rpms/java-1.6.0-openjdk/F-10 java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.103, 1.104
Lillian Angel
langel at fedoraproject.org
Tue Mar 24 11:57:21 UTC 2009
- Previous message (by thread): rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.63, 1.64 java-1.6.0-openjdk-dec2security.patch, 1.1, NONE
- Next message (by thread): rpms/java-1.6.0-openjdk/devel java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.112, 1.113
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: langel
Update of /cvs/pkgs/rpms/java-1.6.0-openjdk/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23093
Modified Files:
java-1.6.0-openjdk.spec
Added Files:
java-1.6.0-openjdk-securitypatches.patch
Log Message:
* Tue Mar 24 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-12.b14
- Updated release.
- Added java-1.6.0-openjdk-securitypatches.patch.
java-1.6.0-openjdk-securitypatches.patch:
--- NEW FILE java-1.6.0-openjdk-securitypatches.patch ---
diff -ruN icedteaoldpatches/icedtea-6536193.patch patches/icedtea-6536193.patch
--- icedteaoldpatches/icedtea-6536193.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6536193.patch 2009-03-16 15:50:43.000000000 -0400
@@ -0,0 +1,102 @@
+--- old/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java Tue Mar 3 11:34:51 2009
++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java Tue Mar 3 11:34:50 2009
+@@ -1,27 +1,3 @@
+-/*
+- * Copyright 2005-2006 Sun Microsystems, Inc. All Rights Reserved.
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * This code is free software; you can redistribute it and/or modify it
+- * under the terms of the GNU General Public License version 2 only, as
+- * published by the Free Software Foundation. Sun designates this
+- * particular file as subject to the "Classpath" exception as provided
+- * by Sun in the LICENSE file that accompanied this code.
+- *
+- * This code is distributed in the hope that it will be useful, but WITHOUT
+- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+- * version 2 for more details (a copy is included in the LICENSE file that
+- * accompanied this code).
+- *
+- * You should have received a copy of the GNU General Public License version
+- * 2 along with this work; if not, write to the Free Software Foundation,
+- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+- *
+- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+- * CA 95054 USA or visit www.sun.com if you need additional information or
+- * have any questions.
+- */
+ package com.sun.xml.internal.bind.v2.runtime.output;
+
+ import java.io.IOException;
+@@ -32,6 +8,7 @@
+ import com.sun.xml.internal.bind.DatatypeConverterImpl;
+ import com.sun.xml.internal.bind.v2.runtime.Name;
+ import com.sun.xml.internal.bind.v2.runtime.XMLSerializer;
++import com.sun.xml.internal.bind.v2.runtime.MarshallerImpl;
+
+ import org.xml.sax.SAXException;
+
+@@ -81,6 +58,11 @@
+ protected boolean closeStartTagPending = false;
+
+ /**
++ * @see MarshallerImpl#header
++ */
++ private String header;
++
++ /**
+ *
+ * @param localNames
+ * local names encoded in UTF-8.
+@@ -92,6 +74,10 @@
+ prefixes[i] = new Encoded();
+ }
+
++ public void setHeader(String header) {
++ this.header = header;
++ }
++
+ @Override
+ public void startDocument(XMLSerializer serializer, boolean fragment, int[] nsUriIndex2prefixIndex, NamespaceContextImpl nsContext) throws IOException, SAXException, XMLStreamException {
+ super.startDocument(serializer, fragment,nsUriIndex2prefixIndex,nsContext);
+@@ -100,6 +86,10 @@
+ if(!fragment) {
+ write(XML_DECL);
+ }
++ if(header!=null) {
++ textBuffer.set(header);
++ textBuffer.write(this);
++ }
+ }
+
+ public void endDocument(boolean fragment) throws IOException, SAXException, XMLStreamException {
+@@ -383,11 +373,23 @@
+ return buf;
+ }
+
+- private static final byte[] XMLNS_EQUALS = toBytes(" xmlns=\"");
+- private static final byte[] XMLNS_COLON = toBytes(" xmlns:");
+- private static final byte[] EQUALS = toBytes("=\"");
+- private static final byte[] CLOSE_TAG = toBytes("</");
+- private static final byte[] EMPTY_TAG = toBytes("/>");
++ // per instance copy to prevent an attack where malicious OutputStream
++ // rewrites the byte array.
