MIME-Version: 1.0
Content-Disposition: inline
Content-Transfer-Encoding: binary
Content-Type: text/plain
Date: Thu, 23 Jul 2009 17:14:40 +0000
From: David Brownlee <abs@netbsd.org>
Subject: CVS commit: pkgsrc/lang/sun-jre15
To: pkgsrc-changes@netbsd.org
Reply-To: abs@netbsd.org
Message-Id: <20090723171440.4CA50175DD@cvs.netbsd.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: list

Module Name:	pkgsrc
Committed By:	abs
Date:		Thu Jul 23 17:14:40 UTC 2009

Modified Files:
	pkgsrc/lang/sun-jre15: Makefile Makefile.common PLIST.linux-i386
	    PLIST.linux-x86_64 distinfo

Log Message:
Updated lang/sun-jre15 to 5.0.19

Changes in 1.5.0_19

The full internal version number for this update release is 1.5.0_19-b02 (where "b" means "build"). The external version number is 5.0u19.
OlsonData 2009g

This release contains Olson time zone data version 2009g. For more information, refer to Timezone Data Versions in the JRE Software .

Security Baseline

This update release specifies the following security baseline:
JRE Family Version 	Java SE
Security Baseline 	Java SE for Business
Security Baseline 1.4.2 	1.4.2_19 	1.4.2_20

In December, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) include the Access Only option and are available to Java SE for Business subscribers.

For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .

Additional Supported System Configurations

As of this update, support has been added for the following system configurations:

    * Internet Explorer 8
    * Windows Server 2008
    * SLES 11

Refer to the Supported System Configurations page.
Service Tag Support

Service Tag support on Solaris, Linux, and Windows is add in this release. If Service Tag software has been installed on a system where JRE 1.5.0_19 is being installed, a unique service tag is automatically created for that particular JRE instance. There is no change in the JDK/JRE installation instruction, and there is no change in the Java runtime.

Service Tag software can be downloaded from Sun Inventory. JDK and JRE service tags allow installed instances of the JDK and JRE to be discovered and registered under a user's account on Sun Connection.
Known Issues

    IE 8 Hangs with OBJECT Tag

    When an OBJECT tag is used to specify an applet, and the browser does not receive any mouse button events or keyboard events before the browser gets to the point of interpreting (executing) the OBJECT> tag, then IE 8 hangs.

    This bug is seen when an html file containing OBJECT tag is specified as a command line parameter while launching IE. For example:

    iexplorer.exe  file.html

    In this case, there is no mouse button event between invocation of IE and OBJECT tag execution.

    A workaround is to force the user to use a mouse or keyboard before IE8 reaches the tag. For example, if applet.html contains an OBJECT tag, then the following command line invocation hangs the browser:

    iexplorer.exe applet.html

    However, if you specify applet.html in another html file, as follows, then the user is forced to use the keyboard or mouse button, and the hang does not occur:

    <HTML><BODY><A href="file:applet.html"> click </A> </BODY></HT
    ML>

    Refer to CR 6825659 for further information.

Bug Fixes

Bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6260293 	hotspot 	compiler2 	fix set_ctrl() inconsistencies in loopopts
6394438 	hotspot 	compiler2 	crash in C2 compiler in MachSpillCopyNode::implementation on 5.0_U4
6435614 	hotspot 	compiler2 	code fails with impossible ArrayIndexOutOfBounds Exception
6754146 	hotspot 	compiler2 	1.5.0_15 C2 compiler crashes in PhaseChaitin::Split()
6788347 	hotspot 	compiler2 	C2Compiler crash 6u7
6798785 	hotspot 	compiler2 	Crash in OopFlow::build_oop_map: incorrect comparison of 64bit pointers
5081701 	hotspot 	garbage_collector 	CMS: ATG crash with perm gen collection enabled
6415354 	hotspot 	garbage_collector 	CMS: assert(thisOop->is_oop_or_null(true),"expected an oop or NULL")
6722112 	hotspot 	garbage_collector 	CMS: Incorrect encoding of overflown object arrays during concurrent precleaning
6722113 	hotspot 	garbage_collector 	CMS: Incorrect overflow handling during precleaning of Reference lists
6739357 	hotspot 	garbage_collector 	CMS: Switch off CMSPrecleanRefLists1 until 6722113 can be fixed
6786503 	hotspot 	garbage_collector 	Overflow list performance can be improved
6787254 	hotspot 	garbage_collector 	Work queue capacity can be increased substantially on some platforms
6751861 	hotspot 	jvmti 	Memory leak occurs in JVMTI(jdk5.0u16)
6447157 	hotspot 	other 	Crashdump (hs_err_pid*.log) does not contain the crash time
6320309 	hotspot 	runtime_system 	symbol resolution -- wait() vs interrupt -- can result in IE being thrown from unexpected locations
6680485 	hotspot 	runtime_system 	Wrong error-handling with Solaris-specific interruptible I/O (Solaris)
6821003 	hotspot 	runtime_system 	Update hotspot windows os_win32 for windows 7
6277781 	idl 	serialization 	Serialization of Enums over IIOP is broke.
6614558 	idl 	serialization 	jmx interop JDK5 - JDK6 issue when calling getMBeanInfo
6529796 	java 	char_encodings 	Support JIS X 0213:2004 in existing JDK versions, especially for Windows Vista
6710199 	java 	char_encodings 	SJIS_0213 does not handle "unmappable" encoding operation correctly
4744405 	java 	classes_2d 	RFE: lookupPrintServices() to refresh the printers list dynamically
6358622 	java 	classes_2d 	hotspot crash when printing to non-available network printer
6428762 	java 	classes_2d 	RHEL5: Sazanami Mincho Font rendering quality is poor
6574633 	java 	classes_2d 	native printDialog crashes when changing printer
6633656 	java 	classes_2d 	Cross platform print dialog doesn't check for orientation being unsupported.
6524352 	java 	classes_awt 	support for high-resolution mouse wheel
6668385 	java 	classes_awt 	Java applet crashes IE 6 in AwtComponent::ImmAssociateContext()
6675956 	java 	classes_awt 	REGRESSION : Different behavior of Container.findComponentAt in jdk5
6707023 	java 	classes_awt 	Chinese Characters in JTextPane Cause Pane to Hang
6219755 	java 	classes_io 	PipedOutputStream.write() remains blocked after PipedInputStream was closed
6242664 	java 	classes_lang 	String.offsetByCodePoints doesn't work for Strings returned by String.substring
6819886 	java 	classes_lang 	System.getProperty("os.name") reports Vista on Windows 7
6651382 	java 	classes_management 	The Java JVM SNMP provider reports incorrect stats when asked for multiple OIDs
6598160 	java 	classes_net 	Windows IPv6 Socket implementation doesn't set the handle to not inherit
6648001 	java 	classes_net 	Cancelling HTTP authentication causes subsequent deadlocks
6693244 	java 	classes_net 	Java Web Start app fails on 6u10 beta w/ AssertionError in AuthenticationInfo.requestCompleted
5100121 	java 	classes_nio 	(se) select not immune to EINTR
6497734 	java 	classes_nio 	(dc) assert "JNI handle should not be null" under Java_sun_nio_ch_FileDispatcher_preClose0()
6552236 	java 	classes_security 	PolicyFile not synchronized during refresh
6699856 	java 	classes_swing 	Creating text in a JTextPane using Chinese text causes undesired behavior
6735259 	java 	classes_swing 	NPE at WindowsComboBoxUI$XPComboBoxButton.getState(WindowsComboBoxUI.java:408)
4823811 	java 	classes_text 	[Fmt-Da] SimpleDateFormat patterns don't allow embedding of some literal punctuation
6576792 	java 	classes_util_concurrent 	ThreadPoolExecutor methods leak interrupts when run in pool threads
6409997 	java 	classes_util_i18n 	Default locale/encoding detection for Windows Vista
6834474 	java 	classes_util_i18n 	(tz) Support tzdata2009g
6740278 	java 	dragndrop 	An image(256 colors) in clipboard should be displayed correctly
6404011 	java 	imageio 	IllegalArgumentException: "Invalid ICC Profile Data" when reading certain JPEGs
6687968 	java 	imageio 	PNGImageReader leaks native memory through an Inflater.
6541870 	java 	serialization 	NullPointerException in ObjectInputStream with Externalizables
6608975 	java 	serviceability 	HeapDumpPath option is ignored for dumps written by HeapDumpOnCtrlBreak functionality
6745217 	java 	serviceability 	jmap throws sun.jvm.hotspot.utilities.AssertionFailure: BitMap index out of bounds (1.5.0_15-b04)
6754987 	java 	serviceability 	Crash triggering Heapdump via -XX:+HeapDumpOnCtrlBreak AND -XX:+UseParallelOldGC
6803304 	java 	sunservicetags 	Service Tag support for JRE for solaris/linux/windows
6680432 	java_deployment 	security 	Display only Digital Signature key usage certificate in client authentication dialog box.
6567254 	java_plugin 	ns6 	Stack stomp in CSecureJNIEnv
6603064 	java_plugin 	other 	Legacy_lifecycle:Exception getting thrown on while making LiveConnect calls once applet is refreshed
6595618 	java_plugin 	plugin 	Intermittent problems with signed applet certificate verification
6618901 	java_plugin 	plugin 	6.0 JRE applet running on Vista limits heap to 64 MB
6696175 	javawebstart 	jnlp_file 	javaws not recognizing properties which contains % character
6809409 	jaxp 	sax 	jaxp Issue 56 SAXException doesn't do the exception chaining properly
6809019 	jaxp 	xslt 	Performance degradation for fix to: 6537909 in 1.5.0_14
6796140 	jets 	other 	Further ORB changes after 6725987
6176036 	jndi 	ldap 	Require a way to specify read timeout for LDAP operations

Changes in 1.5.0_18

The full internal version number for this update release is 1.5.0_18-b02 (where "b" means "build"). The external version number is 5.0u18.
Security Baseline

This update release specifies the following security baseline:
	JRE Family Version 	Security Baseline 1.4.2 	1.4.2_20

For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .

OlsonData 2009a

This release contains Olson time zone data version 2009a. For more information, refer to Timezone Data Versions in the JRE Software .

Java Naming and Directory Interface (JNDI) API Change

The behavior of the JNDI feature to store and retrieve Java objects in an LDAP directory has been slightly modified.

When storing a Java object in an LDAP directory, the location of the object's class file (its codebase) may be specified. Later, when restoring the original object, its codebase along with additional object data is retrieved from the directory and used by the class loader.

An object's codebase is no longer implicitly trusted. Instead, a new system property called com.sun.jndi.ldap.object.trustURLCodebase must explicitly be set to the string value true in order for a codebase to be used. Otherwise, the codebase will be ignored by the class loader when restoring a Java object, and only those class files that appear on the classpath will be recognized.

Java Management Extensions(JMX) Change
In a JMX access property file, the readwrite access no longer allows the remote createMBean and unregisterMBean operations. These must now be provided explicitly via new clauses.

The default jmxremote.access file of the JRE ($JRE_HOME/lib/management/jmxremote.access) shows what this looks like:

monitorRole  readonly
controlRole  readwrite \
            create javax.management.monitor.*,javax.management.timer.* \
            unregister

CORBA Memory Leak Fix - Special Note

This update release and revision 5.0u16-rev-b12 and subsequent updates and revisions contain a fix for 6725987. When using updates and revisions prior to these, an ORB may contain valid references (that is, a memory leak) even after calling its shutdown() and destroy() methods, and it may respond to some method calls.

