Issue JDK-4873188 [1] asked for TLS 1.1 support for OpenJDK 1.4, 5, 6, and 7. It was implemented for OpenJDK 7 [2] and recently backported to 6 [3].
An issue to add TLS 1.2 support to OpenJDK 1.4, 5, and 6 was tracked by JDK-6916074 [4], but support for it was only added for OpenJDK 7 [5].
It is not clear at this time if TLS 1.2 is supported by OpenJDK 6. The TLS 1.1 backport [3] seems to have integrated TLS 1.2 support code (but with a seemly hard-coded max for TLS 1.1) and a fix for a TLS 1.2 bug was recently incorporated [6] which includes a test for "SSLv3", "TLSv1", "TLSv1.1", and "TLSv1.2".
JDK-7093640 [7] tracked the effort to enable TLS 1.2 by default for OpenJDK 7 and 8, but was only enabled for OpenJDK 8 [8] and 9 [9]. The rationale at the time [see 7] was to keep it disabled for OpenJDK 7 due to existing "version intolerant" servers - ie. "TLS server deployments that do not accept higher TLS version numbers, which is generally version TLS v1.0".
As for RC4, disabling it was originally reported in JDK-8076221 [10] and executed by S8043202. For OpenJDK 7, that change was integrated into IcedTea 2.5 JDK forest [11] and released in 2.5.6 [12] and 2.6.1 [13]. OpenJDK 6 got it in IcedTea 1.13.8 release [14].
Issue JDK-4873188 [1] asked for TLS 1.1 support for OpenJDK 1.4, 5, 6, and 7. It was implemented for OpenJDK 7 [2] and recently backported to 6 [3].
An issue to add TLS 1.2 support to OpenJDK 1.4, 5, and 6 was tracked by JDK-6916074 [4], but support for it was only added for OpenJDK 7 [5].
It is not clear at this time if TLS 1.2 is supported by OpenJDK 6. The TLS 1.1 backport [3] seems to have integrated TLS 1.2 support code (but with a seemly hard-coded max for TLS 1.1) and a fix for a TLS 1.2 bug was recently incorporated [6] which includes a test for "SSLv3", "TLSv1", "TLSv1.1", and "TLSv1.2".
JDK-7093640 [7] tracked the effort to enable TLS 1.2 by default for OpenJDK 7 and 8, but was only enabled for OpenJDK 8 [8] and 9 [9]. The rationale at the time [see 7] was to keep it disabled for OpenJDK 7 due to existing "version intolerant" servers - ie. "TLS server deployments that do not accept higher TLS version numbers, which is generally version TLS v1.0".
As for RC4, disabling it was originally reported in JDK-8076221 [10] and executed by S8043202. For OpenJDK 7, that change was integrated into IcedTea 2.5 JDK forest [11] and released in 2.5.6 [12] and 2.6.1 [13]. OpenJDK 6 got it in IcedTea 1.13.8 release [14].
References: /bugs.openjdk. java.net/ browse/ JDK-4873188 hg.openjdk. java.net/ jdk7/jdk7/ jdk/rev/ 93cd7e89adb8 hg.openjdk. java.net/ jdk6/jdk6/ jdk/rev/ 0ddb5d39438d
[1] https:/
[2] http://
[3] http://
[4] https:/ /bugs.openjdk. java.net/ browse/ JDK-6916074 hg.openjdk. java.net/ jdk7u/jdk7u/ jdk/rev/ 9d6a9f65d2bf
[5] http://
[6] http:// hg.openjdk. java.net/ jdk6/jdk6/ jdk/rev/ 042e39055298
[7] https:/ /bugs.openjdk. java.net/ browse/ JDK-7093640 /bugs.openjdk. java.net/ browse/ JDK-8031273 /bugs.openjdk. java.net/ browse/ JDK-8030791
[8] https:/
[9] https:/
[10] https:/ /bugs.openjdk. java.net/ browse/ JDK-8076221 icedtea. classpath. org/hg/ release/ icedtea7- forest- 2.5/jdk/ rev/0982455b2f4 d blog.fuseyism. com/index. php/2015/ 07/23/security- icedtea- 2-5-6-for- openjdk- 7-released/ blog.fuseyism. com/index. php/2015/ 07/21/security- icedtea- 2-6-1-for- openjdk- 7-released/ blog.fuseyism. com/index. php/2015/ 07/30/security- icedtea- 1-13-8- for-openjdk- 6-released/
[11] http://
[12] http://
[13] http://
[14] http://