# HG changeset patch # User Andrew John Hughes # Date 1346597355 -3600 # Node ID 296309f1853f3e7ab84bf6e80423290656a87885 # Parent ec6dd96b871b6097b0a7f0801bf4036d69c25f00 Update with security fixes and other forest changes. 2011-08-31 Andrew John Hughes * Makefile.am: (CORBA_CHANGESET): Bring in security updates and other fixes from forest. (HOTSPOT_CHANGESET): Likewise. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (LANGTOOLS_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (HOTSPOT_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (LANGTOOLS_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. * NEWS: Updated with new fixes. diff -r ec6dd96b871b -r 296309f1853f ChangeLog --- a/ChangeLog Wed Jun 13 15:38:28 2012 +0100 +++ b/ChangeLog Sun Sep 02 15:49:15 2012 +0100 @@ -1,3 +1,23 @@ +2011-08-31 Andrew John Hughes + + * Makefile.am: + (CORBA_CHANGESET): Bring in security updates + and other fixes from forest. + (HOTSPOT_CHANGESET): Likewise. + (JAXP_CHANGESET): Likewise. + (JAXWS_CHANGESET): Likewise. + (JDK_CHANGESET): Likewise. + (LANGTOOLS_CHANGESET): Likewise. + (OPENJDK_CHANGESET): Likewise. + (CORBA_SHA256SUM): Likewise. + (HOTSPOT_SHA256SUM): Likewise. + (JAXP_SHA256SUM): Likewise. + (JAXWS_SHA256SUM): Likewise. + (JDK_SHA256SUM): Likewise. + (LANGTOOLS_SHA256SUM): Likewise. + (OPENJDK_SHA256SUM): Likewise. + * NEWS: Updated with new fixes. + 2011-06-13 Andrew John Hughes * NEWS: Add section for 2.1.2. diff -r ec6dd96b871b -r 296309f1853f Makefile.am --- a/Makefile.am Wed Jun 13 15:38:28 2012 +0100 +++ b/Makefile.am Sun Sep 02 15:49:15 2012 +0100 @@ -4,21 +4,21 @@ JDK_UPDATE_VERSION = 03 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION) -CORBA_CHANGESET = 338c21646c76 -HOTSPOT_CHANGESET = 8b7c4c5f6ba9 -JAXP_CHANGESET = 7a8825b15df6 -JAXWS_CHANGESET = 7edfbfe974f2 -JDK_CHANGESET = d5ddeffc4651 -LANGTOOLS_CHANGESET = b534c4c6cd9b -OPENJDK_CHANGESET = 22cc03983e20 +CORBA_CHANGESET = 5fb07c08e9e8 +HOTSPOT_CHANGESET = c159737dd826 +JAXP_CHANGESET = 68cc6550c43e +JAXWS_CHANGESET = 27864fc81873 +JDK_CHANGESET = 362f79895241 +LANGTOOLS_CHANGESET = 59d1da099001 +OPENJDK_CHANGESET = 1e3893e92a16 -CORBA_SHA256SUM = 10425cbbb439551293a7a96a128f25ce408c38826bef8562f4c2d65d3134a1d3 -HOTSPOT_SHA256SUM = 22866990d143e76ced94b76defa3051e5e5d9a51fd272d63daa0df272d6406a2 -JAXP_SHA256SUM = 297c8dbeed5afa5395b6be06b17282d53f8a888c2909074dfc1605afc0daf1c2 -JAXWS_SHA256SUM = 823ca6b8fd780bf1b1565a90cfc8ec6f0ee422a5d25ffb20b1ce0272dc4955aa -JDK_SHA256SUM = e83e6234842376147a4c32451f23d629ba107e908ebdb0f367657f9cc6c1be98 -LANGTOOLS_SHA256SUM = c77dd42d83f06d18fa8aa65c93d137608a2e02cf24b68fc10d7b1c0bcc12a93c -OPENJDK_SHA256SUM = ada790b4754f521ebfad0dd909ea29b92b2b3c1b84b2e99d32673343727d95d7 +CORBA_SHA256SUM = c17cc7b5f2e4ee50ccccbe1a0ccc7c0f9e2bcab2c056c1a0e97c41c0083455e2 +HOTSPOT_SHA256SUM = c1e626ecf4e7118ac269923ef0b83f5f8d36b0e816b293197ffbf8dd5083fa8d +JAXP_SHA256SUM = 1db3906130149da1e8222273b6f8c1c0fe1095f2760c04ce28750f5e254cbc7b +JAXWS_SHA256SUM = 5a4641b75f297b79fcb2f46c7fceb7a8b911e1567ecbc0d566abcb992b0a0de3 +JDK_SHA256SUM = a7c9d6e8e855189066fe7aef1a61e08d581e07415cc5a0b398f3c82f017559e2 +LANGTOOLS_SHA256SUM = e901f0e4dba52f4ef3fedc946b0106a29ad7f406ab44c7028f1e16f2a23a6e07 +OPENJDK_SHA256SUM = 55f1c6ab34ce00db014a94fb0c6301de4fcea0077ccff4b4ba6827a17ec3bd77 CACAO_VERSION = a567bcb7f589 CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9 diff -r ec6dd96b871b -r 296309f1853f NEWS --- a/NEWS Wed Jun 13 15:38:28 2012 +0100 +++ b/NEWS Sun Sep 02 15:49:15 2012 +0100 @@ -12,6 +12,23 @@ New in release 2.1.2 (2012-XX-XX): +* Security fixes + - RH852051, CVE-2012-4681, S7162473: Reintroduce PackageAccessible checks removed in 6788531. + - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder + - S7194567, CVE-2012-3136: Improve long term persistence of java.beans objects + - S7163201, CVE-2012-0547: Simplify toolkit internals references +* OpenJDK + - PR1101: Undefined symbols on GNU/Linux SPARC + - S7182135: Impossible to use some editors directly + - S7183701: [TEST] closed/java/beans/security/TestClassFinder.java - compilation failed + - S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE + - S7190813: (launcher) RPATH needs to have additional paths +* ARM + - ARM: Fix trashed thread ptr after recursive re-entry from + - ARM: Rename a bunch of misleadingly-named functions + - Enable _adapter_opt_spread* jsr 292 code, now passes + - Fix call to handle_special_method(). Fix compareAndSwapLong. + New in release 2.1.1 (2012-06-12): * Security fixes