All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1
@ 2022-04-19  7:39 Peter Korsgaard
  2022-04-19  7:39 ` [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Peter Korsgaard
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Peter Korsgaard @ 2022-04-19  7:39 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

Fixes the following security issues:

  - JDK-8217375: jarsigner breaks old signature with long lines in manifest
  - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
  - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
  - JDK-8268488: More valuable DerValues
  - JDK-8268494: Better inlining of inlined interfaces
  - JDK-8268512: More content for ContentInfo
  - JDK-8268795: Enhance digests of Jar files
  - JDK-8268801: Improve PKCS attribute handling
  - JDK-8268813, CVE-2022-21283: Better String matching
  - JDK-8269151: Better construction of EncryptedPrivateKeyInfo
  - JDK-8269944: Better HTTP transport redux
  - JDK-8270386, CVE-2022-21291: Better verification of scan methods
  - JDK-8270392, CVE-2022-21293: Improve String constructions
  - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
  - JDK-8270492, CVE-2022-21282: Better resolution of URIs
  - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
  - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
  - JDK-8270952, CVE-2022-21277: Improve TIFF file handling
  - JDK-8271962: Better TrueType font loading
  - JDK-8271968: Better canonical naming
  - JDK-8271987: Manifest improved manifest entries
  - JDK-8272014, CVE-2022-21305: Better array indexing
  - JDK-8272026, CVE-2022-21340: Verify Jar Verification
  - JDK-8272236, CVE-2022-21341: Improve serial forms for transport
  - JDK-8272272: Enhance jcmd communication
  - JDK-8272462: Enhance image handling
  - JDK-8273290: Enhance sound handling
  - JDK-8273756, CVE-2022-21360: Enhance BMP image support
  - JDK-8273838, CVE-2022-21365: Enhanced BMP processing
  - JDK-8274096, CVE-2022-21366: Improve decoding of image files
  - JDK-8279541: Improve HarfBuzz

For more details, see the announcement:

https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011643.html
https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-February/012348.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/openjdk-bin/openjdk-bin.hash | 2 +-
 package/openjdk-bin/openjdk-bin.mk   | 2 +-
 package/openjdk/openjdk.hash         | 2 +-
 package/openjdk/openjdk.mk           | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/openjdk-bin/openjdk-bin.hash b/package/openjdk-bin/openjdk-bin.hash
index bbc939d4e8..082da7bf87 100644
--- a/package/openjdk-bin/openjdk-bin.hash
+++ b/package/openjdk-bin/openjdk-bin.hash
@@ -2,7 +2,7 @@
 sha256  6ea18c276dcbb8522feeebcfc3a4b5cb7c7e7368ba8590d3326c6c3efc5448b6  OpenJDK17U-jdk_x64_linux_hotspot_17.0.1_12.tar.gz
 
 # From https://github.com/adoptium/temurin11-binaries/releases
-sha256  3b1c0c34be4c894e64135a454f2d5aaa4bd10aea04ec2fa0c0efe6bb26528e30  OpenJDK11U-jdk_x64_linux_hotspot_11.0.13_8.tar.gz
+sha256  43fb84f8063ad9bf6b6d694a67b8f64c8827552b920ec5ce794dfe5602edffe7  OpenJDK11U-jdk_x64_linux_hotspot_11.0.14.1_1.tar.gz
 
