/hg/release/icedtea6-1.13: 8 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Thu Jul 30 18:27:47 UTC 2015
changeset 7ced00c8ada2 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=7ced00c8ada2
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Mon Jul 20 17:11:26 2015 +0100
Bump to next release, b36.
2015-07-20 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
(OPENJDK_VERSION): Bump to next release, b36.
changeset 4c420b3a7507 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=4c420b3a7507
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Mon Jul 20 19:01:11 2015 +0100
Update to build against July 2015 security fixes.
2015-07-20 Andrew John Hughes <gnu.andrew at redhat.com>
* patches/openjdk/8074312-pr2255-support_linux_4.patch:
Removed; upstreamed.
* patches/pax-mark-rmic-java.patch: Likewise.
* Makefile.am:
(ICEDTEA_PATCHES): Drop above patches. Drop
WITH_PAX block as no longer required.
(ICEDTEA_ECJ_PATCHES): Drop !WITH_PAX block,
merging into main unconditional definition.
* patches/openjdk/4963723-implement_sha-224.patch:
Regenerated due to copyright header change.
changeset 0835c5802a25 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=0835c5802a25
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Jul 22 22:12:32 2015 +0100
Update to b36 tarball.
Changes in b36:
- OPENJDK6-58: Allow OpenJDK to build on PaX-enabled kernels
- OPENJDK6-59: Only apply PaX-marking when needed by a running PaX kernel
- OPENJDK6-60, PR2484: Disable export ciphers by default
- OPENJDK6-61: Remove translation strings for ErrorMsg.JAXP_INVALID_ATTR_VALUE_ERR which doesn't exist in OpenJDK 6
- OPENJDK6-62, PR2552: Restrict key size of RSA certificates to >= 1024
- OPENJDK6-63: Remove @Override annotation on interfaces added by 2015/07/14 security fixes.
- S6787645: CRL validation code should permit some clock skew when checking validity of CRLs
- S6996365: Evaluate the priorities of cipher suites
- S7185471: Avoid key expansion when AES cipher is re-init w/ the same key
- S8007142: Add utility classes for writing better multiprocess tests in jtreg
- S8008089: Delete OS dependent check in JdkFinder.getExecutable()
- S8024861: Incomplete token triggers GSS-API NullPointerException
- S8027058: sun/management/jmxremote/bootstrap/RmiBootstrapTest.sh Failed to initialize connector
- S8036786: Update jdk7 testlibrary to match jdk8
- S8042205: javax/management/monitor/*: some tests didn't get all the notifications
- S8042982: Unexpected RuntimeExceptions being thrown by SSLEngine
- S8043200, PR2485: Decrease the preference mode of RC4 in the enabled cipher suite list
- S8043201: Deprecate RC4 in SunJSSE provider
- S8043202: Prohibit RC4 cipher suites
- S8046817: JDK 8 schemagen tool does not generate xsd files for enum types
- S8048194: GSSContext.acceptSecContext fails when a supported mech is not initiator preferred
- S8050158: Introduce system property to maintain RC4 preference order
- S8062923: XSL: Run-time internal error in 'substring()'
- S8062924: XSL: wrong answer from substring() function
- S8064546: CipherInputStream throws BadPaddingException if stream is not fully read
- S8065764: javax/management/monitor/CounterMonitorTest.java hangs
- S8066952: [TEST-BUG] javax/management/monitor/CounterMonitorTest.java hangs
- S8067694: Improved certification checking
- S8071715: Tune font layout engine
- S8071731: Better scaling for C1
- S8072490: Better font morphing redux
- S8072887: Better font handling improvements
- S8073334: Improved font substitutions
- S8073357: schema1.xsd has wrong content. Sequence of the enum values has been changed
- S8073385: Bad error message on parsing illegal character in XML attribute
- S8073773: Presume path preparedness
- S8073894: Getting to the root of certificate chains
- S8074098: 2D_Font/Bug8067699 test fails with SIGBUS crash on Solaris Sparc
- S8074297: substring in XSLT returns wrong character if string contains supplementary chars
- S8074312: Enable hotspot builds on 4.x Linux kernels
- S8074330: Set font anchors more solidly
- S8074335: Substitute for substitution formats
- S8074865: General crypto resilience changes
- S8074871: Adjust device table handling
- S8075374: Responding to OCSP responses
- S8075378: JNDI DnsClient Exception Handling
- S8075575: com/sun/security/auth/login/ConfigFile/InconsistentError.java failed in certain env.
- S8075576: com/sun/security/auth/module/KeyStoreLoginModule/OptionTest.java failed in certain env.
- S8075667: (tz) Support tzdata2015b
- S8075738: Better multi-JVM sharing
- S8075838: Method for typing MethodTypes
- S8075853: Proxy for MBean proxies
- S8076290: JCK test api/xsl/conf/string/string17 starts failing after JDK-8074297
- S8076328: Enforce key exchange constraints
- S8076376: Enhance IIOP operations
- S8076397: Better MBean connections
- S8076401: Serialize OIS data
- S8076405: Improve serial serialization
- S8076409: Reinforce RMI framework
- S8077520: Morph tables into improved form
- S8077685: (tz) Support tzdata2015d
- S8078348: sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java fails with BindException
- S8078439: SPNEGO auth fails if client proposes MS krb5 OID
- S8078666: JVM fastdebug build compiled with GCC 5 asserts with "widen increases"
- S8080318: jdk8u51 l10n resource file translation update
- S8081386: Test sun/management/jmxremote/bootstrap/RmiSslBootstrapTest.sh test has RC4 dependencies
- S8081775: two lib/testlibrary tests are failing with "Error. failed to clean up files after test" with jtreg 4.1 b12
2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
* patches/openjdk/8078666-widen_increases.patch:
Removed; upstream in b36.
* Makefile.am:
(OPENJDK_DATE): Bump to b36 creation date;
22nd of July, 2015.
(OPENJDK_SHA256SUM): Update for b36 tarball.
* NEWS: Updated with b36 changes. Remove duplicate
issue in 1.13.6 release notes.
* patches/openjdk/6956398-ephemeraldhkeysize.patch:
Regenerated against b36.
changeset 575921e7112e in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=575921e7112e
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Jul 22 22:18:05 2015 +0100
Prepare for 1.13.8 release.
2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
* NEWS: Set release date to 23rd of July,
2015 for 1.13.8.
* configure.ac: Bump to 1.13.8.
changeset 9fca0eafd25a in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=9fca0eafd25a
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Jul 22 22:29:27 2015 +0100
PR2559: generated directory gets confused with generated alias
2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
PR2559: generated directory gets confused with
generated alias
* Makefile.am:
(EXTRA_DIST): Change 'generated' to
'$(top_srcdir)/generated'.
* NEWS: Updated.
changeset 7c59c0933693 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=7c59c0933693
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Mon Jul 27 15:44:54 2015 +0100
Remove 7/8-only issue from security fix list.
2015-07-23 Andrew John Hughes <gnu.andrew at redhat.com>
* NEWS: Remove 7/8-only issue from
security fix list.
changeset 6d96a13066ec in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=6d96a13066ec
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Tue Jul 28 15:20:23 2015 +0100
PR2565: Replace ipv4-mapped-ipv6-addresses.patch with upstream fix 6882910
2015-07-28 Andrew John Hughes <gnu.andrew at redhat.com>
PR2565: Replace ipv4-mapped-ipv6-addresses.patch
with upstream fix 6882910
* Makefile.am:
(ICEDTEA_PATCHES): Add new patch.
* NEWS: Updated. Bump release date.
* patches/ipv4-mapped-ipv6-addresses.patch:
Remove code changes, leaving just the test case.
