Hello community, here is the log from the commit of package java-1_7_0-openjdk for openSUSE:Factory checked in at 2013-02-19 13:35:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/java-1_7_0-openjdk (Old) and /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "java-1_7_0-openjdk", Maintainer is "bnc-team-j...@forge.provo.novell.com" Changes: -------- --- /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/java-1_7_0-openjdk.changes 2013-01-22 15:38:11.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/java-1_7_0-openjdk.changes 2013-02-19 13:35:14.000000000 +0100 @@ -1,0 +2,104 @@ +Wed Feb 13 15:24:12 UTC 2013 - mvysko...@suse.com + +- update to icedtea-2.3.6 (bnc#803379) +* Security fixes + - S6563318, CVE-2013-0424: RMI data sanitization + - S6664509, CVE-2013-0425: Add logging context + - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time + - S6776941: CVE-2013-0427: Improve thread pool shutdown + - S7141694, CVE-2013-0429: Improving CORBA internals + - S7173145: Improve in-memory representation of splashscreens + - S7186945: Unpack200 improvement + - S7186946: Refine unpacker resource usage + - S7186948: Improve Swing data validation + - S7186952, CVE-2013-0432: Improve clipboard access + - S7186954: Improve connection performance + - S7186957: Improve Pack200 data validation + - S7192392, CVE-2013-0443: Better validation of client keys + - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages + - S7192977, CVE-2013-0442: Issue in toolkit thread + - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies + - S7200491: Tighten up JTable layout code + - S7200493, CVE-2013-0444: Improve cache handling + - S7200499: Better data validation for options + - S7200500: Launcher better input validation + - S7201064: Better dialogue checking + - S7201066, CVE-2013-0441: Change modifiers on unused fields + - S7201068, CVE-2013-0435: Better handling of UI elements + - S7201070: Serialization to conform to protocol + - S7201071, CVE-2013-0433: InetSocketAddress serialization issue + - S8000210: Improve JarFile code quality + - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class + - S8000539, CVE-2013-0431: Introspect JMX data handling + - S8000540, CVE-2013-1475: Improve IIOP type reuse management + - S8000631, CVE-2013-1476: Restrict access to class constructor + - S8001235, CVE-2013-0434: Improve JAXP HTTP handling + - S8001242: Improve RMI HTTP conformance + - S8001307: Modify ACC_SUPER behavior + - S8001972, CVE-2013-1478: Improve image processing + - S8002325, CVE-2013-1480: Improve management of images +* Backports + - S7057320: test/java/util/concurrent/Executors/AutoShutdown.java failing intermittently + - S7083664: TEST_BUG: test hard code of using c:/temp but this dir might not exist + - S7107613: scalability blocker in javax.crypto.CryptoPermissions + - S7107616: scalability blocker in javax.crypto.JceSecurityManager + - S7146424: Wildcard expansion for single entry classpath + - S7160609: [macosx] JDK crash in libjvm.dylib ( C [GeForceGLDriver+0x675a] gldAttachDrawable+0x941) + - S7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar + - S7162488: VM not printing unknown -XX options + - S7169395: Exception throws due to the changes in JDK 7 object tranversal and break backward compatibility + - S7175616: Port fix for TimeZone from JDK 8 to JDK 7 + - S7176485: (bf) Allow temporary buffer cache to grow to IOV_MAX + - S7179908: Fork hs23.3 hsx from hs22.2 for jdk7u7 and reinitialize build number + - S7184326: TEST_BUG: java/awt/Frame/7024749/bug7024749.java has a typo + - S7185245: Licensee source bundle tries to compile JFR + - S7185471: Avoid key expansion when AES cipher is re-init w/ the same key + - S7186371: [macosx] Main menu shortcuts not displayed (7u6 regression) + - S7187834: [macosx] Usage of private API in macosx 2d implementation causes Apple Store rejection + - S7188114: (launcher) need an alternate command line parser for Windows + - S7189136: Fork hs23.5 hsx from hs23.4 for jdk7u9 and reinitialize build