With this fix, the ORB correctly cleans up and the Garbage Collector can free up the memory held by such references. Incorrect accesses to such references or methods are likely to result in a NullPointerException to the application.

Root Certificates Included

Root Certificates are included in this release. The following root certificates have been added:

    * VeriSign TSA Root Cert to the JDK (Refer to 6732157.)
    * Two additional T-systems root CA certs (Refer to 6803022.)
    * Two Unizeto root certs (Refer to 6803036.)

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 254569, 254570, 254571, 254608, and 254611.

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6676016 	hotspot 	garbage_collector 	ParallelOldGC leaks memory
6461933 	java 	classes_awt 	To adjust system boot time in nowMillisUTC() frequently
6637607 	java 	classes_awt 	1st char. is discarded after a modal dialogue shows up and disappears
6677578 	java 	classes_awt 	Print dialog doesn't come up when brower window is maximized
6571589 	java 	classes_lang 	(thread) Thread.getStackTrace() returns null
6446855 	java 	classes_net 	https connections failing when connecting through a proxy
6687282 	java 	classes_net 	URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
6720866 	java 	classes_net 	Slow performance using HttpURLConnection for upload
6732157 	java 	classes_security 	Add VeriSign TSA Root Cert to the JDK
6803022 	java 	classes_security 	Add T-systems root CA certs to the JRE
6803036 	java 	classes_security 	Add Unizeto root certs to the JRE
6639183 	java 	classes_util_concurrent 	Scheduling large negative delay hangs entire ScheduledExecutor
6725789 	java 	classes_util_concurrent 	ScheduledExecutorService does not work as expected in jdk7/6/5
6598520 	java 	classes_util_i18n 	(tz) Windows time zone mapping table needs to be updated for KB933360
6650748 	java 	classes_util_i18n 	(tz) Java runtime doesn't detect VET time zone correctly on Windows
6743394 	java 	classes_util_i18n 	(tz) tzmappings must be updated for Windows
6783139 	java 	classes_util_i18n 	(tz) Windows time zone mapping table needs to be updated for KB955839
6796489 	java 	classes_util_i18n 	(tz) Support tzdata2009a
6487638 	java 	classes_util_logging 	Calling LogManager.addLogger() and Logger.getLogger() cause deadlock
6719011 	java_plugin 	ocx 	Applet isn't started when it's outside of the visible area of a browser window
6643769 	java_plugin 	other 	Applet main windows steals focus on Popup windows which is running Applet.
6784894 	java_plugin 	other 	Regression: applets loaded from local disk can not access co-located resources
6591117 	jce 	pkcs11_csp 	Poor preformance of PKCS#11 security provider compared to Sun default provider
6725987 	jets 	other 	ORB.destroy() does not cleanup correctly and ORB object instances are not garbage collected.

Changes in 1.5.0_17

The full internal version number for this update release is 1.5.0_17-b04 (where "b" means "build"). The external version number is 5.0u17.
Security Baseline

This update release specifies the following security baseline:
	JRE Family Version 	Security Baseline 1.4.2 	1.4.2_19

For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .

OlsonData 2008i

This release contains Olson time zone data version 2008i. For more information, refer to Timezone Data Versions in the JRE Software .

Updated UTF-8 Charset Implementation

Due to security concerns, the UTF-8 charset implementation in the JRE has been updated to handle the non-shortest form of UTF-8 byte sequences, and this introduces an incompatibility from previous releases. For example, the byte sequence of 0xc0 0xaf for U+002f, which has the shortest form of 0x2f, is a malformed input to the decoding operation. More details regarding the Non-shortest form of UTF-8 can be found at:

    * UTF8-Shortest Form
    * UTF8 Specification

Root Certificates Included

Root Certificates are included in this release. The following root certificates have been added:

    * Camerfirma root certificates
    * T-systems root CA certificate (Deutsche Telekom Root CA 2)
    * SwissSign root certificates

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 244986, 244987, 244988, 244990, 244991, 244992, 245246, 246266, 246286, 246346, 246386, and 246387.

