/hg/release/icedtea6-1.11: 3 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Apr 16 14:16:04 PDT 2013
changeset 85113f382f7b in /hg/release/icedtea6-1.11
details: http://icedtea.classpath.org/hg/release/icedtea6-1.11?cmd=changeset;node=85113f382f7b
author: Jon VanAlten <jon.vanalten at redhat.com>
date: Thu Apr 11 16:25:37 2013 -0400
Add backport of 7036559 and ConcurrentHashMap deserialization reliability fix for 8009063.
changeset e92def3935ee in /hg/release/icedtea6-1.11
details: http://icedtea.classpath.org/hg/release/icedtea6-1.11?cmd=changeset;node=e92def3935ee
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Apr 12 12:32:45 2013 +0100
Fix issues with previous commit.
2013-04-12 Andrew John Hughes <gnu.andrew at member.fsf.org>
* NEWS: Updated.
* Makefile.am:
(SECURITY_PATCHES): Correct path to 7036559; not
a security patch but a backport to enable one to
be applied.
* patches/security/20130416/7036559.patch: Moved to...
* patches/openjdk/7036559-concurrenthashmap_improvements.patch:
...here.
2013-04-11 Jon VanAlten <jon.vanalten at redhat.com>
* Makefile.am:
(SECURITY_PATCHES): Add new patches.
* patches/security/20130416/7036559.patch: Add backport.
* patches/security/20130416/8009063.patch: Add security fix.
changeset 1a2df02fa23d in /hg/release/icedtea6-1.11
details: http://icedtea.classpath.org/hg/release/icedtea6-1.11?cmd=changeset;node=1a2df02fa23d
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Tue Apr 16 20:25:56 2013 +0100
Add 2013/04/16 security patches.
2013-04-17 Andrew John Hughes <gnu.andrew at member.fsf.org>
* patches/openjdk/6669869-Beans_isDesignTime_should_be_per-AppContext.patch:
Reapplied as a security patch pre-requisite.
* patches/security/20120612/7157609.patch,
* patches/security/20130201/8001235.patch:
Dropped as included in JAXP tarball used.
* INSTALL: Remove --with-{jaxp,jaf,jaxws}-drop-zip documentation.
* Makefile.am:
(JAXWS_DROP_URL): Removed.
(JAXWS_DROP_ZIP): Likewise.
(JAXWS_DROP_SHA256SUM): Likewise.
(JAF_DROP_URL): Likewise.
(JAF_DROP_ZIP): Likewise.
(JAF_DROP_SHA256SUM): Likewise.
(JAF_DROP_URL): Likewise.
(JAXP_DROP_URL): Likewise.
(JAXP_DROP_ZIP): Likewise.
(JAXP_DROP_SHA256SUM): Likewise.
(DROP_PATCHES): Add patches providing code
previously provided by drop zips.
(SECURITY_PATCHES): Updated.
(ICEDTEA_PATCHES): Add DROP_PATCHES. Move
7102369 patch to precede RMI security patch.
(ICEDTEA_ENV): Remove ALT_DROPS_DIR.
(download-jaxp-drop): Removed.
(clean-download-jaxp-drop): Likewise.
(download-jaf-drop): Likewise.
(clean-download-jaf-drop): Likewise.
(download-jaxws-drop): Likewise.
(clean-download-jaxws-drop): Likewise.
(download-drops): Likewise.
(clean-drops): Likewise.
(download): Don't depend on download-drops.
(clean-download): Likewise for clean-drops.
* NEWS: Add security issues, backports and
mention drop move.
* acinclude.m4:
(IT_WITH_JAXP_DROP_ZIP): Removed.
(IT_WITH_JAF_DROP_ZIP): Likewise.
(IT_WITH_JAXWS_DROP_ZIP): Likewise.
* configure.ac: Don't call removed macros above.
* patches/ecj/override.patch: Add new cases introduced
by security patches (sigh).
* patches/libraries.patch,
* patches/nomotif-6706121.patch:
Regenerated against security patches.
* patches/openjdk/5102804-memory_leak.patch,
* patches/openjdk/6501644-icu_sync.patch:
Backports for security patches.
* patches/openjdk/6633275-shaped_translucent_windows.patch:
Remove copyright notice changes broken by 8006790 security patch.
