summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-05-04 12:37:39 -0500
committerMax Rees <maxcrees@me.com>2020-05-04 22:51:42 -0500
commit28fdd34de44edcf8d1a08cc45cd564099e9268fc (patch)
tree1e7dcb7d13c610594926f65a399b237b653fcead
parent13df4b4fac8068b1c833c4cff3c49feacc53b26e (diff)
downloadpackages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.gz
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.bz2
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.xz
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.zip
user/openjdk8: [CVE] bump to 8.252.09 (#269)
* Bootstrap using openjdk8. Note that it will need to be manually installed when building now... * Cherrypick patch changes from Alpine: icedtea-jdk-tls-nist-curves.patch was integrated upstream, and icedtea-hotspot-musl.patch was rebased for 8u232. https://git.alpinelinux.org/aports/commit/community/openjdk8?id=04ec13ca9caa9a436001be92e674f230b9894894 * Rebase patches for 8u252-ga: In particular, icedtea-jdk-getmntent-buffer.patch is dropped since upstream takes a new approach by allocating a buffer according to the length of the longest line in mtab. https://bugs.openjdk.java.net/browse/JDK-8229872 * Use private variables (_) where applicable
-rw-r--r--user/openjdk8/APKBUILD126
-rw-r--r--user/openjdk8/icedtea-hotspot-musl.patch4
-rw-r--r--user/openjdk8/icedtea-jdk-getmntent-buffer.patch88
-rw-r--r--user/openjdk8/icedtea-jdk-includes.patch23
-rw-r--r--user/openjdk8/icedtea-jdk-musl.patch32
-rw-r--r--user/openjdk8/icedtea-jdk-tls-nist-curves.patch47
6 files changed, 97 insertions, 223 deletions
diff --git a/user/openjdk8/APKBUILD b/user/openjdk8/APKBUILD
index 4ad8f07a0..db3ccf6b1 100644
--- a/user/openjdk8/APKBUILD
+++ b/user/openjdk8/APKBUILD
@@ -1,9 +1,9 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=openjdk8
-_icedteaver=3.11.0
+_icedteaver=3.16.0
# pkgver is <JDK version>.<JDK update>.<JDK build>
# Check https://icedtea.classpath.org/wiki/Main_Page when updating
-pkgver=8.201.08
+pkgver=8.252.09
pkgrel=0
pkgdesc="Libre Java development kit for Java 8"
url="https://icedtea.classpath.org/"
@@ -13,7 +13,7 @@ license="GPL-2.0-only"
depends="$pkgname-jre java-cacerts"
makedepends="bash findutils libarchive-tools zip file util-linux libxslt
autoconf automake linux-headers sed xz coreutils
- openjdk7 ca-certificates libjpeg-turbo-dev cmd:which
+ ca-certificates libjpeg-turbo-dev cmd:which
nss-dev nss-static cups-dev giflib-dev libpng-dev libxt-dev
lcms2-dev libxp-dev libxtst-dev libxinerama-dev zlib-dev
libxrender-dev alsa-lib-dev freetype-dev fontconfig-dev
@@ -29,7 +29,7 @@ ppc64) _jarch=ppc64
*) _jarch="$CARCH";;
esac
-_bootstrap_java_home="/usr/lib/jvm/java-1.7-openjdk"
+_bootstrap_java_home="/usr/lib/jvm/java-1.8-openjdk"
_java_home="/usr/lib/jvm/java-1.8-openjdk"
_jrelib="$_java_home/jre/lib/$_jarch"
@@ -62,14 +62,58 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x
icedtea-jdk-fix-libjvm-load.patch
icedtea-jdk-musl.patch
icedtea-jdk-includes.patch
- icedtea-jdk-getmntent-buffer.patch
icedtea-autoconf-config.patch
- icedtea-jdk-tls-nist-curves.patch
remove-gawk.patch
