.11
details: http://icedtea.classpath.org/hg/release/icedtea6-1.11?cmd=changeset;node=d667440f2973
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Oct 31 00:22:07 2013 +0000
Add 2013/10/15 security fixes.
2013-10-29 Andrew John Hughes <gnu.andrew at redhat.com>
* patches/ecj/bootver.patch:
Removed as unapplied & incorporated in other patches.
* Makefile.am:
(SECURITY_PATCHES): Add security update.
* NEWS: Updated.
* patches/jtreg-LastErrorString.patch,
* patches/openjdk/7196533-timezone_bottleneck.patch,
* patches/openjdk/8010727-empty_logger_name.patch,
* patches/openjdk/8010939-logmanager_deadlock.patch,
* patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch,
* patches/openjdk/8014718-remove_logging_suntoolkit.patch:
Regenerated.
* patches/nss-config.patch: Fix path to java.security.
* patches/openjdk/4075303-javap_update.patch,
* patches/openjdk/4111861-static_fields.patch,
* patches/openjdk/4501661-disallow_mixing.patch,
* patches/openjdk/4884240-javap_additional_option.patch,
* patches/openjdk/6708729-javap_makefile_update.patch,
* patches/openjdk/6715767-javap_crash.patch,
* patches/openjdk/6819246-javap_instruction_decoding.patch,
* patches/openjdk/6824493-experimental.patch,
* patches/openjdk/6841419-classfile_iterator.patch,
* patches/openjdk/6841420-classfile_methods.patch,
* patches/openjdk/6843013-missing_experimental.patch,
* patches/openjdk/6852856-javap_subclasses.patch,
* patches/openjdk/6867671-javap_whitespace.patch,
* patches/openjdk/6868539-constant_pool_tags.patch,
* patches/openjdk/6902264-fix_indentation.patch,
* patches/openjdk/6954275-big_xml_signatures.patch,
* patches/openjdk/7146431-java.security_files.patch,
* patches/openjdk/8000450-restrict_access.patch,
* patches/openjdk/8002070-remove_logger_stack_search.patch,
* patches/openjdk/8003992-embedded_nulls.patch,
* patches/openjdk/8004188-rename_java.security.patch,
* patches/openjdk/8006882-jmockit.patch,
* patches/openjdk/8006900-new_date_time.patch,
* patches/openjdk/8008589-better_mbean_permission_validation.patch,
* patches/openjdk/8010118-caller_sensitive.patch,
* patches/openjdk/8011071-better_crypto_provider_handling.patch,
* patches/openjdk/8011081-improve_jhat.patch,
* patches/openjdk/8011139-revise_checking_getenclosingclass.patch,
* patches/openjdk/8011157-improve_corba_portability-jdk.patch,
* patches/openjdk/8011157-improve_corba_portability.patch,
* patches/openjdk/8011990-logger_test_urls.patch,
* patches/openjdk/8012071-better_bean_building.patch,
* patches/openjdk/8012147-improve_tool.patch,
* patches/openjdk/8012243-serial_regression.patch,
* patches/openjdk/8012277-improve_dataflavour.patch,
* patches/openjdk/8012425-transform_transformfactory.patch,
* patches/openjdk/8012453-runtime.exec.patch,
* patches/openjdk/8013380-logger_stack_walk_glassfish.patch,
* patches/openjdk/8013503-improve_stream_factories.patch,
* patches/openjdk/8013506-better_pack200.patch,
* patches/openjdk/8013510-augment_image_writing.patch,
* patches/openjdk/8013514-improve_cmap_stability.patch,
* patches/openjdk/8013739-better_ldap_resource_management.patch,
* patches/openjdk/8013744-better_tabling.patch,
* patches/openjdk/8013827-createtempfile_hang.patch,
* patches/openjdk/8014085-better_serialization.patch,
* patches/openjdk/8014093-improve_image_parsing.patch,
* patches/openjdk/8014102-improve_image_conversion.patch,
* patches/openjdk/8014341-better_kerberos_service.patch,
* patches/openjdk/8014349-getdeclaredclass_fix.patch,
* patches/openjdk/8014530-better_dsp.patch,
* patches/openjdk/8014534-better_profiling.patch,
* patches/openjdk/8014745-logger_stack_walk_switch.patch,
* patches/openjdk/8014987-augment_serialization.patch,
* patches/openjdk/8015144-performance_regression.patch,
* patches/openjdk/8015614-update_build.patch,
* patches/openjdk/8015731-auth_improvements.patch,
* patches/openjdk/8015743-address_internet_addresses.patch,
* patches/openjdk/8015965-typo_in_property_name.patch,
* patches/openjdk/8015978-incorrect_transformation.patch,
* patches/openjdk/8016256-finalization_final.patch,
* patches/openjdk/8016357-update_hs_diagnostic_class.patch,
* patches/openjdk/8016653-ignoreable_characters.patch,
* patches/openjdk/8016675-robust_javadoc.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch,
* patches/openjdk/8017287-better_resource_disposal.patch,
* patches/openjdk/8017291-cast_proxies_aside.patch,
* patches/openjdk/8017298-better_xml_support.patch,
* patches/openjdk/8017300-improve_interface_implementation.patch,
* patches/openjdk/8017505-better_client_service.patch,
* patches/openjdk/8017566-backout_part_of_8000450.patch,
* patches/openjdk/8019292-better_attribute_value_exceptions.patch,
* patches/openjdk/8019584-invalid_notification_fix.patch,
* patches/openjdk/8019617-better_view_of_objects.patch,
* patches/openjdk/8019969-inet6_test_case_fix.patch,
* patches/openjdk/8019979-better_access_test.patch,
* patches/openjdk/8020293-jvm_crash.patch,
* patches/openjdk/8021290-signature_validation.patch,
* patches/openjdk/8021355-splashscreen_regression.patch,
* patches/openjdk/8021366-jaxp_test_fix-01.patch,
* patches/openjdk/8021577-bean_serialization_fix.patch,
* patches/openjdk/8021933-jaxp_test_fix-02.patch,
* patches/openjdk/8021969-jnlp_load_failure.patch,
* patches/openjdk/8022661-writeobject_flush.patch,
* patches/openjdk/8022682-supporting_xom.patch,
* patches/openjdk/8022940-enhance_corba_translations.patch,
* patches/openjdk/8023683-enhance_class_file_parsing.patch,
* patches/openjdk/8023964-ignore_test.patch,
* patches/openjdk/8024914-swapped_usage.patch,
* patches/openjdk/8025128-createtempfile_absolute_prefix.patch,
* patches/openjdk/oj6-19-fix_8010118_test_cases.patch,
* patches/openjdk/oj6-20-merge.patch,
* patches/openjdk/oj6-21-overrides.patch: Added.