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6403625 	hotspot 	compiler2 	crash in compiled code when using profiler agent
6519515 	hotspot 	compiler2 	Loop-opts incorrectly removed a safepoint poll from a loop with an early exit
6606675 	hotspot 	compiler2 	Crash in CodeBuffer resize in 1.4.2_15
6676462 	hotspot 	compiler2 	JVM sometimes would suddenly consume significant amount of memory
6704367 	hotspot 	runtime_system 	Stack sizes error with 1.5.0_14
6372405 	idl 	orb 	Server thread hangs when fragments don't complete because of connection abort
5005426 	java 	char_encodings 	Buffered stream data is discarded by IllegalStateException in 1.4.2 and Tiger
6359722 	java 	classes_2d 	Uncatchable recursive NullPointerException at sun.font.TrueTypeFont.open()
6448405 	java 	classes_2d 	static HashMap cache in LineBreakMeasurer can grow wihout bounds
6525150 	java 	classes_2d 	Printer has "paper out" status and won't print due to a PrinterException
6638533 	java 	classes_2d 	Layout should not apply shaping to precomposed arabic presentation form glyphs.
6532373 	java 	classes_awt 	xcb_xlib.c:50: xcb_xlib_unlock: Assertion 'c->xlib.lock' failed.
6678061 	java 	classes_awt 	undefined keycodes for certain keyboard layouts
6689088 	java 	classes_awt 	Focus traversal doesn't work in the reverse order / related to the SR 70175950 / CR 6684528
6446990 	java 	classes_net 	HttpURLConnection#available() reads more and more data into memory
6448457 	java 	classes_nio 	(ch) Channels.newOutputStream().write() does not write all data
6728890 	java 	classes_security 	Add SwissSign root certificates to the JDK
6754779 	java 	classes_security 	Add Camerfirma root certificates to the JDK
6768559 	java 	classes_security 	Add t-systems root CA certificate (Deutsche Telekom Root CA 2) to the JRE
6438246 	java 	classes_swing 	File name field is mislabeled when JFileChooser is used in DIRECTORIES_ONLY mode
6581899 	java 	classes_swing 	JTextField & JTextArea - Poor performance with JRE 1.5.0_08
6648714 	java 	classes_swing 	JScrollPane repaints incorrectly on larger monitor of dual monitor system (5.0)
6466476 	java 	classes_util_i18n 	(tz) Introduction of tzdata2005r can introduce incompatility issues with some JDK1.1 3-letter TZ Ids
6764308 	java 	classes_util_i18n 	(tz) Support tzdata2008i
6623981 	java 	compiler 	javac StackOverFlowError in 1.4.1/1.4.2
6709709 	java 	javadoctool 	javadoc does not get compilation errors after type erasure
6536107 	java_plugin 	iexplorer 	GDI leak detected by opening the Print Dialog repeatedly
6746185 	javawebstart 	other 	Malformed URL Exception: JWS regression introduced in 1.5.0_16
6578538 	jce 	classes_crypto 	com.sun.crypto.provider.SunJCE instance leak using KRB5 and LoginContext
6697180 	jmx 	classes 	JMX query results in java.io.IOException: Illegal state - also a deadlock can also be seen
6618387 	jsse 	runtime 	SSL client sessions do not close cleanly. A TCP reset occurs instead of a close_notify alert.
6668231 	jsse 	runtime 	Presence of a critical subjectAltName causes JSSE's SunX509 to fail trusted checks


To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/lang/sun-jre15/Makefile
cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/sun-jre15/Makefile.common
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/sun-jre15/PLIST.linux-i386
cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/sun-jre15/PLIST.linux-x86_64
cvs rdiff -u -r1.20 -r1.21 pkgsrc/lang/sun-jre15/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.