RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0 [v3]
Weijun Wang
weijun at openjdk.java.net
Mon Jan 11 17:34:00 UTC 2021
On Sun, 10 Jan 2021 05:17:23 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 13 commits:
>>
>> - No more newInstance calls
>> - Support RSA-PSS with parameters
>> - Reapply 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
>> - Fix test failures
>> - Supporting named RSASSA-PSS without parameters
>> - Reapply 8008744: Rework part of fix for JDK-6741606
>> - Reapply 8151893: Add security property to configure XML Signature secure validation mode
>>
>> Reapply 8140353: Improve signature checking
>> - Reapply Reapply 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
>> - Reapply 8038913: Bolster XML support (Init.java part)
>> - Various warnings, the version, and abnormal copyright lines
>> - ... and 3 more: https://git.openjdk.java.net/jdk/compare/19bade02...f7ee7648
>
> Marked as reviewed by xuelei (Reviewer).
I've force pushed a new series of commits from scratch. The difference:
1. The `s/Portions copyright/Copyright/` change is inside auto import.
2. Some `s/Sun Microsystems/Oracle/` change in auto import
3. No more deprecated `newInstance()` calls, a new (the last one) commit is created for this
-------------
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list