summaryrefslogtreecommitdiff
path: root/user/openjdk8/APKBUILD
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-05-04 12:37:39 -0500
committerMax Rees <maxcrees@me.com>2020-05-04 22:51:42 -0500
commit28fdd34de44edcf8d1a08cc45cd564099e9268fc (patch)
tree1e7dcb7d13c610594926f65a399b237b653fcead /user/openjdk8/APKBUILD
parent13df4b4fac8068b1c833c4cff3c49feacc53b26e (diff)
downloadpackages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.gz
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.bz2
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.tar.xz
packages-28fdd34de44edcf8d1a08cc45cd564099e9268fc.zip
user/openjdk8: [CVE] bump to 8.252.09 (#269)
* Bootstrap using openjdk8. Note that it will need to be manually installed when building now... * Cherrypick patch changes from Alpine: icedtea-jdk-tls-nist-curves.patch was integrated upstream, and icedtea-hotspot-musl.patch was rebased for 8u232. https://git.alpinelinux.org/aports/commit/community/openjdk8?id=04ec13ca9caa9a436001be92e674f230b9894894 * Rebase patches for 8u252-ga: In particular, icedtea-jdk-getmntent-buffer.patch is dropped since upstream takes a new approach by allocating a buffer according to the length of the longest line in mtab. https://bugs.openjdk.java.net/browse/JDK-8229872 * Use private variables (_) where applicable
Diffstat (limited to 'user/openjdk8/APKBUILD')
-rw-r--r--user/openjdk8/APKBUILD126
1 files changed, 84 insertions, 42 deletions
diff --git a/user/openjdk8/APKBUILD b/user/openjdk8/APKBUILD
index 4ad8f07a0..db3ccf6b1 100644
--- a/user/openjdk8/APKBUILD
+++ b/user/openjdk8/APKBUILD
@@ -1,9 +1,9 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=openjdk8
-_icedteaver=3.11.0
+_icedteaver=3.16.0
# pkgver is <JDK version>.<JDK update>.<JDK build>
# Check https://icedtea.classpath.org/wiki/Main_Page when updating
-pkgver=8.201.08
+pkgver=8.252.09
pkgrel=0
pkgdesc="Libre Java development kit for Java 8"
url="https://icedtea.classpath.org/"
@@ -13,7 +13,7 @@ license="GPL-2.0-only"
depends="$pkgname-jre java-cacerts"
makedepends="bash findutils libarchive-tools zip file util-linux libxslt
autoconf automake linux-headers sed xz coreutils
- openjdk7 ca-certificates libjpeg-turbo-dev cmd:which
+ ca-certificates libjpeg-turbo-dev cmd:which
nss-dev nss-static cups-dev giflib-dev libpng-dev libxt-dev
lcms2-dev libxp-dev libxtst-dev libxinerama-dev zlib-dev
libxrender-dev alsa-lib-dev freetype-dev fontconfig-dev
@@ -29,7 +29,7 @@ ppc64) _jarch=ppc64
*) _jarch="$CARCH";;
esac
-_bootstrap_java_home="/usr/lib/jvm/java-1.7-openjdk"
+_bootstrap_java_home="/usr/lib/jvm/java-1.8-openjdk"
_java_home="/usr/lib/jvm/java-1.8-openjdk"
_jrelib="$_java_home/jre/lib/$_jarch"
@@ -62,14 +62,58 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x
icedtea-jdk-fix-libjvm-load.patch
icedtea-jdk-musl.patch
icedtea-jdk-includes.patch
