diff options
author | Leo Famulari <leo@famulari.name> | 2016-05-27 23:50:51 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2016-06-01 02:29:01 -0400 |
commit | 1c6303fae05815d3127a6bc480b1a794ad5dc49f (patch) | |
tree | 5de780f65c6a147637ce1612d08fe04cd603450c | |
parent | f0e60e89cb0fdbc9a1eee02123ff03f51c43c7d9 (diff) | |
download | guix-1c6303fae05815d3127a6bc480b1a794ad5dc49f.tar guix-1c6303fae05815d3127a6bc480b1a794ad5dc49f.tar.gz |
gnu: icedtea: Update to 1.13.11.
Fixes CVE-2016-{0686, 0687, 0695, 3425, 3427}.
* gnu/packages/patches/icedtea-remove-overrides.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/java.scm (icedtea): Update to 1.13.11.
[source]: Use the patch.
[inputs]: Add libxcomposite.
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/java.scm | 10 | ||||
-rw-r--r-- | gnu/packages/patches/icedtea-remove-overrides.patch | 291 |
3 files changed, 298 insertions, 4 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 21f9f81d10..59aaccc9b5 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -547,6 +547,7 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-doc-tables.patch \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-includes.patch \ + %D%/packages/patches/icedtea-remove-overrides.patch \ %D%/packages/patches/icu4c-CVE-2014-6585.patch \ %D%/packages/patches/icu4c-CVE-2015-1270.patch \ %D%/packages/patches/icu4c-CVE-2015-4760.patch \ diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index ff785efad6..fa6109a07d 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -181,15 +181,16 @@ build process and its dependencies, whereas Make uses Makefile format.") (define-public icedtea-6 (package (name "icedtea") - (version "1.13.10") + (version "1.13.11") (source (origin (method url-fetch) (uri (string-append "http://icedtea.wildebeest.org/download/source/icedtea6-" version ".tar.xz")) + (patches (search-patches "icedtea-remove-overrides.patch")) (sha256 (base32 - "1mq08sfyfjlfw0c1czjs47303zv4h91s1jc0nhdlra4rbbx0g2d0")) + "1grki39a4rf8n74zc0iglcggxxbpniyfh1gk1lb10p63zvvcsvjj")) (modules '((guix build utils))) (snippet '(substitute* "Makefile.in" @@ -539,6 +540,7 @@ build process and its dependencies, whereas Make uses Makefile format.") ("mit-krb5" ,mit-krb5) ("nss" ,nss) ("libx11" ,libx11) + ("libxcomposite" ,libxcomposite) ("libxt" ,libxt) ("libxtst" ,libxtst) ("libxi" ,libxi) @@ -552,10 +554,10 @@ build process and its dependencies, whereas Make uses Makefile format.") ("openjdk6-src" ,(origin (method url-fetch) - (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b38-20_jan_2016.tar.gz") + (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b39-03_may_2016.tar.gz") (sha256 (base32 - "1fapj9w4ahzf5nwvdgi1dsxjyh9dqbcvf9638r60h1by13wjqk5p")))) + "1brxbsgwcj4js26y5lk6capc3pvghgjidvv9cavw6z8n7c7aw8af")))) ("lcms" ,lcms) ("zlib" ,zlib) ("gtk" ,gtk+-2) diff --git a/gnu/packages/patches/icedtea-remove-overrides.patch b/gnu/packages/patches/icedtea-remove-overrides.patch new file mode 100644 index 0000000000..e4d68a9e58 --- /dev/null +++ b/gnu/packages/patches/icedtea-remove-overrides.patch @@ -0,0 +1,291 @@ +Upstream patch: +http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d + +Fixes build failure: +http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954 + +Changes to the files 'NEWS' and 'ChangeLog' are omitted here. + +# HG changeset patch +# User Andrew John Hughes <gnu.andrew@redhat.com> +# Date 1463144538 -3600 +# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931 +# Parent c23ceebb80a19a33316f1e743eb93bdf79aac220 +PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java + +2016-05-13 Andrew John Hughes <gnu.andrew@redhat.com> + + PR2954: ecj/override.patch is missing new + @Overrides in RMIJRMPServerImpl.java + * patches/ecj/override.patch: + Add cases in RMIJRMPServerImpl and others + which show up when source/target 5 is + used in the rt-class-files pre-build. + * patches/openjdk/8014205-blank_swing_dialogs_windows.patch: + Remove addition of @Override. + +diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch +--- a/patches/ecj/override.patch Sun May 08 21:28:21 2016 +0100 ++++ b/patches/ecj/override.patch Fri May 13 14:02:18 2016 +0100 +@@ -362,3 +362,240 @@ + public Class<?> run() { + try { + ReflectUtil.checkPackageAccess(className); ++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java ++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Thu May 12 01:30:54 2016 +0100 ++@@ -1870,7 +1870,6 @@ ++ ++ private ModifiableClassLoaderRepository getInstantiatorCLR() { ++ return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() { ++- @Override ++ public ModifiableClassLoaderRepository run() { ++ return instantiator != null ? instantiator.getClassLoaderRepository() : null; ++ } ++diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java ++--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Thu May 12 01:30:54 2016 +0100 ++@@ -160,7 +160,6 @@ ++ try { ++ // load the main library ++ AccessController.doPrivileged(new PrivilegedAction<Void>() { ++- @Override ++ public Void run() { ++ System.loadLibrary(libNameMain); ++ return null; ++@@ -182,7 +181,6 @@ ++ final String lib = st.nextToken(); ++ try { ++ AccessController.doPrivileged(new PrivilegedAction<Void>() { ++- @Override ++ public Void run() { ++ System.loadLibrary(lib); ++ return null; ++diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java ++--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Thu May 12 01:30:54 2016 +0100 ++@@ -190,7 +190,6 @@ ++ EventQueue.invokeAndWait(source, r); ++ } ++ ++- @Override ++ public long getMostRecentEventTime(EventQueue eventQueue) { ++ return eventQueue.getMostRecentEventTimeImpl(); ++ } ++diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java ++--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Thu May 12 01:30:54 2016 +0100 ++@@ -3571,7 +3571,6 @@ ++ } ++ static { ++ SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() { ++- @Override ++ public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) { ++ ObjectInputStream.setValidator(ois, validator); ++ } ++diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java ++--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Thu May 12 01:30:54 2016 +0100 ++@@ -64,7 +64,6 @@ ++ final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation"; ++ String allowProp = java.security.AccessController.doPrivileged( ++ new PrivilegedAction<String>() { ++- @Override ++ public String run() { ++ return System.getProperty(propName); ++ } ++diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java ++--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Thu May 12 01:30:54 2016 +0100 ++@@ -262,7 +262,6 @@ ++ * ++ * @see sun.java2d.DestSurfaceProvider#getDestSurface ++ */ ++- @Override ++ public Surface getDestSurface() { ++ return volSurfaceManager.getPrimarySurfaceData(); ++ } ++diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java ++--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Thu May 12 01:30:54 2016 +0100 ++@@ -3294,7 +3294,6 @@ ++ * ++ * @see sun.java2d.DestSurfaceProvider#getDestSurface ++ */ ++- @Override ++ public Surface getDestSurface() { ++ return surfaceData; ++ } ++diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java ++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Thu May 12 01:30:54 2016 +0100 ++@@ -630,12 +630,10 @@ ++ this.callID = callID; ++ } ++ ++- @Override ++ public void validateDescriptor(ObjectStreamClass descriptor) { ++ descriptorCheck.check(method, descriptor, parameterIndex, callID); ++ } ++ ++- @Override ++ public void checkProxyInterfaceNames(String[] ifaces) { ++ descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID); ++ } ++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java ++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Thu May 12 01:30:54 2016 +0100 ++@@ -133,7 +133,6 @@ ++ */ ++ private static void setContextClassLoader(final ClassLoader ccl) { ++ AccessController.doPrivileged(new PrivilegedAction<Void> () { ++- @Override ++ public Void run() { ++ Thread.currentThread().setContextClassLoader(ccl); ++ return null; ++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java ++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Thu May 12 01:30:54 2016 +0100 ++@@ -676,7 +676,6 @@ ++ connectionCount.incrementAndGet() + ++ ")-" + remoteHost); ++ AccessController.doPrivileged(new PrivilegedAction<Void>() { ++- @Override ++ public Void run() { ++ run0(); ++ return null; ++diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java ++--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Thu May 12 01:30:54 2016 +0100 ++@@ -92,7 +92,6 @@ ++ return this; ++ } ++ ++- @Override ++ public SurfaceData createManagedSurface(int w, int h, int transparency) { ++ return GLXSurfaceData.createData(this, w, h, ++ getColorModel(transparency), ++@@ -165,12 +164,10 @@ ++ * Returns true if the provided capability bit is present for this config. ++ * See OGLContext.java for a list of supported capabilities. ++ */ ++- @Override ++ public final boolean isCapPresent(int cap) { ++ return ((oglCaps.getCaps() & cap) != 0); ++ } ++ ++- @Override ++ public final long getNativeConfigInfo() { ++ return pConfigInfo; ++ } ++@@ -180,7 +177,6 @@ ++ * ++ * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext ++ */ ++- @Override ++ public final OGLContext getContext() { ++ return context; ++ } ++@@ -394,7 +390,6 @@ ++ * ++ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage ++ */ ++- @Override ++ public VolatileImage ++ createCompatibleVolatileImage(int width, int height, ++ int transparency, int type) ++@@ -434,17 +429,14 @@ ++ * ++ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities ++ */ ++- @Override ++ public ContextCapabilities getContextCapabilities() { ++ return oglCaps; ++ } ++ ++- @Override ++ public void addDeviceEventListener(AccelDeviceEventListener l) { ++ AccelDeviceEventNotifier.addListener(l, screen.getScreen()); ++ } ++ ++- @Override ++ public void removeDeviceEventListener(AccelDeviceEventListener l) { ++ AccelDeviceEventNotifier.removeListener(l); ++ } ++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java ++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Wed May 04 23:23:55 2016 +0100 +++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Thu May 12 01:51:42 2016 +0100 ++@@ -236,7 +236,6 @@ ++ final MBeanInstantiator fInstantiator = instantiator; ++ this.secureClr = new ++ SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() { ++- @Override ++ public ClassLoaderRepository run() { ++ return fInstantiator.getClassLoaderRepository(); ++ } ++@@ -1257,7 +1256,6 @@ ++ ClassLoader myLoader = outerShell.getClass().getClassLoader(); ++ final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() { ++ ++- @Override ++ public ModifiableClassLoaderRepository run() { ++ return instantiator.getClassLoaderRepository(); ++ } ++diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java ++--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu Sep 08 11:00:33 2011 -0700 +++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu May 12 16:39:37 2016 +0100 ++@@ -227,17 +227,14 @@ ++ allowedTypes = credentialsTypes; ++ } ++ ++- @Override ++ public String getVersion() throws RemoteException { ++ return impl.getVersion(); ++ } ++ ++- @Override ++ public RMIConnection newClient(Object credentials) throws IOException { ++ return impl.newClient(credentials); ++ } ++ ++- @Override ++ public void check(Method method, ObjectStreamClass descriptor, ++ int paramIndex, int callID) { ++ ++@@ -247,7 +244,6 @@ ++ } ++ } ++ ++- @Override ++ public void checkProxyClass(Method method, String[] ifaces, ++ int paramIndex, int callID) { ++ if (ifaces != null && ifaces.length > 0) { ++@@ -259,7 +255,6 @@ ++ } ++ } ++ ++- @Override ++ public void end(int callID) { ++ /* Do nothing */ ++ } +diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch +--- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Sun May 08 21:28:21 2016 +0100 ++++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Fri May 13 14:02:18 2016 +0100 +@@ -116,7 +116,7 @@ + { + if (numBands == 3 && !ccm.hasAlpha()) { + imageType = TYPE_3BYTE_BGR; +-@@ -804,6 +801,27 @@ ++@@ -804,6 +801,26 @@ + } // else if ((raster instanceof ByteComponentRaster) && + } + +@@ -129,7 +129,6 @@ + + new PrivilegedAction<Boolean>() + + { + + +-+ @Override + + public Boolean run() { + + final ClassLoader std = System.class.getClassLoader(); + + + |