aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-05-27 23:50:51 -0400
committerLeo Famulari <leo@famulari.name>2016-06-01 02:29:01 -0400
commit1c6303fae05815d3127a6bc480b1a794ad5dc49f (patch)
tree5de780f65c6a147637ce1612d08fe04cd603450c
parentf0e60e89cb0fdbc9a1eee02123ff03f51c43c7d9 (diff)
downloadguix-1c6303fae05815d3127a6bc480b1a794ad5dc49f.tar
guix-1c6303fae05815d3127a6bc480b1a794ad5dc49f.tar.gz
gnu: icedtea: Update to 1.13.11.
Fixes CVE-2016-{0686, 0687, 0695, 3425, 3427}. * gnu/packages/patches/icedtea-remove-overrides.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/java.scm (icedtea): Update to 1.13.11. [source]: Use the patch. [inputs]: Add libxcomposite.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/java.scm10
-rw-r--r--gnu/packages/patches/icedtea-remove-overrides.patch291
3 files changed, 298 insertions, 4 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 21f9f81d10..59aaccc9b5 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -547,6 +547,7 @@ dist_patch_DATA = \
%D%/packages/patches/hypre-doc-tables.patch \
%D%/packages/patches/hypre-ldflags.patch \
%D%/packages/patches/icecat-avoid-bundled-includes.patch \
+ %D%/packages/patches/icedtea-remove-overrides.patch \
%D%/packages/patches/icu4c-CVE-2014-6585.patch \
%D%/packages/patches/icu4c-CVE-2015-1270.patch \
%D%/packages/patches/icu4c-CVE-2015-4760.patch \
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index ff785efad6..fa6109a07d 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -181,15 +181,16 @@ build process and its dependencies, whereas Make uses Makefile format.")
(define-public icedtea-6
(package
(name "icedtea")
- (version "1.13.10")
+ (version "1.13.11")
(source (origin
(method url-fetch)
(uri (string-append
"http://icedtea.wildebeest.org/download/source/icedtea6-"
version ".tar.xz"))
+ (patches (search-patches "icedtea-remove-overrides.patch"))
(sha256
(base32
- "1mq08sfyfjlfw0c1czjs47303zv4h91s1jc0nhdlra4rbbx0g2d0"))
+ "1grki39a4rf8n74zc0iglcggxxbpniyfh1gk1lb10p63zvvcsvjj"))
(modules '((guix build utils)))
(snippet
'(substitute* "Makefile.in"
@@ -539,6 +540,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
("mit-krb5" ,mit-krb5)
("nss" ,nss)
("libx11" ,libx11)
+ ("libxcomposite" ,libxcomposite)
("libxt" ,libxt)
("libxtst" ,libxtst)
("libxi" ,libxi)
@@ -552,10 +554,10 @@ build process and its dependencies, whereas Make uses Makefile format.")
("openjdk6-src"
,(origin
(method url-fetch)
- (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b38-20_jan_2016.tar.gz")
+ (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b39-03_may_2016.tar.gz")
(sha256
(base32
- "1fapj9w4ahzf5nwvdgi1dsxjyh9dqbcvf9638r60h1by13wjqk5p"))))
+ "1brxbsgwcj4js26y5lk6capc3pvghgjidvv9cavw6z8n7c7aw8af"))))
("lcms" ,lcms)
("zlib" ,zlib)
("gtk" ,gtk+-2)
diff --git a/gnu/packages/patches/icedtea-remove-overrides.patch b/gnu/packages/patches/icedtea-remove-overrides.patch
new file mode 100644
index 0000000000..e4d68a9e58
--- /dev/null
+++ b/gnu/packages/patches/icedtea-remove-overrides.patch
@@ -0,0 +1,291 @@
+Upstream patch:
+http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d
+
+Fixes build failure:
+http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954
+
+Changes to the files 'NEWS' and 'ChangeLog' are omitted here.
