RFR [11u backport]: 8217579: TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled after 8211883

Langer, Christoph christoph.langer at sap.com
Fri Feb 1 12:10:32 UTC 2019


Thanks Sean. Pushed with the replacement as you suggested.

> -----Original Message-----
> From: Sean Mullan <sean.mullan at oracle.com>
> Sent: Donnerstag, 31. Januar 2019 21:03
> To: Langer, Christoph <christoph.langer at sap.com>; security-
> dev at openjdk.java.net
> Subject: Re: RFR [11u backport]: 8217579:
> TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled after 8211883
> 
> CheckCipherSuites.java
> 
> 116     // List of enabled cipher suites when the "crypto.policy" security
> 
> typo: s/enabled/supported/
> 
> (I realized that typo after I had already pushed the fix to JDK 13, but
> better to just fix it here now).
> 
> Otherwise looks good.
> 
> --Sean
> 
> On 1/31/19 8:36 AM, Langer, Christoph wrote:
> > Hi,
> >
> > please review the backport of the fix for 8217579 to jdk11u.
> >
> > Bug: https://bugs.openjdk.java.net/browse/JDK-8217579
> >
> > Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8217579.11u/
> >
> > Original review thread:
> > https://mail.openjdk.java.net/pipermail/security-dev/2019-
> January/019256.html
> >
> > The patch did apply cleanly but I had to remove the ChaCha ciphers to
> > make the test work with JDK 11.
> >
> > Thanks and Best regards
> >
> > Christoph
> >


More information about the security-dev mailing list