[jdk11u] RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
Paul Hohensee
phh at openjdk.org
Thu Sep 5 15:25:02 UTC 2024
On Thu, 5 Sep 2024 11:31:46 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> I backport this for parity with 11.0.25-oracle.
>
> src/java.base/share/classes/sun/security/validator/CADistrustPolicy.java
> * Resolved Copyright
> src/java.base/share/classes/sun/security/validator/EntrustTLSPolicy.java
> * Removed debug argument from getFingerprint() as "8270946: X509CertImpl.getFingerprint should not return the empty String" is not in 11.
Marked as reviewed by phh (Reviewer).
I assume this is a critical fix because it's against jdk11u rather than jdk11u-dev.
-------------
PR Review: https://git.openjdk.org/jdk11u/pull/95#pullrequestreview-2283403321
PR Comment: https://git.openjdk.org/jdk11u/pull/95#issuecomment-2332000989
More information about the jdk-updates-dev
mailing list