kumquat-buildroot/package/openjdk/openjdk.hash

# Locally computed
sha256  2fdd23261526362d4aaf58323441d4c31d29de2e374ba94bbf2727a00adc0ea7  openjdk-17.0.2+8.tar.gz
sha256  0e859cc03378439023e17ee82aecee5a52265fb38906a8bebf16027aa2b2bcf5  openjdk-11.0.14.1+1.tar.gz
sha256  4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726  LICENSE
package/openjdk: new package OpenJDK is a free and open-source implementation of the Java Platform. This package provides the option to build a client or a server JVM interpreter. The default option is the server option, as that is what the majority of users use. This JVM interpreter loads more slowly, putting more effort into JIT compilations to yield higher performance. Unlike most autotools packages, OpenJDK is exceptionally different and has many quirks, some of which are below: - X11, alsa, and cups are required to build Java, even if it's a headless build. See http://hg.openjdk.java.net/jdk10/jdk10/raw-file/tip/common/doc/building.html#external-library-requirements for more information. - host-zip is needed for the zip executable. - There is no autogen.sh file, instead, a user must call "./configure autogen." - OpenJDK ignores some variables unless passed via the environment. These variables are: PATH, LD, CC, CXX, and CPP. - OpenJDK defaults ld to the ld binary but passes -Xlinker and -z as arguments during the linking process, which causes linking failures. To fix this issue, ld is set to gcc. - Make -jn is unsupported. Instead, one must use the "--with-jobs=" configure option, and use $(MAKE1). Signed-off-by: Adam Duskett <Aduskett@gmail.com> [Thomas: - drop explanations about CC, LD, CXX, etc. be set to their "actual binaries" instead of ccache: TARGET_CC/TARGET_LD/TARGET_CXX point to the compiler wrapper, so the usage of ccache is hidden - make sure at least one of the variants is enabled in Config.in - drop the submenu for variant selection - use system zlib instead of the bundled one. This works fine when BUILD_SYSROOT_CFLAGS and BUILD_SYSROOT_LDFLAGS are passed - fix minor nits in the Config.in comments] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2019-03-15 21:52:31 +01:00			`# Locally computed`
package/openjdk{-bin}: security bump 17.x to version 17.0.2+8 Fixes the following security issues: - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization - JDK-8268488: More valuable DerValues - JDK-8268494: Better inlining of inlined interfaces - JDK-8268512: More content for ContentInfo - JDK-8268813, CVE-2022-21283: Better String matching - JDK-8269151: Better construction of EncryptedPrivateKeyInfo - JDK-8269944: Better HTTP transport redux - JDK-8270386, CVE-2022-21291: Better verification of scan methods - JDK-8270392, CVE-2022-21293: Improve String constructions - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps - JDK-8270492, CVE-2022-21282: Better resolution of URIs - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities - JDK-8270952, CVE-2022-21277: Improve TIFF file handling - JDK-8271962: Better TrueType font loading - JDK-8271968: Better canonical naming - JDK-8271987: Manifest improved manifest entries - JDK-8272014, CVE-2022-21305: Better array indexing - JDK-8272026, CVE-2022-21340: Verify Jar Verification - JDK-8272236, CVE-2022-21341: Improve serial forms for transport - JDK-8272272: Enhance jcmd communication - JDK-8272462: Enhance image handling - JDK-8273290: Enhance sound handling - JDK-8273756, CVE-2022-21360: Enhance BMP image support - JDK-8273838, CVE-2022-21365: Enhanced BMP processing - JDK-8274096, CVE-2022-21366: Improve decoding of image files For more details, see the announcement: https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011709.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2022-04-19 09:39:54 +02:00			`sha256 2fdd23261526362d4aaf58323441d4c31d29de2e374ba94bbf2727a00adc0ea7 openjdk-17.0.2+8.tar.gz`
package/openjdk{-bin}: security bump 11.x to version 11.0.14.1+1 Fixes the following security issues: - JDK-8217375: jarsigner breaks old signature with long lines in manifest - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization - JDK-8268488: More valuable DerValues - JDK-8268494: Better inlining of inlined interfaces - JDK-8268512: More content for ContentInfo - JDK-8268795: Enhance digests of Jar files - JDK-8268801: Improve PKCS attribute handling - JDK-8268813, CVE-2022-21283: Better String matching - JDK-8269151: Better construction of EncryptedPrivateKeyInfo - JDK-8269944: Better HTTP transport redux - JDK-8270386, CVE-2022-21291: Better verification of scan methods - JDK-8270392, CVE-2022-21293: Improve String constructions - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps - JDK-8270492, CVE-2022-21282: Better resolution of URIs - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities - JDK-8270952, CVE-2022-21277: Improve TIFF file handling - JDK-8271962: Better TrueType font loading - JDK-8271968: Better canonical naming - JDK-8271987: Manifest improved manifest entries - JDK-8272014, CVE-2022-21305: Better array indexing - JDK-8272026, CVE-2022-21340: Verify Jar Verification - JDK-8272236, CVE-2022-21341: Improve serial forms for transport - JDK-8272272: Enhance jcmd communication - JDK-8272462: Enhance image handling - JDK-8273290: Enhance sound handling - JDK-8273756, CVE-2022-21360: Enhance BMP image support - JDK-8273838, CVE-2022-21365: Enhanced BMP processing - JDK-8274096, CVE-2022-21366: Improve decoding of image files - JDK-8279541: Improve HarfBuzz For more details, see the announcement: https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-January/011643.html https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2022-February/012348.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2022-04-19 09:39:53 +02:00			`sha256 0e859cc03378439023e17ee82aecee5a52265fb38906a8bebf16027aa2b2bcf5 openjdk-11.0.14.1+1.tar.gz`
package/{openjdk, openjdk-bin}: bump version to 14.0.1+7 Signed-off-by: Adam Duskett <Aduskett@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> 2020-04-22 21:21:17 +02:00			`sha256 4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726 LICENSE`