 # Locally calculated
 sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  legal/java.prefs/LICENSE
diff --git a/package/openjdk-bin/openjdk-bin.mk b/package/openjdk-bin/openjdk-bin.mk
index 266c93d363..c9ddc9f69f 100644
--- a/package/openjdk-bin/openjdk-bin.mk
+++ b/package/openjdk-bin/openjdk-bin.mk
@@ -9,7 +9,7 @@ HOST_OPENJDK_BIN_VERSION_MAJOR = 17
 HOST_OPENJDK_BIN_VERSION_MINOR = 0.1_12
 else
 HOST_OPENJDK_BIN_VERSION_MAJOR = 11
-HOST_OPENJDK_BIN_VERSION_MINOR = 0.13_8
+HOST_OPENJDK_BIN_VERSION_MINOR = 0.14.1_1
 endif
 HOST_OPENJDK_BIN_VERSION = $(HOST_OPENJDK_BIN_VERSION_MAJOR).$(HOST_OPENJDK_BIN_VERSION_MINOR)
 HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_x64_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
diff --git a/package/openjdk/openjdk.hash b/package/openjdk/openjdk.hash
index 2f46b044ad..f8a4f15260 100644
--- a/package/openjdk/openjdk.hash
+++ b/package/openjdk/openjdk.hash
@@ -1,4 +1,4 @@
 # Locally computed
 sha256  8c076203a6f85ab916b3e54de1992bcbcc5ffe580c52b1ac8d52ca7afb9f02d1  openjdk-17.0.1+12.tar.gz
-sha256  119c6233fe7ff5670c590e2f9d6686ac4d80c97b17065506998b75c547b54f2c  openjdk-11.0.13+8.tar.gz
+sha256  0e859cc03378439023e17ee82aecee5a52265fb38906a8bebf16027aa2b2bcf5  openjdk-11.0.14.1+1.tar.gz
 sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  LICENSE
diff --git a/package/openjdk/openjdk.mk b/package/openjdk/openjdk.mk
index 5fccdaa7ac..94b8cba577 100644
--- a/package/openjdk/openjdk.mk
+++ b/package/openjdk/openjdk.mk
@@ -9,7 +9,7 @@ OPENJDK_VERSION_MAJOR = 17
 OPENJDK_VERSION_MINOR = 0.1+12
 else
 OPENJDK_VERSION_MAJOR = 11
-OPENJDK_VERSION_MINOR = 0.13+8
+OPENJDK_VERSION_MINOR = 0.14.1+1
 endif
 OPENJDK_VERSION = $(OPENJDK_VERSION_MAJOR).$(OPENJDK_VERSION_MINOR)
 OPENJDK_SITE = $(call github,openjdk,jdk$(OPENJDK_VERSION_MAJOR)u,jdk-$(OPENJDK_VERSION))
-- 
2.30.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8
  2022-04-19  7:39 [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
@ 2022-04-19  7:39 ` Peter Korsgaard
  2022-05-22 20:22   ` Peter Korsgaard
  2022-04-19 20:54 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Arnout Vandecappelle
  2022-05-22 20:22 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
  2 siblings, 1 reply; 8+ messages in thread
From: Peter Korsgaard @ 2022-04-19  7:39 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

Fixes the following security issues:

  - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
  - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
  - JDK-8268488: More valuable DerValues
  - JDK-8268494: Better inlining of inlined interfaces
  - JDK-8268512: More content for ContentInfo
  - JDK-8268813, CVE-2022-21283: Better String matching
  - JDK-8269151: Better construction of EncryptedPrivateKeyInfo
  - JDK-8269944: Better HTTP transport redux
  - JDK-8270386, CVE-2022-21291: Better verification of scan methods
  - JDK-8270392, CVE-2022-21293: Improve String constructions
  - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
  - JDK-8270492, CVE-2022-21282: Better resolution of URIs
  - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
  - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
  - JDK-8270952, CVE-2022-21277: Improve TIFF file handling
  - JDK-8271962: Better TrueType font loading
  - JDK-8271968: Better canonical naming
  - JDK-8271987: Manifest improved manifest entries
  - JDK-8272014, CVE-2022-21305: Better array indexing
  - JDK-8272026, CVE-2022-21340: Verify Jar Verification
  - JDK-8272236, CVE-2022-21341: Improve serial forms for transport
  - JDK-8272272: Enhance jcmd communication
  - JDK-8272462: Enhance image handling
  - JDK-8273290: Enhance sound handling
  - JDK-8273756, CVE-2022-21360: Enhance BMP image support
  - JDK-8273838, CVE-2022-21365: Enhanced BMP processing
  - JDK-8274096, CVE-2022-21366: Improve decoding of image files

For more details, see the announcement:

https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011709.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/openjdk-bin/openjdk-bin.hash | 2 +-
 package/openjdk-bin/openjdk-bin.mk   | 2 +-
 package/openjdk/openjdk.hash         | 2 +-
 package/openjdk/openjdk.mk           | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/openjdk-bin/openjdk-bin.hash b/package/openjdk-bin/openjdk-bin.hash
index 082da7bf87..62691ed6f0 100644
--- a/package/openjdk-bin/openjdk-bin.hash
+++ b/package/openjdk-bin/openjdk-bin.hash
@@ -1,5 +1,5 @@
 # https://github.com/adoptium/temurin17-binaries/releases
-sha256  6ea18c276dcbb8522feeebcfc3a4b5cb7c7e7368ba8590d3326c6c3efc5448b6  OpenJDK17U-jdk_x64_linux_hotspot_17.0.1_12.tar.gz
+sha256  288f34e3ba8a4838605636485d0365ce23e57d5f2f68997ac4c2e4c01967cd48  OpenJDK17U-jdk_x64_linux_hotspot_17.0.2_8.tar.gz
 
 # From https://github.com/adoptium/temurin11-binaries/releases
 sha256  43fb84f8063ad9bf6b6d694a67b8f64c8827552b920ec5ce794dfe5602edffe7  OpenJDK11U-jdk_x64_linux_hotspot_11.0.14.1_1.tar.gz
diff --git a/package/openjdk-bin/openjdk-bin.mk b/package/openjdk-bin/openjdk-bin.mk
index c9ddc9f69f..3d1ebd7429 100644
--- a/package/openjdk-bin/openjdk-bin.mk
+++ b/package/openjdk-bin/openjdk-bin.mk
@@ -6,7 +6,7 @@
 
 ifeq ($(BR2_PACKAGE_OPENJDK_VERSION_17),y)
 HOST_OPENJDK_BIN_VERSION_MAJOR = 17
-HOST_OPENJDK_BIN_VERSION_MINOR = 0.1_12
+HOST_OPENJDK_BIN_VERSION_MINOR = 0.2_8
 else
 HOST_OPENJDK_BIN_VERSION_MAJOR = 11
 HOST_OPENJDK_BIN_VERSION_MINOR = 0.14.1_1
diff --git a/package/openjdk/openjdk.hash b/package/openjdk/openjdk.hash
index f8a4f15260..293787792d 100644
--- a/package/openjdk/openjdk.hash
+++ b/package/openjdk/openjdk.hash
@@ -1,4 +1,4 @@
 # Locally computed
-sha256  8c076203a6f85ab916b3e54de1992bcbcc5ffe580c52b1ac8d52ca7afb9f02d1  openjdk-17.0.1+12.tar.gz
+sha256  2fdd23261526362d4aaf58323441d4c31d29de2e374ba94bbf2727a00adc0ea7  openjdk-17.0.2+8.tar.gz
 sha256  0e859cc03378439023e17ee82aecee5a52265fb38906a8bebf16027aa2b2bcf5  openjdk-11.0.14.1+1.tar.gz
 sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  LICENSE
diff --git a/package/openjdk/openjdk.mk b/package/openjdk/openjdk.mk
index 94b8cba577..42d52d57c4 100644
--- a/package/openjdk/openjdk.mk
+++ b/package/openjdk/openjdk.mk
@@ -6,7 +6,7 @@
 
 ifeq ($(BR2_PACKAGE_OPENJDK_VERSION_17),y)
 OPENJDK_VERSION_MAJOR = 17
-OPENJDK_VERSION_MINOR = 0.1+12
+OPENJDK_VERSION_MINOR = 0.2+8
 else
 OPENJDK_VERSION_MAJOR = 11
 OPENJDK_VERSION_MINOR = 0.14.1+1
-- 
2.30.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1
  2022-04-19  7:39 [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
  2022-04-19  7:39 ` [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Peter Korsgaard
@ 2022-04-19 20:54 ` Arnout Vandecappelle
  2022-04-25  8:16   ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64 Christian Ambach via buildroot
  2022-05-22 20:22 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
  2 siblings, 1 reply; 8+ messages in thread
From: Arnout Vandecappelle @ 2022-04-19 20:54 UTC (permalink / raw)
  To: Peter Korsgaard, buildroot; +Cc: Christian Ambach, Tudor Holton



On 19/04/2022 09:39, Peter Korsgaard wrote:
> Fixes the following security issues:
> 
>    - JDK-8217375: jarsigner breaks old signature with long lines in manifest
>    - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
>    - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
>    - JDK-8268488: More valuable DerValues
>    - JDK-8268494: Better inlining of inlined interfaces
>    - JDK-8268512: More content for ContentInfo
>    - JDK-8268795: Enhance digests of Jar files
>    - JDK-8268801: Improve PKCS attribute handling
>    - JDK-8268813, CVE-2022-21283: Better String matching
>    - JDK-8269151: Better construction of EncryptedPrivateKeyInfo
>    - JDK-8269944: Better HTTP transport redux
>    - JDK-8270386, CVE-2022-21291: Better verification of scan methods
>    - JDK-8270392, CVE-2022-21293: Improve String constructions
>    - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
>    - JDK-8270492, CVE-2022-21282: Better resolution of URIs
>    - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
>    - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
>    - JDK-8270952, CVE-2022-21277: Improve TIFF file handling
>    - JDK-8271962: Better TrueType font loading
>    - JDK-8271968: Better canonical naming
>    - JDK-8271987: Manifest improved manifest entries
>    - JDK-8272014, CVE-2022-21305: Better array indexing
>    - JDK-8272026, CVE-2022-21340: Verify Jar Verification
>    - JDK-8272236, CVE-2022-21341: Improve serial forms for transport
>    - JDK-8272272: Enhance jcmd communication
>    - JDK-8272462: Enhance image handling
>    - JDK-8273290: Enhance sound handling
>    - JDK-8273756, CVE-2022-21360: Enhance BMP image support
>    - JDK-8273838, CVE-2022-21365: Enhanced BMP processing
>    - JDK-8274096, CVE-2022-21366: Improve decoding of image files
>    - JDK-8279541: Improve HarfBuzz
> 
> For more details, see the announcement:
> 
> https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011643.html
> https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-February/012348.html
> 
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

  Applied to master, thanks.

  This also invalidates [1], care to send an update of it?

  Regards,
  Arnout

[1] 
https://patchwork.ozlabs.org/project/buildroot/patch/20220411070454.77482-1-ambi@samba.org/



