On Mon, 6 Jun 2022 23:57:51 GMT, Sergey Chernyshev
wrote:
> This is DSA related part of JDK-8277233 security fix. The remaining part of
> JDK-8277233 is only applicable to 15u and later versions.
>
> This fix is applicable to 13u and older versions. It ensures that the
> signa
On Mon, 6 Jun 2022 23:57:51 GMT, Sergey Chernyshev
wrote:
> This is DSA related part of JDK-8277233 security fix. The remaining part of
> JDK-8277233 is only applicable to 15u and later versions.
>
> This fix is applicable to 13u and older versions. It ensures that the
> signa
On Tue, 7 Jun 2022 03:06:00 GMT, Andrew John Hughes wrote:
>> This is DSA related part of JDK-8277233 security fix. The remaining part of
>> JDK-8277233 is only applicable to 15u and later versions.
>>
>> This fix is applicable to 13u and older versions. It ensures that the
>> signature compon
This is DSA related part of JDK-8277233 security fix. The remaining part of
JDK-8277233 is only applicable to 15u and later versions.
This fix is applicable to 13u and older versions. It ensures that the signature
components r, s are positive integers, as required by FIPS PUB 186-4 Section
4.7.
bug: https://bugs.openjdk.java.net/browse/JDK-8161016
>> 8u patch: https://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/e091a3b3405d
>> 7u webrev: http://cr.openjdk.java.net/~alexsch/sercher/8161016.7u/
>>
>> The patch applies cleanly.
>>
>> Tests run:
>> - jdk_net
/e091a3b3405d
7u webrev: http://cr.openjdk.java.net/~alexsch/sercher/8161016.7u/
The patch applies cleanly.
Tests run:
- jdk_net test target
- new test HttpURLConWithProxy.java passes.
Thank you!
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
rew
>
> On 02/09/2021 13:31, Sergey Chernyshev wrote:
>> Hello,
>>
>> Please review the 7u backport of JDK-8254967. This is a parity backport with
>> Oracle 7u321.
>>
>> Original bug: https://bugs.openjdk.java.net/browse/JDK-8254967
>> 8u patch: h
/8254967.7u/webrev.00/
The patch applies cleanly.
Tests run: jdk_net test target
Thank you.
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
rew
>
> On 07/04/2021 12:13, Sergey Chernyshev wrote:
>> Hi Andrew,
>>
>> I uploaded the changeset at
>> http://cr.openjdk.java.net/~alexsch/sercher/8233228.7u/webrev.01/jdk.changeset
>>
>> The webrev.01 is exactly the same as the version 00, except for
&
anks,
> Andrew
>
> [1] http://cr.openjdk.java.net/~alexsch/sercher/8233228.7u/webrev.00/
>
> On 06/04/2021 17:57, Sergey Chernyshev wrote:
>> Hi Andrew,
>>
>> Thank you for pushing this. Did your testing by any chance involve the
>> mentioned JDK-8233228 patch?
> https://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/477f973265c8
>
> Thanks,
> Andrew
>
> On 05/04/2021 17:54, Sergey Chernyshev wrote:
>> Hi Andrew,
>>
>> Thank you for the review. Yes I need your help to push this.
>>
>> Thanks,
>> Sergey
&g
ush?
>
> Thanks,
> Andrew
>
> On 20/03/2021 03:49, Sergey Chernyshev wrote:
>> Dear colleagues,
>>
>> Bumping the review thread for backport of JDK-8035166 to 7u. This patch
>> is needed for JDK-8233228, reviewed here [1].
>> Please note this is the v
o
sun/security
Thank you.
[1] https://mail.openjdk.java.net/pipermail/jdk7u-dev/2021-March/011100.html
[2]
https://mail.openjdk.java.net/pipermail/jdk7u-dev/2020-December/011069.html
On 3/11/2021 7:18 PM, Sergey Chernyshev wrote:
> Hi Andrew,
>
> What would you think be the target 7u r
l be reviewing JDK-8233228 for 8u shortly and it'll very likely be
> in 8u292. I wish there was a way of working around the need to move
> the classes into rt.jar, but I can't see one, other than duplicating
> the code and having to maintain two copies.
>
> Thanks,
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
Yuri, thank you for the review.
On 11.03.2021 14:08, Yuri Nesterenko wrote:
> Fine, looks good to me.
>
> --yan
>
> On 11.03.2021 13:55, Sergey Chernyshev wrote:
>> Hi Alexey,
>>
>> Thank you for the review.
>>
>>
>> On 11.03.2021 12:49, Alexey
Hi Alexey,
Thank you for the review.
On 11.03.2021 12:49, Alexey Bakhtin wrote:
> Hello Sergey,
>
> Thank you for the backport.
> I’m not reviewer but I verified your patch and it looks good to me.
>
> Thank you
> Alexey
>
>> On 11 Mar 2021, at 11:19, Sergey Cher
urity
com/sun/org/apache/xml/internal/security
com/oracle/security
Thanks,
Sergey
[1] https://mail.openjdk.java.net/pipermail/jdk7u-dev/2020-December/011069.html
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
move
> the classes into rt.jar, but I can't see one, other than duplicating
> the code and having to maintain two copies.
>
> Thanks,
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
exey Bakhtin wrote:
>> Looks good to me now.
>>
>> Thank you
>> Alexey
>>
>>> On 11 Dec 2020, at 17:12, Sergey Chernyshev
>>> wrote:
>>>
>>> Hello Alexey,
>>>
>>> Thanks for pointing this out. I updated the webrev h
is class is modified in the original JDK9 patch [1] but missed in the JDK11
> and JDK8 because of different XML Dsig implementation.
>
> [1] - http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/87fac66a55b4
>
> Regards
> Alexey
--
Best regards,
Sergey Chernyshev
Bellsoft LLC
dk/test were run. This included the following security and
crypto tests:
com/sun/crypto/provider/*
com/sun/security/*
java/security/*
javax/crypto/*
javax/net/ssl/*
javax/security/*
javax/xml/crypto/*
sun/security/*
The are no new failures compared to the build without the fix.
Thank you.
--
Best
21 matches
Mail list logo
