[jdk8u] RFR: 8285591: [11] add signum checks in DSA.java engineVerify [v2]
Andrew John Hughes
andrew at openjdk.java.net
Tue May 31 15:11:11 UTC 2022
> This change was part of a security fix, JDK-8277233, for 17u during the April update. The rest of 8277233 did not apply to older releases, as it concerned code added to ` src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java` by JDK-8237218 in 15u.
>
> However, the additional checks in `src/java.base/share/classes/sun/security/provider/DSA.java` that were included in the patch are applicable to older releases.
>
> I'm raising this for inclusion in 8u342 during rampdown as 17u already has it since the April update and 11u now has this backport. It would be good for 8u to be consistent as soon as possible.
Andrew John Hughes has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains two additional commits since the last revision:
- Merge remote-tracking branch 'jdk8u/master' into JDK-8285591
- Backport bf3438c5dc993b96d089cabb5318bfc64a6904a3
-------------
Changes:
- all: https://git.openjdk.java.net/jdk8u/pull/11/files
- new: https://git.openjdk.java.net/jdk8u/pull/11/files/7178fffa..424f2fc8
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk8u&pr=11&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk8u&pr=11&range=00-01
Stats: 1036 lines in 44 files changed: 525 ins; 84 del; 427 mod
Patch: https://git.openjdk.java.net/jdk8u/pull/11.diff
Fetch: git fetch https://git.openjdk.java.net/jdk8u pull/11/head:pull/11
PR: https://git.openjdk.java.net/jdk8u/pull/11
More information about the jdk8u-dev
mailing list