"
builddir="$srcdir/icedtea-$_icedteaver"
# secfixes:
+# 8.252.09-r0:
+# - CVE-2019-2602
+# - CVE-2019-2684
+# - CVE-2019-2698
+# - CVE-2019-2745
+# - CVE-2019-2762
+# - CVE-2019-2766
+# - CVE-2019-2769
+# - CVE-2019-2786
+# - CVE-2019-2816
+# - CVE-2019-2842
+# - CVE-2019-2894
+# - CVE-2019-2933
+# - CVE-2019-2945
+# - CVE-2019-2949
+# - CVE-2019-2958
+# - CVE-2019-2962
+# - CVE-2019-2964
+# - CVE-2019-2973
+# - CVE-2019-2975
+# - CVE-2019-2978
+# - CVE-2019-2981
+# - CVE-2019-2983
+# - CVE-2019-2987
+# - CVE-2019-2988
+# - CVE-2019-2989
+# - CVE-2019-2992
+# - CVE-2019-2999
+# - CVE-2019-7317
+# - CVE-2020-2583
+# - CVE-2020-2590
+# - CVE-2020-2593
+# - CVE-2020-2601
+# - CVE-2020-2604
+# - CVE-2020-2654
+# - CVE-2020-2659
+# - CVE-2020-2754
+# - CVE-2020-2755
+# - CVE-2020-2756
+# - CVE-2020-2757
+# - CVE-2020-2773
+# - CVE-2020-2781
+# - CVE-2020-2800
+# - CVE-2020-2803
+# - CVE-2020-2805
+# - CVE-2020-2830
# 8.201.08-r0:
# - CVE-2019-2422
# - CVE-2019-2426
@@ -102,22 +146,22 @@ unpack() {
}
prepare() {
- ver_u="$(sed -En 's/^\s*JDK_UPDATE_VERSION\s*=\s*(\S+).*/\1/p' acinclude.m4)"
- ver_b="$(sed -En 's/^\s*BUILD_VERSION\s*=\s*b(\S+).*/\1/p' acinclude.m4)"
- [ "${pkgver#*.}" = "$ver_u.$ver_b" ] \
- || die "Version mismatch, source is 8.$ver_u.$ver_b, but abuild defines $pkgver!"
+ _ver_u="$(sed -En 's/^\s*JDK_UPDATE_VERSION\s*=\s*(\S+).*/\1/p' acinclude.m4)"
+ _ver_b="$(sed -En 's/^\s*BUILD_VERSION\s*=\s*b(\S+).*/\1/p' acinclude.m4)"
+ [ "${pkgver#*.}" = "$_ver_u.$_ver_b" ] \
+ || die "Version mismatch, source is 8.$_ver_u.$_ver_b, but abuild defines $pkgver!"
# Busybox sha256 does not support longopts.
sed -e "s/--check/-c/g" -i Makefile.am
- for patch in $source; do
- case $patch in
+ for _patch in $source; do
+ case $_patch in
icedtea-*.patch)
- cp ../$patch patches
+ cp ../$_patch patches
;;
*.patch)
- msg "Applying patch $patch"
- patch -p1 -i "$srcdir"/$patch
+ msg "Applying patch $_patch"
+ patch -p1 -i "$srcdir"/$_patch
;;
esac
done
@@ -134,10 +178,10 @@ build() {
fi
DISTRIBUTION_PATCHES=""
- for patch in $source; do
- case $patch in
+ for _patch in $source; do
+ case $_patch in
icedtea-*.patch)
- DISTRIBUTION_PATCHES="$DISTRIBUTION_PATCHES patches/$patch"
+ DISTRIBUTION_PATCHES="$DISTRIBUTION_PATCHES patches/$_patch"
;;
esac
done
@@ -200,7 +244,7 @@ jrelib() {
pkgdesc="OpenJDK 8 Java Runtime (class libraries)"
depends=""
- for file in jre/lib/images \
+ for _file in jre/lib/images \
jre/lib/*.jar \
jre/lib/security \
jre/lib/ext/*.jar \
@@ -209,9 +253,9 @@ jrelib() {
jre/THIRD_PARTY_README \
jre/LICENSE; do
- dir=${file%/*}
- mkdir -p "$subpkgdir"/$_java_home/$dir
- mv "$pkgdir"/$_java_home/$file "$subpkgdir"/$_java_home/$dir
+ _dir=${_file%/*}
+ mkdir -p "$subpkgdir"/$_java_home/$_dir
+ mv "$pkgdir"/$_java_home/$_file "$subpkgdir"/$_java_home/$_dir
done
}
@@ -219,7 +263,7 @@ jre() {
pkgdesc="OpenJDK 8 Java Runtime"
mkdir -p "$subpkgdir"
- for file in jre/bin/policytool \
+ for _file in jre/bin/policytool \
bin/appletviewer \
bin/policytool \
jre/lib/$_jarch/libawt_xawt.so \
@@ -228,9 +272,9 @@ jre() {
jre/lib/$_jarch/libjsoundalsa.so \
jre/lib/$_jarch/libsplashscreen.so; do
- dir=${file%/*}
- mkdir -p "$subpkgdir"/$_java_home/$dir
- mv "$pkgdir"/$_java_home/$file "$subpkgdir"/$_java_home/$dir
+ _dir=${_file%/*}
+ mkdir -p "$subpkgdir"/$_java_home/$_dir
+ mv "$pkgdir"/$_java_home/$_file "$subpkgdir"/$_java_home/$_dir
done
}
@@ -244,9 +288,9 @@ jrebase() {
mv "$pkgdir"/$_java_home/lib/$_jarch/jli \
"$subpkgdir"/$_java_home/lib/$_jarch/
- for file in java orbd rmid servertool unpack200 keytool \
+ for _file in java orbd rmid servertool unpack200 keytool \
pack200 rmiregistry tnameserv; do
- mv "$pkgdir"/$_java_home/bin/$file "$subpkgdir"/$_java_home/bin/
+ mv "$pkgdir"/$_java_home/bin/$_file "$subpkgdir"/$_java_home/bin/
done
# Rest of the jre subdir (which were not taken by -jre subpkg).
@@ -269,24 +313,22 @@ demos() {
"$subpkgdir"/$_java_home/
}
-sha512sums="a71c9318d49077f8ae27f5c3e0b61df0709eded241f557c886f6b93aa98c13ad78f713d1286da286989bf62866dfff7538ad783eb804a705a160cbc096dea851 icedtea-3.11.0.tar.xz
-fc3faa7d7b9531f10c40241d89c36854043921f6f1a0851f284bcab36fc54fb0bb8cf8365dd4b2fb22b3ee8ddb8ed4a79e0807f79cb95b4b00f164993f1acc0b openjdk-3.11.0.tar.xz
-9b8a44dda0bbfba8dc0d659e0fabf22e84b9931518e4b199a238faa103cbc4ed814c97f0f38f0aed263846b46fc7eab4500ba9759503373083e12cb8b5b364b5 corba-3.11.0.tar.xz
-9eba0f6ada2ae8adc1791a91ceb4fba9bd06aee0626cd1b4310ff16c7c8006045fed5fb7f109e490395b70695be4e6bfd6f1f5cbcdb095fb17abf123012a03de jaxp-3.11.0.tar.xz
-ce5f0c2aced1af59f002dc9dc6cba4b9332167e9e019a3040267901ef7f325e05b8c99ed1f276b88ddb4e43cdd1b0c456e0c4dc2222ae6b3800c0502ffa840de jaxws-3.11.0.tar.xz
-411508ed91f14ae1c51ea54de72a943db222ff572f3991631fe1a1fa97f9bb42da1e01ca98893f7236b4b44bae2917fc3f8622d7f94a085be30d437451acd272 jdk-3.11.0.tar.xz
-363c376848870c6c28415967561c4b151f1256c38a315fabc69c90425f5255224182045349a00c9433db52c416b7ebffedaa4825c980460541a3f9338adbaa5e langtools-3.11.0.tar.xz
-13fa35f4a4fe01b3da4efb8476c0cb3482a36596eb422f2ad958a4c51efc286962ac3123a75853e84c4db477ac064a0fd3ee5e03f1ea0ec4f7e2c8ac07aa2d0e hotspot-3.11.0.tar.xz
-2b46a8599d530a351522420cae8ac780cd2e64a6d7adbff87397a178f12f0a992bccd0f56435582dbd10be2157d4a4540c41b3dca488566162eed680102e58a9 nashorn-3.11.0.tar.xz
-c0776ff52e11a353fee29419319cd9e1fc4e5bb922832547616e8499fd52852a935a6a6fb93b49a67ab7b3fd2f7a63320f917e354cc7123220139e80694a7b5a icedtea-hotspot-musl.patch
+sha512sums="67964f283b5a220ded7c86141ac359fc51f41077686d3e68568a9f303d2e5e6d62472bef2d6f5f9d53897a55589c84d3212983194607b9a6704192752f8ad2ac icedtea-3.16.0.tar.xz
+76b32457958c2cdbb0006629bb41652286a1a9bfbda862665eddf822d4653d4858f9f2565e849b0e49f031b7667be73be8fe8c71abc65e1795eb570a96d1fd1e openjdk-3.16.0.tar.xz
+bf90c95f401d4628e32b9a7ea78b7d43944f82882818a81d2ff368f09e49148091bf823d78ed56c343c175fe6d25492d9b78e25b725f218592ea94c4ae285e56 corba-3.16.0.tar.xz
+86e8c18741c1f4baca27d784b068765e404a5c2ee6ecb172c826fc1d6192b5776133f103b749839c39154fcaec87a0df95e8fd5bcb56b1e9b811711b296a4836 jaxp-3.16.0.tar.xz
+824ef15aa70ec629406fd9b98a69e5699fe8f6a8ab06be00ac546bcda1daf485b20de6ea0310064e000efbaf35b1cebee25bf69033634fdce8434efb3bb16f1d jaxws-3.16.0.tar.xz
