commit java-1_7_0-openjdk for openSUSE:Factory
Hello community, here is the log from the commit of package java-1_7_0-openjdk for openSUSE:Factory checked in at 2016-08-06 20:36:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/java-1_7_0-openjdk (Old) and /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "java-1_7_0-openjdk" Changes: -------- --- /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/java-1_7_0-openjdk-bootstrap.changes 2016-07-20 09:15:06.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/java-1_7_0-openjdk-bootstrap.changes 2016-08-06 20:36:55.000000000 +0200 @@ -1,0 +2,182 @@ +Fri Jul 29 05:42:38 UTC 2016 - fstrba@suse.com + +- Update to 2.6.7 - OpenJDK 7u111 + * Security fixes + - S8079718, CVE-2016-3458: IIOP Input Stream Hooking + (bsc#989732) + - S8145446, CVE-2016-3485: Perfect pipe placement (Windows + only) (bsc#989734) + - S8147771: Construction of static protection domains under + Javax custom policy + - S8148872, CVE-2016-3500: Complete name checking (bsc#989730) + - S8149962, CVE-2016-3508: Better delineation of XML processing + (bsc#989731) + - S8150752: Share Class Data + - S8151925: Font reference improvements + - S8152479, CVE-2016-3550: Coded byte streams (bsc#989733) + - S8155981, CVE-2016-3606: Bolster bytecode verification + (bsc#989722) + - S8155985, CVE-2016-3598: Persistent Parameter Processing + (bsc#989723) + - S8158571, CVE-2016-3610: Additional method handle validation + (bsc#989725) + - CVE-2016-3511 (bsc#989727) + - CVE-2016-3503 (bsc#989728) + - CVE-2016-3498 (bsc#989729) + * Import of OpenJDK 7 u111 build 0 + - S6953295: Move few sun.security.{util, x509, pkcs} classes + used by keytool/jarsigner to another package + - S7060849: Eliminate pack200 build warnings + - S7064075: Security libraries don't build with + javac -Xlint:all,-deprecation -Werror + - S7069870: Parts of the JDK erroneously rely on generic array + initializers with diamond + - S7102686: Restructure timestamp code so that jars and modules + can more easily share the same code + - S7105780: Add SSLSocket client/SSLEngine server to templates + directory + - S7142339: PKCS7.java is needlessly creating SHA1PRNG + SecureRandom instances when timestamping is not done + - S7152582: PKCS11 tests should use the NSS libraries available + in the OS + - S7192202: Make sure keytool prints both unknown and + unparseable extensions + - S7194449: String resources for Key Tool and Policy Tool + should be in their respective packages + - S7196855: autotest.sh fails on ubuntu because libsoftokn.so + not found + - S7200682: TEST_BUG: keytool/autotest.sh still has problems + with libsoftokn.so + - S8002306: (se) Selector.open fails if invoked with thread + interrupt status set [win] + - S8009636: JARSigner including TimeStamp PolicyID + (TSAPolicyID) as defined in RFC3161 + - S8019341: Update CookieHttpsClientTest to use the newer + framework. + - S8022228: Intermittent test failures in + sun/security/ssl/javax/net/ssl/NewAPIs + - S8022439: Fix lint warnings in sun.security.ec + - S8022594: Potential deadlock in <clinit> of + sun.nio.ch.Util/IOUtil + - S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails + intermittently + - S8036612: [parfait] JNI exception pending in + jdk/src/windows/native/sun/security/mscapi/security.cpp + - S8037557: test SessionCacheSizeTests.java timeout + - S8038837: Add support to jarsigner for specifying timestamp + hash algorithm + - S8079410: Hotspot version to share the same update and build + version from JDK + - S8130735: javax.swing.TimerQueue: timer fires late when + another timer starts + - S8139436: sun.security.mscapi.KeyStore might load incomplete + data + - S8144313: Test SessionTimeOutTests can be timeout + - S8146387: Test SSLSession/SessionCacheSizeTests socket + accept timed out + - S8146669: Test SessionTimeOutTests fails intermittently + - S8146993: Several javax/management/remote/mandatory regression + tests fail after JDK-8138811 + - S8147857: [TEST] RMIConnector logs attribute names incorrectly + - S8151841, PR3098: Build needs additional flags to compile + with GCC 6 + - S8151876: (tz) Support tzdata2016d + - S8157077: 8u101 L10n resource file updates + - S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow + not known. + * Import of OpenJDK 7 u111 build 1 + - S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java failing + - S8140344: add support for 3 digit update release numbers + - S8145017: Add support for 3 digit hotspot minor version + numbers + - S8162344: The API changes made by CR 7064075 need to be + reverted + * Backports + - S2178143, PR2958: JVM crashes if the number of bound CPUs + changed during runtime + - S4900206, PR3101: Include worst-case rounding tests for Math + library functions + - S6260348, PR3067: GTK+ L&F JTextComponent not respecting + desktop caret blink rate + - S6934604, PR3075: enable parts of EliminateAutoBox by default + - S7043064, PR3020: sun/java2d/cmm/ tests failed against + RI b141 & b138-nightly + - S7051394, PR3020: NullPointerException when running + regression tests LoadProfileTest by using openjdk-7-b144 + - S7086015, PR3013: fix + test/tools/javac/parser/netbeans/JavacParserTest.java + - S7119487, PR3013: JavacParserTest.java test fails on Windows + platforms + - S7124245, PR3020: [lcms] ColorConvertOp to color space + CS_GRAY apparently converts orange to 244,244,0 + - S7159445, PR3013: (javac) emits inaccurate diagnostics for + enhanced for-loops + - S7175845, PR1437, RH1207129: 'jar uf' changes file + permissions unexpectedly + - S8005402, PR3020: Need to provide benchmarks for color + management + - S8005530, PR3020: [lcms] Improve performance of ColorConverOp + for default destinations + - S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not + transferred from source to destination. + - S8013430, PR3020: REGRESSION: + closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java + fails with java.io.StreamCorruptedException: invalid type + code: EE since 8b87 + - S8014286, PR3075: failed java/lang/Math/DivModTests.java + after 6934604 changes + - S8014959, PR3075: assert(Compile::current()->live_nodes() < (uint)MaxNodeLimit) + failed: Live Node limit exceeded limit + - S8019247, PR3075: SIGSEGV in compiled method + c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object + - S8024511, PR3020: Crash during color profile destruction + - S8025429, PR3020: [parfait] warnings from b107 for + sun.java2d.cmm: JNI exception pending + - S8026702, PR3020: Fix for 8025429 breaks jdk build on windows + - S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for + Java_awt test suit + - S8047066, PR3020: Test test/sun/awt/image/bug8038000.java + fails with ClassCastException + - S8069181, PR3012, RH1015612: java.lang.AssertionError when + compiling JDK 1.4 code in JDK 8 + - S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt + can lead to the generation of illegal instructions (bsc#988651) + - S8159244, PR3075: Partially initialized string object created + by C2's string concat optimization may escape + * Bug fixes + - PR2799, RH1195203: Files are missing from resources.jar + - PR2900: Don't use WithSeed versions of NSS functions as they + don't fully process the seed + - PR3091: SystemTap is heavily confused by multiple JDKs + - PR3102: Extend 8022594 to AixPollPort + - PR3103: Handle case in clean-fonts where + linux.fontconfig.Gentoo.properties.old has not been created + - PR3111: Provide option to disable SystemTap tests + - PR3114: Don't assume system mime.types supports + text/x-java-source + - PR3115: Add check for elliptic curve cryptography + implementation + - PR3116: Add tests for Java debug info and source files + - PR3118: Path to agpl-3.0.txt not updated + - PR3119: Makefile handles cacerts as a symlink, but the + configure check doesn't + * AArch64 port + - S8148328, PR3100: aarch64: redundant lsr instructions in stub + code. + - S8148783, PR3100: aarch64: SEGV running SpecJBB2013 + - S8148948, PR3100: aarch64: generate_copy_longs calls align() + incorrectly + - S8150045, PR3100: arraycopy causes segfaults in SATB during + garbage collection + - S8154537, PR3100: AArch64: some integer rotate instructions + are never emitted + - S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads + in wrong mode + - S8157906, PR3100: aarch64: some more integer rotate + instructions are never emitted +- Removed patch: + * hotspot-aarch64-fix-48bit-va.patch + - fixed upstream +- Remove special flags for gcc6, since they are handled upstream + +------------------------------------------------------------------- java-1_7_0-openjdk.changes: same change Old: ---- hotspot-aarch64-fix-48bit-va.patch icedtea-2.6.6.tar.xz icedtea-2.6.6.tar.xz.sig New: ---- icedtea-2.6.7.tar.xz icedtea-2.6.7.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_7_0-openjdk-bootstrap.spec ++++++ --- /var/tmp/diff_new_pack.8reJ71/_old 2016-08-06 20:36:59.000000000 +0200 +++ /var/tmp/diff_new_pack.8reJ71/_new 2016-08-06 20:36:59.000000000 +0200 @@ -19,7 +19,7 @@ %{!?aarch64:%global aarch64 aarch64 arm64 armv8} %global jit_arches %{ix86} x86_64 ppc64 ppc64le %{arm} %{aarch64} %global test_arches %{ix86} x86_64 ppc64 ppc64le -%global icedtea_version 2.6.6 +%global icedtea_version 2.6.7 %global icedtea_sound_version 1.0.1 %global mauvedate 2008-10-22 %global buildoutputdir openjdk.build/ @@ -31,7 +31,7 @@ # Standard JPackage naming and versioning defines. %global priority 1705 %global javaver 1.7.0 -%global buildver 101 +%global buildver 111 # Standard JPackage directories and symbolic links. %global sdklnk java-%{javaver}-openjdk %global archname %{sdklnk} @@ -214,7 +214,6 @@ Patch1006: java-1_7_0-openjdk-override.patch Patch2000: java-1_7_0-openjdk-gcc6.patch Patch10011: openjdk-7-src-b147-no-return-in-nonvoid-hotspot.patch -Patch10012: hotspot-aarch64-fix-48bit-va.patch BuildRequires: alsa-lib-devel #BuildRequires: xalan-j2 # make sure to use bootstrap requires of ant @@ -311,6 +310,7 @@ BuildRequires: lksctp-tools-devel %endif %if 0%{?suse_version} < 1200 +BuildRequires: ant-nodeps BuildRequires: libxslt %else %if 0%{?suse_version} < 1220 @@ -546,10 +546,6 @@ export CFLAGS=$(rpm -E '%{optflags}' | sed 's/-Wall\>//') export CXXFLAGS=${CFLAGS} -%if 0%{?suse_version} >= 1330 -export EXTRA_CFLAGS="-Wno-error -fno-delete-null-pointer-checks -fno-lifetime-dse" -export EXTRA_CPP_FLAGS="-fno-delete-null-pointer-checks -fno-lifetime-dse" -%endif %if %{with_sunec} export NSS_SOFTOKN_CFLAGS="`pkg-config --cflags nss` -I`pwd`" export NSS_SOFTOKN_LIBS="-L%{_libdir} -lnssdbm3 -lsoftokn3 -lssl3 -lsmime3 -lnss3 -lnssutil3 -lfreebl -L%{_libdir}/nspr -lplds4 -lplc4 -lnspr4" @@ -642,7 +638,6 @@ patch -p1 -i %{PATCH1001} patch -p1 -i %{PATCH10011} -patch -p1 -i %{PATCH10012} %if %{with bootstrap} patch -p0 -i %{PATCH1006} @@ -1201,6 +1196,7 @@ %attr(755,root,root) %{_jvmdir}/%{sdkdir}/jre/lib/jexec %{_jvmdir}/%{sdkdir}/jre/lib/jvm.hprof.txt %{_jvmdir}/%{sdkdir}/jre/lib/meta-index +%{_jvmdir}/%{sdkdir}/jre/lib/mime.types %if 0%{?suse_version} <= 1130 %config(noreplace) %{cacerts} ++++++ java-1_7_0-openjdk.spec ++++++ --- /var/tmp/diff_new_pack.8reJ71/_old 2016-08-06 20:36:59.000000000 +0200 +++ /var/tmp/diff_new_pack.8reJ71/_new 2016-08-06 20:36:59.000000000 +0200 @@ -19,7 +19,7 @@ %{!?aarch64:%global aarch64 aarch64 arm64 armv8} %global jit_arches %{ix86} x86_64 ppc64 ppc64le %{arm} %{aarch64} %global test_arches %{ix86} x86_64 ppc64 ppc64le -%global icedtea_version 2.6.6 +%global icedtea_version 2.6.7 %global icedtea_sound_version 1.0.1 %global mauvedate 2008-10-22 %global buildoutputdir openjdk.build/ @@ -31,7 +31,7 @@ # Standard JPackage naming and versioning defines. %global priority 1705 %global javaver 1.7.0 -%global buildver 101 +%global buildver 111 # Standard JPackage directories and symbolic links. %global sdklnk java-%{javaver}-openjdk %global archname %{sdklnk} @@ -214,7 +214,6 @@ Patch1006: java-1_7_0-openjdk-override.patch Patch2000: java-1_7_0-openjdk-gcc6.patch Patch10011: openjdk-7-src-b147-no-return-in-nonvoid-hotspot.patch -Patch10012: hotspot-aarch64-fix-48bit-va.patch BuildRequires: alsa-lib-devel #BuildRequires: xalan-j2 # make sure to use bootstrap requires of ant @@ -311,6 +310,7 @@ BuildRequires: lksctp-tools-devel %endif %if 0%{?suse_version} < 1200 +BuildRequires: ant-nodeps BuildRequires: libxslt %else %if 0%{?suse_version} < 1220 @@ -546,10 +546,6 @@ export CFLAGS=$(rpm -E '%{optflags}' | sed 's/-Wall\>//') export CXXFLAGS=${CFLAGS} -%if 0%{?suse_version} >= 1330 -export EXTRA_CFLAGS="-Wno-error -fno-delete-null-pointer-checks -fno-lifetime-dse" -export EXTRA_CPP_FLAGS="-fno-delete-null-pointer-checks -fno-lifetime-dse" -%endif %if %{with_sunec} export NSS_SOFTOKN_CFLAGS="`pkg-config --cflags nss` -I`pwd`" export NSS_SOFTOKN_LIBS="-L%{_libdir} -lnssdbm3 -lsoftokn3 -lssl3 -lsmime3 -lnss3 -lnssutil3 -lfreebl -L%{_libdir}/nspr -lplds4 -lplc4 -lnspr4" @@ -642,7 +638,6 @@ patch -p1 -i %{PATCH1001} patch -p1 -i %{PATCH10011} -patch -p1 -i %{PATCH10012} %if %{with bootstrap} patch -p0 -i %{PATCH1006} @@ -1201,6 +1196,7 @@ %attr(755,root,root) %{_jvmdir}/%{sdkdir}/jre/lib/jexec %{_jvmdir}/%{sdkdir}/jre/lib/jvm.hprof.txt %{_jvmdir}/%{sdkdir}/jre/lib/meta-index +%{_jvmdir}/%{sdkdir}/jre/lib/mime.types %if 0%{?suse_version} <= 1130 %config(noreplace) %{cacerts} ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.8reJ71/_old 2016-08-06 20:36:59.000000000 +0200 +++ /var/tmp/diff_new_pack.8reJ71/_new 2016-08-06 20:36:59.000000000 +0200 @@ -1,7 +1,7 @@ <constraints> <hardware> <physicalmemory> - <size unit="M">2048</size> + <size unit="M">3072</size> </physicalmemory> <disk> <size unit="G">20</size> ++++++ corba.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-ca3e3c4c5a61/.hgtags new/corba-e5578d3bc593/.hgtags --- old/corba-ca3e3c4c5a61/.hgtags 2016-04-18 07:49:20.000000000 +0200 +++ new/corba-e5578d3bc593/.hgtags 2016-07-28 15:59:44.000000000 +0200 @@ -655,3 +655,7 @@ 389551542e139a9c84735a778726d1fdbac6105e icedtea-2.6.5 bd2be90026f7655b1c21a67b14d812ca7a495064 icedtea-2.6.6pre01 9c164195bcc97da6c6567e6e6d55ea349f1c583d jdk7u101-b00 +ca3e3c4c5a615deab554708211e21db1b9febcf4 icedtea-2.6.6 +4e571f4f723b9bebca89b3ca0f1130f63e804b80 icedtea-2.6.7pre01 +c1def4cc27fb92914168a5f65658eba4a1754dfe jdk7u111-b00 +36715cc029596f86e977d486e547f62bb07eed74 jdk7u111-b01 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java new/corba-e5578d3bc593/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java --- old/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java 2016-04-18 07:49:20.000000000 +0200 +++ new/corba-e5578d3bc593/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java 2016-07-28 15:59:44.000000000 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,21 +34,13 @@ import java.security.Policy; import java.security.PrivilegedAction; import java.security.ProtectionDomain; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Map; -import java.util.List; -import java.util.ListIterator; -import java.util.Set; -import java.util.Map.Entry; -import