--- old/buildSrc/linux.gradle	2019-01-15 06:21:36.402012466 -0800
+++ new/buildSrc/linux.gradle	2019-01-15 06:21:36.302012464 -0800
@@ -43,6 +43,7 @@
 // A set of common parameters to use for both compiling and linking
 def commonFlags = [
         "-fno-strict-aliasing", "-fPIC", "-fno-omit-frame-pointer", // optimization flags
+        "-fstack-protector",
         "-Wextra", "-Wall", "-Wformat-security", "-Wno-unused", "-Wno-parentheses", "-Werror=implicit-function-declaration"] // warning flags
 
 if (!IS_64) {
@@ -57,6 +58,7 @@
 def ccFlagsGTK3 = ccFlags
 //ccFlags.addAll(["-Wnon-virtual-dtor", "-Woverloaded-virtual", "-std=c++0x"])
 def linkFlags = ["-static-libgcc", "-static-libstdc++", "-shared", commonFlags,
+                 "-z", "relro",
                  "-Wl,--gc-sections"].flatten()
 
 if (IS_DEBUG_NATIVE) {
--- old/modules/javafx.graphics/src/main/native-iio/libjpeg/jmemmgr.c	2019-01-15 06:21:36.726012476 -0800
+++ new/modules/javafx.graphics/src/main/native-iio/libjpeg/jmemmgr.c	2019-01-15 06:21:36.622012473 -0800
@@ -403,6 +403,10 @@
   JDIMENSION rowsperchunk, currow, i;
   long ltemp;
 
+  if (samplesperrow == 0) {
+    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
+  }
+
   /* Calculate max # of rows allowed in one allocation chunk */
   ltemp = (MAX_ALLOC_CHUNK-SIZEOF(large_pool_hdr)) /
       ((long) samplesperrow * SIZEOF(JSAMPLE));
@@ -451,6 +455,10 @@
   JDIMENSION rowsperchunk, currow, i;
   long ltemp;
 
+  if (blocksperrow == 0) {
+    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
+  }
+
   /* Calculate max # of rows allowed in one allocation chunk */
   ltemp = (MAX_ALLOC_CHUNK-SIZEOF(large_pool_hdr)) /
       ((long) blocksperrow * SIZEOF(JBLOCK));
--- old/modules/javafx.media/src/main/native/gstreamer/projects/linux/avplugin/Makefile	2019-01-15 06:21:37.098012486 -0800
+++ new/modules/javafx.media/src/main/native/gstreamer/projects/linux/avplugin/Makefile	2019-01-15 06:21:37.022012484 -0800
@@ -21,6 +21,7 @@
          -Wformat                \
          -Wextra                 \
          -Wformat-security       \
+         -fstack-protector       \
          -Werror=implicit-function-declaration \
          -msse2                  \
          -fbuiltin               \
@@ -48,6 +49,7 @@
 LDFLAGS = -L$(BUILD_DIR)    \
           -lgstreamer-lite  \
            $(PACKAGES_LIBS) \
+          -z relro          \
           -static-libgcc -static-libstdc++ -Wl,--gc-sections
 
 ifneq ($(strip $(LIBAV_DIR)),)
--- old/modules/javafx.media/src/main/native/gstreamer/projects/linux/fxplugins/Makefile	2019-01-15 06:21:37.434012495 -0800
+++ new/modules/javafx.media/src/main/native/gstreamer/projects/linux/fxplugins/Makefile	2019-01-15 06:21:37.330012492 -0800
@@ -18,6 +18,7 @@
          -Wformat                \
          -Wextra                 \
          -Wformat-security       \
+         -fstack-protector       \
          -Werror=implicit-function-declaration \
          -msse2                  \
          -fbuiltin               \
@@ -47,6 +48,7 @@
 PACKAGES_LIBS := $(shell pkg-config --libs glib-2.0 gobject-2.0)
 
