[PATCH] sun-jre6u5 to u7

To: pkgsrc-users%netbsd.org@localhost
Subject: [PATCH] sun-jre6u5 to u7
From: Mark Knox <markk%pixin.net@localhost>
Date: Thu, 24 Jul 2008 14:59:46 -0400

Hi all,

I have been receiving the following vulnerability notice from
audit-packages for quite some time now and haven't seen any change in
pkgsrc from 'cvs up', so I decided to do something about it:

Running /etc/security.local:
Package sun-jre6-6.0.5 has a multiple-vulnerabilities vulnerability, see: 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115]

Please find attached a quick patch for packages lang/sun-jre6 and
lang/sun-jdk6 that brings them up to Java SE 6u7. (I only did the i586
packages.. someone will need to update x64 as well.)

If the patch isn't useful, just toss it. I did it for my own benefit but
figured I would pass it along in case it helps someone else.

Cheers,
-- 
    __ .-------.
   |==||       |            -(  Mark 'segfault' Knox  )-
   |==||_______|
   |::| __===__`. .'`.  "Unix *is* user-friendly.. it's just
   |__|/:::::::\ ~  (_)       picky about its friends."
GPG 7A588C62 / 8782 2741 776E F4BE 7E73 3FF9 9245 E7FD 7A58 8C62

--- Makefile.orig       2008-07-24 13:48:26.000000000 -0400
+++ Makefile    2008-07-24 14:06:53.000000000 -0400
@@ -1,15 +1,15 @@
 # $NetBSD: Makefile,v 1.8 2008/03/05 22:32:09 tnn Exp $
 
-DISTNAME=      jdk-6u5-linux-${DIST_ARCH}
-PKGNAME=       sun-jdk6-6.0.5
+DISTNAME=      jdk-6u7-linux-${DIST_ARCH}
+PKGNAME=       sun-jdk6-6.0.7
 MASTER_SITES=  # empty
 
-DOWNLOAD_NAME= JDK 6u5
+DOWNLOAD_NAME= JDK 6u7
 SHORT_NAME=    JDK
 
 DEPENDS+=      ${PKGNAME_NOREV:S/jdk/jre/}*:../../lang/sun-jre6
 
-WRKSRC=                ${WRKDIR}/jdk1.6.0_05
+WRKSRC=                ${WRKDIR}/jdk1.6.0_07
 JAVA_WRAPPERS= appletviewer apt extcheck idlj jar jarsigner \
                javac javadoc javah javap jdb rmic serialver
 
--- distinfo.orig       2008-07-24 13:48:52.000000000 -0400
+++ distinfo    2008-07-24 14:06:36.000000000 -0400
@@ -1,8 +1,8 @@
 $NetBSD: distinfo,v 1.4 2008/03/05 22:32:09 tnn Exp $
 
-SHA1 (jdk-6u5-linux-i586.bin) = 0e5f6163bbd1ca388939345a1853c30d95e4a76d
-RMD160 (jdk-6u5-linux-i586.bin) = b965b2d715ae01b7e829e875b38892bada80cee2
-Size (jdk-6u5-linux-i586.bin) = 70504987 bytes
 SHA1 (jdk-6u5-linux-x64.bin) = dd1bcccc6aafd86022014beb53f4df0be51e3ee6
 RMD160 (jdk-6u5-linux-x64.bin) = 7fe84df0edf809d1e17ab93b5a1afb1050addac8
 Size (jdk-6u5-linux-x64.bin) = 63724381 bytes
+SHA1 (jdk-6u7-linux-i586.bin) = f9a09d52e078c03f6adaf64174fe54c1aee1fa93
+RMD160 (jdk-6u7-linux-i586.bin) = bd41d794f76812cf8102c699e9cf4bdceeb563ea
+Size (jdk-6u7-linux-i586.bin) = 78482905 bytes

--- Makefile.orig       2008-07-24 14:09:36.000000000 -0400
+++ Makefile    2008-07-24 14:10:03.000000000 -0400
@@ -3,16 +3,16 @@
 # Note: Regen distinfo with PKG_DEFAULT_OPTIONS+=sun-jre-jce
 # Note: Update DOWNLOAD_NAME when you update the JRE version
 
