[jdk17u-dev] Integrated: 8312489: Increase jdk.jar.maxSignatureFileSize default which is too low for JARs such as WhiteSource/Mend unified agent jar
Andrew John Hughes
andrew at openjdk.org
Fri Sep 1 15:56:50 UTC 2023
On Mon, 28 Aug 2023 12:43:24 GMT, Andrew John Hughes <andrew at openjdk.org> wrote:
> The security fix, JDK-8300596, introduced a maximum size for signature-related files in JAR files, via the `jdk.jar.maxSignatureFileSize` property. The default value of 8MB has since proven to be too low for some JARs in general use. This change doubles it to 16MB, while still being much lower than the previous `MAX_ARRAY_SIZE` value of `Integer.MAX_VALUE - 8`
>
> This pull request contains a clean backport of commit [e47a84f2](https://github.com/openjdk/jdk/commit/e47a84f23dd2608c6f5748093eefe301fb5bf750) from the [openjdk/jdk](https://git.openjdk.org/jdk) repository.
>
> The commit being backported was authored by Hai-May Chao on 31 Jul 2023 and was reviewed by Sean Mullan and Matthias Baesken.
This pull request has now been integrated.
Changeset: 5b613e3e
Author: Andrew John Hughes <andrew at openjdk.org>
URL: https://git.openjdk.org/jdk17u-dev/commit/5b613e3ebed6c141146e743e64c894fe4f39421e
Stats: 9 lines in 2 files changed: 2 ins; 0 del; 7 mod
8312489: Increase jdk.jar.maxSignatureFileSize default which is too low for JARs such as WhiteSource/Mend unified agent jar
Backport-of: e47a84f23dd2608c6f5748093eefe301fb5bf750
-------------
PR: https://git.openjdk.org/jdk17u-dev/pull/1703
More information about the jdk-updates-dev
mailing list