[PATCH] 6956398: make ephemeral DH key match the length of the certificate key
Andrew Hughes
gnu.andrew at redhat.com
Thu Apr 14 01:37:39 UTC 2016
Webrev: http://cr.openjdk.java.net/~andrew/jdk7u/6956398/webrev.01/
8 changeset: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/0d5f4f1782e8
This patch has been in IcedTea 2.x since the 2.5.5 release on 2015-04-14.
The changeset is nearly identical to the one in 8, with the additional
change of having to add the parseUnsignedInt methods from OpenJDK 8's
java.lang.Integer as private methods in ServerHandshaker.
The history in IcedTea is slightly more involved because the default
was originally changed, so that the backport caused less impact, but
this was reversed in 2.5.6 (2015-07-22) by PR2487 [0] [1] as a
response to CVE-2015-4000 (LOGJAM).
Ok to push?
[0] http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2487
[1] http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2528
Thanks,
--
Andrew :)
Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
More information about the jdk7u-dev
mailing list