Mercurial > hg > icedtea14

changeset 2683:eb7ebc35656b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
PR3755: Update patch against 13.0.1 & JDK-8228825 2019-10-23 Andrew John Hughes <gnu_andrew@member.fsf.org> PR3755: Update patch against 13.0.1 & JDK-8228825 * AUTHORS: Add Petra Mikova. 2019-10-21 Petra Mikova <pmikova@redhat.com> PR3755: Update patch against 13.0.1 & JDK-8228825 * patches/pr3755.patch: Curves supported over SSL are now limited upstream, as a result of CVE-2019-2894.
author Andrew John Hughes <gnu_andrew@member.fsf.org>
date Thu, 24 Oct 2019 03:30:04 +0100
parents 469958c06626
children 853c543f0a22
files AUTHORS ChangeLog patches/pr3755.patch
diffstat 3 files changed, 13 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/AUTHORS	Mon Oct 07 17:07:29 2019 +0100
+++ b/AUTHORS	Thu Oct 24 03:30:04 2019 +0100
@@ -25,6 +25,7 @@
 DJ Lucas <dj@linuxfromscratch.org>
 Omair Majid <omajid@redhat.com>
 Casey Marshall <csm@gnu.org>
+Petra Mikova <pmikova@redhat.com>
 Dan Munckton <lists@munckfish.net>
 Raif Naffah <admin@naffah-raif.name>
 Parag Nemade <pnemade@redhat.com>
--- a/ChangeLog	Mon Oct 07 17:07:29 2019 +0100
+++ b/ChangeLog	Thu Oct 24 03:30:04 2019 +0100
@@ -1,3 +1,15 @@
+2019-10-23  Andrew John Hughes  <gnu_andrew@member.fsf.org>
+
+	PR3755: Update patch against 13.0.1 & JDK-8228825
+	* AUTHORS: Add Petra Mikova.
+
+2019-10-21  Petra Mikova  <pmikova@redhat.com>
+
+	PR3755: Update patch against 13.0.1 & JDK-8228825
+	* patches/pr3755.patch:
+	Curves supported over SSL are now limited upstream,
+	as a result of CVE-2019-2894.
+
 2019-10-07  Andrew John Hughes  <gnu_andrew@member.fsf.org>
 
 	PR3755: Support secp256k1 in the default set of curves
--- a/patches/pr3755.patch	Mon Oct 07 17:07:29 2019 +0100
+++ b/patches/pr3755.patch	Thu Oct 24 03:30:04 2019 +0100
@@ -126,24 +126,6 @@
  
      final int id;               // hash + signature
      final NamedGroupType type;  // group type
-diff --git a/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java b/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java
---- a/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java
-+++ b/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java
-@@ -214,14 +214,6 @@
-                         // Secondary XDH curves
-                         NamedGroup.X448,
- 
--                        // Secondary NIST curves
--                        NamedGroup.SECT283_K1,
--                        NamedGroup.SECT283_R1,
--                        NamedGroup.SECT409_K1,
--                        NamedGroup.SECT409_R1,
--                        NamedGroup.SECT571_K1,
--                        NamedGroup.SECT571_R1,
--
-                         // non-NIST curves
-                         NamedGroup.SECP256_K1,
- 
 diff --git a/src/java.base/share/classes/sun/security/util/CurveDB.java b/src/java.base/share/classes/sun/security/util/CurveDB.java
 --- a/src/java.base/share/classes/sun/security/util/CurveDB.java
 +++ b/src/java.base/share/classes/sun/security/util/CurveDB.java