+
+# HG changeset patch
+# User Andrew John Hughes <gnu.andrew@redhat.com>
+# Date 1463144538 -3600
+# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931
+# Parent c23ceebb80a19a33316f1e743eb93bdf79aac220
+PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
+
+2016-05-13 Andrew John Hughes <gnu.andrew@redhat.com>
+
+ PR2954: ecj/override.patch is missing new
+ @Overrides in RMIJRMPServerImpl.java
+ * patches/ecj/override.patch:
+ Add cases in RMIJRMPServerImpl and others
+ which show up when source/target 5 is
+ used in the rt-class-files pre-build.
+ * patches/openjdk/8014205-blank_swing_dialogs_windows.patch:
+ Remove addition of @Override.
+
+diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch
+--- a/patches/ecj/override.patch Sun May 08 21:28:21 2016 +0100
++++ b/patches/ecj/override.patch Fri May 13 14:02:18 2016 +0100
+@@ -362,3 +362,240 @@
+ public Class<?> run() {
+ try {
+ ReflectUtil.checkPackageAccess(className);
++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Thu May 12 01:30:54 2016 +0100
++@@ -1870,7 +1870,6 @@
++
++ private ModifiableClassLoaderRepository getInstantiatorCLR() {
++ return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
++- @Override
++ public ModifiableClassLoaderRepository run() {
++ return instantiator != null ? instantiator.getClassLoaderRepository() : null;
++ }
++diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Thu May 12 01:30:54 2016 +0100
++@@ -160,7 +160,6 @@
++ try {
++ // load the main library
++ AccessController.doPrivileged(new PrivilegedAction<Void>() {
++- @Override
++ public Void run() {
++ System.loadLibrary(libNameMain);
++ return null;
++@@ -182,7 +181,6 @@
++ final String lib = st.nextToken();
++ try {
++ AccessController.doPrivileged(new PrivilegedAction<Void>() {
++- @Override
++ public Void run() {
++ System.loadLibrary(lib);
++ return null;
++diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java
++--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Thu May 12 01:30:54 2016 +0100
++@@ -190,7 +190,6 @@
++ EventQueue.invokeAndWait(source, r);
++ }
++
++- @Override
++ public long getMostRecentEventTime(EventQueue eventQueue) {
++ return eventQueue.getMostRecentEventTimeImpl();
++ }
++diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java
++--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Thu May 12 01:30:54 2016 +0100
++@@ -3571,7 +3571,6 @@
++ }
++ static {
++ SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() {
++- @Override
++ public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) {
++ ObjectInputStream.setValidator(ois, validator);
++ }
++diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java
++--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Thu May 12 01:30:54 2016 +0100
++@@ -64,7 +64,6 @@
++ final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation";
++ String allowProp = java.security.AccessController.doPrivileged(
++ new PrivilegedAction<String>() {
++- @Override
++ public String run() {
++ return System.getProperty(propName);
++ }
++diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java
++--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Thu May 12 01:30:54 2016 +0100
++@@ -262,7 +262,6 @@
++ *
++ * @see sun.java2d.DestSurfaceProvider#getDestSurface
++ */
++- @Override
++ public Surface getDestSurface() {
++ return volSurfaceManager.getPrimarySurfaceData();
++ }
++diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java
++--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Thu May 12 01:30:54 2016 +0100
++@@ -3294,7 +3294,6 @@
++ *
++ * @see sun.java2d.DestSurfaceProvider#getDestSurface
++ */
++- @Override
++ public Surface getDestSurface() {
++ return surfaceData;
++ }
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Thu May 12 01:30:54 2016 +0100
++@@ -630,12 +630,10 @@
++ this.callID = callID;
++ }
++
++- @Override
++ public void validateDescriptor(ObjectStreamClass descriptor) {
++ descriptorCheck.check(method, descriptor, parameterIndex, callID);
++ }
++
++- @Override
++ public void checkProxyInterfaceNames(String[] ifaces) {
++ descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID);
++ }
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Thu May 12 01:30:54 2016 +0100
++@@ -133,7 +133,6 @@
++ */
++ private static void setContextClassLoader(final ClassLoader ccl) {
++ AccessController.doPrivileged(new PrivilegedAction<Void> () {
++- @Override
++ public Void run() {
++ Thread.currentThread().setContextClassLoader(ccl);
++ return null;
++diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
++--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Thu May 12 01:30:54 2016 +0100
++@@ -676,7 +676,6 @@
++ connectionCount.incrementAndGet() +
++ ")-" + remoteHost);
++ AccessController.doPrivileged(new PrivilegedAction<Void>() {
++- @Override
++ public Void run() {
++ run0();
++ return null;
++diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java
++--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Thu May 12 01:30:54 2016 +0100
++@@ -92,7 +92,6 @@
++ return this;
++ }
++
++- @Override
++ public SurfaceData createManagedSurface(int w, int h, int transparency) {
++ return GLXSurfaceData.createData(this, w, h,
++ getColorModel(transparency),
++@@ -165,12 +164,10 @@
++ * Returns true if the provided capability bit is present for this config.