> ---
>   package/openjdk-bin/openjdk-bin.hash | 2 +-
>   package/openjdk-bin/openjdk-bin.mk   | 2 +-
>   package/openjdk/openjdk.hash         | 2 +-
>   package/openjdk/openjdk.mk           | 2 +-
>   4 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/package/openjdk-bin/openjdk-bin.hash b/package/openjdk-bin/openjdk-bin.hash
> index bbc939d4e8..082da7bf87 100644
> --- a/package/openjdk-bin/openjdk-bin.hash
> +++ b/package/openjdk-bin/openjdk-bin.hash
> @@ -2,7 +2,7 @@
>   sha256  6ea18c276dcbb8522feeebcfc3a4b5cb7c7e7368ba8590d3326c6c3efc5448b6  OpenJDK17U-jdk_x64_linux_hotspot_17.0.1_12.tar.gz
>   
>   # From https://github.com/adoptium/temurin11-binaries/releases
> -sha256  3b1c0c34be4c894e64135a454f2d5aaa4bd10aea04ec2fa0c0efe6bb26528e30  OpenJDK11U-jdk_x64_linux_hotspot_11.0.13_8.tar.gz
> +sha256  43fb84f8063ad9bf6b6d694a67b8f64c8827552b920ec5ce794dfe5602edffe7  OpenJDK11U-jdk_x64_linux_hotspot_11.0.14.1_1.tar.gz
>   
>   # Locally calculated
>   sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  legal/java.prefs/LICENSE
> diff --git a/package/openjdk-bin/openjdk-bin.mk b/package/openjdk-bin/openjdk-bin.mk
> index 266c93d363..c9ddc9f69f 100644
> --- a/package/openjdk-bin/openjdk-bin.mk
> +++ b/package/openjdk-bin/openjdk-bin.mk
> @@ -9,7 +9,7 @@ HOST_OPENJDK_BIN_VERSION_MAJOR = 17
>   HOST_OPENJDK_BIN_VERSION_MINOR = 0.1_12
>   else
>   HOST_OPENJDK_BIN_VERSION_MAJOR = 11
> -HOST_OPENJDK_BIN_VERSION_MINOR = 0.13_8
> +HOST_OPENJDK_BIN_VERSION_MINOR = 0.14.1_1
>   endif
>   HOST_OPENJDK_BIN_VERSION = $(HOST_OPENJDK_BIN_VERSION_MAJOR).$(HOST_OPENJDK_BIN_VERSION_MINOR)
>   HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_x64_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
> diff --git a/package/openjdk/openjdk.hash b/package/openjdk/openjdk.hash
> index 2f46b044ad..f8a4f15260 100644
> --- a/package/openjdk/openjdk.hash
> +++ b/package/openjdk/openjdk.hash
> @@ -1,4 +1,4 @@
>   # Locally computed
>   sha256  8c076203a6f85ab916b3e54de1992bcbcc5ffe580c52b1ac8d52ca7afb9f02d1  openjdk-17.0.1+12.tar.gz
> -sha256  119c6233fe7ff5670c590e2f9d6686ac4d80c97b17065506998b75c547b54f2c  openjdk-11.0.13+8.tar.gz
> +sha256  0e859cc03378439023e17ee82aecee5a52265fb38906a8bebf16027aa2b2bcf5  openjdk-11.0.14.1+1.tar.gz
>   sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  LICENSE
> diff --git a/package/openjdk/openjdk.mk b/package/openjdk/openjdk.mk
> index 5fccdaa7ac..94b8cba577 100644
> --- a/package/openjdk/openjdk.mk
> +++ b/package/openjdk/openjdk.mk
> @@ -9,7 +9,7 @@ OPENJDK_VERSION_MAJOR = 17
>   OPENJDK_VERSION_MINOR = 0.1+12
>   else
>   OPENJDK_VERSION_MAJOR = 11
> -OPENJDK_VERSION_MINOR = 0.13+8
> +OPENJDK_VERSION_MINOR = 0.14.1+1
>   endif
>   OPENJDK_VERSION = $(OPENJDK_VERSION_MAJOR).$(OPENJDK_VERSION_MINOR)
>   OPENJDK_SITE = $(call github,openjdk,jdk$(OPENJDK_VERSION_MAJOR)u,jdk-$(OPENJDK_VERSION))
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64
  2022-04-19 20:54 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Arnout Vandecappelle
@ 2022-04-25  8:16   ` Christian Ambach via buildroot
  2022-04-25  8:16     ` [Buildroot] [PATCH 2/2] package/openjdk: enable " Christian Ambach via buildroot
  2022-04-27 17:17     ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support " Arnout Vandecappelle
  0 siblings, 2 replies; 8+ messages in thread
From: Christian Ambach via buildroot @ 2022-04-25  8:16 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

From: Christian Ambach <ambi@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
---
 package/openjdk-bin/openjdk-bin.hash |  2 ++
 package/openjdk-bin/openjdk-bin.mk   | 10 +++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/package/openjdk-bin/openjdk-bin.hash b/package/openjdk-bin/openjdk-bin.hash
index 62691ed6f0..4d3942125f 100644
--- a/package/openjdk-bin/openjdk-bin.hash
+++ b/package/openjdk-bin/openjdk-bin.hash
@@ -1,8 +1,10 @@
 # https://github.com/adoptium/temurin17-binaries/releases
 sha256  288f34e3ba8a4838605636485d0365ce23e57d5f2f68997ac4c2e4c01967cd48  OpenJDK17U-jdk_x64_linux_hotspot_17.0.2_8.tar.gz
+sha256  302caf29f73481b2b914ba2b89705036010c65eb9bc8d7712b27d6e9bedf6200  OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.2_8.tar.gz
 
