# HG changeset patch # User Andrew John Hughes # Date 1339546283 -3600 # Node ID 31b8bc5d9b829c6c61a6d5e4184b2501497c3c7b # Parent 537e2113b0a9846fa4d39475f0cbf2854f4e1760 Bring in security fixes. 2012-06-12 Andrew John Hughes * Makefile.am: (JDK_UPDATE_VERSION): Bump to 05. (CORBA_CHANGESET): Update to 2.2 forest head. (HOTSPOT_CHANGESET): Likewise. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (LANGTOOLS_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (HOTSPOT_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (LANGTOOLS_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. * NEWS: List security fixes. Set release date. * patches/boot/ecj-diamond.patch: Add additional cases due to 7143872. diff -r 537e2113b0a9 -r 31b8bc5d9b82 ChangeLog --- a/ChangeLog Thu May 31 02:01:21 2012 +0100 +++ b/ChangeLog Wed Jun 13 01:11:23 2012 +0100 @@ -1,3 +1,26 @@ +2012-06-12 Andrew John Hughes + + * Makefile.am: + (JDK_UPDATE_VERSION): Bump to 05. + (CORBA_CHANGESET): Update to 2.2 forest head. + (HOTSPOT_CHANGESET): Likewise. + (JAXP_CHANGESET): Likewise. + (JAXWS_CHANGESET): Likewise. + (JDK_CHANGESET): Likewise. + (LANGTOOLS_CHANGESET): Likewise. + (OPENJDK_CHANGESET): Likewise. + (CORBA_SHA256SUM): Likewise. + (HOTSPOT_SHA256SUM): Likewise. + (JAXP_SHA256SUM): Likewise. + (JAXWS_SHA256SUM): Likewise. + (JDK_SHA256SUM): Likewise. + (LANGTOOLS_SHA256SUM): Likewise. + (OPENJDK_SHA256SUM): Likewise. + * NEWS: + List security fixes. Set release date. + * patches/boot/ecj-diamond.patch: + Add additional cases due to 7143872. + 2012-05-30 Andrew John Hughes * configure.ac: Bump to 2.2.1pre. diff -r 537e2113b0a9 -r 31b8bc5d9b82 Makefile.am --- a/Makefile.am Thu May 31 02:01:21 2012 +0100 +++ b/Makefile.am Wed Jun 13 01:11:23 2012 +0100 @@ -1,24 +1,24 @@ # Dependencies OPENJDK_VERSION = b21 -JDK_UPDATE_VERSION = 04 +JDK_UPDATE_VERSION = 05 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION) -CORBA_CHANGESET = 3231f3e9c517 -HOTSPOT_CHANGESET = bfe5efd70bce -JAXP_CHANGESET = 0036fe6fe7dc -JAXWS_CHANGESET = abfb890c262a -JDK_CHANGESET = 839d0155f7cc -LANGTOOLS_CHANGESET = f855bdb37537 -OPENJDK_CHANGESET = 49a6fc8f712f +CORBA_CHANGESET = 38deb372c569 +HOTSPOT_CHANGESET = 889dffcf4a54 +JAXP_CHANGESET = 335fb0b059b7 +JAXWS_CHANGESET = 5471e01ef43b +JDK_CHANGESET = 6c3b742b735d +LANGTOOLS_CHANGESET = beea46c7086b +OPENJDK_CHANGESET = 0b776ef59474 -CORBA_SHA256SUM = 9e26ea18aff308f636199e9cd822a1af078570221e8b76bbce1dea90d8ac6274 -HOTSPOT_SHA256SUM = 86d2f78025d5781222bcab985b93c97af7a114bdf7ac03b2a7abf7e0fce8a514 -JAXP_SHA256SUM = 245b30d3ac0fe45aa4c2a3d451029107b16fd0b74830d432b45448676aa86ee2 -JAXWS_SHA256SUM = e800972666fadd0235d9a4d30df7778ec502a4761dc33467e9c80fffc6289c8a -JDK_SHA256SUM = 19dbbf2e370ee89703305c561b3fdd174e949b041484ab515138b72d16fbd7e7 -LANGTOOLS_SHA256SUM = d46ab00352ee74b9d18e5daf38a10f6a31288e38583675c2b2eb58a16e154d19 -OPENJDK_SHA256SUM = 26b9a5b546dfa66ae070ed7863a6580e054d7c5691472273540009cf3f172b54 +CORBA_SHA256SUM = b892b0db6f3e4f89fd480d46ecb7c9ce5c71a884ae5bfe953b4bda9eedf7ea93 +HOTSPOT_SHA256SUM = b29a8929bb4aadbc033e99dca6a381ca6342f0373b9c3f67827bfc025187ba41 +JAXP_SHA256SUM = ff4ab3710fe316b7adc4e57d4d21ff967ca20e2ccc5267ac26b93cd22db8b3fd +JAXWS_SHA256SUM = 1ef055749ee46ebf7a5be94403b461d8d32e95c98906da459aeb217a0784ff1d +JDK_SHA256SUM = 48a513d18c919ec08d44cffdc12ae65f1e8942924c6cfcca5c1ffa8ca38afd0e +LANGTOOLS_SHA256SUM = 17055cf1490fab1cccc57bf3aa5b32d655c408859790c7f671bfde180ddf70cb +OPENJDK_SHA256SUM = 15a6eab62f5108efbf7937b1de7697bd789971886fc1fc08ee8199e16a5c10fe CACAO_VERSION = a567bcb7f589 CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9 diff -r 537e2113b0a9 -r 31b8bc5d9b82 NEWS --- a/NEWS Thu May 31 02:01:21 2012 +0100 +++ b/NEWS Wed Jun 13 01:11:23 2012 +0100 @@ -10,7 +10,22 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 2.2.1 (2012-06-XX): +New in release 2.2.1 (2012-06-12): + +* Security fixes + - S7079902, CVE-2012-1711: Refine CORBA data models + - S7110720: Issue with vm config file loadingIssue with vm config file loading + - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. + - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement + - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations + - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC + - S7143872, CVE-2012-1718: Improve certificate extension processing + - S7145239: Finetune package definition restriction + - S7152811, CVE-2012-1723: Issues in client compiler + - S7157609, CVE-2012-1724: Issues with loop + - S7160677: missing else in fix for 7152811 + - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile + - S7165628, CVE-2012-1726: Issues with java.lang.invoke.MethodHandles.Lookup New in release 2.2 (2012-05-30): diff -r 537e2113b0a9 -r 31b8bc5d9b82 patches/boot/ecj-diamond.patch --- a/patches/boot/ecj-diamond.patch Thu May 31 02:01:21 2012 +0100 +++ b/patches/boot/ecj-diamond.patch Wed Jun 13 01:11:23 2012 +0100 @@ -6042,3 +6042,114 @@ List threads = new ArrayList(); for (int i = 0; i < threadCount; i++) { RandomCollector r = new RandomCollector(); +diff -Nru openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CertImpl.java openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CertImpl.java +--- openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CertImpl.java 2012-06-13 00:23:50.888084888 +0100 ++++ openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CertImpl.java 2012-06-13 00:24:25.328561965 +0100 +@@ -1214,7 +1214,7 @@ + if (exts == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : exts.getAllExtensions()) { + if (ex.isCritical()) { + extSet.add(ex.getExtensionId().toString()); +@@ -1244,7 +1244,7 @@ + if (exts == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : exts.getAllExtensions()) { + if (!ex.isCritical()) { + extSet.add(ex.getExtensionId().toString()); +@@ -1484,10 +1484,10 @@ + if (names.isEmpty()) { + return Collections.>emptySet(); + } +- List> newNames = new ArrayList<>(); ++ List> newNames = new ArrayList>(); + for (GeneralName gname : names.names()) { + GeneralNameInterface name = gname.getName(); +- List nameEntry = new ArrayList<>(2); ++ List nameEntry = new ArrayList(2); + nameEntry.add(Integer.valueOf(name.getType())); + switch (name.getType()) { + case GeneralNameInterface.NAME_RFC822: +@@ -1545,12 +1545,12 @@ + } + } + if (mustClone) { +- List> namesCopy = new ArrayList<>(); ++ List> namesCopy = new ArrayList>(); + for (List nameEntry : altNames) { + Object nameObject = nameEntry.get(1); + if (nameObject instanceof byte[]) { + List nameEntryCopy = +- new ArrayList<>(nameEntry); ++ new ArrayList(nameEntry); + nameEntryCopy.set(1, ((byte[])nameObject).clone()); + namesCopy.add(Collections.unmodifiableList(nameEntryCopy)); + } else { +diff -Nru openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java +--- openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java 2012-06-13 00:23:34.591859370 +0100 ++++ openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java 2012-06-13 00:25:17.953292153 +0100 +@@ -352,7 +352,7 @@ + if (extensions == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : extensions.getAllExtensions()) { + if (ex.isCritical()) { + extSet.add(ex.getExtensionId().toString()); +@@ -373,7 +373,7 @@ + if (extensions == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : extensions.getAllExtensions()) { + if (!ex.isCritical()) { + extSet.add(ex.getExtensionId().toString()); +@@ -510,7 +510,7 @@ + return Collections.emptyMap(); + } + Collection exts = extensions.getAllExtensions(); +- Map map = new TreeMap<>(); ++ Map map = new TreeMap(); + for (Extension ext : exts) { + map.put(ext.getId(), ext); + } +diff -Nru openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java +--- openjdk-boot.orig/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java 2012-06-13 00:23:41.063948918 +0100 ++++ openjdk-boot/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java 2012-06-13 00:24:53.264949412 +0100 +@@ -104,8 +104,8 @@ + private X500Principal issuerPrincipal = null; + private Date thisUpdate = null; + private Date nextUpdate = null; +- private Map revokedMap = new TreeMap<>(); +- private List revokedList = new LinkedList<>(); ++ private Map revokedMap = new TreeMap(); ++ private List revokedList = new LinkedList(); + private CRLExtensions extensions = null; + private final static boolean isExplicit = true; + private static final long YR_2050 = 2524636800000L; +@@ -907,7 +907,7 @@ + if (extensions == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : extensions.getAllExtensions()) { + if (ex.isCritical()) { + extSet.add(ex.getExtensionId().toString()); +@@ -928,7 +928,7 @@ + if (extensions == null) { + return null; + } +- Set extSet = new TreeSet<>(); ++ Set extSet = new TreeSet(); + for (Extension ex : extensions.getAllExtensions()) { + if (!ex.isCritical()) { + extSet.add(ex.getExtensionId().toString());