number + - S7189350: Fix failed for CR 7162144 + - S7190550: REGRESSION: Some closed/com/oracle/jfr/api tests fail to compile becuse of fix 7185245 + - S7193219: JComboBox serialization fails in JDK 1.7 + - S7193977: REGRESSION:Java 7's JavaBeans persistence ignoring the "transient" flag on properties + - S7195106: REGRESSION : There is no way to get Icon inf, once Softreference is released + - S7195301: XML Signature DOM implementation should not use instanceof to determine type of Node + - S7195931: UnsatisfiedLinkError on PKCS11.C_GetOperationState while using NSS from jre7u6+ + - S7197071: Makefiles for various security providers aren't including the default manifest. + - S7197652: Impossible to run any signed JNLP applications or applets, OCSP off by default + - S7198146: Another new regression test does not compile on windows-amd64 + - S7198570: (tz) Support tzdata2012f + - S7198640: new hotspot build - hs23.6-b04 + - S7199488: [TEST] runtime/7158800/InternTest.java failed due to false-positive on PID match. + - S7199645: Increment build # of hs23.5 to b02 + - S7199669: Update tags in .hgtags file for CPU release rename + - S7200720: crash in net.dll during NTLM authentication + - S7200742: (se) Selector.select does not block when starting Coherence (sol11u1) + - S7200762: [macosx] Stuck in sun.java2d.opengl.CGLGraphicsConfig.getMaxTextureSize(Native Method) + - S8000285: Deadlock between PostEventQueue.noEvents, EventQueue.isDispatchThread and SwingUtilities.invokeLater + - S8000286: [macosx] Views keep scrolling back to the drag position after DnD + - S8000297: REGRESSION: closed/java/awt/EventQueue/PostEventOrderingTest.java fails + - S8000307: Jre7cert: focusgained does not get called for all focus req when do alt + tab + - S8000822: Fork hs23.7 hsx from hs23.6 for jdk7u11 and reinitialize build number + - S8001124: jdk7u ProblemList.txt updates (10/2012) + - S8001242: Improve RMI HTTP conformance + - S8001808: Create a test for 8000327 + - S8001876: Create regtest for 8000283 + - S8002068: Build broken: corba code changes unable to use new JDK 7 classes + - S8002091: tools/launcher/ToolsOpts.java test started to fail since 7u11 b01 on Windows + - S8002114: fix failed for JDK-7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar + - S8002225: (tz) Support tzdata2012i + - S8003402: (dc) test/java/nio/channels/DatagramChannel/SendToUnresovled.java failing after 7u11 cleanup issues + - S8003403: Test ShortRSAKeyWithinTLS and ClientJSSEServerJSSE failing after 7u11 cleanup + - S8003948: NTLM/Negotiate authentication problem + - S8004175: Restricted packages added in java.security are missing in java.security-{macosx, solaris, windows} + - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01 + - S8004341: Two JCK tests fails with 7u11 b06 + - S8005615: Java Logger fails to load tomcat logger implementation (JULI) +* Bug fixes + - Fix build using Zero's HotSpot so all patches apply again. + - PR1295: jamvm parallel unpack failure + * removed icedtea-2.3.2-fix-extract-jamvm-dependency.patch + - removed icedtea-2.3.3-refresh-6924259-string_offset.patch + +------------------------------------------------------------------- Old: ---- 7182233cc27e.tar.gz 8bd8e70d4a03.tar.gz 946195011b30.tar.gz 96d4f04f2b7c.tar.gz a456d0771ba0.tar.gz aa3654afea12.tar.gz beecf0b9e760.tar.gz dc9234e25ab0.tar.gz icedtea-2.3.2-fix-extract-jamvm-dependency.patch icedtea-2.3.3-refresh-6924259-string_offset.patch icedtea-2.3.4.tar.gz icedtea-2.3.4.tar.gz.sig New: ---- 32569b4d36f4.tar.gz 6bb01322bb5a.tar.gz 97a8b625f6e9.tar.gz b900024eb4ba.tar.gz bc0de5a0ece2.tar.gz d7feafb8427b.tar.gz dd8d1a8f222f.tar.gz e0739a8783d1.tar.gz icedtea-2.3.6.tar.gz icedtea-2.3.6.