diff --git a/Delete-expired-certificate.patch b/Delete-expired-certificate.patch index 8e93c394dfba16d5be822b0da5046b851248fde0..e5b4e99a7e401c3072fd0427cb054e8217998a09 100644 --- a/Delete-expired-certificate.patch +++ b/Delete-expired-certificate.patch @@ -1,4 +1,5 @@ From 81e5f144710e946f70db91329a79b9ebcd76c2f3 Mon Sep 17 00:00:00 2001 +From: zhangyipeng Date: Wed, 15 Dec 2021 17:04:17 +0800 Subject: [PATCH] Delete expired certificate @@ -117,9 +118,24 @@ index 0c195ff51..000000000 -SnQ2+Q== ------END CERTIFICATE----- diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java -index f39dca74a..c404ed613 100644 +index f39dca74a..768b6572c 100644 --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java +++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java +@@ -54,12 +54,12 @@ public class VerifyCACerts { + + File.separator + "security" + File.separator + "cacerts"; + + // The numbers of certs now. +- private static final int COUNT = 89; ++ private static final int COUNT = 86; + + // SHA-256 of cacerts, can be generated with + // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 + private static final String CHECKSUM +- = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA"; ++ = "89:78:5A:96:F4:B2:68:4C:91:C0:32:2C:ED:2D:6B:3B:26:B8:37:C3:07:DD:9E:50:87:53:53:7A:24:98:97:E0"; + + // Hex formatter to upper case with ":" delimiter + private static final HexFormat HEX = HexFormat.ofDelimiter(":").withUpperCase(); @@ -120,8 +120,6 @@ public class VerifyCACerts { "7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2"); put("digicerthighassuranceevrootca [jdk]", diff --git a/add-version-txt.patch b/add-version-txt.patch index e098e18f97e13b82bcb84a85a7b269f98656e2da..855290a59d70b280cc26a614c82d983f7e8b2df3 100644 --- a/add-version-txt.patch +++ b/add-version-txt.patch @@ -13,7 +13,7 @@ index 000000000..b717bafbe --- /dev/null +++ b/version.txt @@ -0,0 +1 @@ -+17.0.3.0.13 ++17.0.4.0.13 -- 2.19.0 diff --git a/fix_X509TrustManagerImpl_symantec_distrust.patch b/fix_X509TrustManagerImpl_symantec_distrust.patch deleted file mode 100644 index 223aa657625f5a1712e88a71ad3e72b85b3a011c..0000000000000000000000000000000000000000 --- a/fix_X509TrustManagerImpl_symantec_distrust.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff --git a/make/data/cacerts/geotrustglobalca b/make/data/cacerts/geotrustglobalca -new file mode 100644 -index 000000000..7f8bf9a66 ---- /dev/null -+++ b/make/data/cacerts/geotrustglobalca -@@ -0,0 +1,27 @@ -+Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US -+Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US -+Serial number: 23456 -+Valid from: Tue May 21 04:00:00 GMT 2002 until: Sat May 21 04:00:00 GMT 2022 -+Signature algorithm name: SHA1withRSA -+Subject Public Key Algorithm: 2048-bit RSA key -+Version: 3 -+-----BEGIN CERTIFICATE----- -+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== -+-----END CERTIFICATE----- -diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java -index c404ed613..4d459f798 100644 ---- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java -+++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java -@@ -54,12 +54,12 @@ public class VerifyCACerts { - + File.separator + "security" + File.separator + "cacerts"; - - // The numbers of certs now. -- private static final int COUNT = 89; -+ private static final int COUNT = 87; - - // SHA-256 of cacerts, can be generated with - // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 - private static final String CHECKSUM -- = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA"; -+ = "63:C4:11:7D:BF:C5:05:2B:BF:C2:B4:5A:2C:B6:26:C4:57:76:FB:D4:48:3B:E7:4C:62:B0:A1:7B:4F:07:B1:0C"; - - // Hex formatter to upper case with ":" delimiter - private static final HexFormat HEX = HexFormat.ofDelimiter(":").withUpperCase(); -@@ -120,6 +120,8 @@ public class VerifyCACerts { - "7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2"); - put("digicerthighassuranceevrootca [jdk]", - "74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF"); -+ put("geotrustglobalca [jdk]", -+ "FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5:DB:36:A7:3A"); - put("geotrustprimaryca [jdk]", - "37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8:DE:B4:D0:6C"); - put("geotrustprimarycag2 [jdk]", -@@ -254,6 +256,8 @@ public class VerifyCACerts { - add("addtrustexternalca [jdk]"); - // Valid until: Sat May 30 10:44:50 GMT 2020 - add("addtrustqualifiedca [jdk]"); -+ // Valid until: Sat May 21 04:00:00 GMT 2022 -+ add("geotrustglobalca [jdk]"); - } - }; - diff --git a/jdk-updates-jdk17u-jdk-17.0.3+7.tar.gz b/jdk-updates-jdk17u-jdk-17.0.4+8.tar.gz similarity index 82% rename from jdk-updates-jdk17u-jdk-17.0.3+7.tar.gz rename to jdk-updates-jdk17u-jdk-17.0.4+8.tar.gz index 74dec1c462202b917c60611102c6a33183e15606..1ab048ab27e323fbff489ab7aeeaaf0c3fa567f1 100644 Binary files a/jdk-updates-jdk17u-jdk-17.0.3+7.tar.gz and b/jdk-updates-jdk17u-jdk-17.0.4+8.tar.gz differ diff --git a/openjdk-17.spec b/openjdk-17.spec index a7b50fcfd94a7cb6641d13c113ab2ef27d6ea38d..4fbee3c45e633235bcdf6c8ea347f86a3c8a326e 100644 --- a/openjdk-17.spec +++ b/openjdk-17.spec @@ -81,7 +81,7 @@ # By default, we build a debug build during main build on JIT architectures %if %{with slowdebug} %ifarch %{jit_arches} -%global include_debug_build 0 +%global include_debug_build 1 %else %global include_debug_build 0 %endif @@ -155,7 +155,7 @@ # Used via new version scheme. JDK 17 was # GA'ed in March 2021 => 21.9 %global vendor_version_string 21.9 -%global securityver 3 +%global securityver 4 # buildjdkver is usually same as %%{majorver}, # but in time of bootstrap of next jdk, it is majorver-1, # and this it is better to change it here, on single place @@ -175,7 +175,7 @@ %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global minorver 0 -%global buildver 7 +%global buildver 8 # priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit %if %is_system_jdk %global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} ) @@ -885,7 +885,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release} Name: java-%{javaver}-%{origin} Version: %{newjavaver}.%{buildver} -Release: 1 +Release: 0 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons # and this change was brought into RHEL-4. java-1.5.0-ibm packages @@ -973,9 +973,6 @@ Patch14: Clean-up-JDK17-codeDEX.patch Patch15: Delete-expired-certificate.patch Patch16: Clean-up-JDK17-codeDEX-fix-Non-static-numa_node_dist.patch -# 17.0.3 -Patch17: fix_X509TrustManagerImpl_symantec_distrust.patch - BuildRequires: autoconf BuildRequires: automake BuildRequires: alsa-lib-devel @@ -1209,7 +1206,6 @@ pushd %{top_level_dir_name} %patch14 -p1 %patch15 -p1 %patch16 -p1 -%patch17 -p1 popd # openjdk %patch1000 @@ -1427,7 +1423,7 @@ do do # We expect to see .cpp files, except for architectures like aarch64 and # s390 where we expect .o and .oS files - echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$" + echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|S|oS))?$" done IFS="$old_IFS" @@ -1441,7 +1437,7 @@ do # debuginfo file. There shouldn't be any debuginfo files, so the link makes # no sense either eu-readelf -S "$lib" | grep 'gnu' - if eu-readelf -S "$lib" | grep '] .gnu_debuglink' | grep PROGBITS; then + if eu-readelf -S "$lib" | grep "] .gnu_debuglink" | grep PROGBITS; then echo "bad .gnu_debuglink section." eu-readelf -x .gnu_debuglink "$lib" false @@ -1763,8 +1759,14 @@ cjc.mainProgram(arg) %changelog -* Thu April 28 2022 kuenking111 - 1:17.0.3.7-1 +* Mon Aug 1 2022 kuenking111 - 1:17.0.4.8-0.rolling +- modified Delete-expired-certificate.patch +- modified add-version-txt.patch +- del fix_X509TrustManagerImpl_symantec_distrust.patch +- add jdk17.0.4-ga + +* Thu Apr 28 2022 kuenking111 - 1:17.0.3.7-1 - add fix_X509TrustManagerImpl_symantec_distrust.patch -* Tue April 26 2022 kuenking111 - 1:17.0.3.7-0.rolling +* Tue Apr 26 2022 kuenking111 - 1:17.0.3.7-0.rolling - Init jdk-17.0.3+7-ga