[8u] Request for enhancement backport approval for CR 8207258- Distrust TLS server certificates anchored by Symantec Root CAs
Aleksey Shipilev
shade at redhat.com
Tue Feb 26 10:32:41 UTC 2019
On 2/26/19 10:44 AM, Andrew Haley wrote:
> On 2/25/19 9:43 PM, Liu, Xin wrote:
>> We backport two patches about distrust policy to jdk8u-dev. It will distrust all certificates from Symantec except for 2 from Apple’s.
>> They are straight-forward, but we do minor changes for java8.
>>
>> JDK-8207258<https://bugs.openjdk.java.net/browse/JDK-8207258>: Distrust TLS server certificates anchored by Symantec Root CAs
>> http://cr.openjdk.java.net/~phh/8207258/webrev.8u.00/
>>
>> JDK-8216280<https://bugs.openjdk.java.net/browse/JDK-8216280%5d>: Allow later Symantec Policy distrust date for two Apple SubCAs
>> http://cr.openjdk.java.net/~phh/8216280/webrev.8u.00/
>>
>> We verify Jtreg and JCK8b internally. Could you mailist review it?
>
> These are already marked with CPU19 04-critical-approved and redhat-openjdk.
>
> In other words: we're on it.
I have already handed over these to Liu. Liu provides the backport for these.
-Aleksey
More information about the jdk8u-dev
mailing list