+9202f88b360637ad474920d8a6f85740e6a425679617ef713efd67778b4c7ca0b3eba7e4fc9d33de0bbd5dacda4862c8a9b63a13880204388b01af29d5fb6a55 jdk-3.16.0.tar.xz
+1858bb3b7dd37edd817a52c67a878b48bc9b790623e77d9a6107f54b141638cb101ae3b8df560e3352c9ca2925aa5d493b4924e36a238be5a9628c714cc23642 langtools-3.16.0.tar.xz
+19490ccc377fde5dc3d4396425e945f32e121ad0cc4be394b07f8698a7e3805b16fc41e427bab5fa290cb84efc7edb62acf8ca98072176343f5584d692592d2d hotspot-3.16.0.tar.xz
+4bf87e7441ac747f133612e1fba5c06946c6731bae76132ffc614b41fcb689fda9d9ceb1e1fee3765765c6109894c85cf0f6e6fa9eb301f9a2d640ea6cd1c16c nashorn-3.16.0.tar.xz
+bfbeccc931b9eab04fca94167b7569af26195297130e2effd9175d33b74dec3dc5727fea6e0cbf3cce21ba09641ddd868179544d3fabe8b128baaaccb9c2711c icedtea-hotspot-musl.patch
e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch
19459dbb922f5a71cd15b53199481498626a783c24f91d2544d55b7dddd2cdb34a64bbf0226b99548612dd1743af01b3f9ff32c30abbbc90ce727ca2dbbbd1f9 icedtea-hotspot-noagent-musl.patch
f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch
48533f87fc2cf29d26b259be0df51087d2fe5b252e72d00c6ea2f4add7b0fb113141718c116279c5905e03f64a1118082e719393786811367cf4d472b5d36774 icedtea-jdk-fix-ipv6-init.patch
b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec82792f3c9393150a9bd628625ddf7f3e55720ff163fbbb471 icedtea-jdk-fix-libjvm-load.patch
-1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch
-e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch
-7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch
+17c78db081a85e37721c23e0c0e7cab85e2201a0969bd4858cb90375b97d1703c9bf867f8ac02f6b33f9775b78bae41e38223b7a887918d4a6c9f29b75f3de28 icedtea-jdk-musl.patch
+974fb54532b7e7d738f4278187fc6bd9f9b2d99866b94f68a617ee4911c89a3b8cc41ecfdcaefecf9157492d006b1844b6b0b41ac4209d84f9e8d13c9e485dd3 icedtea-jdk-includes.patch
662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch
-9ea7ac942baf29cc619bc2e1acd59201b9f6d38f39a517b495d7613aec746459200c81afb57c5fcdcb856f6bc8b33f7566c8593fed07e5c73f43e08f1072d458 icedtea-jdk-tls-nist-curves.patch
b0f6d07c6a949acdc8b4a25bf924f134f468e162f01dd440fd4ca80769fb84a0a54210f93efbe88012404fe3db6701aad31cdbc772bc054ad69021c37db5538c remove-gawk.patch"
diff --git a/user/openjdk8/icedtea-hotspot-musl.patch b/user/openjdk8/icedtea-hotspot-musl.patch
index 6cfb3e606..5d6f688a1 100644
--- a/user/openjdk8/icedtea-hotspot-musl.patch
+++ b/user/openjdk8/icedtea-hotspot-musl.patch
@@ -82,8 +82,8 @@ index d2c10e0..20f657f 100644
-# include <fpu_control.h>
+# include <linux/types.h> /* provides __u64 */
- #ifdef BUILTIN_SIM
- #define REG_SP REG_RSP
+ #define REG_FP 29
+
diff --git openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp
index 38388cb..2505ba8 100644
--- openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp
diff --git a/user/openjdk8/icedtea-jdk-getmntent-buffer.patch b/user/openjdk8/icedtea-jdk-getmntent-buffer.patch
deleted file mode 100644
index 075a9d423..000000000
--- a/user/openjdk8/icedtea-jdk-getmntent-buffer.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-Give a much bigger buffer to getmntent_r.
