Mercurial > hg > release > icedtea7-2.2
changeset 2595:6f4b184367cd
Bring in security fixes and RH928500.
2013-04-29 Andrew John Hughes <gnu.andrew@member.fsf.org>
(HOTSPOT_CHANGESET): Update to IcedTea 2.2 forest HEAD,
bringing in security fixes & RH928500.
(JAXP_CHANGESET): Likewise.
(JAXWS_CHANGESET): Likewise.
(JDK_CHANGESET): Likewise.
(HOTSPOT_SHA256SUM): Likewise.
(JAXP_SHA256SUM): Likewise.
(JAXWS_SHA256SUM): Likewise.
(JDK_SHA256SUM): Likewise.
* NEWS: Updated.
* patches/boot/ecj-diamond.patch:
Regenerate due to security patches.
| author | Andrew John Hughes <gnu_andrew@member.fsf.org> |
|---|---|
| date | Mon, 29 Apr 2013 14:51:35 +0100 |
| parents | 53a2da2c4e72 |
| children | b0a9809188dc |
| files | ChangeLog Makefile.am NEWS patches/boot/ecj-diamond.patch |
| diffstat | 4 files changed, 62 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Mar 13 06:49:36 2013 +0000 +++ b/ChangeLog Mon Apr 29 14:51:35 2013 +0100 @@ -1,3 +1,18 @@ +2013-04-29 Andrew John Hughes <gnu.andrew@member.fsf.org> + + (HOTSPOT_CHANGESET): Update to IcedTea 2.2 forest HEAD, + bringing in security fixes & RH928500. + (JAXP_CHANGESET): Likewise. + (JAXWS_CHANGESET): Likewise. + (JDK_CHANGESET): Likewise. + (HOTSPOT_SHA256SUM): Likewise. + (JAXP_SHA256SUM): Likewise. + (JAXWS_SHA256SUM): Likewise. + (JDK_SHA256SUM): Likewise. + * NEWS: Updated. + * patches/boot/ecj-diamond.patch: + Regenerate due to security patches. + 2013-03-12 Andrew John Hughes <gnu.andrew@member.fsf.org> * patches/8002344-krb5loginmodule.patch,
--- a/Makefile.am Wed Mar 13 06:49:36 2013 +0000 +++ b/Makefile.am Mon Apr 29 14:51:35 2013 +0100 @@ -4,19 +4,19 @@ JDK_UPDATE_VERSION = 05 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION) -HOTSPOT_CHANGESET = c312054a7ae6 +HOTSPOT_CHANGESET = 168d05b42b89 CORBA_CHANGESET = 529355376925 -JAXP_CHANGESET = c8a89a3af782 -JAXWS_CHANGESET = a68ab44db7ee -JDK_CHANGESET = 7e8272d637c7 +JAXP_CHANGESET = 839055d03a54 +JAXWS_CHANGESET = c7ac0744f92f +JDK_CHANGESET = 010dc791dc14 LANGTOOLS_CHANGESET = ae5ba074188d OPENJDK_CHANGESET = 1a406488fe33 -HOTSPOT_SHA256SUM = 44b79ee4443c4ad7ab8fe039fec581df416d1c027104483a78be62db8709615e +HOTSPOT_SHA256SUM = 873651a61cffe2e37f16bf6e6558e2d72fd7a9a50319fd83e3854710ba9eea65 CORBA_SHA256SUM = b4f0eca0f37b581ace14f24b5aea2db99321e027c4bc2a044b9c796d45804a07 -JAXP_SHA256SUM = 310e77b526f3abb7ed8c117e3b12c3daa54779c8571743faab3a25a3495273f5 -JAXWS_SHA256SUM = eacd5a4a5f05ddeb2d84e02b700643cd43cb6ac8db3cfa937fa18fcf2ba3a676 -JDK_SHA256SUM = 811a41f50078d9cd203fc10265fff1e58eacd3a214cbad617a151bc4ff4cfe47 +JAXP_SHA256SUM = cb1007e7c9bdfc1a12d85dbc31adc2fb33ef4f6e0e36efda95ad3ba80556289b +JAXWS_SHA256SUM = b12a65e8793065da0f4243f2b1029e9e1c6c15611612aeb5d8c45f1e58a91875 +JDK_SHA256SUM = c088aa202a54a80df3c4bd78ef04864086813a26a7dd1f32c5463b761c847081 LANGTOOLS_SHA256SUM = 8193a0309874143e10e8002d8c5fcf10aefc012af74d8a3bb4416611dfe9fb7f OPENJDK_SHA256SUM = 196845c4edcf0d82ed72661b381c83f2d0e6e0d4b8952e002decd3483280388e
--- a/NEWS Wed Mar 13 06:49:36 2013 +0000 +++ b/NEWS Mon Apr 29 14:51:35 2013 +0100 @@ -12,6 +12,43 @@ New in release 2.2.8 (2013-04-XX): +* Security fixes + - S6657673, CVE-2013-1518: Issues with JAXP + - S7200507: Refactor Introspector internals + - S8000724, CVE-2013-2417: Improve networking serialization + - S8001031, CVE-2013-2419: Better font processing + - S8001040, CVE-2013-1537: Rework RMI model + - S8001322: Refactor deserialization + - S8001329, CVE-2013-1557: Augment RMI logging + - S8003335: Better handling of Finalizer thread + - S8003445: Adjust JAX-WS to focus on API + - S8003543, CVE-2013-2415: Improve processing of MTOM attachments + - S8004261: Improve input validation + - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames + - S8004986, CVE-2013-2383: Better handling of glyph table + - S8004987, CVE-2013-2384: Improve font layout + - S8004994, CVE-2013-1569: Improve checking of glyph table + - S8005432: Update access to JAX-WS + - S8005943: (process) Improved Runtime.exec + - S8006309: More reliable control panel operation + - S8006435, CVE-2013-2424: Improvements in JMX + - S8006790: Improve checking for windows + - S8006795: Improve font warning messages + - S8007406: Improve accessibility of AccessBridge + - S8007617, CVE-2013-2420: Better validation of images + - S8007667, CVE-2013-2430: Better image reading + - S8007918, CVE-2013-2429: Better image writing + - S8008140: Better method handle resolution + - S8009049, CVE-2013-2436: Better method handle binding + - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap + - S8009305, CVE-2013-0401: Improve AWT data transfer + - S8009677, CVE-2013-2423: Better setting of setters + - S8009699, CVE-2013-2421: Methodhandle lookup + - S8009814, CVE-2013-1488: Better driver management + - S8009857, CVE-2013-2422: Problem with plugin +* Backports + - S7130662, RH928500: GTK file dialog crashes with a NPE + New in release 2.2.7 (2013-03-11): * Security fixes
--- a/patches/boot/ecj-diamond.patch Wed Mar 13 06:49:36 2013 +0000 +++ b/patches/boot/ecj-diamond.patch Mon Apr 29 14:51:35 2013 +0100 @@ -966,8 +966,8 @@ */ final class ThreadGroupContext { -- private static final Map<ThreadGroup, ThreadGroupContext> contexts = new WeakHashMap<>(); -+ private static final Map<ThreadGroup, ThreadGroupContext> contexts = new WeakHashMap(); +- private static final WeakIdentityMap<ThreadGroupContext> contexts = new WeakIdentityMap<>(); ++ private static final WeakIdentityMap<ThreadGroupContext> contexts = new WeakIdentityMap<ThreadGroupContext>(); /** * Returns the appropriate {@code AppContext} for the caller,