> Please review this change to disable XML signatures that use SHA-1 based > digest or signature algorithms. SHA-1 is weak and is not a recommended > algorithm for digital signatures. This will improve out of the box security > by restricting XML signatures that use SHA-1 algorithms. > > CSR: https://bugs.openjdk.java.net/browse/JDK-8261246 > Release Note: https://bugs.openjdk.java.net/browse/JDK-8261364
Sean Mullan has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains five additional commits since the last revision: - Change SecurityUtils.removeAlgsFromDSigPolicy to use varargs and not List. - Merge - Remove extra whitespace. - Merge - Initial revision. ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/2463/files - new: https://git.openjdk.java.net/jdk/pull/2463/files/fd586fc7..5bd90b80 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=2463&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=2463&range=00-01 Stats: 2899 lines in 117 files changed: 1781 ins; 666 del; 452 mod Patch: https://git.openjdk.java.net/jdk/pull/2463.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/2463/head:pull/2463 PR: https://git.openjdk.java.net/jdk/pull/2463
