aboutsummaryrefslogtreecommitdiffstats
path: root/community/openjdk11/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'community/openjdk11/APKBUILD')
-rw-r--r--community/openjdk11/APKBUILD393
1 files changed, 273 insertions, 120 deletions
diff --git a/community/openjdk11/APKBUILD b/community/openjdk11/APKBUILD
index 1a009368ab4..1786398b97a 100644
--- a/community/openjdk11/APKBUILD
+++ b/community/openjdk11/APKBUILD
@@ -1,62 +1,59 @@
# Contributor: Simon Frankenberger <simon-alpine@fraho.eu>
# Maintainer: Simon Frankenberger <simon-alpine@fraho.eu>
pkgname=openjdk11
-pkgver=11.0.5_p10
-_pkgver=${pkgver/_p/+}
+pkgver=11.0.23_p9
+_pkgver=${pkgver%_p*}-ga
pkgrel=0
pkgdesc="Oracle OpenJDK 11"
-url="https://hg.openjdk.java.net/jdk-updates/jdk11u"
-arch="all !x86 !armhf !armv7" # openjdk10 is not yet available on 32 bit arches
-license="GPL-2.0 with Classpath"
-makedepends="autoconf
-bash
-gawk
-grep
-make
-openjdk10-jdk
-zip
-alsa-lib-dev
-cups-dev
-elfutils-dev
-fontconfig-dev
-freetype-dev
-giflib-dev
-lcms2-dev
-libexecinfo-dev
-libffi-dev
-libjpeg-turbo-dev
-libx11-dev
-libxext-dev
-libxrandr-dev
-libxrender-dev
-libxt-dev
-libxtst-dev
-linux-headers
-zlib-dev"
-depends="$pkgname-jmods $pkgname-demos $pkgname-doc $pkgname-jdk" # for the virtual openjdk11 package
+provider_priority=11
+url="https://github.com/openjdk/jdk11u"
+# oracle dropped support for 32 bit
+# riscv64 blocked by openjdk10
+arch="all !x86 !armhf !armv7 !riscv64"
+license="GPL-2.0-with-classpath-exception"
+makedepends="
+ $pkgname-bootstrap
+ autoconf
+ bash
+ gawk
+ grep
+ make
+ zip
+ alsa-lib-dev
+ cups-dev
+ elfutils-dev
+ fontconfig-dev
+ freetype-dev
+ giflib-dev
+ lcms2-dev
+ libffi-dev
+ libjpeg-turbo-dev
+ libx11-dev
+ libxext-dev
+ libxrandr-dev
+ libxrender-dev
+ libxt-dev
+ libxtst-dev
+ linux-headers
+ zlib-dev
+ "
+depends="$pkgname-jdk $pkgname-demos $pkgname-doc" # for the virtual openjdk11 package
subpackages="$pkgname-jmods:_jmods:noarch
-$pkgname-demos:_demos:noarch
-$pkgname-doc:_doc:noarch
-$pkgname-dbg:_dbg
-$pkgname-jre:_jre
-$pkgname-src:_src:noarch
-$pkgname-jre-headless:_jre_headless
-$pkgname-jdk:_jdk"
-source="jdk-$_pkgver.tar.bz2::http://hg.openjdk.java.net/jdk-updates/jdk11u/archive/jdk-$_pkgver.tar.bz2
-
-build.patch
-aarch64.patch
-arm.patch
-ppc64le.patch
-x86.patch
-
-HelloWorld.java
-TestECDSA.java
-TestCryptoLevel.java
-Alpine_Bug_10126.java
+ $pkgname-demos:_demos:noarch
+ $pkgname-doc:_doc:noarch
+ $pkgname-jre:_jre
+ $pkgname-src:_src:noarch
+ $pkgname-jre-headless:_jre_headless
+ $pkgname-jdk:_jdk"
+source="jdk-$_pkgver.tar.gz::https://github.com/openjdk/jdk11u/archive/jdk-$_pkgver.tar.gz
+ lfs64.patch
+ ppc64le.patch
+ JDK-8267908.patch
"
builddir="$srcdir/jdk11u-jdk-$_pkgver"
+provides="$pkgname-bootstrap=$pkgver-r$pkgrel"
+
_java_home="/usr/lib/jvm/java-11-openjdk"
ldpath="$_java_home/lib:$_java_home/lib/jli:$_java_home/lib/server"
@@ -64,19 +61,182 @@ sonameprefix="$pkgname:"
