[java-1.7.0-openjdk] - Updated to OpenJDK7u3/IcedTea7 2.1 - Security fixes: - S7112642, CVE-2012-0497: Incorrect checki
Deepak Bhole
dbhole at fedoraproject.org
Tue Feb 14 21:41:20 UTC 2012
commit 5ff31430e3170438d8be41cfe2d2668d21113963
Author: Deepak Bhole <dbhole at redhat.com>
Date: Tue Feb 14 16:41:07 2012 -0500
- Updated to OpenJDK7u3/IcedTea7 2.1
- Security fixes:
- S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
- S7082299, CVE-2011-3571: AtomicReferenceArray insufficient array type check
- S7110687, CVE-2012-0503: Unrestricted use of TimeZone.setDefault
- S7110700, CVE-2012-0505: Incomplete info in the deserialization exception
- S7110683, CVE-2012-0502: KeyboardFocusManager focus stealing
- S7088367, CVE-2011-3563: JavaSound incorrect bounds check
- S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server
- S7118283, CVE-2012-0501: Off-by-one bug in ZIP reading code
- S7110704, CVE-2012-0506: CORBA fix
- Add patch to fix compilation with GCC 4.7
.gitignore | 1 +
java-1.7.0-openjdk.spec | 36 +++++++++++++++------
rhino.patch | 78 ++++++++++++++++++++++++-----------------------
sources | 2 +-
4 files changed, 67 insertions(+), 50 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index ec0867e..e6e8fd8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@
/pulseaudio.tar.gz
/systemtap-tapset.tar.gz
/openjdk-icedtea-2.0.tar.gz
+/openjdk-icedtea-2.1.tar.gz
diff --git a/java-1.7.0-openjdk.spec b/java-1.7.0-openjdk.spec
index e38a29d..114dc83 100644
--- a/java-1.7.0-openjdk.spec
+++ b/java-1.7.0-openjdk.spec
@@ -13,8 +13,8 @@
%global openjdkbuildver b%{openjdkver}
%global openjdkdate 27_jun_2011
-%global icedtea_version 2.0
-%global hg_tag icedtea-%{icedtea_version}
+%global icedtea_version 2.1
+%global hg_tag icedtea-{icedtea_version}-branchpoint
%global accessmajorver 1.23
%global accessminorver 0
@@ -111,7 +111,7 @@
%global origin openjdk
%global priority 17000
%global javaver 1.7.0
-%global buildver 1
+%global buildver 3
# Standard JPackage directories and symbolic links.
# Make 64-bit JDKs just another alternative on 64-bit architectures.
@@ -151,7 +151,7 @@
Name: java-%{javaver}-%{origin}
Version: %{javaver}.%{buildver}
-Release: %{icedtea_version}.3%{?dist}.1
+Release: %{icedtea_version}%{?dist}
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
# also included the epoch in their virtual provides. This created a
@@ -168,13 +168,13 @@ Group: Development/Languages
License: ASL 1.1 and ASL 2.0 and GPL+ and GPLv2 and GPLv2 with exceptions and LGPL+ and LGPLv2 and MPLv1.0 and MPLv1.1 and Public Domain and W3C
URL: http://openjdk.java.net/
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/ openjdk -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/corba/ openjdk/corba -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/hotspot/ openjdk/hotspot -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/jaxp/ openjdk/jaxp -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/jaxws/ openjdk/jaxws -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/jdk/ openjdk/jdk -r %{hg_tag}
-# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest-%{icedtea_release}/langtools/ openjdk/langtools -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/ openjdk -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/corba/ openjdk/corba -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/hotspot/ openjdk/hotspot -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/jaxp/ openjdk/jaxp -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/jaxws/ openjdk/jaxws -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/jdk/ openjdk/jdk -r %{hg_tag}
+# hg clone http://icedtea.classpath.org/hg/release/icedtea7-forest/langtools/ openjdk/langtools -r %{hg_tag}
# find openjdk -name ".hg" -exec rm -rf '{}' \;
# find openjdk -name ".hgtags" -exec rm -rf '{}' \;
# tar czf openjdk-%{icedtea_version}.tar.gz openjdk
@@ -1330,6 +1330,20 @@ exit 0
%doc %{buildoutputdir}/j2sdk-image/jre/LICENSE
%changelog
+* Tue Feb 14 2012 Deepak Bhole <dbhole at redhat.com> - 1.7.0.3-2.1
+- Updated to OpenJDK7u3/IcedTea7 2.1
+- Security fixes:
+ - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
+ - S7082299, CVE-2011-3571: AtomicReferenceArray insufficient array type check
+ - S7110687, CVE-2012-0503: Unrestricted use of TimeZone.setDefault
+ - S7110700, CVE-2012-0505: Incomplete info in the deserialization exception
+ - S7110683, CVE-2012-0502: KeyboardFocusManager focus stealing
+ - S7088367, CVE-2011-3563: JavaSound incorrect bounds check
+ - S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server
+ - S7118283, CVE-2012-0501: Off-by-one bug in ZIP reading code
+ - S7110704, CVE-2012-0506: CORBA fix
+- Add patch to fix compilation with GCC 4.7
+
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:1.7.0.1-2.0.3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
diff --git a/rhino.patch b/rhino.patch
index 2097f17..e75dd20 100644
--- a/rhino.patch
+++ b/rhino.patch
@@ -1,6 +1,6 @@
-diff -Nru openjdk.orig/jdk/make/com/sun/Makefile openjdk/jdk/make/com/sun/Makefile
---- openjdk.orig/jdk/make/com/sun/Makefile 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/make/com/sun/Makefile 2011-10-19 01:57:22.982499164 +0100
+diff -ur openjdk.orig/jdk/make/com/sun/Makefile openjdk/jdk/make/com/sun/Makefile
+--- openjdk.orig/jdk/make/com/sun/Makefile 2012-02-10 17:26:37.000000000 -0500
++++ openjdk/jdk/make/com/sun/Makefile 2012-02-10 17:31:24.166866598 -0500
@@ -31,13 +31,6 @@
PRODUCT = sun
include $(BUILDDIR)/common/Defs.gmk
@@ -15,9 +15,9 @@ diff -Nru openjdk.orig/jdk/make/com/sun/Makefile openjdk/jdk/make/com/sun/Makefi
# jarsigner is part of JRE
SUBDIRS = java security net/ssl jarsigner
-diff -Nru openjdk.orig/jdk/make/com/sun/script/Makefile openjdk/jdk/make/com/sun/script/Makefile
---- openjdk.orig/jdk/make/com/sun/script/Makefile 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/make/com/sun/script/Makefile 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/make/com/sun/script/Makefile openjdk/jdk/make/com/sun/script/Makefile
+--- openjdk.orig/jdk/make/com/sun/script/Makefile 2012-02-10 17:26:37.000000000 -0500
++++ openjdk/jdk/make/com/sun/script/Makefile 2012-02-10 17:31:24.166866598 -0500
@@ -31,6 +31,8 @@
AUTO_FILES_JAVA_DIRS = com/sun/script
@@ -27,10 +27,10 @@ diff -Nru openjdk.orig/jdk/make/com/sun/script/Makefile openjdk/jdk/make/com/sun
#
# Files that need to be copied
#
-diff -Nru openjdk.orig/jdk/make/common/Release.gmk openjdk/jdk/make/common/Release.gmk
---- openjdk.orig/jdk/make/common/Release.gmk 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/make/common/Release.gmk 2011-10-19 01:57:22.994499353 +0100
-@@ -756,6 +756,7 @@
+diff -ur openjdk.orig/jdk/make/common/Release.gmk openjdk/jdk/make/common/Release.gmk
+--- openjdk.orig/jdk/make/common/Release.gmk 2012-02-10 17:26:37.000000000 -0500
++++ openjdk/jdk/make/common/Release.gmk 2012-02-10 17:31:24.166866598 -0500
+@@ -766,6 +766,7 @@
$(CP) $(RT_JAR) $(JRE_IMAGE_DIR)/lib/rt.jar
$(CP) $(RESOURCES_JAR) $(JRE_IMAGE_DIR)/lib/resources.jar
$(CP) $(JSSE_JAR) $(JRE_IMAGE_DIR)/lib/jsse.jar
@@ -38,9 +38,10 @@ diff -Nru openjdk.orig/jdk/make/common/Release.gmk openjdk/jdk/make/common/Relea
@# Generate meta-index to make boot and extension class loaders lazier
$(CD) $(JRE_IMAGE_DIR)/lib && \
$(BOOT_JAVA_CMD) -jar $(BUILDMETAINDEX_JARFILE) \
