-
Notifications
You must be signed in to change notification settings - Fork 694
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
openjdk: version upgrades to fix CVEs
Fixes: CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235 openjdk21: new addition. Change-Id: I330ad33e8ff4751d2a693d462648c2bdb53a9ef2 Signed-off-by: Shreenidhi Shedi <[email protected]> Reviewed-on: http://photon-gerrit.lvn.broadcom.net/c/photon/+/25119 Tested-by: gerrit-photon <[email protected]> Reviewed-by: Guruswamy Basavaiah <[email protected]>
- Loading branch information
Showing
8 changed files
with
298 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| License: BSD-2-Clause AND Apache-1.1 AND SunPro AND BSD-3-Clause AND FTL AND MIT-Modern-Variant AND (BSD-3-Clause OR Apache-2.0) AND Unicode-DFS-2016 AND LGPL-2.1-or-later AND SAX-PD AND CC0-1.0 AND MPL-2.0 AND GPL-2.0-or-later WITH Autoconf-exception-generic AND MIT-open-group AND Zlib AND Apache-2.0 AND UPL-1.0 AND GPL-2.0-only AND (MIT OR GPL-1.0-or-later) AND (MIT OR GPL-3.0-only) AND GPL-3.0-only AND MIT AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND ISC AND Unicode-DFS-2015 AND HPND-export2-US AND GPL-2.0-only WITH Classpath-exception-2.0 AND W3C-19980720 AND SMLNJ AND Libpng AND GPL-3.0-or-later AND (MPL-1.1 OR GPL-2.0-or-later OR LGPL-2.1-or-later) AND LGPL-2.1-only AND W3C AND Unicode-3.0 AND (MIT OR GPL-3.0-only) AND (FTL OR GPL-2.0-only) AND BSD-3-Clause-No-Nuclear-License AND softSurfer AND IJG |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| License: BSD-2-Clause AND Apache-1.1 AND SunPro AND Unicode-TOU AND BSD-3-Clause AND FTL AND MIT-Modern-Variant AND SAX-PD AND CC0-1.0 AND MPL-2.0 AND GPL-2.0-or-later WITH Autoconf-exception-generic AND MIT-open-group AND Zlib AND Apache-2.0 AND UPL-1.0 AND GPL-2.0-only AND (MIT OR GPL-1.0-or-later) AND GPL-3.0-only AND MIT AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND ISC AND W3C-19980720 AND HPND-export2-US AND GPL-2.0-only WITH Classpath-exception-2.0 AND ICU AND SMLNJ AND Libpng AND GPL-3.0-or-later AND (MPL-1.1 OR GPL-2.0-or-later OR LGPL-2.1-or-later) AND W3C AND Unicode-3.0 AND (FTL OR GPL-2.0-only) AND softSurfer AND IJG |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| License: CC0-1.0 AND GPL-3.0-or-later WITH Autoconf-exception-macro AND X11 AND GFDL-1.1-only AND FSFAP AND Apache-2.0 AND FSFULLRWD AND FSFUL AND MIT AND GPL-2.0-or-later WITH Libtool-exception AND FSFULLR AND BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later WITH Autoconf-exception-generic AND GPL-3.0-or-later WITH Autoconf-exception-generic-3.0 AND GPL-2.0-or-later |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,19 +1,22 @@ | ||
| %global security_hardening none | ||
| %define jdk_major_version 1.11.0 | ||
| %define _use_internal_dependency_generator 0 | ||
| %define _jobs %(echo $(( ($(nproc)+1) / 2 ))) | ||
|
|
||
| Summary: OpenJDK | ||
| Name: openjdk11 | ||
| Version: 11.0.20 | ||
| Release: 7%{?dist} | ||
| License: GNU General Public License V2 | ||
| Version: 11.0.26 | ||
| Release: 1%{?dist} | ||
| URL: https://github.com/openjdk/jdk11u | ||
| Group: Development/Tools | ||
| Vendor: VMware, Inc. | ||
| Distribution: Photon | ||
|
|
||
| Source0: https://github.com/openjdk/jdk11u/archive/refs/tags/jdk-%{version}.tar.gz | ||
| %define sha512 jdk-11.0=59dd536c613d58d5cd333ed680a8d51b88fc41e8cf2ec11c9996890b0ad704132b2f0f086a6ba280da84565853cb4e21a030e04280ea3d888ecb156c21e8ca29 | ||
| Source0: https://github.com/openjdk/jdk11u/archive/refs/tags/jdk-%{version}-ga.tar.gz | ||
| %define sha512 jdk-11.0=b5375de7c39aafa4fe1ef6556e17bf5c8ace577953ea8e666c4e8adc3e8b0f6fdbf20b7c426a156420acb99787363e0e4c9d36df20cefcef5e74a48bb75eeb24 | ||
|
|
||
| Source1: license-openjdk11.txt | ||
| %include %{SOURCE1} | ||
|
|
||
| BuildRequires: pcre-devel | ||
| BuildRequires: which | ||
|
|
@@ -28,6 +31,15 @@ BuildRequires: freetype2-devel | |
| BuildRequires: glib-devel | ||
| BuildRequires: harfbuzz-devel | ||
| BuildRequires: elfutils-libelf-devel | ||
| BuildRequires: icu icu-devel | ||
| BuildRequires: cups cups-devel | ||
| BuildRequires: libXtst libXtst-devel libXi libXi-devel | ||
| BuildRequires: alsa-lib alsa-lib-devel util-macros | ||
| BuildRequires: xcb-proto libXdmcp libXdmcp-devel libXau-devel | ||
| BuildRequires: xtrans libxcb-devel proto libxcb libXau | ||
| BuildRequires: libX11 libX11-devel libXext libXext-devel | ||
| BuildRequires: libXt libXt-devel libXrender libXrender-devel | ||
| BuildRequires: libXrandr libXrandr-devel | ||
|
|
||
| Requires: chkconfig | ||
| Requires(postun): chkconfig | ||
|
|
@@ -38,13 +50,7 @@ Obsoletes: openjdk <= %{version} | |
|
|
||
| AutoReqProv: no | ||
|
|
||
| %ifarch x86_64 | ||
| %define ExtraBuildRequires icu-devel, cups, cups-devel, libXtst, libXtst-devel, libXfixes, libXfixes-devel, libXi, libXi-devel, icu, alsa-lib, alsa-lib-devel, xcb-proto, libXdmcp-devel, libXau-devel, util-macros, xtrans, libxcb-devel, proto, libXdmcp, libxcb, libXau, libX11, libX11-devel, libXext, libXext-devel, libXt, libXt-devel, libXrender, libXrender-devel, libXrandr, libXrandr-devel, openjdk11 | ||
| %endif | ||
|
|
||
| %ifarch aarch64 | ||
| %define ExtraBuildRequires icu-devel, cups, cups-devel, libXtst, libXtst-devel, libXi, libXi-devel, icu, alsa-lib, alsa-lib-devel, xcb-proto, libXdmcp-devel, libXau-devel, util-macros, xtrans, libxcb-devel, proto, libXdmcp, libxcb, libXau, libX11, libX11-devel, libXext, libXext-devel, libXt, libXt-devel, libXrender, libXrender-devel, libXrandr, libXrandr-devel, openjdk11 | ||
| %endif | ||
| %define ExtraBuildRequires openjdk11 | ||
|
|
||
| %description | ||
| The OpenJDK package installs java class library and javac java compiler. | ||
|
|
@@ -85,7 +91,7 @@ Requires: %{name} = %{version}-%{release} | |
| This package provides the runtime library class sources. | ||
|
|
||
| %prep | ||
| %autosetup -p1 -n jdk11u-jdk-%{version}-6 | ||
| %autosetup -p1 -n jdk11u-jdk-%{version}-ga | ||
|
|
||
| %build | ||
| chmod a+x ./configur* | ||
|
|
@@ -112,12 +118,12 @@ make \ | |
| STRIP_POLICY=no_strip \ | ||
