From ffc35c17c62b590df0408ffe82a352957bf82c87 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 23 Jan 2018 21:26:53 +0000 Subject: dev-java/oracle-jdk-bin: Remove vulnerable 1.8.0.152-r1 Bug: https://bugs.gentoo.org/645268 Package-Manager: Portage-2.3.20, Repoman-2.3.6 --- dev-java/oracle-jdk-bin/Manifest | 14 - .../oracle-jdk-bin-1.8.0.152-r1.ebuild | 334 --------------------- 2 files changed, 348 deletions(-) delete mode 100644 dev-java/oracle-jdk-bin/oracle-jdk-bin-1.8.0.152-r1.ebuild diff --git a/dev-java/oracle-jdk-bin/Manifest b/dev-java/oracle-jdk-bin/Manifest index ed3b86fb08bc..5db1a7fbdecd 100644 --- a/dev-java/oracle-jdk-bin/Manifest +++ b/dev-java/oracle-jdk-bin/Manifest @@ -1,17 +1,3 @@ -DIST jdk-8u152-linux-arm32-vfp-hflt-demos.tar.gz 10405226 BLAKE2B 07abee47a2911e2f98220e3152be1d037931c1afa36bd95d197e8fa611a8dd3a9e9755afbf9b348497ac93471cbfe43348f9d72bc719714746c22eb5c4785d6c SHA512 774b1957142ca489e362ef6ab48ce152196b64c00d779d051f76421fdf4a52cd7a741cfe3336b02c05f432fd2cb95728cdfd992f4ea3fee56047b40e7ce95053 -DIST jdk-8u152-linux-arm32-vfp-hflt.tar.gz 81729798 BLAKE2B 794f20dd05088aea228365b8e27af4475e90bc0d905bfc600651ffbe11cb92d1ebaa212f0e700572d0016eec952373c0f0b7463073205324d81b22ea0538e491 SHA512 c548c18e2e2c9e2c87ad24841348b676628a33023a70aa0a5dab56d031c1d9c7a4813240a046db96631025d034ed333fec81c8099f02a7c9efd39fecd4592e32 -DIST jdk-8u152-linux-arm64-vfp-hflt-demos.tar.gz 10434504 BLAKE2B 895b99311add1b91a1436af52e8a36c2c29ca21df5ac1c44046a2aa963fa04035b3601485cc7d10fdd671db2dc5da666960af2f21a2faa4cded05850a92dc3f4 SHA512 c41cb3f8394f98516e7dce52d8aaaea87d0e1675560292009eba0b4b3e993d1aaef7a7895dd83af2570486af6ca8913f280940d5f7e0051c3cc198a6387d9cd7 -DIST jdk-8u152-linux-arm64-vfp-hflt.tar.gz 78513081 BLAKE2B 4c3fcbff1ede3b79aedcfbe44fcc3387dbc3a76e6d912ce7f6b312eb85e4e8e9c7dbf961790a2ebfcff7690d48f1b04fc8447b136ff28514933b3481f0fcb7ad SHA512 fe35360a9ffa73e9745360560db6a5dee9665d31801ea58bd8be676588c93955f47077dbcb5a415c0074f9759a9cace77916e3b322c572b4d3b23a1d99f16578 -DIST jdk-8u152-linux-i586-demos.tar.gz 55096721 BLAKE2B 22a890eb6a392817138412973d3494f4fc993bdb599d04dbd458e56939cb271424ee5e9c19458f840b05d271baf867fb392fb6f69a60b473f50f7f933d8cfe03 SHA512 44776eafd70306a392fae5cf269036d7500c7cbaee13a9fcda14b9f7191376dbfcbb03262693e3114a08f5d4ff27ede1ef570fa6008c9ef71ab3b24d44f9ad2c -DIST jdk-8u152-linux-i586.tar.gz 192699649 BLAKE2B d6a4f5528ef5659d280e2dce954abb96672fb2228c520830ed514b475eee5f9d53e503b96919c087db5f7f3578d515aadb20b2682c7defede2121091d6c5882b SHA512 6b7576ec40b0ddd0a54fbcd61c22b95f472192be5855d143387f1b56220dd68e851a8b87894802c181b1039c14f5a278d950f100c4bd10b862fe4049d9294ce2 -DIST jdk-8u152-linux-x64-demos.tar.gz 55162003 BLAKE2B 5658107413e2de4887b65eea85bde84e5b8adae8d5f4d048574eb7cbbc0a0ded5b9d89ac6e2f88276116758bedd837c984ea265a0efee20e2310a08f31b473cb