Regarding JDK-8216577: Add GlobalSign's R6 Root certificate
Langer, Christoph
christoph.langer at sap.com
Sat Apr 27 06:10:00 UTC 2019
> -----Original Message-----
> From: Sean Mullan <sean.mullan at oracle.com>
> Sent: Samstag, 27. April 2019 00:54
> To: Langer, Christoph <christoph.langer at sap.com>; security-
> dev at openjdk.java.net; Rajan Halade <rajan.halade at oracle.com>
> Subject: Re: Regarding JDK-8216577: Add GlobalSign's R6 Root certificate
>
> On 4/26/19 6:04 PM, Langer, Christoph wrote:
> > Hi,
> >
> > In JBS I can find the bug JDK-8216577: Add GlobalSign's R6 Root
> > certificate [0].
> >
> > This change has gone into 12.0.1 and also 12.0.2 but it's not part of
> > JDK13 (jdk/jdk) and also not of JDK11 (e.g. 11.0.3-oracle,
> > 11.0.4-oracle). Could you please shed some light into this unusual
> > proceeding? Usually such changes would happen in jdk/jdk first, and then
> > be backported, I guess.
> >
> > Is there any reason why the certificate was only added to the jdk12
> > updates train?
>
> It should be in 11.0.3-oracle. The backport issue is Confidential so
> maybe that is why you thought it wasn't.
Yep, that explains it. Any particular reason that the 11.0.3-oracle backport is confidential? Could you make it public? Just asking...
> JDK 13 seems like an oversight. Rajan, any idea what happened? Can you
> push this to JDK 13?
Thanks in advance. Looking forward to see this in JDK 13.
> > Will the certificate be brought to the other update
> > versions later on?
>
> Which other updates?
Ok, yes, that's all the Oracle updates. I'll bring the change to OpenJDK 11 updates then.
Thanks
Christoph
More information about the security-dev
mailing list