Hello community,
here is the log from the commit of package java-1_7_0-openjdk for
openSUSE:Factory checked in at 2012-10-25 10:59:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/java-1_7_0-openjdk (Old)
and /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "java-1_7_0-openjdk", Maintainer is ""
Changes:
--------
--- /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/java-1_7_0-openjdk.changes
2012-10-12 08:11:56.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/java-1_7_0-openjdk.changes
2012-10-25 10:59:47.000000000 +0200
@@ -1,0 +2,40 @@
+Fri Oct 19 12:09:11 UTC 2012 - [email protected]
+
+- update to icedtea-2.3.3 (bnc#785814)
+* Security fixes
+ - S6631398, CVE-2012-3216: FilePermission improved path checking
+ - S7093490: adjust package access in rmiregistry
+ - S7143535, CVE-2012-5068: ScriptEngine corrected permissions
+ - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp
+ - S7158807: Revise stack management with volatile call sites
+ - S7163198, CVE-2012-5076: Tightened package accessibility
+ - S7167656, CVE-2012-5077: Multiple Seeders are being created
+ - S7169884, CVE-2012-5073: LogManager checks do not work correctly for
sub-types
+ - S7169887, CVE-2012-5074: Tightened package accessibility
+ - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI
connector
+ - S7172522, CVE-2012-5072: Improve DomainCombiner checking
+ - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC
+ - S7189103, CVE-2012-5069: Executors needs to maintain state
+ - S7189490: More improvements to DomainCombiner checking
+ - S7189567, CVE-2012-5085: java net obselete protocol
+ - S7192975, CVE-2012-5071: Issue with JMX reflection
+ - S7195194, CVE-2012-5084: Better data validation for Swing
+ - S7195549, CVE-2012-5087: Better bean object persistence
+ - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be
improved
+ - S7195919, CVE-2012-5079: (sl) ServiceLoader can throw CCE without needing
to create instance
+ - S7196190, CVE-2012-5088: Improve method of handling MethodHandles
+ - S7198296, CVE-2012-5089: Refactor classloader usage
+ - S7158800: Improve storage of symbol tables
+ - S7158801: Improve VM CompileOnly option
+ - S7158804: Improve config file parsing
+ - S7198606, CVE-2012-4416: Improve VM optimization
+* Bug fixes
+ - Remove merge artefact.
+ - Remove the Xp header and library checks.
+* JamVM
+ - PR1155: Do not put version number in libjvm.so SONAME
+- refresh java-1.7.0-openjdk-java-access-bridge-security.patch as new glassfish
+ classes were added
+- add icedtea-2.3.3-refresh-6924259-string_offset.patch
+
+-------------------------------------------------------------------
Old:
----
47a867dd3005.tar.gz
7fae6a3a68c7.tar.gz
867d5041bee6.tar.gz
acba2d30209d.tar.gz
c89c6ac953e7.tar.gz
ea39d76b3bde.tar.gz
ee4bd94136ec.tar.gz
f78eb7e08ee1.tar.gz
icedtea-2.3.2.tar.gz
icedtea-2.3.2.tar.gz.sig
jamvm-e70f2450890b82c37422616cc85e1a23385f03cd.tar.gz
New:
----
03f54ef33914.tar.gz
301e79a966b4.tar.gz
5ec94d162f05.tar.gz
9a95d714d136.tar.gz
a456d0771ba0.tar.gz
d2d0a106917c.tar.gz
ec73c6927fb7.tar.gz
f45296ac69be.tar.gz
icedtea-2.3.3-refresh-6924259-string_offset.patch
icedtea-2.3.3.tar.gz
jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ java-1_7_0-openjdk.spec ++++++
