Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P3
Fix Version/s: 20
Affects Version/s: None
Component/s: core-libs
Labels:
- amazon-interest
- release-note=yes

Subcomponent:
javax.naming
Resolved In Build:
b16
CPU:

generic
OS:

generic
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8347034	17.0.16-oracle	Weibing Xiao	P3	Closed	Fixed	b01
JDK-8342325	17.0.14	Sergey Bylokhov	P3	Resolved	Fixed	b01
JDK-8342259	17.0.13	Sergey Bylokhov	P3	Resolved	Fixed	b11
JDK-8347035	11.0.28-oracle	Weibing Xiao	P3	Closed	Fixed	b01
JDK-8342374	11.0.26	Sergey Bylokhov	P3	Resolved	Fixed	b01
JDK-8342274	11.0.25	Sergey Bylokhov	P3	Resolved	Fixed	b09
JDK-8343097	openjdk8u442	Sergey Bylokhov	P3	Resolved	Fixed	b01
JDK-8342418	openjdk8u432	Sergey Bylokhov	P3	Resolved	Fixed	b06
JDK-8360952	shenandoah8u432	Sergey Bylokhov	P3	Resolved	Fixed	b06
JDK-8347036	8u461	Weibing Xiao	P3	Closed	Fixed	b01

The LDAP Naming Service Provider implementation's default settings can be improved by disallowing the reconstruction of Java objects from different LDAP attributes (RFC 2713). Changes include the following modifications:
- Extend the scope of the system property to cover the creation of RMI remote objects from the 'javaRemoteLocation' LDAP attribute.
- Update the default value of com.sun.jndi.ldap.object.trustSerialData system property to "false". That will prevent the deserialization of java objects from the 'javaSerializedData' and the 'javaRemoteLocation' LDAP attributes.

backported by

JDK-8342259 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8342274 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8342325 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8342374 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8342418 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8343097 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8360952 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Resolved

JDK-8347034 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Closed

JDK-8347035 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Closed

JDK-8347036 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Closed

csr for

JDK-8290369 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

Closed

links to

Commit openjdk/jdk/7765942a

Review openjdk/jdk/10228

(5 backported by, 1 csr for, 2 links to)

1.	Release Note: Update Default Value and Extend the Scope of com.sun.jndi.ldap.object.trustSerialData System Property		Resolved	Aleksej Efimov
2.	Release Note: Update Default Value of com.sun.jndi.ldap.object.trustSerialData System Property		Resolved	Weibing Xiao

Assignee:: Aleksej Efimov

Reporter:: Aleksej Efimov

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2022-07-15 04:24

Updated:: 2025-06-28 13:32

Resolved:: 2022-09-16 03:09

Details

Backports

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates