[
https://issues.apache.org/jira/browse/DERBY-6764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14197712#comment-14197712
]
Knut Anders Hatlen commented on DERBY-6764:
-------------------------------------------
Thanks for fixing those issues. The latest continuous integration test run
completed without any failures.
As to ArrayList vs arrays, I'd probably consider the benefits of having simpler
code greater than the cost of dropping the {{<String>}} part and possibly
adding a cast when backporting to 10.10. But I don't think it's a very big deal.
> analyze impact of poodle security alert on Derby client - server ssl support
> ----------------------------------------------------------------------------
>
> Key: DERBY-6764
> URL: https://issues.apache.org/jira/browse/DERBY-6764
> Project: Derby
> Issue Type: Task
> Affects Versions: 10.12.0.0
> Reporter: Myrna van Lunteren
> Assignee: Mamta A. Satoor
> Fix For: 10.12.0.0
>
> Attachments: DERBY6764_patch1_diff.txt, DERBY6764_patch1_stat.txt
>
>
> Recently, a security weakness was found in SSLv3, POODLE: SSLv3 vulnerability
> (CVE-2014-3566)
> Derby supports ssl between the client and network server.
> We should investigate this and decide if we need to change our product, e.g.
> to eliminate support for SSL in favor of its successor TLS.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
