Up to [cvs.NetBSD.org] / pkgsrc / lang / openjdk8
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
lang/openjdk8: Update to 1.8.432 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u432 GA
*: recursive bump for icu 76 shlib major version bump
*: revbump for icu downgrade
*: recursive bump for icu 76.1 shlib bump
lang/openjdk8: Update to 1.8.422 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u422 GA
lang/openjdk8: Update to 1.8.412 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u412 GA
revbump after icu and protobuf updates
*: recursive bump for gnutls p11-kit option (existing installations need the bl3.mk included, but it's now only optionally included)
lang/openjdk8: Set IGNORE_CCCACHE= openjdk has a scheme to figure out if the compiler is gcc or clang. While it tries to see through ccache, using PKGSRC_COMPILER=ccache gcc fails. Set IGNORE_CCCACHE=yes as documented in mk/compiler/ccache.mk to avoid using ccache, until someone fixes this better.
lang/openjdk8: Update to 1.8.402 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u402 GA Add support for building with clang 16
openjdk8: Update to 1.8.392 Changelog: Additional features include: Updated to 8u392 GA
*: revebump for new brotli option for freetype2 Addresses PR 57693
*: recursive bump for icu 74.1
*: bump for openssl 3
recursive revbump for tiff update
openjdk8: Update to 1.8.382 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u382 GA
openjdk8: Update to 1.8.372 Changelog: Updated BSD port of JDK 8 Additional features include: Updated to 8u372 GA
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/. Almost all uses, if not all of them, are wrong, according to the semantics of BUILD_DEPENDS (packages built for target available for use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for host available for use _as_ tools at build-time). No change to BUILD_DEPENDS as used correctly inside buildlink3. As proposed on tech-pkg: https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
revbump after textproc/icu update
openjdk8: Update to 1.8.362 * Follow 8u362 GA.
*: Recursive revbup from graphics/freetype2
*: recursive bump for tiff shlib major bump
*: bump PKGREVISION for libunistring shlib major bump
Pullup ticket #6668 - requested by khorben lang/openjdk8: security update lang/openjdk11: security update Revisions pulled up: - lang/openjdk11/Makefile 1.45 - lang/openjdk11/distinfo 1.35 - lang/openjdk11/patches/patch-make_common_NativeCompilation.gmk deleted - lang/openjdk11/patches/patch-make_lib_Awt2dLibraries.gmk deleted - lang/openjdk11/patches/patch-src_hotspot_cpu_arm_c1__LIRAssembler__arm.cpp deleted - lang/openjdk11/patches/patch-src_hotspot_cpu_arm_c1__LIRGenerator__arm.cpp deleted - lang/openjdk11/patches/patch-src_hotspot_os__cpu_bsd__arm_vm__version__bsd__arm__32.cpp deleted - lang/openjdk11/patches/patch-src_hotspot_os__cpu_bsd__zero_os__bsd__zero.cpp deleted - lang/openjdk11/patches/patch-src_java.desktop_share_native_libfontmanager_harfbuzz_hb-blob.cc deleted - lang/openjdk8/Makefile 1.111-1.112 - lang/openjdk8/distinfo 1.89-1.91 - lang/openjdk8/patches/patch-common_autoconf_generated-configure.sh 1.22 - lang/openjdk8/patches/patch-hotspot_src_cpu_aarch64_vm_pauth__aarch64.hpp deleted - lang/openjdk8/patches/patch-hotspot_src_os__cpu_bsd__aarch64_vm_os__bsd__aarch64.cpp 1.2-1.3 - lang/openjdk8/patches/patch-hotspot_src_share_vm_classfile_symbolTable.cpp deleted - lang/openjdk8/patches/patch-hotspot_src_share_vm_gc__implementation_concurrentMarkSweep_compactibleFreeListSpace.cpp deleted - lang/openjdk8/patches/patch-hotspot_src_share_vm_gc__implementation_g1_heapRegionSet.hpp deleted - lang/openjdk8/patches/patch-hotspot_src_share_vm_memory_metaspace.cpp deleted - lang/openjdk8/patches/patch-make_common_MakeBase.gmk deleted ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sun Jul 10 14:47:25 UTC 2022 Modified Files: pkgsrc/lang/openjdk8: Makefile distinfo pkgsrc/lang/openjdk8/patches: patch-common_autoconf_generated-configure.sh patch-hotspot_src_os__cpu_bsd__aarch64_vm_os__bsd__aarch64.cpp Added Files: pkgsrc/lang/openjdk8/patches: patch-make_common_MakeBase.gmk Removed Files: pkgsrc/lang/openjdk8/patches: patch-hotspot_src_share_vm_classfile_symbolTable.cpp patch-hotspot_src_share_vm_gc__implementation_concurrentMarkSweep_compactibleFreeListSpace.cpp patch-hotspot_src_share_vm_gc__implementation_g1_heapRegionSet.hpp patch-hotspot_src_share_vm_memory_metaspace.cpp Log Message: openjdk8: Update to 1.8.332 CHangelog: Follow OpenJDK 8u332 GA. To generate a diff of this commit: cvs rdiff -u -r1.110 -r1.111 pkgsrc/lang/openjdk8/Makefile cvs rdiff -u -r1.88 -r1.89 pkgsrc/lang/openjdk8/distinfo cvs rdiff -u -r1.21 -r1.22 \ pkgsrc/lang/openjdk8/patches/patch-common_autoconf_generated-configure.sh cvs rdiff -u -r1.1 -r1.2 \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_os__cpu_bsd__aarch64_vm_os__bsd__aarch64.cpp cvs rdiff -u -r1.1 -r0 \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_share_vm_classfile_symbolTable.cpp \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_share_vm_gc__implementation_concurrentMarkSweep_compactibleFreeListSpace.cpp \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_share_vm_gc__implementation_g1_heapRegionSet.hpp \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_share_vm_memory_metaspace.cpp cvs rdiff -u -r0 -r1.3 \ pkgsrc/lang/openjdk8/patches/patch-make_common_MakeBase.gmk ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tnn Date: Sun Jul 17 03:03:41 UTC 2022 Modified Files: pkgsrc/lang/openjdk8: distinfo pkgsrc/lang/openjdk8/patches: patch-hotspot_src_os__cpu_bsd__aarch64_vm_os__bsd__aarch64.cpp Added Files: pkgsrc/lang/openjdk8/patches: patch-hotspot_src_cpu_aarch64_vm_pauth__aarch64.hpp Log Message: openjdk8: fix NetBSD/evbarm-aarch64 build; PAC is only supported on Linux To generate a diff of this commit: cvs rdiff -u -r1.89 -r1.90 pkgsrc/lang/openjdk8/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_cpu_aarch64_vm_pauth__aarch64.hpp cvs rdiff -u -r1.2 -r1.3 \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_os__cpu_bsd__aarch64_vm_os__bsd__aarch64.cpp ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tnn Date: Mon Aug 15 12:23:06 UTC 2022 Modified Files: pkgsrc/lang/openjdk11: Makefile distinfo pkgsrc/lang/openjdk8: Makefile distinfo Removed Files: pkgsrc/lang/openjdk11/patches: patch-make_common_NativeCompilation.gmk patch-make_lib_Awt2dLibraries.gmk patch-src_hotspot_cpu_arm_c1__LIRAssembler__arm.cpp patch-src_hotspot_cpu_arm_c1__LIRGenerator__arm.cpp patch-src_hotspot_os__cpu_bsd__arm_vm__version__bsd__arm__32.cpp patch-src_hotspot_os__cpu_bsd__zero_os__bsd__zero.cpp patch-src_java.desktop_share_native_libfontmanager_harfbuzz_hb-blob.cc pkgsrc/lang/openjdk8/patches: patch-hotspot_src_cpu_aarch64_vm_pauth__aarch64.hpp patch-make_common_MakeBase.gmk Log Message: openjdk*: Security & bugfix update for the long term support branches Upstream kindly merged many of the NetBSD-specific patches. Thanks! <3 To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 pkgsrc/lang/openjdk11/Makefile cvs rdiff -u -r1.34 -r1.35 pkgsrc/lang/openjdk11/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/lang/openjdk11/patches/patch-make_common_NativeCompilation.gmk \ pkgsrc/lang/openjdk11/patches/patch-make_lib_Awt2dLibraries.gmk \ pkgsrc/lang/openjdk11/patches/patch-src_hotspot_cpu_arm_c1__LIRAssembler__arm.cpp \ pkgsrc/lang/openjdk11/patches/patch-src_hotspot_cpu_arm_c1__LIRGenerator__arm.cpp \ pkgsrc/lang/openjdk11/patches/patch-src_hotspot_os__cpu_bsd__arm_vm__version__bsd__arm__32.cpp \ pkgsrc/lang/openjdk11/patches/patch-src_hotspot_os__cpu_bsd__zero_os__bsd__zero.cpp cvs rdiff -u -r1.2 -r0 \ pkgsrc/lang/openjdk11/patches/patch-src_java.desktop_share_native_libfontmanager_harfbuzz_hb-blob.cc cvs rdiff -u -r1.111 -r1.112 pkgsrc/lang/openjdk8/Makefile cvs rdiff -u -r1.90 -r1.91 pkgsrc/lang/openjdk8/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/lang/openjdk8/patches/patch-hotspot_src_cpu_aarch64_vm_pauth__aarch64.hpp cvs rdiff -u -r1.3 -r0 \ pkgsrc/lang/openjdk8/patches/patch-make_common_MakeBase.gmk
openjdk*: Security & bugfix update for the long term support branches Upstream kindly merged many of the NetBSD-specific patches. Thanks! <3
openjdk8: Update to 1.8.332 CHangelog: Follow OpenJDK 8u332 GA.
revbump for icu and libffi
revbump for boost-libs
openjdk8: backport kqueue fix from openjdk11 Although 8 doesn't seem to use kqueue by default the class is still compiled so it's a good idea to have the correct values. Bump PKGREVISION for this and recent changes.
openjdk8: update to 1.8.292 Updated BSD port of JDK 8 Additional features include: Native HotSpot support for aarch64 (not enabled yet in pkgsrc)
revbump for boost-libs
Depend on binutils for OmniOS build, too.
*: revbump after fontconfig bl3 changes (libuuid removal)
lang/openjdk8: skip check for unknown configure options
Add jmap to JAVA_WRAPPERS, bump PKGREVISION
revbump after updating security/nettle
openjdk*: catch up with cups changes in CONFIGURE_ARGS
openjdk*: switch the build dependency from cups-base to libcups
openjdk8: handle paxctl +m internally to the build
Follow openjdk11 and unlimit cputime as individual commands can take more than 1hr of CPU time.
openjdk8: update to openjdk8-1.8.252 (BSD port 8u252 GA) Security fixes for: CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2773, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830 Also misc bugfixes.
lang/openjdk8: document safe use of array[char]
lang/openjdk8: remove redundant file from FILES_SUBST
openjdk8: remove va-hack now that we have UNLIMIT_RESOURCES+=virtualsize
librsvg: update bl3.mk to remove libcroco in rust case recursive bump for the dependency change
Revbump packages depending on libffi after .so version change. Requested by Matthias Ferdinand and Oskar on pkgsrc-users.
openjdk8: update to 8u242 BSD specific fixes: - Fix BsdNativeDispatcher - Support thread name setting on OpenBSD and NetBSD Security fixes: - S8225261: Better method resolutions - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets - S8225279: Better XRender interpolation - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities - S8227758: More valid PKIX processing - S8227816: More Colorful ICC profiles - S8228548, CVE-2020-2593: Normalize normalization for all - S8229951, CVE-2020-2601: Better Ticket Granting Services - S8230279: Improve Pack200 file reading - S8230318: Better trust store usage - S8230967: Improve Registry support of clients - S8231129: More glyph images - S8231139: Improved keystore support - S8231422, CVE-2020-2604: Better serial filter handling - S8231795, CVE-2020-2659: Enhance datagram socket support - S8232419: Improve Registry registration - S8234037, CVE-2020-2654: Improve Object Identifier Processing ~100 additional minor bugfixes.
add FreeBSD patch to export couple more symbols from libnio for Jenkins, found and provided by Mike Pumfold
all: migrate homepages from http to https pkglint -r --network --only "migrate" As a side-effect of migrating the homepages, pkglint also fixed a few indentations in unrelated lines. These and the new homepages have been checked manually.
lang: align variable assignments pkglint -Wall -F --only aligned --only indent -r No manual corrections.
openjdk8: update to 8u232 GA Bug fix and security update. Resolves in particular the following CVEs: - S8213429, CVE-2019-2933: Windows file handling redux - S8218573, CVE-2019-2945: Better socket support - S8220302, CVE-2019-2949: Better Kerberos ccache handling - S8221858, CVE-2019-2958: Build Better Processes - S8222684, CVE-2019-2964: Better support for patterns - S8222690, CVE-2019-2962: Better Glyph Images - S8223505, CVE-2019-2973: Better pattern compilation - S8223518, CVE-2019-2975: Unexpected exception in jjs - S8223892, CVE-2019-2978: Improved handling of jar files - S8224532, CVE-2019-2981: Better Path supports - S8224915, CVE-2019-2983: Better serial attributes - S8225286, CVE-2019-2987: Better rendering of native glyphs - S8225292, CVE-2019-2988: Better Graphics2D drawing - S8225298, CVE-2019-2989: Improve TLS connection support - S8225597, CVE-2019-2992: Enhance font glyph mapping - S8226765, CVE-2019-2999: Commentary on Javadoc comments - S8228825, CVE-2019-2894: Enhance ECDSA operations
openjdk8: delete GCC>=6 workaround; configure has equivalent logic
openjdk*: use ${JAVA_NAME} where applicable
openjdk8: put back MASTER_SITE_LOCAL in the list So the bootstrap kits can be found. Oops.
openjdk8: set the DISTNAME & PKGNAME based on GITHUB_TAG
openjdk8: switch upstream to the openjdk BSD community effort at github This repo is a continuation of the bsd-port tree, still maintained by the FreeBSD ports java people. It is forked from (and merges regularly from) AdoptOpenJDK. They accept patches for other BSDs, so we should see if we have anything in our tree worth contributing. As a side effect, this changes updates openjdk8 to u222.
*: recursive bump for gdk-pixbuf2-2.38.1
*: recursive bump for nettle 3.5.1
all: replace SUBST_SED with the simpler SUBST_VARS pkglint -Wall -r --only "substitution command" -F With manual review and indentation fixes since pkglint doesn't get that part correct in every case.
openjdk8: update to 1.8.202nb1. Remove libXp build dependency, not used.
Actually bump version
Update to 1.8.192 Changelog: New Features security-libs/javax.net.ssl ➜ Support for Customization of Default Enabled Cipher Suites via System Properties The system property jdk.tls.client.cipherSuites can be used to customize the default enabled cipher suites for the client side of SSL/TLS connections. In a similar way, the system property jdk.tls.server.cipherSuites can be used for customization on the server side. The system properties contain a comma-separated list of supported cipher suite names that specify the default enabled cipher suites. All other supported cipher suites are disabled for this default setting. Unrecognized or unsupported cipher suite names specified in properties are ignored. Explicit setting of enabled cipher suites will override the system properties. Please refer to the "Java Cryptography Architecture Standard Algorithm Name Documentation" for the standard JSSE cipher suite names, and the "Java Cryptography Architecture Oracle Providers Documentation" for the cipher suite names supported by the SunJSSE provider. Note that the actual use of enabled cipher suites is restricted by algorithm constraints. Note also that these system properties are currently supported by the JDK Reference Implementation. They are not guaranteed to be supported by other implementations. Warning: These system properties can be used to configure weak cipher suites, or the configured cipher suites may become more weak over time. We do not recommend using the system properties unless you understand the security implications. Use them at your own risk. See JDK-8162362 Bug Fixes This release contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 8u192 Bug Fixes page. Security bugs: CVE-2018-3183 CVE-2018-3209 CVE-2018-3169 CVE-2018-3149 CVE-2018-3211 CVE-2018-3180 CVE-2018-3214 CVE-2018-3157 CVE-2018-3150 CVE-2018-13785 CVE-2018-3136 CVE-2018-3139
Revbump after cairo 1.16.0 update.
openjdk8: some Linux packaging fixes
Recursive revbump from hardbuzz-2.1.1
Add jhat to JAVA_WRAPPERS. Bump PKGREVISION
Update to 1.8.181 Changelog: Fixed: CVE-2018-2938 CVE-2018-2964 CVE-2018-2941 CVE-2018-2942 CVE-2018-2972 CVE-2018-2973 CVE-2018-2940 CVE-2018-2952
openjdk8: apply upstream changeset be59128afb76 (fixes SEGV w/ clang>=6)
openjdk: remove todo item
openjdk8: Fix build on SunOS with newer GCC.
openjdk[78]: Add a \todo comment about the cups dependency. Having a language install a printing system violates the Principle of Least Astonishment. Add a comment to be replaced with an explanation of why this is necessary or helpful.
Upcate to 1.8.172 Changelog: core-libs java.time (tz) Upgrade time-zone data to tzdata2018d xml jax-ws Newlines in JAXB string values of SOAP-requests are escaped to " " hotspot compiler Crash with assert(handler_address == SharedRuntime::compute_compiled_exc_handler(..) failed: Must be the same deploy webstart JRE bundled in App-V package will not start Java Web Start applications deploy webstart javaws.exe failed to launch UTF-8 encoded JNLP file javafx web Intermittent crash when using WebView from JFXPanel applicationS hotspot runtime Hotspot crash on Cassandra 3.11.1 startup with libnuma 2.0.3 security-libs org.ietf.jgss Kerberos krb5 authentication: AuthList's put method leads to performance issue hotspot gc Performance drop with Java JDK 1.8.0_162-b32
Add p11-kit to gnutls/bl3.mk and bump dependencies.
Recursive bump for new fribidi dependency in pango.
Recursive bumps for fontconfig and libzip dependency changes.
lang/openjdk8: The libinstrument, libnpt and libsplashscreen libs require to be linked against libiconv on SunOS too. Fixes problems with e.g. the JPDA debugger. Bump PKGREVISION.
openjdk8: remove -Werror from compiler flags.
Update to 1.8.162 * Pass -fno-lifetime-dse for GCC 6 to prevent segfault Changelog: Fix security bugs CVE-2018-2638 CVE-2018-2639 CVE-2018-2633 CVE-2018-2627 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2629 CVE-2018-2603 CVE-2018-2657 CVE-2018-2599 CVE-2018-2581 CVE-2018-2602 CVE-2018-2677 CVE-2018-2678 CVE-2018-2588 CVE-2018-2663 CVE-2018-2675 CVE-2018-2579
Bump PKGREVISION for gdbm shlib major bump
Pullup ticket #5654 - requested by bsiegert lang/openjdk8: security update Revisions pulled up: - lang/openjdk8/Makefile 1.55 - lang/openjdk8/PLIST 1.8 - lang/openjdk8/distinfo 1.51 - lang/openjdk8/patches/patch-common_autoconf_generated-configure.sh 1.13 - lang/openjdk8/patches/patch-jdk_make_CompileLaunchers.gmk 1.5 - lang/openjdk8/patches/patch-jdk_make_lib_CoreLibraries.gmk 1.4 - lang/openjdk8/patches/patch-jdk_src_solaris_native_java_net_NetworkInterface.c 1.4 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Tue Nov 28 05:07:25 UTC 2017 Modified Files: pkgsrc/lang/openjdk8: Makefile PLIST distinfo pkgsrc/lang/openjdk8/patches: patch-common_autoconf_generated-configure.sh patch-jdk_make_CompileLaunchers.gmk patch-jdk_make_lib_CoreLibraries.gmk patch-jdk_src_solaris_native_java_net_NetworkInterface.c Log Message: Update to 1.8.152 Changelog: Security bug fixes: CVE-2017-10285 CVE-2017-10388 CVE-2017-10309 CVE-2017-10274 CVE-2017-10356 CVE-2017-10293 CVE-2017-10342 CVE-2017-10350 CVE-2017-10349 CVE-2017-10348 CVE-2017-10357 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355 CVE-2017-10281 CVE-2017-10347 CVE-2017-10386 CVE-2017-10380 CVE-2017-10295 CVE-2017-10341 CVE-2017-10345 To generate a diff of this commit: cvs rdiff -u -r1.54 -r1.55 pkgsrc/lang/openjdk8/Makefile cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/openjdk8/PLIST cvs rdiff -u -r1.50 -r1.51 pkgsrc/lang/openjdk8/distinfo cvs rdiff -u -r1.12 -r1.13 \ pkgsrc/lang/openjdk8/patches/patch-common_autoconf_generated-configure.sh cvs rdiff -u -r1.4 -r1.5 \ pkgsrc/lang/openjdk8/patches/patch-jdk_make_CompileLaunchers.gmk cvs rdiff -u -r1.3 -r1.4 \ pkgsrc/lang/openjdk8/patches/patch-jdk_make_lib_CoreLibraries.gmk \ pkgsrc/lang/openjdk8/patches/patch-jdk_src_solaris_native_java_net_NetworkInterface.c
openjdk8: Unbreak after cups-base rename. This happened to build only because the BUILDLINK_PREFIX was already passed through, however the dependency will have been incorrectly registered as full rather than build-only so bump PKGREVISION.
openjdk8: Support user CFLAGS.
Update to 1.8.152 Changelog: Security bug fixes: CVE-2017-10285 CVE-2017-10388 CVE-2017-10309 CVE-2017-10274 CVE-2017-10356 CVE-2017-10293 CVE-2017-10342 CVE-2017-10350 CVE-2017-10349 CVE-2017-10348 CVE-2017-10357 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355 CVE-2017-10281 CVE-2017-10347 CVE-2017-10386 CVE-2017-10380 CVE-2017-10295 CVE-2017-10341 CVE-2017-10345
recursive bump for libxkbcommon removal from at-spi2-core
Bump PKGREVISION on packages depending on CUPS This should be the last part of the renaming operation for print/cups to print/cups-base. Rationale: packages depending on CUPS but not relying on a functional printing setup only need to depend on print/cups-base (equivalent to the former print/cups). The new print/cups now depends on print/cups-base and on print/cups-filters, thus directly providing a functional printing setup. This bump reflects this change of dependency. As discussed on tech-pkg@
Update dependencies on print/cups to print/cups-base This is with the notable exception of meta-pkgs/desktop-gnome, which I believe implies a fully functional cups. This is still missing revision bumps - I'll be right there (first time I am doing this on so many packages at a time). As discussed on tech-pkg@
Update to 1.8.144 Changelog: Fix the following security bugs. CVE-2017-10110 CVE-2017-10089 CVE-2017-10086 CVE-2017-10096 CVE-2017-10101 CVE-2017-10087 CVE-2017-10090 CVE-2017-10111 CVE-2017-10107 CVE-2017-10102 CVE-2017-10114 CVE-2017-10074 CVE-2017-10116 CVE-2017-10078 CVE-2017-10067 CVE-2017-10115 CVE-2017-10118 CVE-2017-10176 CVE-2017-10104 CVE-2017-10145 CVE-2017-10125 CVE-2017-10198 CVE-2017-10243 CVE-2017-10121 CVE-2017-10135 CVE-2017-10117 CVE-2017-10053 CVE-2017-10108 CVE-2017-10109 CVE-2017-10105 CVE-2017-10081 CVE-2017-10193
Pass ldflags to build, on BSDs. Fixes RELRO build on NetBSD.
Pullup tickets #5412 and #5413 - requested by sevan lang/opendjk8: build fix for FreeBSD Revisions pulled up: - lang/openjdk8/Makefile 1.49 - lang/openjdk8/distinfo 1.47 - lang/openjdk8/patches/patch-common_autoconf_generated-configure.sh 1.12 - lang/openjdk8/patches/patch-jdk_make_lib_Awt2dLibraries.gmk 1.3 - lang/openjdk8/patches/patch-jdk_make_lib_CoreLibraries.gmk 1.3 - lang/openjdk8/patches/patch-jdk_make_lib_ServiceabilityLibraries.gmk 1.1 - mk/java-vm.mk 1.109 --- Module Name: pkgsrc Committed By: ryoon Date: Wed May 10 13:59:57 UTC 2017 Modified Files: pkgsrc/lang/openjdk8/patches: patch-common_autoconf_generated-configure.sh Log Message: Ignore alsa on FreeBSD too --- Module Name: pkgsrc Committed By: ryoon Date: Wed May 10 14:01:58 UTC 2017 Modified Files: pkgsrc/lang/openjdk8: Makefile distinfo pkgsrc/lang/openjdk8/patches: patch-jdk_make_lib_Awt2dLibraries.gmk patch-jdk_make_lib_CoreLibraries.gmk Added Files: pkgsrc/lang/openjdk8/patches: patch-jdk_make_lib_ServiceabilityLibraries.gmk Log Message: Fix build with converters/libiconv and update distinfo for previous --- Module Name: pkgsrc Committed By: ryoon Date: Wed May 10 14:04:31 UTC 2017 Modified Files: pkgsrc/mk: java-vm.mk Log Message: lang/openjdk8 works under FreeBSD/amd64 10.3
Fix build with converters/libiconv and update distinfo for previous
Update to 1.8.131 Changelog: Changes * MD5 added to jdk.jar.disabledAlgorithms Security property * New system property to control caching for HTTP SPNEGO connection. * New system property to control caching for HTTP NTLM connection. * New version of VisualVM Bugfixes * Introduced a new window ordering model * Correction of IllegalArgumentException from TLS handshake
Pullup ticket #5228 - requested by sevan lang/openjdk8: build fix Revisions pulled up: - lang/openjdk8/Makefile 1.47 - lang/openjdk8/PLIST 1.7 - lang/openjdk8/distinfo 1.45 - lang/openjdk8/patches/patch-jdk_src_share_classes_sun_security_jca_ProviderConfig.java 1.1 --- Module Name: pkgsrc Committed By: jperkin Date: Thu Mar 30 12:42:24 UTC 2017 Modified Files: pkgsrc/lang/openjdk8: Makefile Log Message: Add a wrapper for jstack. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: jperkin Date: Thu Mar 30 12:57:11 UTC 2017 Modified Files: pkgsrc/lang/openjdk8: distinfo Added Files: pkgsrc/lang/openjdk8/patches: patch-jdk_src_share_classes_sun_security_jca_ProviderConfig.java Log Message: Pull in OI fix for https://www.illumos.org/issues/7227. Ride previous PKGREVISION bump. --- Module Name: pkgsrc Committed By: abs Date: Fri Mar 31 07:55:14 UTC 2017 Modified Files: pkgsrc/lang/openjdk8: PLIST Log Message: Add bin/openjdk8-jstack to PLIST to fix build
Add a wrapper for jstack. Bump PKGREVISION.
Recursive revbump from fonts/harfbuzz
Recursive bump for harfbuzz's new graphite2 dependency.
Update to 1.8.121 Changelog: http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html core-libs/javax.naming Improved protection for JNDI remote class loading Remote class loading via JNDI object factories stored in naming and directory services is disabled by default. To enable remote class loading by the RMI Registry or COS Naming service provider, set the following system property to the string "true", as appropriate: com.sun.jndi.rmi.object.trustURLCodebase com.sun.jndi.cosnaming.object.trustURLCodebase JDK-8158997 (not public) security-libs/java.security jarsigner -verbose -verify should print the algorithms used to sign the jar The jarsigner tool has been enhanced to show details of the algorithms and keys used to generate a signed JAR file and will also provide an indication if any of them are considered weak. Specifically, when "jarsigner -verify -verbose filename.jar" is called, a separate section is printed out showing information of the signature and timestamp (if it exists) inside the signed JAR file, even if it is treated as unsigned for various reasons. If any algorithm or key used is considered weak, as specified in the Security property, jdk.jar.disabledAlgorithms, it will be labeled with "(weak)". For example: - Signed by "CN=weak_signer" Digest algorithm: MD2 (weak) Signature algorithm: MD2withRSA (weak), 512-bit key (weak) Timestamped by "CN=strong_tsa" on Mon Sep 26 08:59:39 CST 2016 Timestamp digest algorithm: SHA-256 Timestamp signature algorithm: SHA256withRSA, 2048-bit key See JDK-8163304 New Features core-libs/java.io:serialization Serialization Filter Configuration Serialization Filtering introduces a new mechanism which allows incoming streams of object-serialization data to be filtered in order to improve both security and robustness. Every ObjectInputStream applies a filter, if configured, to the stream contents during deserialization. Filters are set using either a system property or a configured security property. The value of the "jdk.serialFilter" patterns are described in JEP 290 Serialization Filtering and in <JRE>/lib/security/java.security. Filter actions are logged to the 'java.io.serialization' logger, if enabled. See JDK-8155760 core-libs/java.rmi RMI Better constraint checking RMI Registry and Distributed Garbage Collection use the mechanisms of JEP 290 Serialization Filtering to improve service robustness. RMI Registry and DGC implement built-in white-list filters for the typical classes expected to be used with each service. Additional filter patterns can be configured using either a system property or a security property. The "sun.rmi.registry.registryFilter" and "sun.rmi.transport.dgcFilter" property pattern syntax is described in JEP 290 and in <JRE>/lib/security/java.security. JDK-8156802 (not public) security-libs Add mechanism to allow non-default root CAs to not be subject to algorithm restrictions *New certpath constraint: jdkCA* In the java.security file, an additional constraint named "jdkCA" is added to the jdk.certpath.disabledAlgorithms property. This constraint prohibits the specified algorithm only if the algorithm is used in a certificate chain that terminates at a marked trust anchor in the lib/security/cacerts keystore. If the jdkCA constraint is not set, then all chains using the specified algorithm are restricted. jdkCA may only be used once in a DisabledAlgorithm expression. Example: To apply this constraint to SHA-1 certificates, include the following: SHA1 jdkCA See JDK-8140422 Changes tools/javadoc(tool) New --allow-script-in-comments option for javadoc The javadoc tool will now reject any occurrences of JavaScript code in the javadoc documentation comments and command-line options, unless the command-line option, --allow-script-in-comments is specified. With the --allow-script-in-comments option, the javadoc tool will preserve JavaScript code in documentation comments and command-line options. An error will be given by the javadoc tool if JavaScript code is found and the command-line option is not set. JDK-8138725 (not public) security-libs/javax.xml.crypto Increase the minimum key length to 1024 for XML Signatures The secure validation mode of the XML Signature implementation has been enhanced to restrict RSA and DSA keys less than 1024 bits by default as they are no longer secure enough for digital signatures. Additionally, a new security property named jdk.xml.dsig.SecureValidationPolicy has been added to the java.security file and can be used to control the different restrictions enforced when the secure validation mode is enabled. The secure validation mode is enabled either by setting the xml signature property org.jcp.xml.dsig.secureValidation to true with the javax.xml.crypto.XMLCryptoContext.setProperty method, or by running the code with a SecurityManager. If an XML Signature is generated or validated with a weak RSA or DSA key, an XMLSignatureException will be thrown with the message, "RSA keys less than 1024 bits are forbidden when secure validation is enabled" or "DSA keys less than 1024 bits are forbidden when secure validation is enabled." JDK-8140353 (not public) docs/release_notes Restrict certificates with DSA keys less than 1024 bits. DSA keys less than 1024 bits are not strong enough and should be restricted in certification path building and validation. Accordingly, DSA keys less than 1024 bits have been deactivated by default by adding "DSA keySize < 1024" to the "jdk.certpath.disabledAlgorithms" security property. Applications can update this restriction in the security property ("jdk.certpath.disabledAlgorithms") and permit smaller key sizes if really needed (for example, "DSA keySize < 768"). JDK-8139565 (not public) security-libs More checks added to DER encoding parsing code More checks are added to the DER encoding parsing code to catch various encoding errors. In addition, signatures which contain constructed inparsing. Note that signatures generated using JDK default providers are not affected by this change. JDK-8168714 (not public) core-libs/java.net Additional access restrictions for URLClassLoader.newInstance Class loaders created by the java.net.URLClasslasses from a list of given URLs. If the calling code does not have access to one or more of the URLs and the URL artifacts that can be accessed do not contain the required class, then a ClassNotFoundException, or similar, will be thrown. Previously, a Sege can be disabled by setting the jdk.net.URLClassPath.disableRestrictedPermissions system property. JDK-8151934 (not public) core-libs/java.util.logging A new configurable property in logging.properties java.util.logging.FileHandler.maxLocks A new "java.util.logging.FileHandler.maxLocks" configurable property is added to java.util.logging.FileHandler. This new logging property can be defined in the logging configuration file and makes it possible to configure the maximum number of concurrent log file locks a FileHandler can handle. The default value is 100. In a highly concurrent environment where multiple (more than 101) standalone client applications are using the JDK Logging API with FileHandler simultaneously, it may happen that the default limit of 100 is reached, resulting in a failure to acquire FileHandler file locks and causing an IO Exception to be thrown. In such a case, the new logging property can be used to increase the maximum number of locks before deploying the application. If not overridden, the default value of maxLocks (100) remains unchanged. See java.util.logging.LogManager and java.util.logging.FileHandler API documentation for more details. See JDK-8153955 Bug Fixes The following are some of the notable bug fixes included in this release: client-libs/javax.swing Trackpad scrolling of text on OS X 10.12 Sierra is very fast The MouseWheelEvent.getWheelRotation() method returned rounded native NSEvent deltaX/Y events on Mac OS X. The latest macOS Sierra 10.12 produces very small NSEvent deltaX/Y values so rounding and summing them leads to the huge value returned from the MouseWheelEvent.getWheelRotation(). The JDK-8166591 fix accumulates NSEvent deltaX/Y and the MouseWheelEvent.getWheelRotation() method returns non-zero values only when the accumulated value exceeds a threshold and zero value. This is compliant with the MouseWheelEvent.getWheelRotation() specification (https://docs.oracle.com/javase/8/docs/api/java/awt/event/MouseWheelEvent.html#getWheelRotation): "Returns the number of "clicks" the mouse wheel was rotated, as an integer. A partial rotation may occur if the mouse supports a high-resolution wheel. In this case, the method returns zero until a full "click" has been accumulated." For the precise wheel rotation values, use the MouseWheelEvent.getPreciseWheelRotation() method instead. See JDK-8166591 This release also contains fixes for security vulnerabilities described in the Oracle Java SE Critical Patch Update Advisory. For a more complete list of the bug fixes included in this release, see the JDK 8u121 Bug Fixes page. Known Issues deploy/packager javapackager and fx:deploy bundle the whole JDK instead of JRE There is a known bug in the Java Packager for Mac where the entire JDK may be bundled with the application bundle resulting in an unusually large bundle. The work around is to use the bundler option -Bruntime option. For example: -Bruntime=JavaAppletPlugin.plugin sets where the JavaAppletPlugin.plugin for the desired JRE to bundle is located in the current directory. See JDK-8166835 install/install Java Installation will fail for non-admin users with UAC off The Java installation on Windows will fail without warning or prompting, for non-admin users with User Access Control (UAC) disabled. The installer will leave a directory, jds<number>.tmp, in the %TEMP% directory. JDK-8161460 (not public)
Fix portability issues. Bump revision, since the preprocessor definition potentially changes the package.
Update to 1.8.112 * Include a patch from PR pkg/51221 Changelog: security-libs/java.security SunPKCS11 Provider no longer offering SecureRandom by default SecureRandom.PKCS11 from the SunPKCS11 Provider is disabled by default on Solaris because the native PKCS11 implementation has poor performance and is not recommended. If your application requires SecureRandom.PKCS11, you can re-enable it by removing "SecureRandom" from the disabledMechanisms list in conf/security/sunpkcs11-solaris.cfg Performance improvements have also been made in the java.security.SecureRandom class. Improvements in the JDK implementation have allowed for synchronization to be removed from the java.security.SecureRandom.nextBytes(byte[] bytes) method. See JDK-8098581 Fix following security bugs: CVE-2016-5556 CVE-2016-5582 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542
Recursive bump for cups openssl -> gnutls change.