* patches/openjdk/6669869-queries_per_appcontext.patch,
* patches/openjdk/6886358-layout_update.patch,
* patches/openjdk/6963811-deadlock_fix.patch,
* patches/openjdk/7017324-kerning_crash.patch,
* patches/openjdk/7064279-fixup.patch,
* patches/openjdk/7064279-resource_release.patch,
* patches/openjdk/8004302-soap_test_failure.patch:
More backports for security patches.
* patches/openjdk/jaf-b20_jaxws2-1_6_2011_06_13.patch,
* patches/openjdk/jaxp144_05.patch:
Add drop zips in patch form.
* patches/security/20130416/6657673-fixup.patch,
* patches/security/20130416/6657673.patch,
* patches/security/20130416/7200507.patch,
* patches/security/20130416/8000724.patch,
* patches/security/20130416/8001031.patch,
* patches/security/20130416/8001040.patch,
* patches/security/20130416/8001322.patch,
* patches/security/20130416/8001329.patch,
* patches/security/20130416/8003335.patch,
* patches/security/20130416/8003445.patch,
* patches/security/20130416/8003543.patch,
* patches/security/20130416/8004261.patch,
* patches/security/20130416/8004336.patch,
* patches/security/20130416/8004986.patch,
* patches/security/20130416/8005432.patch,
* patches/security/20130416/8005943.patch,
* patches/security/20130416/8006309.patch,
* patches/security/20130416/8006435.patch,
* patches/security/20130416/8006790.patch,
* patches/security/20130416/8006795.patch,
* patches/security/20130416/8007406.patch,
* patches/security/20130416/8007617.patch,
* patches/security/20130416/8009699.patch:
Add security patches.
* patches/xjc.patch:
Regenerate JAXWS patch against sources, not
drop system.
diffstat:
ChangeLog | 118 +
INSTALL | 3 -
Makefile.am | 163 +-
NEWS | 41 +
acinclude.m4 | 63 -
configure.ac | 3 -
patches/ecj/override.patch | 59 +
patches/libraries.patch | 2589 +-
patches/nomotif-6706121.patch | 44 +-
patches/openjdk/5102804-memory_leak.patch | 429 +
patches/openjdk/6501644-icu_sync.patch | 8066 +
patches/openjdk/6633275-shaped_translucent_windows.patch | 49 -
patches/openjdk/6669869-Beans_isDesignTime_should_be_per-AppContext.patch | 346 -
patches/openjdk/6669869-queries_per_appcontext.patch | 355 +
patches/openjdk/6886358-layout_update.patch | 13847 +
patches/openjdk/6963811-deadlock_fix.patch | 42 +
patches/openjdk/7017324-kerning_crash.patch | 101 +
patches/openjdk/7036559-concurrenthashmap_improvements.patch | 1436 +
patches/openjdk/7064279-fixup.patch | 71 +
patches/openjdk/7064279-resource_release.patch | 436 +
patches/openjdk/8004302-soap_test_failure.patch | 75 +
patches/openjdk/jaf-b20_jaxws2-1_6_2011_06_13.patch | 449213 +++++++
patches/openjdk/jaxp144_05.patch | 595585 ++++++++++
patches/security/20120612/7157609.patch | 56 -
patches/security/20130201/8001235.patch | 36 -
patches/security/20130416/6657673-fixup.patch | 229 +
patches/security/20130416/6657673.patch | 9545 +
patches/security/20130416/7200507.patch | 230 +
patches/security/20130416/8000724.patch | 1368 +
patches/security/20130416/8001031.patch | 5457 +
patches/security/20130416/8001040.patch | 113 +
patches/security/20130416/8001322.patch | 61 +
patches/security/20130416/8001329.patch | 32 +
patches/security/20130416/8003335.patch | 63 +
patches/security/20130416/8003445.patch | 77 +
patches/security/20130416/8003543.patch | 236 +
patches/security/20130416/8004261.patch | 142 +
patches/security/20130416/8004336.patch | 29 +
patches/security/20130416/8004986.patch | 374 +
patches/security/20130416/8005432.patch | 518 +
patches/security/20130416/8005943.patch | 202 +
patches/security/20130416/8006309.patch | 22 +
patches/security/20130416/8006435.patch | 76 +
patches/security/20130416/8006790.patch | 166 +
patches/security/20130416/8006795.patch | 35 +
patches/security/20130416/8007406.patch | 31 +
patches/security/20130416/8007617.patch | 376 +
patches/security/20130416/8007667.patch | 579 +
patches/security/20130416/8007918.patch | 357 +
patches/security/20130416/8009063.patch | 67 +
patches/security/20130416/8009305.patch | 68 +
patches/security/20130416/8009699.patch | 25 +
patches/security/20130416/8009814.patch | 27 +
patches/security/20130416/8009857.patch | 66 +
patches/xjc.patch | 56 +-
55 files changed, 1091845 insertions(+), 2008 deletions(-)
diffs (truncated from 1094796 to 500 lines):
diff -r deabc521f9d2 -r 1a2df02fa23d ChangeLog
--- a/ChangeLog Wed Mar 20 09:27:20 2013 +0000
+++ b/ChangeLog Tue Apr 16 20:25:56 2013 +0100
@@ -1,3 +1,121 @@
+2013-04-17 Andrew John Hughes <gnu.andrew at member.fsf.org>
+
+ * patches/openjdk/6669869-Beans_isDesignTime_should_be_per-AppContext.patch:
+ Reapplied as a security patch pre-requisite.
