From 631776f0270bcc3396c0ba10317b1c4fcfe61d6e Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 28 Jul 2016 15:27:08 +0100 Subject: dev-java/oracle-jre-bin: Remove vulnerable 1.8.0.92 wrt bug #589208 Package-Manager: portage-2.3.0 --- dev-java/oracle-jre-bin/Manifest | 2 - .../oracle-jre-bin/oracle-jre-bin-1.8.0.92.ebuild | 249 --------------------- 2 files changed, 251 deletions(-) delete mode 100644 dev-java/oracle-jre-bin/oracle-jre-bin-1.8.0.92.ebuild (limited to 'dev-java/oracle-jre-bin') diff --git a/dev-java/oracle-jre-bin/Manifest b/dev-java/oracle-jre-bin/Manifest index 114612e8f112..58d29934c058 100644 --- a/dev-java/oracle-jre-bin/Manifest +++ b/dev-java/oracle-jre-bin/Manifest @@ -1,5 +1,3 @@ DIST jce_policy-8.zip 8409 SHA256 f3020a3922efd6626c2fff45695d527f34a8020e938a49292561f18ad1320b59 SHA512 abbaa81a35f904ec61b4cf3c2d1ca8c8d49e53bb248e698185eea906939d68f5063412800585ec74027aab1012ef189aebe1dc99fe8ef4230a0ecb0b527f88e5 WHIRLPOOL 8c9ce1ea4673b75fa6271b74e598880f98361d5d2c9c25439fa0af3d07cfeb871b39682dae4e38160f49770b1fec953162e451b9b2cf44d2c72a226944212bcc DIST jre-8u102-linux-i586.tar.gz 74086608 SHA256 b0ea9eba7e9a4da0abeefa67634644616b78ffd52884fbb7abdedb1c5c87f8a9 SHA512 bcb24bf99d4a9d92e551e998d456aa93cf956300c9c6be556415dd4d5358b31958d7c5731468b6e5cadd2f4d6ffaabc57cc7e1209577c17618ac2c3f32b4d372 WHIRLPOOL babb6c7fe114fe3af4b132d452ac60253f7941be83ed09ea4d4063758a3ccdfb689663db0f607f565bd876b06f8c442016f5d268b1f17e21ce81829949eb341c DIST jre-8u102-linux-x64.tar.gz 71885713 SHA256 214ff6b52f5b1bccfc139dca910cea25f6fa19b9b96b4e3c10e699cd3e780dfb SHA512 9e4408aba9c648c7b18f45984575132191f87eef1c6e80d44450dd05b28fc773771c554564f00571c12f38312dc837ca3a9974323ad79acd0287a7193b8d6596 WHIRLPOOL 6b8c4f2d55135e006d5603aadc69f3d5aefe637bd024681d29367f0feaabdbfb522dfeef11ca800b916199fc1fa01536b356713618a5cf8bc2396d4b595258ac -DIST jre-8u92-linux-i586.tar.gz 73984536 SHA256 c64e5778e61912118e1b566228e2c532b21d915c2fd98e9b6042b26602deeec6 SHA512 0eb1f03e7b84537501c13e185e2f1dc7f12c162209c98ce51042618cf02bd1691f3eb09c75a6d8db6dc6cfdd3369315cede49c194eae204b07d461a8eae47ff5 WHIRLPOOL a5e82f71ededce477bcb5fb49ad546c9d6a232156884f569b7d763efb44b3901ae0e211df35ae3ccc4295f6045479d36ad005e2e7acc673c7c3310069167ca99 -DIST jre-8u92-linux-x64.tar.gz 71818563 SHA256 e8469bcf55e388770cd6b6a51b082ce7a5a3149b4039a71b1edeed2796dcefe4 SHA512 2d538c05110de21fc4dfb47e225012fc696e4a644c4d3191da48ccfcb239a6ac5618b75fc3c0eeb47f98e82254c548a0083bfab7ad831adffdcd6706433cf38f WHIRLPOOL 1a5ddd7f410c51452c774350b0a3f64d4c2cdc4b930c9278087b5de02bb95caf3d328509dad8903930744adb0367bcea26b4ed3f429bf9ee6ca219ba1c41b070 diff --git a/dev-java/oracle-jre-bin/oracle-jre-bin-1.8.0.92.ebuild b/dev-java/oracle-jre-bin/oracle-jre-bin-1.8.0.92.ebuild deleted file mode 100644 index 760f88641fe9..000000000000 --- a/dev-java/oracle-jre-bin/oracle-jre-bin-1.8.0.92.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" - -inherit eutils java-vm-2 prefix versionator - -# This URIs need updating when bumping! -JRE_URI="http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html" -JCE_URI="http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html" - -if [[ "$(get_version_component_range 4)" == 0 ]] ; then - S_PV="$(get_version_component_range 1-3)" -else - MY_PV_EXT="u$(get_version_component_range 4)" - S_PV="$(get_version_component_range 1-4)" -fi - -MY_PV="$(get_version_component_range 2)${MY_PV_EXT}" - -AT_amd64="jre-${MY_PV}-linux-x64.tar.gz" -AT_x86="jre-${MY_PV}-linux-i586.tar.gz" - -JCE_DIR="UnlimitedJCEPolicyJDK8" -JCE_FILE="jce_policy-8.zip" - -DESCRIPTION="Oracle's Java SE Runtime Environment" -HOMEPAGE="http://www.oracle.com/technetwork/java/javase/" -SRC_URI=" - amd64? ( ${AT_amd64} ) - x86? ( ${AT_x86} ) - jce? ( ${JCE_FILE} )" - -LICENSE="Oracle-BCLA-JavaSE" -SLOT="1.8" -KEYWORDS="amd64 x86" -IUSE="alsa cups +fontconfig headless-awt javafx jce nsplugin pax_kernel selinux" - -RESTRICT="fetch preserve-libs strip" -QA_PREBUILT="*" - -# NOTES: -# -# * cups is dlopened. -# -# * libpng is also dlopened but only by libsplashscreen, which isn't -# important, so we can exclude that. -# -# * We still need to work out the exact AWT and JavaFX dependencies -# under MacOS. It doesn't appear to use many, if any, of the -# dependencies below. -# -RDEPEND="!x64-macos? ( - !headless-awt? ( - x11-libs/libX11 - x11-libs/libXext - x11-libs/libXi - x11-libs/libXrender - x11-libs/libXtst - ) - javafx? ( - dev-libs/glib:2 - dev-libs/libxml2:2 - dev-libs/libxslt - media-libs/freetype:2 - x11-libs/cairo - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXtst - x11-libs/libXxf86vm - x11-libs/pango - virtual/opengl - ) - ) - alsa? ( media-libs/alsa-lib ) - cups? ( net-print/cups ) - fontconfig? ( media-libs/fontconfig:1.0 ) - !prefix? ( sys-libs/glibc:* ) - selinux? ( sec-policy/selinux-java )" - -# A PaX header isn't created by scanelf so depend on paxctl to avoid -# fallback marking. See bug #427642. -DEPEND="app-arch/zip - jce? ( app-arch/unzip ) - pax_kernel? ( sys-apps/paxctl )" - -S="${WORKDIR}/jre" - -pkg_nofetch() { - local AT_ARCH="AT_${ARCH}" - local AT="${!AT_ARCH}" - - einfo "Please download '${AT}' from:" - einfo "'${JRE_URI}'" - einfo "and move it to '${DISTDIR}'" - - if use jce; then - einfo "Also download '${JCE_FILE}' from:" - einfo "'${JCE_URI}'" - einfo "and move it to '${DISTDIR}'" - fi - - einfo - einfo "If the above mentioned urls do not point to the correct version anymore," - einfo "please download the files from Oracle's java download archive:" - einfo - einfo " http://www.oracle.com/technetwork/java/javase/downloads/java-archive-javase8-2177648.html#jre-${MY_PV}-oth-JPR" - einfo - -} - -src_unpack() { - default - - # Upstream is changing their versioning scheme every release around 1.8.0.*; - # to stop having to change it over and over again, just wildcard match and - # live a happy life instead of trying to get this new jre1.8.0_05 to work. - mv "${WORKDIR}"/jre* "${S}" || die -} - -src_prepare() { - if use jce ; then - mv "${WORKDIR}"/${JCE_DIR} lib/security/ || die - fi - - # Remove the hook that calls Oracle's evil usage tracker. Not just - # because it's evil but because it breaks the sandbox during builds - # and we can't find any other feasible way to disable it or make it - # write somewhere else. See bug #559936 for details. - zip -d lib/rt.jar sun/misc/PostVMInitHook.class || die -} - -src_install() { - local dest="/opt/${P}" - local ddest="${ED}${dest#/}" - - # Create files used as storage for system preferences. - mkdir .systemPrefs || die - touch .systemPrefs/.system.lock || die - touch .systemPrefs/.systemRootModFile || die - - if ! use alsa ; then - rm -vf lib/*/libjsoundalsa.