aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortony mancill <tmancill@debian.org>2019-11-20 16:10:47 -0800
committerTimo Teräs <timo.teras@iki.fi>2019-11-28 17:20:38 +0200
commit04ec13ca9caa9a436001be92e674f230b9894894 (patch)
tree89a867f75537101a642a71d31036dc6c70166708
parent1ffb76aa04a1811f496b21756152573ff7c46215 (diff)
downloadaports-04ec13ca9caa9a436001be92e674f230b9894894.tar.bz2
aports-04ec13ca9caa9a436001be92e674f230b9894894.tar.xz
community/openjdk8: update to IcedTea 3.14.0 / OpenJDK 8u232
Update openjdk8 pacakge to 8.232.09 / icedtea 3.14.0 - drop icedtea-jdk-tls-nist-curves.patch (applied upstream) - refresh icedtea-hotspot-musl.patch to apply against 3.14.0
-rw-r--r--community/openjdk8/APKBUILD48
-rw-r--r--community/openjdk8/icedtea-hotspot-musl.patch4
-rw-r--r--community/openjdk8/icedtea-jdk-tls-nist-curves.patch47
3 files changed, 34 insertions, 65 deletions
diff --git a/community/openjdk8/APKBUILD b/community/openjdk8/APKBUILD
index 31b9079787..41e79bef7b 100644
--- a/community/openjdk8/APKBUILD
+++ b/community/openjdk8/APKBUILD
@@ -2,11 +2,11 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openjdk8
-_icedteaver=3.13.0
+_icedteaver=3.14.0
# pkgver is <JDK version>.<JDK update>.<JDK build>
# Check https://icedtea.classpath.org/wiki/Main_Page when updating!
-pkgver=8.222.10
-pkgrel=1
+pkgver=8.232.09
+pkgrel=0
pkgdesc="OpenJDK 8 provided by IcedTea"
url="https://icedtea.classpath.org/"
arch="all"
@@ -65,11 +65,28 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x
icedtea-jdk-includes.patch
icedtea-jdk-getmntent-buffer.patch
icedtea-autoconf-config.patch
- icedtea-jdk-tls-nist-curves.patch
"
builddir="$srcdir/icedtea-$_icedteaver"
# secfixes:
+# 8.232.09-r0:
+# - CVE-2019-2933
+# - CVE-2019-2945
+# - CVE-2019-2949
+# - CVE-2019-2958
+# - CVE-2019-2964
+# - CVE-2019-2962
+# - CVE-2019-2973
+# - CVE-2019-2975
+# - CVE-2019-2978
+# - CVE-2019-2981
+# - CVE-2019-2983
+# - CVE-2019-2987
+# - CVE-2019-2988
+# - CVE-2019-2989
+# - CVE-2019-2992
+# - CVE-2019-2999
+# - CVE-2019-2894
# 8.222.10-r0:
# - CVE-2019-2745
# - CVE-2019-2762
@@ -300,17 +317,17 @@ demos() {
"$subpkgdir"/$_java_home/
}
-sha512sums="312bcc6660360eb73b96801fdac0475d6b192bc3fcb80e250225cbb4dfe39ce178e0fa5154c509e7f5605113b34077a6f9c252a52024e568bab7ed6a74140f7c icedtea-3.13.0.tar.xz
-e5e1072f43b024d8341e770eb8768d0161dd91f483cfa9a719790eb81458dd2a4da4e688a2c7828025f5b39247558ea69881176c53700cddd161708f0cedb764 openjdk-3.13.0.tar.xz
-834b8b09590f5b4f11bbc32af3222e1cb6bef14c44c34ae4d3f65b6320d1a78c297a341cadb76bb59156b434811510b83705d2d2994922c610ba1bafb3f59345 corba-3.13.0.tar.xz
-ccf05a50d6bc3b5ce1663bab4925cc738d32b9f1a9c696ada0cbbfe3477dc60556e5e7e9939394b2a932122500555ac9e56a935d3b8762d0ddf65201ddc48ba9 jaxp-3.13.0.tar.xz
-80a2539ba45e213de1f2a8e236709f3cd81c6c37ee1181474fd4f0d4d612a7cdf91eabdd6bea5d652e18e73c41c3f59a27a173d08d46ad0664628fd6ffecfc57 jaxws-3.13.0.tar.xz
-8b1c8e0e37a9830d67feaab52915c39faf75e94d8972925702f29eea0efd5dbc2f4deaff3b45b2f0f785235bd87c7bb10e62e7a9fb46c1c27e5fddfbbb5fdaa2 jdk-3.13.0.tar.xz
-2cd1cdbc8283f5000dd68365412ed36235cfcbecee3a79b8b6111c3a6431f817d4b1ea04463bb049abdf503fe354e4ddf7b71fee399b459e6cf98299703d6e2c langtools-3.13.0.tar.xz
-60c144997b2566dc42698ca4cb888b92de6a9fdbb18e01703d00f54311ad56191862c61c89e3eff4d6c4793c98d3dafd5f723bc9a22db2329138d08e832ddc11 hotspot-3.13.0.tar.xz
-d86706393adabe5982092865addbe04c07781407d99b8d9ee49baf4224ec9b961bdf8498488548f043b099130b35ac017d846cc41874bcfb218520ee0b37004a nashorn-3.13.0.tar.xz
+sha512sums="6cd366a1adde12b5cc2c0c64c0c353ebf9ad5b0ad79b77c5cca3acc93219752110eb222b74bd62180fe0bf5b063db12df6316c334d5940d1636c9d10824085ed icedtea-3.14.0.tar.xz
+1e8009155a9ad39405e11704bb1f8b4c51ae0f64563baa7a7ce29a79613339e82b8776193a0076b993f8839b1c5959edff18cdadaa7f2f163fa5d3b7f7d60396 openjdk-3.14.0.tar.xz
+5aedab2cff0dd8b4cb98121643009593d10da9abd150ab938cf45f5b8f18cae5f31dcc31c30090b736cf52413a290b6b11e6fc42b3575ea50e213bf334a07159 corba-3.14.0.tar.xz
+16a34a65b20650f66eece6e33e82aefaf46bbf46c8332bac8c266405839168b924235395cbf7d6c5210d35b416ee0ab2ed0bd09c3f1c90195bff35d3db4b596d jaxp-3.14.0.tar.xz
+706b9ce4d32c92adca44d9643e44ebe757e8503798e2b24b2591660774f4a4719f2015d3edb02f3374ec4b88c5b2f0b5578369345a9db4c5def1ff37f630bb5d jaxws-3.14.0.tar.xz