# enable running the JTReg tests in check?
# see comment in that function for explanation
-_run_jtreg=0
+_run_jtreg=${_run_jtreg:-0}
if [ $_run_jtreg -ne 0 ]; then
makedepends="$makedepends java-jtreg"
- checkdepends="$checkdepends ttf-freefont xvfb"
+ checkdepends="$checkdepends font-freefont xvfb-run"
fi
+case "$CARCH" in
+ aarch64|s390x)
+ options="!check" # get stuck forever on builders
+ ;;
+esac
+
+# secfixes:
+# 11.0.23_p9-r0:
+# - CVE-2024-21085
+# - CVE-2024-21011
+# - CVE-2024-21068
+# - CVE-2024-21094
+# - CVE-2024-21012
+# 11.0.22_p7-r0:
+# - CVE-2024-20918
+# - CVE-2024-20952
+# - CVE-2024-20919
+# - CVE-2024-20921
+# - CVE-2024-20926
+# - CVE-2024-20945
+# 11.0.21_p9-r0:
+# - CVE-2023-22081
+# 11.0.20_p8-r0:
+# - CVE-2023-22041
+# - CVE-2023-25193
+# - CVE-2023-22045
+# - CVE-2023-22049
+# - CVE-2023-22036
+# - CVE-2023-22006
+# 11.0.19_p7-r0:
+# - CVE-2023-21930
+# - CVE-2023-21967
+# - CVE-2023-21954
+# - CVE-2023-21939
+# - CVE-2023-21938
+# - CVE-2023-21968
+# - CVE-2023-21937
+# 11.0.18_p10-r0:
+# - CVE-2023-21835
+# - CVE-2023-21843
+# 11.0.17_p8-r0:
+# - CVE-2022-21628
+# - CVE-2022-21626
+# - CVE-2022-39399
+# - CVE-2022-21624
+# - CVE-2022-21619
+# 11.0.16_p8-r0:
+# - CVE-2022-21540
+# - CVE-2022-21541
+# - CVE-2022-21549
+# - CVE-2022-25647
+# - CVE-2022-34169
+# 11.0.15_p10-r0:
+# - CVE-2021-44531
+# - CVE-2021-44532
+# - CVE-2021-44533
+# - CVE-2022-0778
+# - CVE-2022-21476
+# - CVE-2022-21426
+# - CVE-2022-21496
+# - CVE-2022-21434
+# - CVE-2022-21443
+# - CVE-2022-21824
+# 11.0.14_p9-r0:
+# - CVE-2022-21291
+# - CVE-2022-21305
+# - CVE-2022-21277
+# - CVE-2022-21360
+# - CVE-2022-21365
+# - CVE-2022-21366
+# - CVE-2022-21282
+# - CVE-2022-21296
+# - CVE-2022-21299
+# - CVE-2022-21271
+# - CVE-2022-21283
+# - CVE-2022-21293
+# - CVE-2022-21294
+# - CVE-2022-21340
+# - CVE-2022-21341
+# - CVE-2022-21248
+# 11.0.13_p8-r0:
+# - CVE-2021-35567
+# - CVE-2021-35550
+# - CVE-2021-35586
+# - CVE-2021-35564
+# - CVE-2021-35556
+# - CVE-2021-35559
+# - CVE-2021-35561
+# - CVE-2021-35565
+# - CVE-2021-35578
+# - CVE-2021-35603
+# 11.0.12_p7-r0:
+# - CVE-2021-2341
+# - CVE-2021-2369
+# - CVE-2021-2388
+# 11.0.9_p11-r0:
+# - CVE-2020-14779
+# - CVE-2020-14781
+# - CVE-2020-14782
+# - CVE-2020-14792
+# - CVE-2020-14796
+# - CVE-2020-14797
+# - CVE-2020-14798
+# - CVE-2020-14803
+# 11.0.8_p10-r0:
+# - CVE-2020-14556
+# - CVE-2020-14562
+# - CVE-2020-14573
+# - CVE-2020-14577
+# - CVE-2020-14581
+# - CVE-2020-14583
+# - CVE-2020-14593
+# - CVE-2020-14621
+# 11.0.7_p10-r0:
+# - CVE-2020-2754
+# - CVE-2020-2755
+# - CVE-2020-2756
+# - CVE-2020-2757
+# - CVE-2020-2767
+# - CVE-2020-2773
+# - CVE-2020-2778
+# - CVE-2020-2781
+# - CVE-2020-2800
+# - CVE-2020-2803
+# - CVE-2020-2805
+# - CVE-2020-2816
+# - CVE-2020-2830
+# 11.0.6_p10-r0:
+# - CVE-2020-2583
+# - CVE-2020-2590
+# - CVE-2020-2593
+# - CVE-2020-2601
+# - CVE-2020-2604
+# - CVE-2020-2654
+# - CVE-2020-2655
+# 11.0.5_p10-r0:
+# - CVE-2019-2894
+# - CVE-2019-2933
