[PATCH] 2013/10/15 Security Errata: JDK Changes

Alex Kasko mail at alexkasko.com
Thu Nov 14 04:12:11 PST 2013 

On 11/14/2013 01:50 PM, Alex Kasko wrote:
> Hi,
>
> On 11/14/2013 04:10 AM, Andrew wrote:
>> Here is the first batch of changes for the 2013/06/18 errata.
>>
>> Webrev: http://cr.openjdk.java.net/~andrew/openjdk6/20131015/jdk/
>
> Is jdk7 now required for bootstrap?
>
> With jdk6b28 bootstrap it builds for me only after I remove these lines:
>
>      ./jdk/make/com/sun/jmx/Makefile:129: -emitPermissionCheck            \
>      ./jdk/make/com/sun/jmx/Makefile:135: -emitPermissionCheck            \
>
> Otherwise it fails with "-emitPermissionCheck is an invalid option or
> argument".
>

Update: build does not work even after removing "-emitPermissionCheck", 
it fails on the ">>>Making initial-image-jdk" with:

 
/home/alex/projects/openjdk/jdk6/build/linux-amd64/classes/com/sun/tools/classfile 
: no such file or directory
 
/home/alex/projects/openjdk/jdk6/build/linux-amd64/classes/com/sun/tools/javap 
: no such file or directory
     make[2]: *** [initial-image-jdk] Error 1
     make[2]: Leaving directory `/home/alex/projects/openjdk/jdk6/jdk/make'
     make[1]: *** [jdk-build] Error 2
     make[1]: Leaving directory `/home/alex/projects/openjdk/jdk6'
     make: *** [build_product_image] Error 2

On Debian Wheezy amd64 with 6b28_amd64 as a bootstrap.


