/hg/release/icedtea6-1.13: 3 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Sat Jan 24 02:08:17 UTC 2015
changeset 540eb79e2917 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=540eb79e2917
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Jan 23 18:47:27 2015 +0000
PR2190: JamVM lacks JVM_FindClassFromCaller introduced by security patch in 1.13.5
2015-01-07 Andrew John Hughes <gnu.andrew at member.fsf.org>
PR2190: JamVM lacks JVM_FindClassFromCaller introduced
by security patch in 1.13.5
* Makefile.am:
(ICEDTEA_PATCHES): Add new patch when building
JamVM.
(EXTRA_DIST): Include patches from JamVM directory.
* NEWS: Updated.
* patches/jamvm/pr2190-find_class_from_caller.patch:
Backport JamVM patch to implement FindClassFromCaller.
changeset e6429eecdf69 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=e6429eecdf69
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Jan 23 18:50:21 2015 +0000
Update release date and fix description of PR2184.
2015-01-23 Andrew John Hughes <gnu.andrew at member.fsf.org>
* NEWS: Update release date and fix
description of PR2184.
changeset a2adf13bc1ec in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=a2adf13bc1ec
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Sat Jan 24 02:08:02 2015 +0000
Added tag icedtea6-1.13.6 for changeset e6429eecdf69
diffstat:
.hgtags | 1 +
ChangeLog | 17 ++++
Makefile.am | 5 +
NEWS | 6 +-
patches/jamvm/pr2190-find_class_from_caller.patch | 93 +++++++++++++++++++++++
5 files changed, 120 insertions(+), 2 deletions(-)
diffs (167 lines):
diff -r 8693268730ca -r a2adf13bc1ec .hgtags
--- a/.hgtags Wed Jan 21 22:22:34 2015 +0000
+++ b/.hgtags Sat Jan 24 02:08:02 2015 +0000
@@ -32,3 +32,4 @@
0000000000000000000000000000000000000000 icedtea6-1.13.4
cbd687c7240d173b0b34840ba07a39a6e7b39a20 icedtea6-1.13.4
b2b4346dbdf5be3e9f8609e4a7e923f6557c19dd icedtea6-1.13.5
+e6429eecdf6945c6a4b431049bcbf1834b255158 icedtea6-1.13.6
diff -r 8693268730ca -r a2adf13bc1ec ChangeLog
--- a/ChangeLog Wed Jan 21 22:22:34 2015 +0000
+++ b/ChangeLog Sat Jan 24 02:08:02 2015 +0000
@@ -1,3 +1,20 @@
+2015-01-23 Andrew John Hughes <gnu.andrew at member.fsf.org>
+
+ * NEWS: Update release date and fix
+ description of PR2184.
+
+2015-01-07 Andrew John Hughes <gnu.andrew at member.fsf.org>
+
+ PR2190: JamVM lacks JVM_FindClassFromCaller introduced
+ by security patch in 1.13.5
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Add new patch when building
+ JamVM.
+ (EXTRA_DIST): Include patches from JamVM directory.
+ * NEWS: Updated.
+ * patches/jamvm/pr2190-find_class_from_caller.patch:
+ Backport JamVM patch to implement FindClassFromCaller.
+
2015-01-21 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
diff -r 8693268730ca -r a2adf13bc1ec Makefile.am
--- a/Makefile.am Wed Jan 21 22:22:34 2015 +0000
+++ b/Makefile.am Sat Jan 24 02:08:02 2015 +0000
@@ -646,6 +646,11 @@
patches/hotspot/hs23/systemtap-alloc-size-workaround.patch
endif
+if BUILD_JAMVM
+ICEDTEA_PATCHES += \
+ patches/jamvm/pr2190-find_class_from_caller.patch
+endif
+
if ENABLE_NSS
ICEDTEA_PATCHES += patches/rh1022017.patch
NSS_PATCHES = patches/nss-config.patch
diff -r 8693268730ca -r a2adf13bc1ec NEWS
--- a/NEWS Wed Jan 21 22:22:34 2015 +0000
+++ b/NEWS Sat Jan 24 02:08:02 2015 +0000
@@ -12,7 +12,7 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 1.13.6 (2015-01-20):
+New in release 1.13.6 (2015-01-23):
* Security fixes
- S8046656: Update protocol support
@@ -186,7 +186,9 @@
- PR2179: Avoid x86 workaround when running Zero rather than a JIT
- PR2180: Old autotools dislike $(builddir)/fsg.sh
* CACAO
- - PR2184: CACAO lacks JVM_FindClassFromCaller introduced by security patch in 2.5.3