* patches/openjdk/6882910-ipv6only.patch:
New patch, backporting 6882910 as a replacement
for the older ipv4-mapped-ipv6-addresses.patch
changeset b342498c6365 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=b342498c6365
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Jul 30 19:27:05 2015 +0100
Added tag icedtea6-1.13.8 for changeset 6d96a13066ec
diffstat:
.hgtags | 1 +
ChangeLog | 64 ++++++
Makefile.am | 24 +-
NEWS | 75 +++++++-
configure.ac | 2 +-
patches/ipv4-mapped-ipv6-addresses.patch | 111 ----------
patches/openjdk/4963723-implement_sha-224.patch | 189 +++++++++---------
patches/openjdk/6882910-ipv6only.patch | 192 +++++++++++++++++++
patches/openjdk/6956398-ephemeraldhkeysize.patch | 29 +-
patches/openjdk/8074312-pr2255-support_linux_4.patch | 19 -
patches/openjdk/8078666-widen_increases.patch | 45 ----
patches/pax-mark-rmic-java.patch | 10 -
12 files changed, 442 insertions(+), 319 deletions(-)
diffs (truncated from 1278 to 500 lines):
diff -r 53216154a725 -r b342498c6365 .hgtags
--- a/.hgtags Wed Jul 22 18:10:19 2015 +0100
+++ b/.hgtags Thu Jul 30 19:27:05 2015 +0100
@@ -34,3 +34,4 @@
b2b4346dbdf5be3e9f8609e4a7e923f6557c19dd icedtea6-1.13.5
e6429eecdf6945c6a4b431049bcbf1834b255158 icedtea6-1.13.6
69d82d8f85f926ca35e610d01727d223519c1c98 icedtea6-1.13.7
+6d96a13066ecea305dc0dcb97396c8d8fb5af49e icedtea6-1.13.8
diff -r 53216154a725 -r b342498c6365 ChangeLog
--- a/ChangeLog Wed Jul 22 18:10:19 2015 +0100
+++ b/ChangeLog Thu Jul 30 19:27:05 2015 +0100
@@ -1,3 +1,67 @@
+2015-07-28 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ PR2565: Replace ipv4-mapped-ipv6-addresses.patch
+ with upstream fix 6882910
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Add new patch.
+ * NEWS: Updated. Bump release date.
+ * patches/ipv4-mapped-ipv6-addresses.patch:
+ Remove code changes, leaving just the test case.
+ * patches/openjdk/6882910-ipv6only.patch:
+ New patch, backporting 6882910 as a replacement
+ for the older ipv4-mapped-ipv6-addresses.patch
+
+2015-07-23 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * NEWS: Remove 7/8-only issue from
+ security fix list.
+
+2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ PR2559: generated directory gets confused with
+ generated alias
+ * Makefile.am:
+ (EXTRA_DIST): Change 'generated' to
+ '$(top_srcdir)/generated'.
+ * NEWS: Updated.
+
+2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * NEWS: Set release date to 23rd of July,
+ 2015 for 1.13.8.
+ * configure.ac: Bump to 1.13.8.
+
+2015-07-22 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * patches/openjdk/8078666-widen_increases.patch:
+ Removed; upstream in b36.
+ * Makefile.am:
+ (OPENJDK_DATE): Bump to b36 creation date;
+ 22nd of July, 2015.
+ (OPENJDK_SHA256SUM): Update for b36 tarball.
+ * NEWS: Updated with b36 changes. Remove duplicate
+ issue in 1.13.6 release notes.
+ * patches/openjdk/6956398-ephemeraldhkeysize.patch:
+ Regenerated against b36.
+
+2015-07-20 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * patches/openjdk/8074312-pr2255-support_linux_4.patch:
+ Removed; upstreamed.
+ * patches/pax-mark-rmic-java.patch: Likewise.
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Drop above patches. Drop
+ WITH_PAX block as no longer required.
+ (ICEDTEA_ECJ_PATCHES): Drop !WITH_PAX block,
+ merging into main unconditional definition.
+ * patches/openjdk/4963723-implement_sha-224.patch:
+ Regenerated due to copyright header change.
+
+2015-07-20 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * Makefile.am:
+ (OPENJDK_VERSION): Bump to next release, b36.
