summary refs log tree commit diff
diff options
context:
space:
mode:
authorRobert Hensing <robert@roberthensing.nl>2021-03-19 16:36:28 +0100
committerRobert Hensing <robert@roberthensing.nl>2021-03-19 16:37:16 +0100
commit641aa9e27db6ac58c5693324d3f2693c8b3f83ce (patch)
treee35c4293a08f6663c3127965f37d8cc7890a6f96
parent7ea4ee71c993a615446b7e7a289337d819c93d77 (diff)
downloadnixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar.gz
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar.bz2
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar.lz
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar.xz
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.tar.zst
nixpkgs-641aa9e27db6ac58c5693324d3f2693c8b3f83ce.zip
adoptopenjdk-{13,14}: mark insecure
Diffstat
-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix3


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix3


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk11-linux.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk13-darwin.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk13-linux.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk14-darwin.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk14-linux.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk15-darwin.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk15-linux.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk8-darwin.nix8


-rw-r--r--pkgs/development/compilers/adoptopenjdk-bin/jdk8-linux.nix8


12 files changed, 44 insertions, 42 deletions
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix
index 31a7346108e..0bcfcafaae1 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix
@@ -1,4 +1,4 @@
-sourcePerArch:
+{ sourcePerArch, knownVulnerabilities ? [] }:
 
 { swingSupport ? true # not used for now
 , lib, stdenv
@@ -48,6 +48,7 @@ let cpuName = stdenv.hostPlatform.parsed.cpu.name;
     description = "AdoptOpenJDK, prebuilt OpenJDK binary";
     platforms = [ "x86_64-darwin" ]; # some inherit jre.meta.platforms
     maintainers = with lib.maintainers; [ taku0 ];
+    inherit knownVulnerabilities;
   };
 
 }; in result
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix
index ed8935b0042..95e72facaee 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix
@@ -1,4 +1,4 @@
-sourcePerArch:
+{ sourcePerArch, knownVulnerabilities ? [] }:
 
 { stdenv
 , lib
@@ -107,6 +107,7 @@ let result = stdenv.mkDerivation rec {
     description = "AdoptOpenJDK, prebuilt OpenJDK binary";
     platforms = lib.mapAttrsToList (arch: _: arch + "-linux") sourcePerArch; # some inherit jre.meta.platforms
     maintainers = with lib.maintainers; [ taku0 ];
+    inherit knownVulnerabilities;
   };
 
