With this fix, JSSE endpoint identification does not perform reverse name lookup for IP addresses by default in JDK. Synopsis: Improved certification checking
These cipher suites can still be enabled by tEnabledCipherSuites() and tEnabledCipherSuites() methods. RC4 cipher suites have been removed from both client and server default enabled cipher suite list in Oracle JSSE implementation. RC4 is now considered as a compromised cipher. RC4 related algorithms are added to the legacy algorithms list. A new security property,, is added to define the legacy algorithms in Oracle JSSE implementation. Servers should not select RC4 unless there is no other stronger candidate in the client requested cipher suites. Synopsis: Deprecate RC4 in SunJSSE provider Synopsis: Remove TrustCenter CA roots from cacertsĭN: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA,ĭN: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA,ĭN: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,ĭN: OU=Equifax Secure Certificate Authority, O=Equifax, C=USĭN: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=USĭN: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US OU=Class 3 Public Primary Certification Authority - G2, Verisign Class 3 Public Primary Certification Authority - G2 Synopsis: Add new Comodo roots to root CAsįour new root certificates have been added for Commodo:ġ. The following are some of the notable bug fixes included in this release:
Do i need java 8 update 191 Patch#
For more information, see Oracle Critical Patch Update Advisory.įor a list of bug fixes included in this release, see JDK 8u51 Bug Fixes page. This release contains fixes for security vulnerabilities. For all-permission applications, custom preloader will be disabled if it is located in the JNLP file with sandbox permission, until user agrees to run application from the Security Dialog, which grants unrestricted access (privileged) to application.After application is initialized, Java VM restarts with native sandbox enabled and the custom preloader will be used. Custom preloader will be disabled when sandbox applets or web-start applications are initializing and the default preloader will be used instead.In such cases, a special warning dialog will display, informing the user that the applet may not work properly, when such an applet tries to access the all-permission JAR files.Ĭustom preloader will be disabled in certain cases when native sandbox is enabled: Sandbox applets deployed with HTML applet tag which includes all-permissions JAR files from the Class-Path manifest attribute, will run in native sandbox. Native sandbox will be disabled for applications included the in Exception Site List (ESL) or when Deployment Rule Set (DRS) is used. This will not affect the all-permission applications and they will continue to run as before. When native sandbox is enabled, the sandbox applets or web-start applications will run in a restricted environment, that is provided by the operating system. New algorithm restriction DH keySize Advanced settings->Enable the operating system's restricted environment (native sandbox) or by setting .sandbox property to true in deployment.properties file. New Features and ChangesĮphemeral DH keys less than 768 bits deactivatedĮphemeral DH keys less than 768 bits are deactivated in JDK. For more information, see JRE Expiration Date. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. This JRE (version 8u51) will expire with the release of the next critical patch update scheduled for October 20, 2015.įor systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u51) on November 20, 2015. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. The JRE expires whenever a new release with security vulnerability fixes becomes available. JRE Security Baseline (Full Version String)įor more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.
0 kommentar(er)