+
2015-07-13 Andrew John Hughes <gnu_andrew at member.fsf.org>
* AUTHORS: Add James.
diff -r 53216154a725 -r b342498c6365 Makefile.am
--- a/Makefile.am Wed Jul 22 18:10:19 2015 +0100
+++ b/Makefile.am Thu Jul 30 19:27:05 2015 +0100
@@ -1,8 +1,8 @@
# Dependencies
-OPENJDK_DATE = 14_apr_2015
-OPENJDK_SHA256SUM = 131cde181fbca08ac4d47bd13f6c3a64806fe2ae2106c03afe7ba651c24a4f9b
-OPENJDK_VERSION = b35
+OPENJDK_DATE = 22_jul_2015
+OPENJDK_SHA256SUM = c9df23d208b3b61f5f57c030accca2f7b3218a97bd140668506265ececdf26f4
+OPENJDK_VERSION = b36
OPENJDK_URL = https://java.net/downloads/openjdk6/
CACAO_VERSION = 68fe50ac34ec
@@ -371,6 +371,7 @@
patches/openjdk/6967533-pre_epoch.patch \
patches/fonts-gentoo.patch \
patches/ipv4-mapped-ipv6-addresses.patch \
+ patches/openjdk/6882910-ipv6only.patch \
patches/jtreg-OpenGLContextInit.patch \
patches/openjdk/6510892-httpserver_test.patch \
patches/jtreg-international-fonts.patch \
@@ -600,7 +601,6 @@
patches/pr2179-avoid_x86_workaround_on_zero.patch \
patches/openjdk/6584008-pr2195-jvmtistringprimitivecallback_null_string.patch \
patches/openjdk/7199862-pr2198-ensure_cache_connection_still_alive.patch \
- patches/openjdk/8074312-pr2255-support_linux_4.patch \
patches/pr2197-jhat_man_page_url.patch \
patches/pr2201-support_giflib_5.1.patch \
patches/pr2211-check_dgifclosefile_return.patch \
@@ -628,7 +628,6 @@
patches/openjdk/8065238-ldap_namingexception_8041451_regression.patch \
patches/openjdk/8074761-ldap_empty_optional_params.patch \
patches/openjdk/8078654-closettfontfilefunc.patch \
- patches/openjdk/8078666-widen_increases.patch \
patches/openjdk/8081315-giflib_interlacing.patch \
patches/openjdk/8087120-zero_gcc5.patch \
patches/pr2319-policy_jar_checksum.patch \
@@ -687,12 +686,6 @@
NSS_PATCHES = patches/nss-not-enabled-config.patch
endif
-if WITH_PAX
-ICEDTEA_PATCHES += \
- patches/no-test_gamma.patch \
- patches/pax-mark-rmic-java.patch
-endif
-
if USE_SYSTEM_ZLIB
ICEDTEA_PATCHES += \
patches/libraries-zlib.patch \
@@ -739,7 +732,8 @@
patches/ecj/jaxws-jdk-dependency.patch \
patches/ecj/hotspot/hs23/hotspot-jdk-dependency.patch \
patches/ecj/fphexconstants.patch \
- patches/ecj/no-sun-classes.patch
+ patches/ecj/no-sun-classes.patch \
+ patches/ecj/no-test_gamma.patch
if DTDTYPE_QNAME
ICEDTEA_ECJ_PATCHES += \
@@ -763,10 +757,6 @@
patches/ecj/xbootclasspath.patch
endif
-if !WITH_PAX
-ICEDTEA_ECJ_PATCHES += patches/ecj/no-test_gamma.patch
-endif
-
# If date parsing bug is present, drop Lithuania and Latvia EUR transition
# dates as they are already in the past anyway.
if CP64174
@@ -966,7 +956,7 @@
# FIXME (distclean): Add jtreg sources
# FIXME (distclean): Add pulseaudio sources
-EXTRA_DIST = generated \
+EXTRA_DIST = $(top_srcdir)/generated \
$(top_srcdir)/patches/* \
contrib arm_port \
overlays \
diff -r 53216154a725 -r b342498c6365 NEWS
--- a/NEWS Wed Jul 22 18:10:19 2015 +0100
+++ b/NEWS Thu Jul 30 19:27:05 2015 +0100
@@ -12,10 +12,77 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 1.13.8 (2015-07-XX):
+New in release 1.13.8 (2015-07-29):
* Security fixes
+ - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites
+ - S8067694, CVE-2015-2625: Improved certification checking
+ - S8071715, CVE-2015-4760: Tune font layout engine
+ - S8071731: Better scaling for C1
+ - S8072490: Better font morphing redux
+ - S8072887: Better font handling improvements
+ - S8073334: Improved font substitutions
