Regarding JDK-8216577: Add GlobalSign's R6 Root certificate

Sean Mullan sean.mullan at oracle.com
Mon Apr 29 14:34:52 UTC 2019


On 4/27/19 2:10 AM, Langer, Christoph wrote:
>> On 4/26/19 6:04 PM, Langer, Christoph wrote:
>>> Hi,
>>>
>>> In JBS I can find the bug JDK-8216577: Add GlobalSign's R6 Root
>>> certificate [0].
>>>
>>> This change has gone into 12.0.1 and also 12.0.2 but it's not part of
>>> JDK13 (jdk/jdk) and also not of JDK11 (e.g. 11.0.3-oracle,
>>> 11.0.4-oracle). Could you please shed some light into this unusual
>>> proceeding? Usually such changes would happen in jdk/jdk first, and then
>>> be backported, I guess.
>>>
>>> Is there any reason why the certificate was only added to the jdk12
>>> updates train?
>> It should be in 11.0.3-oracle. The backport issue is Confidential so
>> maybe that is why you thought it wasn't.
> Yep, that explains it. Any particular reason that the 11.0.3-oracle backport is confidential? Could you make it public? Just asking...

Fixed.

>> JDK 13 seems like an oversight. Rajan, any idea what happened? Can you
>> push this to JDK 13?
> Thanks in advance. Looking forward to see this in JDK 13.

Sure, still looking into this.

--Sean




More information about the security-dev mailing list