From cb648d087df30a1268ee3457660392177f8ec5ca Mon Sep 17 00:00:00 2001 From: mgb01105731 Date: Mon, 3 Apr 2023 18:16:51 +0800 Subject: [PATCH] Del Specific Fields --- java-11-alibaba-dragonwell.spec | 45 +++++++++++++-------------------- 1 file changed, 18 insertions(+), 27 deletions(-) diff --git a/java-11-alibaba-dragonwell.spec b/java-11-alibaba-dragonwell.spec index 5653ac4..4fee6f6 100644 --- a/java-11-alibaba-dragonwell.spec +++ b/java-11-alibaba-dragonwell.spec @@ -1,4 +1,4 @@ -%define anolis_release 3 +%define anolis_release 4 %bcond_without fastdebug %bcond_without slowdebug @@ -192,51 +192,39 @@ Patch1: rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch Patch2: rh1648644-java_access_bridge_privileged_security.patch # NSS via SunPKCS11 Provider (disabled due to memory leak). Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch -# RH1750419: enable build of speculative store bypass hardened alt-java (CVE-2018-3639) +# enable build of speculative store bypass hardened alt-java (CVE-2018-3639) Patch600: rh1750419-redhat_alt_java.patch -# RH1582504: Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY +# Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY Patch1003: rh1842572-rsa_default_for_keytool.patch # FIPS support patches -# RH1655466: Support RHEL FIPS mode using SunPKCS11 provider +# Support RHEL FIPS mode using SunPKCS11 provider Patch1001: rh1655466-global_crypto_and_fips.patch -# RH1818909: No ciphersuites availale for SSLSocket in FIPS mode +# No ciphersuites availale for SSLSocket in FIPS mode Patch1002: rh1818909-fips_default_keystore_type.patch -# RH1860986: Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available -# Origin file: https://src.fedoraproject.org/rpms/java-17-openjdk/blob/rawhide/f/rh1860986-disable_tlsv1.3_in_fips_mode.patch -# The openjdk/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java file patch is regenerated, because the wisp code is added -# The openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java, because a new line of import module has been added -# The patch of src/java.base/share/classes/java/security/SystemConfigurator.java in 144-147 has been deleted, because they are the same as the original +# Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available Patch1004: rh1860986-disable_tlsv1.3_in_fips_mode.patch # Regenerated patch of rh1860986-disable_tlsv1.3_in_fips_mode.patch Patch1005: dragonwell-rh1860986-disable_tlsv1.3_in_fips_mode.patch -# RH1915071: Always initialise JavaSecuritySystemConfiguratorAccess -# Origin file: https://src.fedoraproject.org/rpms/java-17-openjdk/blob/rawhide/f/rh1915071-always_initialise_configurator_access.patch -# Remove patch in 193-203 of openjdk/src/java.base/share/classes/java/security/Security.java, because they are the same as the original +# Always initialise JavaSecuritySystemConfiguratorAccess Patch1007: rh1915071-always_initialise_configurator_access.patch -# RH1929465: Improve system FIPS detection +# Improve system FIPS detection Patch1008: rh1929465-improve_system_FIPS_detection.patch -# RH1996182: Login to the NSS software token in FIPS mode -# Origin file: https://src.fedoraproject.org/rpms/java-17-openjdk/blob/rawhide/f/rh1996182-login_to_nss_software_token.patch -# Remove patch in 41 of openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java, because they are the same as the original +# Login to the NSS software token in FIPS mode Patch1009: rh1996182-login_to_nss_software_token.patch -# RH1991003: Allow plain key import unless com.redhat.fips.plainKeySupport is set to false -# Origin file: https://src.fedoraproject.org/rpms/java-17-openjdk/blob/rawhide/f/rh1991003-enable_fips_keys_import.patch # The openjdk/src/java.base/share/classes/java/security/SystemConfigurator.java patch is regenerated Patch1011: rh1991003-enable_fips_keys_import.patch -# RH2021263: Resolve outstanding FIPS issues -# Origin file: https://src.fedoraproject.org/rpms/java-17-openjdk/blob/rawhide/f/rh2021263-fips_ensure_security_initialised.patch -# Remove patch in 368-369 of openjdk/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java +# Resolve outstanding FIPS issues Patch1014: rh2021263-fips_ensure_security_initialised.patch Patch1015: rh2021263-fips_missing_native_returns.patch Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch -# PR3694, RH1340845: Add security.useSystemPropertiesFile option to java.security to use system crypto policy +# Add security.useSystemPropertiesFile option to java.security to use system crypto policy Patch4: pr3694-rh1340845-support_fedora_rhel_system_crypto_policy.patch -# PR3695: Allow use of system crypto policy to be disabled by the user +# Allow use of system crypto policy to be disabled by the user Patch7: pr3695-toggle_system_crypto_policy.patch -# JDK-8275535, RH2053256: Retrying a failed authentication on multiple LDAP servers can lead to users blocked +# Retrying a failed authentication on multiple LDAP servers can lead to users blocked Patch8: jdk8275535-rh2053256-ldap_auth.patch BuildRequires: make vim @@ -271,7 +259,7 @@ BuildRequires: xorg-x11-proto-devel BuildRequires: zip BuildRequires: unzip BuildRequires: javapackages-filesystem -BuildRequires: java-%{major_ver}-openjdk-devel = 1:11.0.14.1.1 +BuildRequires: java-%{major_ver}-openjdk-devel # Zero-assembler build requirement BuildRequires: libffi-devel BuildRequires: tzdata-java >= 2015d @@ -1214,7 +1202,7 @@ alternatives --install %{_javadocdir}/java $key %{_javadocdir}/%{uniquejavadocdi %{set_if_needed_alternatives $key %{family_noarch}} %postun javadoc -post_state=$1 # from postun, https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax +post_state=$1 %{save_and_remove_alternatives javadocdir %{_javadocdir}/%{uniquejavadocdir}/api $post_state %{family_noarch}} %posttrans javadoc-zip @@ -2249,6 +2237,9 @@ alternatives --install %{_jvmdir}/java-%{major_ver}-%{origin} $key %{_jvmdir}/%{ %endif %changelog +* Mon Apr 03 2023 mgb01105731 - 3:11.0.17.13.8-4 +- Del Specific Fields + * Wed Feb 22 2023 happy_orange - 3:11.0.17.13.8-3 - unset the java-11-alibaba-dragonwell is a system java -- Gitee