Update to 1.8.102 Changelog: IANA Data 2016d JDK 8u102 contains IANA time zone data version 2016d. For more information, refer to Timezone Data Versions in the JRE Software. See JDK-8151876 Enhancements core-libs/java.lang.invoke Internal package sun.invoke.anon has been removed The internal package sun.invoke.anon has been removed. The functionality it used to provide, namely anonymous class loading with possible constant pool patches, is available via the Unsafe.defineAnonymousClass() method. See JDK-8081512 hotspot/runtime New property jdk.lang.processReaperUseDefaultStackSize When a large TLS (Thread local storage) size is set for Threads, the JVM results in a stack overflow exception. The reason for this behavior is that the reaper thread was created with a low stack size of 32768k. When a large TLS size is set, it steals space from the threads stack, which eventually results in a stack overflow. This is a known glibc bug. To overcome this issue, we have introduced a workaround (jdk.lang.processReaperUseDefaultStackSize) in which the user can set the reaper threads stack size to a default instead of to 32768. This gives the reaper thread a bigger stack size, so for a large TLS size, such as 32k, the process will not fail. Users can set this flag in one of two ways: 1. -Djdk.lang.processReaperUseDefaultStackSize=true 2. System.setProperty("jdk.lang.processReaperUseDefaultStackSize", "true") The problem has been observed only when JVM is started from JNI code in which TLS is declared using "__thread" See JDK-8130425 hotspot/compiler Implemented performance improvements for BigInteger.montgomeryMultiply We have implemented improvements that will improve performance of several security algorithms, especially when using ciphers with key lengths of 2048-bit or greater. To turn on these improvements, use the options -XX:+UseMontgomeryMultiplyIntrinsic and -XX:+UseMontgomerySquareIntrinsic. This improvement is only for Linux and Solaris on x86_64 architecture. See JDK-8130150 Changes security-libs/javax.crypto MSCAPI KeyStore can handle same-named certificates Java SE KeyStore does not allow certificates that have the same aliases (http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html). However, on Windows, multiple certificates stored in one keystore are allowed to have non-unique friendly names.The fix for JDK-6483657 makes it possible to operate on such non-uniquely named certificates through the Java API by artificially making the visible aliases unique. Please note, this fix does not enable creating same-named certificates with the Java API. It only allows you to deal with same-named certificates that were added to the keystore by 3rd party tools. It is still recommended that your design not use multiple certificates with the same name. In particular, the following sentence will not be removed from the Java documentation: "In order to avoid problems, it is recommended not to use aliases in a KeyStore that only differ in case." (http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html) See JDK-6483657 security-libs/javax.net.ssl Modify requirements on Authority Key Identifier extension field during X509 certificate chain building The requirement to have the Authority Key Identifier (AKID) and Subject Key Identifier (SKID) fields matching when building X509 certificate chains has been modified for some cases. See JDK-8072463 hotspot/gc Providing more granular levels for GC verification This enhancement provides a way to specify more granular levels for the GC verification enabled using the VerifyBeforeGC, VerifyAfterGC, and VerifyDuringGC diagnostic options. It introduces a new diagnostic option VerifySubSet with which one can specify the subset of the memory system that should be verified. With this new option, one or more sub-systems can be specified in a comma separated string. Valid memory sub-systems are: threads, heap, symbol_table, string_table, codecache, dictionary, classloader_data_graph, metaspace, jni_handles, c-heap, and codecache_oops. During the GC verification, only the sub-systems specified using VerifySubSet get verified: D:\\tests>java -XX:+UnlockDiagnosticVMOptions -XX:+VerifyBeforeGC -XX:VerifySubSet="threads,c-heap" -Xlog:gc+verify=debug Test [0.095s][debug ][gc,verify] Threads [0.099s][debug ][gc,verify] C-heap [0.105s][info ][gc,verify] Verifying Before GC (0.095s, 0.105s) 10.751ms [0.120s][debug ][gc,verify] Threads [0.124s][debug ][gc,verify] C-heap [0.130s][info ][gc,verify] Verifying Before GC (0.120s, 0.130s) 9.951ms [0.148s][debug ][gc,verify] Threads [0.152s][debug ][gc,verify] C-heap If any invalid memory sub-systems are specified with VerifySubSet, the Java process exits with the following error message: D:\\tests>java -XX:+UnlockDiagnosticVMOptions -XX:+VerifyBeforeGC -XX:VerifySubSet="threads,c-heap,hello" -Xlog:gc+verify=debug oom Error occurred during initialization of VM VerifySubSet: 'hello' memory sub-system is unknown, please correct it See JDK-8072725 hotspot/compiler Removed PICL warning message In 8u40 and 7u80, a new feature was introduced to use the PICL library on Solaris to get some system information. If this library was not found, we printed an error message: Java HotSpot(TM) Server VM warning: PICL (libpicl.so.1) is missing. Performance will not be optimal. This warning was misleading. Not finding the PICL library is a very minor issue, and the warnings mostly lead to confusion. In this release, the warning was removed. See JDK-8144957 core-libs/javax.naming Improved exception handling for bad LDAP referral replies The JDK was throwing a NullPointerException when a non-compliant REFERRAL status result was sent but no referral values were included. With this change, a NamingException with message value of "Illegal encoding: referral is empty" will be thrown in such circumstances. See JDK-8149450 and JDK-8154304 Bug Fixes The following are some of the notable bug fixes included in this release: security-libs/javax.net.ssl Fix to resolve "Unable to process PreMasterSecret, may be too big" issue Recent JDK updates introduced an issue for applications that depend on having a delayed provider selection mechanism. The issue was introduced in JDK 8u71, JDK 7u95 and JDK 6u111. The main error seen corresponded to an exception like the following : handling exception: javax.net.ssl.SSLProtocolException: Unable to process PreMasterSecret, may be too big See JDK-8149017 This release also contains fixes for security vulnerabilities described in the Oracle Java SE Critical Patch Update Advisory. For a more complete list of the bug fixes included in this release, see the JDK 8u102 Bug Fixes page.
Add jcmd to JAVA_WRAPPERS, bump PKGREVISION
Fix zlib detection. Use correct strip flag on SunOS.
Allow passing LIBZ in the environment. Skip checking libinstrument.so which is resolved at runtime. Fixes build on SunOS at least.
paxctl needs to go before shell script switcheroos take place
Also mark with 'paxctl +m' the copies of binaries that are placed in the java/openjdk8/jre/bin/ directory. In particular, apache-ant will execute java from this directory rather than the copy in the non-jre directory! Bump package revision. Fixes my problem building misc/libreoffice.
Add some paxctls to fix build on NetBSD-current. Bump PKGREVISION.
Update to 1.8.92 Changelog: Bug Fixes The following table lists the bug fixes included in JDK 8u92 release: Bug Id Category Subcategory Description JDK-8041900 client-libs 2d [macosx] Java forces the use of discrete GPU JDK-8132890 client-libs 2d Text Overlapping on Dot Matrix Printers JDK-8132503 client-libs java.awt [macosx] Chinese full stop symbol cannot be entered with Pinyin IM on OS X JDK-8138764 client-libs java.awt In some cases the usage of TreeLock can be replaced by other synchronization JDK-8041501 client-libs javax.imageio ImageIO reader is not capable of reading JPEGs without JFIF header JDK-8134828 client-libs javax.swing Scrollbar thumb disappears with Nimbus L&F JDK-8131129 core-libs java.lang.invoke Attempt to define a duplicate BMH$Species class JDK-8067800 core-libs java.time Clarify java.time.chrono.Chronology.isLeapYear for out of range years JDK-8062901 core-libs java.util Iterators is spelled incorrectly in the Javadoc for Spliterator JDK-8140587 core-libs java.util.concurrent Atomic*FieldUpdaters should use Class.isInstance instead of direct class check JDK-8145539 core-libs java.util:collections (coll) AbstractMap.keySet and .values should not be volatile JDK-8143297 core-libs jdk.nashorn Nashorn compilation time reported in nanoseconds JDK-8143896 core-libs jdk.nashorn java.lang.Long is implicitly converted to double JDK-8144020 core-libs jdk.nashorn Remove long as an internal numeric type JDK-8144131 core-libs jdk.nashorn ArrayData.getInt implementations do not convert to int32 JDK-8146147 core-libs jdk.nashorn Java linker indexed property getter does not work for computed nashorn string JDK-8147845 core-libs jdk.nashorn Varargs Array functions still leaking longs JDK-8147857 core-svc javax.management RMIConnector logs attribute names incorrectly JDK-8140244 core-svc tools Port fix of JDK-8075773 to AIX and possibly MacOSX JDK-8139773 deploy Add more debug traces to deployment registration process (RegFx.cpp) JDK-8142982 deploy Race Condition can cause CacheEntry.getJarSigningData() to return null. JDK-8143294 deploy cookie handler can't get JSESSIONID on linux JDK-8145217 deploy Fix GenericCookieHandlerTest JDK-8143314 deploy packager Runtime not respected with INI-configuration while creating native bundle JDK-8139389 deploy webstart Register a protocol handler for Java Webstart JDK-6869327 hotspot compiler Add new C2 flag to keep safepoints in counted loops. JDK-8058563 hotspot compiler InstanceKlass::_dependencies list isn't cleared from empty nmethodBucket entries JDK-8080650 hotspot compiler Enable stubs to use frame pointers correctly JDK-8129847 hotspot compiler Compiling methods generated by Nashorn triggers high memory usage in C2 JDK-8131782 hotspot compiler C1 Class.cast optimization breaks when Class is loaded from static final JDK-8139421 hotspot compiler PPC64LE: MacroAssembler::bxx64_patchable kills register R12 JDK-8140483 hotspot compiler Atomic*FieldUpdaters final fields should be trusted JDK-8144487 hotspot compiler PhaseIdealLoop::build_and_optimize() must restore major_progress flag if skip_loop_opts is true JDK-8144935 hotspot compiler C2: safepoint is pruned from a non-counted loop JDK-8145754 hotspot compiler PhaseIdealLoop::is_scaled_iv_plus_offset() does not match AddI JDK-8065579 hotspot gc WB method to start G1 concurrent mark cycle should be introduced JDK-8138966 hotspot gc Intermittent SEGV running ParallelGC JDK-8145442 hotspot gc Add the facility to verify remembered sets for G1 JDK-8029630 hotspot runtime Thread id should be displayed as hex number in error report JDK-8046611 hotspot runtime Build errors with gcc on sparc/fastdebug JDK-8087120 hotspot runtime [GCC5] java.lang.StackOverflowError on Zero JVM initialization on non x86 platforms JDK-8138745 hotspot runtime Implement ExitOnOutOfMemory and CrashOnOutOfMemory in HotSpot JDK-8139258 hotspot runtime PPC64LE: argument passing problem when passing 15 floats in native call JDK-8143963 hotspot runtime improve ClassLoader::trace_class_path to accept an additional outputStream* arg JDK-8029726 hotspot svc On OS X some dtrace probe names are mismatched with Solaris JDK-8029727 hotspot svc On OS X dtrace probes Call<type>MethodA/Call<type>MethodV are not fired. JDK-8029728 hotspot svc On OS X dtrace probes SetStaticBooleanField are not fired JDK-8130910 hotspot svc hsperfdata file is created in wrong directory and not cleaned up if /tmp/hsperfdata_<username> has wrong permissions JDK-8140031 hotspot svc SA: Searching for a value in Threads does not work JDK-8144885 hotspot svc agent/src/os/linux/libproc.h needs to support Linux/SPARC builds JDK-8145099 hotspot svc Better error message when SA can't attach to a process JDK-8074935 security-libs java.security jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did JDK-8139436 security-libs java.security sun.security.mscapi.KeyStore might load incomplete data JDK-8064330 security-libs javax.net.ssl Remove SHA224 from the default support list if SunMSCAPI enabled JDK-8131665 security-libs javax.net.ssl Bad exception message in HandshakeHash.getFinishedHash JDK-8136442 security-libs javax.net.ssl Don't tie Certificate signature algorithms to ciphuites JDK-8038184 security-libs javax.xml.crypto XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String JDK-8038349 security-libs javax.xml.crypto Signing XML with DSA throws Exception when key is larger than 1024 Exception when calling super with Object<>() JDK-8066974 tools javac Compiler doesn't infer method's generic type information in lambda body JDK-8068254 tools javac Method reference uses wrong qualifying type JDK-8130506 tools javac javac Assertien invoking MethodHandle.invoke with lambda parameter JDK-8134007 tools javac Improve string folding JDK-8134759 tools javac jdb: Incorrect stepping inside finally block JDK-8139751 tools javac Javac crash with -XDallowStringFolding=false JDK-8145466 tools javac javac: No line numbers in compilation error JDK-8145722 tools javadoc(tool) NullPointerException in javadoc JDK-8133924 xml jaxp NPE may be thrown when xsltc select a non-existing node after JDK-8062518
Bump PKGREVISION from /dev/urandom use on *BSD Originally reported from abs@ on tech-pkg@. From random(4) man page: Applications should read from /dev/urandom when they need randomly generated data, e.g. key material for cryptography or seeds for simulations.
