Mercurial > hg > release > icedtea7-2.1

changeset 2561:3311abee7c58

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bring in security fixes and other recent forest changes. 2013-05-01 Andrew John Hughes <gnu.andrew@member.fsf.org> (HOTSPOT_CHANGESET): Update to IcedTea 2.1 forest HEAD, bringing in security fixes, RH928500 & debuginfo file removal. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (HOTSPOT_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. * NEWS: Updated. * patches/boot/ecj-diamond.patch: Regenerate due to security patches.
author Andrew John Hughes <gnu_andrew@member.fsf.org>
date Thu, 02 May 2013 10:20:45 +0100
parents 9ee6ad4f47a9
children 0f170ac337a6
files ChangeLog Makefile.am NEWS patches/boot/ecj-diamond.patch
diffstat 4 files changed, 64 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Mon Apr 08 01:25:42 2013 +0100
+++ b/ChangeLog	Thu May 02 10:20:45 2013 +0100
@@ -1,3 +1,19 @@
+2013-05-01  Andrew John Hughes  <gnu.andrew@member.fsf.org>
+
+	(HOTSPOT_CHANGESET): Update to IcedTea 2.1 forest HEAD,
+	bringing in security fixes, RH928500 & debuginfo file
+	removal.
+	(JAXP_CHANGESET): Likewise.
+	(JAXWS_CHANGESET): Likewise.
+	(JDK_CHANGESET): Likewise.
+	(HOTSPOT_SHA256SUM): Likewise.
+	(JAXP_SHA256SUM): Likewise.
+	(JAXWS_SHA256SUM): Likewise.
+	(JDK_SHA256SUM): Likewise.
+	* NEWS: Updated.
+	* patches/boot/ecj-diamond.patch:
+	Regenerate due to security patches.
+
 2013-04-08  Andrew John Hughes  <gnu.andrew@member.fsf.org>
 
 	* Makefile.am:
--- a/Makefile.am	Mon Apr 08 01:25:42 2013 +0100
+++ b/Makefile.am	Thu May 02 10:20:45 2013 +0100
@@ -4,19 +4,19 @@
 JDK_UPDATE_VERSION = 03
 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION)
 
-HOTSPOT_CHANGESET = 4e4dd75d54e7
+HOTSPOT_CHANGESET = 2c4981784101
 CORBA_CHANGESET = 313f1ee32118
-JAXP_CHANGESET = 691f82a0de0b
-JAXWS_CHANGESET = a48ebab198a4
-JDK_CHANGESET = 1040c44a496d
+JAXP_CHANGESET = c04b95aa746c
+JAXWS_CHANGESET = d04602077b14
+JDK_CHANGESET = acaa2de9f547
 LANGTOOLS_CHANGESET = c63c8a2164e4
 OPENJDK_CHANGESET = c1c649636704
 
-HOTSPOT_SHA256SUM = 46b4bb240e3ebea1e151c57aa9afb0cb4706f4fc467b651a6c5090101352853d
+HOTSPOT_SHA256SUM = 977617c76292f1de33b83daba80815a743159a9d050be2326ae41e20923e3a2b
 CORBA_SHA256SUM = 9326c1fc0dedcbc2af386cb73b80727416e24664ccbf766221450f6e2138e952
-JAXP_SHA256SUM = 17a242852010f535c11f874aae07a6d60f7007541fe1586666638cc6d58f8f1f
-JAXWS_SHA256SUM = 57dab4837468b775ff55e21352c7920f3f35c1e6ceb130154fb89eeb163e176f
-JDK_SHA256SUM = e624a809f099870100330022bda9dafe30bfa4539ee14ec118ffa3ebbafa012d
+JAXP_SHA256SUM = 9df7d4d04168c9c6e57c5b51ca3a54defe5e892d56a256b3d3deda3b12173e63
+JAXWS_SHA256SUM = 1ca9cb115591eb20143cf0d88a57f07fb631ea41246d05017e30a6ae3766517d
+JDK_SHA256SUM = bbfa99c5d9900d16a9359fbdfd1cca9cbfd49095a823eb06ca56d75bca0a8eaf
 LANGTOOLS_SHA256SUM = 46d93bd9069d86ea233464d5a9777b12f0a027142b9ac665e3b244f69a5416b6
 OPENJDK_SHA256SUM = 6cb4258bf22daba0dd5b8cbfee8acd8a378b3e1f36259b6437f7589c74ed6e4f
 
