Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dev-java/jython: Remove vulnerable versions. Fixes security bug 552452. #813

Merged
merged 7 commits into from Feb 9, 2016
Merged

dev-java/jython: Remove vulnerable versions. Fixes security bug 552452. #813

merged 7 commits into from Feb 9, 2016

Conversation

monsieurp
Copy link
Member

Just to have the CI checks run and make sure I'm not breaking the tree. ;)

@monsieurp
dev-java/bsf: Housekeeping.
47e7289 
Package-Manager: portage-2.2.26
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
@monsieurp
dev-java/bsf: Clean up old.
9144c6e 
Package-Manager: portage-2.2.26
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
@monsieurp
dev-java/jython: Remove vulnerable versions. Fixes security bug 552452.
0096ee2 
Package-Manager: portage-2.2.26
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
@monsieurp monsieurp self-assigned this Feb 7, 2016
@monsieurp monsieurp added bugfix assigned PR successfully assigned to the package maintainer(s). labels Feb 7, 2016
@gentoo-repo-qa-bot
Copy link
Collaborator

😞 The QA check for this pull request has found the following issues:

New issues:
https://qa-reports.gentoo.org/output/gentoo-ci/9b7a20c/output.html#dev-java/ant-apache-bsf
https://qa-reports.gentoo.org/output/gentoo-ci/9b7a20c/output.html#dev-java/batik
https://qa-reports.gentoo.org/output/gentoo-ci/9b7a20c/output.html#dev-java/bsh

@monsieurp
dev-java/batik: jython SLOT bump wrt bug 552452.
123c9cd 
Package-Manager: portage-2.2.26
RepoMan-Options: --force
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
@monsieurp
profiles: mask python USE flag on ppc64 for dev-java/{batik,bsf}.
54ba209
@gentoo-repo-qa-bot
Copy link
Collaborator

😞 The QA check for this pull request has found the following issues:

New issues:
https://qa-reports.gentoo.org/output/gentoo-ci/1ea9f8d/output.html#dev-java/ant-apache-bsf
https://qa-reports.gentoo.org/output/gentoo-ci/1ea9f8d/output.html#dev-java/bsh

@monsieurp
dev-java/bsf: Add ppc64 KEYWORD back.
21fc481 
Package-Manager: portage-2.2.26
RepoMan-Options: --force
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
@monsieurp
profiles: mask python USE flag on ppc64 for dev-java/ant-apache-bsf.
6f65d65
@monsieurp
Copy link
Member Author

Looks good. I'm going to merge it.

@gentoo-bot gentoo-bot merged commit 6f65d65 into gentoo:master Feb 9, 2016
gentoo-bot pushed a commit that referenced this pull request Feb 9, 2016
@monsieurp
Merge remote-tracking branch 'github/pr/813'.
a3539bf 
Gentoo-Bug: 552452
Pull-Request: #813
@monsieurp monsieurp deleted the dev-java/jython branch February 12, 2016 09:07
@ohhmm
Copy link

ohhmm commented Apr 7, 2016

does jython-2.7 depend on icedtea-bin:7?

@monsieurp
Copy link
Member Author

I don't think so. @chewi can you confirm?

@chewi
Copy link
Member

chewi commented Apr 7, 2016

Huh? It needs at least JDK 7 and that could be satisfied by icedtea-bin:7 as well as any of the other JDKs we currently support. Where did that question even come from?

@ohhmm
Copy link

ohhmm commented Apr 8, 2016

I had no jdk:7, but I had jdk8:7. Once I installed ant or freemind, it pulled jython:2.7 that pulled jdk:7 and guess what was installed. icedtea-bin:7, just like mentioned in jdk RDEPEND first item. Anyone mind if I swap it with icedtea:7? #1221

@chewi
Copy link
Member

chewi commented Apr 8, 2016

What is jdk8:7? Assuming you meant virtual/jdk:1.8, I'm not sure why it pulled in 7 as very few things require that explicitly but preferring -bin is intentional as I explained in your pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@monsieurp monsieurp

Labels
assigned PR successfully assigned to the package maintainer(s).
Projects
None yet
Milestone
No milestone
5 participants
@monsieurp @gentoo-repo-qa-bot @ohhmm @chewi @gentoo-bot