summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-31 16:45:14 -0400
committerLeo Famulari <leo@famulari.name>2016-08-31 19:04:46 -0400
commit7335ca1d71fb97362170a5ef4bff920e0ce7280a (patch)
tree2bc61eb3c40508a7143a30fc74622d0695ade9ca
parent68c35ba96e41c136da5eabb3b3fa44acbdadc93a (diff)
downloadguix-7335ca1d71fb97362170a5ef4bff920e0ce7280a.tar.gz
gnu: icedtea-6: Update to 1.13.12 [security fixes].
Fixes CVE-2016-{3458,3485,3500,3508,3550,3606}.

* gnu/packages/java.scm (icedtea-6): Update to 1.13.12.
[source]: Remove 'icedtea-remove-overrides' patch.
[arguments]: Move ALSA header substitution to 'patch-paths' phase.
* gnu/packages/patches/icedtea-remove-overrides.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/java.scm24
-rw-r--r--gnu/packages/patches/icedtea-remove-overrides.patch291
3 files changed, 12 insertions, 304 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 5ec47fc7df..457dc1965d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -576,7 +576,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/icecat-CVE-2016-2824.patch		\
   %D%/packages/patches/icecat-CVE-2016-2828.patch		\
   %D%/packages/patches/icecat-CVE-2016-2831.patch		\
-  %D%/packages/patches/icedtea-remove-overrides.patch		\
   %D%/packages/patches/icu4c-CVE-2014-6585.patch		\
   %D%/packages/patches/icu4c-CVE-2015-1270.patch		\
   %D%/packages/patches/icu4c-CVE-2015-4760.patch		\
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index 3e0b034950..7387235c5b 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -337,16 +337,15 @@ build process and its dependencies, whereas Make uses Makefile format.")
 (define-public icedtea-6
   (package
     (name "icedtea")
-    (version "1.13.11")
+    (version "1.13.12")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "http://icedtea.wildebeest.org/download/source/icedtea6-"
                     version ".tar.xz"))
-              (patches (search-patches "icedtea-remove-overrides.patch"))
               (sha256
                (base32
-                "1grki39a4rf8n74zc0iglcggxxbpniyfh1gk1lb10p63zvvcsvjj"))
+                "1q5iqm3dzqj8w3dwj6qqhczkkrslrfhmn3110klfwq9kyi2nimj8"))
               (modules '((guix build utils)))
               (snippet
                '(substitute* "Makefile.in"
@@ -441,13 +440,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
              (substitute* '("patches/jtreg-jrunscript.patch"
                             "patches/hotspot/hs23/drop_unlicensed_test.patch")
                (("#!/bin/sh") (string-append "#!" (which "sh"))))
-
-             ;; fix path to alsa header in patch
-             (substitute* "patches/openjdk/6799141-split_out_versions.patch"
-               (("ALSA_INCLUDE=/usr/include/alsa/version.h")
-                (string-append "ALSA_INCLUDE="
-                               (assoc-ref %build-inputs "alsa-lib")
-                               "/include/alsa/version.h")))))
+             #t))
          (add-after 'unpack 'patch-paths
            (lambda _
              ;; buildtree.make generates shell scripts, so we need to replace
@@ -475,6 +468,13 @@ build process and its dependencies, whereas Make uses Makefile format.")
                  (("DEF_OBJCOPY *=.*objcopy")
                   (string-append "DEF_OBJCOPY = " (which "objcopy"))))
 
+               ;; fix path to alsa header
+               (substitute* "openjdk.src/jdk/make/common/shared/Sanity.gmk"
+                 (("ALSA_INCLUDE=/usr/include/alsa/version.h")
+                  (string-append "ALSA_INCLUDE="
+                                 (assoc-ref %build-inputs "alsa-lib")
+                                 "/include/alsa/version.h")))
+
                ;; fix hard-coded utility paths
                (substitute* '("openjdk.src/jdk/make/common/shared/Defs-utils.gmk"
                               "openjdk.src/corba/make/common/shared/Defs-utils.gmk")
@@ -764,10 +764,10 @@ build process and its dependencies, whereas Make uses Makefile format.")
        ("openjdk6-src"
         ,(origin
            (method url-fetch)
-           (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b39-03_may_2016.tar.gz")
+           (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b40-22_aug_2016.tar.gz")
            (sha256
             (base32
-             "1brxbsgwcj4js26y5lk6capc3pvghgjidvv9cavw6z8n7c7aw8af"))))
+             "01v4q7g9pa6w7m6yxply5yrin08jgv12fck665xnmp09bpxy8sa5"))))
        ("lcms" ,lcms)
        ("zlib" ,zlib)
        ("gtk" ,gtk+-2)
diff --git a/gnu/packages/patches/icedtea-remove-overrides.patch b/gnu/packages/patches/icedtea-remove-overrides.patch
deleted file mode 100644
index e4d68a9e58..0000000000
--- a/gnu/packages/patches/icedtea-remove-overrides.patch
+++ /dev/null
@@ -1,291 +0,0 @@
-Upstream patch:
-http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d
-
-Fixes build failure:
-http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954
-
-Changes to the files 'NEWS' and 'ChangeLog' are omitted here.
-
-# HG changeset patch
-# User Andrew John Hughes <gnu.andrew@redhat.com>
-# Date 1463144538 -3600
-# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931
-# Parent  c23ceebb80a19a33316f1e743eb93bdf79aac220
-PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
-
-2016-05-13  Andrew John Hughes  <gnu.andrew@redhat.com>
-
-	PR2954: ecj/override.patch is missing new
-	@Overrides in RMIJRMPServerImpl.java
-	* patches/ecj/override.patch:
-	Add cases in RMIJRMPServerImpl and others
-	which show up when source/target 5 is
-	used in the rt-class-files pre-build.
-	* patches/openjdk/8014205-blank_swing_dialogs_windows.patch:
-	Remove addition of @Override.
-
-diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch
---- a/patches/ecj/override.patch	Sun May 08 21:28:21 2016 +0100
-+++ b/patches/ecj/override.patch	Fri May 13 14:02:18 2016 +0100
-@@ -362,3 +362,240 @@
-              public Class<?> run() {
-                  try {
-                      ReflectUtil.checkPackageAccess(className);
-+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java	Thu May 12 01:30:54 2016 +0100
-+@@ -1870,7 +1870,6 @@
-+ 
-+     private ModifiableClassLoaderRepository getInstantiatorCLR() {
-+         return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
-+-            @Override
-+             public ModifiableClassLoaderRepository run() {
-+                 return instantiator != null ? instantiator.getClassLoaderRepository() : null;
-+             }
-+diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java	Thu May 12 01:30:54 2016 +0100
-+@@ -160,7 +160,6 @@
-+         try {
-+             // load the main library
-+             AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+-                @Override
-+                 public Void run() {
-+                     System.loadLibrary(libNameMain);
-+                     return null;
-+@@ -182,7 +181,6 @@
-+             final String lib = st.nextToken();
-+             try {
-+                 AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+-                    @Override
-+                     public Void run() {
-+                         System.loadLibrary(lib);
-+                         return null;
-+diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java
-+--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java	Thu May 12 01:30:54 2016 +0100
-+@@ -190,7 +190,6 @@
-+                     EventQueue.invokeAndWait(source, r);
-+                 }
-+ 
-+-                @Override
-+                 public long getMostRecentEventTime(EventQueue eventQueue) {
-+                     return eventQueue.getMostRecentEventTimeImpl();
-+                 }
-+diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java
-+--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java	Thu May 12 01:30:54 2016 +0100
-+@@ -3571,7 +3571,6 @@
-+     }
-+     static {
-+         SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() {
-+-            @Override
-+             public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) {
-+                 ObjectInputStream.setValidator(ois, validator);
-+             }
-+diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java
-+--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java	Thu May 12 01:30:54 2016 +0100
-+@@ -64,7 +64,6 @@
-+         final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation";
-+         String allowProp = java.security.AccessController.doPrivileged(
-+             new PrivilegedAction<String>() {
-+-                @Override
-+                 public String run() {
-+                     return System.getProperty(propName);
-+                 }
-+diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java	Thu May 12 01:30:54 2016 +0100
-+@@ -262,7 +262,6 @@
-+      *
-+      * @see sun.java2d.DestSurfaceProvider#getDestSurface
-+      */
-+-    @Override
-+     public Surface getDestSurface() {
-+         return volSurfaceManager.getPrimarySurfaceData();
-+     }
-+diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java	Thu May 12 01:30:54 2016 +0100
-+@@ -3294,7 +3294,6 @@
-+      *
-+      * @see sun.java2d.DestSurfaceProvider#getDestSurface
-+      */
-+-    @Override
-+     public Surface getDestSurface() {
-+         return surfaceData;
-+     }
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java	Thu May 12 01:30:54 2016 +0100
-+@@ -630,12 +630,10 @@
-+             this.callID = callID;
-+         }
-+ 
-+-        @Override
-+         public void validateDescriptor(ObjectStreamClass descriptor) {
-+             descriptorCheck.check(method, descriptor, parameterIndex, callID);
-+         }
-+ 
-+-        @Override
-+         public void checkProxyInterfaceNames(String[] ifaces) {
-+             descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID);
-+         }
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java	Thu May 12 01:30:54 2016 +0100
-+@@ -133,7 +133,6 @@
-+      */
-+     private static void setContextClassLoader(final ClassLoader ccl) {
-+         AccessController.doPrivileged(new PrivilegedAction<Void> () {
-+-                @Override
-+                 public Void run() {
-+                     Thread.currentThread().setContextClassLoader(ccl);
-+                     return null;
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Thu May 12 01:30:54 2016 +0100
-+@@ -676,7 +676,6 @@
-+                           connectionCount.incrementAndGet() +
-+                           ")-" + remoteHost);
-+                 AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+-                    @Override
-+                     public Void run() {
-+                         run0();
-+                         return null;
-+diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java
-+--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java	Thu May 12 01:30:54 2016 +0100
-+@@ -92,7 +92,6 @@
-+         return this;
-+     }
-+ 
-+-    @Override
-+     public SurfaceData createManagedSurface(int w, int h, int transparency) {
-+         return GLXSurfaceData.createData(this, w, h,
-+                                          getColorModel(transparency),
-+@@ -165,12 +164,10 @@
-+      * Returns true if the provided capability bit is present for this config.
-+      * See OGLContext.java for a list of supported capabilities.
-+      */
-+-    @Override
-+     public final boolean isCapPresent(int cap) {
-+         return ((oglCaps.getCaps() & cap) != 0);
-+     }
-+ 
-+-    @Override
-+     public final long getNativeConfigInfo() {
-+         return pConfigInfo;
-+     }
-+@@ -180,7 +177,6 @@
-+      *
-+      * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext
-+      */
-+-    @Override
-+     public final OGLContext getContext() {
-+         return context;
-+     }
-+@@ -394,7 +390,6 @@
-+      *
-+      * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage
-+      */
-+-    @Override
-+     public VolatileImage
-+         createCompatibleVolatileImage(int width, int height,
-+                                       int transparency, int type)
-+@@ -434,17 +429,14 @@
-+      *
-+      * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities
-+      */
-+-    @Override
-+     public ContextCapabilities getContextCapabilities() {
-+         return oglCaps;
-+     }
-+ 
-+-    @Override
-+     public void addDeviceEventListener(AccelDeviceEventListener l) {
-+         AccelDeviceEventNotifier.addListener(l, screen.getScreen());
-+     }
-+ 
-+-    @Override
-+     public void removeDeviceEventListener(AccelDeviceEventListener l) {
-+         AccelDeviceEventNotifier.removeListener(l);
-+     }
-+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java	Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java	Thu May 12 01:51:42 2016 +0100
-+@@ -236,7 +236,6 @@
-+         final MBeanInstantiator fInstantiator = instantiator;
-+         this.secureClr = new
-+             SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() {
-+-                @Override
-+                 public ClassLoaderRepository run() {
-+                     return fInstantiator.getClassLoaderRepository();
-+                 }
-+@@ -1257,7 +1256,6 @@
-+         ClassLoader myLoader = outerShell.getClass().getClassLoader();
-+         final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
-+ 
-+-            @Override
-+             public ModifiableClassLoaderRepository run() {
-+                 return instantiator.getClassLoaderRepository();
-+             }
-+diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
-+--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java	Thu Sep 08 11:00:33 2011 -0700
-++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java	Thu May 12 16:39:37 2016 +0100
-+@@ -227,17 +227,14 @@
-+             allowedTypes = credentialsTypes;
-+         }
-+ 
-+-        @Override
-+         public String getVersion() throws RemoteException {
-+             return impl.getVersion();
-+         }
-+ 
-+-        @Override
-+         public RMIConnection newClient(Object credentials) throws IOException {
-+             return impl.newClient(credentials);
-+         }
-+ 
-+-        @Override
-+         public void check(Method method, ObjectStreamClass descriptor,
-+                 int paramIndex, int callID) {
-+ 
-+@@ -247,7 +244,6 @@
-+             }
-+         }
-+ 
-+-        @Override
-+         public void checkProxyClass(Method method, String[] ifaces,
-+                 int paramIndex, int callID) {
-+             if (ifaces != null && ifaces.length > 0) {
-+@@ -259,7 +255,6 @@
-+             }
-+         }
-+ 
-+-        @Override
-+         public void end(int callID) {
-+             /* Do nothing */
-+         }
-diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch
---- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch	Sun May 08 21:28:21 2016 +0100
-+++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch	Fri May 13 14:02:18 2016 +0100
-@@ -116,7 +116,7 @@
-              {
-                  if (numBands == 3 && !ccm.hasAlpha()) {
-                      imageType = TYPE_3BYTE_BGR;
--@@ -804,6 +801,27 @@
-+@@ -804,6 +801,26 @@
-          }   // else if ((raster instanceof ByteComponentRaster) &&
-      }
-  
-@@ -129,7 +129,6 @@
- +                new PrivilegedAction<Boolean>()
- +        {
- +
--+            @Override
- +            public Boolean run() {
- +                final ClassLoader std = System.class.getClassLoader();
- +
-