Backporting 6675802 and 6691503 to OpenJDK6
omajid at redhat.com
Tue Sep 7 08:24:31 PDT 2010
On 09/07/2010 10:48 AM, Dr Andrew John Hughes wrote:
> On 10:10 Tue 07 Sep , Omair Majid wrote:
>> On 08/27/2010 02:46 PM, Joe Darcy wrote:
>>> Omair Majid wrote:
>>>> I would like permission to backport the following two changesets from
>>>> OpenJDK7 to OpenJDK6:
>>>> changeset: 190:dd66920b2d51
>>>> user: mlapshin
>>>> date: Fri Apr 18 18:21:02 2008 +0400
>>>> summary: 6675802: Regression: heavyweight popups cause
>>>> SecurityExceptions in applets
>>>> changeset: 191:40414219305f
>>>> user: mlapshin
>>>> date: Wed Apr 23 18:06:34 2008 +0400
>>>> summary: 6691503: Malicious applet can show always-on-top popup menu
>>>> which has whole screen size
>>>> Together, the changesets allow heavyweight popups to display when
>>>> using applets.
>>> Approved to be backported if the merges are clean and if the new files
>>> include the rebranded Oracle copyrights.
>> Sorry about the delay, but I was a bit busy with other stuff. The
>> changes to src/share/classes/javax/swing/Popup.java are clean but the
>> new test files will need to be modified to include the updated copyright
>> headers. Is it still OK to backport with the additional modifications?
>> Also, given that mlapshin is responsible for the actual code changes,
>> what is the best way to credit him for this patch?
> The updated headers should already be in the current OpenJDK7 version of the files
> so you can just copy it over, once imported into OpenJDK6.
> For accreditation, I keep the same user as the original commit. This happens automatically
> in unchanged cases where you can do hg export x | hg import -, but in cases like this
> (and these copyright changes will now produce a lot of them, sigh) you can use --user for the
Thanks. I have pushed the changesets as follows:
Date: 2008-04-18 18:21 +0400
6675802: Regression: heavyweight popups cause SecurityExceptions in applets
Summary: The problem code in Popup class is surrounded by
Date: 2008-04-23 18:06 +0400
6691503: Malicious applet can show always-on-top popup menu which has
whole screen size
Summary: The fix for 6675802 is replaced by a try-catch clause that
catches SequrityExceptions for applets.
More information about the jdk6-dev