-
-https://bugs.alpinelinux.org/issues/7093
-
-diff --git a/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c b/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-index c8500db..d0b85d6 100644
---- openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-+++ openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c
-@@ -33,6 +33,7 @@
- #include <dlfcn.h>
- #include <errno.h>
- #include <mntent.h>
-+#include <limits.h>
-
- #include "sun_nio_fs_LinuxNativeDispatcher.h"
-
-@@ -173,8 +174,8 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- jlong value, jobject entry)
- {
- struct mntent ent;
-- char buf[1024];
-- int buflen = sizeof(buf);
-+ char *buf = NULL;
-+ const size_t buflen = PATH_MAX * 4;
- struct mntent* m;
- FILE* fp = jlong_to_ptr(value);
- jsize len;
-@@ -183,10 +184,17 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- char* dir;
- char* fstype;
- char* options;
-+ jint res = -1;
-
-- m = getmntent_r(fp, &ent, (char*)&buf, buflen);
-- if (m == NULL)
-+ buf = malloc(buflen);
-+ if (buf == NULL) {
-+ JNU_ThrowOutOfMemoryError(env, "native heap");
- return -1;
-+ }
-+ m = getmntent_r(fp, &ent, buf, buflen);
-+ if (m == NULL)
-+ goto out;
-+
- name = m->mnt_fsname;
- dir = m->mnt_dir;
- fstype = m->mnt_type;
-@@ -195,32 +203,35 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this,
- len = strlen(name);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)name);
- (*env)->SetObjectField(env, entry, entry_name, bytes);
-
- len = strlen(dir);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)dir);
- (*env)->SetObjectField(env, entry, entry_dir, bytes);
-
- len = strlen(fstype);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)fstype);
- (*env)->SetObjectField(env, entry, entry_fstype, bytes);
-
- len = strlen(options);
- bytes = (*env)->NewByteArray(env, len);
- if (bytes == NULL)
-- return -1;
-+ goto out;
- (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)options);
- (*env)->SetObjectField(env, entry, entry_options, bytes);
-
-- return 0;
-+ res = 0;
-+out:
-+ free(buf);
-+ return res;
- }
-
- JNIEXPORT void JNICALL
diff --git a/user/openjdk8/icedtea-jdk-includes.patch b/user/openjdk8/icedtea-jdk-includes.patch
index 6443a1973..5acbb9efb 100644
--- a/user/openjdk8/icedtea-jdk-includes.patch
+++ b/user/openjdk8/icedtea-jdk-includes.patch
@@ -53,17 +53,6 @@
/* O Flags */
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c
-+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c
-@@ -28,7 +28,7 @@
- #include <sys/types.h>
- #include <sys/socket.h>
- #if defined(__linux__) && !defined(USE_SELECT)
--#include <sys/poll.h>
-+#include <poll.h>
- #endif
- #include <netinet/tcp.h> /* Defines TCP_NODELAY, needed for 2.6 */
- #include <netinet/in.h>
--- openjdk.orig/jdk/src/solaris/native/java/net/bsd_close.c
+++ openjdk/jdk/src/solaris/native/java/net/bsd_close.c
@@ -36,7 +36,7 @@
@@ -88,14 +77,14 @@
* Stack allocated by thread when doing blocking operation
--- openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.h
+++ openjdk/jdk/src/solaris/native/java/net/net_util_md.h
-@@ -33,7 +33,7 @@
- #include <unistd.h>
-
- #ifndef USE_SELECT
+@@ -27,7 +27,7 @@
+ #define NET_UTILS_MD_H
+
+ #include <netdb.h>
-#include <sys/poll.h>
+#include <poll.h>
- #endif
-
+ #include <sys/socket.h>
+
int NET_Timeout(int s, long timeout);
--- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c
+++ openjdk/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c