+# - CVE-2019-2945
+# - CVE-2019-2949
+# - CVE-2019-2958
+# - CVE-2019-2962
+# - CVE-2019-2964
+# - CVE-2019-2973
+# - CVE-2019-2975
+# - CVE-2019-2977
+# - CVE-2019-2978
+# - CVE-2019-2981
+# - CVE-2019-2983
+# - CVE-2019-2987
+# - CVE-2019-2988
+# - CVE-2019-2989
+# - CVE-2019-2992
+# - CVE-2019-2999
+# 11.0.4_p11-r0:
+# - CVE-2019-2745
+# - CVE-2019-2762
+# - CVE-2019-2766
+# - CVE-2019-2769
+# - CVE-2019-2786
+# - CVE-2019-2816
+# - CVE-2019-2818
+# - CVE-2019-2821
+# - CVE-2019-7317
prepare() {
default_prepare
# update autoconf files to detect alpine
update_config_sub
- update_config_guess
# remove not compilable module (hotspot jdk.hotspot.agent)
# this needs libthread_db which is only provided by glibc
@@ -86,21 +246,41 @@ prepare() {
}
build() {
- cd "$builddir"
-
if [ $_run_jtreg -ne 0 ]; then
_with_jtreg="--with-jtreg=/usr/share/java/jtreg"
else
_with_jtreg="--with-jtreg=no"
fi
+ if [ -n "$USE_CCACHE" ]; then
+ # workaround ccache being disallowed
+ export PATH="/usr/bin:/bin:/sbin:/usr/sbin"
+ local ccache="--enable-ccache"
+ fi
+
+ # we want to build hotspot with better optimisations; it's set to this
+ # (prepended) anyway, and it's huge
+ case "$CARCH" in
+ ppc64le)
+ # ppc64le specifically takes 15x longer to compile a certain file with O3, for
+ # some reason
+ export CFLAGS="$CFLAGS -O2"
+ export CXXFLAGS="$CXXFLAGS -O2"
+ ;;
+ *)
+ export CFLAGS="$CFLAGS -O3"
+ export CXXFLAGS="$CXXFLAGS -O3"
+ ;;
+ esac
+
# CFLAGS, CXXFLAGS and LDFLAGS are ignored as shown by a warning
# in the output of ./configure unless used like such:
- # --with-extra-cflags="${CFLAGS}"
- # --with-extra-cxxflags="${CXXFLAGS}"
- # --with-extra-ldflags="${LDFLAGS}"
+ # --with-extra-cflags="$CFLAGS"
+ # --with-extra-cxxflags="$CXXFLAGS"
+ # --with-extra-ldflags="$LDFLAGS"
# See also paragraph "Configure Control Variables" from "common/doc/building.md"
- CFLAGS= CXXFLAGS= LDFLAGS= \
+ # shellcheck disable=2097 disable=2098
+ CFLAGS='' CXXFLAGS='' LDFLAGS='' \
bash ./configure \
--openjdk-target=$CHOST \
--prefix="$_java_home" \
@@ -118,7 +298,8 @@ build() {
--with-lcms=system \
--with-jobs=${JOBS:-4} \
--with-test-jobs=${JOBS:-4} \
- --with-native-debug-symbols=external \
+ --with-native-debug-symbols=none \
+ $ccache \
$_with_jtreg \
--disable-warnings-as-errors \
--disable-precompiled-headers \
@@ -126,38 +307,21 @@ build() {
--with-jvm-variants=server \
--with-debug-level=release \
--with-version-pre= \
- --with-version-opt=alpine-r${pkgrel} \
- --with-version-build=${_pkgver#*+} \
+ --with-version-opt="alpine-r$pkgrel" \
+ --with-version-build=${pkgver#*p} \
--with-vendor-name="Alpine" \
--with-vendor-url="https://alpinelinux.org/" \
- --with-vendor-bug-url="https://bugs.alpinelinux.org/projects/alpine/issues" \
- --with-vendor-vm-bug-url="https://bugs.alpinelinux.org/projects/alpine/issues"
- MAKEFLAGS= make images
+ --with-vendor-bug-url="https://gitlab.alpinelinux.org/alpine/aports/issues" \
+ --with-vendor-vm-bug-url="https://gitlab.alpinelinux.org/alpine/aports/issues"
