I should clarify that my tests results for 6b36-1.13.8-0ubuntu1 are based on a modified java.security file which removed SSLv3 from the jdk.tls.disabledAlgorithms property. That may be the reason why they show SSLv3 as a default-enabled algorithm.
Also, I was finally able to test your Wily package (I had to install an image in VirtualBox.) Unlike the openjdk-6 package from the PPA, it works as expected in the sense that TLSv1.2 is on by default: nbryant@wily:~$ java -version java version "1.7.0_79" OpenJDK Runtime Environment (IcedTea 2.5.6) (7u79-2.5.6-1ubuntu1~ppa3) OpenJDK 64-Bit Server VM (build 24.79-b02, mixed mode) nbryant@wily:~$ java TLSVersions java.vendor java.version proto enabledProtocols Oracle Corporation 1.7.0_79 TLSv1.2 SSLv3,TLSv1,TLSv1.1,TLSv1.2 Oracle Corporation 1.7.0_79 TLSv1.1 SSLv3,TLSv1,TLSv1.1 Oracle Corporation 1.7.0_79 TLSv1 SSLv3,TLSv1 Oracle Corporation 1.7.0_79 TLS SSLv3,TLSv1,TLSv1.1,TLSv1.2 Oracle Corporation 1.7.0_79 SSL SSLv3,TLSv1,TLSv1.1,TLSv1.2 This is a little weird though, SSLv3 is on, even though I have this in java.security: jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 768 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1482924 Title: Regressions due to USN-2696-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1482924/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