 LDFLAGS = -L$(BUILD_DIR) -lgstreamer-lite $(PACKAGES_LIBS) \
+          -z relro \
           -static-libgcc -static-libstdc++ -Wl,--gc-sections
 
 ifeq ($(ARCH), x32)
--- old/modules/javafx.media/src/main/native/gstreamer/projects/linux/gstreamer-lite/Makefile	2019-01-15 06:21:37.738012504 -0800
+++ new/modules/javafx.media/src/main/native/gstreamer/projects/linux/gstreamer-lite/Makefile	2019-01-15 06:21:37.638012501 -0800
@@ -41,6 +41,7 @@
         -Wformat                \
         -Wextra                 \
         -Wformat-security       \
+        -fstack-protector       \
         -Werror=implicit-function-declaration \
         -D_GNU_SOURCE           \
         -DGST_REMOVE_DEPRECATED \
@@ -75,6 +76,7 @@
 PACKAGES_LIBS := $(shell pkg-config --libs alsa glib-2.0 gobject-2.0 gmodule-2.0 gthread-2.0)
 
 LDFLAGS = -L$(BUILD_DIR) -lm $(PACKAGES_LIBS) \
+          -z relro \
           -static-libgcc -static-libstdc++ -Wl,--gc-sections
 
 ifeq ($(ARCH), x32)
--- old/modules/javafx.media/src/main/native/jfxmedia/projects/linux/Makefile	2019-01-15 06:21:38.086012514 -0800
+++ new/modules/javafx.media/src/main/native/jfxmedia/projects/linux/Makefile	2019-01-15 06:21:37.982012511 -0800
@@ -40,6 +40,7 @@
                   -Wformat \
                   -Wextra \
                   -Wformat-security \
+                  -fstack-protector \
                   -Werror=implicit-function-declaration \
 		  -msse2 \
 	          -DGSTREAMER_LITE
@@ -56,6 +57,7 @@
 		  $(PACKAGES_INCLUDES)
 
 	LDFLAGS = -Wl,-rpath,\$$ORIGIN -L$(BUILD_DIR) -lgstreamer-lite $(PACKAGES_LIBS) \
+            -z relro \
             -static-libgcc -static-libstdc++ -Wl,--gc-sections
 else
 	CFLAGS += $(EXTRA_CFLAGS)
--- old/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderBox.h	2019-01-15 06:21:38.346012521 -0800
+++ new/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderBox.h	2019-01-15 06:21:38.286012519 -0800
@@ -61,10 +61,6 @@
     // Returns false for the body renderer if its background is propagated to the root.
     bool paintsOwnBackground() const;
 
-    // Use this with caution! No type checking is done!
-    RenderBox* firstChildBox() const;
-    RenderBox* lastChildBox() const;
-
     LayoutUnit x() const { return m_frameRect.x(); }
     LayoutUnit y() const { return m_frameRect.y(); }
     LayoutUnit width() const { return m_frameRect.width(); }
@@ -178,10 +174,12 @@
     FloatRect repaintRectInLocalCoordinates() const override { return borderBoxRect(); }
     FloatRect objectBoundingBox() const override { return borderBoxRect(); }
 
-    // Use this with caution! No type checking is done!
+    // Note these functions are not equivalent of childrenOfType<RenderBox>
+    RenderBox* parentBox() const;
+    RenderBox* firstChildBox() const;
+    RenderBox* lastChildBox() const;
     RenderBox* previousSiblingBox() const;
     RenderBox* nextSiblingBox() const;
-    RenderBox* parentBox() const;
 
     // Visual and layout overflow are in the coordinate space of the box.  This means that they aren't purely physical directions.
     // For horizontal-tb and vertical-lr they will match physical directions, but for horizontal-bt and vertical-rl, the top/bottom and left/right
@@ -740,29 +738,49 @@
     static bool s_hadOverflowClip;
 };
 
-inline RenderBox* RenderBox::previousSiblingBox() const
+inline RenderBox* RenderBox::parentBox() const
 {
-    return downcast<RenderBox>(previousSibling());
+    if (is<RenderBox>(parent()))
+        return downcast<RenderBox>(parent());
+
+    ASSERT(!parent());
+    return nullptr;
 }
 
