diff options
author | tony mancill <tmancill@debian.org> | 2019-11-20 16:10:47 -0800 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2020-01-29 11:11:08 +0100 |
commit | 8b123517553dd682d6be9f5e6798a4681c90da7e (patch) | |
tree | b21b3efd93ca19774abbb1ea774a070e20b1756d /community | |
parent | 37674ae79d4a86d8c65e91229951ff777ec29540 (diff) | |
download | aports-8b123517553dd682d6be9f5e6798a4681c90da7e.tar.bz2 aports-8b123517553dd682d6be9f5e6798a4681c90da7e.tar.xz |
community/openjdk8: update to IcedTea 3.14.0 / OpenJDK 8u232
Update openjdk8 pacakge to 8.232.09 / icedtea 3.14.0
- drop icedtea-jdk-tls-nist-curves.patch (applied upstream)
- refresh icedtea-hotspot-musl.patch to apply against 3.14.0
Diffstat (limited to 'community')
-rw-r--r-- | community/openjdk8/APKBUILD | 46 | ||||
-rw-r--r-- | community/openjdk8/icedtea-hotspot-musl.patch | 4 | ||||
-rw-r--r-- | community/openjdk8/icedtea-jdk-tls-nist-curves.patch | 47 |
3 files changed, 33 insertions, 64 deletions
diff --git a/community/openjdk8/APKBUILD b/community/openjdk8/APKBUILD index 69b5bb654c..41e79bef7b 100644 --- a/community/openjdk8/APKBUILD +++ b/community/openjdk8/APKBUILD @@ -2,10 +2,10 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: Timo Teras <timo.teras@iki.fi> pkgname=openjdk8 -_icedteaver=3.13.0 +_icedteaver=3.14.0 # pkgver is <JDK version>.<JDK update>.<JDK build> # Check https://icedtea.classpath.org/wiki/Main_Page when updating! -pkgver=8.222.10 +pkgver=8.232.09 pkgrel=0 pkgdesc="OpenJDK 8 provided by IcedTea" url="https://icedtea.classpath.org/" @@ -65,11 +65,28 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x icedtea-jdk-includes.patch icedtea-jdk-getmntent-buffer.patch icedtea-autoconf-config.patch - icedtea-jdk-tls-nist-curves.patch " builddir="$srcdir/icedtea-$_icedteaver" # secfixes: +# 8.232.09-r0: +# - CVE-2019-2933 +# - CVE-2019-2945 +# - CVE-2019-2949 +# - CVE-2019-2958 +# - CVE-2019-2964 +# - CVE-2019-2962 +# - CVE-2019-2973 +# - CVE-2019-2975 +# - CVE-2019-2978 +# - CVE-2019-2981 +# - CVE-2019-2983 +# - CVE-2019-2987 +# - CVE-2019-2988 +# - CVE-2019-2989 +# - CVE-2019-2992 +# - CVE-2019-2999 +# - CVE-2019-2894 # 8.222.10-r0: # - CVE-2019-2745 # - CVE-2019-2762 @@ -300,17 +317,17 @@ demos() { "$subpkgdir"/$_java_home/ } -sha512sums="312bcc6660360eb73b96801fdac0475d6b192bc3fcb80e250225cbb4dfe39ce178e0fa5154c509e7f5605113b34077a6f9c252a52024e568bab7ed6a74140f7c icedtea-3.13.0.tar.xz -e5e1072f43b024d8341e770eb8768d0161dd91f483cfa9a719790eb81458dd2a4da4e688a2c7828025f5b39247558ea69881176c53700cddd161708f0cedb764 openjdk-3.13.0.tar.xz -834b8b09590f5b4f11bbc32af3222e1cb6bef14c44c34ae4d3f65b6320d1a78c297a341cadb76bb59156b434811510b83705d2d2994922c610ba1bafb3f59345 corba-3.13.0.tar.xz -ccf05a50d6bc3b5ce1663bab4925cc738d32b9f1a9c696ada0cbbfe3477dc60556e5e7e9939394b2a932122500555ac9e56a935d3b8762d0ddf65201ddc48ba9 jaxp-3.13.0.tar.xz -80a2539ba45e213de1f2a8e236709f3cd81c6c37ee1181474fd4f0d4d612a7cdf91eabdd6bea5d652e18e73c41c3f59a27a173d08d46ad0664628fd6ffecfc57 jaxws-3.13.0.tar.xz -8b1c8e0e37a9830d67feaab52915c39faf75e94d8972925702f29eea0efd5dbc2f4deaff3b45b2f0f785235bd87c7bb10e62e7a9fb46c1c27e5fddfbbb5fdaa2 jdk-3.13.0.tar.xz -2cd1cdbc8283f5000dd68365412ed36235cfcbecee3a79b8b6111c3a6431f817d4b1ea04463bb049abdf503fe354e4ddf7b71fee399b459e6cf98299703d6e2c langtools-3.13.0.tar.xz -60c144997b2566dc42698ca4cb888b92de6a9fdbb18e01703d00f54311ad56191862c61c89e3eff4d6c4793c98d3dafd5f723bc9a22db2329138d08e832ddc11 hotspot-3.13.0.tar.xz -d86706393adabe5982092865addbe04c07781407d99b8d9ee49baf4224ec9b961bdf8498488548f043b099130b35ac017d846cc41874bcfb218520ee0b37004a nashorn-3.13.0.tar.xz +sha512sums="6cd366a1adde12b5cc2c0c64c0c353ebf9ad5b0ad79b77c5cca3acc93219752110eb222b74bd62180fe0bf5b063db12df6316c334d5940d1636c9d10824085ed icedtea-3.14.0.tar.xz +1e8009155a9ad39405e11704bb1f8b4c51ae0f64563baa7a7ce29a79613339e82b8776193a0076b993f8839b1c5959edff18cdadaa7f2f163fa5d3b7f7d60396 openjdk-3.14.0.tar.xz +5aedab2cff0dd8b4cb98121643009593d10da9abd150ab938cf45f5b8f18cae5f31dcc31c30090b736cf52413a290b6b11e6fc42b3575ea50e213bf334a07159 corba-3.14.0.tar.xz +16a34a65b20650f66eece6e33e82aefaf46bbf46c8332bac8c266405839168b924235395cbf7d6c5210d35b416ee0ab2ed0bd09c3f1c90195bff35d3db4b596d jaxp-3.14.0.tar.xz +706b9ce4d32c92adca44d9643e44ebe757e8503798e2b24b2591660774f4a4719f2015d3edb02f3374ec4b88c5b2f0b5578369345a9db4c5def1ff37f630bb5d jaxws-3.14.0.tar.xz +2e44c646bcbf56ce7e91be0fdb46db9887cfe7f538f866e61d757e657a4a3726caca50bd885355a85675451ea8ff9810bccb7ea026239219373688455dcc8476 jdk-3.14.0.tar.xz +ceef08eb53e895156afd0ec342a045c3aa29551a7939803cd821121286ec05fb3538d3b46a44c99f1a2805163b6e7351ec42b1486aaf6a8ecb7fdccc526c410d langtools-3.14.0.tar.xz +258cca176c6f930268f189f77dd4e6bd683fb90fbd7866870d22ca42105292cedeca7d274b70979e59af15229ebba22da64444ef14c641066e10688286ec302d hotspot-3.14.0.tar.xz +59af524388b501c63c567dd36abbe29b3254b3f05191730740aec84e73f93cf77850ab36d9972528781bbf47a6541a75d7e80e26c4c425d6cbb6460e2b4bdbda nashorn-3.14.0.tar.xz 1f470432275d5beaa8b4e4352a2f24a4a00593546dc4f3bd857794c89e521e8e6d6abc540762bbd769be3e1e3da058e134dc5dc066d12b9b8a1f0656040a795c fix-paxmark.patch -09104b19f647dce9ba0835163c05cc7e5e3ec9852b277f22b2d7a02bd483968853544125a09e384e96ba8811f2bbdc9546e05e378582ec6a554ede797ca5ad98 icedtea-hotspot-musl.patch +28709285390a997adbd56ebda42ef718fbc08daf572b8568f484436d255514f9d25f033e3333dff8aa352fc9846057ac5bb42fa955d3e5e44eddc96dc273c07c icedtea-hotspot-musl.patch e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch 19459dbb922f5a71cd15b53199481498626a783c24f91d2544d55b7dddd2cdb34a64bbf0226b99548612dd1743af01b3f9ff32c30abbbc90ce727ca2dbbbd1f9 icedtea-hotspot-noagent-musl.patch f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch @@ -319,5 +336,4 @@ b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec8 1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch 7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch -662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch -9ea7ac942baf29cc619bc2e1acd59201b9f6d38f39a517b495d7613aec746459200c81afb57c5fcdcb856f6bc8b33f7566c8593fed07e5c73f43e08f1072d458 icedtea-jdk-tls-nist-curves.patch" +662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch" diff --git a/community/openjdk8/icedtea-hotspot-musl.patch b/community/openjdk8/icedtea-hotspot-musl.patch index cbbb5525f0..c18653b9b3 100644 --- a/community/openjdk8/icedtea-hotspot-musl.patch +++ b/community/openjdk8/icedtea-hotspot-musl.patch @@ -82,8 +82,8 @@ index d2c10e0..20f657f 100644 -# include <fpu_control.h> +# include <linux/types.h> /* provides __u64 */ - #ifdef BUILTIN_SIM - #define REG_SP REG_RSP + #define REG_FP 29 + diff --git openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp index 38388cb..2505ba8 100644 --- openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp diff --git a/community/openjdk8/icedtea-jdk-tls-nist-curves.patch b/community/openjdk8/icedtea-jdk-tls-nist-curves.patch deleted file mode 100644 index 75fb3af8cf..0000000000 --- a/community/openjdk8/icedtea-jdk-tls-nist-curves.patch +++ /dev/null @@ -1,47 +0,0 @@ -Bug #7404 TLS negotiation error in OpenJDK 8 u131 - -Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115 -on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation -errors for some clients. - -Root cause appears to be OpenJDK announcing support for NIST curves the -underlying NSS library does doesn't. This patch limits OpenJDK's -announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25 -(secp521r1). - -Related issues: - -* https://github.com/docker-library/openjdk/issues/115 -* https://bugs.alpinelinux.org/issues/7404 -* https://access.redhat.com/discussions/2339811 -* https://bugzilla.redhat.com/show_bug.cgi?id=1022017 -* https://bugzilla.redhat.com/show_bug.cgi?id=1348525 - ---- openjdk.orig/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-05-08 20:03:50.000000000 -0700 -+++ openjdk/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-06-14 13:37:00.000000000 -0700 -@@ -168,21 +168,10 @@ - "contains no supported elliptic curves"); - } - } else { // default curves -- int[] ids; -- if (requireFips) { -- ids = new int[] { -- // only NIST curves in FIPS mode -- 23, 24, 25, 9, 10, 11, 12, 13, 14, -- }; -- } else { -- ids = new int[] { -- // NIST curves first -- 23, 24, 25, 9, 10, 11, 12, 13, 14, -- // non-NIST curves -- 22, -- }; -- } -- -+ int[] ids = new int[] { -+ // NSS currently only supports these three NIST curves -+ 23, 24, 25 -+ }; - idList = new ArrayList<>(ids.length); - for (int curveId : ids) { - if (isAvailableCurve(curveId)) { |