Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-128413

Include libnssadapter.so in OpenJDK 25 RPM [rhel-10]

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • java-25-openjdk-25.0.1.0.8-3.el10
    • None
    • Important
    • ZStream
    • Customer Facing
    • rhel-sst-java
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      libnssadaptor.so is a library that works around an NSS limitation that affects OpenJDK when it is running in FIPS mode. It is a "wrapper library" that gets loaded instead of NSS, does some setup, then loads the real NSS.

      The idea is to create a security policy that points to libnssadaptor.so, overriding the normal behaviour where OpenJDK loads NSS directly. Preliminary work toward writing that policy configuration is on a branch in [~fferrari@redhat.com]'s OpenJDK fork repository.

      I filed this issue to represent the need to patch the java-25-openjdk.spec file to include libnssadaptor.so.

              fitzsim Thomas Fitzsimmons
              fitzsim Thomas Fitzsimmons
              Thomas Fitzsimmons
              Andrew Hughes Andrew Hughes
              David Kutalek David Kutalek
              Kieran Hosford Kieran Hosford
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: