aboutsummaryrefslogtreecommitdiffstats
path: root/main/openjdk6
Commit message (Collapse)AuthorAgeFilesLines
* main/openjdk6: security upgrade to 1.12.8 icedteaNatanael Copa2014-02-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Security fixes S6727821: Enhance JAAS Configuration S7068126, CVE-2014-0373: Enhance SNMP statuses S8010935: Better XML handling S8011786, CVE-2014-0368: Better applet networking S8021257, CVE-2013-5896: com.sun.corba.se.** should be on restricted package list S8022904: Enhance JDBC Parsers S8022927: Input validation for byte/endian conversions S8022935: Enhance Apache resolver classes S8022945: Enhance JNDI implementation classes S8023057: Enhance start up image display S8023069, CVE-2014-0411: Enhance TLS connections S8023245, CVE-2014-0423: Enhance Beans decoding S8023301: Enhance generic classes S8023672: Enhance jar file validation S8024306, CVE-2014-0416: Enhance Subject consistency S8024530: Enhance font process resilience S8024867: Enhance logging start up S8025014: Enhance Security Policy S8025018, CVE-2014-0376: Enhance JAX-P set up S8025026, CVE-2013-5878: Enhance canonicalization S8025034, CVE-2013-5907: Improve layout lookups S8025448: Enhance listening events S8025758, CVE-2014-0422: Enhance Naming management S8025767, CVE-2014-0428: Enhance IIOP Streams S8026172: Enhance UI Management S8026176: Enhance document printing S8026193, CVE-2013-5884: Enhance CORBA stub factories S8026204: Enhance auth login contexts S8026417, CVE-2013-5910: Enhance XML canonicalization S8027201, CVE-2014-0376: Enhance JAX-P set up (cherry picked from commit 7581d6a08ba8fde796126748121649ac70971f19)
* main/openjdk6: upgrade to icedtea6 1.12.7Timo Teräs2013-11-271-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes following security fixes: S8006900, CVE-2013-3829: Add new date/time capability S8008589: Better MBean permission validation S8011071, CVE-2013-5780: Better crypto provider handling S8011081, CVE-2013-5772: Improve jhat S8011157, CVE-2013-5814: Improve CORBA portablility S8012071, CVE-2013-5790: Better Building of Beans S8012147: Improve tool support S8012277: CVE-2013-5849: Improve AWT DataFlavor S8012425, CVE-2013-5802: Transform TransformerFactory S8013503, CVE-2013-5851: Improve stream factories S8013506: Better Pack200 data handling S8013510, CVE-2013-5809: Augment image writing code S8013514: Improve stability of cmap class S8013739, CVE-2013-5817: Better LDAP resource management S8013744, CVE-2013-5783: Better tabling for AWT S8014085: Better serialization support in JMX classes S8014093, CVE-2013-5782: Improve parsing of images S8014102, CVE-2013-5778: Improve image conversion S8014341, CVE-2013-5803: Better service from Kerberos servers S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations S8014530, CVE-2013-5825: Better digital signature processing S8014534: Better profiling support S8014987, CVE-2013-5842: Augment serialization handling S8015614: Update build settings S8015731: Subject java.security.auth.subject to improvements S8015743, CVE-2013-5774: Address internet addresses S8016256: Make finalization final S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names S8016675, CVE-2013-5797: Make Javadoc pages more robust S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately S8017287, CVE-2013-5829: Better resource disposal S8017291, CVE-2013-5830: Cast Proxies Aside S8017298, CVE-2013-4002: Better XML support S8017300, CVE-2013-5784: Improve Interface Implementation S8017505, CVE-2013-5820: Better Client Service S8019292: Better Attribute Value Exceptions S8019617: Better view of objects S8020293: JVM crash S8021290, CVE-2013-5823: Better signature validation S8022940: Enhance CORBA translations S8023683: Enhance class file parsing
* main/openjdk: enable bootstrap by defaultNatanael Copa2013-10-221-2/+2
|
* main/openjdk6: upgrade to icedtea6 1.12.6Timo Teräs2013-10-174-49/+62
| | | | | | * use --with-pax from upstream instead of our patches * build without bootstrapping by default to speed up compiles (define BOOTSTRAP=yes to do bootstrap build with gcj)
