Hello community, here is the log from the commit of package icedtea-web.1594 for openSUSE:12.3:Update checked in at 2013-04-29 10:33:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/icedtea-web.1594 (Old) and /work/SRC/openSUSE:12.3:Update/.icedtea-web.1594.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "icedtea-web.1594", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-04-05 00:01:41.916011506 +0200 +++ /work/SRC/openSUSE:12.3:Update/.icedtea-web.1594.new/icedtea-web.changes 2013-04-29 10:33:06.000000000 +0200 @@ -0,0 +1,243 @@ +------------------------------------------------------------------- +Wed Apr 17 14:11:32 UTC 2013 - mvyskocil@suse.com + +- update to 1.3.2 (bnc#815596) +- Security Updates + * CVE-2013-1927, RH884705: fixed gifar vulnerability + * CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. +- Common + * Added new option in itw-settings which allows users to set JVM arguments + when plugin is initialized. +- NetX + * PR580: http://www.horaoficial.cl/ loads improperly +- Plugin + * PR1260: IcedTea-Web should not rely on GTK + obsoletes icedtea-web-remove-gtk-dep.patch + * PR1157: Applets can hang browser after fatal exception + +------------------------------------------------------------------- +Sat Jan 19 22:55:39 UTC 2013 - zaitor@opensuse.org + +- Add icedtea-web-remove-gtk-dep.patch, build icedtea-web without + GTK. Plugin now works in both gtk2 and gtk3 based browsers. + +------------------------------------------------------------------- +Wed Jan 16 15:03:43 UTC 2013 - mvyskocil@suse.com + +- limit the provides/obsoletes to architectures, where -plugin package + existed and don't pollute shiny new arm with an old garbage + +------------------------------------------------------------------- +Tue Jan 15 21:17:00 UTC 2013 - dmueller@suse.com + +- handle the package renaming on arm properly + +------------------------------------------------------------------- +Wed Nov 7 08:44:05 UTC 2012 - mvyskocil@suse.com + +- update to 1.3.1 (bnc#787846) +- Security Updates + * CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet +- Common + - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 + fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775) + +------------------------------------------------------------------- +Mon Sep 10 08:29:27 UTC 2012 - mvyskocil@suse.cz + +- update to 1.3 (bnc#779001) +- New features: + * Web Start launch errors are now printed to give proper indication as to the + cause + * Significant performance improvement when loading applets that refer to + missing classes + * Support for latest versions of Chromium + * Security warning dialog improvements to better clarify security request + * Support build with GTK2 and GTK3 + * Cookie write support (i.e set cookies in browser via Java/Applet) +- Common: + * Applet window icon improved +- Plug-in: + * PR975: Ignore classpaths specified in jar manifests when using jnlp_href + * PR1011: Treat folders as such when specified in archive tags + * PR855: AppletStub getDocumentBase() now returns full URL + * PR722: Unsigned META-INF entries are ignored + * PR861: Jars can now load from non codebase hosts + * PR1106: Icedtea 1.2.1 crashes Firefox 14 +- Web Start: + * PR898: Large signed JNLP files now supported + * PR811: URLs with spaces now handled correctly +- drop already upstreamed icetea-web-1.2.1-old-xulrunner-typo.patch + +------------------------------------------------------------------- +Wed Aug 8 12:55:43 UTC 2012 - mvyskocil@suse.cz + +- fix PR1106: Icedtea 1.2.1 crashes Firefox 14 + * http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1106 + +------------------------------------------------------------------- +Thu Aug 2 08:35:25 UTC 2012 - mvyskocil@suse.cz + +- update to 1.2.1 (bnc#773458) +- Security Updates + * CVE-2012-3422, RH840592: Potential read from an uninitialized memory location + * CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings +- NetX + * PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen") + * PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly + * 816592: icedtea-web not loading GeoGebra java applets in Firefox or Chrome +- Plugin + * PR863: Error passing strings to applet methods in Chromium + * PR895: IcedTea-Web searches for missing classes on each loadClass or findClass + * PR518: NPString.utf8characters not guaranteed to be nul-terminated +- Common + * RH838417: Disambiguate signed applet security prompt from certificate warning + * RH838559: Disambiguate signed applet security prompt from certificate warning + +------------------------------------------------------------------- +Mon Jun 25 14:01:12 UTC 2012 - mvyskocil@suse.cz + +- require java-1_7_0-openjdk for build and installation + +------------------------------------------------------------------- +Tue Mar 6 12:55:36 UTC 2012 - mvyskocil@suse.cz + +- update to 1.2 +- New features: + * Signed JNLP support + * Support for client authentication certificates + * Cache size enforcement now supported via itweb-settings + * Applet parameter passing through JNLP files now supported + * Better icons for access warning dialog + * Security Dialog UI revamped to make it look less threatening when appropriate +- Fixes (plugin, webstart, common) + * PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error + * PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application + * PR788: Elluminate Live! is not working + * PR804: javaws launcher incorrectly handles file names with spaces + * PR820, bnc#746895: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp + * PR838: IcedTea plugin crashes with chrome browser when javascript is executed + * PR852: Classloader not being flushed after last applet from a site is closed + * RH586194: Unable to connect to connect with Juniper VPN client + * PR771: IcedTea-Web certificate verification code does not use the right API + * PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted. + * PR789: typo in jrunscript.sh + * PR808: javaws is unable to start, when missing jars are enumerated before main jar + * RH738814: Access denied at ssl handshake + * Support for authenticating using client certificates +- fix bnc#737105/FATE#313084: add Supplements: packageand(broswer(npapi):java-openjdk) + ensures the web plugin is pulled in when openjdk and capable browser is installed + +------------------------------------------------------------------- +Mon Mar 5 13:24:29 UTC 2012 - mvyskocil@suse.cz + +- enable make check in respective section + +------------------------------------------------------------------- +Mon Nov 14 10:19:16 UTC 2011 - mvyskocil@suse.cz + +- update to 1.1.4 (fixes bnc#729870) + - RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and + suffix domain SOP bypass + - PR778: Jar download and server certificate verification deadlock + +------------------------------------------------------------------- +Mon Oct 24 09:14:10 UTC 2011 - mvyskocil@suse.cz + +- update to 1.1.3: + - PR782: Support building against npapi-sdk as well + * drop the added patch + - PR794: IcedTea-Web does not work if a Web Start app jar has a + Class-Path element in the manifest +- icedtea-web-npapi-sdk-r5.patch for build with npapi-sdk we have + in openSUSE + +------------------------------------------------------------------- +Mon Oct 10 11:19:41 UTC 2011 - gber@opensuse.org + +- fix icedtea-web-suse-desktop-files.patch, itweb-settings is a + desktop setting and should not show up twice in two unrelated + top-level menus; also add a trailing semicolon + +------------------------------------------------------------------- +Thu Sep 15 08:33:59 UTC 2011 - mvyskocil@suse.cz + +- Build with a npapi-sdk and xulrunner-devel from openSUSE 12.1 + +------------------------------------------------------------------- +Tue Sep 6 06:50:15 UTC 2011 - cfarrell@suse.com + +- license update: GPL-2.0-with-classpath-exception + SPDX syntax. See http://spdx.org/licenses + +------------------------------------------------------------------- +Fri Sep 2 09:36:00 UTC 2011 - mvyskocil@suse.cz + +- update to 1.1.2 + * PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow + * RH718693: MindTerm SSH Applet doesn’t work + * PR768: Signed applets/Web Start apps don’t work with OpenJDK7 and up + * PR769: IcedTea-Web does not work with some ssl sites with OpenJDK7 + * RH734081: Javaws cannot use proxy settings from Firefox + * New (--with-jre-home=) option to allow use with only JRE installed +- use a common jre location libdir/jvm/jre instead of openjdk6 +- obsoleted CVE patches + +------------------------------------------------------------------- +Wed Jul 20 13:18:38 UTC 2011 - mvyskocil@suse.cz + +- fix bnc#704309 - VUL-0: icedtea/icedtea-web two issues + * CVE-2011-2513 + * CVE-2011-2514 +- use --with-java instead of patching of launchers as + suggested by upstream + +------------------------------------------------------------------- +Fri Jul 8 08:03:40 UTC 2011 - mvyskocil@suse.cz + ++++ 46 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.icedtea-web.1594.new/icedtea-web.changes New: ---- icedtea-web-1.0.2-no-return-in-nonvoid-function.patch icedtea-web-1.1-moonlight-symbol-clash.patch icedtea-web-1.3.2.tar.gz icedtea-web-suse-desktop-files.patch icedtea-web.changes icedtea-web.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ icedtea-web.spec ++++++ # # spec file for package icedtea-web # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # this is the right version openjdk for us! %define openjdk_ver 1.6.0.0_b22.1.10.1 %ifarch %arm %define origin icedtea %else %define origin openjdk %endif # for openSUSE 11.1 we need use update repo as it were not # released with this version %define xulrunner_ver 191 %if 0%{?suse_version} > 1130 %define xulrunner_ver 20 %endif %if 0%{?suse_version} == 1130 %define xulrunner_ver 192 %endif %define with_npapisdk 0 %if 0%{?suse_version} > 1140 %define with_npapisdk 1 %endif %ifarch %{ix86} %define archinstall i386 %endif %ifarch x86_64 %define archinstall amd64 %endif %define priority 17106 %define javaver 1.7.0 # use a same name of alternatives as Sun/IBM Java %define javaplugin javaplugin %define pluginsdir %{_libdir}/browser-plugins %define sdkdir java-%{javaver}-%{origin}-%{javaver} %define pluginpath %{_libdir} %define pluginname IcedTeaPlugin.so Name: icedtea-web Version: 1.3.2 Release: 0 Summary: Java Web Start and plugin implementation License: GPL-2.0-with-classpath-exception Group: Development/Languages/Java Url: http://icedtea.classpath.org Source0: http://icedtea.classpath.org/download/source/%{name}-%{version}.tar.gz Patch0: icedtea-web-1.0.2-no-return-in-nonvoid-function.patch #PATCH-FIX-UPSTREAM: # https://bugzilla.mozilla.org/show_bug.cgi?id=582130 # http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=622 Patch1: icedtea-web-1.1-moonlight-symbol-clash.patch Patch1000: icedtea-web-suse-desktop-files.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: java-1_7_0-%{origin}-devel BuildRequires: libX11-devel BuildRequires: libtool BuildRequires: pkgconfig >= 0.9.0 BuildRequires: zlib-devel # IcedTeaPlugin build requirements. BuildRequires: glib2-devel %if %{with_npapisdk} BuildRequires: pkgconfig(npapi-sdk) #FIXME: use after deprecation of mozilla-xulrunner* packages from Factory #BuildRequires: pkgconfig(libxul) BuildRequires: xulrunner-devel %else BuildRequires: mozilla-nspr-devel BuildRequires: mozilla-xulrunner%{xulrunner_ver}-devel %endif %if %defined suse_version BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: procps BuildRequires: update-desktop-files BuildRequires: zip %endif # to make sure the new package is installed in time of post Requires(post): java-1_7_0-%{origin} # Post requires alternatives to install tool alternatives. Requires(post): update-alternatives # Postun requires alternatives to uninstall tool alternatives. Requires(postun): update-alternatives Provides: java-plugin = %{javaver} %ifarch %{ix86} x86_64 # limit the provides/obsoleted only on arches when old package have existed Provides: java-1_6_0-openjdk-plugin = %{openjdk_ver} Obsoletes: java-1_6_0-openjdk-plugin < %{openjdk_ver} %endif # bnc#737105/FATE#313084 Supplements: packageand(browser(npapi):java-%{origin}) %description The IcedTea-Web project provides a Free Software web browser plugin running applets written in the Java programming language and an implementation of Java Web Start, originally based on the NetX project. %package javadoc Summary: API documentation for %{name} Group: Documentation/Other %if 0%{?suse_version} >= 1120 BuildArch: noarch %endif %description javadoc This package contains Javadocs for the %{name}. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch1000 -p1 %build %{configure} \ --with-jdk-home=%{_jvmdir}/%{sdkdir} \ --with-jre-home=%{_jvmdir}/jre/ \ --docdir=%{_javadocdir}/%{name} \ --with-pkgversion=suse-%{release}-%{_arch} make %install %{makeinstall} # the --program-suffix rename both binaries, so let's handle it here mv %{buildroot}/%{_bindir}/javaws %{buildroot}/%{_bindir}/itweb-javaws # and manual page is still used in u-a, so let's move it mv %{buildroot}/%{_mandir}/man1/javaws.1 %{buildroot}/%{_datadir}/%{name}/ rm -rf %{buildroot}/%{_mandir} # Install desktop files. install -d -m 755 %{buildroot}%{_datadir}/{applications,pixmaps} cp javaws.png %{buildroot}%{_datadir}/pixmaps for d in javaws itweb-settings; do install -m 0644 $d.desktop %{buildroot}/%{_datadir}/applications/ %suse_update_desktop_file $d done # needs for sle-11-sp1 and openSUSE evergreen export NO_BRP_CHECK_BYTECODE_VERSION=true %clean rm -rf %{buildroot} %check %{__make} check %posttrans # java-1_6_0-openjdk-plugin -> icedtea-web is remove of the first package # which causes a javaplugin removal, so let's move it here /usr/sbin/update-alternatives \ --install %{pluginsdir}/javaplugin.so %{javaplugin} \ %{pluginpath}/%{pluginname} %{priority} \ --slave %{_bindir}/javaws javaws %{_bindir}/itweb-javaws \ --slave %{_mandir}/man1/javaws.1 javaws.1 \ %{_datadir}/%{name}/javaws.1 %postun if [ $1 -eq 0 ] then update-alternatives --remove %{javaplugin} \ %{pluginpath}/%{pluginname} fi %files %defattr(-,root,root,-) %doc NEWS README COPYING %{_bindir}/itweb-settings %{_bindir}/itweb-javaws %{pluginpath}/%{pluginname} %{_datadir}/%{name} %{_datadir}/applications/itweb-settings.desktop %{_datadir}/applications/javaws.desktop %{_datadir}/pixmaps/javaws.png %files javadoc %defattr(-,root,root,-) %{_javadocdir}/%{name} %changelog ++++++ icedtea-web-1.0.2-no-return-in-nonvoid-function.patch ++++++ Index: icedtea-web-1.0.2/plugin/icedteanp/IcedTeaPluginRequestProcessor.cc =================================================================== --- icedtea-web-1.0.2.orig/plugin/icedteanp/IcedTeaPluginRequestProcessor.cc 2011-04-02 23:52:41.000000000 +0200 +++ icedtea-web-1.0.2/plugin/icedteanp/IcedTeaPluginRequestProcessor.cc 2011-04-06 14:17:44.458931121 +0200 @@ -816,6 +816,7 @@ } pthread_cleanup_pop(1); + return NULL; } /****************************************** ++++++ icedtea-web-1.1-moonlight-symbol-clash.patch ++++++ --- plugin/icedteanp/IcedTeaNPPlugin.cc | 8 ++++---- plugin/icedteanp/IcedTeaNPPlugin.h | 2 +- plugin/icedteanp/IcedTeaPluginUtils.cc | 12 ++++++------ plugin/icedteanp/IcedTeaPluginUtils.h | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) Index: icedtea-web-1.3.2/plugin/icedteanp/IcedTeaNPPlugin.cc =================================================================== --- icedtea-web-1.3.2.orig/plugin/icedteanp/IcedTeaNPPlugin.cc +++ icedtea-web-1.3.2/plugin/icedteanp/IcedTeaNPPlugin.cc @@ -257,8 +257,8 @@ static gint instance_counter = 1; static GPid appletviewer_pid = -1; static guint appletviewer_watch_id = -1; -int plugin_debug = getenv ("ICEDTEAPLUGIN_DEBUG") != NULL; -int plugin_debug_suspend = (getenv("ICEDTEAPLUGIN_DEBUG") != NULL) && +int icedtea_plugin_debug = getenv ("ICEDTEAPLUGIN_DEBUG") != NULL; +int icedtea_plugin_debug_suspend = (getenv("ICEDTEAPLUGIN_DEBUG") != NULL) && (strcmp(getenv("ICEDTEAPLUGIN_DEBUG"), "suspend") == 0); pthread_cond_t cond_message_available = PTHREAD_COND_INITIALIZER; @@ -1612,14 +1612,14 @@ plugin_start_appletviewer (ITNPPluginDat command_line.push_back("-classpath"); command_line.push_back(ICEDTEA_WEB_JRE "/lib/rt.jar"); - if (plugin_debug) + if (icedtea_plugin_debug) { command_line.push_back("-Xdebug"); command_line.push_back("-Xnoagent"); //Debug flags std::string debug_flags = "-Xrunjdwp:transport=dt_socket,address=8787,server=y,"; - debug_flags += plugin_debug_suspend ? "suspend=y" : "suspend=n"; + debug_flags += icedtea_plugin_debug_suspend ? "suspend=y" : "suspend=n"; command_line.push_back(debug_flags); } Index: icedtea-web-1.3.2/plugin/icedteanp/IcedTeaNPPlugin.h =================================================================== --- icedtea-web-1.3.2.orig/plugin/icedteanp/IcedTeaNPPlugin.h +++ icedtea-web-1.3.2/plugin/icedteanp/IcedTeaNPPlugin.h @@ -98,7 +98,7 @@ extern pthread_t itnp_plugin_thread_id; extern pthread_mutex_t pluginAsyncCallMutex; // debug switch -extern int plugin_debug; +extern int icedtea_plugin_debug; // Browser function table. extern NPNetscapeFuncs browser_functions; Index: icedtea-web-1.3.2/plugin/icedteanp/IcedTeaPluginUtils.cc =================================================================== --- icedtea-web-1.3.2.orig/plugin/icedteanp/IcedTeaPluginUtils.cc +++ icedtea-web-1.3.2/plugin/icedteanp/IcedTeaPluginUtils.cc @@ -398,7 +398,7 @@ IcedTeaPluginUtilities::getUTF16LEString wchar_t c; - if (plugin_debug) printf("Converted UTF-16LE string: "); + if (icedtea_plugin_debug) printf("Converted UTF-16LE string: "); result_unicode_str->clear(); for (int i = begin; i < begin+length; i+=2) @@ -412,14 +412,14 @@ IcedTeaPluginUtilities::getUTF16LEString (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9')) { - if (plugin_debug) printf("%c", c); + if (icedtea_plugin_debug) printf("%c", c); } result_unicode_str->push_back(c); } // not routing via debug print macros due to wide-string issues - if (plugin_debug) printf(". Length=%d\n", result_unicode_str->length()); + if (icedtea_plugin_debug) printf(". Length=%d\n", result_unicode_str->length()); } /* @@ -433,7 +433,7 @@ IcedTeaPluginUtilities::printStringVecto { // This is a CPU intensive function. Run only if debugging - if (!plugin_debug) + if (!icedtea_plugin_debug) return; std::string* str = new std::string(); @@ -613,7 +613,7 @@ void IcedTeaPluginUtilities::printStringPtrVector(const char* prefix, std::vector<std::string*>* str_ptr_vector) { // This is a CPU intensive function. Run only if debugging - if (!plugin_debug) + if (!icedtea_plugin_debug) return; std::string* str = new std::string(); @@ -637,7 +637,7 @@ void IcedTeaPluginUtilities::printNPVariant(NPVariant variant) { // This is a CPU intensive function. Run only if debugging - if (!plugin_debug) + if (!icedtea_plugin_debug) return; if (NPVARIANT_IS_VOID(variant)) Index: icedtea-web-1.3.2/plugin/icedteanp/IcedTeaPluginUtils.h =================================================================== --- icedtea-web-1.3.2.orig/plugin/icedteanp/IcedTeaPluginUtils.h +++ icedtea-web-1.3.2/plugin/icedteanp/IcedTeaPluginUtils.h @@ -69,7 +69,7 @@ exception statement from your version. * #define PLUGIN_DEBUG(...) \ do \ { \ - if (plugin_debug) \ + if (icedtea_plugin_debug) \ { \ fprintf (stderr, "ITNPP Thread# %ld: ", pthread_self()); \ fprintf (stderr, __VA_ARGS__); \ ++++++ icedtea-web-suse-desktop-files.patch ++++++ Index: icedtea-web-1.0.2/itweb-settings.desktop.in =================================================================== --- icedtea-web-1.0.2.orig/itweb-settings.desktop.in 2011-04-02 23:52:41.000000000 +0200 +++ icedtea-web-1.0.2/itweb-settings.desktop.in 2011-04-05 16:00:05.579938163 +0200 @@ -1,8 +1,9 @@ [Desktop Entry] Name=IcedTea Web Control Panel +GenericName=IcedTea Web Control Panel Comment=Configure IcedTea Web (javaws and plugin) Exec=PATH_TO_ITWEB_SETTINGS Icon=javaws Terminal=false Type=Application -Categories=Settings; +Categories=Settings;DesktopSettings; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org