rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-dec2security.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.59, 1.60
Lillian Angel
langel at fedoraproject.org
Tue Dec 2 13:19:07 UTC 2008
- Previous message (by thread): rpms/am-utils/F-9 am-utils-6.1.5-buildsys.patch, NONE, 1.1 am-utils-6.1.5-expn-temp.patch, NONE, 1.1 am-utils-6.1.5-nolock-toplvl.patch, NONE, 1.1 am-utils.spec, 1.43, 1.44
- Next message (by thread): rpms/libbtctl/devel libbtctl-libtool2.patch, NONE, 1.1 libbtctl.spec, 1.56, 1.57
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: langel
Update of /cvs/pkgs/rpms/java-1.6.0-openjdk/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12965
Modified Files:
java-1.6.0-openjdk.spec
Added Files:
java-1.6.0-openjdk-dec2security.patch
Log Message:
* Tue Dec 2 2008 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.20.b09
- Added new security patch.
- Resolves: rhbz#472234
- Resolves: rhbz#472233
- Resolves: rhbz#472231
- Resolves: rhbz#472228
- Resolves: rhbz#472224
- Resolves: rhbz#472218
- Resolves: rhbz#472213
- Resolves: rhbz#472212
- Resolves: rhbz#472211
- Resolves: rhbz#472209
- Resolves: rhbz#472208
- Resolves: rhbz#472206
- Resolves: rhbz#472201
java-1.6.0-openjdk-dec2security.patch:
--- NEW FILE java-1.6.0-openjdk-dec2security.patch ---
diff -r ff7010bc3cae patches/icedtea-4486841.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ patches/icedtea-4486841.patch Fri Nov 21 14:36:57 2008 -0500
@@ -0,0 +1,1234 @@
+--- old/src/share/classes/sun/nio/cs/UTF_8.java Thu Oct 9 16:02:01 2008
++++ openjdk/jdk/src/share/classes/sun/nio/cs/UTF_8.java Thu Oct 9 16:02:01 2008
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
++ * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -25,34 +25,36 @@
+
+ package sun.nio.cs;
+
++import java.nio.Buffer;
+ import java.nio.ByteBuffer;
+ import java.nio.CharBuffer;
+-import java.nio.BufferOverflowException;
+-import java.nio.BufferUnderflowException;
+ import java.nio.charset.Charset;
+ import java.nio.charset.CharsetDecoder;
+ import java.nio.charset.CharsetEncoder;
+ import java.nio.charset.CoderResult;
+-import java.nio.charset.CharacterCodingException;
+-import java.nio.charset.MalformedInputException;
+-import java.nio.charset.UnmappableCharacterException;
+
+-
+-/*
+- * # Bits Bit pattern
+- * 1 7 0xxxxxxx
+- * 2 11 110xxxxx 10xxxxxx
+- * 3 16 1110xxxx 10xxxxxx 10xxxxxx
+- * 4 21 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+- * 5 26 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+- * 6 31 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++/* Legal UTF-8 Byte Sequences
+ *
+- * UCS-2 uses 1-3, UTF-16 uses 1-4, UCS-4 uses 1-6
++ * # Code Points Bits Bit/Byte pattern
++ * 1 7 0xxxxxxx
++ * U+0000..U+007F 00..7F
++ *
++ * 2 11 110xxxxx 10xxxxxx
++ * U+0080..U+07FF C2..DF 80..BF
++ *
++ * 3 16 1110xxxx 10xxxxxx 10xxxxxx
++ * U+0800..U+0FFF E0 A0..BF 80..BF
++ * U+1000..U+FFFF E1..EF 80..BF 80..BF
++ *
++ * 4 21 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
++ * U+10000..U+3FFFF F0 90..BF 80..BF 80..BF
++ * U+40000..U+FFFFF F1..F3 80..BF 80..BF 80..BF
++ * U+100000..U10FFFF F4 80..8F 80..BF 80..BF
++ *
+ */
+
+ class UTF_8 extends Unicode
+ {
+-
+ public UTF_8() {
+ super("UTF-8", StandardCharsets.aliases_UTF_8);
+ }
+@@ -69,6 +71,11 @@
+ return new Encoder(this);
+ }
+
++ static final void updatePositions(Buffer src, int sp,
++ Buffer dst, int dp) {
++ src.position(sp - src.arrayOffset());
++ dst.position(dp - dst.arrayOffset());
++ }
+
+ private static class Decoder extends CharsetDecoder {
+ private Decoder(Charset cs) {
+@@ -75,161 +82,182 @@
+ super(cs, 1.0f, 1.0f);
+ }
+
+- private boolean isContinuation(int b) {
+- return ((b & 0xc0) == 0x80);
++ private static boolean isNotContinuation(int b) {
++ return (b & 0xc0) != 0x80;
+ }
+
+- private final Surrogate.Generator sgg = new Surrogate.Generator();
++ // [C2..DF] [80..BF]
++ private static boolean isMalformed2(int b1, int b2) {
++ return (b1 & 0x1e) == 0x0 || (b2 & 0xc0) != 0x80;
++ }
+
++ // [E0] [A0..BF] [80..BF]
++ // [E1..EF] [80..BF] [80..BF]
++ private static boolean isMalformed3(int b1, int b2, int b3) {
++ return (b1 == (byte)0xe0 && (b2 & 0xe0) == 0x80) ||
++ (b2 & 0xc0) != 0x80 || (b3 & 0xc0) != 0x80;
++ }
++
++ // [F0] [90..BF] [80..BF] [80..BF]
++ // [F1..F3] [80..BF] [80..BF] [80..BF]
++ // [F4] [80..8F] [80..BF] [80..BF]
++ // only check 80-be range here, the [0xf0,0x80...] and [0xf4,0x90-...]
++ // will be checked by Surrogate.neededFor(uc)
++ private static boolean isMalformed4(int b2, int b3, int b4) {
++ return (b2 & 0xc0) != 0x80 || (b3 & 0xc0) != 0x80 ||
++ (b4 & 0xc0) != 0x80;
++ }
++
++ private static CoderResult lookupN(ByteBuffer src, int n)
++ {
++ for (int i = 1; i < n; i++) {
++ if (isNotContinuation(src.get()))
++ return CoderResult.malformedForLength(i);
++ }
++ return CoderResult.malformedForLength(n);
++ }
++
++ private static CoderResult malformedN(ByteBuffer src, int nb) {
++ switch (nb) {
++ case 1:
++ int b1 = src.get();
++ if ((b1 >> 2) == -2) {
++ // 5 bytes 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++ if (src.remaining() < 4)
++ return CoderResult.UNDERFLOW;
++ return lookupN(src, 5);
++ }
++ if ((b1 >> 1) == -2) {
++ // 6 bytes 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++ if (src.remaining() < 5)
++ return CoderResult.UNDERFLOW;
++ return lookupN(src, 6);
++ }
++ return CoderResult.malformedForLength(1);
++ case 2: // always 1
++ return CoderResult.malformedForLength(1);
++ case 3:
++ b1 = src.get();
++ int b2 = src.get(); // no need to lookup b3
++ return CoderResult.malformedForLength(
++ ((b1 == (byte)0xe0 && (b2 & 0xe0) == 0x80) ||
++ isNotContinuation(b2))?1:2);
++ case 4: // we don't care the speed here
++ b1 = src.get() & 0xff;
++ b2 = src.get() & 0xff;
++ if (b1 > 0xf4 ||
++ (b1 == 0xf0 && (b2 < 0x90 || b2 > 0xbf)) ||
++ (b1 == 0xf4 && (b2 & 0xf0) != 0x80) ||
++ isNotContinuation(b2))
++ return CoderResult.malformedForLength(1);
++ if (isNotContinuation(src.get()))
++ return CoderResult.malformedForLength(2);
++ return CoderResult.malformedForLength(3);
++ default:
++ assert false;
++ return null;
++ }
++ }
++
++ private static CoderResult malformed(ByteBuffer src, int sp,
++ CharBuffer dst, int dp,
++ int nb)
++ {
++ src.position(sp - src.arrayOffset());
++ CoderResult cr = malformedN(src, nb);
++ updatePositions(src, sp, dst, dp);
++ return cr;
++ }
++
++ private static CoderResult malformed(ByteBuffer src,
++ int mark, int nb)
++ {
++ src.position(mark);
++ CoderResult cr = malformedN(src, nb);
++ src.position(mark);
++ return cr;
++ }
++
++ private static CoderResult xflow(Buffer src, int sp, int sl,
++ Buffer dst, int dp, int nb) {
++ updatePositions(src, sp, dst, dp);
++ return (nb == 0 || sl - sp < nb)
++ ?CoderResult.UNDERFLOW:CoderResult.OVERFLOW;
++ }
++
++ private static CoderResult xflow(Buffer src, int mark, int nb) {
++ CoderResult cr = (nb == 0 || src.remaining() < (nb - 1))
++ ?CoderResult.UNDERFLOW:CoderResult.OVERFLOW;
++ src.position(mark);
++ return cr;
++ }
++
+ private CoderResult decodeArrayLoop(ByteBuffer src,
+ CharBuffer dst)
+ {
++ // This method is optimized for ASCII input.