diffstat:
ChangeLog | 110 +
Makefile.am | 106 +-
NEWS | 118 +
patches/ecj/bootver.patch | 14 -
patches/jtreg-LastErrorString.patch | 31 +-
patches/nss-config.patch | 4 +-
patches/openjdk/4075303-javap_update.patch | 12081 ++++++++++
patches/openjdk/4111861-static_fields.patch | 280 +
patches/openjdk/4501661-disallow_mixing.patch | 222 +
patches/openjdk/4884240-javap_additional_option.patch | 288 +
patches/openjdk/6708729-javap_makefile_update.patch | 59 +
patches/openjdk/6715767-javap_crash.patch | 135 +
patches/openjdk/6819246-javap_instruction_decoding.patch | 2065 +
patches/openjdk/6824493-experimental.patch | 1304 +
patches/openjdk/6841419-classfile_iterator.patch | 142 +
patches/openjdk/6841420-classfile_methods.patch | 34 +
patches/openjdk/6843013-missing_experimental.patch | 334 +
patches/openjdk/6852856-javap_subclasses.patch | 508 +
patches/openjdk/6867671-javap_whitespace.patch | 1041 +
patches/openjdk/6868539-constant_pool_tags.patch | 163 +
patches/openjdk/6902264-fix_indentation.patch | 159 +
patches/openjdk/6954275-big_xml_signatures.patch | 194 +
patches/openjdk/7146431-java.security_files.patch | 82 +
patches/openjdk/7196533-timezone_bottleneck.patch | 15 +-
patches/openjdk/8000450-restrict_access.patch | 108 +
patches/openjdk/8002070-remove_logger_stack_search.patch | 658 +
patches/openjdk/8003992-embedded_nulls.patch | 1026 +
patches/openjdk/8004188-rename_java.security.patch | 652 +
patches/openjdk/8006882-jmockit.patch | 90 +
patches/openjdk/8006900-new_date_time.patch | 115 +
patches/openjdk/8008589-better_mbean_permission_validation.patch | 61 +
patches/openjdk/8010118-caller_sensitive.patch | 2981 ++
patches/openjdk/8010727-empty_logger_name.patch | 18 +-
patches/openjdk/8010939-logmanager_deadlock.patch | 22 +-
patches/openjdk/8011071-better_crypto_provider_handling.patch | 287 +
patches/openjdk/8011081-improve_jhat.patch | 267 +
patches/openjdk/8011139-revise_checking_getenclosingclass.patch | 58 +
patches/openjdk/8011157-improve_corba_portability-jdk.patch | 125 +
patches/openjdk/8011157-improve_corba_portability.patch | 183 +
patches/openjdk/8011990-logger_test_urls.patch | 58 +
patches/openjdk/8012071-better_bean_building.patch | 87 +
patches/openjdk/8012147-improve_tool.patch | 67 +
patches/openjdk/8012243-serial_regression.patch | 45 +
patches/openjdk/8012277-improve_dataflavour.patch | 83 +
patches/openjdk/8012425-transform_transformfactory.patch | 380 +
patches/openjdk/8012453-runtime.exec.patch | 383 +
patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch | 131 +-
patches/openjdk/8013380-logger_stack_walk_glassfish.patch | 941 +
patches/openjdk/8013503-improve_stream_factories.patch | 224 +
patches/openjdk/8013506-better_pack200.patch | 39 +
patches/openjdk/8013510-augment_image_writing.patch | 57 +
patches/openjdk/8013514-improve_cmap_stability.patch | 51 +
patches/openjdk/8013739-better_ldap_resource_management.patch | 148 +
patches/openjdk/8013744-better_tabling.patch | 196 +
patches/openjdk/8013827-createtempfile_hang.patch | 176 +
patches/openjdk/8014085-better_serialization.patch | 412 +
patches/openjdk/8014093-improve_image_parsing.patch | 719 +
patches/openjdk/8014102-improve_image_conversion.patch | 190 +
patches/openjdk/8014341-better_kerberos_service.patch | 66 +
patches/openjdk/8014349-getdeclaredclass_fix.patch | 43 +
patches/openjdk/8014530-better_dsp.patch | 3121 ++
patches/openjdk/8014534-better_profiling.patch | 156 +
patches/openjdk/8014718-remove_logging_suntoolkit.patch | 47 +-
patches/openjdk/8014745-logger_stack_walk_switch.patch | 205 +
patches/openjdk/8014987-augment_serialization.patch | 100 +
patches/openjdk/8015144-performance_regression.patch | 273 +
patches/openjdk/8015614-update_build.patch | 41 +
patches/openjdk/8015731-auth_improvements.patch | 28 +
patches/openjdk/8015743-address_internet_addresses.patch | 1290 +
patches/openjdk/8015965-typo_in_property_name.patch | 42 +
patches/openjdk/8015978-incorrect_transformation.patch | 22 +
patches/openjdk/8016256-finalization_final.patch | 24 +
patches/openjdk/8016357-update_hs_diagnostic_class.patch | 71 +
patches/openjdk/8016653-ignoreable_characters.patch | 101 +
patches/openjdk/8016675-robust_javadoc.patch | 75 +
patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch | 107 +
patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch | 94 +
patches/openjdk/8017287-better_resource_disposal.patch | 22 +
patches/openjdk/8017291-cast_proxies_aside.patch | 34 +
patches/openjdk/8017298-better_xml_support.patch | 999 +
patches/openjdk/8017300-improve_interface_implementation.patch | 129 +
patches/openjdk/8017505-better_client_service.patch | 560 +
patches/openjdk/8017566-backout_part_of_8000450.patch | 77 +
patches/openjdk/8019292-better_attribute_value_exceptions.patch | 57 +
patches/openjdk/8019584-invalid_notification_fix.patch | 69 +
patches/openjdk/8019617-better_view_of_objects.patch | 68 +
patches/openjdk/8019969-inet6_test_case_fix.patch | 33 +
patches/openjdk/8019979-better_access_test.patch | 154 +
patches/openjdk/8020293-jvm_crash.patch | 40 +
patches/openjdk/8021290-signature_validation.patch | 55 +
patches/openjdk/8021355-splashscreen_regression.patch | 53 +
patches/openjdk/8021366-jaxp_test_fix-01.patch | 21 +
patches/openjdk/8021577-bean_serialization_fix.patch | 25 +
patches/openjdk/8021933-jaxp_test_fix-02.patch | 33 +
patches/openjdk/8021969-jnlp_load_failure.patch | 25 +
patches/openjdk/8022661-writeobject_flush.patch | 20 +
patches/openjdk/8022682-supporting_xom.patch | 250 +
patches/openjdk/8022940-enhance_corba_translations.patch | 41 +
patches/openjdk/8023683-enhance_class_file_parsing.patch | 35 +
patches/openjdk/8023964-ignore_test.patch | 29 +
patches/openjdk/8024914-swapped_usage.patch | 58 +
patches/openjdk/8025128-createtempfile_absolute_prefix.patch | 139 +
patches/openjdk/oj6-19-fix_8010118_test_cases.patch | 499 +
patches/openjdk/oj6-20-merge.patch | 599 +
patches/openjdk/oj6-21-overrides.patch | 20 +
patches/use-idx_t.patch | 81 +-
106 files changed, 40480 insertions(+), 178 deletions(-)
diffs (truncated from 41484 to 500 lines):
diff -r 5fb5a0032329 -r d667440f2973 ChangeLog
--- a/ChangeLog Sat Sep 07 04:25:38 2013 +0100
+++ b/ChangeLog Thu Oct 31 00:22:07 2013 +0000
@@ -1,3 +1,113 @@
+2013-10-29 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * patches/ecj/bootver.patch:
+ Removed as unapplied & incorporated in other patches.
+ * Makefile.am:
+ (SECURITY_PATCHES): Add security update.
+ * NEWS: Updated.
+ * patches/jtreg-LastErrorString.patch,
+ * patches/openjdk/7196533-timezone_bottleneck.patch,
+ * patches/openjdk/8010727-empty_logger_name.patch,
+ * patches/openjdk/8010939-logmanager_deadlock.patch,
+ * patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch,
+ * patches/openjdk/8014718-remove_logging_suntoolkit.patch:
+ Regenerated.
+ * patches/nss-config.patch: Fix path to java.security.
