This content has been marked as final. Show 1 reply
If you're lucky Oracle mentions that something is fixed; what they never mention is HOW it is fixed.
Googling this stuff proves that even more because I just can't find any hard information on the fix at all. The only thing I can find is that it involves the command line flag '-enableCBCProtection' which can be used to DISABLE the fix. Googling around for that flag returns a disappointing lack of information. This is what IBM has to say on it:
"The following system property can be set that adds sufficient randomness to the SSLv3/TLS 1.0 Cipher in Cipher-Block Chaining (CBC) mode to remediate a threat like BEAST."