[...4396 lines suppressed...]
+ /* advance a pointer by sizeof(type) */
+ #define INCP(type,p) INCPN(type,(p),1)
+--- old/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Wed Nov 12 12:25:12 2008
++++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Wed Nov 12 12:25:12 2008
+@@ -53,6 +53,10 @@
+ // convert libungif samples to our ones
+ #define MAKE_QUAD_GIF(c,a) MAKE_QUAD((c).Red, (c).Green, (c).Blue, (a))
+
++#define SAFE_TO_ALLOC(c, sz) \
++ (((c) > 0) && ((sz) > 0) && \
++ ((0xffffffffu / ((unsigned int)(c))) > (unsigned int)(sz)))
++
+ /* stdio FILE* and memory input functions for libungif */
+ int
+ SplashStreamGifInputFunc(GifFileType * gif, GifByteType * buf, int n)
+@@ -62,6 +66,15 @@
+ return rc;
+ }
+
++/* These macro help to ensure that we only take part of frame that fits into
++ logical screen. */
++
++/* Ensure that p belongs to [pmin, pmax) interval. Returns fixed point (if fix is needed) */
++#define FIX_POINT(p, pmin, pmax) ( ((p) < (pmin)) ? (pmin) : (((p) > (pmax)) ? (pmax) : (p)))
++/* Ensures that line starting at point p does not exceed boundary pmax.
++ Returns fixed length (if fix is needed) */
++#define FIX_LENGTH(p, len, pmax) ( ((p) + (len)) > (pmax) ? ((pmax) - (p)) : (len))
++
+ int
+ SplashDecodeGif(Splash * splash, GifFileType * gif)
+ {
+@@ -70,6 +83,7 @@
+ byte_t *pBitmapBits, *pOldBitmapBits;
+ int i, j;
+ int imageIndex;
++ int cx, cy, cw, ch; /* clamped coordinates */
+ const int interlacedOffset[] = { 0, 4, 2, 1, 0 }; /* The way Interlaced image should. */
+ const int interlacedJumps[] = { 8, 8, 4, 2, 1 }; /* be read - offsets and jumps... */
+
+@@ -79,14 +93,31 @@
+
+ SplashCleanup(splash);
+
++ if (!SAFE_TO_ALLOC(gif->SWidth, splash->imageFormat.depthBytes)) {
++ return 0;
++ }
+ stride = gif->SWidth * splash->imageFormat.depthBytes;
+ if (splash->byteAlignment > 1)
+ stride =
+ (stride + splash->byteAlignment - 1) & ~(splash->byteAlignment - 1);
+
++ if (!SAFE_TO_ALLOC(gif->SHeight, stride)) {
++ return 0;
++ }
++
++ if (!SAFE_TO_ALLOC(gif->ImageCount, sizeof(SplashImage*))) {
++ return 0;
++ }
+ bufferSize = stride * gif->SHeight;
+ pBitmapBits = (byte_t *) malloc(bufferSize);
++ if (!pBitmapBits) {
++ return 0;
++ }
+ pOldBitmapBits = (byte_t *) malloc(bufferSize);
++ if (!pOldBitmapBits) {
++ free(pBitmapBits);
++ return 0;
++ }
+ memset(pBitmapBits, 0, bufferSize);
+
+ splash->width = gif->SWidth;
+@@ -94,6 +125,11 @@
+ splash->frameCount = gif->ImageCount;
+ splash->frames = (SplashImage *)
+ malloc(sizeof(SplashImage) * gif->ImageCount);
++ if (!splash->frames) {
++ free(pBitmapBits);
++ free(pOldBitmapBits);
++ return 0;
++ }
+ memset(splash->frames, 0, sizeof(SplashImage) * gif->ImageCount);
+ splash->loopCount = 1;
+
+@@ -109,6 +145,11 @@
+ int colorCount = 0;
+ rgbquad_t colorMapBuf[SPLASH_COLOR_MAP_SIZE];
