From d5944c4e398a288ff416a51ab35871024d612804 Mon Sep 17 00:00:00 2001
From: Sam Brannen <sam@sambrannen.com>
Date: Sat, 15 Aug 2015 23:48:20 +0200
Subject: [PATCH] Increase randomness in SocketUtils

---
 .../main/java/org/springframework/util/SocketUtils.java    | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/spring-core/src/main/java/org/springframework/util/SocketUtils.java b/spring-core/src/main/java/org/springframework/util/SocketUtils.java
index 6754a30a8b6..6faf33648b6 100644
--- a/spring-core/src/main/java/org/springframework/util/SocketUtils.java
+++ b/spring-core/src/main/java/org/springframework/util/SocketUtils.java
@@ -19,7 +19,7 @@ package org.springframework.util;
 import java.net.DatagramSocket;
 import java.net.InetAddress;
 import java.net.ServerSocket;
-import java.util.Random;
+import java.security.SecureRandom;
 import java.util.SortedSet;
 import java.util.TreeSet;
 import javax.net.ServerSocketFactory;
@@ -53,9 +53,6 @@ public class SocketUtils {
 	public static final int PORT_RANGE_MAX = 65535;
 
 
-	private static final Random random = new Random(System.currentTimeMillis());
-
-
 	/**
 	 * Although {@code SocketUtils} consists solely of static utility methods,
 	 * this constructor is intentionally {@code public}.
@@ -238,7 +235,7 @@ public class SocketUtils {
 		 */
 		private int findRandomPort(int minPort, int maxPort) {
 			int portRange = maxPort - minPort;
-			return minPort + random.nextInt(portRange);
+			return minPort + new SecureRandom().nextInt(portRange);
 		}
 
 		/**