+ * patches/openjdk/4075303-javap_update.patch,
+ * patches/openjdk/4111861-static_fields.patch,
+ * patches/openjdk/4501661-disallow_mixing.patch,
+ * patches/openjdk/4884240-javap_additional_option.patch,
+ * patches/openjdk/6708729-javap_makefile_update.patch,
+ * patches/openjdk/6715767-javap_crash.patch,
+ * patches/openjdk/6819246-javap_instruction_decoding.patch,
+ * patches/openjdk/6824493-experimental.patch,
+ * patches/openjdk/6841419-classfile_iterator.patch,
+ * patches/openjdk/6841420-classfile_methods.patch,
+ * patches/openjdk/6843013-missing_experimental.patch,
+ * patches/openjdk/6852856-javap_subclasses.patch,
+ * patches/openjdk/6867671-javap_whitespace.patch,
+ * patches/openjdk/6868539-constant_pool_tags.patch,
+ * patches/openjdk/6902264-fix_indentation.patch,
+ * patches/openjdk/6954275-big_xml_signatures.patch,
+ * patches/openjdk/7146431-java.security_files.patch,
+ * patches/openjdk/8000450-restrict_access.patch,
+ * patches/openjdk/8002070-remove_logger_stack_search.patch,
+ * patches/openjdk/8003992-embedded_nulls.patch,
+ * patches/openjdk/8004188-rename_java.security.patch,
+ * patches/openjdk/8006882-jmockit.patch,
+ * patches/openjdk/8006900-new_date_time.patch,
+ * patches/openjdk/8008589-better_mbean_permission_validation.patch,
+ * patches/openjdk/8010118-caller_sensitive.patch,
+ * patches/openjdk/8011071-better_crypto_provider_handling.patch,
+ * patches/openjdk/8011081-improve_jhat.patch,
+ * patches/openjdk/8011139-revise_checking_getenclosingclass.patch,
+ * patches/openjdk/8011157-improve_corba_portability-jdk.patch,
+ * patches/openjdk/8011157-improve_corba_portability.patch,
+ * patches/openjdk/8011990-logger_test_urls.patch,
+ * patches/openjdk/8012071-better_bean_building.patch,
+ * patches/openjdk/8012147-improve_tool.patch,
+ * patches/openjdk/8012243-serial_regression.patch,
+ * patches/openjdk/8012277-improve_dataflavour.patch,
+ * patches/openjdk/8012425-transform_transformfactory.patch,
+ * patches/openjdk/8012453-runtime.exec.patch,
+ * patches/openjdk/8013380-logger_stack_walk_glassfish.patch,
+ * patches/openjdk/8013503-improve_stream_factories.patch,
+ * patches/openjdk/8013506-better_pack200.patch,
+ * patches/openjdk/8013510-augment_image_writing.patch,
+ * patches/openjdk/8013514-improve_cmap_stability.patch,
+ * patches/openjdk/8013739-better_ldap_resource_management.patch,
+ * patches/openjdk/8013744-better_tabling.patch,
+ * patches/openjdk/8013827-createtempfile_hang.patch,
+ * patches/openjdk/8014085-better_serialization.patch,
+ * patches/openjdk/8014093-improve_image_parsing.patch,
+ * patches/openjdk/8014102-improve_image_conversion.patch,
+ * patches/openjdk/8014341-better_kerberos_service.patch,
+ * patches/openjdk/8014349-getdeclaredclass_fix.patch,
+ * patches/openjdk/8014530-better_dsp.patch,
+ * patches/openjdk/8014534-better_profiling.patch,
+ * patches/openjdk/8014745-logger_stack_walk_switch.patch,
+ * patches/openjdk/8014987-augment_serialization.patch,
+ * patches/openjdk/8015144-performance_regression.patch,
+ * patches/openjdk/8015614-update_build.patch,
+ * patches/openjdk/8015731-auth_improvements.patch,
+ * patches/openjdk/8015743-address_internet_addresses.patch,
+ * patches/openjdk/8015965-typo_in_property_name.patch,
+ * patches/openjdk/8015978-incorrect_transformation.patch,
+ * patches/openjdk/8016256-finalization_final.patch,
+ * patches/openjdk/8016357-update_hs_diagnostic_class.patch,
+ * patches/openjdk/8016653-ignoreable_characters.patch,
+ * patches/openjdk/8016675-robust_javadoc.patch,
+ * patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch,
+ * patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch,
+ * patches/openjdk/8017287-better_resource_disposal.patch,
+ * patches/openjdk/8017291-cast_proxies_aside.patch,
+ * patches/openjdk/8017298-better_xml_support.patch,
+ * patches/openjdk/8017300-improve_interface_implementation.patch,
+ * patches/openjdk/8017505-better_client_service.patch,
+ * patches/openjdk/8017566-backout_part_of_8000450.patch,
+ * patches/openjdk/8019292-better_attribute_value_exceptions.patch,
+ * patches/openjdk/8019584-invalid_notification_fix.patch,
+ * patches/openjdk/8019617-better_view_of_objects.patch,
+ * patches/openjdk/8019969-inet6_test_case_fix.patch,
+ * patches/openjdk/8019979-better_access_test.patch,
+ * patches/openjdk/8020293-jvm_crash.patch,
+ * patches/openjdk/8021290-signature_validation.patch,
+ * patches/openjdk/8021355-splashscreen_regression.patch,
+ * patches/openjdk/8021366-jaxp_test_fix-01.patch,
+ * patches/openjdk/8021577-bean_serialization_fix.patch,
+ * patches/openjdk/8021933-jaxp_test_fix-02.patch,
+ * patches/openjdk/8021969-jnlp_load_failure.patch,
+ * patches/openjdk/8022661-writeobject_flush.patch,
+ * patches/openjdk/8022682-supporting_xom.patch,
+ * patches/openjdk/8022940-enhance_corba_translations.patch,
+ * patches/openjdk/8023683-enhance_class_file_parsing.patch,
+ * patches/openjdk/8023964-ignore_test.patch,
+ * patches/openjdk/8024914-swapped_usage.patch,
+ * patches/openjdk/8025128-createtempfile_absolute_prefix.patch,
+ * patches/openjdk/oj6-19-fix_8010118_test_cases.patch,
+ * patches/openjdk/oj6-20-merge.patch,
+ * patches/openjdk/oj6-21-overrides.patch: Added.