--- /var/tmp/diff_new_pack.52sPBi/_old 2012-10-25 10:59:57.000000000 +0200
+++ /var/tmp/diff_new_pack.52sPBi/_new 2012-10-25 10:59:57.000000000 +0200
@@ -48,7 +48,7 @@
# If runtests is 0 test suites will not be run.
%define runtests 0
-%define icedtea_version 2.3.2
+%define icedtea_version 2.3.3
%define hg_tag icedtea-{icedtea_version}-branchpoint
%define openjdkdate 27_jun_2011
@@ -144,22 +144,25 @@
Source3: mauve-%{mauvedate}.tar.gz
Source4: mauve_tests
-Source5:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/archive/acba2d30209d.tar.gz
-Source6:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/archive/7fae6a3a68c7.tar.gz
-Source7:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp/archive/ee4bd94136ec.tar.gz
-Source8:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws/archive/c89c6ac953e7.tar.gz
-Source9:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/archive/f78eb7e08ee1.tar.gz
-Source10:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools/archive/867d5041bee6.tar.gz
-# originally fetched from here, does not exist anymore
-Source11: ea39d76b3bde.tar.gz
-Source12:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/archive/47a867dd3005.tar.gz
-Source13:
http://icedtea.classpath.org/download/drops/jamvm/jamvm-e70f2450890b82c37422616cc85e1a23385f03cd.tar.gz
+Source5:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/archive/301e79a966b4.tar.gz
+Source6:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/archive/9a95d714d136.tar.gz
+Source7:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp/archive/f45296ac69be.tar.gz
+Source8:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws/archive/03f54ef33914.tar.gz
+Source9:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/archive/5ec94d162f05.tar.gz
+Source10:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools/archive/ec73c6927fb7.tar.gz
+Source11:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot/archive/d2d0a106917c.tar.gz
+# zero compatible hotspot
+Source12:
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/archive/a456d0771ba0.tar.gz
+Source13:
http://icedtea.classpath.org/download/drops/jamvm/jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82.tar.gz
#Source1000: java-1_7_0-openjdk-rpmlintrc
# those properties are for opeSUSE only
Source1001: fontconfig.SuSE.properties
-Source2000: icedtea-%{icedtea_version}.tar.gz.sig
+# not released this time, checked sha256sum according
+#
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020571.html
+# e5ac5564e00c4a8d7b3376ed6de91b18a2587c8abdad802ccc92c780765b1073
icedtea-2.3.3.tar.gz
+#Source2000: icedtea-%{icedtea_version}.tar.gz.sig
# RPM/distribution specific patches
@@ -213,6 +216,8 @@
# PATCH-FIX-OPENSUSE: fix the dependency issues on jamvm builds
# sent to distro-pkg-dev
Patch1005: icedtea-2.3.2-fix-extract-jamvm-dependency.patch
+# PATCH-FIX-OPENSUSE: refresh part of
patches/hotspot/zero/6924259-string_offset.patch
+Patch1006: icedtea-2.3.3-refresh-6924259-string_offset.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -470,6 +475,8 @@
%patch1003 -p1
%patch1005 -p1
+%patch1006 -p1
+
%build
export LANG=C
unset JAVA_HOME
++++++ 47a867dd3005.tar.gz -> 03f54ef33914.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/03f54ef33914.tar.gz differ:
char 5, line 1
++++++ ea39d76b3bde.tar.gz -> 301e79a966b4.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/ea39d76b3bde.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/301e79a966b4.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> 5ec94d162f05.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/5ec94d162f05.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> 9a95d714d136.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/9a95d714d136.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> a456d0771ba0.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/a456d0771ba0.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> d2d0a106917c.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/d2d0a106917c.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> ec73c6927fb7.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/ec73c6927fb7.tar.gz differ:
char 5, line 1
++++++ 47a867dd3005.tar.gz -> f45296ac69be.tar.gz ++++++
/work/SRC/openSUSE:Factory/java-1_7_0-openjdk/47a867dd3005.tar.gz
/work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/f45296ac69be.tar.gz differ:
char 5, line 1
++++++ icedtea-2.3.3-refresh-6924259-string_offset.patch ++++++
Index: icedtea-2.3.3/patches/hotspot/zero/6924259-string_offset.patch
===================================================================
--- icedtea-2.3.3.orig/patches/hotspot/zero/6924259-string_offset.patch
2012-10-17 10:20:09.779948816 +0200
+++ icedtea-2.3.3/patches/hotspot/zero/6924259-string_offset.patch
2012-10-19 14:56:22.265958143 +0200
@@ -378,7 +378,7 @@
diff --git a/src/share/vm/memory/dump.cpp b/src/share/vm/memory/dump.cpp
--- openjdk/hotspot/src/share/vm/memory/dump.cpp
+++ openjdk/hotspot/src/share/vm/memory/dump.cpp
-@@ -78,8 +78,8 @@
+@@ -78,8 +78,8 @@ public:
void do_oop(oop* p) {
if (p != NULL) {
oop obj = *p;
@@ -386,7 +386,7 @@
-
+ if (obj->klass() == SystemDictionary::String_klass() &&
+ java_lang_String::has_hash_field()) {
- int hash = java_lang_String::hash_string(obj);
+ int hash = java_lang_String::to_hash(obj);
obj->int_field_put(hash_offset, hash);
}
diff --git a/src/share/vm/opto/graphKit.cpp b/src/share/vm/opto/graphKit.cpp
++++++ icedtea-2.3.2.tar.gz -> icedtea-2.3.3.tar.gz ++++++
++++ 4539 lines of diff (skipped)
++++++ jamvm-e70f2450890b82c37422616cc85e1a23385f03cd.tar.gz ->
jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/jamvm-e70f2450890b82c37422616cc85e1a23385f03cd/src/Makefile.am
new/jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82/src/Makefile.am
--- old/jamvm-e70f2450890b82c37422616cc85e1a23385f03cd/src/Makefile.am
2012-08-15 04:51:32.000000000 +0200
+++ new/jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82/src/Makefile.am
2012-09-25 02:41:25.000000000 +0200
@@ -1,5 +1,5 @@
##
-## Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2010, 2011
+## Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2010, 2011, 2012
## Robert Lougher <[email protected]>.
##
## This file is part of JamVM.
@@ -42,6 +42,7 @@
jamvm_LDADD = libcore.la
libjvm_la_LIBADD = libcore.la
+libjvm_la_LDFLAGS = -avoid-version
libcore_la_LIBADD = interp/libinterp.la os/@os@/@arch@/libnative.la \
os/@os@/libos.la classlib/@classlib@/libclasslib.la
++++++ java-1.7.0-openjdk-java-access-bridge-security.patch ++++++
--- /var/tmp/diff_new_pack.52sPBi/_old 2012-10-25 10:59:58.000000000 +0200
+++ /var/tmp/diff_new_pack.52sPBi/_new 2012-10-25 10:59:58.000000000 +0200
@@ -1,22 +1,22 @@
-Index:
java-1_7_0-openjdk/java-access-bridge-1.23.0/bridge/org/GNOME/Accessibility/JavaBridge.java
+Index: openjdk/jdk/src/share/lib/security/java.security
===================================================================
---- openjdk/jdk/src/share/lib/security/java.security-src
+--- openjdk/jdk/src/share/lib/security/java.security.orig
+++ openjdk/jdk/src/share/lib/security/java.security
-@@ -131,7 +131,7 @@
+@@ -124,7 +124,7 @@ keystore.type=jks
# passed to checkPackageAccess unless the
# corresponding RuntimePermission ("accessClassInPackage."+package) has
# been granted.
--package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
-+package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,org.GNOME.Accessibility.,org.GNOME.Bonobo.
+-package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.
++package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,org.GNOME.Accessibility.,org.GNOME.Bonobo.
#
# List of comma-separated packages that start with or equal this string
-@@ -143,7 +143,7 @@
+@@ -136,7 +136,7 @@ package.access=sun.,com.sun.xml.internal
# by default, none of the class loaders supplied with the JDK call
# checkPackageDefinition.
#
--package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
-+package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,org.GNOME.Accessibility.,org.GNOME.Bonobo.
+-package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.
++package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,org.GNOME.Accessibility.,org.GNOME.Bonobo.
#
# Determines whether this properties file can be appended to
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
