JDK-8258893 : Tools should warn if weak algorithms are used before restricting them
  • Type: Backport
  • Backport of: JDK-8172404
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-12-23
  • Updated: 2021-02-16
  • Resolved: 2021-02-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 15 Other
15Fixed openjdk8u292Fixed
Comments
URL: https://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/78875da14d05 User: andrew Date: 2021-02-16 17:25:50 +0000
16-02-2021
URL: https://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/78875da14d05 User: sgehwolf Date: 2021-02-11 18:29:14 +0000
11-02-2021
Fix Request (OpenJDK 8u): Please approve this for 8u backport. I see this has been backported to Oracle JDK too. The JDK 11u patch didn't apply cleanly and I've posted a review. Reviewers: Andrew Hughes and Martin Balao. Testing: keytool/jarsigner tests. Manual testing that warnings are being printed for weak CA certs in cacerts. RFR: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013293.html approval(s): https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-February/013391.html https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-February/013388.html CSR: https://bugs.openjdk.java.net/browse/JDK-8238640
08-02-2021
JDK-8233228 is in jdk8u-dev now. As of Jan 26, 2021, so is JDK-8185934.
26-01-2021
RFR: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013293.html
11-01-2021
Candidate webrev (depending on JDK-8185934 and JDK-8233228): https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-8172404/jdk8/02/webrev/
08-01-2021
In order for this to apply better it depends on a backport of JDK-8185934 (benign, low risk change) and JDK-8233228 (already in the pipeline for backporting[1]). [1] https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-December/013181.html
23-12-2020