commit java-1_6_0-openjdk for openSUSE:11.3

Tue, 25 Oct 2011 06:50:45 -0700 

Hello community,

here is the log from the commit of package java-1_6_0-openjdk for openSUSE:11.3
checked in at Tue Oct 25 15:50:38 CEST 2011.



--------
--- old-versions/11.3/UPDATES/all/java-1_6_0-openjdk/java-1_6_0-openjdk.changes 
2011-06-09 14:30:46.000000000 +0200
+++ 11.3/java-1_6_0-openjdk/java-1_6_0-openjdk.changes  2011-10-24 
09:52:56.000000000 +0200
@@ -1,0 +2,43 @@
+Mon Oct 24 07:51:48 UTC 2011 - [email protected]
+
+- update to 1.10.4 (bnc#725167)
+- Security fixes
+  * S7000600, CVE-2011-3547: InputStream skip() information leak
+  * S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
+  * S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow
+  * S7032417, CVE-2011-3552: excessive default UDP socket limit under 
SecurityManager
+  * S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
+  * S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine
+  * S7055902, CVE-2011-3521: IIOP deserialization code execution
+  * S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error 
checks
+  * S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against 
SSL/TLS (BEAST)
+  * S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer
+  * S7077466, CVE-2011-3556: RMI DGC server remote code execution
+  * S7083012, CVE-2011-3557: RMI registry privileged code execution
+  * S7096936, CVE-2011-3560: missing checkSetFactory calls in 
HttpsURLConnection
+- Bug fixes
+  - RH727195: Japanese font mappings are broken
+- Backports
+  - S6826104, RH730015: Getting a NullPointer exception when clicked on 
Application & Toolkit Modal dialog
+
+-------------------------------------------------------------------
+Thu Aug  4 08:46:55 UTC 2011 - [email protected]
+
+- update to 1.10.3
+- Bug fixes
+  * PR748: Icedtea6 fails to build with Linux 3.0.
+  * PR744: icedtea6-1.10.2 : patching error
+- Backports:
+  * S7037283, RH712211: Null Pointer Exception in SwingUtilities2.
+  * S6769607, PR677: Modal frame hangs for a while.
+  * S6578583: Modality is broken in windows vista home premium from jdk1.7 b02 
onwards.
+  * S6610244: modal dialog closes with fatal error if -Xcheck:jni is set
+- don't touch java and javac alternatives anymore
+
+-------------------------------------------------------------------
+Tue Jun 14 09:23:00 UTC 2011 - [email protected]
+
+- fix build on 11.1/i586 distros
+  * add icedtea6-replace-gcc-stack-marking.patch
+
+-------------------------------------------------------------------

calling whatdependson for 11.3-i586


Old:
----
  icedtea6-1.10.2.tar.gz

New:
----
  icedtea6-1.10.4.tar.gz
  icedtea6-replace-gcc-stack-marking.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ java-1_6_0-openjdk.spec ++++++
--- /var/tmp/diff_new_pack.Idm5bD/_old  2011-10-25 15:41:09.000000000 +0200
+++ /var/tmp/diff_new_pack.Idm5bD/_new  2011-10-25 15:41:09.000000000 +0200
@@ -36,7 +36,7 @@
 # If runtests is 0 test suites will not be run.
 %define runtests 0
 
-%define icedteaver 1.10.2
+%define icedteaver 1.10.4
 %define icedteasnapshot %{nil}
 %define openjdkver b22
 %define openjdkdate 28_feb_2011
@@ -103,8 +103,6 @@
 %define sdkname         java-%{javaver}-%{origin}
 %define archname        %{sdkname}
 # Standard JPackage directories and symbolic links.
-# Make 64-bit JDKs just another alternative on 64-bit architectures.
-# FIXME: add a archsuffix, or use of an baseline.conf
 %define jrelnk          jre-%{javaver}-%{origin}
 %define sdklnk          %{sdkname}
 %define sdkdir          %{sdklnk}-%{javaver}
@@ -134,7 +132,7 @@
 