java.util.Collection; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.HashMap; import java.util.HashSet; import java.util.Hashtable; import java.util.Iterator; import java.util.Enumeration; -import java.util.Properties; -import java.util.IdentityHashMap; import java.util.StringTokenizer; import java.util.NoSuchElementException; @@ -165,8 +157,18 @@ * Return default ValueHandler */ public static ValueHandler createValueHandler() { + ValueHandler vh; + try { + vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() { + public ValueHandler run() throws Exception { return Util.createValueHandler(); } + }); + } catch (PrivilegedActionException e) { + throw new InternalError(e.getMessage()); + } + return vh; + } /** * Returns true if it was accurately determined that the remote ORB is @@ -664,7 +666,16 @@ * ValueHandler. */ public static byte getMaxStreamFormatVersion() { - ValueHandler vh = Util.createValueHandler(); + ValueHandler vh; + try { + vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() { + public ValueHandler run() throws Exception { + return Util.createValueHandler(); + } + }); + } catch (PrivilegedActionException e) { + throw new InternalError(e.getMessage()); + } if (!(vh instanceof javax.rmi.CORBA.ValueHandlerMultiFormat)) return ORBConstants.STREAM_FORMAT_VERSION_1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_zh_TW.properties new/corba-e5578d3bc593/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_zh_TW.properties --- old/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_zh_TW.properties 2016-04-18 07:49:20.000000000 +0200 +++ new/corba-e5578d3bc593/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_zh_TW.properties 2016-07-28 15:59:44.000000000 +0200 @@ -1,5 +1,5 @@ # -# Copyright (c) 2000, 2005, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -103,5 +103,5 @@ tnameserv.hs3=\u5C31\u7DD2\u3002 orbd.commfailure=\n\u56E0\u70BA ORBinitialPort \u5728\u4F7F\u7528\u4E2D\uFF0C\u6240\u4EE5\u7121\u6CD5\u555F\u52D5 ORBD\u3002 -orbd.internalexception=\n\u56E0\u70BA\u5167\u90E8\u767C\u751F\u7570\u5E38\uFF0C\u6240\u4EE5\u7121\u6CD5\u555F\u52D5 ORBD\u3002 \n\u53EF\u80FD\u7684\u539F\u56E0: \n1. \u6307\u5B9A\u7684 ORBInitialPort \u6216 ORBActivationPort \u5728\u4F7F\u7528\u4E2D\u3002 \n2. \u6C92\u6709\u5BEB\u5165 orb.db \u7684\u6B0A\u9650\u3002 +orbd.internalexception=\n\u56E0\u70BA\u5167\u90E8\u767C\u751F\u7570\u5E38\uFF0C\u6240\u4EE5\u7121\u6CD5\u555F\u52D5 ORBD\u3002\n\u53EF\u80FD\u7684\u539F\u56E0: \n1. \u6307\u5B9A\u7684 ORBInitialPort \u6216 ORBActivationPort \u5728\u4F7F\u7528\u4E2D\u3002\n2. \u6C92\u6709\u5BEB\u5165 orb.db \u7684\u6B0A\u9650\u3002 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-ca3e3c4c5a61/src/share/classes/javax/rmi/CORBA/Util.java new/corba-e5578d3bc593/src/share/classes/javax/rmi/CORBA/Util.java --- old/corba-ca3e3c4c5a61/src/share/classes/javax/rmi/CORBA/Util.java 2016-04-18 07:49:20.000000000 +0200 +++ new/corba-e5578d3bc593/src/share/classes/javax/rmi/CORBA/Util.java 2016-07-28 15:59:44.000000000 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,6 +45,7 @@ import java.rmi.Remote; import java.io.File; import java.io.FileInputStream; +import java.io.SerializablePermission; import java.net.MalformedURLException ; import java.security.AccessController; import java.security.PrivilegedAction; @@ -63,8 +64,22 @@ private static final javax.rmi.CORBA.UtilDelegate utilDelegate; private static final String UtilClassKey = "javax.rmi.CORBA.UtilClass"; + private static final String ALLOW_CREATEVALUEHANDLER_PROP = "jdk.rmi.CORBA.allowCustomValueHandler"; + private static boolean allowCustomValueHandler; + static { utilDelegate = (javax.rmi.CORBA.UtilDelegate)createDelegate(UtilClassKey); + allowCustomValueHandler = readAllowCustomValueHandlerProperty(); + } + + private static boolean readAllowCustomValueHandlerProperty () { + return AccessController + .doPrivileged(new PrivilegedAction<Boolean>() { + @Override + public Boolean run() { + return Boolean.getBoolean(ALLOW_CREATEVALUEHANDLER_PROP); + } + }); } private Util(){} @@ -111,7 +126,7 @@ * Writes a java.lang.Object as a CORBA Object. If <code>obj</code> is * an exported RMI-IIOP server object, the tie is found * and wired to <code>obj</code>, then written to -<code>out.write_Object(org.omg.CORBA.Object)</code>. + * <code>out.write_Object(org.omg.CORBA.Object)</code>. * If <code>obj</code> is a CORBA Object, it is written to * <code>out.write_Object(org.omg.CORBA.Object)</code>. * @param out the stream in which to write the object. @@ -196,6 +211,8 @@ */ public static ValueHandler createValueHandler() { + isCustomSerializationPermitted(); + if (utilDelegate != null) { return utilDelegate.createValueHandler(); } @@ -336,6 +353,7 @@ // security reasons. If you know a better solution how to share this code // then remove it from PortableRemoteObject. Also in Stub.java private static Object createDelegate(String classKey) { + String className = (String) AccessController.doPrivileged(new GetPropertyAction(classKey)); if (className == null) { @@ -388,4 +406,16 @@ new GetORBPropertiesFileAction()); } + private static void isCustomSerializationPermitted() { + SecurityManager sm = System.getSecurityManager(); + if (!allowCustomValueHandler) { + if ( sm != null) { + // check that a serialization permission has been + // set to allow the loading of the Util delegate + // which provides access to custom ValueHandler + sm.checkPermission(new SerializablePermission( + "enableCustomValueHandler")); + } + } + } } ++++++ hotspot.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/hotspot.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/hotspot.tar.bz2 differ: char 11, line 1 ++++++ icedtea-2.6.6.tar.xz -> icedtea-2.6.7.tar.xz ++++++ ++++ 10395 lines of diff (skipped) ++++++ jaxp.tar.bz2 ++++++ ++++ 4060 lines of diff (skipped) ++++++ jaxws.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxws-63f7bf7ed2d4/.hgtags new/jaxws-4a99f4eac257/.hgtags --- old/jaxws-63f7bf7ed2d4/.hgtags 2016-04-18 07:49:24.000000000 +0200 +++ new/jaxws-4a99f4eac257/.hgtags 2016-07-28 15:59:44.000000000 +0200 @@ -655,3 +655,7 @@ 9c049d7f5adcffa9347029056e0717c983327561 icedtea-2.6.5 16ce6457a33aac9e72c93cebb4002bed46bf3d32 icedtea-2.6.6pre01 36ee37eedf25da13abde1c0b8974fb3b95c59c7c jdk7u101-b00 +63f7bf7ed2d4172ae55f6073d31dff9cbeb95900 icedtea-2.6.6 +bce6252889c7ecfe2c4fa0677feab31d0d2cf21e icedtea-2.6.7pre01 +8fd4ada6c5d5c3f71cc52cc2af97c971a58c6b53 jdk7u111-b00 +18074c212a8997055baa9aca9e9ae0dbbe90e1f4 jdk7u111-b01 ++++++ jdk.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/jdk.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/jdk.tar.bz2 differ: char 11, line 1 ++++++ langtools.tar.bz2 ++++++ ++++ 1771 lines of diff (skipped) ++++++ openjdk.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/icedtea7-forest-2-6-882cfee70fe8/.hgtags new/icedtea7-forest-2-6-6aafb6fe0a1e/.hgtags --- old/icedtea7-forest-2-6-882cfee70fe8/.hgtags 2016-04-18 07:49:18.000000000 +0200 +++ new/icedtea7-forest-2-6-6aafb6fe0a1e/.hgtags 2016-07-28 15:59:43.000000000 +0200 @@ -653,3 +653,7 @@ 8e728c41fec5b9a945a12aecdd002ae1652d0253 icedtea-2.6.5 b8b43305701a43c34b3be0957bc8d75a76d1b4c7 icedtea-2.6.6pre01 12491db47c7ccffcc3e881df68f4c2f727b44e5d jdk7u101-b00 +882cfee70fe876a273ba8f594d03219aa8192cef icedtea-2.6.6 +8c0c17064521873767912ca59dcc7a1f772399d2 icedtea-2.6.7pre01 +bade1889699bab14082e84de3b40901964b52483 jdk7u111-b00 +9b95c1ef81fe7bb010a6938d1cb97843b9a1fc68 jdk7u111-b01
participants (1)
-
root@hilbert.suse.de