* main/openjdk6: upgrade to icedtea 1.11.13Timo Teräs2013-10-161-67/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update pkgver to include java version, build and icedtea version * do not build ecj, instead use the javac from java-gcj-compat * remove jaxws, jaxp and jaf drop zips as they are not used * enable x86_64 build again (apparently using java-gcj-compat fixes things) * minor other clean ups Includes also security fixes from 1.11.12 (2013-07-10) - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve deserialization - S8000642, CVE-2013-2446: Better handling of objects for transportation - S8001032: Restrict object access - S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers - S8001034, CVE-2013-1500: Memory management improvements - S8001038, CVE-2013-2444: Resourcefully handle resources - S8001043: Clarify definition restrictions - S8001309: Better handling of annotation interfaces - S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost - S8001330, CVE-2013-2443: Improve on checking order - S8003703, CVE-2013-2412: Update RMI connection dialog box - S8004584: Augment applet contextualization - S8005007: Better glyph processing - S8006328, CVE-2013-2448: Improve robustness of sound classes - S8006611: Improve scripting - S8007467: Improve robustness of JMX internal APIs - S8007471: Improve MBean notifications - S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes - S8008120, CVE-2013-2457: Improve JMX class checking - S8008124, CVE-2013-2453: Better compliance testing - S8008128: Better API coherence for JMX - S8008132, CVE-2013-2456: Better serialization support - S8008585: Better JMX data handling - S8008593: Better URLClassLoader resource management - S8008603: Improve provision of JMX providers - S8008611: Better handling of annotations in JMX - S8008615: Improve robustness of JMX internal APIs - S8008623: Better handling of MBeanServers - S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606 - S8008982: Adjust JMX for underlying interface changes - S8009004: Better implementation of RMI connections - S8009013: Better handling of T2K glyphs - S8009034: Improve resulting notifications in JMX - S8009038: Improve JMX notification support - S8009067: Improve storing keys in KeyStore - S8009071, CVE-2013-2459: Improve shape handling - S8009235: Improve handling of TSA data - S8011243, CVE-2013-2470: Improve ImagingLib - S8011248, CVE-2013-2471: Better Component Rasters - S8011253, CVE-2013-2472: Better Short Component Rasters - S8011257, CVE-2013-2473: Better Byte Component Rasters - S8012375, CVE-2013-1571: Improve Javadoc framing - S8012421: Better positioning of PairPositioning - S8012438, CVE-2013-2463: Better image validation - S8012597, CVE-2013-2465: Better image channel verification - S8012601, CVE-2013-2469: Better validation of image layouts - S8014281, CVE-2013-2461: Better checking of XML signature - S8015997: Additional improvement in Javadoc framing
* main/openjdk6: disable build on x86_64 for nowNatanael Copa2013-08-271-1/+1
| | | | does not build
* main/openjdk6: rebuild against libpng16Natanael Copa2013-08-271-1/+1
|
* main/openjdk6: use util-linux instead of util-linux-ngNatanael Copa2013-08-151-1/+1
|
* [all autotools packages]: normalize ./configureTimo Teräs2013-07-301-2/+5
|
* main/openjdk6: fix ipv6 related startup crashTimo Teräs2013-06-042-1/+47
|
* main/openjdk6: pax mark more binariesNatanael Copa2013-04-301-1/+3
|
* main/openjdk: security upgrade to icedtea 1.11.11Natanael Copa2013-04-262-5/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #1801 icedtea6-1.11.11: RH952389: Temporary files created with insecure permissions icedtea6-1.11.10: S6657673, CVE-2013-1518: Issues with JAXP S7200507: Refactor Introspector internals S8000724, CVE-2013-2417: Improve networking serialization S8001031, CVE-2013-2419: Better font processing S8001040, CVE-2013-1537: Rework RMI model S8001322: Refactor deserialization S8001329, CVE-2013-1557: Augment RMI logging S8003335: Better handling of Finalizer thread S8003445: Adjust JAX-WS to focus on API S8003543, CVE-2013-2415: Improve processing of MTOM attachments S8004261: Improve input validation S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames S8004986, CVE-2013-2383: Better handling of glyph table S8004987, CVE-2013-2384: Improve font layout S8004994, CVE-2013-1569: Improve checking of glyph