mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-12 22:26:40 -05:00
gnu: icedtea-6: Update to 1.13.12 [security fixes].
Fixes CVE-2016-{3458,3485,3500,3508,3550,3606}. * gnu/packages/java.scm (icedtea-6): Update to 1.13.12. [source]: Remove 'icedtea-remove-overrides' patch. [arguments]: Move ALSA header substitution to 'patch-paths' phase. * gnu/packages/patches/icedtea-remove-overrides.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
parent
68c35ba96e
commit
7335ca1d71
3 changed files with 12 additions and 304 deletions
|
@ -576,7 +576,6 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/icecat-CVE-2016-2824.patch \
|
||||
%D%/packages/patches/icecat-CVE-2016-2828.patch \
|
||||
%D%/packages/patches/icecat-CVE-2016-2831.patch \
|
||||
%D%/packages/patches/icedtea-remove-overrides.patch \
|
||||
%D%/packages/patches/icu4c-CVE-2014-6585.patch \
|
||||
%D%/packages/patches/icu4c-CVE-2015-1270.patch \
|
||||
%D%/packages/patches/icu4c-CVE-2015-4760.patch \
|
||||
|
|
|
@ -337,16 +337,15 @@ (define-public ant
|
|||
(define-public icedtea-6
|
||||
(package
|
||||
(name "icedtea")
|
||||
(version "1.13.11")
|
||||
(version "1.13.12")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"http://icedtea.wildebeest.org/download/source/icedtea6-"
|
||||
version ".tar.xz"))
|
||||
(patches (search-patches "icedtea-remove-overrides.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1grki39a4rf8n74zc0iglcggxxbpniyfh1gk1lb10p63zvvcsvjj"))
|
||||
"1q5iqm3dzqj8w3dwj6qqhczkkrslrfhmn3110klfwq9kyi2nimj8"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(substitute* "Makefile.in"
|
||||
|
@ -441,13 +440,7 @@ (define-public icedtea-6
|
|||
(substitute* '("patches/jtreg-jrunscript.patch"
|
||||
"patches/hotspot/hs23/drop_unlicensed_test.patch")
|
||||
(("#!/bin/sh") (string-append "#!" (which "sh"))))
|
||||
|
||||
;; fix path to alsa header in patch
|
||||
(substitute* "patches/openjdk/6799141-split_out_versions.patch"
|
||||
(("ALSA_INCLUDE=/usr/include/alsa/version.h")
|
||||
(string-append "ALSA_INCLUDE="
|
||||
(assoc-ref %build-inputs "alsa-lib")
|
||||
"/include/alsa/version.h")))))
|
||||
#t))
|
||||
(add-after 'unpack 'patch-paths
|
||||
(lambda _
|
||||
;; buildtree.make generates shell scripts, so we need to replace
|
||||
|
@ -475,6 +468,13 @@ (define-public icedtea-6
|
|||
(("DEF_OBJCOPY *=.*objcopy")
|
||||
(string-append "DEF_OBJCOPY = " (which "objcopy"))))
|
||||
|
||||
;; fix path to alsa header
|
||||
(substitute* "openjdk.src/jdk/make/common/shared/Sanity.gmk"
|
||||
(("ALSA_INCLUDE=/usr/include/alsa/version.h")
|
||||
(string-append "ALSA_INCLUDE="
|
||||
(assoc-ref %build-inputs "alsa-lib")
|
||||
"/include/alsa/version.h")))
|
||||
|
||||
;; fix hard-coded utility paths
|
||||
(substitute* '("openjdk.src/jdk/make/common/shared/Defs-utils.gmk"
|
||||
"openjdk.src/corba/make/common/shared/Defs-utils.gmk")
|
||||
|
@ -764,10 +764,10 @@ (define (import-cert cert)
|
|||
("openjdk6-src"
|
||||
,(origin
|
||||
(method url-fetch)
|
||||
(uri "https://java.net/downloads/openjdk6/openjdk-6-src-b39-03_may_2016.tar.gz")
|
||||
(uri "https://java.net/downloads/openjdk6/openjdk-6-src-b40-22_aug_2016.tar.gz")
|
||||
(sha256
|
||||
(base32
|
||||
"1brxbsgwcj4js26y5lk6capc3pvghgjidvv9cavw6z8n7c7aw8af"))))
|
||||
"01v4q7g9pa6w7m6yxply5yrin08jgv12fck665xnmp09bpxy8sa5"))))
|
||||
("lcms" ,lcms)
|
||||
("zlib" ,zlib)
|
||||
("gtk" ,gtk+-2)
|
||||
|
|
|
@ -1,291 +0,0 @@
|
|||
Upstream patch:
|
||||
http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d
|
||||
|
||||
Fixes build failure:
|
||||
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954
|
||||
|
||||
Changes to the files 'NEWS' and 'ChangeLog' are omitted here.