+2e44c646bcbf56ce7e91be0fdb46db9887cfe7f538f866e61d757e657a4a3726caca50bd885355a85675451ea8ff9810bccb7ea026239219373688455dcc8476 jdk-3.14.0.tar.xz
+ceef08eb53e895156afd0ec342a045c3aa29551a7939803cd821121286ec05fb3538d3b46a44c99f1a2805163b6e7351ec42b1486aaf6a8ecb7fdccc526c410d langtools-3.14.0.tar.xz
+258cca176c6f930268f189f77dd4e6bd683fb90fbd7866870d22ca42105292cedeca7d274b70979e59af15229ebba22da64444ef14c641066e10688286ec302d hotspot-3.14.0.tar.xz
+59af524388b501c63c567dd36abbe29b3254b3f05191730740aec84e73f93cf77850ab36d9972528781bbf47a6541a75d7e80e26c4c425d6cbb6460e2b4bdbda nashorn-3.14.0.tar.xz
1f470432275d5beaa8b4e4352a2f24a4a00593546dc4f3bd857794c89e521e8e6d6abc540762bbd769be3e1e3da058e134dc5dc066d12b9b8a1f0656040a795c fix-paxmark.patch
-09104b19f647dce9ba0835163c05cc7e5e3ec9852b277f22b2d7a02bd483968853544125a09e384e96ba8811f2bbdc9546e05e378582ec6a554ede797ca5ad98 icedtea-hotspot-musl.patch
+28709285390a997adbd56ebda42ef718fbc08daf572b8568f484436d255514f9d25f033e3333dff8aa352fc9846057ac5bb42fa955d3e5e44eddc96dc273c07c icedtea-hotspot-musl.patch
e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch
19459dbb922f5a71cd15b53199481498626a783c24f91d2544d55b7dddd2cdb34a64bbf0226b99548612dd1743af01b3f9ff32c30abbbc90ce727ca2dbbbd1f9 icedtea-hotspot-noagent-musl.patch
f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch
@@ -319,5 +336,4 @@ b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec8
1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch
e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch
7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch
-662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch
-9ea7ac942baf29cc619bc2e1acd59201b9f6d38f39a517b495d7613aec746459200c81afb57c5fcdcb856f6bc8b33f7566c8593fed07e5c73f43e08f1072d458 icedtea-jdk-tls-nist-curves.patch"
+662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch"
diff --git a/community/openjdk8/icedtea-hotspot-musl.patch b/community/openjdk8/icedtea-hotspot-musl.patch
index cbbb5525f0..c18653b9b3 100644
--- a/community/openjdk8/icedtea-hotspot-musl.patch
+++ b/community/openjdk8/icedtea-hotspot-musl.patch
@@ -82,8 +82,8 @@ index d2c10e0..20f657f 100644
-# include <fpu_control.h>
+# include <linux/types.h> /* provides __u64 */
- #ifdef BUILTIN_SIM
- #define REG_SP REG_RSP
+ #define REG_FP 29
+
diff --git openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp
index 38388cb..2505ba8 100644
--- openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp
diff --git a/community/openjdk8/icedtea-jdk-tls-nist-curves.patch b/community/openjdk8/icedtea-jdk-tls-nist-curves.patch
deleted file mode 100644
index 75fb3af8cf..0000000000
--- a/community/openjdk8/icedtea-jdk-tls-nist-curves.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Bug #7404 TLS negotiation error in OpenJDK 8 u131
-
-Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115
-on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation
-errors for some clients.
-
-Root cause appears to be OpenJDK announcing support for NIST curves the
-underlying NSS library does doesn't. This patch limits OpenJDK's
-announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25
-(secp521r1).
-
-Related issues:
-
-* https://github.com/docker-library/openjdk/issues/115
-* https://bugs.alpinelinux.org/issues/7404
-* https://access.redhat.com/discussions/2339811
-* https://bugzilla.redhat.com/show_bug.cgi?id=1022017
-* https://bugzilla.redhat.com/show_bug.cgi?id=1348525
-
---- openjdk.orig/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-05-08 20:03:50.000000000 -0700
-+++ openjdk/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-06-14 13:37:00.000000000 -0700
-@@ -168,21 +168,10 @@
- "contains no supported elliptic curves");
- }
- } else { // default curves
-- int[] ids;
-- if (requireFips) {
-- ids = new int[] {
-- // only NIST curves in FIPS mode
-- 23, 24, 25, 9, 10, 11, 12, 13, 14,
-- };
-- } else {
-- ids = new int[] {
-- // NIST curves first
-- 23, 24, 25, 9, 10, 11, 12, 13, 14,
-- // non-NIST curves
-- 22,
-- };
-- }
--
-+ int[] ids = new int[] {
-+ // NSS currently only supports these three NIST curves
-+ 23, 24, 25
-+ };
- idList = new ArrayList<>(ids.length);
- for (int curveId : ids) {
- if (isAvailableCurve(curveId)) {