table S8005432: Update access to JAX-WS S8005943: (process) Improved Runtime.exec S8006309: More reliable control panel operation S8006435, CVE-2013-2424: Improvements in JMX S8006790: Improve checking for windows S8006795: Improve font warning messages S8007406: Improve accessibility of AccessBridge S8007617, CVE-2013-2420: Better validation of images S8007667, CVE-2013-2430: Better image reading S8007918, CVE-2013-2429: Better image writing S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap S8009305, CVE-2013-0401: Improve AWT data transfer S8009699, CVE-2013-2421: Methodhandle lookup S8009814, CVE-2013-1488: Better driver management S8009857, CVE-2013-2422: Problem with plugin icedtea6-1.11.9: S8007014, CVE-2013-0809: Improve image handling S8007675, CVE-2013-1493: Improve color conversion icedtea6-1.11.8: S8006446, CVE-2013-1486: Restrict MBeanServer access S8006777, CVE-2013-0169: Improve TLS handling of invalid messages S8007688: Blacklist known bad certificate icedtea6-1.11.7: (bugfixes only) icedtea6-1.11.6: S6563318, CVE-2013-0424: RMI data sanitization S6664509, CVE-2013-0425: Add logging context S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time S6776941: CVE-2013-0427: Improve thread pool shutdown S7141694, CVE-2013-0429: Improving CORBA internals S7173145: Improve in-memory representation of splashscreens S7186945: Unpack200 improvement S7186946: Refine unpacker resource usage S7186948: Improve Swing data validation S7186952, CVE-2013-0432: Improve clipboard access S7186954: Improve connection performance S7186957: Improve Pack200 data validation S7192392, CVE-2013-0443: Better validation of client keys S7192393, CVE-2013-0440: Better Checking of order of TLS Messages S7192977, CVE-2013-0442: Issue in toolkit thread S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies S7200491: Tighten up JTable layout code S7200500: Launcher better input validation S7201064: Better dialogue checking S7201066, CVE-2013-0441: Change modifiers on unused fields S7201068, CVE-2013-0435: Better handling of UI elements S7201070: Serialization to conform to protocol S7201071, CVE-2013-0433: InetSocketAddress serialization issue S8000210: Improve JarFile code quality S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class S8000540, CVE-2013-1475: Improve IIOP type reuse management S8000631, CVE-2013-1476: Restrict access to class constructor S8001235, CVE-2013-0434: Improve JAXP HTTP handling S8001242: Improve RMI HTTP conformance S8001307: Modify ACC_SUPER behavior S8001972, CVE-2013-1478: Improve image processing S8002325, CVE-2013-1480: Improve management of images icedtea6-1.11.5: S6631398, CVE-2012-3216: FilePermission improved path checking S7093490: adjust package access in rmiregistry S7143535, CVE-2012-5068: ScriptEngine corrected permissions S7167656, CVE-2012-5077: Multiple Seeders are being created S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector S7172522, CVE-2012-5072: Improve DomainCombiner checking S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC S7189103, CVE-2012-5069: Executors needs to maintain state S7189490: More improvements to DomainCombiner checking S7189567, CVE-2012-5085: java net obselete protocol S7192975, CVE-2012-5071: Conditional usage check is wrong S7195194, CVE-2012-5084: Better data validation for Swing S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance S7198296, CVE-2012-5089: Refactor classloader usage S7158800: Improve storage of symbol tables S7158801: Improve VM CompileOnly option S7158804: Improve config file parsing S7176337: Additional changes needed for 7158801 fix S7198606, CVE-2012-4416: Improve VM optimization
* main/openjdk6: broken patchCarlo Landmeter2013-01-072-3/+3
|
* main/openjdk6: add support for eglibcCarlo Landmeter2013-01-052-14/+31
|
* main/openjdk6: use libjpeg-turboNatanael Copa2013-01-011-1/+2
|
* main/openjdk6: rebuild with somask to avoid conflict with libgcjNatanael Copa2012-10-111-2/+7
| | | | | both libgcj and openjdk6-jre-base provided so:libjvm.so so we mask this so and deal with it manually
* main/openjdk6: build fix for new abuildNatanael Copa2012-10-021-0/+1
| | | | | The so version check against the name have become optional and openjdk needs it.
