java-1_7_0-openjdk: security fix for remote exploit (critical)

Java-1_7_0-openjdk was updated to fix a remote exploit
(CVE-2012-4681).

Also bugfixes were done:

• fix build on ARM and i586

• remove files that are no longer used

• zero build can be enabled using rpmbuild (osc build)
  –with zero

• add hotspot 2.1 needed for zero

• fix filelist on %{ix86}

• Security fixes

• S7162476, CVE-2012-1682: XMLDecoder security issue via
  ClassFinder
• S7194567, CVE-2012-3136: Improve long term persistence
  of java.beans objects
• S7163201, CVE-2012-0547: Simplify toolkit internals
  references
• RH852051, CVE-2012-4681, S7162473: Reintroduce
  PackageAccessible checks removed in 6788531.

• OpenJDK

• Fix Zero FTBFS issues with 2.3
• S7180036: Build failure in Mac platform caused by fix #
  7163201
• S7182135: Impossible to use some editors directly
• S7183701: [TEST]
  closed/java/beans/security/TestClassFinder.java –
  compilation failed
• S7185678:
  java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java
  failed with NPE

• Bug fixes

• PR1149: Zero-specific patch files not being packaged

• use icedtea tarball for build again, this led into
  following dropped files because the are already in the
  tarball and simplified %prep and %build

• drop class-rewriter.tar.gz

• drop systemtap-tapset.tar.gz

• drop desktop-files.tar.gz

• drop nss.cfg

• drop pulseaudio.tar.gz

• drop remove-intree-libraries.sh

• add archives from icedtea7-forest-2.3 for openjdk,
  corba, jaxp, jaxws, jdk, langtools and hotspot

• drop rhino.patch, pulse-soundproperties and systemtap
  patch

• move gnome bridge patches before make as it’s irritating
  to have the patch fail after openjdk is built

• use explicit file attributes in %files sections to
  prevent the file permissions problems in a future (like
  bnc#770040)

• changed version scheme, so it now matches Oracle Java
  1.7.0.6 == Java7 u 6

• update to icedtea-2.3.1 / OpenJDK7 u6 (bnc#777499)

• Security fixes

• RH852051, CVE-2012-4681: Reintroduce PackageAccessible
  checks removed in 6788531.

• Bug fixes

• PR902: PulseAudioClip getMicrosecondsLength() returns
  length in milliseconds, not microseconds
• PR986: IcedTea7 fails to build with IcedTea6 CACAO due
  to low max heapsize
• PR1050: Stream objects not garbage collected
• PR1119: Only add classes to rt-source-files.txt if the
  class (or one or more of its methods/fields) are
  actually missing from the boot JDK
• PR1137: Allow JARs to be optionally compressed by
  setting COMPRESS_JARS

• OpenJDK

• Make dynamic support for GConf work again.
• PR1095: Add configure option for -Werror
• PR1101: Undefined symbols on GNU/Linux SPARC
• PR1140: Unnecessary diz files should not be installed
• S7192804, PR1138: Build should not install jvisualvm
  man page for OpenJDK

• JamVM

• ARMv6 armhf: Changes for Raspbian (Raspberry Pi)
• PPC: Don’t use lwsync if it isn’t supported
• X86: Generate machine-dependent stubs for i386
• When suspending, ignore detached threads that have
  died, this prevents a user caused deadlock when an
  external thread has been attached to the VM via JNI and
  it has exited without detaching
• Add missing REF_TO_OBJs for references passed from JNI,
  this enable JamVM to run Qt-Jambi
• there are number of fixes in 2.3, see NEWS