 Name:           java-1_6_0-openjdk
 Version:        1.6.0.0_%{openjdkver}.%{icedteaver}
-Release:        4.<RELEASE2>
+Release:        0.<RELEASE2>
 Summary:        Java runtime environment based on OpenJDK 6 and IcedTea 6
 Group:          Development/Languages/Java
 License:        GPLv2 ; - with the OpenJDK Assembly Exception and the GNU 
Classpath Exception
@@ -202,6 +200,9 @@
 # PATCH-FIX-OPENSUSE: forward support for bouncycastle provider - requested by 
rgarrigue,
 # will be sent to fedora as well
 Patch135:       icedtea6-1.10.2-bouncycastle-provider-support.patch
+# PATCH-FIX-UPSTREAM: http://icedtea.classpath.org/hg/icedtea6/rev/012505ce3d0d
+# fixes build on 11.1/i586 and sle11/i586, which fails because code behind 
GNU_stack.note in linux_x64_32.so
+Patch136:       icedtea6-replace-gcc-stack-marking.patch
 # PATCH-FIX-UPSTREAM bnc#524505
 Patch1000:      java-1_6_0-openjdk-suse-desktop-files.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -277,6 +278,7 @@
 BuildRequires:  update-desktop-files
 %endif
 
+# runtime ceritifacates generation available in 11.3+ - bnc#596177
 %if %{suse_version} >= 1130
 BuildRequires:  java-ca-certificates
 Requires(post): java-ca-certificates
@@ -457,6 +459,7 @@
 %setup -q -n icedtea6-%{icedteaver} -T -D -a 5
 %setup -q -n icedtea6-%{icedteaver} -T -D -a 2
 %patch0 -b .optflags
+%patch136 -p1 -b .gnu-stack
 %patch1000 -p1
 
 cp %{SOURCE6} .
@@ -534,8 +537,10 @@
     %{PATCH134} \
     %{PATCH133} \
 %endif
-    %{PATCH129} \
-    %{PATCH135}
+%if 0%{?suse_version} >= 1120
+    %{PATCH135} \
+%endif
+    %{PATCH129}
     do
         qpatch -p1 ${PATCH}
 done
@@ -800,8 +805,6 @@
 
 %post
 
-#bnc#648260 - workaround
-sed -i '/pack200/d' /var/lib/rpm/alternatives/java
 #fix of the previous workaround ;-) bnc#669716
 #this will collect all empty lines in Sun Java alternatives
 if [ -f %{_libexecdir}/%{name}/javafix ]; then
@@ -878,8 +881,6 @@
 %endif
 
 %post devel
-#bnc#648260 - workaround
-sed -i '/pack200/d' /var/lib/rpm/alternatives/java
 ext=.gz
 update-alternatives \
   --install %{_bindir}/javac javac %{sdkbindir}/javac %{priority} \
@@ -1012,6 +1013,7 @@
 %doc ChangeLog
 %doc NEWS
 %doc README
+
 %dir %{_jvmdir}/%{sdkdir}
 %{_jvmdir}/%{jrelnk}
 %{_jvmjardir}/%{jrelnk}

++++++ icedtea6-1.10.2.tar.gz -> icedtea6-1.10.4.tar.gz ++++++
old-versions/11.3/UPDATES/all/java-1_6_0-openjdk/icedtea6-1.10.2.tar.gz 
11.3/java-1_6_0-openjdk/icedtea6-1.10.4.tar.gz differ: char 5, line 1

++++++ icedtea6-replace-gcc-stack-marking.patch ++++++

# HG changeset patch
# User Omair Majid <[email protected]>
# Date 1304632673 14400
# Node ID 012505ce3d0d03fa54072e9189f555b239278f8c
# Parent  50ed8053ec2f1f65f5d88f9f24826c8c15bc1771
Backport S7019808. Replace gcc-stack-markings.patch with upstream's fix

2011-05-05  Omair Majid  <[email protected]>

       * Makefile.am (ICEDTEA_PATCHES): Replace patches/gcc-stack-markings.patch
       with patches/openjdk/7019808-stack_noexec.patch.
       * patches/gcc-stack-markings.patch: Remove
       * patches/openjdk/7019808-stack_noexec.patch: Fix from upstream.

Index: icedtea6-1.10.2/Makefile.am
===================================================================
--- icedtea6-1.10.2.orig/Makefile.am    2011-05-25 18:35:41.452875471 +0200
+++ icedtea6-1.10.2/Makefile.am 2011-06-14 14:45:04.116091426 +0200
@@ -276,7 +276,7 @@
        patches/java2d-stroker-internal-close-joint.patch \
        patches/disable-cc-incompatible-sanity-checks.patch \
        patches/explicit-target-arch.patch \
-       patches/gcc-stack-markings.patch \
+       patches/openjdk/7019808-stack_noexec.patch \
        patches/parisc.patch \
        patches/sh4-support.patch \
        patches/policy-evaluation.patch \
Index: icedtea6-1.10.2/patches/gcc-stack-markings.patch
===================================================================
--- icedtea6-1.10.2.orig/patches/gcc-stack-markings.patch       2011-05-25 
18:34:31.327069382 +0200
+++ /dev/null   1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
---- openjdk/hotspot/src/os_cpu/linux_x86/vm/linux_x86_32.s~    2009-08-06 
01:08:57.000000000 -0700
-+++ openjdk/hotspot/src/os_cpu/linux_x86/vm/linux_x86_32.s     2009-08-06 
01:09:27.000000000 -0700
-@@ -650,3 +650,4 @@ _Atomic_cmpxchg_long:
-         popl     %ebx
-         ret
- 
-+.section        .note.GNU-stack, "", @progbits
---- openjdk/hotspot/src/os_cpu/linux_x86/vm/linux_x86_64.s~    2009-08-06 
01:08:57.000000000 -0700
-+++ openjdk/hotspot/src/os_cpu/linux_x86/vm/linux_x86_64.s     2009-08-06 
01:09:27.000000000 -0700
-@@ -400,3 +400,4 @@ _Atomic_cmpxchg_long:
-         addq     $4,%rdx
-         jg       4b
-         ret
-+.section        .note.GNU-stack, "", @progbits
Index: icedtea6-1.10.2/patches/openjdk/7019808-stack_noexec.patch
===================================================================
--- /dev/null   1970-01-01 00:00:00.000000000 +0000
+++ icedtea6-1.10.2/patches/openjdk/7019808-stack_noexec.patch  2011-06-14 
14:45:04.118091426 +0200
@@ -0,0 +1,23 @@
+# HG changeset patch
+# User dsamersoff
+# Date 1304097180 -14400
+# Node ID dddc5753c53a063c94c9949c623babe4f946c7e6
+# Parent  0cddebc420d8b0fff85f4e0071d531e966372b80
+7019808: build fails on Fedora 14: SELinux run-time check: execution of stack 
in libjvm.so
+Summary: executable flag is set in the elf header of libjvm.so during build, 
instruct ld to don't do it.
+Reviewed-by: acorn, phh
+
+diff -r 0cddebc420d8 -r dddc5753c53a make/linux/makefiles/vm.make
+--- openjdk/hotspot/make/linux/makefiles/vm.make       Thu Apr 28 08:24:46 
2011 -0700
++++ openjdk/hotspot/make/linux/makefiles/vm.make       Fri Apr 29 21:13:00 
2011 +0400
+@@ -102,6 +102,10 @@
+ CFLAGS += $(EXTRA_CFLAGS)
+ LFLAGS += $(EXTRA_CFLAGS)
+ 
++# Don't set excutable bit on stack segment
++# the same could be done by separate execstack command
++LFLAGS += -Xlinker -z -Xlinker noexecstack
++
+ LIBS += -lm -ldl -lpthread
+ 
+ # By default, link the *.o into the library, not the executable.



continue with "q"...



Remember to have fun...

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to