[11u] RFR: 8202343: Disable TLS 1.0 and 1.1
Severin Gehwolf
sgehwolf at redhat.com
Fri Dec 18 18:34:49 UTC 2020
Hi,
Please review this downport for disabling TLS 1.0 and 1.1 via the
tls.disabledAlgorithms security property.
The JDK 16 patch didn't apply cleanly. The differences are context
changes mostly. The hunk to TlsContextTest.java has been omitted since
that test has been introduced with JDK 12+ (via JDK-8239594, not in JDK
11). Once reviewed and approved my intention is to push this together
with follow-ups JDK-8256682 and JDK-8257083.
CSR for this is (reused from Oracle):
https://bugs.openjdk.java.net/browse/JDK-8257122
Bug: https://bugs.openjdk.java.net/browse/JDK-8202343
webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-8202343/01/webrev/
Testing: jdk_security tests. No regressions noted.
Thoughts?
Thanks,
Severin
More information about the jdk-updates-dev
mailing list