+
2013-09-07 Andrew John Hughes <gnu.andrew at redhat.com>
* configure.ac: Set to 1.11.14pre.
diff -r 5fb5a0032329 -r d667440f2973 Makefile.am
--- a/Makefile.am Sat Sep 07 04:25:38 2013 +0100
+++ b/Makefile.am Thu Oct 31 00:22:07 2013 +0000
@@ -395,7 +395,106 @@
patches/security/20130618/langtools_merge-01.patch \
patches/security/20130618/langtools_merge-02.patch \
patches/security/20130618/langtools_generics.patch \
- patches/security/20130618/langtools_merge-03.patch
+ patches/security/20130618/langtools_merge-03.patch \
+ patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch \
+ patches/openjdk/8011157-improve_corba_portability.patch \
+ patches/openjdk/8022940-enhance_corba_translations.patch \
+ patches/openjdk/8013503-improve_stream_factories.patch \
+ patches/openjdk/8012425-transform_transformfactory.patch \
+ patches/openjdk/8017298-better_xml_support.patch \
+ patches/openjdk/8014530-better_dsp.patch \
+ patches/openjdk/8021366-jaxp_test_fix-01.patch \
+ patches/openjdk/8021933-jaxp_test_fix-02.patch \
+ patches/openjdk/8022682-supporting_xom.patch \
+ patches/openjdk/8015978-incorrect_transformation.patch \
+ patches/openjdk/oj6-20-merge.patch \
+ patches/openjdk/8024914-swapped_usage.patch \
+ patches/openjdk/8017505-better_client_service.patch \
+ patches/openjdk/8015614-update_build.patch \
+ patches/openjdk/8016256-finalization_final.patch \
+ patches/openjdk/8023683-enhance_class_file_parsing.patch \
+ patches/openjdk/4075303-javap_update.patch \
+ patches/openjdk/6819246-javap_instruction_decoding.patch \
+ patches/openjdk/6715767-javap_crash.patch \
+ patches/openjdk/6841420-classfile_methods.patch \
+ patches/openjdk/6841419-classfile_iterator.patch \
+ patches/openjdk/4111861-static_fields.patch \
+ patches/openjdk/4884240-javap_additional_option.patch \
+ patches/openjdk/6852856-javap_subclasses.patch \
+ patches/openjdk/6867671-javap_whitespace.patch \
+ patches/openjdk/6868539-constant_pool_tags.patch \
+ patches/openjdk/4501661-disallow_mixing.patch \
+ patches/openjdk/6824493-experimental.patch \
+ patches/openjdk/6843013-missing_experimental.patch \
+ patches/openjdk/6902264-fix_indentation.patch \
+ patches/openjdk/8016675-robust_javadoc.patch \
+ patches/openjdk/8016653-ignoreable_characters.patch \
+ patches/openjdk/7196533-timezone_bottleneck.patch \
+ patches/openjdk/8006900-new_date_time.patch \
+ patches/openjdk/8008589-better_mbean_permission_validation.patch \
+ patches/openjdk/8011071-better_crypto_provider_handling.patch \
+ patches/openjdk/8011081-improve_jhat.patch \
+ patches/openjdk/8011157-improve_corba_portability-jdk.patch \
+ patches/openjdk/8012071-better_bean_building.patch \
+ patches/openjdk/8012147-improve_tool.patch \
+ patches/openjdk/8012277-improve_dataflavour.patch \
+ patches/openjdk/8013506-better_pack200.patch \
+ patches/openjdk/8013510-augment_image_writing.patch \
+ patches/openjdk/8013514-improve_cmap_stability.patch \
+ patches/openjdk/8013744-better_tabling.patch \
+ patches/openjdk/8014085-better_serialization.patch \
+ patches/openjdk/8014093-improve_image_parsing.patch \
+ patches/openjdk/8014102-improve_image_conversion.patch \
+ patches/openjdk/8014341-better_kerberos_service.patch \
+ patches/openjdk/8014534-better_profiling.patch \
+ patches/openjdk/8014987-augment_serialization.patch \
+ patches/openjdk/8015731-auth_improvements.patch \
+ patches/openjdk/8015743-address_internet_addresses.patch \
+ patches/openjdk/8016357-update_hs_diagnostic_class.patch \
+ patches/openjdk/8002070-remove_logger_stack_search.patch \
+ patches/openjdk/6708729-javap_makefile_update.patch \
+ patches/openjdk/8010118-caller_sensitive.patch \
+ patches/openjdk/oj6-19-fix_8010118_test_cases.patch \
+ patches/openjdk/8010727-empty_logger_name.patch \
+ patches/openjdk/8010939-logmanager_deadlock.patch \
+ patches/openjdk/8011990-logger_test_urls.patch \
+ patches/openjdk/8013380-logger_stack_walk_glassfish.patch \
+ patches/openjdk/8014745-logger_stack_walk_switch.patch \
+ patches/openjdk/8012243-serial_regression.patch \
+ patches/openjdk/8014718-remove_logging_suntoolkit.patch \
+ patches/openjdk/8011139-revise_checking_getenclosingclass.patch \
+ patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch \
+ patches/openjdk/8017287-better_resource_disposal.patch \
+ patches/openjdk/8017291-cast_proxies_aside.patch \
+ patches/openjdk/7146431-java.security_files.patch \
+ patches/openjdk/8006882-jmockit.patch \
+ patches/openjdk/8000450-restrict_access.patch \
+ patches/openjdk/8019979-better_access_test.patch \
+ patches/openjdk/8004188-rename_java.security.patch \
+ patches/openjdk/8017566-backout_part_of_8000450.patch \
+ patches/openjdk/8017300-improve_interface_implementation.patch \
+ patches/openjdk/8019292-better_attribute_value_exceptions.patch \
+ patches/openjdk/8019617-better_view_of_objects.patch \
+ patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch \
+ patches/openjdk/8020293-jvm_crash.patch \
+ patches/openjdk/8013739-better_ldap_resource_management.patch \
