[8u] RFR Backport 8219013: Update Apache Santuario (XML Signature) to version 2.1.3

Elliott Baron ebaron at redhat.com
Mon Aug 31 21:15:48 UTC 2020


Hi,

I'd like to request a review to backport 8219013 to 8u.

Original fix:
https://bugs.openjdk.java.net/browse/JDK-8219013
http://hg.openjdk.java.net/jdk/jdk/rev/81de17a33575

The original fix did not apply cleanly, but only required minor cosmetic 
changes. They are as follows:

com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI:
- Kept protocol as HTTPS in Javadoc compared to original fix. This was 
changed to HTTPS by "8068491: Update the protocol for references of 
docs.oracle.com to HTTPS.", which did not get propagated to JDK 9+.

com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP:
- Javadoc to be changed already uses HTTPS due to 8068491.

org/jcp/xml/dsig/internal/dom/XMLDSigRI:
- Omitted indentation fix for line added by "7191662: JCE providers 
should be located via ServiceLoader", which is not in 8u.

legal/santuario.md:
- File doesn't exist. I'll update THIRD_PARTY_README accordingly with 
8229868: "Update Apache Santuario TPRM version".

8u webrev:
https://cr.openjdk.java.net/~ebaron/jdk8u/JDK-8219013/webrev.00/

Testing: x86_64 build, jdk_tier1, jdk_security tests

Thanks,
Elliott



More information about the jdk8u-dev mailing list