+ - S8073773: Presume path preparedness
+ - S8073894: Getting to the root of certificate chains
+ - S8074330: Set font anchors more solidly
+ - S8074335: Substitute for substitution formats
+ - S8074865, CVE-2015-2601: General crypto resilience changes
+ - S8074871: Adjust device table handling
+ - S8075374, CVE-2015-4748: Responding to OCSP responses
+ - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling
+ - S8075738: Better multi-JVM sharing
+ - S8075838: Method for typing MethodTypes
+ - S8075853, CVE-2015-2621: Proxy for MBean proxies
+ - S8076328, CVE-2015-4000: Enforce key exchange constraints
+ - S8076376, CVE-2015-2628: Enhance IIOP operations
+ - S8076397, CVE-2015-4731: Better MBean connections
+ - S8076401, CVE-2015-2590: Serialize OIS data
+ - S8076405, CVE-2015-4732: Improve serial serialization
+ - S8076409, CVE-2015-4733: Reinforce RMI framework
+ - S8077520, CVE-2015-2632: Morph tables into improved form
- PR2488, CVE-2015-4000: Make jdk8 mode the default for jdk.tls.ephemeralDHKeySize
+* Import of OpenJDK6 b36
+ - OJ58: Allow OpenJDK to build on PaX-enabled kernels
+ - OJ59: Only apply PaX-marking when needed by a running PaX kernel
+ - OJ60, PR2484: Disable export ciphers by default
+ - OJ61: Remove translation strings for ErrorMsg.JAXP_INVALID_ATTR_VALUE_ERR which doesn't exist in OpenJDK 6
+ - OJ62, PR2552: Restrict key size of RSA certificates to >= 1024
+ - OJ63: Remove @Override annotation on interfaces added by 2015/07/14 security fixes.
+ - S6787645: CRL validation code should permit some clock skew when checking validity of CRLs
+ - S6996365: Evaluate the priorities of cipher suites
+ - S7185471: Avoid key expansion when AES cipher is re-init w/ the same key
+ - S8007142: Add utility classes for writing better multiprocess tests in jtreg
+ - S8008089: Delete OS dependent check in JdkFinder.getExecutable()
+ - S8024861: Incomplete token triggers GSS-API NullPointerException
+ - S8027058: sun/management/jmxremote/bootstrap/RmiBootstrapTest.sh Failed to initialize connector
+ - S8036786: Update jdk7 testlibrary to match jdk8
+ - S8042205: javax/management/monitor/*: some tests didn't get all the notifications
+ - S8042982: Unexpected RuntimeExceptions being thrown by SSLEngine
+ - S8043200, PR2485: Decrease the preference mode of RC4 in the enabled cipher suite list
+ - S8043201: Deprecate RC4 in SunJSSE provider
+ - S8046817: JDK 8 schemagen tool does not generate xsd files for enum types
+ - S8048194: GSSContext.acceptSecContext fails when a supported mech is not initiator preferred
+ - S8050158: Introduce system property to maintain RC4 preference order
+ - S8062923: XSL: Run-time internal error in 'substring()'
+ - S8062924: XSL: wrong answer from substring() function
+ - S8064546: CipherInputStream throws BadPaddingException if stream is not fully read
+ - S8065764: javax/management/monitor/CounterMonitorTest.java hangs
+ - S8066952: [TEST-BUG] javax/management/monitor/CounterMonitorTest.java hangs
+ - S8073357: schema1.xsd has wrong content. Sequence of the enum values has been changed
+ - S8073385: Bad error message on parsing illegal character in XML attribute
+ - S8074098: 2D_Font/Bug8067699 test fails with SIGBUS crash on Solaris Sparc
+ - S8074297: substring in XSLT returns wrong character if string contains supplementary chars
+ - S8075575: com/sun/security/auth/login/ConfigFile/InconsistentError.java failed in certain env.
