diff options
Diffstat (limited to 'community/openjdk11/APKBUILD')
-rw-r--r-- | community/openjdk11/APKBUILD | 218 |
1 files changed, 170 insertions, 48 deletions
diff --git a/community/openjdk11/APKBUILD b/community/openjdk11/APKBUILD index 2e699eaeefb..a6762020177 100644 --- a/community/openjdk11/APKBUILD +++ b/community/openjdk11/APKBUILD @@ -1,22 +1,23 @@ # Contributor: Simon Frankenberger <simon-alpine@fraho.eu> # Maintainer: Simon Frankenberger <simon-alpine@fraho.eu> pkgname=openjdk11 -pkgver=11.0.11_p9 -_pkgver=${pkgver/_p9/-ga} +pkgver=11.0.22_p7 +_pkgver=${pkgver%_p*}-ga pkgrel=0 pkgdesc="Oracle OpenJDK 11" provider_priority=11 url="https://github.com/openjdk/jdk11u" # oracle dropped support for 32 bit -# mips64 and riscv64 blocked by openjdk10 -arch="all !x86 !armhf !armv7 !mips64 !riscv64" +# riscv64 blocked by openjdk10 +arch="all !x86 !armhf !armv7 !riscv64" license="GPL-2.0-with-classpath-exception" -makedepends="autoconf +makedepends=" + $pkgname-bootstrap + autoconf bash gawk grep make - openjdk10-jdk zip alsa-lib-dev cups-dev @@ -25,7 +26,6 @@ makedepends="autoconf freetype-dev giflib-dev lcms2-dev - libexecinfo-dev libffi-dev libjpeg-turbo-dev libx11-dev @@ -35,8 +35,9 @@ makedepends="autoconf libxt-dev libxtst-dev linux-headers - zlib-dev" -depends="$pkgname-jmods $pkgname-demos $pkgname-doc $pkgname-jdk" # for the virtual openjdk11 package + zlib-dev + " +depends="$pkgname-jdk $pkgname-demos $pkgname-doc" # for the virtual openjdk11 package subpackages="$pkgname-jmods:_jmods:noarch $pkgname-demos:_demos:noarch $pkgname-doc:_doc:noarch @@ -45,19 +46,14 @@ subpackages="$pkgname-jmods:_jmods:noarch $pkgname-jre-headless:_jre_headless $pkgname-jdk:_jdk" source="jdk-$_pkgver.tar.gz::https://github.com/openjdk/jdk11u/archive/jdk-$_pkgver.tar.gz - - build.patch - aarch64.patch + lfs64.patch ppc64le.patch - fix-bootjdk-check.patch - - HelloWorld.java - TestECDSA.java - TestCryptoLevel.java - Alpine_Bug_10126.java + JDK-8267908.patch " builddir="$srcdir/jdk11u-jdk-$_pkgver" +provides="$pkgname-bootstrap=$pkgver-r$pkgrel" + _java_home="/usr/lib/jvm/java-11-openjdk" ldpath="$_java_home/lib:$_java_home/lib/jli:$_java_home/lib/server" @@ -68,7 +64,7 @@ sonameprefix="$pkgname:" _run_jtreg=${_run_jtreg:-0} if [ $_run_jtreg -ne 0 ]; then makedepends="$makedepends java-jtreg" - checkdepends="$checkdepends ttf-freefont xvfb-run" + checkdepends="$checkdepends font-freefont xvfb-run" fi case "$CARCH" in @@ -78,6 +74,88 @@ case "$CARCH" in esac # secfixes: +# 11.0.22_p7-r0: +# - CVE-2024-20918 +# - CVE-2024-20952 +# - CVE-2024-20919 +# - CVE-2024-20921 +# - CVE-2024-20926 +# - CVE-2024-20945 +# 11.0.21_p9-r0: +# - CVE-2023-22081 +# 11.0.20_p8-r0: +# - CVE-2023-22041 +# - CVE-2023-25193 +# - CVE-2023-22045 +# - CVE-2023-22049 +# - CVE-2023-22036 +# - CVE-2023-22006 +# 11.0.19_p7-r0: +# - CVE-2023-21930 +# - CVE-2023-21967 +# - CVE-2023-21954 +# - CVE-2023-21939 +# - CVE-2023-21938 +# - CVE-2023-21968 +# - CVE-2023-21937 +# 11.0.18_p10-r0: +# - CVE-2023-21835 +# - CVE-2023-21843 +# 11.0.17_p8-r0: +# - CVE-2022-21628 +# - CVE-2022-21626 +# - CVE-2022-39399 +# - CVE-2022-21624 +# - CVE-2022-21619 +# 11.0.16_p8-r0: +# - CVE-2022-21540 +# - CVE-2022-21541 +# - CVE-2022-21549 +# - CVE-2022-25647 +# - CVE-2022-34169 +# 11.0.15_p10-r0: +# - CVE-2021-44531 +# - CVE-2021-44532 +# - CVE-2021-44533 +# - CVE-2022-0778 +# - CVE-2022-21476 +# - CVE-2022-21426 +# - CVE-2022-21496 +# - CVE-2022-21434 +# - CVE-2022-21443 +# - CVE-2022-21824 +# 11.0.14_p9-r0: +# - CVE-2022-21291 +# - CVE-2022-21305 +# - CVE-2022-21277 +# - CVE-2022-21360 +# - CVE-2022-21365 +# - CVE-2022-21366 +# - CVE-2022-21282 +# - CVE-2022-21296 +# - CVE-2022-21299 +# - CVE-2022-21271 +# - CVE-2022-21283 +# - CVE-2022-21293 +# - CVE-2022-21294 +# - CVE-2022-21340 +# - CVE-2022-21341 +# - CVE-2022-21248 +# 11.0.13_p8-r0: +# - CVE-2021-35567 +# - CVE-2021-35550 +# - CVE-2021-35586 +# - CVE-2021-35564 +# - CVE-2021-35556 +# - CVE-2021-35559 +# - CVE-2021-35561 +# - CVE-2021-35565 +# - CVE-2021-35578 +# - CVE-2021-35603 +# 11.0.12_p7-r0: +# - CVE-2021-2341 +# - CVE-2021-2369 +# - CVE-2021-2388 # 11.0.9_p11-r0: # - CVE-2020-14779 # - CVE-2020-14781 @@ -118,13 +196,41 @@ esac # - CVE-2020-2604 # - CVE-2020-2654 # - CVE-2020-2655 +# 11.0.5_p10-r0: +# - CVE-2019-2894 +# - CVE-2019-2933 +# - CVE-2019-2945 +# - CVE-2019-2949 +# - CVE-2019-2958 +# - CVE-2019-2962 +# - CVE-2019-2964 +# - CVE-2019-2973 +# - CVE-2019-2975 +# - CVE-2019-2977 +# - CVE-2019-2978 +# - CVE-2019-2981 +# - CVE-2019-2983 +# - CVE-2019-2987 +# - CVE-2019-2988 +# - CVE-2019-2989 +# - CVE-2019-2992 +# - CVE-2019-2999 +# 11.0.4_p11-r0: +# - CVE-2019-2745 +# - CVE-2019-2762 +# - CVE-2019-2766 +# - CVE-2019-2769 +# - CVE-2019-2786 +# - CVE-2019-2816 +# - CVE-2019-2818 +# - CVE-2019-2821 +# - CVE-2019-7317 prepare() { default_prepare # update autoconf files to detect alpine update_config_sub - update_config_guess # remove not compilable module (hotspot jdk.hotspot.agent) # this needs libthread_db which is only provided by glibc @@ -140,6 +246,27 @@ build() { _with_jtreg="--with-jtreg=no" fi + if [ -n "$USE_CCACHE" ]; then + # workaround ccache being disallowed + export PATH="/usr/bin:/bin:/sbin:/usr/sbin" + local ccache="--enable-ccache" + fi + + # we want to build hotspot with better optimisations; it's set to this + # (prepended) anyway, and it's huge + case "$CARCH" in + ppc64le) + # ppc64le specifically takes 15x longer to compile a certain file with O3, for + # some reason + export CFLAGS="$CFLAGS -O2" + export CXXFLAGS="$CXXFLAGS -O2" + ;; + *) + export CFLAGS="$CFLAGS -O3" + export CXXFLAGS="$CXXFLAGS -O3" + ;; + esac + # CFLAGS, CXXFLAGS and LDFLAGS are ignored as shown by a warning # in the output of ./configure unless used like such: # --with-extra-cflags="$CFLAGS" @@ -166,6 +293,7 @@ build() { --with-jobs=${JOBS:-4} \ --with-test-jobs=${JOBS:-4} \ --with-native-debug-symbols=none \ + $ccache \ $_with_jtreg \ --disable-warnings-as-errors \ --disable-precompiled-headers \ @@ -179,28 +307,13 @@ build() { --with-vendor-url="https://alpinelinux.org/" \ --with-vendor-bug-url="https://gitlab.alpinelinux.org/alpine/aports/issues" \ --with-vendor-vm-bug-url="https://gitlab.alpinelinux.org/alpine/aports/issues" - MAKEFLAGS='' make images + # in rare cases the build hangs + MAKEFLAGS='' timeout 3600 make images } check() { local _java_bin="./build/*-normal-server-release/images/jdk/bin" - # 1) compile and run a simple hello world - $_java_bin/javac -d . "$srcdir"/HelloWorld.java - $_java_bin/java HelloWorld - - # 2) compile and run a testcase for unlimited policy - $_java_bin/javac -d . "$srcdir"/TestCryptoLevel.java - $_java_bin/java -cp . --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLevel - - # 3) compile and run a testcase for ECDSA signatures - $_java_bin/javac -d . "$srcdir"/TestECDSA.java - $_java_bin/java TestECDSA - - # 4) compile and run testcase for bug 10126 - $_java_bin/javac -d . "$srcdir"/Alpine_Bug_10126.java - $_java_bin/java Alpine_Bug_10126 - # run the gtest unittest suites MAKEFLAGS='' make test-hotspot-gtest @@ -294,9 +407,15 @@ _jre_headless() { mkdir -p "$_toroot" mv "$_fromroot/lib" "$_toroot" + # ct.sym should stay in -jdk + mkdir "$_fromroot/lib" + mv "$_toroot/lib/ct.sym" "$_fromroot/lib" + mkdir -p "$_toroot/bin" for i in java \ + jfr \ jjs \ + jrunscript \ keytool \ pack200 \ rmid \ @@ -305,12 +424,17 @@ _jre_headless() { mv "$_fromroot/bin/$i" "$_toroot/bin/$i" done + # jaotc only available on x86_64 + if [ "$CARCH" = "x86_64" ]; then + mv "$_fromroot/bin/jaotc" "$_toroot/bin/jaotc" + fi + mv "$_fromroot/legal" "$_toroot" mv "$_fromroot/conf" "$_toroot" mv "$_fromroot/release" "$_toroot" cp "$builddir/ASSEMBLY_EXCEPTION" "$_toroot" cp "$builddir/LICENSE" "$_toroot" - cp "$builddir/README" "$_toroot" + cp "$builddir/README.md" "$_toroot" # symlink to shared cacerts store rm "$_toroot/lib/security/cacerts" @@ -323,22 +447,20 @@ _jre_headless() { _jdk() { pkgdesc="Oracle OpenJDK 11 (JDK)" - depends="$pkgname-jre" + depends="$pkgname-jre $pkgname-jmods" provides=java-jdk _fromroot="$pkgdir/$_java_home" _toroot="$subpkgdir/$_java_home" mkdir -p "$_toroot" mv "$_fromroot/bin" "$_toroot" + mv "$_fromroot/lib" "$_toroot" mv "$_fromroot/include" "$_toroot" } -sha512sums="903bbe25342eb83ef37935b172ed983f75f8e86f0907e20e023fb2ca09af95ef04331306fd0faadc9c3c12a6e48abc6f4f0d4d4da8be78f66546c78c8f4e67de jdk-11.0.11-ga.tar.gz -6dffbedd8e6843d29c4ae46c3d58da8a36b6ecac235d325755fc62466278e76660957724de305ccb3328e36a224c066168d32d738d1bb09fd0708eec5255455d build.patch -f7fd94b04740e2a3f966577a5c02f7d6db38ef0ab3ef7b3183cd3ba3d8ff7304e3151fba03a4bcbb9f82f380a723d7823794e168ebf9f2fa8d5e7a9dbc895ce9 aarch64.patch -000880e80e3b4c43db432b2ef5faab348742b1fe6b7dcfb2043c4678ba2b19ed09a3cd07b2dcc27286fd2daef7b765076c0c0eae6a244f15f421258058f3a82b ppc64le.patch -53d0596fdb7bda21948ca233e3a402e60fd167c9147d86eac0c743f7987652840cc49aeaa1c0d3770ee8e37d8f4c5cd86aa85b4b83f8c8e8bf3248c258737d03 fix-bootjdk-check.patch -d1767dddd8e0956e25c0f77ed45c6fc86a1191bae1704a6dc33be490fd20eaa50461fe5c2a3349512059d555651e2eb41437dd3c1096c351e8ee68b4534a2579 HelloWorld.java -27e91edef89d26c0c5b9a813e2045f8d2b348745a506ae37b34b660fa7093da9a4e0e676ea41dc4a5c901bce02e5304d95e90f68d6c99cbf461b2da40a7a9853 TestECDSA.java -b02dff8d549f88317bb4c741a9e269e8d59eef990197d085388fc49c7423a4eb9367dbe1e02bffb10e7862f5980301eb58d4494e177d0e8f60af6b05c7fbbe60 TestCryptoLevel.java -cc466f64fcc8762cf6e3c1f5739be6425209b27aa58acff4e7eb126003d61fa18266f0e79e57e9d84224654010185ab45dc0a8043543dea227258458a00a1eb1 Alpine_Bug_10126.java" +sha512sums=" +b88d0db9750d8201dfb4b027045de4023be766e42cca7a3ff5e0cb28db4c6da3f146a57819a6b81cb33e5837726986bcc3780ecf88bf525f445c2cd35a3993d8 jdk-11.0.22-ga.tar.gz +438c6c4c760b7aece90a8e09d5edce842286071195cffe8d417208f3dfdef0953eb68fb8282d44cbd7ac8eeaee637cdb040c06ffa5381c36f47ffd48b5e6d938 lfs64.patch +e8d2213b5995bc0811f9a0036a9794150568ff9de4e202674e218ece7996553b1f222cff43dd21222c378f4f95a1471da25859b5a82ee496ed64df85f34ff199 ppc64le.patch +b0963e5b6dc4d6cec0670827e0a0691d65e44587a8912ac9110aeb36d7f2d07a8afe9e155ea1568fe1534c09ef3277aeca8a66bbf155354b5cdc6e2b9636b5b4 JDK-8267908.patch +" |