>>
>> Changes:
>>
>> 7196533: TimeZone.getDefault() slow due to synchronization bottleneck
>> 8006900: Add new date/time capability
>> 8008589: Better MBean permission validation
>> 8011071: Better crypto provider handling
>> 8011081: Improve jhat
>> 8011157: Improve CORBA portablility
>> 8012071: Better Building of Beans
>> 8012147: Improve tool support
>> 8012277: Improve AWT DataFlavor
>> 8013506: Better Pack200 data handling
>> 8013510: Augment image writing code
>> 8013514: Improve stability of cmap class
>> 8013744: Better tabling for AWT
>> 8014085: Better serialization support in JMX classes
>> 8014093: Improve parsing of images
>> 8014102: Improve image conversion
>> 8014341: Better service from Kerberos servers
>> 8014534: Better profiling support
>> 8014987: Augment serialization handling
>> 8015731: Subject java.security.auth.subject to improvements
>> 8015743: Address internet addresses
>> 8016357: Update hotspot diagnostic class
>> 8002070: Remove the stack search for a resource bundle for Logger to use
>> 8010118: Annotate jdk caller sensitive methods with
>> @sun.reflect.CallerSensitive
>> 6708729: update jdk Makefiles for new javap
>> OPENJDK6-19: Fix test cases from 8010118 to work with OpenJDK 6
>> 8010727: WLS fails to add a logger with "" in its own LogManager
>> subclass instance
>> 8010939: Deadlock in LogManager
>> 8011990: TEST_BUG:
>> java/util/logging/bundlesearch/ResourceBundleSearchTest.java fails on
>> Windows
>> 8013380: Removal of stack walk to find resource bundle breaks
>> Glassfish startup
>> 8014745: Provide a switch to allow stack walk search of resource bundle
>> 8012243: about 30% regression on specjvm2008.serial on 7u25 comparing
>> 7u21
>> 8014718: Netbeans IDE begins to throw a lot exceptions since 7u25 b10
>> 8011139: (reflect) Revise checking in getEnclosingClass
>> 8017196: Ensure Proxies are handled appropriately
>> 8017287: Better resource disposal
>> 8017291: Cast Proxies Aside
>> 7146431: java.security files out-of-sync
>> 8006882: Proxy generated classes in sun.proxy package breaks JMockit
>> 8000450: Restrict access to com/sun/corba/se/impl package
>> 8019979: Replace CheckPackageAccess test with better one from closed repo
>> 8004188: Rename src/share/lib/security/java.security to
>> java.security-linux
>> 8017566: Backout 8000450 - Cannot access to
>> com.sun.corba.se.impl.orb.ORBImpl
>> 8017300: Improve Interface Implementation
>> 8019292: Better Attribute Value Exceptions
>> 8019617: Better view of objects
>> 8012617: ArrayIndexOutOfBoundsException with some fonts using
>> LineBreakMeasurer
>> 8020293: JVM crash
>> 8013739: Better LDAP resource management
>> 8014349: (cl) Class.getDeclaredClass problematic in some class loader
>> configurations
>> 6954275: XML signatures with reference data larger 16KB and cacheRef
>> on fails to validate
>> 8021290: Better signature validation
>> 8012453: (process) Runtime.exec(String) fails if command contains
>> spaces [win]
>> 8015965: (process) Typo in name of property to allow ambiguous commands
>> 8015144: Performance regression in ICU OpenType Layout library
>> 8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case
>> crashes
>> 8019584:
>> javax/management/remote/mandatory/loading/MissingClassTest.java failed
>> in nightly against jdk7u45: java.io.InvalidObjectException: Invalid
>> notification: null
>> 8021577: JCK test
>> api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input
>> has failed since jdk 7u45 b01
>> 8021969: The index_AccessAllowed jnlp can not load successfully with
>> exception thrown in the log.
>> 8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail
>> since 7u45 b01 on Linux, Solaris
>> 8022661: InetAddress.writeObject() performs flush() on object output
>> stream
>> 8023964: java/io/IOException/LastErrorString.java should be @ignore-d
>> 8003992: File and other classes in java.io do not handle embedded
>> nulls properly
>> 8013827: File.createTempFile hangs with temp file starting with 'com1.4'
>> 8025128: File.createTempFile fails if prefix is absolute path
>>
>> IcedTea patches:
>>
>>     patches/openjdk/7196533-timezone_bottleneck.patch \
>>     patches/openjdk/8006900-new_date_time.patch \
>>     patches/openjdk/8008589-better_mbean_permission_validation.patch \
>>     patches/openjdk/8011071-better_crypto_provider_handling.patch \
>>     patches/openjdk/8011081-improve_jhat.patch \
>>     patches/openjdk/8011157-improve_corba_portability-jdk.patch \
>>     patches/openjdk/8012071-better_bean_building.patch \
>>     patches/openjdk/8012147-improve_tool.patch \
>>     patches/openjdk/8012277-improve_dataflavour.patch \
>>     patches/openjdk/8013506-better_pack200.patch \
>>     patches/openjdk/8013510-augment_image_writing.patch \
>>     patches/openjdk/8013514-improve_cmap_stability.patch \
>>     patches/openjdk/8013744-better_tabling.patch \
>>     patches/openjdk/8014085-better_serialization.patch \
>>     patches/openjdk/8014093-improve_image_parsing.patch \
>>     patches/openjdk/8014102-improve_image_conversion.patch \
>>     patches/openjdk/8014341-better_kerberos_service.patch \
>>     patches/openjdk/8014534-better_profiling.patch \
>>     patches/openjdk/8014987-augment_serialization.patch \
>>     patches/openjdk/8015731-auth_improvements.patch \
>>     patches/openjdk/8015743-address_internet_addresses.patch \
>>     patches/openjdk/8016357-update_hs_diagnostic_class.patch \
>>     patches/openjdk/8002070-remove_logger_stack_search.patch \
>>     patches/openjdk/8010118-caller_sensitive.patch \
>>     patches/openjdk/6708729-javap_makefile_update.patch \
>>     patches/openjdk/oj6-19-fix_8010118_test_cases.patch \
>>     patches/openjdk/8010727-empty_logger_name.patch \
>>     patches/openjdk/8010939-logmanager_deadlock.patch \
>>     patches/openjdk/8011990-logger_test_urls.patch \
>>     patches/openjdk/8013380-logger_stack_walk_glassfish.patch \
>>     patches/openjdk/8014745-logger_stack_walk_switch.patch \
>>     patches/openjdk/8012243-serial_regression.patch \
>>     patches/openjdk/8014718-remove_logging_suntoolkit.patch \
>>     patches/openjdk/8011139-revise_checking_getenclosingclass.patch \
>>     patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch
>> \
>>     patches/openjdk/8017287-better_resource_disposal.patch \
>>     patches/openjdk/8017291-cast_proxies_aside.patch \
>>     patches/openjdk/7146431-java.security_files.patch \
>>     patches/openjdk/8006882-jmockit.patch \
>>     patches/openjdk/8000450-restrict_access.patch \
>>     patches/openjdk/8019979-better_access_test.patch \
>>     patches/openjdk/8004188-rename_java.security.patch \
>>     patches/openjdk/8017566-backout_part_of_8000450.patch \
>>     patches/openjdk/8017300-improve_interface_implementation.patch \
>>     patches/openjdk/8019292-better_attribute_value_exceptions.patch \
>>     patches/openjdk/8019617-better_view_of_objects.patch \
>>     patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch
>> \
>>     patches/openjdk/8020293-jvm_crash.patch \
>>     patches/openjdk/8013739-better_ldap_resource_management.patch \
>>     patches/openjdk/8014349-getdeclaredclass_fix.patch \
>>     patches/openjdk/6954275-big_xml_signatures.patch \
>>     patches/openjdk/8021290-signature_validation.patch \
>>     patches/openjdk/8012453-runtime.exec.patch \
>>     patches/openjdk/8015965-typo_in_property_name.patch \
>>     patches/openjdk/8015144-performance_regression.patch \
>>     patches/openjdk/8019969-inet6_test_case_fix.patch \
>>     patches/openjdk/8019584-invalid_notification_fix.patch \
>>     patches/openjdk/8021577-bean_serialization_fix.patch \
>>     patches/openjdk/8021969-jnlp_load_failure.patch \
>>     patches/openjdk/8021355-splashscreen_regression.patch \
>>     patches/openjdk/8022661-writeobject_flush.patch \
>>     patches/openjdk/8023964-ignore_test.patch \
>>     patches/openjdk/8003992-embedded_nulls.patch \
>>     patches/openjdk/8013827-createtempfile_hang.patch \
>>     patches/openjdk/8025128-createtempfile_absolute_prefix.patch \
>>
>> Ok to push?
>>
>
>


-- 
Regards,
Alex Kasko

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3742 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.openjdk.java.net/pipermail/jdk6-dev/attachments/20131114/62157495/smime-0001.p7s

More information about the jdk6-dev mailing list