 }; in result
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix
index d1db77215d1..7fec8fd3ff6 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-darwin-base.nix sources.openjdk11.mac.jdk.hotspot;
-  jre-hotspot = import ./jdk-darwin-base.nix sources.openjdk11.mac.jre.hotspot;
-  jdk-openj9 = import ./jdk-darwin-base.nix sources.openjdk11.mac.jdk.openj9;
-  jre-openj9 = import ./jdk-darwin-base.nix sources.openjdk11.mac.jre.openj9;
+  jdk-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk11.mac.jdk.hotspot; };
+  jre-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk11.mac.jre.hotspot; };
+  jdk-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk11.mac.jdk.openj9; };
+  jre-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk11.mac.jre.openj9; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk11-linux.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk11-linux.nix
index 755ffaab271..e802e2eea52 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk11-linux.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk11-linux.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-linux-base.nix sources.openjdk11.linux.jdk.hotspot;
-  jre-hotspot = import ./jdk-linux-base.nix sources.openjdk11.linux.jre.hotspot;
-  jdk-openj9 = import ./jdk-linux-base.nix sources.openjdk11.linux.jdk.openj9;
-  jre-openj9 = import ./jdk-linux-base.nix sources.openjdk11.linux.jre.openj9;
+  jdk-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk11.linux.jdk.hotspot; };
+  jre-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk11.linux.jre.hotspot; };
+  jdk-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk11.linux.jdk.openj9; };
+  jre-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk11.linux.jre.openj9; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk13-darwin.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk13-darwin.nix
index 48806143c87..2654c4f9e72 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk13-darwin.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk13-darwin.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-darwin-base.nix sources.openjdk13.mac.jdk.hotspot;
-  jre-hotspot = import ./jdk-darwin-base.nix sources.openjdk13.mac.jre.hotspot;
-  jdk-openj9 = import ./jdk-darwin-base.nix sources.openjdk13.mac.jdk.openj9;
-  jre-openj9 = import ./jdk-darwin-base.nix sources.openjdk13.mac.jre.openj9;
+  jdk-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk13.mac.jdk.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jre-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk13.mac.jre.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jdk-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk13.mac.jdk.openj9; knownVulnerabilities = ["Support ended"]; };
+  jre-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk13.mac.jre.openj9; knownVulnerabilities = ["Support ended"]; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk13-linux.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk13-linux.nix
index 1bd7bb88448..c33d6afad10 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk13-linux.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk13-linux.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-linux-base.nix sources.openjdk13.linux.jdk.hotspot;
-  jre-hotspot = import ./jdk-linux-base.nix sources.openjdk13.linux.jre.hotspot;
-  jdk-openj9 = import ./jdk-linux-base.nix sources.openjdk13.linux.jdk.openj9;
-  jre-openj9 = import ./jdk-linux-base.nix sources.openjdk13.linux.jre.openj9;
+  jdk-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk13.linux.jdk.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jre-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk13.linux.jre.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jdk-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk13.linux.jdk.openj9; knownVulnerabilities = ["Support ended"]; };
+  jre-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk13.linux.jre.openj9; knownVulnerabilities = ["Support ended"]; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk14-darwin.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk14-darwin.nix
index e440903ad52..6941a6dd0dd 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk14-darwin.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk14-darwin.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-darwin-base.nix sources.openjdk14.mac.jdk.hotspot;
-  jre-hotspot = import ./jdk-darwin-base.nix sources.openjdk14.mac.jre.hotspot;
-  jdk-openj9 = import ./jdk-darwin-base.nix sources.openjdk14.mac.jdk.openj9;
-  jre-openj9 = import ./jdk-darwin-base.nix sources.openjdk14.mac.jre.openj9;
+  jdk-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk14.mac.jdk.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jre-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk14.mac.jre.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jdk-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk14.mac.jdk.openj9; knownVulnerabilities = ["Support ended"]; };
+  jre-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk14.mac.jre.openj9; knownVulnerabilities = ["Support ended"]; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk14-linux.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk14-linux.nix
index 90ae65ba970..756b419434d 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk14-linux.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk14-linux.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-linux-base.nix sources.openjdk14.linux.jdk.hotspot;
-  jre-hotspot = import ./jdk-linux-base.nix sources.openjdk14.linux.jre.hotspot;
-  jdk-openj9 = import ./jdk-linux-base.nix sources.openjdk14.linux.jdk.openj9;
-  jre-openj9 = import ./jdk-linux-base.nix sources.openjdk14.linux.jre.openj9;
+  jdk-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk14.linux.jdk.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jre-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk14.linux.jre.hotspot; knownVulnerabilities = ["Support ended"]; };
+  jdk-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk14.linux.jdk.openj9; knownVulnerabilities = ["Support ended"]; };
+  jre-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk14.linux.jre.openj9; knownVulnerabilities = ["Support ended"]; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk15-darwin.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk15-darwin.nix
index b9b67f271ac..d627fd9311f 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk15-darwin.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk15-darwin.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-darwin-base.nix sources.openjdk15.mac.jdk.hotspot;
-  jre-hotspot = import ./jdk-darwin-base.nix sources.openjdk15.mac.jre.hotspot;
-  jdk-openj9 = import ./jdk-darwin-base.nix sources.openjdk15.mac.jdk.openj9;
-  jre-openj9 = import ./jdk-darwin-base.nix sources.openjdk15.mac.jre.openj9;
+  jdk-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk15.mac.jdk.hotspot; };
+  jre-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk15.mac.jre.hotspot; };
+  jdk-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk15.mac.jdk.openj9; };
+  jre-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk15.mac.jre.openj9; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk15-linux.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk15-linux.nix
index d48f9312dd6..6663d9778bc 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk15-linux.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk15-linux.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-linux-base.nix sources.openjdk15.linux.jdk.hotspot;
-  jre-hotspot = import ./jdk-linux-base.nix sources.openjdk15.linux.jre.hotspot;
-  jdk-openj9 = import ./jdk-linux-base.nix sources.openjdk15.linux.jdk.openj9;
-  jre-openj9 = import ./jdk-linux-base.nix sources.openjdk15.linux.jre.openj9;
+  jdk-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk15.linux.jdk.hotspot; };
+  jre-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk15.linux.jre.hotspot; };
+  jdk-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk15.linux.jdk.openj9; };
+  jre-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk15.linux.jre.openj9; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk8-darwin.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk8-darwin.nix
index a170e0141cf..5e2d42276ce 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk8-darwin.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk8-darwin.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-darwin-base.nix sources.openjdk8.mac.jdk.hotspot;
-  jre-hotspot = import ./jdk-darwin-base.nix sources.openjdk8.mac.jre.hotspot;
-  jdk-openj9 = import ./jdk-darwin-base.nix sources.openjdk8.mac.jdk.openj9;
-  jre-openj9 = import ./jdk-darwin-base.nix sources.openjdk8.mac.jre.openj9;
+  jdk-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk8.mac.jdk.hotspot; };
+  jre-hotspot = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk8.mac.jre.hotspot; };
+  jdk-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk8.mac.jdk.openj9; };
+  jre-openj9 = import ./jdk-darwin-base.nix { sourcePerArch = sources.openjdk8.mac.jre.openj9; };
 }
diff --git a/pkgs/development/compilers/adoptopenjdk-bin/jdk8-linux.nix b/pkgs/development/compilers/adoptopenjdk-bin/jdk8-linux.nix
index 4937eace490..c2a4085f730 100644
--- a/pkgs/development/compilers/adoptopenjdk-bin/jdk8-linux.nix
+++ b/pkgs/development/compilers/adoptopenjdk-bin/jdk8-linux.nix
@@ -2,8 +2,8 @@ let
   sources = builtins.fromJSON (builtins.readFile ./sources.json);
 in
 {
-  jdk-hotspot = import ./jdk-linux-base.nix sources.openjdk8.linux.jdk.hotspot;
-  jre-hotspot = import ./jdk-linux-base.nix sources.openjdk8.linux.jre.hotspot;
-  jdk-openj9 = import ./jdk-linux-base.nix sources.openjdk8.linux.jdk.openj9;
-  jre-openj9 = import ./jdk-linux-base.nix sources.openjdk8.linux.jre.openj9;
+  jdk-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk8.linux.jdk.hotspot; };
+  jre-hotspot = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk8.linux.jre.hotspot; };
+  jdk-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk8.linux.jdk.openj9; };
+  jre-openj9 = import ./jdk-linux-base.nix { sourcePerArch = sources.openjdk8.linux.jre.openj9; };
 }

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 05:00:20 +0000