JDK-8027026 updates all key generation tests to use RSA instead of DSA. One of the test is ts.sh, which calls TimeStampCheck.java, and the update is not complete that the generated timestamp is signed with RSA but the SignerInfo data in the PKCS#7 is still labeled DSA. The test passes because it does not try to verify the timestamp. Said that, it's still embarrassing.
relates to
JDK-8027026Change keytool -genkeypair to use -keyalg RSA