+ patches/openjdk/8014349-getdeclaredclass_fix.patch \
+ patches/openjdk/6954275-big_xml_signatures.patch \
+ patches/openjdk/8021290-signature_validation.patch \
+ patches/openjdk/8012453-runtime.exec.patch \
+ patches/openjdk/8015965-typo_in_property_name.patch \
+ patches/openjdk/8015144-performance_regression.patch \
+ patches/openjdk/8019969-inet6_test_case_fix.patch \
+ patches/openjdk/8019584-invalid_notification_fix.patch \
+ patches/openjdk/8021577-bean_serialization_fix.patch \
+ patches/openjdk/8021969-jnlp_load_failure.patch \
+ patches/openjdk/8021355-splashscreen_regression.patch \
+ patches/openjdk/8022661-writeobject_flush.patch \
+ patches/openjdk/8023964-ignore_test.patch \
+ patches/openjdk/8003992-embedded_nulls.patch \
+ patches/openjdk/8013827-createtempfile_hang.patch \
+ patches/openjdk/8025128-createtempfile_absolute_prefix.patch \
+ patches/openjdk/oj6-21-overrides.patch
SPECIAL_SECURITY_PATCH_1 = patches/security/20120214/7112642.patch
SPECIAL_SECURITY_PATCH_2 = patches/security/20130618/8009071-improve_shape_handling.patch
@@ -636,13 +735,9 @@
patches/openjdk/8011154-awt_regression.patch \
patches/openjdk/8011992-MlibOpsTest_failed.patch \
patches/openjdk/8012112-MlibOpsTest_fails.patch \
- patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch \
patches/openjdk/8012933-appcontext_disposed_too_early.patch \
patches/openjdk/8013196-timezone_getdefault_throws_exception.patch \
patches/openjdk/8014427-raster_regression.patch \
- patches/openjdk/8010727-empty_logger_name.patch \
- patches/openjdk/8010939-logmanager_deadlock.patch \
- patches/openjdk/8014718-remove_logging_suntoolkit.patch \
patches/openjdk/8009996-emitter_bean.patch \
patches/openjdk/6541350-tz_display_names_l10n.patch \
patches/openjdk/6821191-tz_display_names_l10n.patch \
@@ -664,7 +759,6 @@
patches/openjdk/8020054-tzdata2013d.patch \
patches/openjdk/6840152-jvm_crashes_with_heavyweight_monitors.patch \
patches/openjdk/7022999-fastlocking_compiler1_only.patch \
- patches/openjdk/7196533-timezone_bottleneck.patch \
patches/openjdk/6636370-appcontext_simplification.patch \
patches/openjdk/6636331-appcontext_concurrentmodificationexception.patch \
patches/imageiojpeg_sync.patch \
diff -r 5fb5a0032329 -r d667440f2973 NEWS
--- a/NEWS Sat Sep 07 04:25:38 2013 +0100
+++ b/NEWS Thu Oct 31 00:22:07 2013 +0000
@@ -13,6 +13,124 @@
New in release 1.11.14 (2013-10-XX):
+* Security fixes
+ - S8006900, CVE-2013-3829: Add new date/time capability
+ - S8008589: Better MBean permission validation
+ - S8011071, CVE-2013-5780: Better crypto provider handling
+ - S8011081, CVE-2013-5772: Improve jhat
+ - S8011157, CVE-2013-5814: Improve CORBA portablility
+ - S8012071, CVE-2013-5790: Better Building of Beans
+ - S8012147: Improve tool support
+ - S8012277: CVE-2013-5849: Improve AWT DataFlavor
+ - S8012425, CVE-2013-5802: Transform TransformerFactory
+ - S8013503, CVE-2013-5851: Improve stream factories
+ - S8013506: Better Pack200 data handling
+ - S8013510, CVE-2013-5809: Augment image writing code
+ - S8013514: Improve stability of cmap class
+ - S8013739, CVE-2013-5817: Better LDAP resource management
+ - S8013744, CVE-2013-5783: Better tabling for AWT
+ - S8014085: Better serialization support in JMX classes
+ - S8014093, CVE-2013-5782: Improve parsing of images
+ - S8014102, CVE-2013-5778: Improve image conversion
+ - S8014341, CVE-2013-5803: Better service from Kerberos servers
+ - S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations
+ - S8014530, CVE-2013-5825: Better digital signature processing
+ - S8014534: Better profiling support
+ - S8014987, CVE-2013-5842: Augment serialization handling
+ - S8015614: Update build settings
+ - S8015731: Subject java.security.auth.subject to improvements
+ - S8015743, CVE-2013-5774: Address internet addresses
+ - S8016256: Make finalization final
+ - S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names
+ - S8016675, CVE-2013-5797: Make Javadoc pages more robust
+ - S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately
+ - S8017287, CVE-2013-5829: Better resource disposal
+ - S8017291, CVE-2013-5830: Cast Proxies Aside
+ - S8017298, CVE-2013-4002: Better XML support
+ - S8017300, CVE-2013-5784: Improve Interface Implementation
+ - S8017505, CVE-2013-5820: Better Client Service
+ - S8019292: Better Attribute Value Exceptions
+ - S8019617: Better view of objects
+ - S8020293: JVM crash
+ - S8021290, CVE-2013-5823: Better signature validation
+ - S8022940: Enhance CORBA translations
+ - S8023683: Enhance class file parsing
+* Backports
+ - S4075303: Use javap to enquire about a specific inner class
+ - S4111861: static final field contents are not displayed
+ - S4348375: Javap is not internationalized
+ - S4459541: "javap -l" shows line numbers as signed short; they should be unsigned
+ - S4501660: change diagnostic of -help as 'print this help message and exit'
+ - S4501661: disallow mixing -public, -private, and -protected options at the same time
+ - S4776241: unused source file in javap...