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2011-10-19 01:57:22.994499353 +0100
+Only in openjdk/jdk/make/common: Release.gmk.orig
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2012-02-10 17:31:24.167866576 -0500
@@ -24,7 +24,7 @@
*/
@@ -50,9 +51,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalS
import javax.script.*;
import java.util.*;
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2012-02-10 17:31:24.167866576 -0500
@@ -26,7 +26,7 @@
package com.sun.script.javascript;
@@ -62,9 +63,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapt
/**
* This class implements Rhino-like JavaAdapter to help implement a Java
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2012-02-10 17:31:24.167866576 -0500
@@ -25,7 +25,7 @@
package com.sun.script.javascript;
@@ -74,9 +75,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter
import java.util.*;
/**
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2012-02-10 17:31:24.167866576 -0500
@@ -26,7 +26,7 @@
package com.sun.script.javascript;
@@ -86,9 +87,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClas
/**
* This class prevents script access to certain sensitive classes.
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2012-02-10 17:31:24.167866576 -0500
@@ -25,7 +25,7 @@
package com.sun.script.javascript;
@@ -98,9 +99,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoComp
/**
* Represents compiled JavaScript code.
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2012-02-10 17:31:24.167866576 -0500
@@ -26,7 +26,7 @@
package com.sun.script.javascript;
import javax.script.*;
@@ -110,9 +111,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScri
import com.sun.script.util.*;
/**
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2011-10-19 01:57:22.994499353 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2012-02-10 17:31:24.168866554 -0500
@@ -26,7 +26,7 @@
package com.sun.script.javascript;
import com.sun.script.util.*;
@@ -122,9 +123,9 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScri
import java.lang.reflect.Method;
import java.io.*;
import java.security.*;
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2011-10-19 01:57:37.454729539 +0100
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2012-02-10 17:31:24.168866554 -0500
@@ -25,7 +25,7 @@
package com.sun.script.javascript;
@@ -133,10 +134,11 @@ diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopL
+import sun.org.mozilla.javascript.*;
import java.security.AccessControlContext;
import javax.script.*;
-
-diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java
---- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2011-10-14 03:02:15.000000000 +0100
-+++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2011-10-19 01:57:22.994499353 +0100
+ import java.security.AccessControlContext;
+Only in openjdk/jdk/src/share/classes/com/sun/script/javascript: RhinoTopLevel.java.orig
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2012-02-10 17:26:38.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2012-02-10 17:31:24.168866554 -0500
@@ -27,7 +27,7 @@
import java.lang.reflect.*;
diff --git a/sources b/sources
index 30278cd..9fa6300 100644
--- a/sources
+++ b/sources
@@ -3,6 +3,6 @@ ea344cc5b53b73f375558ba41760ff64 class-rewriter.tar.gz
868ff2d4457d1a2dccfa465fb8220e1c generated-files.tar.gz
c12f124672a97c7491530fed2c0facdc java-access-bridge-1.23.0.tar.bz2
a9cdc5f050eb6e97c1b15ddd39978710 mauve-2008-10-22.tar.gz
-7f699508e277b0f523e41ea032e67f86 openjdk-icedtea-2.0.tar.gz
3d2e0ea03940efdd66e260cba1f48359 pulseaudio.tar.gz
2f5167cbfadee2f2b3c10c28989b2209 systemtap-tapset.tar.gz
+9f780f477e23729d15720ca56d0819b0 openjdk-icedtea-2.1.tar.gz
More information about the scm-commits
mailing list