+ - S8075576: com/sun/security/auth/module/KeyStoreLoginModule/OptionTest.java failed in certain env.
+ - S8075667: (tz) Support tzdata2015b
+ - S8076290: JCK test api/xsl/conf/string/string17 starts failing after JDK-8074297
+ - S8077685: (tz) Support tzdata2015d
+ - S8078348: sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java fails with BindException
+ - S8078439: SPNEGO auth fails if client proposes MS krb5 OID
+ - S8078666, PR2327: JVM fastdebug build compiled with GCC 5 asserts with "widen increases"
+ - S8080318: jdk8u51 l10n resource file translation update
+ - S8081386: Test sun/management/jmxremote/bootstrap/RmiSslBootstrapTest.sh test has RC4 dependencies
+ - S8081775: two lib/testlibrary tests are failing with "Error. failed to clean up files after test" with jtreg 4.1 b12
* Backports
- S4890063, PR2306, RH1214835: HPROF: default text truncated when using doe=n option
- S6562614, PR2555: Compiler warnings for gettimeofday in Inet4/Inet6AddressImpl.c
@@ -41,7 +108,6 @@
- S8065238, PR2479: javax.naming.NamingException after upgrade to JDK 8
- S8074761, PR2469: Empty optional parameters of LDAP query are not interpreted as empty
- S8078654, PR2334: CloseTTFontFileFunc callback should be removed
- - S8078666, PR2327: JVM fastdebug build compiled with GCC 5 asserts with "widen increases"
- S8081315, PR2406: Avoid giflib interlacing workaround with giflib 5.0.0 on
- S8081475, PR2495: SystemTap does not work when JDK is compiled with GCC 5
- S8087120, RH1206656, PR2554: [GCC5] java.lang.StackOverflowError on Zero JVM initialization on non x86 platforms.
@@ -55,7 +121,9 @@
- PR2481, RH489586, RH1236619: OpenJDK can't handle spaces in zone names in /etc/sysconfig/clock
- PR2486: JSSE server is still limited to 768-bit DHE
- PR2508, G541462: Only apply PaX markings by default on running PaX kernels
- - PR2556, G390663: Update Gentoo font configuration and allow font directory to be specified
+ - PR2556, G390663: Update Gentoo font configuration and allow font directory to be specified
+ - PR2559: generated directory gets confused with generated alias
+ - PR2565: Replace ipv4-mapped-ipv6-addresses.patch with upstream fix 6882910
* CACAO
- PR829: Raise javadoc and JAVAC_FLAGS memory limits for CACAO
* JamVM
@@ -251,7 +319,6 @@
- S8050485: super() in a try block in a ctor causes VerifyError
- S8051012: Regression in verifier for <init> method call from inside of a branch
- S8051614: smartcardio TCK tests fail due to lack of 'reset' permission
- - S8054367: More references for endpoints
- S8055222: Currency update needed for ISO 4217 Amendment #159
- S8056211: api/java_awt/Event/InputMethodEvent/serial/index.html#Input[serial2002] failure
- S8058715: stability issues when being launched as an embedded JVM via JNI
diff -r 53216154a725 -r b342498c6365 configure.ac
--- a/configure.ac Wed Jul 22 18:10:19 2015 +0100
+++ b/configure.ac Thu Jul 30 19:27:05 2015 +0100
@@ -1,4 +1,4 @@
-AC_INIT([icedtea6],[1.13.8pre],[distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea6],[1.13.8],[distro-pkg-dev at openjdk.java.net])
AC_CANONICAL_HOST
AC_CANONICAL_TARGET
AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
diff -r 53216154a725 -r b342498c6365 patches/ipv4-mapped-ipv6-addresses.patch
--- a/patches/ipv4-mapped-ipv6-addresses.patch Wed Jul 22 18:10:19 2015 +0100
+++ b/patches/ipv4-mapped-ipv6-addresses.patch Thu Jul 30 19:27:05 2015 +0100
@@ -1,114 +1,3 @@
-diff -ruN openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/src/solaris/native/java/net/linux_close.c
---- openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c 2010-02-17 04:14:47.000000000 +0100
-+++ openjdk/jdk/src/solaris/native/java/net/linux_close.c 2010-03-27 20:24:26.000000000 +0100
-@@ -37,6 +37,8 @@
-
- #include <sys/poll.h>
-
-+#include "net_util.h"
-+
- /*
- * Stack allocated by thread when doing blocking operation
- */
-@@ -301,9 +303,16 @@
- BLOCKING_IO_RETURN_INT( s, accept(s, addr, addrlen) );
- }
-
--int NET_Connect(int s, struct sockaddr *addr, int addrlen) {
-+static int NET_Connect_final(int s, struct sockaddr *addr, int addrlen) {
- BLOCKING_IO_RETURN_INT( s, connect(s, addr, addrlen) );
