[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenJDK / default JDK for squeeze / issues on mips / open security issues for lenny

* tony mancill:

> On 01/14/2011 11:46 AM, Florian Weimer wrote:
>> * tony mancill:
>>> As per Section 5.8.5 of the Developer's Reference, I'd like to get
>>> confirmation from the Security Team that they are anticipating and
>>> approve of the upload of the new source version.  (My apologies if this
>>> has already been covered; I joined the thread already in progress.)
>> Would you please show us the debdiff to the version in squeeze, and
>> the list of dependencies of the .deb file?  Alternatively, please put
>> the files on people.debian.org, so that we can have a look at them
>> before the upload.  Thanks for your support in this matter.
>> Do you plane to switch to IcedTea 1.9 or a later version during the
>> squeeze release?
> Because the debdiff is quite large (from 6b11 to 6b18), I've uploaded
> the build to people.debian.org.

For that reason, I asked for a debdiff against the *squeeze*
version. 8-)

What is the following change about?

--- openjdk-6-6b18-1.8.3/Makefile.in
+++ openjdk-6-6b18-1.8.3.orig/Makefile.in
@@ -800,7 +800,6 @@
        --enable-zero $(am__append_25) --disable-docs $(filter-out \
        '--with-gcj-home=% '--with-ecj=% '--with-java=% \
        '--with-javah=% '--with-rmic=% '--with-additional-vms=% \
-       '--with-hotspot-build=% '--with-hotspot-src-zip=% \
        '--with-openjdk '--with-openjdk=% , $(CONFIGURE_ARGS)) $(if \
        $(findstring --with-openjdk-src-zip=, $(CONFIGURE_ARGS)),, \
        --with-openjdk-src-zip=$(abs_top_builddir)/$(OPENJDK_SRC_ZIP)) \
@@ -811,7 +810,7 @@
        BUILD_JAXWS=false     ALT_JAXWS_DIST=$(ICEDTEA_BUILD_DIR)/jaxws/dist \
        BUILD_CORBA=false     ALT_CORBA_DIST=$(ICEDTEA_BUILD_DIR)/corba/dist \
        BUILD_JDK=false \
+       DISTRIBUTION_PATCHES='$(foreach p,$(DISTRIBUTION_PATCHES),$(if $(findstring cacao,$(p)),,$(p)))'
-       DISTRIBUTION_PATCHES='$(foreach p,$(DISTRIBUTION_PATCHES),$(if $(findstring cacao,$(p)),,$(subst -hs17,-original,$(p))))'
This is present both relative to squeeze and to a direct rebuild for
lenny (according to Matthias Klose's suggestion), so it seems that you
applied it.

> So everyone's clear, I did this under the impression that what was
> needed for lenny was essentially a binary build of the current version
> in testing.

AFAICT, your packages will introduce pulseaudio support and replace
the browser plugin code (which might need updating the conflict with
icedtea-gcjwebplugin).  If you follow Matthias' suggestion (plus the
ca-certificates-java patch), then you end up with something closer to
the lenny version.  Which approach carries less risk, in your opinion?

Reply to: