Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8267268

[BACKOUT] JDK-8196415 Disable SHA-1 Signed JARs

    XMLWordPrintable

Details

    • behavioral
    • minimal
    • Revert fix
    • System or security property
    • JDK

    Description

      Summary

      Revert the JDK changes introduced via CSR JDK-8264362 for update releases.

      Problem

      Performance issues have been reported with the patch created for JDK-8196415 (and approved via CSR JDK-8264362). Decision to revert the fix for the JDK Update releases while leaving the fix in JDK 17 where a solution can be worked. Once a stable solution is in place, a new enhancement will be filed for "Disable SHA-1 Signed JARs" and ported to the JDK Update releases.

      Solution

      Perform an anti-delta of the patch from JDK-8196415

      As a result, no changes will exist in this area for the JDK 16u, JDK 11u, JDK 8u and JDK 7u releases.

      Specification

      Remove (revert) the "SHA1 jdkCA & usage SignedJAR & denyAfter 2019-01-01" change from the jdk.certpath.disabledAlgorithms Security property

      Remove (revert) the "SHA1 jdkCA & denyAfter 2019-01-01" change from the jdk.jar.disabledAlgorithms Security property.

      Attachments

        Issue Links

          csr of

          Bug - A problem which impairs or prevents the functions of the product. JDK-8267100 [BACKOUT] JDK-8196415 Disable SHA-1 Signed JARs

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed
          relates to

          CSR - null JDK-8264362 Disable SHA-1 Signed JARs

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              coffeys Sean Coffey
              pkumaraswamy Prajwal Kumaraswamy
              Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: