summary refs log tree commit diff
path: root/gnu/packages
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-05-27 23:50:51 -0400
committerLeo Famulari <leo@famulari.name>2016-06-01 02:29:01 -0400
commit1c6303fae05815d3127a6bc480b1a794ad5dc49f (patch)
tree5de780f65c6a147637ce1612d08fe04cd603450c /gnu/packages
parentf0e60e89cb0fdbc9a1eee02123ff03f51c43c7d9 (diff)
downloadguix-1c6303fae05815d3127a6bc480b1a794ad5dc49f.tar.gz
gnu: icedtea: Update to 1.13.11.
Fixes CVE-2016-{0686, 0687, 0695, 3425, 3427}.

* gnu/packages/patches/icedtea-remove-overrides.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/java.scm (icedtea): Update to 1.13.11.
[source]: Use the patch.
[inputs]: Add libxcomposite.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/java.scm10
-rw-r--r--gnu/packages/patches/icedtea-remove-overrides.patch291
2 files changed, 297 insertions, 4 deletions
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index ff785efad6..fa6109a07d 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -181,15 +181,16 @@ build process and its dependencies, whereas Make uses Makefile format.")
 (define-public icedtea-6
   (package
     (name "icedtea")
-    (version "1.13.10")
+    (version "1.13.11")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "http://icedtea.wildebeest.org/download/source/icedtea6-"
                     version ".tar.xz"))
+              (patches (search-patches "icedtea-remove-overrides.patch"))
               (sha256
                (base32
-                "1mq08sfyfjlfw0c1czjs47303zv4h91s1jc0nhdlra4rbbx0g2d0"))
+                "1grki39a4rf8n74zc0iglcggxxbpniyfh1gk1lb10p63zvvcsvjj"))
               (modules '((guix build utils)))
               (snippet
                '(substitute* "Makefile.in"
@@ -539,6 +540,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
        ("mit-krb5" ,mit-krb5)
        ("nss" ,nss)
        ("libx11" ,libx11)
+       ("libxcomposite" ,libxcomposite)
        ("libxt" ,libxt)
        ("libxtst" ,libxtst)
        ("libxi" ,libxi)
@@ -552,10 +554,10 @@ build process and its dependencies, whereas Make uses Makefile format.")
        ("openjdk6-src"
         ,(origin
            (method url-fetch)
-           (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b38-20_jan_2016.tar.gz")
+           (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b39-03_may_2016.tar.gz")
            (sha256
             (base32
-             "1fapj9w4ahzf5nwvdgi1dsxjyh9dqbcvf9638r60h1by13wjqk5p"))))
+             "1brxbsgwcj4js26y5lk6capc3pvghgjidvv9cavw6z8n7c7aw8af"))))
        ("lcms" ,lcms)
        ("zlib" ,zlib)
        ("gtk" ,gtk+-2)
diff --git a/gnu/packages/patches/icedtea-remove-overrides.patch b/gnu/packages/patches/icedtea-remove-overrides.patch
new file mode 100644
index 0000000000..e4d68a9e58
--- /dev/null
+++ b/gnu/packages/patches/icedtea-remove-overrides.patch
@@ -0,0 +1,291 @@
+Upstream patch:
+http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d
+
+Fixes build failure:
+http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954
+
+Changes to the files 'NEWS' and 'ChangeLog' are omitted here.
+
+# HG changeset patch
+# User Andrew John Hughes <gnu.andrew@redhat.com>
+# Date 1463144538 -3600
+# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931
+# Parent  c23ceebb80a19a33316f1e743eb93bdf79aac220
+PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
+
+2016-05-13  Andrew John Hughes  <gnu.andrew@redhat.com>
+
+	PR2954: ecj/override.patch is missing new
+	@Overrides in RMIJRMPServerImpl.java
+	* patches/ecj/override.patch:
+	Add cases in RMIJRMPServerImpl and others
+	which show up when source/target 5 is
+	used in the rt-class-files pre-build.
+	* patches/openjdk/8014205-blank_swing_dialogs_windows.patch:
+	Remove addition of @Override.
+
+diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch
+--- a/patches/ecj/override.patch	Sun May 08 21:28:21 2016 +0100
++++ b/patches/ecj/override.patch	Fri May 13 14:02:18 2016 +0100
+@@ -362,3 +362,240 @@
+              public Class<?> run() {
+                  try {
+                      ReflectUtil.checkPackageAccess(className);
++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java	Thu May 12 01:30:54 2016 +0100
++@@ -1870,7 +1870,6 @@
++ 
++     private ModifiableClassLoaderRepository getInstantiatorCLR() {
++         return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
++-            @Override
++             public ModifiableClassLoaderRepository run() {
++                 return instantiator != null ? instantiator.getClassLoaderRepository() : null;
++             }
++diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java	Thu May 12 01:30:54 2016 +0100
++@@ -160,7 +160,6 @@
++         try {
++             // load the main library
++             AccessController.doPrivileged(new PrivilegedAction<Void>() {
++-                @Override
++                 public Void run() {
++                     System.loadLibrary(libNameMain);
++                     return null;
++@@ -182,7 +181,6 @@
++             final String lib = st.nextToken();
++             try {
++                 AccessController.doPrivileged(new PrivilegedAction<Void>() {
++-                    @Override
++                     public Void run() {
++                         System.loadLibrary(lib);
++                         return null;
++diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java
++--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java	Thu May 12 01:30:54 2016 +0100
++@@ -190,7 +190,6 @@
++                     EventQueue.invokeAndWait(source, r);
++                 }
++ 
++-                @Override
++                 public long getMostRecentEventTime(EventQueue eventQueue) {
++                     return eventQueue.getMostRecentEventTimeImpl();
++                 }
++diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java
++--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java	Thu May 12 01:30:54 2016 +0100
++@@ -3571,7 +3571,6 @@
++     }
++     static {
++         SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() {
++-            @Override
++             public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) {
++                 ObjectInputStream.setValidator(ois, validator);
++             }
++diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java
++--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java	Thu May 12 01:30:54 2016 +0100
++@@ -64,7 +64,6 @@
++         final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation";
++         String allowProp = java.security.AccessController.doPrivileged(
++             new PrivilegedAction<String>() {
++-                @Override
++                 public String run() {
++                     return System.getProperty(propName);
++                 }
++diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java
++--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java	Thu May 12 01:30:54 2016 +0100
++@@ -262,7 +262,6 @@
++      *
++      * @see sun.java2d.DestSurfaceProvider#getDestSurface
++      */
++-    @Override
++     public Surface getDestSurface() {
++         return volSurfaceManager.getPrimarySurfaceData();
++     }
++diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java
++--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java	Thu May 12 01:30:54 2016 +0100
++@@ -3294,7 +3294,6 @@
++      *
++      * @see sun.java2d.DestSurfaceProvider#getDestSurface
++      */
++-    @Override
++     public Surface getDestSurface() {
++         return surfaceData;
++     }
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java	Thu May 12 01:30:54 2016 +0100
++@@ -630,12 +630,10 @@
++             this.callID = callID;
++         }
++ 
++-        @Override
++         public void validateDescriptor(ObjectStreamClass descriptor) {
++             descriptorCheck.check(method, descriptor, parameterIndex, callID);
++         }
++ 
++-        @Override
++         public void checkProxyInterfaceNames(String[] ifaces) {
++             descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID);
++         }
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java	Thu May 12 01:30:54 2016 +0100
++@@ -133,7 +133,6 @@
++      */
++     private static void setContextClassLoader(final ClassLoader ccl) {
++         AccessController.doPrivileged(new PrivilegedAction<Void> () {
++-                @Override
++                 public Void run() {
++                     Thread.currentThread().setContextClassLoader(ccl);
++                     return null;
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Thu May 12 01:30:54 2016 +0100
++@@ -676,7 +676,6 @@
++                           connectionCount.incrementAndGet() +
++                           ")-" + remoteHost);
++                 AccessController.doPrivileged(new PrivilegedAction<Void>() {
++-                    @Override
++                     public Void run() {
++                         run0();
++                         return null;
++diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java
++--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java	Thu May 12 01:30:54 2016 +0100
++@@ -92,7 +92,6 @@
++         return this;
++     }
++ 
++-    @Override
++     public SurfaceData createManagedSurface(int w, int h, int transparency) {
++         return GLXSurfaceData.createData(this, w, h,
++                                          getColorModel(transparency),
++@@ -165,12 +164,10 @@
++      * Returns true if the provided capability bit is present for this config.
++      * See OGLContext.java for a list of supported capabilities.
++      */
++-    @Override
++     public final boolean isCapPresent(int cap) {
++         return ((oglCaps.getCaps() & cap) != 0);
++     }
++ 
++-    @Override
++     public final long getNativeConfigInfo() {
++         return pConfigInfo;
++     }
++@@ -180,7 +177,6 @@
++      *
++      * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext
++      */
++-    @Override
++     public final OGLContext getContext() {
++         return context;
++     }
++@@ -394,7 +390,6 @@
++      *
++      * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage
++      */
++-    @Override
++     public VolatileImage
++         createCompatibleVolatileImage(int width, int height,
++                                       int transparency, int type)
++@@ -434,17 +429,14 @@
++      *
++      * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities
++      */
++-    @Override
++     public ContextCapabilities getContextCapabilities() {
++         return oglCaps;
++     }
++ 
++-    @Override
++     public void addDeviceEventListener(AccelDeviceEventListener l) {
++         AccelDeviceEventNotifier.addListener(l, screen.getScreen());
++     }
++ 
++-    @Override
++     public void removeDeviceEventListener(AccelDeviceEventListener l) {
++         AccelDeviceEventNotifier.removeListener(l);
++     }
++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java	Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java	Thu May 12 01:51:42 2016 +0100
++@@ -236,7 +236,6 @@
++         final MBeanInstantiator fInstantiator = instantiator;
++         this.secureClr = new
++             SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() {
++-                @Override
++                 public ClassLoaderRepository run() {
++                     return fInstantiator.getClassLoaderRepository();
++                 }
++@@ -1257,7 +1256,6 @@
++         ClassLoader myLoader = outerShell.getClass().getClassLoader();
++         final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
++ 
++-            @Override
++             public ModifiableClassLoaderRepository run() {
++                 return instantiator.getClassLoaderRepository();
++             }
++diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
++--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java	Thu Sep 08 11:00:33 2011 -0700
+++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java	Thu May 12 16:39:37 2016 +0100
++@@ -227,17 +227,14 @@
++             allowedTypes = credentialsTypes;
++         }
++ 
++-        @Override
++         public String getVersion() throws RemoteException {
++             return impl.getVersion();
++         }
++ 
++-        @Override
++         public RMIConnection newClient(Object credentials) throws IOException {
++             return impl.newClient(credentials);
++         }
++ 
++-        @Override
++         public void check(Method method, ObjectStreamClass descriptor,
++                 int paramIndex, int callID) {
++ 
++@@ -247,7 +244,6 @@
++             }
++         }
++ 
++-        @Override
++         public void checkProxyClass(Method method, String[] ifaces,
++                 int paramIndex, int callID) {
++             if (ifaces != null && ifaces.length > 0) {
++@@ -259,7 +255,6 @@
++             }
++         }
++ 
++-        @Override
++         public void end(int callID) {
++             /* Do nothing */
++         }
+diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch
+--- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch	Sun May 08 21:28:21 2016 +0100
++++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch	Fri May 13 14:02:18 2016 +0100
+@@ -116,7 +116,7 @@
+              {
+                  if (numBands == 3 && !ccm.hasAlpha()) {
+                      imageType = TYPE_3BYTE_BGR;
+-@@ -804,6 +801,27 @@
++@@ -804,6 +801,26 @@
+          }   // else if ((raster instanceof ByteComponentRaster) &&
+      }
+  
+@@ -129,7 +129,6 @@
+ +                new PrivilegedAction<Boolean>()
+ +        {
+ +
+-+            @Override
+ +            public Boolean run() {
+ +                final ClassLoader std = System.class.getClassLoader();
+ +
+