ref #2849

patch cherry-picked from debian
also delete the obsolete old CVE patch (6.6 has the fix builtin)

contains bug fix that makes wireshark work (again)

needed by v8, openjdk7, and probably all VMs

ref #2821

the kuser_helpers are disabled by default on grsec. we target
arm6+ so make arm atomics be inline assembly always.

Linux filesystem events monitoring
http://pypi.python.org/pypi/pyinotify

A logging replacement for Python
https://pypi.python.org/pypi/Logbook

S8023046: Enhance splashscreen support
S8025005: Enhance CORBA initializations
S8025010, CVE-2014-2412: Enhance AWT contexts
S8025030, CVE-2014-2414: Enhance stream handling
S8025152, CVE-2014-0458: Enhance activation set up
S8026067: Enhance signed jar verification
S8026163, CVE-2014-2427: Enhance media provisioning
S8026188, CVE-2014-2423: Enhance envelope factory
S8026200: Enhance RowSet Factory
S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling
S8026736, CVE-2014-2398: Enhance Javadoc pages
S8026797, CVE-2014-0451: Enhance data transfers
S8026801, CVE-2014-0452: Enhance endpoint addressing
S8027766, CVE-2014-0453: Enhance RSA processing
S8027775: Enhance ICU code.
S8027841, CVE-2014-0429: Enhance pixel manipulations
S8028385: Enhance RowSet Factory
S8029282, CVE-2014-2403: Enhance CharInfo set up
S8029286: Enhance subject delegation
S8029699: Update Poller demo
S8029730: Improve audio device additions
S8029735: Enhance service mgmt natives
S8029740, CVE-2014-0446: Enhance handling of loggers
S8029745, CVE-2014-0454: Enhance algorithm checking
S8029750: Enhance LCMS color processing (in-tree LCMS)
S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg)
S8029844, CVE-2014-0455: Enhance argument validation
S8029854, CVE-2014-2421: Enhance JPEG decodings
S8029858, CVE-2014-0456: Enhance array copies
S8030731, CVE-2014-0460: Improve name service robustness
S8031330: Refactor ObjectFactory
S8031335, CVE-2014-0459: Better color profiling (in-tree LCMS)
S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng)
S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader
S8031395: Enhance LDAP processing
S8032686, CVE-2014-2413: Issues with method invoke
S8033618, CVE-2014-1876: Correct logging output
S8034926, CVE-2014-2397: Attribute classes properly
S8036794, CVE-2014-0461: Manage JavaScript instances

A myriad of regular bug fixes. And ARM JIT is now enabled by default.

ref #2522

ref #2522

ref #2485

groff is now needed to build built-in manual. ref #2816

ref #2782

remove upstreamed patch. ref #2796

ref #2840

ref #2839

And fix musl build by disabling backtrace support