git: openjdk/jdk: 8296343: CPVE thrown on missing content-length in OCSP response
Jamil Nimeh
jnimeh at openjdk.org
Mon Jan 23 18:10:24 UTC 2023
Changeset: 1a3cb8c5
Author: Jamil Nimeh <jnimeh at openjdk.org>
Date: 2023-01-23 18:05:48 +0000
URL: https://git.openjdk.org/jdk/commit/1a3cb8c5018bc016c2ad6b078e4abe13b39d151c
8296343: CPVE thrown on missing content-length in OCSP response
Reviewed-by: mullan, rhalade
! src/java.base/share/classes/sun/security/provider/certpath/OCSP.java
! test/jdk/java/security/cert/CertPathValidator/OCSP/GetAndPostTests.java
! test/jdk/java/security/testlibrary/SimpleOCSPServer.java
! test/jdk/javax/net/ssl/Stapling/HttpsUrlConnClient.java
! test/jdk/javax/net/ssl/Stapling/SSLEngineWithStapling.java
! test/jdk/javax/net/ssl/Stapling/SSLSocketWithStapling.java
! test/jdk/javax/net/ssl/Stapling/StapleEnableProps.java
+ test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java
! test/jdk/sun/security/ssl/Stapling/java.base/sun/security/ssl/StatusResponseManagerTests.java
More information about the jdk-changes
mailing list