++ * See OGLContext.java for a list of supported capabilities.
++ */
++- @Override
++ public final boolean isCapPresent(int cap) {
++ return ((oglCaps.getCaps() & cap) != 0);
++ }
++
++- @Override
++ public final long getNativeConfigInfo() {
++ return pConfigInfo;
++ }
++@@ -180,7 +177,6 @@
++ *
++ * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext
++ */
++- @Override
++ public final OGLContext getContext() {
++ return context;
++ }
++@@ -394,7 +390,6 @@
++ *
++ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage
++ */
++- @Override
++ public VolatileImage
++ createCompatibleVolatileImage(int width, int height,
++ int transparency, int type)
++@@ -434,17 +429,14 @@
++ *
++ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities
++ */
++- @Override
++ public ContextCapabilities getContextCapabilities() {
++ return oglCaps;
++ }
++
++- @Override
++ public void addDeviceEventListener(AccelDeviceEventListener l) {
++ AccelDeviceEventNotifier.addListener(l, screen.getScreen());
++ }
++
++- @Override
++ public void removeDeviceEventListener(AccelDeviceEventListener l) {
++ AccelDeviceEventNotifier.removeListener(l);
++ }
++diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java
++--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Wed May 04 23:23:55 2016 +0100
+++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Thu May 12 01:51:42 2016 +0100
++@@ -236,7 +236,6 @@
++ final MBeanInstantiator fInstantiator = instantiator;
++ this.secureClr = new
++ SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() {
++- @Override
++ public ClassLoaderRepository run() {
++ return fInstantiator.getClassLoaderRepository();
++ }
++@@ -1257,7 +1256,6 @@
++ ClassLoader myLoader = outerShell.getClass().getClassLoader();
++ final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
++
++- @Override
++ public ModifiableClassLoaderRepository run() {
++ return instantiator.getClassLoaderRepository();
++ }
++diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
++--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu Sep 08 11:00:33 2011 -0700
+++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu May 12 16:39:37 2016 +0100
++@@ -227,17 +227,14 @@
++ allowedTypes = credentialsTypes;
++ }
++
++- @Override
++ public String getVersion() throws RemoteException {
++ return impl.getVersion();
++ }
++
++- @Override
++ public RMIConnection newClient(Object credentials) throws IOException {
++ return impl.newClient(credentials);
++ }
++
++- @Override
++ public void check(Method method, ObjectStreamClass descriptor,
++ int paramIndex, int callID) {
++
++@@ -247,7 +244,6 @@
++ }
++ }
++
++- @Override
++ public void checkProxyClass(Method method, String[] ifaces,
++ int paramIndex, int callID) {
++ if (ifaces != null && ifaces.length > 0) {
++@@ -259,7 +255,6 @@
++ }
++ }
++
++- @Override
++ public void end(int callID) {
++ /* Do nothing */
++ }
+diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch
+--- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Sun May 08 21:28:21 2016 +0100
++++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Fri May 13 14:02:18 2016 +0100
+@@ -116,7 +116,7 @@
+ {
+ if (numBands == 3 && !ccm.hasAlpha()) {
+ imageType = TYPE_3BYTE_BGR;
+-@@ -804,6 +801,27 @@
++@@ -804,6 +801,26 @@
+ } // else if ((raster instanceof ByteComponentRaster) &&
+ }
+
+@@ -129,7 +129,6 @@
+ + new PrivilegedAction<Boolean>()
+ + {
+ +
+-+ @Override
+ + public Boolean run() {
+ + final ClassLoader std = System.class.getClassLoader();
+ +
+