- icedtea-jdk-getmntent-buffer.patch
icedtea-autoconf-config.patch
- icedtea-jdk-tls-nist-curves.patch
remove-gawk.patch
"
builddir="$srcdir/icedtea-$_icedteaver"
# secfixes:
+# 8.252.09-r0:
+# - CVE-2019-2602
+# - CVE-2019-2684
+# - CVE-2019-2698
+# - CVE-2019-2745
+# - CVE-2019-2762
+# - CVE-2019-2766
+# - CVE-2019-2769
+# - CVE-2019-2786
+# - CVE-2019-2816
+# - CVE-2019-2842
+# - CVE-2019-2894
+# - CVE-2019-2933
+# - CVE-2019-2945
+# - CVE-2019-2949
+# - CVE-2019-2958
+# - CVE-2019-2962
+# - CVE-2019-2964
+# - CVE-2019-2973
+# - CVE-2019-2975
+# - CVE-2019-2978
+# - CVE-2019-2981
+# - CVE-2019-2983
+# - CVE-2019-2987
+# - CVE-2019-2988
+# - CVE-2019-2989
+# - CVE-2019-2992
+# - CVE-2019-2999
+# - CVE-2019-7317
+# - CVE-2020-2583
+# - CVE-2020-2590
+# - CVE-2020-2593
+# - CVE-2020-2601
+# - CVE-2020-2604
+# - CVE-2020-2654
+# - CVE-2020-2659
+# - CVE-2020-2754
+# - CVE-2020-2755
+# - CVE-2020-2756
+# - CVE-2020-2757
+# - CVE-2020-2773
+# - CVE-2020-2781
+# - CVE-2020-2800
+# - CVE-2020-2803
+# - CVE-2020-2805
+# - CVE-2020-2830
# 8.201.08-r0:
# - CVE-2019-2422
# - CVE-2019-2426
@@ -102,22 +146,22 @@ unpack() {
}
prepare() {
- ver_u="$(sed -En 's/^\s*JDK_UPDATE_VERSION\s*=\s*(\S+).*/\1/p' acinclude.m4)"
- ver_b="$(sed -En 's/^\s*BUILD_VERSION\s*=\s*b(\S+).*/\1/p' acinclude.m4)"
- [ "${pkgver#*.}" = "$ver_u.$ver_b" ] \
- || die "Version mismatch, source is 8.$ver_u.$ver_b, but abuild defines $pkgver!"
+ _ver_u="$(sed -En 's/^\s*JDK_UPDATE_VERSION\s*=\s*(\S+).*/\1/p' acinclude.m4)"
+ _ver_b="$(sed -En 's/^\s*BUILD_VERSION\s*=\s*b(\S+).*/\1/p' acinclude.m4)"
+ [ "${pkgver#*.}" = "$_ver_u.$_ver_b" ] \
+ || die "Version mismatch, source is 8.$_ver_u.$_ver_b, but abuild defines $pkgver!"
# Busybox sha256 does not support longopts.
sed -e "s/--check/-c/g" -i Makefile.am
- for patch in $source; do
- case $patch in
+ for _patch in $source; do
+ case $_patch in
icedtea-*.patch)
- cp ../$patch patches
+ cp ../$_patch patches
;;
*.patch)
- msg "Applying patch $patch"
- patch -p1 -i "$srcdir"/$patch
+ msg "Applying patch $_patch"
+ patch -p1 -i "$srcdir"/$_patch
;;
esac
done
@@ -134,10 +178,10 @@ build() {
fi
DISTRIBUTION_PATCHES=""
- for patch in $source; do
- case $patch in
+ for _patch in $source; do
+ case $_patch in
icedtea-*.patch)
- DISTRIBUTION_PATCHES="$DISTRIBUTION_PATCHES patches/$patch"
+ DISTRIBUTION_PATCHES="$DISTRIBUTION_PATCHES patches/$_patch"
;;
esac
done
@@ -200,7 +244,7 @@ jrelib() {
pkgdesc="OpenJDK 8 Java Runtime (class libraries)"
depends=""
- for file in jre/lib/images \
+ for _file in jre/lib/images \
jre/lib/*.jar \
jre/lib/security \
jre/lib/ext/*.jar \
@@ -209,9 +253,9 @@ jrelib() {
jre/THIRD_PARTY_README \
jre/LICENSE; do
- dir=${file%/*}
- mkdir -p "$subpkgdir"/$_java_home/$dir
- mv "$pkgdir"/$_java_home/$file "$subpkgdir"/$_java_home/$dir
+ _dir=${_file%/*}
