JDK-8245151 : jarsigner should not raise duplicate warnings on verification
- Type: Bug
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 15
- Priority: P4
- Status: Closed
- Resolution: Fixed
- Submitted: 2020-05-18
- Updated: 2020-10-12
- Resolved: 2020-05-19
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 15 | JDK 7 | JDK 8 |
|---|---|---|---|
| 11.0.9-oracleFixed | 15 b24Fixed  |
7u281Fixed | 8u270Fixed |
Related Reports
|
Relates :
|
Description
1. Signed a jar with options "-digestalg SHA-1" and "-tsadigestalg SHA-1", the output contained the blow lines, ... jar signed. Warning: The SHA-1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update. The SHA-1 algorithm specified for the -tsadigestalg option is considered a security risk. This algorithm will be disabled in a future update. ... 2. Verified the signed jar, two duplicate warnings were raised about SHA-1, like the below, ... jar verified. Warning: The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update. The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update. ...
Comments
|