SHA512 51303580a702c1fd1227d8f57c546b6e11de6a87d3ba32123a3e001688c5ff308efa1feaa6da8d2bcff8143fa61726ba9e4aec959a70e82817d628480b0a576f -DIST jdk-8u152-linux-x64.tar.gz 189784266 BLAKE2B 64867e595da97e5e447df49f7d7c84d3fc1786ec30d348c5e0122bea17e21db8da16fb612b86758056ff4796c7efe823bc6fb50561804a9c3d237b385518977b SHA512 b0851d46bf0385b7595f8d60da0f06ccdcd59aac75efa9b48635ba77a3e4eb557cbda5585fa5886787a0e549d9e5cfa4a992741349cfc224b36f180907838321 -DIST jdk-8u152-macosx-x64.dmg 259130998 BLAKE2B 60908860a4510150b7cb44ae54dd93f68f32c31c9013bdd37a5622b528299c1be3bf6f36d4e0c17df25f363dfbc123e609fba632135b9b78367940ae36bf959b SHA512 9b3b8ea5119a2f5d3e221244ec07e6da6405041a65fec6299643133a89434d44719e4ccea35498749c00bc400c125dae7a1f4f41fc44d0d6748235bf92601eb8 -DIST jdk-8u152-macosx-x86_64-demos.zip 55705509 BLAKE2B df58db3779c412076a070fdfaac10a13d03fc5c449410a6257b767cca8907149d8d0562c949a1dd1e4ef3bfbb3319d15b4d0842276fdfd8d2c3befe90cdc17a8 SHA512 5b17f84aeda22a145d8171c8789a8fa1127d1e9b3b6acabdc9e2ad42e4ac5b8c95f2afc0e1736096bec246ca87a22908a5ede492fde34a081984a02382c19ac3 -DIST jdk-8u152-solaris-sparcv9-demos.tar.gz 9769313 BLAKE2B a811ceae2a7ee8d6081b0bd594058986985d953b5895935bde8c305e7b6ebfdaab76a53f09cae414f4e16cd445dce199fd318e0b08d67b6183dfe2ae4ca27015 SHA512 32e35cb2b3f9e3cb5b5d77a84612fe37f90879e7eb38578af6a922157f12878d1b5f893a3119df055facf7457a5516f502a7da5cb93fa3d5614fdf1f855ecfb8 -DIST jdk-8u152-solaris-sparcv9.tar.gz 104117809 BLAKE2B 1dc8e1297594bdd84186d4422dfc8fff94a78e0316f8873920c79342e7d0ab504794296622f0357acf137a3170f263acd0b2c1dd7179e50ff538b5648abf5a4b SHA512 9b87d11325e22bfb5f8e852ef4dcd182f091dcedfe71e5b19cc5a7d82f9f7ccb060b53512bc938d0e617648a8aa766bb722690751521b9a2cc3820507342548d -DIST jdk-8u152-solaris-x64-demos.tar.gz 9756596 BLAKE2B 4a5ca101e20d1693eaca23120bc3244412276d51dcf7700dd5142b9d23b90a7ff0d3599dce7862e38a183ea9e1ea67afbc075bdfe84908811bec700a928f46f6 SHA512 1aeaf732ad3956ede4baa005f34024750e03919ef81b608229a3df556b47db1255ce027e4278891644433db0c360225a3e81e9a547d298a4b958beb8691f8ff2 -DIST jdk-8u152-solaris-x64.tar.gz 101758540 BLAKE2B 18b04a0eebc618148bdb215d4ca286fce141fb91dc9c0f05de2520eb073a819161af7a1533b3ecdab9961080ad52acd523b771c23a8a3da8797f0adaf974164e SHA512 4dd9606be347a61a03c0f670915c4e790d4f5eef80a67922342b539dcae7132b3157df04cd33e5f72fdc7e6fcb43e21b3b387e2da159cdfea0feb01183c68aa0 DIST jdk-8u162-linux-arm32-vfp-hflt-demos.tar.gz 10432598 BLAKE2B 49e8ac44c52b41851ccc96d41f77eddc92304e0ebb7b62da6bf393d73aadbd94e67d92b87bd13f7a2ccdedfbc0fc7c6ef7dd5cd2595860ee8d1776dad308e341 SHA512 00576347ec158f4f996db1aface6067b7df99a9e125bb2c22980b11ab84660cd2a3997d9519db3302fa31cbaaf98c01c5b3967b51daa5469926ca48037ef60e0 DIST jdk-8u162-linux-arm32-vfp-hflt.tar.gz 81719419 BLAKE2B be6bd2ec7114e313e6abbd040aa9b29fe415cc15ce93b5c6fa350b0964faa7a1a3c0882c303596156065f9ea79a08bf8542757c5a8a16170d31f9cee5d7dd426 SHA512 86b835c388010f2bafd05114813ab84b4cd13334244891e9a65ae140fb65c9ad4436380043255fab36d44a91df9210ffe0858d89e48fc4efe2e460ae62928134 DIST jdk-8u162-linux-arm64-vfp-hflt-demos.tar.gz 10434399 BLAKE2B 528476df75ec63acbe66dc58aad87e21633f34407e147352d048e76cc48c34afccf3d407229dd95ebd51bf2b5864d5b2626ddbd4a6b0d07142ce290fad58e786 SHA512 4ac7f4485c7290321221874fcac695cc47199e7ef76a0270a2d4b381bf42311a2d3dc0d325c1a50cbc0e79a82f9b876f5481a717425a7919d53e97b11d3f0a29 diff --git a/dev-java/oracle-jdk-bin/oracle-jdk-bin-1.8.0.152-r1.ebuild b/dev-java/oracle-jdk-bin/oracle-jdk-bin-1.8.0.152-r1.ebuild deleted file mode 100644 index 96e7ab522852..000000000000 --- a/dev-java/oracle-jdk-bin/oracle-jdk-bin-1.8.0.152-r1.ebuild +++ /dev/null @@ -1,334 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit eutils java-vm-2 prefix versionator - -# This URI needs to be updated when bumping! -JDK_URI="http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html" - -# This is a list of archs supported by this update. -# Currently arm comes and goes. -AT_AVAILABLE=( amd64 arm arm64 x86 x64-solaris sparc64-solaris x64-macos ) - -# Sometimes some or all of the demos are missing, this is to not have to rewrite half -# the ebuild when it happens. -DEMOS_AVAILABLE=( amd64 arm arm64 x86 x64-solaris sparc64-solaris x64-macos ) - -if [[ "$(get_version_component_range 4)" == 0 ]] ; then - S_PV="$(get_version_component_range 1-3)" -else - MY_PV_EXT="u$(get_version_component_range 4)" - S_PV="$(get_version_component_range 1-4)" -fi - -MY_PV="$(get_version_component_range 2)${MY_PV_EXT}" - -AT_amd64="jdk-${MY_PV}-linux-x64.tar.gz" -AT_arm="jdk-${MY_PV}-linux-arm32-vfp-hflt.tar.gz" -AT_arm64="jdk-${MY_PV}-linux-arm64-vfp-hflt.tar.gz" -AT_x86="jdk-${MY_PV}-linux-i586.tar.gz" -AT_x64_solaris="jdk-${MY_PV}-solaris-x64.tar.gz" -AT_sparc64_solaris="${AT_sparc_solaris} jdk-${MY_PV}-solaris-sparcv9.tar.gz" -AT_x64_macos="jdk-${MY_PV}-macosx-x64.dmg" - -DEMOS_amd64="jdk-${MY_PV}-linux-x64-demos.tar.gz" -DEMOS_arm="jdk-${MY_PV}-linux-arm32-vfp-hflt-demos.tar.gz" -DEMOS_arm64="jdk-${MY_PV}-linux-arm64-vfp-hflt-demos.tar.gz" -DEMOS_x86="jdk-${MY_PV}-linux-i586-demos.tar.gz" -DEMOS_x64_solaris="jdk-${MY_PV}-solaris-x64-demos.tar.gz" -DEMOS_sparc64_solaris="jdk-${MY_PV}-solaris-sparcv9-demos.tar.gz" -DEMOS_x64_macos="jdk-${MY_PV}-macosx-x86_64-demos.zip" - -DESCRIPTION="Oracle's Java SE Development Kit" -HOMEPAGE="http://www.oracle.com/technetwork/java/javase/" -for d in "${AT_AVAILABLE[@]}"; do - SRC_URI+=" ${d}? ( $(eval "echo \${$(echo AT_${d/-/_})}")" - if has ${d} "${DEMOS_AVAILABLE[@]}"; then - SRC_URI+=" examples? ( $(eval "echo \${$(echo DEMOS_${d/-/_})}") )" - fi - SRC_URI+=" )" -done -unset d - -LICENSE="Oracle-BCLA-JavaSE examples? ( BSD )" -SLOT="1.8" -KEYWORDS="amd64 ~arm ~arm64 x86 ~amd64-linux ~x86-linux ~x64-macos ~sparc64-solaris ~x64-solaris" -IUSE="alsa commercial cups derby doc examples +fontconfig headless-awt javafx jce nsplugin selinux source visualvm" -REQUIRED_USE="javafx? ( alsa fontconfig )" - -RESTRICT="fetch preserve-libs strip" -QA_PREBUILT="*" - -# NOTES: -# -# * cups is dlopened. -# -# * libpng is also dlopened but only by libsplashscreen, which isn't -# important, so we can exclude that. -# -# * We still need to work out the exact AWT and JavaFX dependencies -# under MacOS. It doesn't appear to use many, if any, of the -# dependencies below. -# -RDEPEND="!x64-macos? ( - !headless-awt? ( - x11-libs/libX11 - x11-libs/libXext - x11-libs/libXi - x11-libs/libXrender - x11-libs/libXtst - ) - javafx? ( - dev-libs/glib:2 - dev-libs/libxml2:2 - dev-libs/libxslt - media-libs/freetype:2 - x11-libs/cairo - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXtst - x11-libs/libXxf86vm - x11-libs/pango - virtual/opengl - ) - ) - alsa? ( media-libs/alsa-lib ) - cups? ( net-print/cups ) - doc? ( dev-java/java-sdk-docs:${SLOT} ) - fontconfig? ( media-libs/fontconfig:1.0 ) - !prefix? ( sys-libs/glibc:* ) - selinux? ( sec-policy/selinux-java )" - -DEPEND="app-arch/zip - examples? ( x64-macos? ( app-arch/unzip ) )" - -S="${WORKDIR}/jdk" - -check_tarballs_available() { - local uri=$1; shift - local dl= unavailable= - for dl in "${@}" ; do - [[ ! -f "${DISTDIR}/${dl}" ]] && unavailable+=" ${dl}" - done - - if [[ -n "${unavailable}" ]] ; then - if [[ -z ${_check_tarballs_available_once} ]] ; then - einfo - einfo "Oracle requires you to download the needed files manually after" - einfo "accepting their license through a javascript capable web browser." - einfo - _check_tarballs_available_once=1 - fi - einfo "Download the following files:" - for dl in ${unavailable}; do - einfo " ${dl}" - done - einfo "at '${uri}'" - einfo "and move them to '${DISTDIR}'" - einfo - einfo "If the above mentioned urls do not point to the correct version anymore," - einfo "please download the files from Oracle's java download archive:" - einfo - einfo " http://www.oracle.com/technetwork/java/javase/downloads/java-archive-javase8-2177648.html#jdk-${MY_PV}-oth-JPR" - einfo - fi -} - -pkg_nofetch() { - local distfiles=( $(eval "echo \${$(echo AT_${ARCH/-/_})}") ) - if use examples && has ${ARCH} "${DEMOS_AVAILABLE[@]}"; then - distfiles+=( $(eval "echo \${$(echo DEMOS_${ARCH/-/_})}") ) - fi - check_tarballs_available "${JDK_URI}" "${distfiles[@]}" -} - -src_unpack() { - if use x64-macos ; then - pushd "${T}" > /dev/null || die - mkdir dmgmount || die - hdiutil attach "${DISTDIR}"/jdk-${MY_PV}-macosx-x64.dmg \ - -mountpoint "${T}"/dmgmount || die - printf -v update "%02d" $(get_version_component_range 4) || die - xar -xf dmgmount/JDK\ $(get_version_component_range 2)\ Update\ ${update}.pkg || die - hdiutil detach "${T}"/dmgmount || die - zcat jdk1${MY_PV%u*}0${update}.pkg/Payload | cpio -idv || die - mv Contents/Home "${WORKDIR}"/jdk${MY_PV} || die - popd > /dev/null || die - else - default - fi - - # Upstream is changing their versioning scheme every release around 1.8.0.*; - # to stop having to change it over and over again, just wildcard match and - # live a happy life instead of trying to get this new jdk1.8.0_05 to work. - mv "${WORKDIR}"/jdk* "${S}" || die -} - -src_prepare() { - default - - if [[ -n ${JAVA_PKG_STRICT} ]] ; then - # Mark this binary early to run it now. - pax-mark m ./bin/javap - - eqawarn "Ensure that this only calls trackJavaUsage(). If not, see bug #559936." - eqawarn - eqawarn "$(./bin/javap -J-Duser.home=${T} -c sun.misc.PostVMInitHook || die)" - fi - - # Remove the hook that calls Oracle's evil usage tracker. Not just - # because it's evil but because it breaks the sandbox during builds - # and we can't find any other feasible way to disable it or make it - # write somewhere else. See bug #559936 for details. - zip -d jre/lib/rt.jar sun/misc/PostVMInitHook.class || die -} - -src_install() { - local dest="/opt/${P}" - local ddest="${ED}${dest#/}" - - # Create files used as storage for system preferences. - mkdir jre/.systemPrefs || die - touch jre/.systemPrefs/.system.lock || die - touch jre/.systemPrefs/.systemRootModFile || die - - if ! use alsa ; then - rm -vf jre/lib/*/libjsoundalsa.* || die - fi - - if ! use commercial; then - rm -vfr lib/missioncontrol jre/lib/jfr* || die - fi - - if use headless-awt ; then - rm -vf {,jre/}lib/*/lib*{[jx]awt,splashscreen}* \ - {,jre/}bin/{javaws,policytool} \ - bin/appletviewer || die - fi - - if ! use javafx ; then - rm -vf jre/lib/*/lib*{decora,fx,glass,prism}* \ - jre/lib/*/libgstreamer-lite.* {,jre/}lib/{,ext/}*fx* \ - bin/*javafx* bin/javapackager || die - fi - - if ! use nsplugin ; then - rm -vf jre/lib/*/libnpjp2.* || die - else - local nsplugin=$(echo jre/lib/*/libnpjp2.*) - fi - - # Even though plugins linked against multiple ffmpeg versions are - # provided, they generally lag behind what Gentoo has available. - rm -vf jre/lib/*/libavplugin* || die - - # Packaged as dev-util/visualvm but some users prefer this version. - use visualvm || find -name "*visualvm*" -exec rm -vfr {} + || die - - dodoc COPYRIGHT - dodir "${dest}" - cp -pPR bin include jre lib man "${ddest}" || die - - if use derby ; then - cp -pPR db "${ddest}" || die - fi - - if use examples && has ${ARCH} "${DEMOS_AVAILABLE[@]}" ; then - cp -pPR demo sample "${ddest}" || die - fi - - ln -s policy/$(usex jce unlimited limited)/{US_export,local}_policy.jar \ - "${ddest}"/jre/lib/security/ || die - - if use nsplugin ; then - local nsplugin_link=${nsplugin##*/} - nsplugin_link=${nsplugin_link/./-${PN}-${SLOT}.