Update to 1.8.77 Changelog: Fix CVE-2016-0636
try harder to find system's zlib
Bump PKGREVISION for security/openssl ABI bump.
Update to 1.8.74 Changelog: Bug Fixes BugId Category Subcategory Description 8144963 deploy webstart Javaws checks jar files twice if JVM needs to be restarted 8140291 (Confidential) deploy webstart (JWS)LazyRootStore leak when calling getResourceAsStream on non-class resource 8142982 deploy webstart Race Condition can cause CacheEntry.getJarSigningData() to return null. Fixed security bugs: CVE-2016-0603
Update to 1.8.72 Changelog: Fix following security vulnerabilities: CVE-2016-0499 CVE-2015-4925 CVE-2016-0472 CVE-2015-4921 CVE-2016-0467 CVE-2016-0461 CVE-2015-4923 Bug fixes: Bug Id Category Subcategory Description JDK-8133917 client-libs Please backport X11FontManager refactor to Java 8! JDK-8130136 client-libs 2d Swing window sometimes fails to repaint partially when it becomes exposed JDK-8132850 client-libs 2d java.lang.ArrayIndexOutOfBoundsException during text rendering with many fonts installed JDK-8137106 client-libs 2d EUDC (End User Defined Characters) are not displayed on Windows with Java 8u60+ JDK-8065081 client-libs demo Intermittent NPE in Java2Demo applet on Stop/Restart in appletviewer JDK-8081485 client-libs java.awt EDT auto shutdown is broken in case of new event queue usage JDK-8081787 client-libs java.awt [macosx] MalformedURLException is thrown during reading data for application/x-java-url;class=java.net.URL flavor JDK-8086038 client-libs java.awt [macosx] No available data flavors when copying from Microsoft Word for Mac JDK-8130776 client-libs java.awt Remove EmbeddedFrame.requestFocusToEmbedder() method JDK-8132382 client-libs java.awt [macosx] Crash during JMC or JavaFX execution when NSApplication is controlled by SWT or JavaFX libraries JDK-8136763 client-libs java.awt [macosx] java always returns only one value for "text/uri-list" dataflavor even if several files were copied JDK-8134828 client-libs javax.swing Scrollbar thumb disappears with Nimbus L&F JDK-8134917 client-libs javax.swing [macosx] JOptionPane doesn't receive mouse events when opened from a drop event JDK-8134356 core-libs {@code} tag contains < and > sequences JDK-8134569 core-libs Add tests for prototype callsites JDK-8134939 core-libs Improve toString method of Dynalink DynamicMethod objects JDK-8133249 core-libs java.io Occasional SIGSEGV: non thread-safe use of strerr in getLastErrorString JDK-8073644 core-libs java.lang.invoke Assertion in LambdaFormEditor.bindArgumentType is too strict JDK-8030785 core-libs java.lang:reflect Missing "since 1.8" javadoc for java.lang.reflect.Method:getParameterCount JDK-8072466 core-libs java.net Deadlock when initializing MulticastSocket and DatagramSocket JDK-8087190 core-libs java.net Regression in sun.net.util.IPAddressUtil.isIPv4LiteralAddress(String) JDK-8133015 core-libs java.net InetAddress.isReachable(tmout) returning wrong value on Windows for IPv6 JDK-8143397 core-libs java.net It looks like InetAddress.isReachable(timeout) works incorrectly JDK-6857566 core-libs java.nio (bf) DirectByteBuffer garbage creation can outpace reclamation JDK-8029516 core-libs java.nio (fs) WatchKey cancel unreliable on Windows JDK-8034057 core-libs java.nio Files.getFileStore and Files.isWritable do not work with SUBST'ed drives (win) JDK-8080115 core-libs java.nio (fs) Crash in libgio when calling Files.probeContentType(path) from parallel threads JDK-8130274 core-libs java.nio java/nio/file/FileStore/Basic.java fails when two successive stores in an iteration are determined to be equal JDK-8133232 core-libs java.nio [fs] Regex has redundant | in the char class JDK-8133647 core-libs java.nio (ch) Test java/nio/channels/AsynchronousSocketChannel/StressLoopback.java fails for Windows XP JDK-8137121 core-libs java.nio (fc) Infinite loop FileChannel.truncate JDK-8138819 core-libs java.nio (se) File descriptor leak when Selector.open fails JDK-8081794 core-libs java.text ParsePosition getErrorIndex returns 0 for TimeZone parsing problem JDK-8074032 core-libs java.time Instant.ofEpochMilli(millis).toEpochMilli() can throw arithmetic overflow in toEpochMilli() JDK-8133022 core-libs java.time Instant.toEpochMilli() silently overflows JDK-8139107 core-libs java.time DateTimeFormatter with Locale.UK throw a NullPointerException when parsing zone JDK-6907252 core-libs java.util.jar ZipFileInputStream Not Thread-Safe JDK-8038502 core-libs java.util.jar Deflater.needsInput() should use synchronization JDK-8134505 core-libs java.util:i18n Cleanup of "TimeZone_md.c" JDK-8129957 core-libs javax.naming Deadlock in JNDI LDAP implementation when closing the LDAP context JDK-8027137 core-libs jdk.nashorn Merge ScriptFunction and ScriptFunctionImpl JDK-8055917 core-libs jdk.nashorn jdk.nashorn.internal.codegen.CompilationPhase$N should be renamed to proper classes JDK-8068901 core-libs jdk.nashorn Surprising behavior with more than one functional interface on a class JDK-8068903 core-libs jdk.nashorn Can't invoke vararg @FunctionalInterface methods JDK-8073613 core-libs jdk.nashorn Here documents: how to avoid string interpolation? JDK-8073733 core-libs jdk.nashorn TypeError messages with "call" and "new" could be improved JDK-8087292 core-libs jdk.nashorn nashorn should have a "fail-fast" option for scripting, analog to bash "set -e" JDK-8087312 core-libs jdk.nashorn PropertyMapWrapper.equals should compare className JDK-8114838 core-libs jdk.nashorn Anonymous functions escape to surrounding scope when defined under "with" statement JDK-8129950 core-libs jdk.nashorn Wrong condition for checking absence of logger in MethodHandleFactory JDK-8129959 core-libs jdk.nashorn DebugLogger has unnecessary API methods JDK-8130234 core-libs jdk.nashorn Get rid of JSType.isNegativeZero JDK-8130307 core-libs jdk.nashorn improve Nashorn Javadoc target JDK-8130424 core-libs jdk.nashorn if directory specified with --dest-dir does not exist, only .class files are dumped and .js files are not JDK-8130476 core-libs jdk.nashorn Remove unused methods in Global.java JDK-8130663 core-libs jdk.nashorn 6 fields can be static fields in Global class JDK-8130853 core-libs jdk.nashorn Non-extensible global is not handled property JDK-8131039 core-libs jdk.nashorn after adding a function property to Object.prototype, JSON.parse with reviver function goes into infinite loop JDK-8131340 core-libs jdk.nashorn Varargs function is recompiled each time it is linked JDK-8131683 core-libs jdk.nashorn Delete fails over multiple scopes JDK-8133119 core-libs jdk.nashorn Error message associated with TypeError for call and new should include stringified Node JDK-8133300 core-libs jdk.nashorn Ensure symbol table immutability in Nashorn AST JDK-8133785 core-libs jdk.nashorn SharedScopeCall should be enabled for non-optim call sites even with optimistic compilation JDK-8134150 core-libs jdk.nashorn Make Nashorn Timing class both threadsafe and efficient JDK-8134484 core-libs jdk.nashorn disallow backquotes as heredoc end marker delimiters JDK-8134488 core-libs jdk.nashorn0 core-libs jdk.nashorn Dead var statement evacuation incorrectly descends into nested functions JDK-8134502 core-libs jdk.nashorn introduce abstraction for basic NodeVisitor usage JDK-8134609 core-libs jdk.nashorn Allow constructors with same prototoype e-libs jdk.nashorn Defer stack trace walking of NashornException for extracting line number and file name JDK-8134931 core-libs jdk.nashorn jdk.nashorn.internal.codegen.TypeMap should not use Map JDK-8134973 core-libs jdk.nashorn Control flow exceptions s JDK-8135075 core-libs jdk.nashorn Reorder short-circuit tests in ApplySpecialization to run cheapest first JDK-8135190 core-libs jdk.nashorn Method code too large in Babel browser.js script JDK-8135262 core-libs jdk.nashorn Sanitize CodeInstaller and ComJDK-8135337 core-libs jdk.nashorn NativeDebug.dumpCounters with incorrect scope count JDK-8136349 core-libs jdk.nashorn Typos patch for nashorn sources submitted on Sep 10, 2015 JDK-8136544 core-libs jdk.nashorn Call site switching to megamorphic causes incorrect property read JDK-8136694 core-libs jdk.nashorn Megemorphic scope access does not throw ReferenceError when property is missing JDK-8137258 core-libs jdk.nashorn JSObjectLinker and BrowserJSObjectLinker should not expose internal JS objects JDK-8137281 core-libs jdk.nashorn OutOfMemoryError with large numeric keys in JSON.parse JDK-8137333 core-libs jdk.nashorn Boundless soft caching of property map histories causes high memory pressure JDK-8138616 core-libs jdk.nashorn invokeFunction fails if function calls a function defined in GLOBAL_SCOPE JDK-8138632 core-libs jdk.nashorn Sparse array does not handle growth of underlying dense array JDK-8074696 core-svc debugger Remote debugging session hangs for several minutes when calling findBootType JDK-8074368 core-svc java.lang.management ThreadMXBean.getThreadInfo() corrupts memory when called with empty array for thread ids JDK-8133666 core-svc java.lang.management OperatingSystemMXBean reports abnormally high machine CPU consumption on Linux JDK-8075773 core-svc tools jps running as root fails after the fix of JDK-8050807 JDK-8139613 deploy push of backport of JDK-8081846 broke build JDK-8138650 deploy packager Packager cannot bundle Mac App Store Apps because JavaFX WebKit uses apple private APIs JDK-8133985 deploy plugin "Apply" button is permanently disabled in JCP, after roaming profile option is changed JDK-8134109 deploy plugin Applet2Manager.getMainDeploymentRuleSet ignores jar version. JDK-8134495 deploy plugin Cannot enable debugging on JNLP applet with java-vm-args params JDK-7156268 deploy webstart app is stuck when launching with javaagent if there is no jre info in deployment.properties JDK-8055464 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - java part JDK-8056013 deploy webstart Web Start looks in currently directory for all classes prior to jars - slow JDK-8077380 deploy webstart JNLPSigning exception when signed jnlp is launched from local tomcat server JDK-8081846 deploy webstart Add a URL scheme handler to reliably launch .jnlp files - Windows registration part JDK-8135115 deploy webstart DRS1.3: App is not blocked when there is a invalid attribute in jnlp-checksum JDK-8135227 deploy webstart DRS 1.3 enhancements doesn't work as expected when load no href jnlp by "javaws <local_path_of_jnlp_file>" JDK-8136906 deploy webstart Extreme Application Startup Time due to frequent requests for the jnlp-6.0.dtd JDK-8139323 deploy webstart JNLPSignedResourcesHelperTest shows regression caused by JDK-8129600 JDK-8140264 deploy webstart create junit test for JDK-8136906 JDK-8140740 deploy webstart Test jnlp_file/applicationDesc/index.html\#args is failing JDK-8011858 hotspot compiler Use Compile::live_nodes() instead of Compile::unique() in appropriate places JDK-8058737 hotspot compiler CodeCache::find_blob fails with 'unsafe access to zombie method' JDK-8075805 hotspot compiler Crash while trying to release CompiledICHolder JDK-8134031 hotspot compiler Incorrect JIT compilation of complex code with inlining and escape analysis JDK-8134493 hotspot compiler Cleaning inline caches of unloaded nmethods should be done in sweeper JDK-8133193 hotspot gc Memory leak in G1 because G1RootProcessor doesn't have desctructor JDK-8029453 hotspot runtime java/util/concurrent/locks/ReentrantLock/TimeoutLockLoops.java failed by timeout JDK-8135002 hotspot runtime Fix or remove broken links in objectMonitor.cpp comments JDK-8139150 hotspot runtime ClassVerifier frees exception message while it's still in use JDK-8140249 hotspot runtime JVM Crashing During startUp If Flight Recording is enabled JDK-7194452 security-libs java.security Remove "Reverse" PKIX CertPathBuilder implementation JDK-8130875 security-libs java.security Ucrypto library leaks memory when null output buffer is specified JDK-8136534 security-libs java.security Loading JKS keystore using non-null InputStream results in closed stream JDK-8132551 security-libs javax.crypto:pkcs11 Initialize local variables before returning them in p11_convert.c JDK-8067422 tools javac Lambda method names are unnecessarily unstable JDK-8071291 tools javac Compiler crashes trying to cast UnionType to IntersectionClassType JDK-8073519 xml jaxb schemagen does not report errors while generating xsd files
Bring build dependency on "mozilla-rootcerts" back. (It is easily confused with "mozilla-rootcerts-openssl" though...)
Don't depend on mozilla-rootcerts.
adjust update version like openjdk7/Makefile v1.103
Update to 1.8.66 Changelog: http://www.oracle.com/technetwork/java/javase/8u66-relnotes-2692847.html New Features and Changes The following are some of the notable new features and changes in this release: Support ISO 4217 "Current funds codes" table (A.2) This enhancement adds support for ISO 4217 table A.2 fund codes. Previously the JDK only supported those currencies listed in table A.1. See JDK-8074350. Bug Fixes This release contains fixes for security vulnerabilities. For more information, see Oracle Critical Patch Update Advisory. For a list of bug fixes included in this release, see JDK 8u66 Bug Fixes page. The following are some of the notable bug fixes included in this release: Hotspot should use PICL interface to get cacheline size on SPARC The libpicl library is now required on Solaris/SPARC to determine the size of the cache lines. In case the library is not present or the PICL service is not available the JVM will display a warning and compiler optimizations that utilize the BIS (Block Initializing Store) instruction will be turned off. See JDK-8056124. Preloading libjsig.dylib causes deadlock when signal() is called Applications need to preload the libjsig library to enable signal chaining. Previously, on OS X, after libjsig.dylib was preloaded, any call from native code to signal() caused a deadlock. This has been corrected. See JDK-8072147. VM crash when class is redefined with Instrumentation.redefineClasses The JVM could crash when a class was redefined with Instrumentation.redefineClasses(). The crash could either be a segmentation fault at SystemDictionary::resolve_or_null, or an internal error with the message "tag mismatch with resolution error table". This has now been fixed . See JDK-8076110. JDK-8087201 client-libs 2D OGL: rendering of lcd text is slow JDK-8130938 client-libs 2D [solaris] Incomplete 8ux fix for 8071710: libfontmanager & t2k should link against headless awt on solaris JDK-8037371 client-libs java.awt [macosx] Test closed/java/awt/dnd/ImageTransferTest/ImageTransferTest.html fails JDK-8131752 client-libs java.awt [Regression] Test java/awt/GraphicsDevice/CheckDisplayModes.java fails JDK-8134453 client-libs javax.accessibility JAWS crashes in WindowsAccessBridge.DLL on 32 bit 8u60 running on 32 bit Win 7 JDK-8134403 core-libs jdk.nashorn Nashorn react.js benchmark performance regression JDK-8079618 deploy plugin AccessControlException with deployment cache and RMI JDK-8135116 globalization translation [de] Missing the link of license agreement JDK-6904403 hotspot jvmti assert(f == k->has_finalizer(),"inconsistent has_finalizer") with debug VM JDK-8048353 hotspot runtime jstack -l crashes VM when a Java mirror for a primitive type is locked JDK-8072147 hotspot runtime Preloading libjsig.dylib causes deadlock when signal() is called JDK-8076110 hotspot runtime VM crash when class is redefined with Instrumentation.redefineClasses JDK-8133191 install NVDA screen reader and JAWS can't read the "Look and Feel" Selections. JDK-8078495 security-libs org.ietf.jgss:krb5 End time checking for native TGT is wrong JDK-8131907 xml jaxp Numerous threads lock during XML processing while running Weblogic 12.1.3 Fixed securty bugs: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html CVE-2015-4835 CVE-2015-4881 CVE-2015-4843 CVE-2015-4883 CVE-2015-4860 CVE-2015-4805 CVE-2015-4844 CVE-2015-4901 CVE-2015-4868 CVE-2015-4810 CVE-2015-4806 CVE-2015-4871 CVE-2015-4902 CVE-2015-4840 CVE-2015-4882 CVE-2015-4842 CVE-2015-4734 CVE-2015-4903 CVE-2015-4803 CVE-2015-4893 CVE-2015-4911 CVE-2015-4872 CVE-2015-4906 CVE-2015-4916 CVE-2015-4908
Fix Makefile 1.18 Differently. We do need to use GNU_CONFIGURE=yes, because this is a GNU configure script and without it we do not get config.{sub,guess} overrides. Instead, pass --disable-option-checking to the configure script so that unrecognized options that appear when using pkgsrc iconv are discarded.
