Ping again. This is the only security bug that must be resolved in JDK 13. Please.
Thanks, Max > On Jul 26, 2019, at 10:57 PM, Weijun Wang <weijun.w...@oracle.com> wrote: > > Please review the fix at > > http://cr.openjdk.java.net/~weijun/8228431/webrev.00/ > > The no-native-provider.conf file put SUN and SunRsaSign as the first 2 > security providers and thus shadows the OracleUcrypto and SunPKCS11 providers > used by Solaris. Please note that duplicated provider names are silently > ignored so this is harmless. On other platforms, the first 2 providers are > already SUN and SunRsaSign. > > I ran the test 200 times on solaris-sparcv9 and it does not fail once. Before > this fix, it always fails on this platform. > > An alternative fix is to simply exclude the test from solaris-sparc using > `@requires os.family != "solaris"`. I've fixed some other security/tools test > failures using this solution. The reason is that these tests are testing > platform-independent behaviors so it's OK to skip one platform. I don't think > this test is platform-dependent in any way. > > Thanks, > Max >