RFR: 8275082: Update XML Security for Java to 2.3.0
Valerie Peng
valeriep at openjdk.java.net
Thu Dec 2 20:31:12 UTC 2021
On Wed, 1 Dec 2021 17:31:37 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Import Apache Santuario 2.3.0 without the secure validation changes since in OpenJDK we are using the `jdk.xml.dsig.secureValidationPolicy` security property for XML Signature secure validation protection.
>
> Two commits are pushed:
>
> - 2.3.0: Import 2.3.0 code changes
> - revert: revert the Santuario secure validation changes
The revert is done manually and covered by existing regression tests? May need to add a noreg-xxx label
-------------
PR: https://git.openjdk.java.net/jdk/pull/6644
More information about the security-dev
mailing list