+ * patches/security/20120612/7157609.patch,
+ * patches/security/20130201/8001235.patch:
+ Dropped as included in JAXP tarball used.
+ * INSTALL: Remove --with-{jaxp,jaf,jaxws}-drop-zip documentation.
+ * Makefile.am:
+ (JAXWS_DROP_URL): Removed.
+ (JAXWS_DROP_ZIP): Likewise.
+ (JAXWS_DROP_SHA256SUM): Likewise.
+ (JAF_DROP_URL): Likewise.
+ (JAF_DROP_ZIP): Likewise.
+ (JAF_DROP_SHA256SUM): Likewise.
+ (JAF_DROP_URL): Likewise.
+ (JAXP_DROP_URL): Likewise.
+ (JAXP_DROP_ZIP): Likewise.
+ (JAXP_DROP_SHA256SUM): Likewise.
+ (DROP_PATCHES): Add patches providing code
+ previously provided by drop zips.
+ (SECURITY_PATCHES): Updated.
+ (ICEDTEA_PATCHES): Add DROP_PATCHES. Move
+ 7102369 patch to precede RMI security patch.
+ (ICEDTEA_ENV): Remove ALT_DROPS_DIR.
+ (download-jaxp-drop): Removed.
+ (clean-download-jaxp-drop): Likewise.
+ (download-jaf-drop): Likewise.
+ (clean-download-jaf-drop): Likewise.
+ (download-jaxws-drop): Likewise.
+ (clean-download-jaxws-drop): Likewise.
+ (download-drops): Likewise.
+ (clean-drops): Likewise.
+ (download): Don't depend on download-drops.
+ (clean-download): Likewise for clean-drops.
+ * NEWS: Add security issues, backports and
+ mention drop move.
+ * acinclude.m4:
+ (IT_WITH_JAXP_DROP_ZIP): Removed.
+ (IT_WITH_JAF_DROP_ZIP): Likewise.
+ (IT_WITH_JAXWS_DROP_ZIP): Likewise.
+ * configure.ac: Don't call removed macros above.
+ * patches/ecj/override.patch: Add new cases introduced
+ by security patches (sigh).
+ * patches/libraries.patch,
+ * patches/nomotif-6706121.patch:
+ Regenerated against security patches.
+ * patches/openjdk/5102804-memory_leak.patch,
+ * patches/openjdk/6501644-icu_sync.patch:
+ Backports for security patches.
+ * patches/openjdk/6633275-shaped_translucent_windows.patch:
+ Remove copyright notice changes broken by 8006790 security patch.
+ * patches/openjdk/6669869-queries_per_appcontext.patch,
+ * patches/openjdk/6886358-layout_update.patch,
+ * patches/openjdk/6963811-deadlock_fix.patch,
+ * patches/openjdk/7017324-kerning_crash.patch,
+ * patches/openjdk/7064279-fixup.patch,
+ * patches/openjdk/7064279-resource_release.patch,
+ * patches/openjdk/8004302-soap_test_failure.patch:
+ More backports for security patches.
+ * patches/openjdk/jaf-b20_jaxws2-1_6_2011_06_13.patch,
+ * patches/openjdk/jaxp144_05.patch:
+ Add drop zips in patch form.
+ * patches/security/20130416/6657673-fixup.patch,
+ * patches/security/20130416/6657673.patch,
+ * patches/security/20130416/7200507.patch,
+ * patches/security/20130416/8000724.patch,
+ * patches/security/20130416/8001031.patch,
+ * patches/security/20130416/8001040.patch,
+ * patches/security/20130416/8001322.patch,
+ * patches/security/20130416/8001329.patch,
+ * patches/security/20130416/8003335.patch,
+ * patches/security/20130416/8003445.patch,
+ * patches/security/20130416/8003543.patch,
+ * patches/security/20130416/8004261.patch,
+ * patches/security/20130416/8004336.patch,
+ * patches/security/20130416/8004986.patch,
+ * patches/security/20130416/8005432.patch,
+ * patches/security/20130416/8005943.patch,
+ * patches/security/20130416/8006309.patch,
+ * patches/security/20130416/8006435.patch,
+ * patches/security/20130416/8006790.patch,
+ * patches/security/20130416/8006795.patch,
+ * patches/security/20130416/8007406.patch,
+ * patches/security/20130416/8007617.patch,
+ * patches/security/20130416/8009699.patch:
+ Add security patches.
+ * patches/xjc.patch:
+ Regenerate JAXWS patch against sources, not
+ drop system.
+
+2013-04-12 Omair Majid <omajid at redhat.com>
+
+ * patches/security/20130416/8007667.patch,
+ * patches/security/20130416/8007918.patch,
+ * patches/security/20130416/8009305.patch,
+ * patches/security/20130416/8009814.patch,
+ * patches/security/20130416/8009857.patch:
+ Add security patches.
+
+2013-04-12 Andrew John Hughes <gnu.andrew at member.fsf.org>
+
+ * NEWS: Updated.
+ * Makefile.am:
+ (SECURITY_PATCHES): Correct path to 7036559; not
+ a security patch but a backport to enable one to
+ be applied.
+ * patches/security/20130416/7036559.patch: Moved to...
+ * patches/openjdk/7036559-concurrenthashmap_improvements.patch:
+ ...here.
+
+2013-04-11 Jon VanAlten <jon.vanalten at redhat.com>
+
+ * Makefile.am:
+ (SECURITY_PATCHES): Add new patches.
+ * patches/security/20130416/7036559.patch: Add backport.
+ * patches/security/20130416/8009063.patch: Add security fix.
+
2013-03-19 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
diff -r deabc521f9d2 -r 1a2df02fa23d INSTALL
--- a/INSTALL Wed Mar 20 09:27:20 2013 +0000
+++ b/INSTALL Tue Apr 16 20:25:56 2013 +0100
@@ -145,9 +145,6 @@
* --with-openjdk-src-zip: Specify the location of the OpenJDK tarball to avoid downloading.
* --with-hotspot-src-zip: Specify the location of the HotSpot tarball to avoid downloading.
* --with-alt-jar: Use the specified jar binary in the second stage rather than the one just built.
-* --with-jaxp-drop-zip: Specify the location of the JAXP source drop zip file to avoid downloading.
-* --with-jaf-drop-zip: Specify the location of the JAF source drop zip file to avoid downloading.
-* --with-jaxws-drop-zip: Specify the location of the JAXWS source drop zip file to avoid downloading.
* --with-cacao-home: Specify the location of an installed CACAO to use rather than downloading
and building one.
* --with-cacao-src-zip: Specify the location of a CACAO tarball to avoid downloading.