- }
-+int NET_Connect(int s, struct sockaddr *addr, int addrlen) {
-+ int rv = check_ipv4mapped_address(s, addr);
-+ if (rv < 0) {
-+ return rv;
-+ }
-+ return NET_Connect_final(s, addr, addrlen);
-+}
-
- #ifndef USE_SELECT
- int NET_Poll(struct pollfd *ufds, unsigned int nfds, int timeout) {
-diff -ruN openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.c openjdk/jdk/src/solaris/native/java/net/net_util_md.c
---- openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.c 2010-02-17 04:14:47.000000000 +0100
-+++ openjdk/jdk/src/solaris/native/java/net/net_util_md.c 2010-03-27 19:44:32.000000000 +0100
-@@ -1215,6 +1215,39 @@
- return setsockopt(fd, level, opt, arg, len);
- }
-
-+/*
-+ * Check for IPv4 mapped or unspecified IPv6 addresses and disable
-+ * IPV6_V6ONLY in such cases. This function is called from NET_Bind and
-+ * NET_Connect and fixes
-+ * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6342561 .
-+ */
-+int
-+check_ipv4mapped_address(int fd, struct sockaddr *him)
-+{
-+#if defined(AF_INET6)
-+ if (ipv6_available()) {
-+ struct sockaddr_in6 *him6 = (struct sockaddr_in6 *)him;
-+ /* switch off IPV6_V6ONLY if needed */
-+ if (IN6_IS_ADDR_V4MAPPED(& him6->sin6_addr) ||
-+ IN6_IS_ADDR_UNSPECIFIED(& him6->sin6_addr)) {
-+ int value = 42;
-+ int len = sizeof(value);
-+ int rv = getsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY,
-+ &value, &len);
-+ if (rv < 0) {
-+ return rv;
-+ }
-+ if (value > 0) {
-+ value = 0;
-+ return setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY,
-+ &value, sizeof(value));
-+ }
-+ }
-+ }
-+#endif
-+ return 0;
-+}
-+
- /*
- * Wrapper for bind system call - performs any necessary pre/post
- * processing to deal with OS specific issues :-
-@@ -1251,6 +1284,11 @@
- }
- #endif
-
-+ rv = check_ipv4mapped_address(fd, him);
-+ if (rv < 0) {
-+ return rv;
-+ }
-+
- #if defined(__solaris__) && defined(AF_INET6)
- /*
- * Solaris 8/9 have seperate IPv4 and IPv6 port spaces so we
-diff -ruN openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.h openjdk/jdk/src/solaris/native/java/net/net_util_md.h
---- openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.h 2010-02-17 04:14:47.000000000 +0100
-+++ openjdk/jdk/src/solaris/native/java/net/net_util_md.h 2010-03-27 20:24:26.000000000 +0100
-@@ -36,6 +36,7 @@
- #include <sys/poll.h>
- #endif
-
-+extern int check_ipv4mapped_address(int fd, struct sockaddr *him);
-
- #ifdef __linux__
- extern int NET_Timeout(int s, long timeout);
-diff -ruN openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2010-03-27 20:23:58.000000000 +0100
-+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2010-03-27 20:24:26.000000000 +0100
-@@ -401,8 +401,9 @@
- */
- SET_NONBLOCKING(fd);
-
-- /* no need to use NET_Connect as non-blocking */
-- connect_rv = connect(fd, (struct sockaddr *)&him, len);
-+ /* no need to use NET_Connect as non-blocking; BUT! We want to
-+ * support IPv4 mapped IPv6 adresses. */
-+ connect_rv = NET_Connect(fd, (struct sockaddr *)&him, len);
-
- /* connection not established immediately */
- if (connect_rv != 0) {
--- /dev/null 2010-08-03 19:26:41.444667773 +0100
+++ openjdk/jdk/test/java/net/Socket/Bindv6Only.java 2010-08-05 15:41:55.000000000 +0100
@@ -0,0 +1,57 @@
diff -r 53216154a725 -r b342498c6365 patches/openjdk/4963723-implement_sha-224.patch
--- a/patches/openjdk/4963723-implement_sha-224.patch Wed Jul 22 18:10:19 2015 +0100
+++ b/patches/openjdk/4963723-implement_sha-224.patch Thu Jul 30 19:27:05 2015 +0100
@@ -1,6 +1,6 @@
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java 2014-12-24 18:49:01.960433052 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java 2014-12-24 20:08:44.235133898 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java 2015-07-20 17:22:00.184870879 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java 2015-07-20 17:43:33.186332677 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -260,8 +260,8 @@
-
}
