[15u] RFR 8202343: Disable TLS 1.0 and 1.1
Alvarez, David
alvdavi at amazon.com
Thu Mar 11 16:45:27 UTC 2021
Hi Yan,
I did consider JDK-8257083 and JDK-8256682, but I didn't backport them
because I thought this would need to go as critical (and I was not sure
those two would). I'll try to grab them, but if you don't see the
request in the next few days, feel free to pick this for the release (if
JDK-8257083 and JDK-8256682 are picked, I expect this one to apply cleanly).
David
On 3/11/21 8:37 AM, Yuri Nesterenko wrote:
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
>
>
>
> Hi David,
>
> do you plan also to backport JDK-8257083 and JDK-8256682 (that on the surface)?
> I hope we have a week or so for that.
> This patch looks OK to me.
> And as there was no clear rampdown declared, a simple jdk15u-fix-request should be enough.
>
> Thank you!
>
> --yan
>
> On 11.03.2021 18:56, Alvarez, David wrote:
>> Hi,
>>
>> I would like to request a review for JDK-8202343
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8202343
>> Webrev:
>> http://cr.openjdk.java.net/~alvdavi/webrevs/8202343/webrev.8202343.15u.00/
>>
>> Patch applies almost cleanly, only minor changes were needed to the
>> java.security and DisabledCurve.java files to account for JDK-8235710
>> [1] missing in 15u.
>>
>> Patch passes the tests under sun/security/ssl.
>>
>> I intend to mark this patch as critical request to make sure 15u is
>> aligned with other versions, so I would appreciate if the patch gets
>> reviewed soon. 13u also needs this backport.
>>
>> Thanks,
>>
>> David
>>
>> ------
>> [1] https://bugs.openjdk.java.net/browse/JDK-8235710
>>
>
More information about the jdk-updates-dev
mailing list