 # From https://github.com/adoptium/temurin11-binaries/releases
 sha256  43fb84f8063ad9bf6b6d694a67b8f64c8827552b920ec5ce794dfe5602edffe7  OpenJDK11U-jdk_x64_linux_hotspot_11.0.14.1_1.tar.gz
+sha256  79572f5172c6a040591d34632f98a20ed148702bbce2f57649e8ac01c0d2e3db  OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.14.1_1.tar.gz
 
 # Locally calculated
 sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  legal/java.prefs/LICENSE
diff --git a/package/openjdk-bin/openjdk-bin.mk b/package/openjdk-bin/openjdk-bin.mk
index 3d1ebd7429..5cb6e3ba6a 100644
--- a/package/openjdk-bin/openjdk-bin.mk
+++ b/package/openjdk-bin/openjdk-bin.mk
@@ -11,8 +11,16 @@ else
 HOST_OPENJDK_BIN_VERSION_MAJOR = 11
 HOST_OPENJDK_BIN_VERSION_MINOR = 0.14.1_1
 endif
+
+ifeq ($(HOSTARCH),x86_64)
+HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME = x64
+endif
+ifeq ($(HOSTARCH),aarch64)
+HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME = aarch64
+endif
+
 HOST_OPENJDK_BIN_VERSION = $(HOST_OPENJDK_BIN_VERSION_MAJOR).$(HOST_OPENJDK_BIN_VERSION_MINOR)
-HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_x64_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
+HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_$(HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME)_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
 HOST_OPENJDK_BIN_SITE = https://github.com/adoptium/temurin$(HOST_OPENJDK_BIN_VERSION_MAJOR)-binaries/releases/download/jdk-$(subst _,%2B,$(HOST_OPENJDK_BIN_VERSION))
 
 HOST_OPENJDK_BIN_LICENSE = GPL-2.0+ with exception
-- 
2.25.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 2/2] package/openjdk: enable for host architecture aarch64
  2022-04-25  8:16   ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64 Christian Ambach via buildroot
@ 2022-04-25  8:16     ` Christian Ambach via buildroot
  2022-04-27 17:17     ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support " Arnout Vandecappelle
  1 sibling, 0 replies; 8+ messages in thread
From: Christian Ambach via buildroot @ 2022-04-25  8:16 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

From: Christian Ambach <ambi@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
---
 package/openjdk/Config.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/openjdk/Config.in b/package/openjdk/Config.in
index 8b7fd4653e..8fbe51a27f 100644
--- a/package/openjdk/Config.in
+++ b/package/openjdk/Config.in
@@ -1,6 +1,7 @@
 config BR2_PACKAGE_HOST_OPENJDK_BIN_ARCH_SUPPORTS
 	bool
 	default y if BR2_HOSTARCH = "x86_64"
+	default y if BR2_HOSTARCH = "aarch64"
 
 # Taken from make/autoconf/platform.m4
 config BR2_PACKAGE_OPENJDK_ARCH_SUPPORTS
-- 
2.25.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64
  2022-04-25  8:16   ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64 Christian Ambach via buildroot
  2022-04-25  8:16     ` [Buildroot] [PATCH 2/2] package/openjdk: enable " Christian Ambach via buildroot
@ 2022-04-27 17:17     ` Arnout Vandecappelle
  1 sibling, 0 replies; 8+ messages in thread
From: Arnout Vandecappelle @ 2022-04-27 17:17 UTC (permalink / raw)
  To: ambi, buildroot; +Cc: Tudor Holton



On 25/04/2022 10:16, ambi@samba.org wrote:
> From: Christian Ambach <ambi@samba.org>
> 
> Signed-off-by: Christian Ambach <ambi@samba.org>

  Applied both to master, thanks.

  Regards,
  Arnout

> ---
>   package/openjdk-bin/openjdk-bin.hash |  2 ++
>   package/openjdk-bin/openjdk-bin.mk   | 10 +++++++++-
>   2 files changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/package/openjdk-bin/openjdk-bin.hash b/package/openjdk-bin/openjdk-bin.hash
> index 62691ed6f0..4d3942125f 100644
> --- a/package/openjdk-bin/openjdk-bin.hash
> +++ b/package/openjdk-bin/openjdk-bin.hash
> @@ -1,8 +1,10 @@
>   # https://github.com/adoptium/temurin17-binaries/releases
>   sha256  288f34e3ba8a4838605636485d0365ce23e57d5f2f68997ac4c2e4c01967cd48  OpenJDK17U-jdk_x64_linux_hotspot_17.0.2_8.tar.gz
> +sha256  302caf29f73481b2b914ba2b89705036010c65eb9bc8d7712b27d6e9bedf6200  OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.2_8.tar.gz
>   
>   # From https://github.com/adoptium/temurin11-binaries/releases
>   sha256  43fb84f8063ad9bf6b6d694a67b8f64c8827552b920ec5ce794dfe5602edffe7  OpenJDK11U-jdk_x64_linux_hotspot_11.0.14.1_1.tar.gz
> +sha256  79572f5172c6a040591d34632f98a20ed148702bbce2f57649e8ac01c0d2e3db  OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.14.1_1.tar.gz
>   
>   # Locally calculated
>   sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  legal/java.prefs/LICENSE
> diff --git a/package/openjdk-bin/openjdk-bin.mk b/package/openjdk-bin/openjdk-bin.mk
> index 3d1ebd7429..5cb6e3ba6a 100644
> --- a/package/openjdk-bin/openjdk-bin.mk
> +++ b/package/openjdk-bin/openjdk-bin.mk
> @@ -11,8 +11,16 @@ else
>   HOST_OPENJDK_BIN_VERSION_MAJOR = 11
>   HOST_OPENJDK_BIN_VERSION_MINOR = 0.14.1_1
>   endif
> +
> +ifeq ($(HOSTARCH),x86_64)
> +HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME = x64
> +endif
> +ifeq ($(HOSTARCH),aarch64)
> +HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME = aarch64
> +endif
> +
>   HOST_OPENJDK_BIN_VERSION = $(HOST_OPENJDK_BIN_VERSION_MAJOR).$(HOST_OPENJDK_BIN_VERSION_MINOR)
> -HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_x64_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
> +HOST_OPENJDK_BIN_SOURCE = OpenJDK$(HOST_OPENJDK_BIN_VERSION_MAJOR)U-jdk_$(HOST_OPENJDK_BIN_DOWNLOAD_ARCH_NAME)_linux_hotspot_$(HOST_OPENJDK_BIN_VERSION).tar.gz
>   HOST_OPENJDK_BIN_SITE = https://github.com/adoptium/temurin$(HOST_OPENJDK_BIN_VERSION_MAJOR)-binaries/releases/download/jdk-$(subst _,%2B,$(HOST_OPENJDK_BIN_VERSION))
>   
>   HOST_OPENJDK_BIN_LICENSE = GPL-2.0+ with exception
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1
  2022-04-19  7:39 [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
  2022-04-19  7:39 ` [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Peter Korsgaard
  2022-04-19 20:54 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Arnout Vandecappelle
@ 2022-05-22 20:22 ` Peter Korsgaard
  2 siblings, 0 replies; 8+ messages in thread
From: Peter Korsgaard @ 2022-05-22 20:22 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:

