TLSv1.3 HttpsServer endless loop based on client socket i/o shutdown

Sean Mullan sean.mullan at oracle.com
Wed Mar 6 20:50:15 UTC 2019


On 3/6/19 4:55 AM, Severin Gehwolf wrote:
> On Mon, 2019-02-11 at 10:58 +0100, Daniel Fuchs wrote:
>> It looks like this is JDK-8214418 - which has been fixed
>> in 12.0.1 b03 and 13-ea b04.
> 
> Is there any reason why JDK-8214418 is not public?
> 
> "You can't view this issue"

There are internal hostnames and ip addresses and other potentially 
sensitive content in the bug description (it was a dump of a test log). 
I think we would have to remove that sensitive information and copy it 
into a new bug otherwise it would still be in the bug history if we made 
it public. Doesn't seem worth it at this point since it is already fixed.

--Sean



More information about the security-dev mailing list