* [PATCH 0/2] Icedtea security updates
@ 2016-01-28 13:51 Leo Famulari
2016-01-28 13:51 ` [PATCH 1/2] gnu: icedtea-6: Update to 1.13.10 Leo Famulari
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Leo Famulari @ 2016-01-28 13:51 UTC (permalink / raw)
To: guix-devel
These patches update icedtea-6 and icedtea-7 to versions 1.13.10 [0] and
2.6.4 [1], respectively.
For icedtea-6, this fixes CVE-2015-{8126, 8472} and CVE-2016-{0402,
0448, 0466, 0483, 0494}.
For icedtea-7, this fixes Fixes CVE-2015-{7575, 8126, 8472} and
CVE-2016-{0402, 0448, 0466, 0483, 0494}.
The list of vulnerabilities addressed by each update is taken from [0]
and [1].
[0]
http://blog.fuseyism.com/index.php/2016/01/25/security-icedtea-1-13-10-for-openjdk-6-released/
[1]
http://blog.fuseyism.com/index.php/2016/01/21/security-icedtea-2-6-4-for-openjdk-7-released/
Leo Famulari (2):
gnu: icedtea-6: Update to 1.13.10.
gnu: icedtea-7: Update to 2.6.4.
gnu/packages/java.scm | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
--
2.6.3
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] gnu: icedtea-6: Update to 1.13.10.
2016-01-28 13:51 [PATCH 0/2] Icedtea security updates Leo Famulari
@ 2016-01-28 13:51 ` Leo Famulari
2016-01-28 13:51 ` [PATCH 2/2] gnu: icedtea-7: Update to 2.6.4 Leo Famulari
2016-01-28 14:08 ` [PATCH 0/2] Icedtea security updates Ricardo Wurmus
2 siblings, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2016-01-28 13:51 UTC (permalink / raw)
To: guix-devel
Fixes CVE-2015-{8126, 8472} and CVE-2016-{0402, 0448, 0466, 0483, 0494}.
* gnu/packages/java.scm (icedtea-6): Update to 1.13.10.
---
gnu/packages/java.scm | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index 3a5b1e1..f82971b 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -187,7 +188,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
(define-public icedtea-6
(package
(name "icedtea")
- (version "1.13.9")
+ (version "1.13.10")
(source (origin
(method url-fetch)
(uri (string-append
@@ -195,7 +196,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
version ".tar.xz"))
(sha256
(base32
- "0rf95gsyr849b0nxhc7i0k5pr2iz8a922kg288x7jbgws0pgpq31"))
+ "1mq08sfyfjlfw0c1czjs47303zv4h91s1jc0nhdlra4rbbx0g2d0"))
(modules '((guix build utils)))
(snippet
'(substitute* "Makefile.in"
@@ -558,10 +559,10 @@ build process and its dependencies, whereas Make uses Makefile format.")
("openjdk6-src"
,(origin
(method url-fetch)
- (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b37-11_nov_2015.tar.gz")
+ (uri "https://java.net/downloads/openjdk6/openjdk-6-src-b38-20_jan_2016.tar.gz")
(sha256
(base32
- "0iqzvx1zmrfhxrp3z9h7bh95c2rmclrhiszmsqwkjb2gngbs29j5"))))
+ "1fapj9w4ahzf5nwvdgi1dsxjyh9dqbcvf9638r60h1by13wjqk5p"))))
("lcms" ,lcms)
("zlib" ,zlib)
("gtk" ,gtk+-2)
--
2.6.3
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] gnu: icedtea-7: Update to 2.6.4.
2016-01-28 13:51 [PATCH 0/2] Icedtea security updates Leo Famulari
2016-01-28 13:51 ` [PATCH 1/2] gnu: icedtea-6: Update to 1.13.10 Leo Famulari
@ 2016-01-28 13:51 ` Leo Famulari
2016-01-28 14:08 ` [PATCH 0/2] Icedtea security updates Ricardo Wurmus
2 siblings, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2016-01-28 13:51 UTC (permalink / raw)
To: guix-devel
Fixes CVE-2015-{7575, 8126, 8472} and CVE-2016-{0402, 0448, 0466, 0483,
0494}.
* gnu/packages/java.scm (icedtea-7): Update to 2.6.4.