+ - S4870651: javap should recognize generics, varargs, enum
+ - S4876942: javap invoked without args does not print help screen
+ - S4880663: javap could output whitespace between class name and opening brace
+ - S4884240: additional option required for javap
+ - S4975569: javap doesn't print new flag bits
+ - S6271787: javap dumps LocalVariableTypeTable attribute in hex, needs to print a table
+ - S6305779: javap: support annotations
+ - S6439940: Clean up javap implementation
+ - S6469569: wrong check of searchpath in JavapEnvironment
+ - S6474890: javap does not open .zip files in -classpath
+ - S6587786: Javap throws error : "ERROR:Could not find <classname>" for JRE classes
+ - S6622215: javap ignores certain relevant access flags
+ - S6622216: javap names some attributes incorrectly
+ - S6622232: javap gets whitespace confused
+ - S6622260: javap prints negative bytes incorrectly in hex
+ - S6708729: update jdk Makefiles for new javap
+ - S6715767: javap on java.lang.ClassLoader crashes
+ - S6819246: improve support for decoding instructions in classfile library
+ - S6824493: experimental support for additional info for instructions
+ - S6841419: classfile: add constant pool iterator
+ - S6841420: classfile: add new methods to ConstantClassInfo
+ - S6843013: missing files in fix for 6824493
+ - S6852856: javap changes to facilitate subclassing javap for variants
+ - S6867671: javap whitespace formatting issues
+ - S6868539: javap should use current names for constant pool tags
+ - S6902264: fix indentation of tableswitch and lookupswitch
+ - S6954275: XML signatures with reference data larger 16KB and cacheRef on fails to validate
+ - S7146431: java.security files out-of-sync
+ -S8000450: Restrict access to com/sun/corba/se/impl package
+ - S8002070: Remove the stack search for a resource bundle for Logger to use
+ - S8003992: File and other classes in java.io do not handle embedded nulls properly
+ - S8004188: Rename src/share/lib/security/java.security to java.security-linux
+ - S8006882: Proxy generated classes in sun.proxy package breaks JMockit
+ - S8010118: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive
+ - S8010727: WLS fails to add a logger with "" in its own LogManager subclass instance
+ - S8010939: Deadlock in LogManager
+ - S8011139: (reflect) Revise checking in getEnclosingClass
+ - S8011950: java.io.File.createTempFile enters infinite loop when passed invalid data
+ - S8011990: TEST_BUG: java/util/logging/bundlesearch/ResourceBundleSearchTest.java fails on Windows
+ - S8012243: about 30% regression on specjvm2008.serial on 7u25 comparing 7u21
+ - S8012453: (process) Runtime.exec(String) fails if command contains spaces [win]
+ - S8012617: ArrayIndexOutOfBoundsException with some fonts using LineBreakMeasurer
+ - S8013380: Removal of stack walk to find resource bundle breaks Glassfish startup
+ - S8013827: File.createTempFile hangs with temp file starting with 'com1.4'
+ - S8014718: Netbeans IDE begins to throw a lot exceptions since 7u25 b10
+ - S8014745: Provide a switch to allow stack walk search of resource bundle
+ - S8015144: Performance regression in ICU OpenType Layout library
+ - S8015965: (process) Typo in name of property to allow ambiguous commands
+ - S8015978: Incorrect transformation of XPath expression "string(-0)"
+ - S8016357: Update hotspot diagnostic class
+ - S8017566: Backout 8000450 - Cannot access to com.sun.corba.se.impl.orb.ORBImpl
+ - S8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null
+ - S8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes
+ - S8019979: Replace CheckPackageAccess test with better one from closed repo
+ - S8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris
+ - S8021366: java_util/Properties/PropertiesWithOtherEncodings fails during 7u45 nightly testing
+ - S8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01
+ - S8021933: Add extra check for fix # JDK-8014530
+ - S8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log.
+ - S8022661: InetAddress.writeObject() performs flush() on object output stream
+ - S8022682: Supporting XOM
+ - S8023964: java/io/IOException/LastErrorString.java should be @ignore-d
+ - S8024914: Swapped usage of idx_t and bm_word_t types in bitMap.inline.hpp
+ - S8025128: File.createTempFile fails if prefix is absolute path
+ - OJ19: Fix test cases from 8010118 to work with OpenJDK 6
+ - OJ20: Resolve merge issues with JAXP security fixes
+ - OJ21: Remove @Override annotation added on interface by 2013/10/15 security fixes
+
New in release 1.11.13 (2013-09-06):
* Backports
diff -r 5fb5a0032329 -r d667440f2973 patches/ecj/bootver.patch
--- a/patches/ecj/bootver.patch Sat Sep 07 04:25:38 2013 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-diff -r b6701047e287 make/common/shared/Platform.gmk
---- openjdk-ecj.orig/jdk/make/common/shared/Platform.gmk Sat Jun 12 00:15:32 2010 +0100
-+++ openjdk-ecj/jdk/make/common/shared/Platform.gmk Sun Jun 13 23:54:02 2010 +0100
-@@ -88,8 +88,8 @@
-
- SYSTEM_UNAME := $(shell uname)
-
--# Normal boot jdk is previous release, but a hard requirement is a 1.6 boot
--REQUIRED_BOOT_VER = 1.6
-+# Normal boot jdk is previous release, but a hard requirement is a 1.5 boot
-+REQUIRED_BOOT_VER = 1.5
-
- # If we are using freetype, this is the required version
- REQUIRED_FREETYPE_VERSION=2.3.0
diff -r 5fb5a0032329 -r d667440f2973 patches/jtreg-LastErrorString.patch
--- a/patches/jtreg-LastErrorString.patch Sat Sep 07 04:25:38 2013 +0100
+++ b/patches/jtreg-LastErrorString.patch Thu Oct 31 00:22:07 2013 +0000
@@ -1,16 +1,15 @@
-diff -Nru IOException/LastErrorString.java /home/brq/ptisnovs/IOException/LastErrorString.java
---- openjdk-old/jdk/test/java/io/IOException/LastErrorString.java 2011-01-21 00:54:47.000000000 +0100
-+++ openjdk/jdk/test/java/io/IOException/LastErrorString.java 2011-02-21 15:34:58.972481000 +0100
-@@ -21,9 +21,13 @@
- * questions.