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java 2014-12-24 18:49:01.960433052 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java 2014-12-24 20:05:44.309011863 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java 2015-07-20 17:22:00.308868718 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java 2015-07-20 17:43:33.186332677 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -370,8 +370,8 @@
}
}
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java 2014-12-24 18:49:01.960433052 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java 2014-12-24 20:04:48.704357000 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java 2015-07-20 17:22:00.336868230 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java 2015-07-20 17:43:33.186332677 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -485,8 +485,8 @@
}
}
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java 2014-12-24 18:49:01.960433052 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java 2014-12-24 20:03:59.847781984 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java 2015-07-20 17:22:00.356867881 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java 2015-07-20 17:43:33.186332677 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -595,8 +595,8 @@
}
}
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java 2014-12-24 18:49:01.960433052 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java 2014-12-24 20:02:30.166727408 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java 2015-07-20 17:22:00.700861885 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java 2015-07-20 17:43:33.186332677 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -692,8 +692,8 @@
public static final class RC2KeyGenerator extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java 2013-08-21 20:33:04.180330661 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java 2014-12-24 19:58:20.000164073 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java 2015-07-20 17:22:00.780860490 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java 2015-07-20 17:43:33.190332609 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
@@ -711,8 +711,8 @@
mgfSpec = MGF1ParameterSpec.SHA256;
} else if (mgfDigestName.equals("SHA-384")) {
diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java
---- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java 2014-12-24 18:49:01.964433104 +0000
-+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java 2014-12-24 19:58:39.268401924 +0000
+--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java 2015-07-20 17:22:01.612845988 +0100
++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java 2015-07-20 17:43:33.190332609 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
@@ -799,8 +799,8 @@
put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
diff -Nru openjdk.orig/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java openjdk/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java
---- openjdk.orig/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java 2013-08-21 20:33:07.812389433 +0100
-+++ openjdk/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java 2014-12-24 19:58:20.000164073 +0000
+--- openjdk.orig/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java 2015-07-20 17:22:19.176539837 +0100
++++ openjdk/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java 2015-07-20 17:43:33.190332609 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
@@ -817,8 +817,8 @@
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL },
diff -Nru openjdk.orig/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java openjdk/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java
---- openjdk.orig/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java 2013-08-21 20:33:07.812389433 +0100
-+++ openjdk/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java 2014-12-24 19:58:20.000164073 +0000
+--- openjdk.orig/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java 2015-07-20 17:22:19.176539837 +0100
++++ openjdk/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java 2015-07-20 17:43:33.190332609 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
@@ -835,8 +835,8 @@
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL },
More information about the distro-pkg-dev
mailing list