-DISTNAME=      jre-6u5-linux-${DIST_ARCH}
-PKGNAME=       sun-jre6-6.0.5
+DISTNAME=      jre-6u7-linux-${DIST_ARCH}
+PKGNAME=       sun-jre6-6.0.7
 MASTER_SITES=  # empty
 
-DOWNLOAD_NAME= Java Runtime Environment (JRE) 6u5
+DOWNLOAD_NAME= Java Runtime Environment (JRE) 6u7
 SHORT_NAME=    JRE
 
 USE_TOOLS+=    pax
 
-WRKSRC=                ${WRKDIR}/jre1.6.0_05
+WRKSRC=                ${WRKDIR}/jre1.6.0_07
 JAVA_WRAPPERS= java javaws keytool orbd policytool rmid rmiregistry \
                servertool tnameserv
 REQD_DIRS=     ${JAVA_HOME}
--- PLIST.linux-i386.orig       2008-07-24 14:15:18.000000000 -0400
+++ PLIST.linux-i386    2008-07-24 14:14:50.000000000 -0400
@@ -455,7 +455,6 @@
 java/sun-6/lib/zi/Asia/Beirut
 java/sun-6/lib/zi/Asia/Bishkek
 java/sun-6/lib/zi/Asia/Brunei
-java/sun-6/lib/zi/Asia/Calcutta
 java/sun-6/lib/zi/Asia/Choibalsan
 java/sun-6/lib/zi/Asia/Chongqing
 java/sun-6/lib/zi/Asia/Colombo
@@ -500,7 +499,6 @@
 java/sun-6/lib/zi/Asia/Riyadh87
 java/sun-6/lib/zi/Asia/Riyadh88
 java/sun-6/lib/zi/Asia/Riyadh89
-java/sun-6/lib/zi/Asia/Saigon
 java/sun-6/lib/zi/Asia/Sakhalin
 java/sun-6/lib/zi/Asia/Samarkand
 java/sun-6/lib/zi/Asia/Seoul
--- distinfo.orig       2008-07-24 14:09:32.000000000 -0400
+++ distinfo    2008-07-24 14:11:42.000000000 -0400
@@ -3,9 +3,9 @@
 SHA1 (jce_policy-6.zip) = 7b1b021bd63152b93a16c96bb3a64f0e685fc425
 RMD160 (jce_policy-6.zip) = 6f45ce5f3c067e186554f79b3f1a61e4d7d22aae
 Size (jce_policy-6.zip) = 9101 bytes
-SHA1 (jre-6u5-linux-i586.bin) = 12f469a4796ee1b33a801c2a020ea3fa322cde1e
-RMD160 (jre-6u5-linux-i586.bin) = 7c73f00d762e8f139ebe6ee41b388a6a8acf087b
-Size (jre-6u5-linux-i586.bin) = 19745768 bytes
 SHA1 (jre-6u5-linux-x64.bin) = 136ffb4c9048dc9a52e7e9b79b8e310909c8366d
 RMD160 (jre-6u5-linux-x64.bin) = 7734024c6ea70b801e87a31cc0816f654dfefae6
 Size (jre-6u5-linux-x64.bin) = 18349454 bytes
+SHA1 (jre-6u7-linux-i586.bin) = 1ce17c0d18947971c09bf1c9c3f8c2dbcd777ff2
+RMD160 (jre-6u7-linux-i586.bin) = 7783832c6eb7c0bb38476ec1b7dc8fdaf0a69a46
+Size (jre-6u7-linux-i586..bin) = 19754758 bytes

Attachment: pgpI_wJhPwaiw.pgp
Description: PGP signature

Prev by Date: Re: Call for tests: pkg_install-renovation
Next by Date: Re: RoundCube Webmail and encoding
Previous by Thread: I've visited your website http://www.netbsd.org/docs/network/ipv6/
Next by Thread: [HEADS UP] Removing sqlitemanager
Indexes:

Home | Main Index | Thread Index | Old Index