+diff -Nru openjdk.orig/jdk/test/java/io/IOException/LastErrorString.java openjdk/jdk/test/java/io/IOException/LastErrorString.java
+--- openjdk.orig/jdk/test/java/io/IOException/LastErrorString.java 2013-10-29 09:39:12.978000311 +0000
++++ openjdk/jdk/test/java/io/IOException/LastErrorString.java 2013-10-29 09:41:26.024030445 +0000
+@@ -22,9 +22,12 @@
*/
--/* @test
-- @bug 4167937
+ /* @test
+- @bug 4167937 8023964
+- @ignore Test truncates system files when run as root, see 7042603
- @summary Test code paths that use the JVM_LastErrorString procedure
-+/*
-+ * @test
-+ * @bug 4167937
++ * @bug 4167937 8023964
++ * @ignore Test truncates system files when run as root, see 7042603
+ * @summary Test code paths that use the JVM_LastErrorString procedure
+ *
+ * @compile LastErrorString.java
@@ -18,7 +17,7 @@
*/
import java.io.IOException;
-@@ -37,33 +41,11 @@
+@@ -38,33 +41,11 @@
static String UNWRITEABLE_DIR;
static String UNREADABLE_FILE;
@@ -53,7 +52,7 @@
static abstract class Test {
String name;
-@@ -197,7 +179,7 @@
+@@ -198,7 +179,7 @@
new Test("FileOutputStream") {
public void run() throws IOException {
@@ -62,7 +61,7 @@
}}.go();
new ClosedFOSTest("write()") {
-@@ -257,8 +239,29 @@
+@@ -258,8 +239,29 @@
}
@@ -92,9 +91,9 @@
go();
}
-diff -Nru IOException/LastErrorString.sh /home/brq/ptisnovs/IOException/LastErrorString.sh
---- /dev/null 1970-01-01 01:00:00.000000000 +0100
-+++ openjdk/jdk/test/java/io/IOException/LastErrorString.sh 2011-02-21 15:34:58.972481000 +0100
+diff -Nru openjdk.orig/jdk/test/java/io/IOException/LastErrorString.sh openjdk/jdk/test/java/io/IOException/LastErrorString.sh
+--- openjdk.orig/jdk/test/java/io/IOException/LastErrorString.sh 1970-01-01 01:00:00.000000000 +0100
++++ openjdk/jdk/test/java/io/IOException/LastErrorString.sh 2013-10-29 09:40:29.223163741 +0000
@@ -0,0 +1,103 @@
+#!/bin/sh
+
diff -r 5fb5a0032329 -r d667440f2973 patches/nss-config.patch
--- a/patches/nss-config.patch Sat Sep 07 04:25:38 2013 +0100
+++ b/patches/nss-config.patch Thu Oct 31 00:22:07 2013 +0000
@@ -1,5 +1,5 @@
---- openjdk.orig/jdk/src/share/lib/security/java.security 2009-08-25 11:43:59.000000000 +0100
-+++ openjdk/jdk/src/share/lib/security/java.security 2009-08-27 14:23:54.000000000 +0100
+--- openjdk.orig/jdk/src/share/lib/security/java.security-linux 2009-08-25 11:43:59.000000000 +0100
++++ openjdk/jdk/src/share/lib/security/java.security-linux 2009-08-27 14:23:54.000000000 +0100
@@ -51,6 +51,7 @@
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
diff -r 5fb5a0032329 -r d667440f2973 patches/openjdk/4075303-javap_update.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/4075303-javap_update.patch Thu Oct 31 00:22:07 2013 +0000
@@ -0,0 +1,12081 @@
+# HG changeset patch
+# User jjg
+# Date 1382400229 -3600
+# Tue Oct 22 01:03:49 2013 +0100
+# Node ID bfd7bb4218253bac4f57abbc90b987f16e4b7f6c
+# Parent 8e38c8fe0a0beaef943e754071be0358c34e76dd
+4075303: Use javap to enquire about a specific inner class
+4348375: Javap is not internationalized
+4459541: "javap -l" shows line numbers as signed short; they should be unsigned
+4501660: change diagnostic of -help as 'print this help message and exit'
+4776241: unused source file in javap...
+4870651: javap should recognize generics, varargs, enum
+4876942: javap invoked without args does not print help screen
+4880663: javap could output whitespace between class name and opening brace
+4975569: javap doesn't print new flag bits
+6271787: javap dumps LocalVariableTypeTable attribute in hex, needs to print a table
+6305779: javap: support annotations
+6439940: Clean up javap implementation
+6469569: wrong check of searchpath in JavapEnvironment
+6474890: javap does not open .zip files in -classpath
More information about the distro-pkg-dev
mailing list