| POST_STRIP_CMD="" \ | ||
| LOG=trace \ | ||
| JOBS=$(nproc) | ||
| JOBS=%{_jobs} | ||
|
|
||
| %install | ||
| unset JAVA_HOME | ||
| # make doesn't support _smp_mflags | ||
| make install JOBS=$(nproc) | ||
| make install JOBS=%{_jobs} | ||
|
|
||
| install -vdm755 %{buildroot}%{_libdir}/jvm/OpenJDK-%{jdk_major_version} | ||
| chown -R root:root %{buildroot}%{_libdir}/jvm/OpenJDK-%{jdk_major_version} | ||
|
|
@@ -246,6 +252,8 @@ rm -rf %{buildroot}/* %{_libdir}/jvm/OpenJDK-* | |
| %{_libdir}/jvm/OpenJDK-%{jdk_major_version}/lib/src.zip | ||
|
|
||
| %changelog | ||
| * Wed Jan 22 2025 Shreenidhi Shedi <[email protected]> 11.0.26-1 | ||
| - Upgrade to v11.0.26 | ||
| * Mon Dec 16 2024 Brennan Lamoreaux <[email protected]> 11.0.20-7 | ||
| - Version bump as a part of cups upgrade | ||
| * Fri Sep 29 2023 Srish Srinivasan <[email protected]> 11.0.20-6 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,19 +1,22 @@ | ||
| %global security_hardening none | ||
| %define jdk_major_version 17 | ||
| %define _use_internal_dependency_generator 0 | ||
| %define _jobs %(echo $(( ($(nproc)+1) / 2 ))) | ||
|
|
||
| Summary: OpenJDK | ||
| Name: openjdk17 | ||
| Version: 17.0.8 | ||
| Release: 3%{?dist} | ||
| License: GNU General Public License V2 | ||
| Version: 17.0.14 | ||
| Release: 1%{?dist} | ||
| URL: https://github.com/openjdk/jdk17u | ||
| Group: Development/Tools | ||
| Vendor: VMware, Inc. | ||
| Distribution: Photon | ||
|
|
||
| Source0: https://github.com/openjdk/jdk17u/archive/refs/tags/jdk-%{version}-5.tar.gz | ||
| %define sha512 jdk-17=af6ae3759dda8e7612b8860ccc9c69df260ffa18c80fd73ca71737854aa926442c02e1f56d7bd39dc6ec7f24095a47fc1e448bdcf6f0531ad8bbf403056c0dec | ||
| Source0: https://github.com/openjdk/jdk17u/archive/refs/tags/jdk-%{version}-ga.tar.gz | ||
| %define sha512 jdk-17=0643ac52b68e5884734289ab13592feef7273db96f7b5c0fd77d801e4d4e44a84abcc439fd1b138119c5583986f1d0b058aa74f55b00e0dfd31333cbb536744d | ||
|
|
||
| Source1: license-openjdk17.txt | ||
| %include %{SOURCE1} | ||
|
|
||
| BuildRequires: pcre-devel | ||
| BuildRequires: which | ||
|
|
@@ -28,21 +31,26 @@ BuildRequires: freetype2-devel | |
| BuildRequires: glib-devel | ||
| BuildRequires: harfbuzz-devel | ||
| BuildRequires: elfutils-libelf-devel | ||
| BuildRequires: icu icu-devel | ||
| BuildRequires: cups cups-devel | ||
| BuildRequires: libXtst libXtst-devel libXi libXi-devel | ||
| BuildRequires: alsa-lib alsa-lib-devel util-macros | ||
| BuildRequires: xcb-proto libXdmcp libXdmcp-devel libXau-devel | ||
| BuildRequires: xtrans libxcb-devel proto libxcb libXau | ||
| BuildRequires: libX11 libX11-devel libXext libXext-devel | ||
| BuildRequires: libXt libXt-devel libXrender libXrender-devel | ||
| BuildRequires: libXrandr libXrandr-devel | ||
|
|
||
| Requires: chkconfig | ||
| Requires(postun): chkconfig | ||
|
|
||
| Requires: %{name}-jre = %{version}-%{release} | ||
|
|
||
| AutoReqProv: no | ||
| Obsoletes: openjdk <= %{version} | ||
|
|
||
| %ifarch x86_64 | ||