diff -r deabc521f9d2 -r 1a2df02fa23d Makefile.am
--- a/Makefile.am Wed Mar 20 09:27:20 2013 +0000
+++ b/Makefile.am Tue Apr 16 20:25:56 2013 +0100
@@ -17,15 +17,6 @@
JAMVM_URL = $(JAMVM_BASE_URL)/jamvm-$(JAMVM_VERSION).tar.gz
JAMVM_SRC_ZIP = jamvm-$(JAMVM_VERSION).tar.gz
-JAXWS_DROP_URL = http://icedtea.classpath.org/download/drops
-JAXWS_DROP_ZIP = jdk6-jaxws2_1_6-2011_06_13.zip
-JAXWS_DROP_SHA256SUM = 229040544e791f44906e8e7b6f6faf503c730a5d854275135f3925490d5c3be3
-JAF_DROP_URL = http://icedtea.classpath.org/download/drops
-JAF_DROP_ZIP = jdk6-jaf-b20.zip
-JAF_DROP_SHA256SUM = 78c7b5c9d6271e88ee46abadd018a61f1e9645f8936cc8df1617e5f4f5074012
-JAXP_DROP_URL = http://icedtea.classpath.org/download/drops
-JAXP_DROP_ZIP = jaxp144_03.zip
-JAXP_DROP_SHA256SUM = c1a5348e17b330a7e4b18431e61a40efd2ba99a7da71102cf2c604478ef96012
OPENJDK_HG_URL = http://hg.openjdk.java.net/jdk6/jdk6
HOTSPOT_SRC_ZIP = hotspot.tar.gz
@@ -201,6 +192,10 @@
ICEDTEA_FSG_PATCHES =
+DROP_PATCHES = \
+ patches/openjdk/jaf-b20_jaxws2-1_6_2011_06_13.patch \
+ patches/openjdk/jaxp144_05.patch
+
SECURITY_PATCHES = \
patches/security/20120214/7082299.patch \
patches/security/20120214/7088367.patch \
@@ -219,7 +214,6 @@
patches/security/20120612/7143872.patch \
patches/security/20120612/7145239.patch \
patches/security/20120612/7152811.patch \
- patches/security/20120612/7157609.patch \
patches/security/20120612/7160677.patch \
patches/security/20120612/7160757.patch \
patches/security/20120830/7162476-xmldecoder_via_classfinder.patch \
@@ -274,17 +268,57 @@
patches/security/20130201/8001307.patch \
patches/security/20130201/8001972.patch \
patches/security/20130201/8002325.patch \
- patches/security/20130201/8001235.patch \
patches/security/20130219/8006446.patch \
patches/security/20130219/8006777.patch \
patches/openjdk/7123519-problems_with_certification_path.patch \
patches/security/20130219/8007688.patch \
patches/security/20130304/8007014.patch \
- patches/security/20130304/8007675.patch
+ patches/security/20130304/8007675.patch \
+ patches/openjdk/7036559-concurrenthashmap_improvements.patch \
+ patches/security/20130416/8009063.patch \
+ patches/openjdk/8004302-soap_test_failure.patch \
+ patches/security/20130416/6657673.patch \
+ patches/security/20130416/6657673-fixup.patch \
+ patches/openjdk/6669869-queries_per_appcontext.patch \
+ patches/openjdk/5102804-memory_leak.patch \
+ patches/openjdk/6963811-deadlock_fix.patch \
+ patches/openjdk/7064279-resource_release.patch \
+ patches/openjdk/7064279-fixup.patch \
+ patches/security/20130416/7200507.patch \
+ patches/security/20130416/8000724.patch \
+ patches/security/20130416/8004986.patch \
+ patches/openjdk/6501644-icu_sync.patch \
+ patches/openjdk/6886358-layout_update.patch \
+ patches/security/20130416/8001031.patch \
+ patches/openjdk/7017324-kerning_crash.patch \
+ patches/openjdk/7102369-7094468-rmiregistry.patch \
+ patches/security/20130416/8001040.patch \
+ patches/security/20130416/8001322.patch \
+ patches/security/20130416/8001329.patch \
+ patches/security/20130416/8003335.patch \
+ patches/security/20130416/8003445.patch \