|
||||
|
||||
# HG changeset patch
|
||||
# User Andrew John Hughes <gnu.andrew@redhat.com>
|
||||
# Date 1463144538 -3600
|
||||
# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931
|
||||
# Parent c23ceebb80a19a33316f1e743eb93bdf79aac220
|
||||
PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
|
||||
|
||||
2016-05-13 Andrew John Hughes <gnu.andrew@redhat.com>
|
||||
|
||||
PR2954: ecj/override.patch is missing new
|
||||
@Overrides in RMIJRMPServerImpl.java
|
||||
* patches/ecj/override.patch:
|
||||
Add cases in RMIJRMPServerImpl and others
|
||||
which show up when source/target 5 is
|
||||
used in the rt-class-files pre-build.
|
||||
* patches/openjdk/8014205-blank_swing_dialogs_windows.patch:
|
||||
Remove addition of @Override.
|
||||
|
||||
diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch
|
||||
--- a/patches/ecj/override.patch Sun May 08 21:28:21 2016 +0100
|
||||
+++ b/patches/ecj/override.patch Fri May 13 14:02:18 2016 +0100
|
||||
@@ -362,3 +362,240 @@
|
||||
public Class<?> run() {
|
||||
try {
|
||||
ReflectUtil.checkPackageAccess(className);
|
||||
+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -1870,7 +1870,6 @@
|
||||
+
|
||||
+ private ModifiableClassLoaderRepository getInstantiatorCLR() {
|
||||
+ return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
|
||||
+- @Override
|
||||
+ public ModifiableClassLoaderRepository run() {
|
||||
+ return instantiator != null ? instantiator.getClassLoaderRepository() : null;
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -160,7 +160,6 @@
|
||||
+ try {
|
||||
+ // load the main library
|
||||
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
|
||||
+- @Override
|
||||
+ public Void run() {
|
||||
+ System.loadLibrary(libNameMain);
|
||||
+ return null;
|
||||
+@@ -182,7 +181,6 @@
|
||||
+ final String lib = st.nextToken();
|
||||
+ try {
|
||||
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
|
||||
+- @Override
|
||||
+ public Void run() {
|
||||
+ System.loadLibrary(lib);
|
||||
+ return null;
|
||||
+diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -190,7 +190,6 @@
|
||||
+ EventQueue.invokeAndWait(source, r);
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public long getMostRecentEventTime(EventQueue eventQueue) {
|
||||
+ return eventQueue.getMostRecentEventTimeImpl();
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -3571,7 +3571,6 @@
|
||||
+ }
|
||||
+ static {
|
||||
+ SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() {
|
||||
+- @Override
|
||||
+ public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) {
|
||||
+ ObjectInputStream.setValidator(ois, validator);
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -64,7 +64,6 @@
|
||||
+ final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation";
|
||||
+ String allowProp = java.security.AccessController.doPrivileged(
|
||||
+ new PrivilegedAction<String>() {
|
||||
+- @Override
|
||||
+ public String run() {
|
||||
+ return System.getProperty(propName);
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -262,7 +262,6 @@
|
||||
+ *
|
||||
+ * @see sun.java2d.DestSurfaceProvider#getDestSurface
|
||||
+ */
|
||||
+- @Override
|
||||
+ public Surface getDestSurface() {
|
||||
+ return volSurfaceManager.getPrimarySurfaceData();
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -3294,7 +3294,6 @@
|
||||
+ *
|
||||
+ * @see sun.java2d.DestSurfaceProvider#getDestSurface
|
||||
+ */
|
||||
+- @Override
|
||||
+ public Surface getDestSurface() {
|
||||
+ return surfaceData;
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -630,12 +630,10 @@
|
||||
+ this.callID = callID;
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void validateDescriptor(ObjectStreamClass descriptor) {
|
||||
+ descriptorCheck.check(method, descriptor, parameterIndex, callID);
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void checkProxyInterfaceNames(String[] ifaces) {
|
||||
+ descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID);
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -133,7 +133,6 @@
|
||||
+ */
|
||||
+ private static void setContextClassLoader(final ClassLoader ccl) {
|
||||
+ AccessController.doPrivileged(new PrivilegedAction<Void> () {
|
||||
+- @Override
|
||||
+ public Void run() {
|
||||
+ Thread.currentThread().setContextClassLoader(ccl);
|
||||
+ return null;
|
||||
+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -676,7 +676,6 @@
|
||||
+ connectionCount.incrementAndGet() +
|
||||
+ ")-" + remoteHost);
|
||||
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
|
||||
+- @Override
|
||||
+ public Void run() {
|
||||
+ run0();
|
||||
+ return null;
|
||||
+diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java
|
||||
+--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Thu May 12 01:30:54 2016 +0100
|
||||
+@@ -92,7 +92,6 @@
|
||||
+ return this;
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public SurfaceData createManagedSurface(int w, int h, int transparency) {
|
||||
+ return GLXSurfaceData.createData(this, w, h,
|
||||
+ getColorModel(transparency),
|
||||
+@@ -165,12 +164,10 @@
|
||||
+ * Returns true if the provided capability bit is present for this config.
