rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.63, 1.64 java-1.6.0-openjdk-dec2security.patch, 1.1, NONE
Lillian Angel
langel at fedoraproject.org
Tue Mar 24 11:55:50 UTC 2009
Author: langel
Update of /cvs/pkgs/rpms/java-1.6.0-openjdk/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22716
Modified Files:
java-1.6.0-openjdk.spec
Added Files:
java-1.6.0-openjdk-securitypatches.patch
Removed Files:
java-1.6.0-openjdk-dec2security.patch
Log Message:
* Tue Mar 24 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.22.b09
- Updated release.
- Added java-1.6.0-openjdk-securitypatches.patch.
java-1.6.0-openjdk-securitypatches.patch:
--- NEW FILE java-1.6.0-openjdk-securitypatches.patch ---
diff -ruN patchesold/icedtea-4486841.patch patches/icedtea-4486841.patch
--- patchesold/icedtea-4486841.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-4486841.patch 2009-03-16 11:39:05.000000000 -0400
@@ -0,0 +1,838 @@
+--- old/src/share/classes/sun/nio/cs/UTF_8.java Thu Oct 9 16:02:01 2008
++++ openjdk/jdk/src/share/classes/sun/nio/cs/UTF_8.java Thu Oct 9 16:02:01 2008
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
++ * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -25,34 +25,36 @@
+
+ package sun.nio.cs;
+
++import java.nio.Buffer;
+ import java.nio.ByteBuffer;
+ import java.nio.CharBuffer;
+-import java.nio.BufferOverflowException;
+-import java.nio.BufferUnderflowException;
+ import java.nio.charset.Charset;
+ import java.nio.charset.CharsetDecoder;
+ import java.nio.charset.CharsetEncoder;
+ import java.nio.charset.CoderResult;
+-import java.nio.charset.CharacterCodingException;
+-import java.nio.charset.MalformedInputException;
+-import java.nio.charset.UnmappableCharacterException;
+
+-
+-/*
+- * # Bits Bit pattern
+- * 1 7 0xxxxxxx
+- * 2 11 110xxxxx 10xxxxxx
+- * 3 16 1110xxxx 10xxxxxx 10xxxxxx
+- * 4 21 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+- * 5 26 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+- * 6 31 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++/* Legal UTF-8 Byte Sequences
+ *
+- * UCS-2 uses 1-3, UTF-16 uses 1-4, UCS-4 uses 1-6
++ * # Code Points Bits Bit/Byte pattern
++ * 1 7 0xxxxxxx
++ * U+0000..U+007F 00..7F
++ *
++ * 2 11 110xxxxx 10xxxxxx
++ * U+0080..U+07FF C2..DF 80..BF
++ *
++ * 3 16 1110xxxx 10xxxxxx 10xxxxxx
++ * U+0800..U+0FFF E0 A0..BF 80..BF
++ * U+1000..U+FFFF E1..EF 80..BF 80..BF
++ *
++ * 4 21 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
++ * U+10000..U+3FFFF F0 90..BF 80..BF 80..BF
++ * U+40000..U+FFFFF F1..F3 80..BF 80..BF 80..BF
++ * U+100000..U10FFFF F4 80..8F 80..BF 80..BF
++ *
+ */
+
+ class UTF_8 extends Unicode
+ {
+-
+ public UTF_8() {
+ super("UTF-8", StandardCharsets.aliases_UTF_8);
+ }
+@@ -69,6 +71,11 @@
+ return new Encoder(this);
+ }
+
++ static final void updatePositions(Buffer src, int sp,
++ Buffer dst, int dp) {
++ src.position(sp - src.arrayOffset());
++ dst.position(dp - dst.arrayOffset());
++ }
+
+ private static class Decoder extends CharsetDecoder {
+ private Decoder(Charset cs) {
+@@ -75,161 +82,182 @@
+ super(cs, 1.0f, 1.0f);
+ }
+
+- private boolean isContinuation(int b) {
+- return ((b & 0xc0) == 0x80);
++ private static boolean isNotContinuation(int b) {
++ return (b & 0xc0) != 0x80;
+ }
+
+- private final Surrogate.Generator sgg = new Surrogate.Generator();
++ // [C2..DF] [80..BF]
++ private static boolean isMalformed2(int b1, int b2) {
++ return (b1 & 0x1e) == 0x0 || (b2 & 0xc0) != 0x80;
++ }
+
++ // [E0] [A0..BF] [80..BF]
++ // [E1..EF] [80..BF] [80..BF]
++ private static boolean isMalformed3(int b1, int b2, int b3) {
++ return (b1 == (byte)0xe0 && (b2 & 0xe0) == 0x80) ||
++ (b2 & 0xc0) != 0x80 || (b3 & 0xc0) != 0x80;
++ }
++
++ // [F0] [90..BF] [80..BF] [80..BF]
++ // [F1..F3] [80..BF] [80..BF] [80..BF]
++ // [F4] [80..8F] [80..BF] [80..BF]
++ // only check 80-be range here, the [0xf0,0x80...] and [0xf4,0x90-...]