+ mkdir -p "$subpkgdir"/$_java_home/$_dir
+ mv "$pkgdir"/$_java_home/$_file "$subpkgdir"/$_java_home/$_dir
done
}
@@ -219,7 +263,7 @@ jre() {
pkgdesc="OpenJDK 8 Java Runtime"
mkdir -p "$subpkgdir"
- for file in jre/bin/policytool \
+ for _file in jre/bin/policytool \
bin/appletviewer \
bin/policytool \
jre/lib/$_jarch/libawt_xawt.so \
@@ -228,9 +272,9 @@ jre() {
jre/lib/$_jarch/libjsoundalsa.so \
jre/lib/$_jarch/libsplashscreen.so; do
- dir=${file%/*}
- mkdir -p "$subpkgdir"/$_java_home/$dir
- mv "$pkgdir"/$_java_home/$file "$subpkgdir"/$_java_home/$dir
+ _dir=${_file%/*}
+ mkdir -p "$subpkgdir"/$_java_home/$_dir
+ mv "$pkgdir"/$_java_home/$_file "$subpkgdir"/$_java_home/$_dir
done
}
@@ -244,9 +288,9 @@ jrebase() {
mv "$pkgdir"/$_java_home/lib/$_jarch/jli \
"$subpkgdir"/$_java_home/lib/$_jarch/
- for file in java orbd rmid servertool unpack200 keytool \
+ for _file in java orbd rmid servertool unpack200 keytool \
pack200 rmiregistry tnameserv; do
- mv "$pkgdir"/$_java_home/bin/$file "$subpkgdir"/$_java_home/bin/
+ mv "$pkgdir"/$_java_home/bin/$_file "$subpkgdir"/$_java_home/bin/
done
# Rest of the jre subdir (which were not taken by -jre subpkg).
@@ -269,24 +313,22 @@ demos() {
"$subpkgdir"/$_java_home/
}
-sha512sums="a71c9318d49077f8ae27f5c3e0b61df0709eded241f557c886f6b93aa98c13ad78f713d1286da286989bf62866dfff7538ad783eb804a705a160cbc096dea851 icedtea-3.11.0.tar.xz
-fc3faa7d7b9531f10c40241d89c36854043921f6f1a0851f284bcab36fc54fb0bb8cf8365dd4b2fb22b3ee8ddb8ed4a79e0807f79cb95b4b00f164993f1acc0b openjdk-3.11.0.tar.xz
-9b8a44dda0bbfba8dc0d659e0fabf22e84b9931518e4b199a238faa103cbc4ed814c97f0f38f0aed263846b46fc7eab4500ba9759503373083e12cb8b5b364b5 corba-3.11.0.tar.xz
-9eba0f6ada2ae8adc1791a91ceb4fba9bd06aee0626cd1b4310ff16c7c8006045fed5fb7f109e490395b70695be4e6bfd6f1f5cbcdb095fb17abf123012a03de jaxp-3.11.0.tar.xz
-ce5f0c2aced1af59f002dc9dc6cba4b9332167e9e019a3040267901ef7f325e05b8c99ed1f276b88ddb4e43cdd1b0c456e0c4dc2222ae6b3800c0502ffa840de jaxws-3.11.0.tar.xz
-411508ed91f14ae1c51ea54de72a943db222ff572f3991631fe1a1fa97f9bb42da1e01ca98893f7236b4b44bae2917fc3f8622d7f94a085be30d437451acd272 jdk-3.11.0.tar.xz
-363c376848870c6c28415967561c4b151f1256c38a315fabc69c90425f5255224182045349a00c9433db52c416b7ebffedaa4825c980460541a3f9338adbaa5e langtools-3.11.0.tar.xz
-13fa35f4a4fe01b3da4efb8476c0cb3482a36596eb422f2ad958a4c51efc286962ac3123a75853e84c4db477ac064a0fd3ee5e03f1ea0ec4f7e2c8ac07aa2d0e hotspot-3.11.0.tar.xz
-2b46a8599d530a351522420cae8ac780cd2e64a6d7adbff87397a178f12f0a992bccd0f56435582dbd10be2157d4a4540c41b3dca488566162eed680102e58a9 nashorn-3.11.0.tar.xz
-c0776ff52e11a353fee29419319cd9e1fc4e5bb922832547616e8499fd52852a935a6a6fb93b49a67ab7b3fd2f7a63320f917e354cc7123220139e80694a7b5a icedtea-hotspot-musl.patch
+sha512sums="67964f283b5a220ded7c86141ac359fc51f41077686d3e68568a9f303d2e5e6d62472bef2d6f5f9d53897a55589c84d3212983194607b9a6704192752f8ad2ac icedtea-3.16.0.tar.xz