-inline RenderBox* RenderBox::nextSiblingBox() const
+inline RenderBox* RenderBox::firstChildBox() const
 {
-    return downcast<RenderBox>(nextSibling());
+    if (is<RenderBox>(firstChild()))
+        return downcast<RenderBox>(firstChild());
+
+    ASSERT(!firstChild());
+    return nullptr;
 }
 
-inline RenderBox* RenderBox::parentBox() const
+inline RenderBox* RenderBox::lastChildBox() const
 {
-    return downcast<RenderBox>(parent());
+    if (is<RenderBox>(lastChild()))
+        return downcast<RenderBox>(lastChild());
+
+    ASSERT(!lastChild());
+    return nullptr;
 }
 
-inline RenderBox* RenderBox::firstChildBox() const
+inline RenderBox* RenderBox::previousSiblingBox() const
 {
-    return downcast<RenderBox>(firstChild());
+    if (is<RenderBox>(previousSibling()))
+        return downcast<RenderBox>(previousSibling());
+
+    ASSERT(!previousSibling());
+    return nullptr;
 }
 
-inline RenderBox* RenderBox::lastChildBox() const
+inline RenderBox* RenderBox::nextSiblingBox() const
 {
-    return downcast<RenderBox>(lastChild());
+    if (is<RenderBox>(nextSibling()))
+        return downcast<RenderBox>(nextSibling());
+
+    ASSERT(!nextSibling());
+    return nullptr;
 }
 
 inline void RenderBox::setInlineBoxWrapper(InlineElementBox* boxWrapper)
--- old/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderListItem.cpp	2019-01-15 06:21:38.590012528 -0800
+++ new/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderListItem.cpp	2019-01-15 06:21:38.530012526 -0800
@@ -272,9 +272,9 @@
     LayoutUnit markerOldLogicalLeft = m_marker->logicalLeft();
     LayoutUnit blockOffset = 0;
     LayoutUnit lineOffset = 0;
-    for (RenderBox* o = m_marker->parentBox(); o != this; o = o->parentBox()) {
-        blockOffset += o->logicalTop();
-        lineOffset += o->logicalLeft();
+    for (auto* ancestor = m_marker->parentBox(); ancestor && ancestor != this; ancestor = ancestor->parentBox()) {
+        blockOffset += ancestor->logicalTop();
+        lineOffset += ancestor->logicalLeft();
     }
 
     bool adjustOverflow = false;
--- old/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderListMarker.cpp	2019-01-15 06:21:38.850012535 -0800
+++ new/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderListMarker.cpp	2019-01-15 06:21:38.790012534 -0800
@@ -1382,8 +1382,8 @@
     ASSERT(needsLayout());
 
     LayoutUnit blockOffset;
-    for (auto* box = parentBox(); box && box != &m_listItem; box = box->parentBox())
-        blockOffset += box->logicalTop();
+    for (auto* ancestor = parentBox(); ancestor && ancestor != &m_listItem; ancestor = ancestor->parentBox())
+        blockOffset += ancestor->logicalTop();
     if (style().isLeftToRightDirection())
         m_lineOffsetForListItem = m_listItem.logicalLeftOffsetForLine(blockOffset, DoNotIndentText, LayoutUnit());
     else
--- old/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderMultiColumnSet.cpp	2019-01-15 06:21:39.126012543 -0800
+++ new/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderMultiColumnSet.cpp	2019-01-15 06:21:39.058012541 -0800
@@ -316,7 +316,7 @@
 
     // FIXME: When we add fragments support, we'll start it off at the width of the multi-column
     // block in that particular fragment.
-    setLogicalWidth(parentBox()->contentLogicalWidth());
+    setLogicalWidth(multiColumnBlockFlow()->contentLogicalWidth());
 }
 
 bool RenderMultiColumnSet::requiresBalancing() const