 > Fixes the following security issues:
 >   - JDK-8217375: jarsigner breaks old signature with long lines in manifest
 >   - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
 >   - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
 >   - JDK-8268488: More valuable DerValues
 >   - JDK-8268494: Better inlining of inlined interfaces
 >   - JDK-8268512: More content for ContentInfo
 >   - JDK-8268795: Enhance digests of Jar files
 >   - JDK-8268801: Improve PKCS attribute handling
 >   - JDK-8268813, CVE-2022-21283: Better String matching
 >   - JDK-8269151: Better construction of EncryptedPrivateKeyInfo
 >   - JDK-8269944: Better HTTP transport redux
 >   - JDK-8270386, CVE-2022-21291: Better verification of scan methods
 >   - JDK-8270392, CVE-2022-21293: Improve String constructions
 >   - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
 >   - JDK-8270492, CVE-2022-21282: Better resolution of URIs
 >   - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
 >   - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
 >   - JDK-8270952, CVE-2022-21277: Improve TIFF file handling
 >   - JDK-8271962: Better TrueType font loading
 >   - JDK-8271968: Better canonical naming
 >   - JDK-8271987: Manifest improved manifest entries
 >   - JDK-8272014, CVE-2022-21305: Better array indexing
 >   - JDK-8272026, CVE-2022-21340: Verify Jar Verification
 >   - JDK-8272236, CVE-2022-21341: Improve serial forms for transport
 >   - JDK-8272272: Enhance jcmd communication
 >   - JDK-8272462: Enhance image handling
 >   - JDK-8273290: Enhance sound handling
 >   - JDK-8273756, CVE-2022-21360: Enhance BMP image support
 >   - JDK-8273838, CVE-2022-21365: Enhanced BMP processing
 >   - JDK-8274096, CVE-2022-21366: Improve decoding of image files
 >   - JDK-8279541: Improve HarfBuzz

 > For more details, see the announcement:

 > https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011643.html
 > https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-February/012348.html

 > Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Committed to 2022.02.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8
  2022-04-19  7:39 ` [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Peter Korsgaard
@ 2022-05-22 20:22   ` Peter Korsgaard
  0 siblings, 0 replies; 8+ messages in thread
From: Peter Korsgaard @ 2022-05-22 20:22 UTC (permalink / raw)
  To: buildroot; +Cc: Tudor Holton

>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:

 > Fixes the following security issues:
 >   - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
 >   - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
 >   - JDK-8268488: More valuable DerValues
 >   - JDK-8268494: Better inlining of inlined interfaces
 >   - JDK-8268512: More content for ContentInfo
 >   - JDK-8268813, CVE-2022-21283: Better String matching
 >   - JDK-8269151: Better construction of EncryptedPrivateKeyInfo
 >   - JDK-8269944: Better HTTP transport redux
 >   - JDK-8270386, CVE-2022-21291: Better verification of scan methods
 >   - JDK-8270392, CVE-2022-21293: Improve String constructions
 >   - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
 >   - JDK-8270492, CVE-2022-21282: Better resolution of URIs
 >   - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
 >   - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
 >   - JDK-8270952, CVE-2022-21277: Improve TIFF file handling
 >   - JDK-8271962: Better TrueType font loading
 >   - JDK-8271968: Better canonical naming
 >   - JDK-8271987: Manifest improved manifest entries
 >   - JDK-8272014, CVE-2022-21305: Better array indexing
 >   - JDK-8272026, CVE-2022-21340: Verify Jar Verification
 >   - JDK-8272236, CVE-2022-21341: Improve serial forms for transport
 >   - JDK-8272272: Enhance jcmd communication
 >   - JDK-8272462: Enhance image handling
 >   - JDK-8273290: Enhance sound handling
 >   - JDK-8273756, CVE-2022-21360: Enhance BMP image support
 >   - JDK-8273838, CVE-2022-21365: Enhanced BMP processing
 >   - JDK-8274096, CVE-2022-21366: Improve decoding of image files

 > For more details, see the announcement:

 > https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011709.html

 > Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Committed to 2022.02.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2022-05-22 20:23 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-19  7:39 [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard
2022-04-19  7:39 ` [Buildroot] [PATCH 2/2] package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Peter Korsgaard
2022-05-22 20:22   ` Peter Korsgaard
2022-04-19 20:54 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Arnout Vandecappelle
2022-04-25  8:16   ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support for host architecture aarch64 Christian Ambach via buildroot
2022-04-25  8:16     ` [Buildroot] [PATCH 2/2] package/openjdk: enable " Christian Ambach via buildroot
2022-04-27 17:17     ` [Buildroot] [PATCH 1/2] package/openjdk-bin: add support " Arnout Vandecappelle
2022-05-22 20:22 ` [Buildroot] [PATCH 1/2] package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.