++ // will be checked by Surrogate.neededFor(uc)
++ private static boolean isMalformed4(int b2, int b3, int b4) {
++ return (b2 & 0xc0) != 0x80 || (b3 & 0xc0) != 0x80 ||
++ (b4 & 0xc0) != 0x80;
++ }
++
++ private static CoderResult lookupN(ByteBuffer src, int n)
++ {
++ for (int i = 1; i < n; i++) {
++ if (isNotContinuation(src.get()))
++ return CoderResult.malformedForLength(i);
++ }
++ return CoderResult.malformedForLength(n);
++ }
++
++ private static CoderResult malformedN(ByteBuffer src, int nb) {
++ switch (nb) {
++ case 1:
++ int b1 = src.get();
++ if ((b1 >> 2) == -2) {
++ // 5 bytes 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++ if (src.remaining() < 4)
++ return CoderResult.UNDERFLOW;
++ return lookupN(src, 5);
++ }
++ if ((b1 >> 1) == -2) {
++ // 6 bytes 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
++ if (src.remaining() < 5)
++ return CoderResult.UNDERFLOW;
++ return lookupN(src, 6);
++ }
++ return CoderResult.malformedForLength(1);
++ case 2: // always 1
++ return CoderResult.malformedForLength(1);
++ case 3:
++ b1 = src.get();
++ int b2 = src.get(); // no need to lookup b3
++ return CoderResult.malformedForLength(
++ ((b1 == (byte)0xe0 && (b2 & 0xe0) == 0x80) ||
++ isNotContinuation(b2))?1:2);
++ case 4: // we don't care the speed here
++ b1 = src.get() & 0xff;
++ b2 = src.get() & 0xff;
++ if (b1 > 0xf4 ||
++ (b1 == 0xf0 && (b2 < 0x90 || b2 > 0xbf)) ||
++ (b1 == 0xf4 && (b2 & 0xf0) != 0x80) ||
++ isNotContinuation(b2))
++ return CoderResult.malformedForLength(1);
++ if (isNotContinuation(src.get()))
++ return CoderResult.malformedForLength(2);
++ return CoderResult.malformedForLength(3);
++ default:
++ assert false;
++ return null;
++ }
++ }
++
++ private static CoderResult malformed(ByteBuffer src, int sp,
++ CharBuffer dst, int dp,
++ int nb)
++ {
++ src.position(sp - src.arrayOffset());
++ CoderResult cr = malformedN(src, nb);
++ updatePositions(src, sp, dst, dp);
++ return cr;
++ }
++
++ private static CoderResult malformed(ByteBuffer src,
++ int mark, int nb)
++ {
++ src.position(mark);
++ CoderResult cr = malformedN(src, nb);
++ src.position(mark);
++ return cr;
++ }
++
++ private static CoderResult xflow(Buffer src, int sp, int sl,
++ Buffer dst, int dp, int nb) {
++ updatePositions(src, sp, dst, dp);
++ return (nb == 0 || sl - sp < nb)
++ ?CoderResult.UNDERFLOW:CoderResult.OVERFLOW;
++ }
++
++ private static CoderResult xflow(Buffer src, int mark, int nb) {
++ CoderResult cr = (nb == 0 || src.remaining() < (nb - 1))
++ ?CoderResult.UNDERFLOW:CoderResult.OVERFLOW;
++ src.position(mark);
++ return cr;
++ }
++
+ private CoderResult decodeArrayLoop(ByteBuffer src,
+ CharBuffer dst)
+ {
++ // This method is optimized for ASCII input.