+ patches/security/20130416/8003543.patch \
+ patches/security/20130416/8004261.patch \
+ patches/security/20130416/8004336.patch \
+ patches/security/20130416/8005432.patch \
+ patches/security/20130416/8005943.patch \
+ patches/security/20130416/8006309.patch \
+ patches/security/20130416/8006435.patch \
+ patches/security/20130416/8006790.patch \
+ patches/security/20130416/8006795.patch \
+ patches/security/20130416/8007406.patch \
+ patches/security/20130416/8007617.patch \
+ patches/security/20130416/8007667.patch \
+ patches/security/20130416/8007918.patch \
+ patches/security/20130416/8009305.patch \
+ patches/security/20130416/8009699.patch \
+ patches/security/20130416/8009814.patch \
+ patches/security/20130416/8009857.patch
SPECIAL_SECURITY_PATCH = patches/security/20120214/7112642.patch
ICEDTEA_PATCHES = \
+ $(DROP_PATCHES) \
$(SECURITY_PATCHES) \
patches/openjdk/6610244-modal-fatal-error-windows.patch \
patches/stdc-limit-macros.patch \
@@ -467,7 +501,6 @@
patches/openjdk/6390045-error_cannot_access_java_lang_void.patch \
patches/openjdk/6752638-preferLocaleFonts_throws_NPE.patch \
patches/openjdk/5047314-Collator_compare_runs_indefinitely.patch \
- patches/openjdk/6669869-Beans_isDesignTime_should_be_per-AppContext.patch \
patches/openjdk/6934356-Vector_writeObject_serialization_DL.patch \
patches/openjdk/7036582-Improve_test_coverage_of_BigDecimal.patch \
patches/pr690-shark-jit-hs20.patch \
@@ -481,7 +514,6 @@
patches/arm-debug.patch \
patches/arm-hsdis.patch \
patches/openjdk/7103610-_NET_WM_PID_and_WM_CLIENT_MACHINE_are_not_set.patch \
- patches/openjdk/7102369-7094468-rmiregistry.patch \
patches/openjdk/6851973-kerberos.patch \
patches/openjdk/7091528-javadoc_class_files.patch \
patches/openjdk/7103725-ssl_beast_regression.patch \
@@ -642,7 +674,6 @@
DERIVATIVE_ID="$(ICEDTEA_NAME) $(PACKAGE_VERSION)$(ICEDTEA_REV)" \
DEBUG_CLASSFILES="true" \
DEBUG_BINARIES="true" \
- ALT_DROPS_DIR="$(abs_top_builddir)/drops" \
VERBOSE="$(VERBOSE)" \
ALT_OUTPUTDIR="$(BUILD_OUTPUT_DIR)"
@@ -820,86 +851,6 @@
clean-hgforest:
rm -f stamps/hgforest.stamp
-stamps/download-jaxp-drop.stamp:
- mkdir -p drops
-if USE_ALT_JAXP_DROP_ZIP
- ln -sf $(ALT_JAXP_DROP_ZIP) drops/$(JAXP_DROP_ZIP)
-endif
- if ! echo "$(JAXP_DROP_SHA256SUM) drops/$(JAXP_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then \
- if [ -f drops/$(JAXP_DROP_ZIP) ] ; \
- then \
- mv drops/$(JAXP_DROP_ZIP) drops/$(JAXP_DROP_ZIP).old ; \
- fi ; \
- $(WGET) $(JAXP_DROP_URL)/$(JAXP_DROP_ZIP) -O drops/$(JAXP_DROP_ZIP); \
- if ! echo "$(JAXP_DROP_SHA256SUM) drops/$(JAXP_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then echo "ERROR: Bad download of jaxp drop zip"; false; \
- fi; \
- fi ;
- mkdir -p stamps
- touch $@
-
-clean-download-jaxp-drop:
- rm -f drops/$(JAXP_DROP_ZIP)
- rm -f stamps/download-jaxp-drop.stamp
-
-stamps/download-jaf-drop.stamp:
- mkdir -p drops
-if USE_ALT_JAF_DROP_ZIP
- ln -sf $(ALT_JAF_DROP_ZIP) drops/$(JAF_DROP_ZIP)
-endif
- if ! echo "$(JAF_DROP_SHA256SUM) drops/$(JAF_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then \
- if [ -f drops/$(JAF_DROP_ZIP) ] ; \
- then \
- mv drops/$(JAF_DROP_ZIP) drops/$(JAF_DROP_ZIP).old ; \
- fi ; \
- $(WGET) $(JAF_DROP_URL)/$(JAF_DROP_ZIP) -O drops/$(JAF_DROP_ZIP); \
- if ! echo "$(JAF_DROP_SHA256SUM) drops/$(JAF_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then echo "ERROR: Bad download of jaf drop zip"; false; \
- fi; \
- fi ;
- mkdir -p stamps
- touch $@
-
-clean-download-jaf-drop:
- rm -f drops/$(JAF_DROP_ZIP)
- rm -f stamps/download-jaf-drop.stamp
-
-stamps/download-jaxws-drop.stamp:
- mkdir -p drops
-if USE_ALT_JAXWS_DROP_ZIP
- ln -sf $(ALT_JAXWS_DROP_ZIP) drops/$(JAXWS_DROP_ZIP)
-endif
- if ! echo "$(JAXWS_DROP_SHA256SUM) drops/$(JAXWS_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then \
- if [ -f drops/$(JAXWS_DROP_ZIP) ] ; \
- then \
- mv drops/$(JAXWS_DROP_ZIP) drops/$(JAXWS_DROP_ZIP).old ; \
- fi ; \
- $(WGET) $(JAXWS_DROP_URL)/$(JAXWS_DROP_ZIP) -O drops/$(JAXWS_DROP_ZIP); \
- if ! echo "$(JAXWS_DROP_SHA256SUM) drops/$(JAXWS_DROP_ZIP)" \
- | $(SHA256SUM) --check ; \
- then echo "ERROR: Bad download of jaxws drop zip"; false; \
- fi; \
- fi ;
- mkdir -p stamps
- touch $@
-
-clean-download-jaxws-drop:
- rm -f drops/$(JAXWS_DROP_ZIP)
- rm -f stamps/download-jaxws-drop.stamp
-
-stamps/download-drops.stamp: stamps/download-jaxp-drop.stamp \
- stamps/download-jaxws-drop.stamp stamps/download-jaf-drop.stamp
- mkdir -p stamps
- touch $@
-
stamps/download-cacao.stamp:
if BUILD_CACAO
if !USE_SYSTEM_CACAO
@@ -956,14 +907,6 @@
rm -f $(JAMVM_SRC_ZIP)
rm -f stamps/download-jamvm.stamp
-clean-drops: clean-download-jaxp-drop clean-download-jaf-drop \
- clean-download-jaxws-drop
- if [ -e drops ] ; then \
- rm -f drops/*.old ; \
- rmdir drops ; \
- fi
- rm -f stamps/download-drops.stamp
-
stamps/download-openjdk.stamp: stamps/hgforest.stamp
if USE_HG
if WITH_HGREV
@@ -1023,11 +966,11 @@
rm -f $(HOTSPOT_SRC_ZIP)
rm -f stamps/download-hotspot.stamp
-stamps/download.stamp: stamps/download-drops.stamp stamps/download-cacao.stamp \
- stamps/download-jamvm.stamp stamps/download-openjdk.stamp stamps/download-hotspot.stamp
+stamps/download.stamp: stamps/download-cacao.stamp stamps/download-jamvm.stamp \
+ stamps/download-openjdk.stamp stamps/download-hotspot.stamp
touch stamps/download.stamp
-clean-download: clean-drops clean-download-cacao clean-download-jamvm \
+clean-download: clean-download-cacao clean-download-jamvm \
clean-download-openjdk clean-download-hotspot
rm -f stamps/download.stamp
@@ -2397,18 +2340,10 @@
download-cacao: stamps/download-cacao.stamp
-download-drops: stamps/download-drops.stamp
-
download-hotspot: stamps/download-hotspot.stamp
download-jamvm: stamps/download-jamvm.stamp
-download-jaf-drop: stamps/download-jaf-drop.stamp
-
-download-jaxp-drop: stamps/download-jaxp-drop.stamp
-
-download-jaxws-drop: stamps/download-jaxws-drop.stamp
-
download-openjdk: stamps/download-openjdk.stamp
extract: stamps/extract.stamp
diff -r deabc521f9d2 -r 1a2df02fa23d NEWS
--- a/NEWS Wed Mar 20 09:27:20 2013 +0000
+++ b/NEWS Tue Apr 16 20:25:56 2013 +0100
@@ -12,8 +12,49 @@
New in release 1.11.10 (2013-04-XX):
+* New features
+ - JAXP, JAXWS & JAF supplied as patches rather than drops to aid subsequent patching.
