aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJ0WI <J0WI@users.noreply.github.com>2020-07-17 17:44:15 +0200
committerLeo <thinkabit.ukim@gmail.com>2020-08-10 04:55:50 +0000
commit9ff6848e18b6eb0cbff61ba0ff3da449b7f7429c (patch)
tree3f4d3014c26fc08a0f2cfab6234298c1bdd36895
parent9acc45896cee214a02d4e17c622ac4bdea1d9e17 (diff)
downloadaports-9ff6848e18b6eb0cbff61ba0ff3da449b7f7429c.tar.gz
aports-9ff6848e18b6eb0cbff61ba0ff3da449b7f7429c.tar.bz2
aports-9ff6848e18b6eb0cbff61ba0ff3da449b7f7429c.tar.xz
community/openjdk8: security upgrade to 8.252.09
-rw-r--r--community/openjdk8/APKBUILD39
-rw-r--r--community/openjdk8/icedtea-jdk-getmntent-buffer.patch88
-rw-r--r--community/openjdk8/icedtea-jdk-includes.patch23
-rw-r--r--community/openjdk8/icedtea-jdk-musl.patch28
4 files changed, 33 insertions, 145 deletions
diff --git a/community/openjdk8/APKBUILD b/community/openjdk8/APKBUILD
index 556746b144..2cf1d3e0f8 100644
--- a/community/openjdk8/APKBUILD
+++ b/community/openjdk8/APKBUILD
@@ -2,10 +2,10 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openjdk8
-_icedteaver=3.15.0
+_icedteaver=3.16.0
# pkgver is <JDK version>.<JDK update>.<JDK build>
# Check https://icedtea.classpath.org/wiki/Main_Page when updating!
-pkgver=8.242.08
+pkgver=8.252.09
pkgrel=0
pkgdesc="OpenJDK 8 provided by IcedTea"
url="https://icedtea.classpath.org/"
@@ -63,12 +63,22 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x
icedtea-jdk-fix-libjvm-load.patch
icedtea-jdk-musl.patch
icedtea-jdk-includes.patch
- icedtea-jdk-getmntent-buffer.patch
icedtea-autoconf-config.patch
"
builddir="$srcdir/icedtea-$_icedteaver"
# secfixes:
+# 8.252.09-r0:
+# - CVE-2020-2754
+# - CVE-2020-2755
+# - CVE-2020-2756
+# - CVE-2020-2757
+# - CVE-2020-2773
+# - CVE-2020-2781
+# - CVE-2020-2800
+# - CVE-2020-2803
+# - CVE-2020-2805
+# - CVE-2020-2830
# 8.242.08-r0:
# - CVE-2020-2583
# - CVE-2020-2590
@@ -325,15 +335,15 @@ demos() {
"$subpkgdir"/$_java_home/
}
-sha512sums="7c5917acc03b19a41b5001beb71a72b3f63e65b3c97c5f9173067fbd795088f9578f628b386bfa0e934caa8f4faab4cfcae80329ee7180c0cbe49563309c84ca icedtea-3.15.0.tar.xz
-d7dca834fc65b67b1888c4cfbd50e263e58604b70560b4dd4e8e7ca518fcd54a70eaf9e5cff89fa1954beaa3071f5b55ef36fffb36589f5008e4be39e5a1aa38 openjdk-3.15.0.tar.xz
-b27aaef4839be9a6993d8511e492cf33884738e2fe19cd7d00f244a0f94cd0f3a3ff84c63811cd66ea18cdf7327bb270b7ab21c5b66c220a3bb0a31226bb21b5 corba-3.15.0.tar.xz
-25e166d208d99360c9ec5deba5075a5268f2fbc3f31ad9dee0dbd33ee37bc78829d12c9ea11faa5d59ec53385f7dc5f0be29512199db2856068cf81b9ec1ca79 jaxp-3.15.0.tar.xz
-cb7a9f80bd33a33f4eb03b091e6c6d3fb6a450695d0231c378d04878fc03e1574f82045c628993e6136188fd2e4144e31c82320b178b21a0aae867e989bfdeeb jaxws-3.15.0.tar.xz
-306e2c188987de8d1aa233db1c42522249198b4f3eb71919da911289ab2308b4ab9406c6215c5c157868618341cafbc086bb0e5c423bb6650edfedcc05b17475 jdk-3.15.0.tar.xz
-3fcb7d264ff23de8b049b264213b05ee9e9120089eaea989e881c0cddc73a2ef9d01f89f66e7ff23c88d9bc4864824c77894d0291caaf9a2a134d5fae650cc32 langtools-3.15.0.tar.xz
-181e9f8d0c083b26a24e6bafe0187e39313a6685f3288d62794c5ec07cb8901b53eba25badc74b367de08b53cd2176df45e184f7a6ccbfab57370e7d3cf388f9 hotspot-3.15.0.tar.xz
-6d27137dd80d6363e64ef2c6b3abc60603480e9e7f5b99e06ee546a2cc707b801087ce8cc8d021776f5d2b15b73728f08b2e649c65265ba264655d816921ffe7 nashorn-3.15.0.tar.xz
+sha512sums="67964f283b5a220ded7c86141ac359fc51f41077686d3e68568a9f303d2e5e6d62472bef2d6f5f9d53897a55589c84d3212983194607b9a6704192752f8ad2ac icedtea-3.16.0.tar.xz
+76b32457958c2cdbb0006629bb41652286a1a9bfbda862665eddf822d4653d4858f9f2565e849b0e49f031b7667be73be8fe8c71abc65e1795eb570a96d1fd1e openjdk-3.16.0.tar.xz
+bf90c95f401d4628e32b9a7ea78b7d43944f82882818a81d2ff368f09e49148091bf823d78ed56c343c175fe6d25492d9b78e25b725f218592ea94c4ae285e56 corba-3.16.0.tar.xz
+86e8c18741c1f4baca27d784b068765e404a5c2ee6ecb172c826fc1d6192b5776133f103b749839c39154fcaec87a0df95e8fd5bcb56b1e9b811711b296a4836 jaxp-3.16.0.tar.xz
+824ef15aa70ec629406fd9b98a69e5699fe8f6a8ab06be00ac546bcda1daf485b20de6ea0310064e000efbaf35b1cebee25bf69033634fdce8434efb3bb16f1d jaxws-3.16.0.tar.xz
+9202f88b360637ad474920d8a6f85740e6a425679617ef713efd67778b4c7ca0b3eba7e4fc9d33de0bbd5dacda4862c8a9b63a13880204388b01af29d5fb6a55 jdk-3.16.0.tar.xz
+1858bb3b7dd37edd817a52c67a878b48bc9b790623e77d9a6107f54b141638cb101ae3b8df560e3352c9ca2925aa5d493b4924e36a238be5a9628c714cc23642 langtools-3.16.0.tar.xz
+19490ccc377fde5dc3d4396425e945f32e121ad0cc4be394b07f8698a7e3805b16fc41e427bab5fa290cb84efc7edb62acf8ca98072176343f5584d692592d2d hotspot-3.16.0.tar.xz
+4bf87e7441ac747f133612e1fba5c06946c6731bae76132ffc614b41fcb689fda9d9ceb1e1fee3765765c6109894c85cf0f6e6fa9eb301f9a2d640ea6cd1c16c nashorn-3.16.0.tar.xz
1f470432275d5beaa8b4e4352a2f24a4a00593546dc4f3bd857794c89e521e8e6d6abc540762bbd769be3e1e3da058e134dc5dc066d12b9b8a1f0656040a795c fix-paxmark.patch
28709285390a997adbd56ebda42ef718fbc08daf572b8568f484436d255514f9d25f033e3333dff8aa352fc9846057ac5bb42fa955d3e5e44eddc96dc273c07c icedtea-hotspot-musl.patch
e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch
@@ -341,7 +351,6 @@ e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d95
f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch
48533f87fc2cf29d26b259be0df51087d2fe5b252e72d00c6ea2f4add7b0fb113141718c116279c5905e03f64a1118082e719393786811367cf4d472b5d36774 icedtea-jdk-fix-ipv6-init.patch
b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec82792f3c9393150a9bd628625ddf7f3e55720ff163fbbb471 icedtea-jdk-fix-libjvm-load.patch
-1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch
-e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch
-7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch
+3b01de971f64f082d3e289cf337e635ef001381e8ca427a77baa9c52c7ba423889f57665779ca5b3c8bcefb8feacbea31dfaac580c969a4f061439069ee34aae icedtea-jdk-musl.patch
+974fb54532b7e7d738f4278187fc6bd9f9b2d99866b94f68a617ee4911c89a3b8cc41ecfdcaefecf9157492d006b1844b6b0b41ac4209d84f9e8d13c9e485dd3 icedtea-jdk-includes.patch
662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch"
diff --git a/community/openjdk8/icedtea-jdk-getmntent-buffer.patch b/community/openjdk8/icedtea-jdk-getmntent-buffer.patch
deleted file mode 100644
index 075a9d4238..0000000000
--- a/community/openjdk8/icedtea-jdk-getmntent-buffer.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-Give a much bigger buffer to getmntent_r.
-
-https://bugs.alpinelinux.org/issues/7093
-
-diff --git a/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c b/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-index c8500db..d0b85d6 100644
---- openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-+++ openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-@@ -33,6 +33,7 @@
- #include <dlfcn.h>
- #include <errno.h>
- #include <mntent.h>
-+#include <limits.h>
-
- #include "sun_nio_fs_LinuxNativeDispatcher.h"
-
-@@ -173,8 +174,8 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- jlong value, jobject entry)
- {
- struct mntent ent;
-- char buf[1024];
-- int buflen = sizeof(buf);
-+ char *buf = NULL;
-+ const size_t buflen = PATH_MAX * 4;
- struct mntent* m;
- FILE* fp = jlong_to_ptr(value);
- jsize len;
-@@ -183,10 +184,17 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- char* dir;
- char* fstype;
- char* options;
-+ jint res = -1;
-
-- m = getmntent_r(fp, &ent, (char*)&buf, buflen);
-- if (m == NULL)
-+ buf = malloc(buflen);
-+ if (buf == NULL) {
-+ JNU_ThrowOutOfMemoryError(env, "native heap");
- return -1;
-+ }
-+ m = getmntent_r(fp, &ent, buf, buflen);
-+ if (m == NULL)
-+ goto out;
-+
- name = m->mnt_fsname;
- dir = m->mnt_dir;
- fstype = m->mnt_type;
-@@ -195,32 +203,35 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- len = strlen(name);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)name);
- (*env)->SetObjectField(env, entry, entry_name, bytes);
-
- len = strlen(dir);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)dir);
- (*env)->SetObjectField(env, entry, entry_dir, bytes);
-
- len = strlen(fstype);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)fstype);
- (*env)->SetObjectField(env, entry, entry_fstype, bytes);
-
- len = strlen(options);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)options);
- (*env)->SetObjectField(env, entry, entry_options, bytes);
-
-- return 0;
-+ res = 0;
-+out:
-+ free(buf);
-+ return res;
- }
-
- JNIEXPORT void JNICALL
diff --git a/community/openjdk8/icedtea-jdk-includes.patch b/community/openjdk8/icedtea-jdk-includes.patch
index 6443a1973d..5acbb9efb8 100644
--- a/community/openjdk8/icedtea-jdk-includes.patch
+++ b/community/openjdk8/icedtea-jdk-includes.patch
@@ -53,17 +53,6 @@
/* O Flags */
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c
-+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c
-@@ -28,7 +28,7 @@
- #include <sys/types.h>
- #include <sys/socket.h>
- #if defined(__linux__) && !defined(USE_SELECT)
--#include <sys/poll.h>
-+#include <poll.h>
- #endif
- #include <netinet/tcp.h> /* Defines TCP_NODELAY, needed for 2.6 */
- #include <netinet/in.h>
--- openjdk.orig/jdk/src/solaris/native/java/net/bsd_close.c
+++ openjdk/jdk/src/solaris/native/java/net/bsd_close.c
@@ -36,7 +36,7 @@
@@ -88,14 +77,14 @@
* Stack allocated by thread when doing blocking operation
--- openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.h
+++ openjdk/jdk/src/solaris/native/java/net/net_util_md.h
-@@ -33,7 +33,7 @@
- #include <unistd.h>
-
- #ifndef USE_SELECT
+@@ -27,7 +27,7 @@
+ #define NET_UTILS_MD_H
+
+ #include <netdb.h>
-#include <sys/poll.h>
+#include <poll.h>
- #endif
-
+ #include <sys/socket.h>
+
int NET_Timeout(int s, long timeout);
--- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c
+++ openjdk/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c
diff --git a/community/openjdk8/icedtea-jdk-musl.patch b/community/openjdk8/icedtea-jdk-musl.patch
index 97946ba424..09f5c082e5 100644
--- a/community/openjdk8/icedtea-jdk-musl.patch
+++ b/community/openjdk8/icedtea-jdk-musl.patch
@@ -47,28 +47,6 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/Inet4AddressImpl.c openjdk
#define HAS_GLIBC_GETHOSTBY_R 1
#endif
-diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-02-06 11:23:47.047832009 +0000
-@@ -41,7 +41,6 @@
- #endif
- #ifdef __linux__
- #include <unistd.h>
--#include <sys/sysctl.h>
- #include <sys/utsname.h>
- #include <netinet/ip.h>
-
-diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-02-06 11:23:47.047832009 +0000
-@@ -43,7 +43,6 @@
- #endif
- #ifdef __linux__
- #include <unistd.h>
--#include <sys/sysctl.h>
- #endif
-
- #include "jvm.h"
diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/src/solaris/native/java/net/linux_close.c
--- openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c 2017-01-25 04:22:03.000000000 +0000
+++ openjdk/jdk/src/solaris/native/java/net/linux_close.c 2017-02-06 11:23:47.047832009 +0000
@@ -80,7 +58,7 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/
+static int sigWakeup;
/*
- * The fd table and the number of file descriptors
+ * fdTable holds one entry per file descriptor, up to a certain
@@ -95,6 +95,9 @@
/*
* Setup the signal handler
@@ -92,8 +70,8 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/
sa.sa_flags = 0;
sigemptyset(&sa.sa_mask);
diff -ru openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c
---- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-02-06 11:23:47.051165409 +0000
+--- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-01-25 04:22:03.000000000 +0000
++++ openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-02-06 11:23:47.051165409 +0000
@@ -36,7 +36,7 @@
#include <pthread.h>
#include <sys/signal.h>