[...5837 lines suppressed...]
++
++ if (!SAFE_TO_ALLOC(height, sizeof(png_bytep))) {
++ goto done;
++ }
+ if ((row_pointers = (png_bytepp) malloc(height * sizeof(png_bytep)))
+ == NULL) {
+ goto done;
+@@ -121,13 +129,28 @@
+ splash->width = width;
+ splash->height = height;
+
++ if (!SAFE_TO_ALLOC(splash->width, splash->imageFormat.depthBytes)) {
++ goto done;
++ }
+ stride = splash->width * splash->imageFormat.depthBytes;
+
++ if (!SAFE_TO_ALLOC(splash->height, stride)) {
++ goto done;
++ }
+ splash->frameCount = 1;
+ splash->frames = (SplashImage *)
+ malloc(sizeof(SplashImage) * splash->frameCount);
++
++ if (splash->frames == NULL) {
++ goto done;
++ }
++
+ splash->loopCount = 1;
+ splash->frames[0].bitmapBits = malloc(stride * splash->height);
++ if (splash->frames[0].bitmapBits == NULL) {
++ free(splash->frames);
++ goto done;
++ }
+ splash->frames[0].delay = 0;
+
+ /* FIXME: sort out the real format */
diff -ruN patchesold/icedtea-6804997.patch patches/icedtea-6804997.patch
--- patchesold/icedtea-6804997.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6804997.patch 2009-03-16 11:48:14.000000000 -0400
@@ -0,0 +1,31 @@
+--- old/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:17 2009
++++ openjdk/jdk/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:16 2009
+@@ -722,6 +722,10 @@
+ GifFilePrivateType *Private = (GifFilePrivateType *)GifFile->Private;
+
+ READ(GifFile, &CodeSize, 1); /* Read Code size from file. */
++ if (CodeSize >= 12) {
++ /* Invalid initial code size: report failure */
++ return GIF_ERROR;
++ }
+ BitsPerPixel = CodeSize;
+
+ Private->Buf[0] = 0; /* Input Buffer empty. */
+@@ -964,10 +968,13 @@
+
+ /* If code cannot fit into RunningBits bits, must raise its size. Note
+ * however that codes above 4095 are used for special signaling. */
+- if (++Private->RunningCode > Private->MaxCode1 &&
+- Private->RunningBits < LZ_BITS) {
+- Private->MaxCode1 <<= 1;
+- Private->RunningBits++;
++ if (++Private->RunningCode > Private->MaxCode1) {
++ if (Private->RunningBits < LZ_BITS) {
++ Private->MaxCode1 <<= 1;
++ Private->RunningBits++;
++ } else {
++ Private->RunningCode = Private->MaxCode1;
++ }
+ }
+ return GIF_OK;
+ }
diff -ruN patchesold/icedtea-6804998.patch patches/icedtea-6804998.patch
--- patchesold/icedtea-6804998.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6804998.patch 2009-03-16 11:48:14.000000000 -0400
@@ -0,0 +1,35 @@
+--- old/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:25 2009
++++ openjdk/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:24 2009
+@@ -585,9 +585,16 @@
+ System.out.print("Reading a " + width + " by " + height + " " +
+ (interlace ? "" : "non-") + "interlaced image...");
+ }
+-
++ int initCodeSize = ExtractByte(block, 9);
++ if (initCodeSize >= 12) {
++ if (verbose) {
++ System.out.println("Invalid initial code size: " +
++ initCodeSize);
++ }
++ return false;
++ }
+ boolean ret = parseImage(x, y, width, height,
+- interlace, ExtractByte(block, 9),
++ interlace, initCodeSize,
+ block, rasline, model);
+
+ if (!ret) {
+--- old/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:28 2009
++++ openjdk/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:27 2009
+@@ -191,6 +191,11 @@
+ int passht = passinc;
+ int len;
+
++ /* We have verified the initial code size on the java layer.
