[jdk21u-dev] Integrated: 8354469: Keytool exposes the password in plain text when command is piped using | grep
Goetz Lindenmaier
goetz at openjdk.org
Mon Feb 23 16:10:35 UTC 2026
On Wed, 18 Feb 2026 09:08:31 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> Edit of src/java.base/share/classes/sun/security/util/resources/security.properties
> applied to sun/security/util/Resources.java as
> "8345940: Migrate security-related resources from Java classes to properties files" not in 21.
>
>
> test/jdk/sun/security/util/Resources/Usages.java
> Trivial resolve as "8338411: Implement JEP 486: Permanently Disable the Security Manager" is not in 21.
>
> The new test jdk/sun/security/tools/keytool/EchoPassword.java fails for passwords with non-ascii characters.
> I think this is because many changes to pass the encoding around are missin in 21, especially https://bugs.openjdk.org/browse/JDK-8330276: Console methods with explicit Locale. Removed the part of the test using non-ascii.
This pull request has now been integrated.
Changeset: f1d3049f
Author: Goetz Lindenmaier <goetz at openjdk.org>
URL: https://git.openjdk.org/jdk21u-dev/commit/f1d3049fa80260f207dc6a794485b6f582d66fe1
Stats: 304 lines in 6 files changed: 256 ins; 12 del; 36 mod
8354469: Keytool exposes the password in plain text when command is piped using | grep
Reviewed-by: rschmelter
Backport-of: a7a3a660e33fabc025ebe887f5605741be9ca8c3
-------------
PR: https://git.openjdk.org/jdk21u-dev/pull/2617
More information about the jdk-updates-dev
mailing list