Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P4
-
Resolution: Fixed
-
Affects Version/s: 15
-
Fix Version/s: 15
-
Component/s: security-libs
-
Subcomponent:
-
Introduced In Build:b20
-
Introduced In Version:
-
Resolved In Build:b24
-
Verification:Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8249161 | 11.0.9-oracle | Sean Coffey | P4 | Resolved | Fixed | b02 |
JDK-8249762 | 11.0.9 | Haimay Chao | P4 | Resolved | Fixed | b01 |
JDK-8249679 | 8u271 | Sean Coffey | P4 | Resolved | Fixed | b02 |
JDK-8251767 | emb-8u271 | Haimay Chao | P4 | Resolved | Fixed | team |
JDK-8249775 | 7u281 | Haimay Chao | P4 | Resolved | Fixed | b02 |
Description
1. Signed a jar with options "-digestalg SHA-1" and "-tsadigestalg SHA-1", the output contained the blow lines,
...
jar signed.
Warning:
The SHA-1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update.
The SHA-1 algorithm specified for the -tsadigestalg option is considered a security risk. This algorithm will be disabled in a future update.
...
2. Verified the signed jar, two duplicate warnings were raised about SHA-1, like the below,
...
jar verified.
Warning:
The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
...
...
jar signed.
Warning:
The SHA-1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update.
The SHA-1 algorithm specified for the -tsadigestalg option is considered a security risk. This algorithm will be disabled in a future update.
...
2. Verified the signed jar, two duplicate warnings were raised about SHA-1, like the below,
...
jar verified.
Warning:
The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
...
Attachments
Issue Links
- backported by
-
JDK-8249161 jarsigner should not raise duplicate warnings on verification
-
- Resolved
-
-
JDK-8249679 jarsigner should not raise duplicate warnings on verification
-
- Resolved
-
-
JDK-8249762 jarsigner should not raise duplicate warnings on verification
-
- Resolved
-
-
JDK-8249775 jarsigner should not raise duplicate warnings on verification
-
- Resolved
-
-
JDK-8251767 jarsigner should not raise duplicate warnings on verification
-
- Resolved
-
- relates to
-
JDK-8172404 Tools should warn if weak algorithms are used before restricting them
-
- Resolved
-
(1 relates to)