-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P3
-
Affects Version/s: 9
-
Component/s: security-libs
-
b75
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8136191 | emb-9 | Sean Mullan | P3 | Resolved | Fixed | team |
In the fix for JDK-6826789, the ProtectionDomain cache key was changed from CodeSource to a String to avoid expensive DNS lookups when computing hashcodes for CodeSource URLs. However, the key also needs to take into account the certificates of a CodeSource, otherwise a CodeSource URL with different certificates will resolve to the same ProtectionDomain, which is not correct.
- backported by
-
JDK-8136191 SecureClassLoader key for ProtectionDomain cache also needs to take into account certificates
-
- Resolved
-
- relates to
-
JDK-6826789 SecureClassLoader should not use CodeSource URLs as HashMap keys
-
- Closed
-