* || die - fi - - if use headless-awt ; then - rm -vf lib/*/lib*{[jx]awt,splashscreen}* \ - bin/{javaws,policytool} || die - fi - - if ! use javafx ; then - rm -vf lib/*/lib*{decora,fx,glass,prism}* \ - lib/*/libgstreamer-lite.* lib/{,ext/}*fx* || die - fi - - if ! use nsplugin ; then - rm -vf lib/*/libnpjp2.* || die - else - local nsplugin=$(echo lib/*/libnpjp2.*) - fi - - # Even though plugins linked against multiple ffmpeg versions are - # provided, they generally lag behind what Gentoo has available. - rm -vf lib/*/libavplugin* || die - - dodoc COPYRIGHT - dodir "${dest}" - cp -pPR bin lib man "${ddest}" || die - - if use jce ; then - dodir ${dest}/lib/security/strong-jce - mv "${ddest}"/lib/security/US_export_policy.jar \ - "${ddest}"/lib/security/strong-jce || die - mv "${ddest}"/lib/security/local_policy.jar \ - "${ddest}"/lib/security/strong-jce || die - dosym "${dest}"/lib/security/${JCE_DIR}/US_export_policy.jar \ - "${dest}"/lib/security/US_export_policy.jar - dosym "${dest}"/lib/security/${JCE_DIR}/local_policy.jar \ - "${dest}"/lib/security/local_policy.jar - fi - - if use nsplugin ; then - local nsplugin_link=${nsplugin##*/} - nsplugin_link=${nsplugin_link/./-${PN}-${SLOT}.} - dosym "${dest}/${nsplugin}" "/usr/$(get_libdir)/nsbrowser/plugins/${nsplugin_link}" - fi - - # Install desktop file for the Java Control Panel. - # Using ${PN}-${SLOT} to prevent file collision with jre and or other slots. - # make_desktop_entry can't be used as ${P} would end up in filename. - newicon lib/desktop/icons/hicolor/48x48/apps/sun-jcontrol.png \ - sun-jcontrol-${PN}-${SLOT}.png || die - sed -e "s#Name=.*#Name=Java Control Panel for Oracle JRE ${SLOT}#" \ - -e "s#Exec=.*#Exec=/opt/${P}/bin/jcontrol#" \ - -e "s#Icon=.*#Icon=sun-jcontrol-${PN}-${SLOT}#" \ - -e "s#Application;##" \ - -e "/Encoding/d" \ - lib/desktop/applications/sun_java.desktop > \ - "${T}"/jcontrol-${PN}-${SLOT}.desktop || die - domenu "${T}"/jcontrol-${PN}-${SLOT}.desktop - - # Prune all fontconfig files so libfontconfig will be used and only install - # a Gentoo specific one if fontconfig is disabled. - # http://docs.oracle.com/javase/8/docs/technotes/guides/intl/fontconfig.html - rm "${ddest}"/lib/fontconfig.* || die - if ! use fontconfig ; then - cp "${FILESDIR}"/fontconfig.Gentoo.properties "${T}"/fontconfig.properties || die - eprefixify "${T}"/fontconfig.properties - insinto "${dest}"/lib/ - doins "${T}"/fontconfig.properties - fi - - # This needs to be done before CDS - #215225 - java-vm_set-pax-markings "${ddest}" - - # see bug #207282 - einfo "Creating the Class Data Sharing archives" - case ${ARCH} in - arm|ia64) - ${ddest}/bin/java -client -Xshare:dump || die - ;; - x86) - ${ddest}/bin/java -client -Xshare:dump || die - # limit heap size for large memory on x86 #467518 - # this is a workaround and shouldn't be needed. - ${ddest}/bin/java -server -Xms64m -Xmx64m -Xshare:dump || die - ;; - *) - ${ddest}/bin/java -server -Xshare:dump || die - ;; - esac - - # Remove empty dirs we might have copied. - find "${D}" -type d -empty -exec rmdir -v {} + || die - - set_java_env - java-vm_revdep-mask - java-vm_sandbox-predict /dev/random /proc/self/coredump_filter -} - -pkg_postinst() { - java-vm-2_pkg_postinst - - if ! use headless-awt && ! use javafx; then - ewarn "You have disabled the javafx flag. Some modern desktop Java applications" - ewarn "require this and they may fail with a confusing error message." - fi -} -- cgit v1.2.3-65-gdbad