[security-dev 01547]: Re: PING: [PATCH FOR REVIEW]: 6763530: Fix breakage of NSS-based Elliptic Curve Cryptography in OpenJDK6

Valerie (Yu-Ching) Peng valerie.peng at oracle.com
Mon Jun 28 10:36:47 PDT 2010


Vinnie is on vacation, so I'll take a shot of answering this.
According to the bug record, the fix for 6763530 is in jdk7, openjdk6 
and not in Oracle's jdk6 update release.
Not all bugs are backported, it's subject to RE's discretion.
I've opened a subCR against this particular release train and Vinnie can 
decide what to do w/ this once he returns from vacation.

Regards,
Valerie

On 06/27/10 17:13, Michael StJohns wrote:
> At 08:09 PM 6/27/2010, Andrew John Hughes wrote:
>   
>> On 28 June 2010 01:05, Michael StJohns <mstjohns at comcast.net> wrote:
>>     
>>> Hi Andrew -
>>>
>>> I really need to work on fleshing out my emails... :-/
>>>
>>> The _20 release of the normal (non-OpenJDK) is missing this update. Â I had thought that this fix was supposed to be back-ported to the closed JDK 6 release. Â I've got the OpenJDK built on my local machine, but the folks I'm working with would rather use the pre-packaged Windows version etc etc etc... *sigh*.
>>>
>>>       
>> By its very nature, we don't know what's in the proprietary JDK.
>> That's an issue you need to take up with Oracle.  The bug is fixed in
>> OpenJDK6 and 7.
>>     
>
> Yes but - the RP/committer for this was Vincent - part of the Sun crowd.. 
>
> No worries.  If they can't answer, I'll reopen the bug and see what's what.
>
> Thanks - Mike
>
>
>   
>>> Thanks - Mike
>>>
>>>
>>> At 07:17 PM 6/27/2010, Andrew John Hughes wrote:
>>>       
>>>>> At 05:37 PM 6/27/2010, Michael StJohns wrote:
>>>>>           
>>>>>> Hi guys -
>>>>>>
>>>>>> I see from the Mercurial logs that this went in to both the jdk6 and jdk7 repositories. Ã, For jdk6 - it's rev 302 which looks like this should have ended up in the _19 release
>>>>>>
>>>>>> But all the files in lib/ext/sunpkcs11.jar Ã, for _20 are all tagged as 1 September 2009....
>>>>>>
>>>>>> Is the sunpkcs11.jar provider not getting regenerated and rebundled during the release process?
>>>>>>
>>>>>> Mike
>>>>>>             
>>>> It has been:
>>>>
>>>> $ hg log -R jdk -k 6763530
>>>> changeset: Â  302:82b80660cac3
>>>> user: Â  Â  Â  Â vinnie
>>>> date: Â  Â  Â  Â Thu Jan 21 23:59:41 2010 +0000
>>>> summary: Â  Â  6763530: Cannot decode PublicKey (Proider SunPKCS11,
>>>> curve prime256v1)
>>>>
>>>> and certainly is present on IcedTea6's builds.
>>>> --
>>>> Andrew :-)
>>>>
>>>> Free Java Software Engineer
>>>> Red Hat, Inc. (http://www.redhat.com)
>>>>
>>>> Support Free Java!
>>>> Contribute to GNU Classpath and the OpenJDK
>>>> http://www.gnu.org/software/classpath
>>>> http://openjdk.java.net
>>>>
>>>> PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
>>>> Fingerprint: F8EF F1EA 401E 2E60 15FA Â 7927 142C 2591 94EF D9D8
>>>>         
>>>
>>>       
>>
>> -- 
>> Andrew :-)
>>
>> Free Java Software Engineer
>> Red Hat, Inc. (http://www.redhat.com)
>>
>> Support Free Java!
>> Contribute to GNU Classpath and the OpenJDK
>> http://www.gnu.org/software/classpath
>> http://openjdk.java.net
>>
>> PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
>> Fingerprint: F8EF F1EA 401E 2E60 15FA  7927 142C 2591 94EF D9D8
>>     
>
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20100628/421c5830/attachment.html 


More information about the security-dev mailing list