You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@rocketmq.apache.org by vo...@apache.org on 2021/03/11 10:11:52 UTC

[rocketmq] branch develop updated: [ISSUE #1233] Fix CVE-2011-1473

This is an automated email from the ASF dual-hosted git repository.

vongosling pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/rocketmq.git


The following commit(s) were added to refs/heads/develop by this push:
     new e9b2d85  [ISSUE #1233] Fix CVE-2011-1473
e9b2d85 is described below

commit e9b2d8522df084a0f8c19eb56e91d6d61bcb673b
Author: SSpirits <sh...@outlook.com>
AuthorDate: Thu Mar 11 18:11:29 2021 +0800

    [ISSUE #1233] Fix CVE-2011-1473
---
 .../src/main/java/org/apache/rocketmq/remoting/netty/TlsHelper.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/remoting/src/main/java/org/apache/rocketmq/remoting/netty/TlsHelper.java b/remoting/src/main/java/org/apache/rocketmq/remoting/netty/TlsHelper.java
index efbdd52..5003ce3 100644
--- a/remoting/src/main/java/org/apache/rocketmq/remoting/netty/TlsHelper.java
+++ b/remoting/src/main/java/org/apache/rocketmq/remoting/netty/TlsHelper.java
@@ -133,7 +133,7 @@ public class TlsHelper {
                 SelfSignedCertificate selfSignedCertificate = new SelfSignedCertificate();
                 return SslContextBuilder
                     .forServer(selfSignedCertificate.certificate(), selfSignedCertificate.privateKey())
-                    .sslProvider(SslProvider.JDK)
+                    .sslProvider(provider)
                     .clientAuth(ClientAuth.OPTIONAL)
                     .build();
             } else {