+ # in rare cases the build hangs
+ MAKEFLAGS='' timeout 3600 make images
}
check() {
- cd "$builddir"
-
local _java_bin="./build/*-normal-server-release/images/jdk/bin"
- # 1) compile and run a simple hello world
- $_java_bin/javac -d . "$srcdir"/HelloWorld.java
- $_java_bin/java HelloWorld
-
- # 2) compile and run a testcase for unlimited policy
- $_java_bin/javac -d . "$srcdir"/TestCryptoLevel.java
- $_java_bin/java -cp . --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLevel
-
- # 3) compile and run a testcase for ECDSA signatures
- $_java_bin/javac -d . "$srcdir"/TestECDSA.java
- $_java_bin/java TestECDSA
-
- # 4) compile and run testcase for bug 10126
- $_java_bin/javac -d . "$srcdir"/Alpine_Bug_10126.java
- $_java_bin/java Alpine_Bug_10126
-
# run the gtest unittest suites
- MAKEFLAGS= make test-hotspot-gtest
+ MAKEFLAGS='' make test-hotspot-gtest
# The jtreg tests take very, very long to finish and show some failures (9 - 12 on my machine, varying between runs)
# I think these are not critical and can be safely ignored.
@@ -165,29 +329,20 @@ check() {
# When updating this aport please let them run at least once on your machine to see if the failure count changes.
if [ $_run_jtreg -ne 0 ]; then
_logfile=$( mktemp -p "$builddir" )
- if [ -z "$DISPLAY" ]; then
- Xvfb :99 &
- _xvfb_pid=$!
- DISPLAY=:99
- fi
- MAKEFLAGS= DISPLAY=$DISPLAY make \
+ MAKEFLAGS='' xvfb-run make \
run-test-tier1 \
run-test-tier2 \
run-test-tier3 \
| tee "$_logfile"
msg "---------------------------------------"
msg "The build log can be found at $_logfile"
- if [ -n "$_xvfb_pid" ]; then
- kill $_xvfb_pid
- fi
# abort the build so you may take a look at the logfile
false
+ return 1
fi
}
package() {
- cd "$builddir"
-
mkdir -p "$pkgdir/$_java_home"
cp -r build/*-normal-server-release/images/jdk/* "$pkgdir/$_java_home"
}
@@ -222,22 +377,10 @@ _doc() {
mv "$_fromroot/man" "$_toroot"
}
-_dbg() {
- pkgdesc="Oracle OpenJDK 11 (debug)"
- depends="$pkgname-jdk"
- _fromroot="$pkgdir/$_java_home"
- _toroot="$subpkgdir/$_java_home"
-
- mkdir -p "$_toroot/lib/server"
- mkdir -p "$_toroot/lib/jli"
- mv "$_fromroot"/lib/server/*.debuginfo "$_toroot"/lib/server
- mv "$_fromroot"/lib/jli/*.debuginfo "$_toroot"/lib/jli
- mv "$_fromroot"/lib/*.debuginfo "$_toroot"/lib
-}
-
_jre() {
pkgdesc="Oracle OpenJDK 11 (JRE)"
depends="$pkgname-jre-headless"
+ provides=java-jre
_fromroot="$pkgdir/$_java_home"
_toroot="$subpkgdir/$_java_home"
@@ -263,15 +406,22 @@ _src() {
_jre_headless() {
pkgdesc="Oracle OpenJDK 11 (JRE headless)"
depends="java-common java-cacerts"
+ provides=java-jre-headless
_fromroot="$pkgdir/$_java_home"
_toroot="$subpkgdir/$_java_home"
mkdir -p "$_toroot"
mv "$_fromroot/lib" "$_toroot"
+ # ct.sym should stay in -jdk
+ mkdir "$_fromroot/lib"
+ mv "$_toroot/lib/ct.sym" "$_fromroot/lib"
+
mkdir -p "$_toroot/bin"
for i in java \
+ jfr \
jjs \
+ jrunscript \
keytool \
pack200 \
rmid \
@@ -280,12 +430,17 @@ _jre_headless() {
mv "$_fromroot/bin/$i" "$_toroot/bin/$i"
done
+ # jaotc only available on x86_64
+ if [ "$CARCH" = "x86_64" ]; then
+ mv "$_fromroot/bin/jaotc" "$_toroot/bin/jaotc"
+ fi
+
mv "$_fromroot/legal" "$_toroot"
mv "$_fromroot/conf" "$_toroot"
mv "$_fromroot/release" "$_toroot"
cp "$builddir/ASSEMBLY_EXCEPTION" "$_toroot"
cp "$builddir/LICENSE" "$_toroot"
- cp "$builddir/README" "$_toroot"
+ cp "$builddir/README.md" "$_toroot"
# symlink to shared cacerts store
rm "$_toroot/lib/security/cacerts"
@@ -298,22 +453,20 @@ _jre_headless() {
_jdk() {
pkgdesc="Oracle OpenJDK 11 (JDK)"
- depends="$pkgname-jre"
+ depends="$pkgname-jre $pkgname-jmods"
+ provides=java-jdk
_fromroot="$pkgdir/$_java_home"
_toroot="$subpkgdir/$_java_home"
mkdir -p "$_toroot"
mv "$_fromroot/bin" "$_toroot"
+ mv "$_fromroot/lib" "$_toroot"
mv "$_fromroot/include" "$_toroot"
}
-sha512sums="0d52c78e217b79756be0fc6b3f9204bae254ec7b9ae10b6c3114463a9c028143807f4422711f0c02b81a034ae6e88fa2efc6bed85022720807344230a8aa12a6 jdk-11.0.5+10.tar.bz2
-66a9f2736da87de09d7bcc136771ab760bdba7847f3a23b2aa4efbc2e55ac8b49510c6d7afdf3f8d046c6e3fe9dca0d4cb0b5a38d7a3aebaf86fa0e3cc635eac build.patch
-8c0f1f8d2a78ebb30a8460bc0ea9cd2349cea98819df1577bf7de19a1dd82d06a593f36b4e17c282ed53d23f00163e387e3dd1f3c9e5a092726e78c3aa710370 aarch64.patch
-d2903a5b3b9f82c4888416580f0b93888bf21ae0dac0ce6e926607a82a9e53b7e10e13f07a984f65dc116e81f58cd3844d6156088534c0059be8f6ee68e19a43 arm.patch
-4eb577645e7b6d4563290480e162702030033515ff4845edbd1dbf2604b6f1e7d2a3cdd85058d6b41938b54c097635125c4429b9df3fcda589b980aa1740fd2e ppc64le.patch
-89e681da2de0bcb5131e2512d1280ce8da684ede5b38379c6325cd9f57e78a4bdde3abfa0a0a496889411dd57264312094973ce2da301293d0826114a3ef09d3 x86.patch
-d1767dddd8e0956e25c0f77ed45c6fc86a1191bae1704a6dc33be490fd20eaa50461fe5c2a3349512059d555651e2eb41437dd3c1096c351e8ee68b4534a2579 HelloWorld.java
-27e91edef89d26c0c5b9a813e2045f8d2b348745a506ae37b34b660fa7093da9a4e0e676ea41dc4a5c901bce02e5304d95e90f68d6c99cbf461b2da40a7a9853 TestECDSA.java
-b02dff8d549f88317bb4c741a9e269e8d59eef990197d085388fc49c7423a4eb9367dbe1e02bffb10e7862f5980301eb58d4494e177d0e8f60af6b05c7fbbe60 TestCryptoLevel.java
-18f72fcc3b09e772da10d6875a7081fe21d3b387e1d4d9a45bb9cc3e306393960b19c27dac61d33a20d7484c22109c2d091c062523d5575b8d30b20949b74f70 Alpine_Bug_10126.java"
+sha512sums="
+3851063289042ed467a9cb636eba7170a0feeaa3e5d19bda6c30a186ea624e4ae1b308006652acb9c9820c2065382bd719ee130b7a1a0524fe25ecd639f8a51d jdk-11.0.23-ga.tar.gz
+438c6c4c760b7aece90a8e09d5edce842286071195cffe8d417208f3dfdef0953eb68fb8282d44cbd7ac8eeaee637cdb040c06ffa5381c36f47ffd48b5e6d938 lfs64.patch
+e8d2213b5995bc0811f9a0036a9794150568ff9de4e202674e218ece7996553b1f222cff43dd21222c378f4f95a1471da25859b5a82ee496ed64df85f34ff199 ppc64le.patch
+b0963e5b6dc4d6cec0670827e0a0691d65e44587a8912ac9110aeb36d7f2d07a8afe9e155ea1568fe1534c09ef3277aeca8a66bbf155354b5cdc6e2b9636b5b4 JDK-8267908.patch
+"
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-25 12:32:51 +0000