+ - PR2184: CACAO lacks JVM_FindClassFromCaller introduced by security patch in 1.13.6
+* JamVM
+ - PR2190: JamVM lacks JVM_FindClassFromCaller introduced by security patch in 1.13.6
New in release 1.13.5 (2014-10-14):
diff -r 8693268730ca -r a2adf13bc1ec patches/jamvm/pr2190-find_class_from_caller.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/jamvm/pr2190-find_class_from_caller.patch Sat Jan 24 02:08:02 2015 +0000
@@ -0,0 +1,93 @@
+diff -Nru jamvm.old/src/classlib/openjdk/class.c jamvm/src/classlib/openjdk/class.c
+--- jamvm/jamvm.old/src/classlib/openjdk/class.c 2013-11-18 03:45:44.000000000 +0000
++++ jamvm/jamvm/src/classlib/openjdk/class.c 2015-01-07 16:14:57.599311159 +0000
+@@ -23,6 +23,7 @@
+ #include "jam.h"
+ #include "hash.h"
+ #include "class.h"
++#include "excep.h"
+ #include "symbol.h"
+
+ /* Cached offset of classes field in java.lang.ClassLoader objects */
+@@ -161,3 +162,24 @@
+
+ return strcat(strcpy(endorsed_dirs, java_home), "/lib/endorsed");
+ }
++
++Class *findClassFromLoader(char *name, int init, Object *loader,
++ int throw_error) {
++
++ Class *class = findClassFromClassLoader(name, loader);
++
++ if(class == NULL) {
++ if(!throw_error) {
++ Object *excep = exceptionOccurred();
++ char *dot_name = slash2DotsDup(name);
++
++ clearException();
++ signalChainedException(java_lang_ClassNotFoundException,
++ dot_name, excep);
++ sysFree(dot_name);
++ }
++ } else if(init)
++ initClass(class);
++
++ return class;
++}
+diff -Nru jamvm.old/src/classlib/openjdk/jvm.c jamvm/src/classlib/openjdk/jvm.c
+--- jamvm/jamvm.old/src/classlib/openjdk/jvm.c 2013-11-18 03:45:44.000000000 +0000
++++ jamvm/jamvm/src/classlib/openjdk/jvm.c 2015-01-07 16:16:43.560605105 +0000
+@@ -520,26 +520,22 @@
+ jclass JVM_FindClassFromClassLoader(JNIEnv *env, const char *name,
+ jboolean init, jobject loader,
+ jboolean throw_error) {
+- Class *class;
+
+ TRACE("JVM_FindClassFromClassLoader(env=%p, name=%s, init=%d, loader=%p,"
+ " throwError=%d)", env, name, init, loader, throwError);
+
+- class = findClassFromClassLoader((char *)name, loader);
++ return findClassFromLoader((char *)name, init, loader, throw_error);
++}
++
++/* JVM_FindClassFromCaller */
++
++jclass JVM_FindClassFromCaller(JNIEnv *env, const char *name, jboolean init,
++ jobject loader, jclass caller) {
+
+- if(class == NULL && !throw_error) {
+- Object *excep = exceptionOccurred();
+- char *dot_name = slash2DotsDup((char*)name);
+-
+- clearException();
+- signalChainedException(java_lang_ClassNotFoundException,
+- dot_name, excep);
+- sysFree(dot_name);
+- } else
+- if(init)
+- initClass(class);
++ TRACE("JVM_FindClassFromCaller(env=%p, name=%s, init=%d, loader=%p,"
++ " caller=%p)", env, name, init, loader, caller);
+
+- return class;
++ return findClassFromLoader((char *)name, init, loader, FALSE);
+ }
+
+
+diff -Nru jamvm.old/src/classlib/openjdk/openjdk.h jamvm/src/classlib/openjdk/openjdk.h
+--- jamvm/jamvm.old/src/classlib/openjdk/openjdk.h 2013-11-18 03:45:44.000000000 +0000
++++ jamvm/jamvm/src/classlib/openjdk/openjdk.h 2015-01-07 16:14:57.599311159 +0000
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (C) 2010, 2011, 2013 Robert Lougher <rob at jamvm.org.uk>.
++ * Copyright (C) 2010, 2011, 2013, 2014 Robert Lougher <rob at jamvm.org.uk>.
+ *
+ * This file is part of JamVM.
+ *
+@@ -53,3 +53,6 @@
+ extern Object *resolveMemberName(Class *mh_class, Object *mname);
+
+ extern Object *getMethodParameters(Object *method);
++
++extern Class *findClassFromLoader(char *name, int init, Object *loader,
++ int throw_error);
More information about the distro-pkg-dev
mailing list