diff --git a/user/openjdk8/icedtea-jdk-musl.patch b/user/openjdk8/icedtea-jdk-musl.patch
index 97946ba42..7dbd6872c 100644
--- a/user/openjdk8/icedtea-jdk-musl.patch
+++ b/user/openjdk8/icedtea-jdk-musl.patch
@@ -47,32 +47,10 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/Inet4AddressImpl.c openjdk
#define HAS_GLIBC_GETHOSTBY_R 1
#endif
-diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-02-06 11:23:47.047832009 +0000
-@@ -41,7 +41,6 @@
- #endif
- #ifdef __linux__
- #include <unistd.h>
--#include <sys/sysctl.h>
- #include <sys/utsname.h>
- #include <netinet/ip.h>
-
-diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c
---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-02-06 11:23:47.047832009 +0000
-@@ -43,7 +43,6 @@
- #endif
- #ifdef __linux__
- #include <unistd.h>
--#include <sys/sysctl.h>
- #endif
-
- #include "jvm.h"
diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/src/solaris/native/java/net/linux_close.c
---- openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c 2017-01-25 04:22:03.000000000 +0000
-+++ openjdk/jdk/src/solaris/native/java/net/linux_close.c 2017-02-06 11:23:47.047832009 +0000
-@@ -56,7 +56,7 @@
+--- openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c 2020-04-29 12:33:10.000000000 +0000
++++ openjdk/jdk/src/solaris/native/java/net/linux_close.c 2020-05-02 19:35:51.590000000 +0000
+@@ -58,7 +58,7 @@ typedef struct {
/*
* Signal to unblock thread
*/
@@ -80,8 +58,8 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/
+static int sigWakeup;
/*
- * The fd table and the number of file descriptors
-@@ -95,6 +95,9 @@
+ * fdTable holds one entry per file descriptor, up to a certain
+@@ -147,6 +147,9 @@ static void __attribute((constructor)) i
/*
* Setup the signal handler
*/
diff --git a/user/openjdk8/icedtea-jdk-tls-nist-curves.patch b/user/openjdk8/icedtea-jdk-tls-nist-curves.patch
deleted file mode 100644
index 75fb3af8c..000000000
--- a/user/openjdk8/icedtea-jdk-tls-nist-curves.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Bug #7404 TLS negotiation error in OpenJDK 8 u131
-
-Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115
-on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation
-errors for some clients.
-
-Root cause appears to be OpenJDK announcing support for NIST curves the
-underlying NSS library does doesn't. This patch limits OpenJDK's
-announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25
-(secp521r1).
-
-Related issues:
-
-* https://github.com/docker-library/openjdk/issues/115
-* https://bugs.alpinelinux.org/issues/7404
-* https://access.redhat.com/discussions/2339811
-* https://bugzilla.redhat.com/show_bug.cgi?id=1022017
-* https://bugzilla.redhat.com/show_bug.cgi?id=1348525
-
---- openjdk.orig/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-05-08 20:03:50.000000000 -0700
-+++ openjdk/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java 2017-06-14 13:37:00.000000000 -0700
-@@ -168,21 +168,10 @@
- "contains no supported elliptic curves");
- }
- } else { // default curves
-- int[] ids;
-- if (requireFips) {
-- ids = new int[] {
-- // only NIST curves in FIPS mode
-- 23, 24, 25, 9, 10, 11, 12, 13, 14,
-- };
-- } else {
-- ids = new int[] {
-- // NIST curves first
-- 23, 24, 25, 9, 10, 11, 12, 13, 14,
-- // non-NIST curves
-- 22,
-- };
-- }
--
-+ int[] ids = new int[] {
-+ // NSS currently only supports these three NIST curves
-+ 23, 24, 25
-+ };
- idList = new ArrayList<>(ids.length);
- for (int curveId : ids) {
- if (isAvailableCurve(curveId)) {