I have created OpenJDK 6 packages for Precise and Wily (should run on Vivid as well) with TLS 1.1 enabled by default and a OpenJDK 7 package for Wily with TLS 1.2 enabled by default as well. If you can, please test those and let me know the results.
$ sudo add-apt-repository ppa:tdaitx/openjdk See repo at https://launchpad.net/~tdaitx/+archive/ubuntu/openjdk As for RC4, it has been fully disabled upstream now [1,2,3,4]. In particular: * 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list * 8050158: Introduce system property to maintain RC4 preference order * 8043201: Deprecate RC4 in SunJSSE provider * 8043202: Prohibit RC4 cipher suites In order to use RC4 it seems that you need to set the system property "jdk.tls.preserveRC4CipherSuites" to "true" and make sure the algorithm you want to use is listed under "jdk.tls.legacyAlgorithms" in the java.security file (for Ubuntu it will be at /etc/java-7-openjdk/security/java.security or /etc/java-6-openjdk/security/java.security). Algorithms in jdk.tls.legacyAlgorithms will be tried only after exhausting all other options. [1] http://blog.fuseyism.com/index.php/2015/07/30/security-icedtea-1-13-8-for-openjdk-6-released/ [2] http://blog.fuseyism.com/index.php/2015/07/23/security-icedtea-2-5-6-for-openjdk-7-released/ [3] http://mail.openjdk.java.net/pipermail/jdk6-dev/2015-August/003540.html [4] http://mail.openjdk.java.net/pipermail/jdk7u-dev/2015-August/010390.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1482924 Title: Regressions due to USN-2696-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1482924/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