--- a/NEWS	Mon Apr 08 01:25:42 2013 +0100
+++ b/NEWS	Thu May 02 10:20:45 2013 +0100
@@ -12,8 +12,46 @@
 
 New in release 2.1.8 (2013-04-XX):
 
+* Security fixes
+  - S6657673, CVE-2013-1518: Issues with JAXP
+  - S7200507: Refactor Introspector internals
+  - S8000724, CVE-2013-2417: Improve networking serialization
+  - S8001031, CVE-2013-2419: Better font processing
+  - S8001040, CVE-2013-1537: Rework RMI model
+  - S8001322: Refactor deserialization
+  - S8001329, CVE-2013-1557: Augment RMI logging
+  - S8003335: Better handling of Finalizer thread
+  - S8003445: Adjust JAX-WS to focus on API
+  - S8003543, CVE-2013-2415: Improve processing of MTOM attachments
+  - S8004261: Improve input validation
+  - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames
+  - S8004986, CVE-2013-2383: Better handling of glyph table
+  - S8004987, CVE-2013-2384: Improve font layout
+  - S8004994, CVE-2013-1569: Improve checking of glyph table
+  - S8005432: Update access to JAX-WS
+  - S8005943: (process) Improved Runtime.exec
+  - S8006309: More reliable control panel operation
+  - S8006435, CVE-2013-2424: Improvements in JMX
+  - S8006790: Improve checking for windows
+  - S8006795: Improve font warning messages
+  - S8007406: Improve accessibility of AccessBridge
+  - S8007617, CVE-2013-2420: Better validation of images
+  - S8007667, CVE-2013-2430: Better image reading
+  - S8007918, CVE-2013-2429: Better image writing
+  - S8008140: Better method handle resolution
+  - S8009049, CVE-2013-2436: Better method handle binding
+  - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap
+  - S8009305, CVE-2013-0401: Improve AWT data transfer
+  - S8009677, CVE-2013-2423: Better setting of setters
+  - S8009699, CVE-2013-2421: Methodhandle lookup
+  - S8009814, CVE-2013-1488: Better driver management
+  - S8009857, CVE-2013-2422: Problem with plugin
+* Backports
+  - S7130662, RH928500: GTK file dialog crashes with a NPE
 * Bug fixes
   - PR1363: Fedora 19 / rawhide FTBFS SIGILL
+  - Fix offset problem in ICU LETableReference.
+  - Don't create debuginfo files if not stripping.
 
 New in release 2.1.7 (2013-03-11):
 
--- a/patches/boot/ecj-diamond.patch	Mon Apr 08 01:25:42 2013 +0100
+++ b/patches/boot/ecj-diamond.patch	Thu May 02 10:20:45 2013 +0100
@@ -948,8 +948,8 @@
   */
  final class ThreadGroupContext {
  
--    private static final Map<ThreadGroup, ThreadGroupContext> contexts = new WeakHashMap<>();
-+    private static final Map<ThreadGroup, ThreadGroupContext> contexts = new WeakHashMap();
+-    private static final WeakIdentityMap<ThreadGroupContext> contexts = new WeakIdentityMap<>();
++    private static final WeakIdentityMap<ThreadGroupContext> contexts = new WeakIdentityMap<ThreadGroupContext>();
  
      /**
       * Returns the appropriate {@code AppContext} for the caller,