Update to 1.8.60 Changelog: From: https://www.java.com/en/download/faq/release_changes.xml Java 8 Update 60 (8u60) Release Highlights IANA Data 2015e JDK 8u60 contains IANA time zone data version 2015e. For more information, refer to Timezone Data Versions in the JRE Software. Bug Fix: dns_lookup_realm should be false by default The dns_lookup_realm setting in Kerberos' krb5.conf file is by default false. See 8080637. Bug Fix: Disable RC4 cipher suites RC4-based TLS ciphersuites (e.g. TLS_RSA_WITH_RC4_128_SHA) are now considered compromised and should no longer be used (see RFC 7465). Accordingly, RC4-based TLS ciphersuites have been deactivated by default in the Oracle JSSE implementation by adding "RC4" to "jdk.tls.disabledAlgorithms" security property, and by removing them from the default enabled ciphersuites list. These cipher suites can be reactivated by removing "RC4" form "jdk.tls.disabledAlgorithms" security property in the java.security file or by dynamically calling Security.setProperty(), and also readding them to the enabled ciphersuite list using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. You can also use the -Djava.security.properties command line option to override the jdk.tls.disabledAlgorithms security property. For example: java -Djava.security.properties=my.java.security ... where my.java.security is a file containing the property without RC4: jdk.tls.disabledAlgorithms=SSLv3 Even with this option set from commandline, the RC4 based ciphersuites need to be re-added to the enabled ciphersuite list by using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. See 8076221. Bug Fix: Support keystore type detection for JKS and PKCS12 keystores Keystore Compatibility Mode: To aid interoperability, the Java keystore type JKS now supports keystore compatibility mode by default. This mode enables JKS keystores to access both JKS and PKCS12 file formats. To disable keystore compatibility mode set the Security property keystore.type.compat to the string value false. See 8062552. Bug Fix: Deprecate Unsafe monitor methods in JDK 8u release The methods monitorEnter, monitorExit and tryMonitorEnter on sun.misc.Unsafe are marked as deprecated in JDK 8u60 and will be removed in a future release. These methods are not used within the JDK itself and are very rarely used outside of the JDK. See 8069302. Bug Fix: Extract JFR recording from the core file using SA DumpJFR is a Serviceability Agent based tool that can be used to extract Java Flight Recorder(JFR) data from the core files and live Hotspot processes. DumpJFR can be used in one of the following methods: Attach DumpJFR to a live process: java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <pid> Attach DumpJFR to a core file: java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <java> <core> DumpJFR tool dumps the JFR data to a file called recording.jfr in the current working folder. See 8065301 (not public). Bug Fix: Local variables named 'enum' lead to spurious compiler crashes The javac parser is incorrectly parsing local variables with name 'enum'; this results in spurious failures when a program containing such local variables is compiled with a 'source' flag corresponding to a release in which the enum construct is not available (such as '-source 1.4'). See 8069181. Java Development Kit for ARM Release 8u60 This release includes Java Development Kit for ARM Release 8u60 (JDK 8u60 for ARM). For ARM device support information, see JDK for ARM Downloads page. For system requirements, installation instructions and troubleshooting tips, see Installation Instructions page. Limitation: Native Memory Tracking support is limited in JDK for ARM. The java command line option XX:NativeMemoryTracking=detail is not supported for ARM targets (an error message is displayed to user). Instead, use the following option: XX:NativeMemoryTracking=summary Documentation Updates due to Nashorn Enhancements JDK 8u60 includes new enhancements to Nashorn. As a result the following documentation changes should be read in conjunction with the current Nashorn documentation: Addition: In the previous section, we mentioned that every JavaScript object when exposed to Java APIs implements the java.util.Map interface. This is true even for JavaScript arrays. However, this behavior is often not desired or expected when the Java code expects JSON-parsed objects. Java libraries that manipulate JSON-parsed objects usually expect arrays to expose the java.util.List interface instead. If you need to expose your JavaScript objects so that arrays are exposed as lists and not maps, you can use the Java.asJSONCompatible(obj) function, where obj is the root of your JSON object tree. Correction: The caution mentioned at the end of Mapping Data Types section, is no longer applicable. Nashorn ensures that internal JavaScript strings are converted to java.lang.String when exposed externally. Correction: The statement in the section Mapping Data Types, that mentions "For example, arrays must be explicitly converted,..." is not correct. Arrays are automatically converted to Java array types, such as java.util.List, java.util.Collection, java.util.Queue and java.util.Deque and so on. Changes in Deployment Rule Set v1.2 JDK 8u60 implements Deployment Rule Set (DRS) 1.2, which includes the following changes: Add "checksum" element as sub element of "id" which can allow unsigned jars to be identified by the SHA-256 checksum of the uncompressed form of a jar: The "checksum" element will match only unsigned jars, and the given hash will be compared only against the uncompressed form of the jar. The "checksum" element (similar to "certificate" element) has two arguments "hash" and "algorithm", however, unlike "certificate" element, the only supported value for "algorithm" is "SHA-256". Any other value provided will be ignored. Allow "message" element to apply to all rule types, where previously it only applied to a block rule: In a run rule, a message sub element will cause a message dialog to be displayed where without a run rule, the default behavior would be to show certificate or unsigned dialog. The message will be displayed in the message dialog. In a default rule, the message will only be displayed if the default action is to block. In such a case the message will be included in the block dialog. Echo "customer" blocks in the Java Console, trace files, and Java Usage Tracker records. Previous to DRS 1.2, "customer" elements could be included (with any sub-elements) in the ruleset.xml file. This element and all its sub elements are ignored. In DRS 1.2, the elements are still functionally ignored. However: When parsing the ruleset.xml file, all "customer" blocks will be echoed to the Java Console and deployment trace file (if Console and Tracing are enabled). When using a rule, all "customer" records included within that rule will be added to the Java Usage Tracker (JUT) record (if JUT is enabled). As a result of the above changes, the DTD for DRS 1.2 is as follows: <!ELEMENT ruleset (rule*)> <!ATTRIBUTE ruleset href CDATA #IMPLIED> <!ATTRIBUTE ruleset version CDATA #REQUIRED> <!ELEMENT rule (id, action)> <!ELEMENT id (certificate?) (checksum?) > <!ATTRIBUTE id title CDATA #IMPLIED> <!ATTRIBUTE id location CDATA #IMPLIED> <!ELEMENT certificate EMPTY> <!ATTLIST certificate algorithm CDATA #IMPLIED> <!ATTLIST certificate hash CDATA #REQUIRED> <!ELEMENT checksum EMPTY> <!ATTLIST checksum algorithm CDATA #IMPLIED> <!ATTLIST checksum hash CDATA #REQUIRED> <!ELEMENT action (message?)> <!ATTRIBUTE permission (run | block | default) #REQUIRED> <!ATTRIBUTE version CDATA #IMPLIED> <!ATTRIBUTE force (true|false) "false"> <!ELEMENT message (#PCDATA)> <!ATTLIST message locale CDATA #IMPLIED> Java Expiration Date The expiration date for 8u60 is October 20, 2015. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u60) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version. Bug Fixes For a list of bug fixes included in this release, see JDK 8u60 Bug Fixes page.
Scale down the metaspace reservation for compressed class pointers. This allows the JVM to work properly in a 2GB VA limit. Bump revision.
Update to 1.8.51 (8u51) Changelog: Bugfixes http://www.oracle.com/technetwork/java/javase/2col/8u51-bugfixes-2587594.html Bug Id Category Subcategory Description JDK-8071668 client-libs java.awt [macosx] Clipboard does not work with 3rd parties Clipboard Managers JDK-8077685 core-libs java.util:i18n (tz) Support tzdata2015d JDK-8075602 deploy Applet throws java.security AccessControlException in java console when playing it JDK-8079223 deploy unnecessary performance degradation caused by fix to JDK-8052111 JDK-8069161 deploy plugin Slow cache performance since JRE 7u06 JDK-8076343 deploy plugin JNLP property apple.laf.useScreenMenuBar no longer treated as secure for Mac OS JDK-8071897 deploy webstart JRE 8U25 and 8u31 b32 cannot launch Java Web Start with proxy pac but works fine for 7u67 JDK-8078815 deploy webstart Launching of jnlp app fails with JNLPException JDK-8035938 hotspot jvmti Memory leak in JvmtiEnv::GetConstantPool JDK-8064546 security-libs javax.crypto CipherInputStream throws BadPaddingException if stream is not fully read JDK-8078439 security-libs org.ietf.jgss SPNEGO auth fails if client proposes MS krb5 OID JDK-8073357 xml jaxb schema1.xsd has wrong content. Sequence of the enum values has been changed JDK-8073385 xml jaxp Bad error message on parsing illegal character in XML attribute JDK-8074297 xml jaxp substring in XSLT returns wrong character if string contains supplementary chars Fix following security bugs. http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA CVE-2015-4760 CVE-2015-2628 CVE-2015-4731 CVE-2015-2590 CVE-2015-4732 CVE-2015-4733 CVE-2015-2638 CVE-2015-4736 CVE-2015-4748 CVE-2015-2597 CVE-2015-2664 CVE-2015-2632 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 CVE-2015-2659 CVE-2015-2619 CVE-2015-2637 CVE-2015-2596 CVE-2015-4749 CVE-2015-4729 CVE-2015-4000 CVE-2015-2808 CVE-2015-2627 CVE-2015-2625
Remove stale bits that are no longer needed (SunOS related). Use HAS_CONFIGURE, as the configure script is not a standard GNU script that pkgsrc expects and configure breaks with non-builtin libiconv.
Add support for building with GCC on SunOS, largely based on openjdk7 patches by jesse et al. Fixes build on SunOS.
Disable use of C++ precompiled headers. My benchmark shows that they make the build at least 10% slower.
Fix rpath in launchers for builds w/ dynamic libjli. Bump.
Update openjdk8 to latest version from the bsd-port hg tree. (u45-b13) No full changelog available but at least fixes the security issues noted in the April 2015 Critical Patch Update from Oracle.
Add jps to the list of wrapped java binaries. Bump PKGREVISION
Do the previous hack differently since joerg@ objected. Also wrap it in ifdef BATCH since it works around an artificially introduced limit.
fix conditional build of libsctp for platforms that don't support sctp
Fix typo that broke os::current_thread_id() on NetBSD. Bump rev.
- put -D__STDC_LIMIT_MACROS on command line instead of patching it everywhere - don't use ALT_JDK_IMPORT_PATH on SunOS, just build like on other platforms - regen all bootstraps to facilitate removal of the +UseSerialGC hacks - bootstrap binaries on FTP are now PGP signed - remove a handful of obsolete patches
Bump rev
more autoconf overrides
- Add missing CONFIG_SUB_OVERRIDE - Run javac compiler in verbose mode so we get some indication of progress - Fix compile errors when jdk-zero-vm and debug are both enabled - Fix architecture names for ARM - Use NetBSD atomic ops implementations on NetBSD/evbarm - CreateJars.gmk: previous patch expanded to empty command, fix it for real
- sync w/ lang/openjdk7 - add basic support for NetBSD/sparc64 - can use either cups-1.5 or cups-2.0 headers for build - rerun configure after the 1st build pass, since boot jdk major changes
Really fix previous. Now fontconfig loads and the jconsole UI comes up. Bump PKGREVISION.
fix hilarious typo
FreeBSD/clang build fix
Import openjdk8-1.8.31 as lang/openjdk8. Open-source implementation of the Java Platform, Standard Edition.