+76b32457958c2cdbb0006629bb41652286a1a9bfbda862665eddf822d4653d4858f9f2565e849b0e49f031b7667be73be8fe8c71abc65e1795eb570a96d1fd1e openjdk-3.16.0.tar.xz
+bf90c95f401d4628e32b9a7ea78b7d43944f82882818a81d2ff368f09e49148091bf823d78ed56c343c175fe6d25492d9b78e25b725f218592ea94c4ae285e56 corba-3.16.0.tar.xz
+86e8c18741c1f4baca27d784b068765e404a5c2ee6ecb172c826fc1d6192b5776133f103b749839c39154fcaec87a0df95e8fd5bcb56b1e9b811711b296a4836 jaxp-3.16.0.tar.xz
+824ef15aa70ec629406fd9b98a69e5699fe8f6a8ab06be00ac546bcda1daf485b20de6ea0310064e000efbaf35b1cebee25bf69033634fdce8434efb3bb16f1d jaxws-3.16.0.tar.xz
+9202f88b360637ad474920d8a6f85740e6a425679617ef713efd67778b4c7ca0b3eba7e4fc9d33de0bbd5dacda4862c8a9b63a13880204388b01af29d5fb6a55 jdk-3.16.0.tar.xz
+1858bb3b7dd37edd817a52c67a878b48bc9b790623e77d9a6107f54b141638cb101ae3b8df560e3352c9ca2925aa5d493b4924e36a238be5a9628c714cc23642 langtools-3.16.0.tar.xz
+19490ccc377fde5dc3d4396425e945f32e121ad0cc4be394b07f8698a7e3805b16fc41e427bab5fa290cb84efc7edb62acf8ca98072176343f5584d692592d2d hotspot-3.16.0.tar.xz
+4bf87e7441ac747f133612e1fba5c06946c6731bae76132ffc614b41fcb689fda9d9ceb1e1fee3765765c6109894c85cf0f6e6fa9eb301f9a2d640ea6cd1c16c nashorn-3.16.0.tar.xz
+bfbeccc931b9eab04fca94167b7569af26195297130e2effd9175d33b74dec3dc5727fea6e0cbf3cce21ba09641ddd868179544d3fabe8b128baaaccb9c2711c icedtea-hotspot-musl.patch
e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch
19459dbb922f5a71cd15b53199481498626a783c24f91d2544d55b7dddd2cdb34a64bbf0226b99548612dd1743af01b3f9ff32c30abbbc90ce727ca2dbbbd1f9 icedtea-hotspot-noagent-musl.patch
f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch
48533f87fc2cf29d26b259be0df51087d2fe5b252e72d00c6ea2f4add7b0fb113141718c116279c5905e03f64a1118082e719393786811367cf4d472b5d36774 icedtea-jdk-fix-ipv6-init.patch
b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec82792f3c9393150a9bd628625ddf7f3e55720ff163fbbb471 icedtea-jdk-fix-libjvm-load.patch
-1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch
-e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch
-7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch
+17c78db081a85e37721c23e0c0e7cab85e2201a0969bd4858cb90375b97d1703c9bf867f8ac02f6b33f9775b78bae41e38223b7a887918d4a6c9f29b75f3de28 icedtea-jdk-musl.patch
+974fb54532b7e7d738f4278187fc6bd9f9b2d99866b94f68a617ee4911c89a3b8cc41ecfdcaefecf9157492d006b1844b6b0b41ac4209d84f9e8d13c9e485dd3 icedtea-jdk-includes.patch
662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch
-9ea7ac942baf29cc619bc2e1acd59201b9f6d38f39a517b495d7613aec746459200c81afb57c5fcdcb856f6bc8b33f7566c8593fed07e5c73f43e08f1072d458 icedtea-jdk-tls-nist-curves.patch
b0f6d07c6a949acdc8b4a25bf924f134f468e162f01dd440fd4ca80769fb84a0a54210f93efbe88012404fe3db6701aad31cdbc772bc054ad69021c37db5538c remove-gawk.patch"