| %define ExtraBuildRequires icu-devel, cups, cups-devel, libXtst, libXtst-devel, libXfixes, libXfixes-devel, libXi, libXi-devel, icu, alsa-lib, alsa-lib-devel, xcb-proto, libXdmcp-devel, libXau-devel, util-macros, xtrans, libxcb-devel, proto, libXdmcp, libxcb, libXau, libX11, libX11-devel, libXext, libXext-devel, libXt, libXt-devel, libXrender, libXrender-devel, libXrandr, libXrandr-devel, openjdk17 | ||
| %endif | ||
| AutoReqProv: no | ||
|
|
||
| %ifarch aarch64 | ||
| %define ExtraBuildRequires icu-devel, cups, cups-devel, openjdk17, libXtst, libXtst-devel, libXi, libXi-devel, icu, alsa-lib, alsa-lib-devel, xcb-proto, libXdmcp-devel, libXau-devel, util-macros, xtrans, libxcb-devel, proto, libXdmcp, libxcb, libXau, libX11, libX11-devel, libXext, libXext-devel, libXt, libXt-devel, libXrender, libXrender-devel, libXrandr, libXrandr-devel | ||
| %endif | ||
| %define ExtraBuildRequires openjdk17 | ||
|
|
||
| %description | ||
| The OpenJDK package installs java class library and javac java compiler. | ||
|
|
@@ -57,14 +65,15 @@ Requires: libstdc++ | |
| Requires: libgcc | ||
| Requires: zlib | ||
|
|
||
| Conflicts: %{name} < 17.0.8-1%{?dist} | ||
| Conflicts: %{name} < 17.0.8-4%{?dist} | ||
|
|
||
| %description jre | ||
| %{summary} | ||
|
|
||
| %package doc | ||
| Summary: Documentation and demo applications for openjdk | ||
| Group: Development/Languages/Java | ||
| Obsoletes: openjdk-doc <= %{version} | ||
| Requires: %{name} = %{version}-%{release} | ||
|
|
||
| %description doc | ||
|
|
@@ -73,13 +82,16 @@ It contains the documentation and demo applications for openjdk | |
| %package src | ||
| Summary: OpenJDK Java classes for developers | ||
| Group: Development/Languages/Java | ||
| Obsoletes: openjdk-src <= %{version} | ||
| Requires: %{name} = %{version}-%{release} | ||
|
|
||
| Provides: jre = %{version} | ||
|
|
||
| %description src | ||
| This package provides the runtime library class sources. | ||
|
|
||
| %prep | ||
| %autosetup -p1 -n jdk17u-jdk-%{version}-5 | ||
| %autosetup -p1 -n jdk17u-jdk-%{version}-ga | ||
|
|
||
| %build | ||
| chmod a+x ./configur* | ||
|
|
@@ -106,12 +118,12 @@ make \ | |
| STRIP_POLICY=no_strip \ | ||
| POST_STRIP_CMD="" \ | ||
| LOG=trace \ | ||
| JOBS=$(nproc) | ||
| JOBS=%{_jobs} | ||
|
|
||
| %install | ||
| unset JAVA_HOME | ||
| # make doesn't support _smp_mflags | ||
| make install JOBS=$(nproc) | ||
| make install JOBS=%{_jobs} | ||
|
|
||
| install -vdm755 %{buildroot}%{_libdir}/jvm/OpenJDK-%{jdk_major_version} | ||
| chown -R root:root %{buildroot}%{_libdir}/jvm/OpenJDK-%{jdk_major_version} | ||
|
|
@@ -231,6 +243,8 @@ rm -rf %{buildroot}/* %{_libdir}/jvm/OpenJDK-* | |
| %{_libdir}/jvm/OpenJDK-%{jdk_major_version}/lib/src.zip | ||
|
|
||
| %changelog | ||
| * Wed Jan 22 2025 Shreenidhi Shedi <[email protected]> 17.0.14-1 | ||
| - Upgrade to v17.0.14 | ||
| * Mon Dec 16 2024 Brennan Lamoreaux <[email protected]> 17.0.8-3 | ||
| - Version bump as a part of cups upgrade | ||
| * Fri Sep 29 2023 Srish Srinivasan <[email protected]> 17.0.8-2 | ||
|
|
||
Oops, something went wrong.