++ private final byte[] XMLNS_EQUALS = _XMLNS_EQUALS.clone();
++ private final byte[] XMLNS_COLON = _XMLNS_COLON.clone();
++ private final byte[] EQUALS = _EQUALS.clone();
++ private final byte[] CLOSE_TAG = _CLOSE_TAG.clone();
++ private final byte[] EMPTY_TAG = _EMPTY_TAG.clone();
++ private final byte[] XML_DECL = _XML_DECL.clone();
++
++ // masters
++ private static final byte[] _XMLNS_EQUALS = toBytes(" xmlns=\"");
++ private static final byte[] _XMLNS_COLON = toBytes(" xmlns:");
++ private static final byte[] _EQUALS = toBytes("=\"");
++ private static final byte[] _CLOSE_TAG = toBytes("</");
++ private static final byte[] _EMPTY_TAG = toBytes("/>");
++ private static final byte[] _XML_DECL = toBytes("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>");
++
++ // no need to copy
+ private static final byte[] EMPTY_BYTE_ARRAY = new byte[0];
+- private static final byte[] XML_DECL = toBytes("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>");
+ }
diff -ruN icedteaoldpatches/icedtea-6610888.patch patches/icedtea-6610888.patch
--- icedteaoldpatches/icedtea-6610888.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6610888.patch 2009-03-16 15:50:43.000000000 -0400
@@ -0,0 +1,58 @@
+--- old/src/share/classes/javax/management/monitor/Monitor.java Mon Mar 9 17:21:12 2009
++++ openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java Mon Mar 9 17:21:11 2009
+@@ -37,6 +37,7 @@
+ import java.security.AccessControlContext;
+ import java.security.AccessController;
+ import java.security.PrivilegedAction;
++import java.security.ProtectionDomain;
+ import java.util.List;
+ import java.util.concurrent.CopyOnWriteArrayList;
+ import java.util.concurrent.ExecutorService;
+@@ -170,7 +171,10 @@
+ /**
+ * AccessControlContext of the Monitor.start() caller.
+ */
+- private AccessControlContext acc;
++ private static final AccessControlContext noPermissionsACC =
++ new AccessControlContext(
++ new ProtectionDomain[] {new ProtectionDomain(null, null)});
++ private volatile AccessControlContext acc = noPermissionsACC;
+
+ /**
+ * Scheduler Service.
+@@ -755,7 +759,7 @@
+
+ // Reset the AccessControlContext.
+ //
+- acc = null;
++ acc = noPermissionsACC;
+
+ // Reset the complex type attribute information
+ // such that it is recalculated again.
+@@ -1555,10 +1559,12 @@
+
+ public void run() {
+ final ScheduledFuture<?> sf;
++ final AccessControlContext ac;
+ synchronized (Monitor.this) {
+ sf = Monitor.this.schedulerFuture;
++ ac = Monitor.this.acc;
+ }
+- AccessController.doPrivileged(new PrivilegedAction<Void>() {
++ PrivilegedAction<Void> action = new PrivilegedAction<Void>() {
+ public Void run() {
+ if (Monitor.this.isActive()) {
+ final int an[] = alreadyNotifieds;
+@@ -1571,7 +1577,11 @@
+ }
+ return null;
+ }
+- }, Monitor.this.acc);
++ };
++ if (ac == null) {
++ throw new SecurityException("AccessControlContext cannot be null");
++ }
++ AccessController.doPrivileged(action, ac);
+ synchronized (Monitor.this) {
+ if (Monitor.this.isActive() &&
+ Monitor.this.schedulerFuture == sf) {
diff -ruN icedteaoldpatches/icedtea-6610896.patch patches/icedtea-6610896.patch
--- icedteaoldpatches/icedtea-6610896.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6610896.patch 2009-03-16 15:50:43.000000000 -0400
@@ -0,0 +1,189 @@
+--- old/src/share/classes/javax/management/monitor/Monitor.java Mon Mar 9 16:53:02 2009
++++ openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java Mon Mar 9 16:53:01 2009
+@@ -38,8 +38,9 @@
+ import java.security.AccessController;
+ import java.security.PrivilegedAction;
+ import java.util.List;
++import java.util.Map;
++import java.util.WeakHashMap;
+ import java.util.concurrent.CopyOnWriteArrayList;
+-import java.util.concurrent.ExecutorService;
+ import java.util.concurrent.Executors;
+ import java.util.concurrent.Future;
+ import java.util.concurrent.LinkedBlockingQueue;
+@@ -180,14 +181,20 @@
+ new DaemonThreadFactory("Scheduler"));
+
+ /**
+- * Maximum Pool Size
++ * Map containing the thread pool executor per thread group.
+ */
+- private static final int maximumPoolSize;
++ private static final Map<ThreadPoolExecutor, Void> executors =
++ new WeakHashMap<ThreadPoolExecutor, Void>();
+
+ /**
+- * Executor Service.
++ * Lock for executors map.
[...3061 lines suppressed...]
++ goto done;
++ }
+ if ((row_pointers = (png_bytepp) malloc(height * sizeof(png_bytep)))
+ == NULL) {
+ goto done;
+@@ -121,13 +129,28 @@
+ splash->width = width;
+ splash->height = height;
+
++ if (!SAFE_TO_ALLOC(splash->width, splash->imageFormat.depthBytes)) {
++ goto done;
++ }
+ stride = splash->width * splash->imageFormat.depthBytes;
+
++ if (!SAFE_TO_ALLOC(splash->height, stride)) {
++ goto done;
++ }
+ splash->frameCount = 1;
+ splash->frames = (SplashImage *)
+ malloc(sizeof(SplashImage) * splash->frameCount);
++
++ if (splash->frames == NULL) {
++ goto done;
++ }
++
+ splash->loopCount = 1;
+ splash->frames[0].bitmapBits = malloc(stride * splash->height);
++ if (splash->frames[0].bitmapBits == NULL) {
++ free(splash->frames);
++ goto done;
++ }
+ splash->frames[0].delay = 0;
+
+ /* FIXME: sort out the real format */
diff -ruN icedteaoldpatches/icedtea-6804997.patch patches/icedtea-6804997.patch
--- icedteaoldpatches/icedtea-6804997.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6804997.patch 2009-03-16 15:50:43.000000000 -0400
@@ -0,0 +1,31 @@
+--- old/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:17 2009
++++ openjdk/jdk/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:16 2009
+@@ -722,6 +722,10 @@
+ GifFilePrivateType *Private = (GifFilePrivateType *)GifFile->Private;
+
+ READ(GifFile, &CodeSize, 1); /* Read Code size from file. */
++ if (CodeSize >= 12) {
++ /* Invalid initial code size: report failure */
++ return GIF_ERROR;
++ }
+ BitsPerPixel = CodeSize;
+
+ Private->Buf[0] = 0; /* Input Buffer empty. */
+@@ -964,10 +968,13 @@
+
+ /* If code cannot fit into RunningBits bits, must raise its size. Note
+ * however that codes above 4095 are used for special signaling. */
+- if (++Private->RunningCode > Private->MaxCode1 &&
+- Private->RunningBits < LZ_BITS) {
+- Private->MaxCode1 <<= 1;
+- Private->RunningBits++;
++ if (++Private->RunningCode > Private->MaxCode1) {
++ if (Private->RunningBits < LZ_BITS) {
++ Private->MaxCode1 <<= 1;
++ Private->RunningBits++;
++ } else {
++ Private->RunningCode = Private->MaxCode1;
++ }
+ }
+ return GIF_OK;
+ }
diff -ruN icedteaoldpatches/icedtea-6804998.patch patches/icedtea-6804998.patch
--- icedteaoldpatches/icedtea-6804998.patch 1969-12-31 19:00:00.000000000 -0500
+++ patches/icedtea-6804998.patch 2009-03-16 15:50:43.000000000 -0400
@@ -0,0 +1,35 @@
+--- old/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:25 2009
++++ openjdk/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:24 2009
+@@ -585,9 +585,16 @@
+ System.out.print("Reading a " + width + " by " + height + " " +
+ (interlace ? "" : "non-") + "interlaced image...");
+ }
+-
++ int initCodeSize = ExtractByte(block, 9);
++ if (initCodeSize >= 12) {
++ if (verbose) {
++ System.out.println("Invalid initial code size: " +
++ initCodeSize);
++ }
++ return false;
++ }
+ boolean ret = parseImage(x, y, width, height,
+- interlace, ExtractByte(block, 9),
++ interlace, initCodeSize,
+ block, rasline, model);
+
+ if (!ret) {
+--- old/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:28 2009
++++ openjdk/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:27 2009
+@@ -191,6 +191,11 @@
+ int passht = passinc;
+ int len;
+
++ /* We have verified the initial code size on the java layer.
++ * Here we just check bounds for particular indexes. */
++ if (freeCode >= 4096 || maxCode >= 4096) {
++ return 0;
++ }
+ if (blockh == 0 || raslineh == 0
+ || prefixh == 0 || suffixh == 0
+ || outCodeh == 0)
--- oldMakefile.am 2009-03-16 16:05:18.000000000 -0400
+++ Makefile.am 2009-03-16 16:06:00.000000000 -0400
@@ -501,7 +501,24 @@
patches/icedtea-sunsrc.patch \
patches/icedtea-libraries.patch \
patches/icedtea-javafiles.patch \
- patches/icedtea-core-build.patch
+ patches/icedtea-core-build.patch \
+ patches/icedtea-6536193.patch \
+ patches/icedtea-6610888.patch \
+ patches/icedtea-6610896.patch \
+ patches/icedtea-6630639.patch \
+ patches/icedtea-6632886.patch \
+ patches/icedtea-6636360.patch \
+ patches/icedtea-6652463.patch \
+ patches/icedtea-6656633.patch \
+ patches/icedtea-6658158.patch \
+ patches/icedtea-6691246.patch \
+ patches/icedtea-6717680.patch \
+ patches/icedtea-6721651.patch \
+ patches/icedtea-6737315.patch \
+ patches/icedtea-6792554.patch \
+ patches/icedtea-6804996.patch \
+ patches/icedtea-6804997.patch \
+ patches/icedtea-6804998.patch
if WITH_ALT_HSBUILD
ICEDTEA_PATCHES += \
@@ -668,7 +686,7 @@
if test x$${all_patches_ok} = "xyes" \
&& echo Checking $$p \
&& $(PATCH) -l -p0 --dry-run -s -t -f \
- -F 0 < $(abs_top_srcdir)/$$p ; \
+ < $(abs_top_srcdir)/$$p ; \
then \
echo Applying $$p ; \
$(PATCH) -l -p0 < $(abs_top_srcdir)/$$p ; \
@@ -737,7 +755,7 @@
if test x$${all_patches_ok} = "xyes" \
&& echo Checking $$p \
&& $(PATCH) -l -p0 --dry-run -s -t -f \
- -F 0 < $(abs_top_srcdir)/$$p ; \
+ < $(abs_top_srcdir)/$$p ; \
then \
echo Applying $$p ; \
$(PATCH) -l -p0 < $(abs_top_srcdir)/$$p ; \
@@ -834,7 +852,7 @@
if test x$${all_patches_ok} = "xyes" \
&& echo Checking $$p \
&& $(PATCH) -l -p0 --dry-run -s -t -f \
- -F 0 < $(abs_top_srcdir)/$$p ; \
+ < $(abs_top_srcdir)/$$p ; \
then \
echo Applying $$p ; \
$(PATCH) -l -p0 < $(abs_top_srcdir)/$$p ; \
--- /dev/null 2009-03-01 02:04:03.075022482 -0500
+++ patches/icedtea-6636360.patch 2009-03-16 16:54:10.000000000 -0400
@@ -0,0 +1,34 @@
+--- vtableStubs_sparc.cpp 2009-03-16 16:52:18.000000000 -0400
++++ openjdk/hotspot/src/cpu/sparc/vm/vtableStubs_sparc.cpp 2009-03-16 16:53:52.000000000 -0400
+@@ -190,12 +190,16 @@
+ // Compute itableMethodEntry and get methodOop(G5_method) and entrypoint(L0) for compiler
+ const int method_offset = (itableMethodEntry::size() * wordSize * vtable_index) + itableMethodEntry::method_offset_in_bytes();
+ __ add(G3_klassOop, L0, L1);
+- __ ld_ptr(L1, method_offset, G5_method);
++ if (__ is_simm13(method_offset)) {
++ __ ld_ptr(L1, method_offset, G5_method);