++ * Here we just check bounds for particular indexes. */
++ if (freeCode >= 4096 || maxCode >= 4096) {
++ return 0;
++ }
+ if (blockh == 0 || raslineh == 0
+ || prefixh == 0 || suffixh == 0
+ || outCodeh == 0)
--- oldMakefile.in 2009-03-16 13:02:33.000000000 -0400
+++ Makefile.in 2009-03-16 13:02:26.000000000 -0400
@@ -247,6 +247,7 @@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
OPENJDK_DATE = 11_apr_2008
@@ -413,8 +414,22 @@
patches/icedtea-fonts.patch patches/icedtea-gervill.patch \
patches/icedtea-directaudio-close-trick.patch \
patches/icedtea-hat-spl-gpl.patch patches/icedtea-sparc.patch \
- patches/icedtea-override-redirect-metacity.patch $(GCC_PATCH) \
- $(DISTRIBUTION_PATCHES) $(am__append_7)
+ patches/icedtea-override-redirect-metacity.patch \
+ patches/icedtea-4486841.patch patches/icedtea-6484091.patch \
+ patches/icedtea-6497740.patch patches/icedtea-6536193.patch \
+ patches/icedtea-6588160.patch patches/icedtea-6592792.patch \
+ patches/icedtea-6610888.patch patches/icedtea-6610896.patch \
+ patches/icedtea-6630639.patch patches/icedtea-6632886.patch \
+ patches/icedtea-6636360.patch patches/icedtea-6652463.patch \
+ patches/icedtea-6656633.patch patches/icedtea-6658158.patch \
+ patches/icedtea-6691246.patch patches/icedtea-6717680.patch \
+ patches/icedtea-6721651.patch patches/icedtea-6721753.patch \
+ patches/icedtea-6726779.patch patches/icedtea-6733959.patch \
+ patches/icedtea-6734167.patch patches/icedtea-6737315.patch \
+ patches/icedtea-6755943.patch patches/icedtea-6766136.patch \
+ patches/icedtea-6792554.patch patches/icedtea-6804996.patch \
+ patches/icedtea-6804997.patch patches/icedtea-6804998.patch \
+ $(GCC_PATCH) $(DISTRIBUTION_PATCHES) $(am__append_7)
