# HG changeset patch
# User Andrew John Hughes <gnu_andrew@member.fsf.org>
# Date 1358258443 0
# Node ID 9cc2d9873b77cdf48b89233785bce0dcabf7922a
# Parent  6decaea2de44524591644e5ba82572c340e19c31
Add 2013/01/15 security update.

2013-01-15  Andrew John Hughes  <gnu_andrew@member.fsf.org>

	* Makefile.am:
	(CORBA_CHANGESET): Update to IcedTea7 2.2 forest head;
	the tag icedtea-2.2.4.
	(HOTSPOT_CHANGESET): Likewise.
	(JAXP_CHANGESET): Likewise.
	(JAXWS_CHANGESET): Likewise.
	(JDK_CHANGESET): Likewise.
	(LANGTOOLS_CHANGESET): Likewise.
	(OPENJDK_CHANGESET): Likewise.
	(CORBA_SHA256SUM): Likewise.
	(HOTSPOT_SHA256SUM): Likewise.
	(JAXP_SHA256SUM): Likewise.
	(JAXWS_SHA256SUM): Likewise.
	(JDK_SHA256SUM): Likewise.
	(LANGTOOLS_SHA256SUM): Likewise.
	(OPENJDK_SHA256SUM): Likewise.
	* NEWS: List security fixes and set release date.
	* patches/boot/ecj-stringswitch.patch:
	Updated to work post-security-patches.

diff -r 6decaea2de44 -r 9cc2d9873b77 ChangeLog
--- a/ChangeLog	Wed Oct 31 11:37:21 2012 +0000
+++ b/ChangeLog	Tue Jan 15 14:00:43 2013 +0000
@@ -1,3 +1,25 @@
+2013-01-15  Andrew John Hughes  <gnu_andrew@member.fsf.org>
+
+	* Makefile.am:
+	(CORBA_CHANGESET): Update to IcedTea7 2.2 forest head;
+	the tag icedtea-2.2.4.
+	(HOTSPOT_CHANGESET): Likewise.
+	(JAXP_CHANGESET): Likewise.
+	(JAXWS_CHANGESET): Likewise.
+	(JDK_CHANGESET): Likewise.
+	(LANGTOOLS_CHANGESET): Likewise.
+	(OPENJDK_CHANGESET): Likewise.
+	(CORBA_SHA256SUM): Likewise.
+	(HOTSPOT_SHA256SUM): Likewise.
+	(JAXP_SHA256SUM): Likewise.
+	(JAXWS_SHA256SUM): Likewise.
+	(JDK_SHA256SUM): Likewise.
+	(LANGTOOLS_SHA256SUM): Likewise.
+	(OPENJDK_SHA256SUM): Likewise.
+	* NEWS: List security fixes and set release date.
+	* patches/boot/ecj-stringswitch.patch:
+	Updated to work post-security-patches.
+
 2012-10-24  Andrew John Hughes  <gnu.andrew@redhat.com>
 
 	* NEWS: Corrected bad CVE number
diff -r 6decaea2de44 -r 9cc2d9873b77 Makefile.am
--- a/Makefile.am	Wed Oct 31 11:37:21 2012 +0000
+++ b/Makefile.am	Tue Jan 15 14:00:43 2013 +0000
@@ -4,22 +4,21 @@
 JDK_UPDATE_VERSION = 05
 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION)
 
-CORBA_CHANGESET = 12fee4f9ac22
-HOTSPOT_CHANGESET = 1a3dc05d59c2
-JAXP_CHANGESET = dc64245ac19d
-JAXWS_CHANGESET = b41293d57940
-JDK_CHANGESET = 4cf358fd012a
-LANGTOOLS_CHANGESET = e96efe42e3d5
-OPENJDK_CHANGESET = 32574ae3c2be
+CORBA_CHANGESET = f90e1b6ccfb6
+HOTSPOT_CHANGESET = 60d6e32e00a6
+JAXP_CHANGESET = 028a292be666
+JAXWS_CHANGESET = c620184ea425
+JDK_CHANGESET = 8fccb53fef83
+LANGTOOLS_CHANGESET = 206668cf21e5
+OPENJDK_CHANGESET = 431257be5014
 
-CORBA_SHA256SUM = bf314ffe9993f70ef9a0449b5c540883935b6326e28ee5afdc44f062039e0303
-HOTSPOT_SHA256SUM = 7a54b49cfd6ae6a4cc8aaba042f96e1622cf88f6ba0ffc61bbc36cc164a5d096
-JAXP_SHA256SUM = 5003576ed427cae1dda7ccf7c1af042ea8f62ad668e176583a84fba989f77e32
-JAXWS_SHA256SUM = a3bf4ec265fd044a5abce35dfc51b1977826a21bd13abe05a8336f25e8a8dd21
-JDK_SHA256SUM = 5cd45b036269d35ec916e0b99977a87d2a2addefe9aa2058fbc05d0269cd9008
-LANGTOOLS_SHA256SUM = f70752c14ec19fec5fffdb38b3d3aaaefd551ec4dfd109947541b3f4176245a6
-OPENJDK_SHA256SUM = 6a5e1a497c0a309fc17954909ca5890bef15b61e8af877b7a07d0f754d6875a4
-HS21_SHA256SUM = a2a2c610e9ebb97a3c95be233533035cf4f59c4cc45a553ba09e52106fbad113
+CORBA_SHA256SUM = 1480c0ae07c31a5a0c70791a5ac8576ebd4a606fbf7e97d901ffce98a121c5ba
+HOTSPOT_SHA256SUM = 8c22bcae21996ad394a00c8607f716f5b9156f0f8005f2558adda58cbcd48275
+JAXP_SHA256SUM = 578b309af7bca3290e1df62c3950701196b791579ecd97f93da3b8fee17fc689
+JAXWS_SHA256SUM = 33c1f30d67ef2bc290f53f852f5d02ea6815f7ef875140306fabfec15e57a816
+JDK_SHA256SUM = a3e05956d2979ac5a5ea1331857a9b04b9f31a1283dda2ec746435cd4fd551b9
+LANGTOOLS_SHA256SUM = d5a8460788cc1cb6af9bfd9d70c01811a60c2a27e31ce5331d4bf444bc1f5a17
+OPENJDK_SHA256SUM = 6fe4d91049da673a843ff2b41ec9e9601c9ff45ba37526d414b8f0a700fa33d5
 
 CACAO_VERSION = a567bcb7f589
 CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9
diff -r 6decaea2de44 -r 9cc2d9873b77 NEWS
--- a/NEWS	Wed Oct 31 11:37:21 2012 +0000
+++ b/NEWS	Tue Jan 15 14:00:43 2013 +0000
@@ -10,7 +10,12 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 2.2.4 (20XX-XX-XX):
+New in release 2.2.4 (2013-01-15):
+
+* Security fixes
+  - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries
+  - S8006017, CVE-2013-0422: Improve lookup resolutions
+  - S8006125: Update MethodHandles library interactions
 
 New in release 2.2.3 (2012-10-17):
 
diff -r 6decaea2de44 -r 9cc2d9873b77 patches/boot/ecj-stringswitch.patch
--- a/patches/boot/ecj-stringswitch.patch	Wed Oct 31 11:37:21 2012 +0000
+++ b/patches/boot/ecj-stringswitch.patch	Tue Jan 15 14:00:43 2013 +0000
@@ -302,9 +302,9 @@
  
                  throw new IllegalArgumentException(
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java
---- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java	2012-10-17 03:48:53.678554395 +0100
-+++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java	2012-10-17 04:20:20.203700764 +0100
-@@ -411,89 +411,84 @@
+--- openjdk-boot.orig/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java	2013-01-14 22:25:02.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java	2013-01-15 02:19:34.315049222 +0000
+@@ -411,104 +411,99 @@
      static boolean isCallerSensitive(MemberName mem) {
          assert(mem.isInvocable());
          Class<?> defc = mem.getDeclaringClass();
@@ -319,6 +319,35 @@
 -        case "lookup":
 +	} else if ("lookup".equals(memName)) {
              return defc == java.lang.invoke.MethodHandles.class;
+-        case "findStatic":
+-        case "findVirtual":
+-        case "findConstructor":
+-        case "findSpecial":
+-        case "findGetter":
+-        case "findSetter":
+-        case "findStaticGetter":
+-        case "findStaticSetter":
+-        case "bind":
+-        case "unreflect":
+-        case "unreflectSpecial":
+-        case "unreflectConstructor":
+-        case "unreflectGetter":
+-        case "unreflectSetter":
++	} else if ("findStatic".equals(memName) ||
++		   "findVirtual".equals(memName) || 
++		   "findConstructor".equals(memName) ||
++		   "findSpecial".equals(memName) ||
++		   "findGetter".equals(memName) ||
++		   "findSetter".equals(memName) ||
++		   "findStaticGetter".equals(memName) ||
++		   "findStaticSetter".equals(memName) ||
++		   "bind".equals(memName) ||
++		   "unreflect".equals(memName) ||
++		   "unreflectSpecial".equals(memName) ||
++		   "unreflectConstructor".equals(memName) ||
++		   "unreflectGetter".equals(memName) ||
++		   "unreflectSetter".equals(memName)) {
+             return defc == java.lang.invoke.MethodHandles.Lookup.class;
 -        case "invoke":
 +        } else if ("invoke".equals(memName)) {
              return defc == java.lang.reflect.Method.class;