+* Security fixes
+ - S6657673, CVE-2013-1518: Issues with JAXP
+ - S7200507: Refactor Introspector internals
+ - S8000724, CVE-2013-2417: Improve networking serialization
+ - S8001031, CVE-2013-2419: Better font processing
+ - S8001040, CVE-2013-1537: Rework RMI model
+ - S8001322: Refactor deserialization
+ - S8001329, CVE-2013-1557: Augment RMI logging
+ - S8003335: Better handling of Finalizer thread
+ - S8003445: Adjust JAX-WS to focus on API
+ - S8003543, CVE-2013-2415: Improve processing of MTOM attachments
+ - S8004261: Improve input validation
+ - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames
+ - S8004986, CVE-2013-2383: Better handling of glyph table
+ - S8004987, CVE-2013-2384: Better handling of glyph table
+ - S8004994, CVE-2013-1569: Better handling of glyph table
+ - S8005432: Update access to JAX-WS
+ - S8005943: (process) Improved Runtime.exec
+ - S8006309: More reliable control panel operation
+ - S8006435, CVE-2013-2424: Improvements in JMX
+ - S8006790: Improve checking for windows
+ - S8006795: Improve font warning messages
+ - S8007406: Improve accessibility of AccessBridge
+ - S8007617, CVE-2013-2420: Better validation of images
+ - S8007667, CVE-2013-2430: Better image reading
+ - S8007918, CVE-2013-2429: Better image writing
+ - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap
+ - S8009305, CVE-2013-0401: Improve AWT data transfer
+ - S8009699, CVE-2013-2421: Methodhandle lookup
+ - S8009814, CVE-2013-1488: Better driver management
+ - S8009857. CVE-2013-2422: Problem with plugin
* Backports
- S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts
+ - S7036559: ConcurrentHashMap footprint and contention improvements
+ - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom BeanInfo: Class param (with WeakCache from S6397609)
+ - S6501644: sync LayoutEngine *code* structure to match ICU
+ - S6886358: layout code update
+ - S6963811: Deadlock-prone locking changes in Introspector
+ - S7017324: Kerning crash in JDK 7 since ICU layout update
+ - S7064279: Introspector.getBeanInfo() should release some resources in timely manner
+ - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01
* Bug fixes
- Fix get_stack_bounds memory leak (alternate fix for S7197906)
diff -r deabc521f9d2 -r 1a2df02fa23d acinclude.m4
--- a/acinclude.m4 Wed Mar 20 09:27:20 2013 +0000
+++ b/acinclude.m4 Tue Apr 16 20:25:56 2013 +0100
@@ -998,69 +998,6 @@
AC_SUBST(ALT_HOTSPOT_SRC_ZIP)
])
-AC_DEFUN([IT_WITH_JAXP_DROP_ZIP],
-[
- AC_MSG_CHECKING([for a JAXP drop zip])
- AC_ARG_WITH([jaxp-drop-zip],
- [AS_HELP_STRING(--with-jaxp-drop-zip,specify the location of the JAXP drop zip)],
- [
- ALT_JAXP_DROP_ZIP=${withval}
- if test "x${ALT_JAXP_DROP_ZIP}" = "xno"; then
- ALT_JAXP_DROP_ZIP="not specified"
- elif ! test -f ${ALT_JAXP_DROP_ZIP} ; then
- AC_MSG_ERROR([Invalid JAXP drop zip specified: ${ALT_JAXP_DROP_ZIP}])
- fi
- ],
- [
- ALT_JAXP_DROP_ZIP="not specified"
- ])
- AM_CONDITIONAL(USE_ALT_JAXP_DROP_ZIP, test "x${ALT_JAXP_DROP_ZIP}" != "xnot specified")
- AC_MSG_RESULT(${ALT_JAXP_DROP_ZIP})
- AC_SUBST(ALT_JAXP_DROP_ZIP)
-])
-
-AC_DEFUN([IT_WITH_JAF_DROP_ZIP],
-[
- AC_MSG_CHECKING([for a JAF drop zip])
- AC_ARG_WITH([jaf-drop-zip],
- [AS_HELP_STRING(--with-jaf-drop-zip,specify the location of the JAF drop zip)],
- [
- ALT_JAF_DROP_ZIP=${withval}
- if test "x${ALT_JAF_DROP_ZIP}" = "xno"; then
- ALT_JAF_DROP_ZIP="not specified"
- elif ! test -f ${ALT_JAF_DROP_ZIP} ; then
- AC_MSG_ERROR([Invalid JAF drop zip specified: ${ALT_JAF_DROP_ZIP}])
- fi
- ],
- [
- ALT_JAF_DROP_ZIP="not specified"
- ])
- AM_CONDITIONAL(USE_ALT_JAF_DROP_ZIP, test "x${ALT_JAF_DROP_ZIP}" != "xnot specified")
- AC_MSG_RESULT(${ALT_JAF_DROP_ZIP})
- AC_SUBST(ALT_JAF_DROP_ZIP)
-])
-
-AC_DEFUN([IT_WITH_JAXWS_DROP_ZIP],
-[
More information about the distro-pkg-dev
mailing list