* main/openjdk6: another try to get the provides correctNatanael Copa2012-09-201-3/+14
| | | | | | | | exclude xawt lib from ldpath search. This is so we avoid duplicate provides for headless/libmawt.so and xawt/libmawt.so libmawt should really be a virtual provides but that depends on an apk info --who-provides feature.
* main/openjdk6: rebuild with fixed abuild to avoid duplicate providesNatanael Copa2012-09-191-1/+1
|
* main/openjdk: fix executables to not set soname to lib.soNatanael Copa2012-09-152-2/+16
| | | | It confuses abuild
* main/openjdk6: build fixNatanael Copa2012-09-101-0/+1
| | | | Tell abuild to search recursively for .so files
* main/openjdk6: security upgrade to icedtea6 1.11.4Timo Teras2012-09-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IcedTea 1.11.4 S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder S7163201, CVE-2012-0547: Simplify toolkit internals references IcedTea 1.11.3 S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC S7143872, CVE-2012-1718: Improve certificate extension processing S7145239: Finetune package definition restriction S7152811, CVE-2012-1723: Issues in client compiler S7157609, CVE-2012-1724: Issues with loop S7160677: missing else in fix for 7152811 S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile IcedTea 1.11.1 S7082299, CVE-2011-3571: Fix in AtomicReferenceArray S7088367, CVE-2011-3563: Fix issues in java sound S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method S7110687, CVE-2012-0503: Issues with TimeZone class S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass S7110704, CVE-2012-0506: Issues with some method in corba S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object S7118283, CVE-2012-0501: Better input parameter checking in zip file processing S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server
* main/openjdk6: upgrade to icedtea6-1.11Timo Teräs2012-02-112-28/+21
| | | | based on openjdk6 b24 14_nov_2011
* main/openjdk6: fix cacerts generationWilliam Pitcock2011-11-192-5/+5
|
* main/openjdk6: build java security certificates store from alpine ↵William Pitcock2011-11-192-4/+351
| | | | ca-certificates package
* main/openjdk6: security upgrade icedtea6 to 1.10.4Timo Teräs2011-11-112-8/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ref #802 icedtea6 1.10.4 includes patches for the following security issues: CVE-2011-3547: InputStream skip() information leak CVE-2011-3548: mutable static AWTKeyStroke.ctor CVE-2011-3551: Java2D TransformHelper integer overflow CVE-2011-3552: excessive default UDP socket limit under SecurityManager CVE-2011-3553: JAX-WS stack-traces information leak CVE-2011-3544: missing SecurityManager checks in scripting engine CVE-2011-3521: IIOP deserialization code execution CVE-2011-3554: insufficient pack200 JAR files uncompress error checks CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer CVE-2011-3556: RMI DGC server remote code execution CVE-2011-3557: RMI registry privileged code execution CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer icedtea6 1.10.2 security patches (since upgrading from icedtea6 1.10.1): CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) CVE-2011-0865: Vulnerability in deserialization CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code CVE-2011-0867: NetworkInterface.toString can reveal bindings CVE-2011-0869: Vulnerability in SAAJ CVE-2011-0870: Vulnerability in SAAJ CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero CVE-2011-0871: ImageIcon creates Component with null acc CVE-2011-0864: JSR rewriting can overflow memory address size variables
* main/openjdk6: upgrade to (icedtea6 1.10.1)William Pitcock2011-05-141-3/+3
|
* testing/openjdk6: promote to mainWilliam Pitcock2011-03-285-0/+431