---
gnu/packages/java.scm | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index f82971b..ee987fc 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -578,7 +578,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
(license license:gpl2+)))
(define-public icedtea-7
- (let* ((version "2.6.3")
+ (let* ((version "2.6.4")
(drop (lambda (name hash)
(origin
(method url-fetch)
@@ -595,7 +595,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
version ".tar.xz"))
(sha256
(base32
- "04n6ac7rca98q68ifja1nmf3icigqgs75k4x12p3n3yknh8alf6z"))
+ "0r31h8nlsrbfdkgbjbb7phwgcwglc9siznzrr40lqnm9xrgkc2nj"))
(modules '((guix build utils)))
(snippet
'(substitute* "Makefile.in"
@@ -720,25 +720,25 @@ build process and its dependencies, whereas Make uses Makefile format.")
(native-inputs
`(("openjdk-src"
,(drop "openjdk"
- "0vflz0hhq4arykvvmsv3yas4yk9i0jm57287iqvs3a4832xjcpcy"))
+ "1qjjf71nq80ac2d08hbaa8589d31vk313z3rkirnwq5df8cyf0mv"))
("corba-drop"
,(drop "corba"
- "1ijy8gkvnvzjnk7x7fypggfapdswd0ha7b8q90vs72lhf0yawlhh"))
+ "025warxhjal3nr7w1xyd16k0f32fwkchifpaslzyidsga3hgmfr6"))
("jaxp-drop"
,(drop "jaxp"
- "0sw0a49xmzqrffvlg7mvvlicn2yz5r4swv3l19b0269p0yy7isd0"))
+ "0qiz6swb78w9c0mf88pf0gflgm5rp9k0l6fv6sdl7dki691b0z09"))
("jaxws-drop"
,(drop "jaxws"
- "07nwmpji734fnvb4n3g2cj1fl4mskmg26ksdw3rpvb38wf97v2am"))
+ "18fz4gl4fdlcmqvh1mlpd9h0gj0qizpfa7njkax97aysmsm08xns"))
("jdk-drop"
,(drop "jdk"
- "1x89l6rj20rzkalizpy74q4nlnskrvr39nvl2i95isajkda9hf2q"))
+ "0qsx5d9pgwlz9vbpapw4jwpajqc6rwk1150cjb33i4n3z709jccx"))
("langtools-drop"
,(drop "langtools"
- "0zpjkpl294aw4nai35fh4lcxyv3vx0q0hnxchjcb2iz0hkgicizi"))
+ "1k6plx96smf86z303gb30hncssa8f40qdryzsdv349iwqwacxc7r"))
("hotspot-drop"
,(drop "hotspot"
- "03pggsrhkzpjnj939vhr3b7mcrhfp22b7yg3hkx52kcv8dqkg3yx"))
+ "0r9ffzyf5vxs8wg732szqcil0ksc8lcxzihdv3viz7d67dy42irp"))
,@(fold alist-delete (package-native-inputs icedtea-6)
'("openjdk6-src")))))))
--
2.6.3
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] Icedtea security updates
2016-01-28 13:51 [PATCH 0/2] Icedtea security updates Leo Famulari
2016-01-28 13:51 ` [PATCH 1/2] gnu: icedtea-6: Update to 1.13.10 Leo Famulari
2016-01-28 13:51 ` [PATCH 2/2] gnu: icedtea-7: Update to 2.6.4 Leo Famulari
@ 2016-01-28 14:08 ` Ricardo Wurmus
2 siblings, 0 replies; 4+ messages in thread
From: Ricardo Wurmus @ 2016-01-28 14:08 UTC (permalink / raw)
To: Leo Famulari; +Cc: guix-devel
Leo Famulari <leo@famulari.name> writes:
> These patches update icedtea-6 and icedtea-7 to versions 1.13.10 [0] and
> 2.6.4 [1], respectively.
Thanks! If both of these packages still build it’s okay to push the
commits.
~~ Ricardo
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-01-28 14:08 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-28 13:51 [PATCH 0/2] Icedtea security updates Leo Famulari
2016-01-28 13:51 ` [PATCH 1/2] gnu: icedtea-6: Update to 1.13.10 Leo Famulari
2016-01-28 13:51 ` [PATCH 2/2] gnu: icedtea-7: Update to 2.6.4 Leo Famulari
2016-01-28 14:08 ` [PATCH 0/2] Icedtea security updates Ricardo Wurmus
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.