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_7_0-openjdk.spec ++++++ --- /var/tmp/diff_new_pack.qgTUMw/_old 2013-02-19 13:35:20.000000000 +0100 +++ /var/tmp/diff_new_pack.qgTUMw/_new 2013-02-19 13:35:20.000000000 +0100 @@ -57,7 +57,7 @@ # If runtests is 0 test suites will not be run. %define runtests 0 -%define icedtea_version 2.3.4 +%define icedtea_version 2.3.6 %define hg_tag icedtea-{icedtea_version}-branchpoint %define openjdkdate 27_jun_2011 @@ -157,15 +157,15 @@ Source3: mauve-%{mauvedate}.tar.gz Source4: mauve_tests -Source5: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/archive/8bd8e70d4a03.tar.gz -Source6: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/archive/dc9234e25ab0.tar.gz -Source7: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp/archive/aa3654afea12.tar.gz -Source8: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws/archive/7182233cc27e.tar.gz -Source9: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/archive/96d4f04f2b7c.tar.gz -Source10: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools/archive/946195011b30.tar.gz -Source11: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot/archive/beecf0b9e760.tar.gz +Source5: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/archive/dd8d1a8f222f.tar.gz +Source6: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/archive/97a8b625f6e9.tar.gz +Source7: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp/archive/d7feafb8427b.tar.gz +Source8: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws/archive/b900024eb4ba.tar.gz +Source9: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/archive/6bb01322bb5a.tar.gz +Source10: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools/archive/e0739a8783d1.tar.gz +Source11: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot/archive/bc0de5a0ece2.tar.gz # zero compatible hotspot -Source12: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/archive/a456d0771ba0.tar.gz +Source12: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/archive/32569b4d36f4.tar.gz Source13: http://icedtea.classpath.org/download/drops/jamvm/jamvm-0972452d441544f7dd29c55d64f1ce3a5db90d82.tar.gz #Source1000: java-1_7_0-openjdk-rpmlintrc @@ -227,11 +227,6 @@ Patch1003: java-1_7_0-openjdk-add-memory-limit.patch Patch1004: java-1_7_0-openjdk-zero-annotate-aborting-functions-zero.patch -# PATCH-FIX-OPENSUSE: fix the dependency issues on jamvm builds -# sent to distro-pkg-dev -Patch1005: icedtea-2.3.2-fix-extract-jamvm-dependency.patch -# PATCH-FIX-OPENSUSE: refresh part of patches/hotspot/zero/6924259-string_offset.patch -Patch1006: icedtea-2.3.3-refresh-6924259-string_offset.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -497,9 +492,6 @@ %patch1000 -p1 %patch1003 -p1 -%patch1005 -p1 -%patch1006 -p1 - %build export LANG=C unset JAVA_HOME ++++++ 7182233cc27e.tar.gz -> 32569b4d36f4.tar.gz ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/7182233cc27e.tar.gz /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/32569b4d36f4.tar.gz differ: char 5, line 1 ++++++ 7182233cc27e.tar.gz -> 6bb01322bb5a.tar.gz ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/7182233cc27e.tar.gz /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/6bb01322bb5a.tar.gz differ: char 5, line 1 ++++++ 7182233cc27e.tar.gz -> 97a8b625f6e9.tar.gz ++++++ ++++ 725913 lines of diff (skipped) ++++++ 7182233cc27e.tar.gz -> b900024eb4ba.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxws-7182233cc27e/.hgtags new/jaxws-b900024eb4ba/.hgtags --- old/jaxws-7182233cc27e/.hgtags 2013-01-14 23:24:58.000000000 +0100 +++ new/jaxws-b900024eb4ba/.hgtags 2013-02-11 22:40:55.000000000 +0100 @@ -211,3 +211,41 @@ 9a744f20cfc52e19f66956e5d406c23910ed4cb4 icedtea-2.3.2 c89c6ac953e7f30780e74b4bc153fee4dd330179 icedtea-2.3.3 03f54ef339144764e218c6548c237e06d54d5ac7 icedtea-2.3.4 +7182233cc27e9f1ee8435dbcf6c3948379ec35b0 icedtea-2.3.5 +8064f322e58d24f7ced21b73eccff37ee06a33ea icedtea-2.3.6 +8064f322e58d24f7ced21b73eccff37ee06a33ea icedtea-2.3.6 +0000000000000000000000000000000000000000 icedtea-2.3.6 +739ffa9dffad4cc2febe66ca1c2d86496e80741a jdk7u7-b10 +e9a5a78329d0518efafd9f6f6149f359a7db4e2e jdk7u7-b30 +ed6262e7bb0db4cd116c31f3c88cbd7c0288de40 jdk7u7-b11 +538c248de3ef0fcb34c28295c1eab61269708137 jdk7u7-b31 +dc2e6882056c2d400d4cf3c78d67da8e20fc37cc jdk7u7-b01 +45cf55bc1732e8495425dceb385740c6852c0fc8 jdk7u7-b02 +0289894a64a628133bb63f1dc48b45593f96a14d jdk7u9-b03 +0000000000000000000000000000000000000000 jdk7u7-b01 +dc2e6882056c2d400d4cf3c78d67da8e20fc37cc jdk7u9-b01 +0000000000000000000000000000000000000000 jdk7u7-b02 +45cf55bc1732e8495425dceb385740c6852c0fc8 jdk7u9-b02 +66a2e01550a9e84e907a7f7b96e64ee90a4ec0e4 jdk7u9-b04 +f3e42e044584b1b21de29eef1b82974d273c77dc jdk7u9-b05 +dd8e4098681aa581d0398ad7d2d1e2547517c7e5 jdk7u10-b10 +1784290b63bcf021334b0accdb3868fdc4ca854e jdk7u10-b11 +fde9a060a04d9f9b54f36d645e91ec9a2b40cb81 jdk7u10-b12 +d7bf349cf0c60bc41a33c1f70969f11668deddb3 jdk7u10-b13 +17ec7a59002695c35dbd83a120b705e21d982d68 jdk7u10-b14 +75ecadd1f8fc5a218b1ed71b3c3df776d76e048e jdk7u10-b15 +ed609545e38c2e499437292c1541e4d1c2b8b992 jdk7u10-b16 +e63292c59ed8481864302cc3f53b498cbdea3470 jdk7u10-b17 +6a372e9b4ae978cdaf0b95277db31827794e2c1f jdk7u10-b18 +df3e4c85e26c651d098cddd546916a625fd777cd jdk7u10-b30 +846f4e01218ffe37b2dbceaf89c222c0aea43180 jdk7u11-b20 +1f06394ca182cb392e472ba7b63b28a40725629d jdk7u11-b21 +ed609545e38c2e499437292c1541e4d1c2b8b992 jdk7u11-b03 +4e1dd1192649575e80d893bcab411077b77c9a0c jdk7u11-b04 +0e1eefefc2d0c8f0d0cd9e7fb7d78ae026aa8ba0 jdk7u11-b05 +7365410bb417d6a40996920bb4dbb44bdb1225a9 jdk7u11-b06 +66786f9d73c479ce70a306e14dd7f653f5b3a4f9 jdk7u11-b07 +a3cadd00459f1146fdcfa8702bbb29efdcd58960 jdk7u11-b08 +c7ea4220ad61b125bd7c4b7f112dd9ff18e9be33 jdk7u13-b09 +0000000000000000000000000000000000000000 icedtea-2.3.6 +4390dfdde97c7de6b3a12fe59586188fa3ad535c icedtea-2.3.6 ++++++ 7182233cc27e.tar.gz -> bc0de5a0ece2.tar.gz ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/7182233cc27e.tar.gz /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/bc0de5a0ece2.tar.gz differ: char 5, line 1 ++++++ 7182233cc27e.tar.gz -> d7feafb8427b.tar.gz ++++++ ++++ 1081189 lines of diff (skipped) ++++++ 7182233cc27e.tar.gz -> dd8d1a8f222f.tar.gz ++++++ ++++ 494092 lines of diff (skipped) ++++++ 7182233cc27e.tar.gz -> e0739a8783d1.tar.gz ++++++ ++++ 902754 lines of diff (skipped) ++++++ icedtea-2.3.4.tar.gz -> icedtea-2.3.6.tar.gz ++++++ ++++ 4101 lines of diff (skipped) ++++++ java-1.7.0-openjdk-java-access-bridge-security.patch ++++++ --- /var/tmp/diff_new_pack.qgTUMw/_old 2013-02-19 13:35:26.000000000 +0100 +++ /var/tmp/diff_new_pack.qgTUMw/_new 2013-02-19 13:35:26.000000000 +0100 @@ -2,21 +2,25 @@ =================================================================== --- openjdk/jdk/src/share/lib/security/java.security.orig +++ openjdk/jdk/src/share/lib/security/java.security -@@ -124,7 +124,7 @@ keystore.type=jks - # passed to checkPackageAccess unless the - # corresponding RuntimePermission ("accessClassInPackage."+package) has - # been granted. --package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal. -+package.access=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,org.GNOME.Accessibility.,org.GNOME.Bonobo. +@@ -135,7 +135,9 @@ package.access=sun.,\ + com.sun.org.apache.xerces.internal.utils.,\ + com.sun.org.apache.xalan.internal.utils.,\ + com.sun.org.glassfish.external.,\ +- com.sun.org.glassfish.gmbal. ++ com.sun.org.glassfish.gmbal.,\ ++ org.GNOME.Accessibility.,\ ++ org.GNOME.Bonobo. # # List of comma-separated packages that start with or equal this string -@@ -136,7 +136,7 @@ package.access=sun.,com.sun.xml.internal - # by default, none of the class loaders supplied with the JDK call - # checkPackageDefinition. - # --package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal. -+package.definition=sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,org.GNOME.Accessibility.,org.GNOME.Bonobo. +@@ -158,7 +160,9 @@ package.definition=sun.,\ + com.sun.org.apache.xerces.internal.utils.,\ + com.sun.org.apache.xalan.internal.utils.,\ + com.sun.org.glassfish.external.,\ +- com.sun.org.glassfish.gmbal. ++ com.sun.org.glassfish.gmbal.,\ ++ org.GNOME.Accessibility.,\ ++ org.GNOME.Bonobo. # # Determines whether this properties file can be appended to -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org