} - dosym "${dest}/${nsplugin}" "/usr/$(get_libdir)/nsbrowser/plugins/${nsplugin_link}" - fi - - if use source ; then - cp -v src.zip "${ddest}" || die - - if use javafx ; then - cp -v javafx-src.zip "${ddest}" || die - fi - fi - - if [[ -d jre/lib/desktop ]] ; then - # Install desktop file for the Java Control Panel. - # Using ${PN}-${SLOT} to prevent file collision with jre and or - # other slots. make_desktop_entry can't be used as ${P} would - # end up in filename. - newicon jre/lib/desktop/icons/hicolor/48x48/apps/sun-jcontrol.png \ - sun-jcontrol-${PN}-${SLOT}.png || die - sed -e "s#Name=.*#Name=Java Control Panel for Oracle JDK ${SLOT}#" \ - -e "s#Exec=.*#Exec=/opt/${P}/jre/bin/jcontrol#" \ - -e "s#Icon=.*#Icon=sun-jcontrol-${PN}-${SLOT}#" \ - -e "s#Application;##" \ - -e "/Encoding/d" \ - jre/lib/desktop/applications/sun_java.desktop \ - > "${T}"/jcontrol-${PN}-${SLOT}.desktop || die - domenu "${T}"/jcontrol-${PN}-${SLOT}.desktop - fi - - # Prune all fontconfig files so libfontconfig will be used and only install - # a Gentoo specific one if fontconfig is disabled. - # http://docs.oracle.com/javase/8/docs/technotes/guides/intl/fontconfig.html - rm "${ddest}"/jre/lib/fontconfig.* || die - if ! use fontconfig ; then - cp "${FILESDIR}"/fontconfig.Gentoo.properties "${T}"/fontconfig.properties || die - eprefixify "${T}"/fontconfig.properties - insinto "${dest}"/jre/lib/ - doins "${T}"/fontconfig.properties - fi - - # This needs to be done before CDS - #215225 - java-vm_set-pax-markings "${ddest}" - - # see bug #207282 - einfo "Creating the Class Data Sharing archives" - case ${ARCH} in - arm|ia64) - ${ddest}/bin/java -client -Xshare:dump || die - ;; - x86) - ${ddest}/bin/java -client -Xshare:dump || die - # limit heap size for large memory on x86 #467518 - # this is a workaround and shouldn't be needed. - ${ddest}/bin/java -server -Xms64m -Xmx64m -Xshare:dump || die - ;; - *) - ${ddest}/bin/java -server -Xshare:dump || die - ;; - esac - - # Remove empty dirs we might have copied. - find "${D}" -type d -empty -exec rmdir -v {} + || die - - if use x64-macos ; then - # Fix miscellaneous install_name issues. - local lib - for lib in decora_sse glass prism_{common,es2,sw} ; do - lib=lib${lib}.dylib - einfo "Fixing self-reference of ${lib}" - install_name_tool \ - -id "${EPREFIX}${dest}/jre/lib/${lib}" \ - "${ddest}"/jre/lib/${lib} || die - done - fi - - java-vm_install-env "${FILESDIR}"/${PN}.env.sh - java-vm_revdep-mask - java-vm_sandbox-predict /dev/random /proc/self/coredump_filter -} - -pkg_postinst() { - java-vm-2_pkg_postinst - - if ! use headless-awt && ! use javafx; then - ewarn "You have disabled the javafx flag. Some modern desktop Java applications" - ewarn "require this and they may fail with a confusing error message." - fi -} -- cgit v1.2.3