From: Vlastimil Babka Date: Tue, 1 May 2007 14:35:21 +0000 (+0000) Subject: Version bump for security bug #176675. X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=7face85b2827294d2de349cbe17546414505a6ce;p=gentoo.git Version bump for security bug #176675. Package-Manager: portage-2.1.2.5 --- diff --git a/dev-java/sun-jre-bin/ChangeLog b/dev-java/sun-jre-bin/ChangeLog index 6ac7386730be..091e7c8accb3 100644 --- a/dev-java/sun-jre-bin/ChangeLog +++ b/dev-java/sun-jre-bin/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for dev-java/sun-jre-bin # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-java/sun-jre-bin/ChangeLog,v 1.81 2007/04/23 08:35:49 opfer Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-java/sun-jre-bin/ChangeLog,v 1.82 2007/05/01 14:35:21 caster Exp $ + +*sun-jre-bin-1.4.2.14 (01 May 2007) + + 01 May 2007; Vlastimil Babka + +sun-jre-bin-1.4.2.14.ebuild: + Version bump for security bug #176675. 23 Apr 2007; Christian Faulhammer sun-jre-bin-1.5.0.11.ebuild: diff --git a/dev-java/sun-jre-bin/Manifest b/dev-java/sun-jre-bin/Manifest index 1636e30ff34c..099e664dc49d 100644 --- a/dev-java/sun-jre-bin/Manifest +++ b/dev-java/sun-jre-bin/Manifest @@ -1,6 +1,3 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - AUX construct-1.6.sh 6798 RMD160 799ca391fbd21f367967d7c9ecd41426f4a72401 SHA1 014a26831f8f3cee9653d42cd194216cda2e1787 SHA256 32639949b003703e236257f3d2d3272659ab89c80b2819bdb552af2d5f3070d7 MD5 7d7c11a7876fbf6faa240eba586f7793 files/construct-1.6.sh 6798 RMD160 799ca391fbd21f367967d7c9ecd41426f4a72401 files/construct-1.6.sh 6798 @@ -26,6 +23,7 @@ MD5 7eb33864659e555b9520aaaece4f8ba5 files/sun-jre-bin-1.6.env 852 RMD160 ee3b29a24da833b3a4e19d55153ce8aa6cde02cc files/sun-jre-bin-1.6.env 852 SHA256 aa0a81aa290b056981bf7b8a5e585bb9d735be225ac11c3b29d9c9d99e095a79 files/sun-jre-bin-1.6.env 852 DIST j2re-1_4_2_13-linux-i586.bin 14363192 RMD160 ebe620a4a9ab5cd168345e5a26a58a759798854b SHA1 dded54dd6f926adf3aa17fe774ab5ae890f8313a SHA256 faaf24745233ef8cc112c848fb507b4aa1a274dd1f2adf6613bea2b6f60c79f2 +DIST j2re-1_4_2_14-linux-i586.bin 14373288 RMD160 7054f23ae3a4fd304dfbb7e9c73da8462507c720 SHA1 28704686d1200cc1830a03c48452731f04603888 SHA256 1d211f9f2f34f108d9f3fde745838965b83695301d953775e60fcf8cc3c163d3 DIST jdk-1_5_0_10-dlj-linux-amd64.bin 43906073 RMD160 2d13d637b6d7351410f9e18d581206a05091effe SHA1 b0c4440f7059b2d477a437e5c58f135820e86326 SHA256 5bbac3fb78db48f7f996e412d45229db3a0b759886f360504cca61c93d4b5f61 DIST jdk-1_5_0_10-dlj-linux-i586.bin 49553457 RMD160 8aa7b53064831d800b8aeae67ffd3f5e4e2e3155 SHA1 fc4883d6da60940cbe4b6c2575478cead26313ff SHA256 e4300d88ae630f02132a4ce23afbdc40f994de91b37d4b64cb1da0b58df678fa DIST jdk-1_5_0_11-dlj-linux-amd64.bin 43954177 RMD160 bd865019d3fb2268800696207dba158ea2986a7f SHA1 151315b9eb70f81ac88712e151da5c0a5aeaca23 SHA256 98df66902f42f764cb89b12a1502b976f2e5ddb2aa5000e14846b90cef74e0db @@ -36,6 +34,10 @@ EBUILD sun-jre-bin-1.4.2.13.ebuild 4609 RMD160 cc38c48c6921d4e0b40bd122bd2536493 MD5 f4b3e77d0c403c4a1bd6ef09cfac2692 sun-jre-bin-1.4.2.13.ebuild 4609 RMD160 cc38c48c6921d4e0b40bd122bd2536493cb108fc sun-jre-bin-1.4.2.13.ebuild 4609 SHA256 5e406a28ca2f544a30f7266c1b7c0848510b2dab62021ac7fde1b08d401be6b1 sun-jre-bin-1.4.2.13.ebuild 4609 +EBUILD sun-jre-bin-1.4.2.14.ebuild 4610 RMD160 5024dde5634af3a637b530d08c3923e2c514b140 SHA1 8d1b7d93c9a7ceb18da85f905ea5a168d47bae4c SHA256 74182dc3642dfa9e154856447588d4cab407ec83f48fccb5dd606afee59dab15 +MD5 2f6c4ad6a6ed6edb27218851225258d9 sun-jre-bin-1.4.2.14.ebuild 4610 +RMD160 5024dde5634af3a637b530d08c3923e2c514b140 sun-jre-bin-1.4.2.14.ebuild 4610 +SHA256 74182dc3642dfa9e154856447588d4cab407ec83f48fccb5dd606afee59dab15 sun-jre-bin-1.4.2.14.ebuild 4610 EBUILD sun-jre-bin-1.5.0.10.ebuild 3834 RMD160 72308022c20493d257983923273a6915605b3487 SHA1 6d5741d41a6956748eeb32f0fc5c863303d35286 SHA256 cf44ef723fd0330947a669456833146be1b852fa6880ddeb85e96aacdd0afc26 MD5 6c9f98ce381ca8c4a5217e93492299df sun-jre-bin-1.5.0.10.ebuild 3834 RMD160 72308022c20493d257983923273a6915605b3487 sun-jre-bin-1.5.0.10.ebuild 3834 @@ -52,10 +54,10 @@ EBUILD sun-jre-bin-1.6.0.ebuild 3882 RMD160 967b27493f5dade14bccee0a626c5f70cd2d MD5 eaabfc7a033301ed532b757f6d8f8c35 sun-jre-bin-1.6.0.ebuild 3882 RMD160 967b27493f5dade14bccee0a626c5f70cd2d4e72 sun-jre-bin-1.6.0.ebuild 3882 SHA256 dc9b72020dbd0084421564773c733a104845f4d4f94ad872af2c1f82a2bea4cc sun-jre-bin-1.6.0.ebuild 3882 -MISC ChangeLog 15223 RMD160 ef8c43c2fc26269010aa579ee5d4c92f3754b768 SHA1 68c11f1492da759f7417f5675ad84cf319a68728 SHA256 4ff7d1c217c6a1b37d62fccefaa9c1490e36581505b6239ddac34b000725babd -MD5 ea8786825e33c5dfa62e49b50b3b7522 ChangeLog 15223 -RMD160 ef8c43c2fc26269010aa579ee5d4c92f3754b768 ChangeLog 15223 -SHA256 4ff7d1c217c6a1b37d62fccefaa9c1490e36581505b6239ddac34b000725babd ChangeLog 15223 +MISC ChangeLog 15386 RMD160 2cb5a60997557295997dd14fde3b754cb8c00ed4 SHA1 845a59a3cb20a7b2506e1379dc6f806d368785e0 SHA256 2fb8141b9d524957e22f27b8cda3250146777a189040935a3e46b35b7f379c80 +MD5 6d5ae07fdc9c7e452ae0bf7ab0d91560 ChangeLog 15386 +RMD160 2cb5a60997557295997dd14fde3b754cb8c00ed4 ChangeLog 15386 +SHA256 2fb8141b9d524957e22f27b8cda3250146777a189040935a3e46b35b7f379c80 ChangeLog 15386 MISC metadata.xml 240 RMD160 8c29e03b578ddd40c82afe82d42498d4c855e745 SHA1 9d97dffe17dd3ea241edafeb9a12479d4e0bc17f SHA256 3736870ea8f5be547aa7555022da8690eba4e4c1cdfeac21a6cba84a7d1cc07f MD5 c7683734eb61c03c450e551efa7b4d5a metadata.xml 240 RMD160 8c29e03b578ddd40c82afe82d42498d4c855e745 metadata.xml 240 @@ -63,6 +65,9 @@ SHA256 3736870ea8f5be547aa7555022da8690eba4e4c1cdfeac21a6cba84a7d1cc07f metadata MD5 164ca1935f8e5fde76df8f7fe7f85200 files/digest-sun-jre-bin-1.4.2.13 271 RMD160 3b26ac8471bcd7d76f0c6ccd5c9dc7b762670863 files/digest-sun-jre-bin-1.4.2.13 271 SHA256 9a8ab82dadb094b1989330c320f789b97a576e08a21bc5e139f1428b8a2b582b files/digest-sun-jre-bin-1.4.2.13 271 +MD5 070ceb09f81531b78a08dea1545ad98f files/digest-sun-jre-bin-1.4.2.14 271 +RMD160 02e004d8c192e9333e0d0212af899e827f40c886 files/digest-sun-jre-bin-1.4.2.14 271 +SHA256 6b13dcea204a1fef7f2ff53dd6e222d2d747ee0b2b9f5d56d5a5cfd3b86207f4 files/digest-sun-jre-bin-1.4.2.14 271 MD5 bfc73dd88d30c26b64d0590cb52d7547 files/digest-sun-jre-bin-1.5.0.10 563 RMD160 ce0632d08fdd27b76bd6e2de244a0516555aeef0 files/digest-sun-jre-bin-1.5.0.10 563 SHA256 f1f582a1bfca18c6375dc35e75bd199066d2361ffbf7e577a592afb4b351e34d files/digest-sun-jre-bin-1.5.0.10 563 @@ -75,10 +80,3 @@ SHA256 d5cebb938ce9873bffbdee08dfc2d4e46c0984e6d420221916b9acd94a0118c4 files/di MD5 7cca7ffac6725b17472340fe8db317f6 files/digest-sun-jre-bin-1.6.0-r1 521 RMD160 7329a96c4622d1ea677604d88299616019b8f1d2 files/digest-sun-jre-bin-1.6.0-r1 521 SHA256 d5cebb938ce9873bffbdee08dfc2d4e46c0984e6d420221916b9acd94a0118c4 files/digest-sun-jre-bin-1.6.0-r1 521 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.6 (GNU/Linux) - -iD8DBQFGLG/7NQqtfCuFneMRAl1GAKCYl52Ax1mo1tuj0h7etPf5fqoRbACgiO69 -kIg9vnR2bj6HoreguwFAbi0= -=F7MC ------END PGP SIGNATURE----- diff --git a/dev-java/sun-jre-bin/files/digest-sun-jre-bin-1.4.2.14 b/dev-java/sun-jre-bin/files/digest-sun-jre-bin-1.4.2.14 new file mode 100644 index 000000000000..5d53b3ab4198 --- /dev/null +++ b/dev-java/sun-jre-bin/files/digest-sun-jre-bin-1.4.2.14 @@ -0,0 +1,3 @@ +MD5 d7fc76d19c0800b0f94e1e7a781885df j2re-1_4_2_14-linux-i586.bin 14373288 +RMD160 7054f23ae3a4fd304dfbb7e9c73da8462507c720 j2re-1_4_2_14-linux-i586.bin 14373288 +SHA256 1d211f9f2f34f108d9f3fde745838965b83695301d953775e60fcf8cc3c163d3 j2re-1_4_2_14-linux-i586.bin 14373288 diff --git a/dev-java/sun-jre-bin/sun-jre-bin-1.4.2.14.ebuild b/dev-java/sun-jre-bin/sun-jre-bin-1.4.2.14.ebuild new file mode 100644 index 000000000000..44ac9ddd76d6 --- /dev/null +++ b/dev-java/sun-jre-bin/sun-jre-bin-1.4.2.14.ebuild @@ -0,0 +1,160 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-java/sun-jre-bin/sun-jre-bin-1.4.2.14.ebuild,v 1.1 2007/05/01 14:35:21 caster Exp $ + +inherit java-vm-2 eutils + +MY_PV=${PV%.*}_${PV##*.} +MY_PV2=${PV//./_} +At="j2re-${MY_PV2}-linux-i586.bin" +S="${WORKDIR}/j2re${MY_PV}" +DESCRIPTION="Sun's J2SE Platform" +HOMEPAGE="http://java.sun.com/j2se/1.4.2/" +SRC_URI=${At} +SLOT="1.4" +LICENSE="sun-bcla-java-vm-1.4.2" +KEYWORDS="-* ~x86" +RESTRICT="fetch" +IUSE="X alsa nsplugin" + +DEPEND="sys-apps/sed" + +RDEPEND="alsa? ( media-libs/alsa-lib ) + X? ( + x11-libs/libICE + x11-libs/libSM + x11-libs/libX11 + x11-libs/libXau + x11-libs/libXdmcp + x11-libs/libXext + x11-libs/libXi + x11-libs/libXp + x11-libs/libXt + x11-libs/libXtst + )" + + +PACKED_JARS="lib/rt.jar lib/jsse.jar lib/charsets.jar +lib/ext/localedata.jar lib/plugin.jar javaws/javaws.jar" + +# this is needed for proper operating under a PaX kernel without activated grsecurity acl +CHPAX_CONSERVATIVE_FLAGS="pemsv" + +DOWNLOAD_URL="http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=22&PartDetailId=j2re-${MY_PV}-oth-JPR&SiteId=JSC&TransactionId=noreg" + +QA_TEXTRELS_x86="opt/${P}/lib/i386/libawt.so + opt/${P}/plugin/i386/ns4/libjavaplugin.so + opt/${P}/plugin/i386/ns610/libjavaplugin_oji.so + opt/${P}/plugin/i386/ns610-gcc32/libjavaplugin_oji.so" + +pkg_nofetch() { + einfo "Please download ${At} from:" + einfo ${DOWNLOAD_URL} + einfo "(accept the license, then click on 'self-extracting file' under 'Linux Platform')" + einfo "and move it to ${DISTDIR}" +} + +src_unpack() { + if [ ! -r ${DISTDIR}/${At} ]; then + eerror "cannot read ${At}. Please check the permission and try again." + die + fi + #Search for the ELF Header + testExp=$'\177\105\114\106\001\001\001' + startAt=`grep -aonm 1 ${testExp} ${DISTDIR}/${At} | cut -d: -f1` + tail -n +${startAt} ${DISTDIR}/${At} > install.sfx + chmod +x install.sfx + ./install.sfx || die + rm install.sfx + + if [ -f ${S}/lib/unpack ]; then + UNPACK_CMD=${S}/lib/unpack + chmod +x $UNPACK_CMD + sed -i 's#/tmp/unpack.log#/dev/null\x00\x00\x00\x00\x00\x00#g' $UNPACK_CMD + for i in $PACKED_JARS; do + PACK_FILE=${S}/`dirname $i`/`basename $i .jar`.pack + if [ -f ${PACK_FILE} ]; then + echo " unpacking: $i" + $UNPACK_CMD ${PACK_FILE} ${S}/$i + rm -f ${PACK_FILE} + fi + done + fi +} + +src_install() { + local dirs="bin lib man javaws plugin" + dodir /opt/${P} + + for i in $dirs ; do + cp -pPR $i ${D}/opt/${P}/ + done + + dodoc CHANGES COPYRIGHT README LICENSE THIRDPARTYLICENSEREADME.txt + dohtml Welcome.html ControlPanel.html + + if use nsplugin; then + local plugin_dir="ns610" + if has_version '>=sys-devel/gcc-3.2' ; then + plugin_dir="ns610-gcc32" + fi + install_mozilla_plugin /opt/${P}/plugin/i386/$plugin_dir/libjavaplugin_oji.so + fi + + # bug #147259 + dosym ../javaws/javaws /opt/${P}/bin/javaws + + # create dir for system preferences + dodir /opt/${P}/.systemPrefs + + # create dir for system preferences + dodir /opt/${P}/.systemPrefs + # Create files used as storage for system preferences. + touch ${D}/opt/${P}/.systemPrefs/.system.lock + chmod 644 ${D}/opt/${P}/.systemPrefs/.system.lock + touch ${D}/opt/${P}/.systemPrefs/.systemRootModFile + chmod 644 ${D}/opt/${P}/.systemPrefs/.systemRootModFile + + # install control panel for Gnome/KDE + sed -e "s/INSTALL_DIR\/JRE_NAME_VERSION/\/opt\/${P}/" \ + -e "s/\(Name=Java\)/\1 Control Panel/" \ + ${D}/opt/${P}/plugin/desktop/sun_java.desktop > \ + ${T}/sun_java-jre.desktop + domenu ${T}/sun_java-jre.desktop + + set_java_env +} + +pkg_postinst () { + # Set as default VM if none exists + java-vm-2_pkg_postinst + + # if chpax is on the target system, set the appropriate PaX flags + # this will not hurt the binary, it modifies only unused ELF bits + # but may confuse things like AV scanners and automatic tripwire + if has_version sys-apps/chpax + then + echo + einfo "setting up conservative PaX flags for jar, javac and java" + + for paxkills in "java" + do + chpax -${CHPAX_CONSERVATIVE_FLAGS} /opt/${P}/bin/$paxkills + done + + # /opt/sun-jdk-1.4.2.03/bin/java_vm + chpax -${CHPAX_CONSERVATIVE_FLAGS} /opt/${P}/bin/java_vm + + einfo "you should have seen lots of chpax output above now" + ewarn "make sure the grsec ACL contains those entries also" + ewarn "because enabling it will override the chpax setting" + ewarn "on the physical files - help for PaX and grsecurity" + ewarn "can be given by #gentoo-hardened + hardened@gentoo.org" + fi + + if ! use X; then + echo + ewarn "Some parts of Sun's JDK require virtual/x11 to be installed." + ewarn "Be careful which Java libraries you attempt to use." + fi +}