[jdk17u-dev] Integrated: 8296343: CPVE thrown on missing content-length in OCSP response
Alexey Pavlyutkin
duke at openjdk.org
Tue May 23 15:20:20 UTC 2023
On Thu, 18 May 2023 15:59:18 GMT, Alexey Pavlyutkin <duke at openjdk.org> wrote:
> Hi!
>
> Here is backport of [JDK-8296343](https://bugs.openjdk.org/browse/JDK-8296343). The patch fixes CertPathValidatorException taking place if OCSP response does not contain `ContentLength` field.
>
> Original patch is applied cleanly.
>
> Verification/regression (amd64/20.04 LTS): `jdk_security` including newly added `test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java`
This pull request has now been integrated.
Changeset: 32fda320
Author: Alexey Pavlyutkin <apavlyutkin at azul.com>
Committer: Yuri Nesterenko <yan at openjdk.org>
URL: https://git.openjdk.org/jdk17u-dev/commit/32fda3200c6e9ad6d533c1d741fb805b987f74dd
Stats: 399 lines in 9 files changed: 283 ins; 37 del; 79 mod
8296343: CPVE thrown on missing content-length in OCSP response
Backport-of: 1a3cb8c5018bc016c2ad6b078e4abe13b39d151c
-------------
PR: https://git.openjdk.org/jdk17u-dev/pull/1361
More information about the jdk-updates-dev
mailing list