|
||||
+ * See OGLContext.java for a list of supported capabilities.
|
||||
+ */
|
||||
+- @Override
|
||||
+ public final boolean isCapPresent(int cap) {
|
||||
+ return ((oglCaps.getCaps() & cap) != 0);
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public final long getNativeConfigInfo() {
|
||||
+ return pConfigInfo;
|
||||
+ }
|
||||
+@@ -180,7 +177,6 @@
|
||||
+ *
|
||||
+ * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext
|
||||
+ */
|
||||
+- @Override
|
||||
+ public final OGLContext getContext() {
|
||||
+ return context;
|
||||
+ }
|
||||
+@@ -394,7 +390,6 @@
|
||||
+ *
|
||||
+ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage
|
||||
+ */
|
||||
+- @Override
|
||||
+ public VolatileImage
|
||||
+ createCompatibleVolatileImage(int width, int height,
|
||||
+ int transparency, int type)
|
||||
+@@ -434,17 +429,14 @@
|
||||
+ *
|
||||
+ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities
|
||||
+ */
|
||||
+- @Override
|
||||
+ public ContextCapabilities getContextCapabilities() {
|
||||
+ return oglCaps;
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void addDeviceEventListener(AccelDeviceEventListener l) {
|
||||
+ AccelDeviceEventNotifier.addListener(l, screen.getScreen());
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void removeDeviceEventListener(AccelDeviceEventListener l) {
|
||||
+ AccelDeviceEventNotifier.removeListener(l);
|
||||
+ }
|
||||
+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Wed May 04 23:23:55 2016 +0100
|
||||
++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Thu May 12 01:51:42 2016 +0100
|
||||
+@@ -236,7 +236,6 @@
|
||||
+ final MBeanInstantiator fInstantiator = instantiator;
|
||||
+ this.secureClr = new
|
||||
+ SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() {
|
||||
+- @Override
|
||||
+ public ClassLoaderRepository run() {
|
||||
+ return fInstantiator.getClassLoaderRepository();
|
||||
+ }
|
||||
+@@ -1257,7 +1256,6 @@
|
||||
+ ClassLoader myLoader = outerShell.getClass().getClassLoader();
|
||||
+ final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
|
||||
+
|
||||
+- @Override
|
||||
+ public ModifiableClassLoaderRepository run() {
|
||||
+ return instantiator.getClassLoaderRepository();
|
||||
+ }
|
||||
+diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
|
||||
+--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu Sep 08 11:00:33 2011 -0700
|
||||
++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu May 12 16:39:37 2016 +0100
|
||||
+@@ -227,17 +227,14 @@
|
||||
+ allowedTypes = credentialsTypes;
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public String getVersion() throws RemoteException {
|
||||
+ return impl.getVersion();
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public RMIConnection newClient(Object credentials) throws IOException {
|
||||
+ return impl.newClient(credentials);
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void check(Method method, ObjectStreamClass descriptor,
|
||||
+ int paramIndex, int callID) {
|
||||
+
|
||||
+@@ -247,7 +244,6 @@
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void checkProxyClass(Method method, String[] ifaces,
|
||||
+ int paramIndex, int callID) {
|
||||
+ if (ifaces != null && ifaces.length > 0) {
|
||||
+@@ -259,7 +255,6 @@
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+- @Override
|
||||
+ public void end(int callID) {
|
||||
+ /* Do nothing */
|
||||
+ }
|
||||
diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch
|
||||
--- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Sun May 08 21:28:21 2016 +0100
|
||||
+++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Fri May 13 14:02:18 2016 +0100
|
||||
@@ -116,7 +116,7 @@
|
||||
{
|
||||
if (numBands == 3 && !ccm.hasAlpha()) {
|
||||
imageType = TYPE_3BYTE_BGR;
|
||||
-@@ -804,6 +801,27 @@
|
||||
+@@ -804,6 +801,26 @@
|
||||
} // else if ((raster instanceof ByteComponentRaster) &&
|
||||
}
|
||||
|
||||
@@ -129,7 +129,6 @@
|
||||
+ new PrivilegedAction<Boolean>()
|
||||
+ {
|
||||
+
|
||||
-+ @Override
|
||||
+ public Boolean run() {
|
||||
+ final ClassLoader std = System.class.getClassLoader();
|
||||
+
|
||||
|
Loading…
Reference in a new issue