++ } else {
++ __ set(method_offset, G5_method);
++ __ ld_ptr(L1, G5_method, G5_method);
++ }
+
+ #ifndef PRODUCT
+ if (DebugVtables) {
+ Label L01;
+- __ ld_ptr(L1, method_offset, G5_method);
+ __ bpr(Assembler::rc_nz, false, Assembler::pt, G5_method, L01);
+ __ delayed()->nop();
+ __ stop("methodOop is null");
+@@ -243,10 +247,8 @@
+ (UseCompressedOops ? 2*BytesPerInstWord : 0);
+ return basic + slop;
+ } else {
+- // save, ld, ld, sll, and, add, add, ld, cmp, br, add, ld, add, ld, ld, jmp, restore, sethi, jmpl, restore
+- const int basic = (20 LP64_ONLY(+ 6)) * BytesPerInstWord +
+- // shift;add for load_klass
+- (UseCompressedOops ? 2*BytesPerInstWord : 0);
++ // save, ld, ld, sll, and, add, add, ld, cmp, br, add, ld, add, sethi, add, ld, ld, jmp, restore, sethi, jmpl, restore
++ const int basic = (22 LP64_ONLY(+ 12)) * BytesPerInstWord; // worst case extra 6 bytes for each sethi in 64-bit mode
+ return (basic + slop);
+ }
+ }
Index: java-1.6.0-openjdk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/java-1.6.0-openjdk/F-10/java-1.6.0-openjdk.spec,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -r1.103 -r1.104
--- java-1.6.0-openjdk.spec 20 Mar 2009 15:42:46 -0000 1.103
+++ java-1.6.0-openjdk.spec 24 Mar 2009 11:56:50 -0000 1.104
@@ -117,7 +117,7 @@
Name: java-%{javaver}-%{origin}
Version: %{javaver}.%{buildver}
-Release: 11.%{openjdkver}%{?dist}
+Release: 12.%{openjdkver}%{?dist}
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
# also included the epoch in their virtual provides. This created a
@@ -153,6 +153,7 @@
Patch6: java-1.6.0-openjdk-sparc-fixes.patch
Patch7: java-1.6.0-openjdk-sparc-hotspot.patch
Patch8: java-1.6.0-openjdk-lcms.patch
+Patch9: java-1.6.0-openjdk-securitypatches.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -361,6 +362,7 @@
%patch0
%patch2
%patch6 -p1
+%patch9
cp %{SOURCE4} .
cp %{SOURCE6} .
cp %{SOURCE7} .
@@ -909,6 +911,10 @@
%{_jvmdir}/%{jredir}/lib/%{archinstall}/IcedTeaPlugin.so
%changelog
+* Tue Mar 24 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-12.b14
+- Updated release.
+- Added java-1.6.0-openjdk-securitypatches.patch.
+
* Fri Mar 20 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-11.b14
- Added java-1.6.0-openjdk-lcms.patch.
- Previous message (by thread): rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.63, 1.64 java-1.6.0-openjdk-dec2security.patch, 1.1, NONE
- Next message (by thread): rpms/java-1.6.0-openjdk/devel java-1.6.0-openjdk-securitypatches.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.112, 1.113
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list