# Patch OpenJDK for plug replacements and ecj.
ICEDTEA_ECJ_PATCH = patches/icedtea-ecj.patch
@@ -841,7 +856,7 @@
do \
if test x$${all_patches_ok} == "xyes" \
&& echo Checking $$p \
- && $(PATCH) -l -p0 --dry-run -s -t -f -F 0 < $$p ; \
+ && $(PATCH) -l -p0 --dry-run -s -t -f < $$p ; \
then \
echo Applying $$p ; \
$(PATCH) -l -p0 < $$p ; \
--- oldMakefile.am 2009-03-16 13:02:33.000000000 -0400
+++ Makefile.am 2009-03-16 13:02:26.000000000 -0400
@@ -304,6 +304,34 @@
patches/icedtea-hat-spl-gpl.patch \
patches/icedtea-sparc.patch \
patches/icedtea-override-redirect-metacity.patch \
+ patches/icedtea-4486841.patch \
+ patches/icedtea-6484091.patch \
+ patches/icedtea-6497740.patch \
+ patches/icedtea-6536193.patch \
+ patches/icedtea-6588160.patch \
+ patches/icedtea-6592792.patch \
+ patches/icedtea-6610888.patch \
+ patches/icedtea-6610896.patch \
+ patches/icedtea-6630639.patch \
+ patches/icedtea-6632886.patch \
+ patches/icedtea-6636360.patch \
+ patches/icedtea-6652463.patch \
+ patches/icedtea-6656633.patch \
+ patches/icedtea-6658158.patch \
+ patches/icedtea-6691246.patch \
+ patches/icedtea-6717680.patch \
+ patches/icedtea-6721651.patch \
+ patches/icedtea-6721753.patch \
+ patches/icedtea-6726779.patch \
+ patches/icedtea-6733959.patch \
+ patches/icedtea-6734167.patch \
+ patches/icedtea-6737315.patch \
+ patches/icedtea-6755943.patch \
+ patches/icedtea-6766136.patch \
+ patches/icedtea-6792554.patch \
+ patches/icedtea-6804996.patch \
+ patches/icedtea-6804997.patch \
+ patches/icedtea-6804998.patch \
$(GCC_PATCH) \
$(DISTRIBUTION_PATCHES)
@@ -331,7 +359,7 @@
do \
if test x$${all_patches_ok} == "xyes" \
&& echo Checking $$p \
- && $(PATCH) -l -p0 --dry-run -s -t -f -F 0 < $$p ; \
+ && $(PATCH) -l -p0 --dry-run -s -t -f < $$p ; \
then \
echo Applying $$p ; \
$(PATCH) -l -p0 < $$p ; \
Index: java-1.6.0-openjdk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/java-1.6.0-openjdk/F-9/java-1.6.0-openjdk.spec,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- java-1.6.0-openjdk.spec 20 Mar 2009 15:41:48 -0000 1.63
+++ java-1.6.0-openjdk.spec 24 Mar 2009 11:55:19 -0000 1.64
@@ -134,7 +134,7 @@
Name: java-%{javaver}-%{origin}
Version: %{javaver}.%{buildver}
-Release: 0.21.%{openjdkver}%{?dist}
+Release: 0.22.%{openjdkver}%{?dist}
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
# also included the epoch in their virtual provides. This created a
@@ -175,7 +175,7 @@
Patch9: java-1.6.0-openjdk-6661918.patch
Patch10: java-1.6.0-openjdk-6685178.patch
Patch11: java-1.6.0-openjdk-hotspot.patch
-Patch12: java-1.6.0-openjdk-dec2security.patch
+Patch12: java-1.6.0-openjdk-securitypatches.patch
Patch13: java-1.6.0-openjdk-lcms.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -367,6 +367,7 @@
%setup -q -n icedtea6-%{icedteaver} -T -D -a 2
%patch0
%patch5 -p1 -b .sparc64
+%patch12
cp %{SOURCE4} .
cp %{SOURCE5} .
cp %{SOURCE7} .
@@ -380,7 +381,6 @@
export CFLAGS="$CFLAGS -mieee"
%endif
./configure %{icedteaopt} --with-openjdk-src-zip=%{SOURCE1}
-patch -l -p0 < %{PATCH12}
%if %{gcjbootstrap}
make stamps/patch-ecj.stamp
%endif
@@ -931,6 +931,10 @@
%{_jvmdir}/%{jredir}/lib/%{archinstall}/gcjwebplugin.so
%changelog
+* Tue Mar 24 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.22.b09
+- Updated release.
+- Added java-1.6.0-openjdk-securitypatches.patch.
+
* Fri Mar 20 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-0.21.b09
- Added new lcms security patch.
--- java-1.6.0-openjdk-dec2security.patch DELETED ---
More information about the fedora-extras-commits
mailing list