+
++ cx = FIX_POINT(desc->Left, 0, gif->SWidth);
++ cy = FIX_POINT(desc->Top, 0, gif->SHeight);
++ cw = FIX_LENGTH(desc->Left, desc->Width, gif->SWidth);
++ ch = FIX_LENGTH(desc->Top, desc->Height, gif->SHeight);
++
+ if (colorMap) {
+ if (colorMap->ColorCount <= SPLASH_COLOR_MAP_SIZE) {
+ colorCount = colorMap->ColorCount;
+@@ -195,13 +236,24 @@
+ for (; pass < npass; ++pass) {
+ int jump = interlacedJumps[pass];
+ int ofs = interlacedOffset[pass];
+- int numLines = (desc->Height + jump - 1 - ofs) / jump;
++ /* Number of source lines for current pass */
++ int numPassLines = (desc->Height + jump - ofs - 1) / jump;
++ /* Number of lines that fits to dest buffer */
++ int numLines = (ch + jump - ofs - 1) / jump;
+
++
+ initRect(&srcRect, 0, 0, desc->Width, numLines, 1,
+ desc->Width, pSrc, &srcFormat);
+- initRect(&dstRect, desc->Left, desc->Top + ofs, desc->Width,
+- numLines, jump, stride, pBitmapBits, &splash->imageFormat);
+- pSrc += convertRect(&srcRect, &dstRect, CVT_ALPHATEST);
++
++ if (numLines > 0) {
++ initRect(&dstRect, cx, cy + ofs, cw,
++ numLines, jump, stride, pBitmapBits,
++ &splash->imageFormat);
++
++ pSrc += convertRect(&srcRect, &dstRect, CVT_ALPHATEST);
++ }
++ // skip extra source data
++ pSrc += (numPassLines - numLines) * srcRect.stride;
+ }
+ }
+
+@@ -209,6 +261,12 @@
+
+ splash->frames[imageIndex].bitmapBits =
+ (rgbquad_t *) malloc(bufferSize);
++ if (!splash->frames[imageIndex].bitmapBits) {
++ free(pBitmapBits);
++ free(pOldBitmapBits);
++ /* Assuming that callee will take care of splash frames we have already allocated */
++ return 0;
++ }
+ memcpy(splash->frames[imageIndex].bitmapBits, pBitmapBits, bufferSize);
+
+ SplashInitFrameShape(splash, imageIndex);
+@@ -224,27 +282,29 @@
+ {
+ ImageRect dstRect;
+ rgbquad_t fillColor = 0; // 0 is transparent
+- if (transparentColor < 0) {
++
++ if (transparentColor > 0) {
+ fillColor= MAKE_QUAD_GIF(
+ colorMap->Colors[gif->SBackGroundColor], 0xff);
+ }
+- initRect(&dstRect, desc->Left, desc->Top,
+- desc->Width, desc->Height, 1, stride,
+- pBitmapBits, &splash->imageFormat);
++ initRect(&dstRect,
++ cx, cy, cw, ch,
++ 1, stride,
++ pBitmapBits, &splash->imageFormat);
+ fillRect(fillColor, &dstRect);
+ }
+ break;
+ case GIF_DISPOSE_RESTORE:
+ {
+-
+- int lineSize = desc->Width * splash->imageFormat.depthBytes;
+-
+- for (j = 0; j < desc->Height; j++) {
+- int lineIndex = stride * (j + desc->Top) +
+- desc->Left * splash->imageFormat.depthBytes;
+-
+- memcpy(pBitmapBits + lineIndex, pOldBitmapBits + lineIndex,
+- lineSize);
++ int lineSize = cw * splash->imageFormat.depthBytes;
++ if (lineSize > 0) {
++ int lineOffset = cx * splash->imageFormat.depthBytes;
++ int lineIndex = cy * stride + lineOffset;
++ for (j=0; j<ch; j++) {
++ memcpy(pBitmapBits + lineIndex, pOldBitmapBits + lineIndex,
++ lineSize);
++ lineIndex += stride;
++ }
+ }
+ }
+ break;
--- oldicedtea6-1.2/Makefile.am 2008-05-28 09:15:29.000000000 -0400
+++ Makefile.am 2008-11-27 13:05:37.000000000 -0500
@@ -315,6 +304,17 @@
patches/icedtea-hat-spl-gpl.patch \
patches/icedtea-sparc.patch \
patches/icedtea-override-redirect-metacity.patch \
+ patches/icedtea-4486841.patch \
+ patches/icedtea-6484091.patch \
+ patches/icedtea-6497740.patch \
+ patches/icedtea-6588160.patch \
+ patches/icedtea-6592792.patch \
+ patches/icedtea-6721753.patch \
+ patches/icedtea-6726779.patch \
+ patches/icedtea-6733959.patch \
+ patches/icedtea-6734167.patch \
+ patches/icedtea-6755943.patch \
+ patches/icedtea-6766136.patch \
$(GCC_PATCH) \
$(DISTRIBUTION_PATCHES)
Index: java-1.6.0-openjdk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/java-1.6.0-openjdk/F-9/java-1.6.0-openjdk.spec,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- java-1.6.0-openjdk.spec 22 Sep 2008 14:20:58 -0000 1.59
+++ java-1.6.0-openjdk.spec 2 Dec 2008 13:18:37 -0000 1.60
@@ -134,7 +134,7 @@
Name: java-%{javaver}-%{origin}
Version: %{javaver}.%{buildver}
-Release: 0.19.%{openjdkver}%{?dist}
+Release: 0.20.%{openjdkver}%{?dist}
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
# also included the epoch in their virtual provides. This created a
@@ -175,6 +175,7 @@
Patch9: java-1.6.0-openjdk-6661918.patch
Patch10: java-1.6.0-openjdk-6685178.patch
Patch11: java-1.6.0-openjdk-hotspot.patch
+Patch12: java-1.6.0-openjdk-dec2security.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -375,6 +376,7 @@
export ARCH_DATA_MODEL=64
%endif
./configure %{icedteaopt} --with-openjdk-src-zip=%{SOURCE1}
+patch -l -p0 < %{PATCH12}
%if %{gcjbootstrap}
make stamps/patch-ecj.stamp
%endif
@@ -924,6 +926,22 @@
%{_jvmdir}/%{jredir}/lib/%{archinstall}/gcjwebplugin.so
%changelog
+* Tue Dec 2 2008 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.20.b09
+- Added new security patch.
+- Resolves: rhbz#472234
+- Resolves: rhbz#472233
+- Resolves: rhbz#472231
+- Resolves: rhbz#472228
+- Resolves: rhbz#472224
+- Resolves: rhbz#472218
+- Resolves: rhbz#472213
+- Resolves: rhbz#472212
+- Resolves: rhbz#472211
+- Resolves: rhbz#472209
+- Resolves: rhbz#472208
+- Resolves: rhbz#472206
+- Resolves: rhbz#472201
+
* Mon Sep 22 2008 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.19.b09
- Removed update-desktop-database dependency.
- Resolves: rhbz#463046
- Previous message (by thread): rpms/am-utils/F-9 am-utils-6.1.5-buildsys.patch, NONE, 1.1 am-utils-6.1.5-expn-temp.patch, NONE, 1.1 am-utils-6.1.5-nolock-toplvl.patch, NONE, 1.1 am-utils.spec, 1.43, 1.44
- Next message (by thread): rpms/libbtctl/devel libbtctl-libtool2.patch, NONE, 1.1 libbtctl.spec, 1.56, 1.57
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list