Hi. The openjdk disables insecure protocols (previous to TLS 1.2) and some chipers, but icedtea does not do it. opejdk /opt/openjdk-bin-8.322_p06/jre/lib/security/java.security ... jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \ DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ include jdk.disabled.namedCurves ... icedtea /opt/icedtea-bin-3.16.0/jre/lib/security/java.security ... jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ EC keySize < 224, 3DES_EDE_CBC, anon, NULL ... Please fix it disabling insecure ciphers and algorithms.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=550bb0595b669648bf88be0b470a7c25c6a3d2a5 commit 550bb0595b669648bf88be0b470a7c25c6a3d2a5 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2022-08-25 08:12:57 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-04-08 07:14:46 +0000 profiles/package.mask: last rite dev-java/{gin,gwt,validation-api,icedtead-bin} Bug: https://bugs.gentoo.org/848804 Bug: https://bugs.gentoo.org/732628 Closes: https://bugs.gentoo.org/830248 Bug: https://bugs.gentoo.org/716228 Bug: https://bugs.gentoo.org/853100 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/35987 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> profiles/package.mask | 12 ++++++++++++ 1 file changed, 12 insertions(+)
