-
Type:
Enhancement
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 8, 11, 12
-
Component/s: security-libs
-
b09
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8217588 | 11.0.4-oracle | Ivan Gerasimov | P4 | Resolved | Fixed | b02 |
| JDK-8220755 | 11.0.4 | Adam Petcher | P4 | Resolved | Fixed | b01 |
| JDK-8221949 | 11.0.3-oracle | Ivan Gerasimov | P4 | Resolved | Fixed | b31 |
| JDK-8221425 | 11.0.2 | Ivan Gerasimov | P4 | Closed | Fixed | b31 |
| JDK-8227348 | openjdk8u232 | Unassigned | P4 | Resolved | Fixed | b01 |
| JDK-8226819 | openjdk8u222 | Unassigned | P4 | Resolved | Fixed | b08 |
| JDK-8218249 | 8u222 | Ivan Gerasimov | P4 | Resolved | Fixed | master |
| JDK-8217695 | 8u221 | Ivan Gerasimov | P4 | Resolved | Fixed | b01 |
| JDK-8224346 | emb-8u221 | Ivan Gerasimov | P4 | Resolved | Fixed | master |
| JDK-8218784 | 7u231 | Ivan Gerasimov | P4 | Resolved | Fixed | b01 |
| JDK-8227875 | openjdk7u | Unassigned | P4 | Resolved | Fixed | master |
1) Ensure that the contract for methods that take array arguments is properly specified and/or checked. For example IntegerPolynomial::addLimbs/conditionalSwap take two arrays, but it is not stated/checked that these arrays must have the same length.
2) In XDHKeyAgreement::engineGenerateSecret, use secure coding guidelines style to prevent overflow. Change:
if (offset + secretLen > sharedSecret.length) ...
to
if (secretLen > sharedSecret.length - offset) ...
Or perhaps Math.addExact can be used here.
- backported by
-
JDK-8217588 X25519/X448 code improvements
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-