d92b92
Key:
d92b92
d92b92
JDK-X  - https://bugs.openjdk.java.net/browse/JDK-X
d92b92
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
d92b92
0382ac
New in release OpenJDK 8u262 (2020-07-14):
0382ac
===========================================
0382ac
Live versions of these release notes can be found at:
0382ac
  * https://bitly.com/oj8u262
0382ac
  * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u262.txt
0382ac
0382ac
* New features
0382ac
  - JDK-8223147: JFR Backport
0382ac
* Security fixes
0382ac
  - JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue)
0382ac
  - JDK-8028591, CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString()
0382ac
  - JDK-8230613: Better ASCII conversions
0382ac
  - JDK-8231800: Better listing of arrays
0382ac
  - JDK-8232014: Expand DTD support
0382ac
  - JDK-8233255: Better Swing Buttons
0382ac
  - JDK-8234032: Improve basic calendar services
0382ac
  - JDK-8234042: Better factory production of certificates
0382ac
  - JDK-8234418: Better parsing with CertificateFactory
0382ac
  - JDK-8234836: Improve serialization handling
0382ac
  - JDK-8236191: Enhance OID processing
0382ac
  - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
0382ac
  - JDK-8237592, CVE-2020-14577: Enhance certificate verification
0382ac
  - JDK-8238002, CVE-2020-14581: Better matrix operations
0382ac
  - JDK-8238804: Enhance key handling process
0382ac
  - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
0382ac
  - JDK-8238843: Enhanced font handing
0382ac
  - JDK-8238920, CVE-2020-14583: Better Buffer support
0382ac
  - JDK-8238925: Enhance WAV file playback
0382ac
  - JDK-8240119, CVE-2020-14593: Less Affine Transformations
0382ac
  - JDK-8240482: Improved WAV file playback
0382ac
  - JDK-8241379: Update JCEKS support
0382ac
  - JDK-8241522: Manifest improved jar headers redux
0382ac
  - JDK-8242136, CVE-2020-14621: Better XML namespace handling
0382ac
* Other changes
0382ac
  - JDK-4949105: Access Bridge lacks html tags parsing
0382ac
  - JDK-7147060: com/sun/org/apache/xml/internal/security/transforms/ClassLoaderTest.java doesn't run in agentvm mode
0382ac
  - JDK-8003209: JFR events for network utilization
0382ac
  - JDK-8030680: 292 cleanup from default method code assessment
0382ac
  - JDK-8035633: TEST_BUG: java/net/NetworkInterface/Equals.java and some tests failed on windows intermittently
0382ac
  - JDK-8037866: Replace the Fun class in tests with lambdas
0382ac
  - JDK-8041626: Shutdown tracing event
0382ac
  - JDK-8041915: Move 8 awt tests to OpenJDK regression tests tree
0382ac
  - JDK-8067796: (process) Process.waitFor(timeout, unit) doesn't throw NPE if timeout is less than, or equal to zero when unit == null
0382ac
  - JDK-8076475: Misuses of strncpy/strncat
0382ac
  - JDK-8130737: AffineTransformOp can't handle child raster with non-zero x-offset
0382ac
  - JDK-8141056: Erroneous assignment in HeapRegionSet.cpp
0382ac
  - JDK-8146612: C2: Precedence edges specification violated
0382ac
  - JDK-8148886: SEGV in sun.java2d.marlin.Renderer._endRendering
0382ac
  - JDK-8149338: JVM Crash caused by Marlin renderer not handling NaN coordinates
0382ac
  - JDK-8150986: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java failing because expects HPROF JAVA PROFILE 1.0.1 file format
0382ac
  - JDK-8151582: (ch) test java/nio/channels/AsyncCloseAndInterrupt.java failing due to "Connection succeeded"
0382ac
  - JDK-8165675: Trace event for thread park has incorrect unit for timeout
0382ac
  - JDK-8171934: ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() does not recognize OpenJDK's HotSpot VM
0382ac
  - JDK-8172559: [PIT][TEST_BUG] Move @test to be 1st annotation in java/awt/image/Raster/TestChildRasterOp.java
0382ac
  - JDK-8176182: 4 security tests are not run
0382ac
  - JDK-8178374: Problematic ByteBuffer handling in CipherSpi.bufferCrypt method
0382ac
  - JDK-8178910: Problemlist sample tests
0382ac
  - JDK-8181841: A TSA server returns timestamp with precision higher than milliseconds
0382ac
  - JDK-8183925: Decouple crash protection from watcher thread
0382ac
  - JDK-8191393: Random crashes during cfree+0x1c
0382ac
  - JDK-8195817: JFR.stop should require name of recording
0382ac
  - JDK-8195818: JFR.start should increase autogenerated name by one
0382ac
  - JDK-8195819: Remove recording=x from jcmd JFR.check output
0382ac
  - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE
0382ac
  - JDK-8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider
0382ac
  - JDK-8199712: Flight Recorder
0382ac
  - JDK-8202578: Revisit location for class unload events
0382ac
  - JDK-8202835: jfr/event/os/TestSystemProcess.java fails on missing events
0382ac
  - JDK-8203287: Zero fails to build after JDK-8199712 (Flight Recorder)
0382ac
  - JDK-8203346: JFR: Inconsistent signature of jfr_add_string_constant
0382ac
  - JDK-8203664: JFR start failure after AppCDS archive created with JFR StartFlightRecording
0382ac
  - JDK-8203921: JFR thread sampling is missing fixes from JDK-8194552
0382ac
  - JDK-8203929: Limit amount of data for JFR.dump
0382ac
  - JDK-8204152: SignedObject throws NullPointerException for null keys with an initialized Signature object
0382ac
  - JDK-8205516: JFR tool
0382ac
  - JDK-8207392: [PPC64] Implement JFR profiling
0382ac
  - JDK-8207829: FlightRecorderMXBeanImpl is leaking the first classloader which calls it
0382ac
  - JDK-8209960: -Xlog:jfr* doesn't work with the JFR
0382ac
  - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread()
0382ac
  - JDK-8210776: Upgrade X Window System 6.8.2 to the latest XWD 1.0.7
0382ac
  - JDK-8211239: Build fails without JFR: empty JFR events signatures mismatch
0382ac
  - JDK-8212232: Wrong metadata for the configuration of the cutoff for old object sample events
0382ac
  - JDK-8213015: Inconsistent settings between JFR.configure and -XX:FlightRecorderOptions
0382ac
  - JDK-8213421: Line number information for execution samples always 0
0382ac
  - JDK-8213617: JFR should record the PID of the recorded process
0382ac
  - JDK-8213734: SAXParser.parse(File, ..) does not close resources when Exception occurs.
0382ac
  - JDK-8213914: [TESTBUG] Several JFR VM events are not covered by tests
0382ac
  - JDK-8213917: [TESTBUG] Shutdown JFR event is not covered by test
0382ac
  - JDK-8213966: The ZGC JFR events should be marked as experimental
0382ac
  - JDK-8214542: JFR: Old Object Sample event slow on a deep heap in debug builds
0382ac
  - JDK-8214750: Unnecessary 

tags in jfr classes

0382ac
  - JDK-8214896: JFR Tool left files behind
0382ac
  - JDK-8214906: [TESTBUG] jfr/event/sampling/TestNative.java fails with UnsatisfiedLinkError
0382ac
  - JDK-8214925: JFR tool fails to execute
0382ac
  - JDK-8215175: Inconsistencies in JFR event metadata
0382ac
  - JDK-8215237: jdk.jfr.Recording javadoc does not compile
0382ac
  - JDK-8215284: Reduce noise induced by periodic task getFileSize()
0382ac
  - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1)
0382ac
  - JDK-8215362: JFR GTest JfrTestNetworkUtilization fails
0382ac
  - JDK-8215771: The jfr tool should pretty print reference chains
0382ac
  - JDK-8216064: -XX:StartFlightRecording:settings= doesn't work properly
0382ac
  - JDK-8216486: Possibility of integer overflow in JfrThreadSampler::run()
0382ac
  - JDK-8216528: test/jdk/java/rmi/transport/runtimeThreadInheritanceLeak/RuntimeThreadInheritanceLeak.java failing with Xcomp
0382ac
  - JDK-8216559: [JFR] Native libraries not correctly parsed from /proc/self/maps
0382ac
  - JDK-8216578: Remove unused/obsolete method in JFR code
0382ac
  - JDK-8216995: Clean up JFR command line processing
0382ac
  - JDK-8217744: [TESTBUG] JFR TestShutdownEvent fails on some systems due to process surviving SIGINT
0382ac
  - JDK-8217748: [TESTBUG] Exclude TestSig test case from JFR TestShutdownEvent
0382ac
  - JDK-8218935: Make jfr strncpy uses GCC 8.x friendly
0382ac
  - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions
0382ac
  - JDK-8220293: Deadlock in JFR string pool
0382ac
  - JDK-8223689: Add JFR Thread Sampling Support
0382ac
  - JDK-8223690: Add JFR BiasedLock Event Support
0382ac
  - JDK-8223691: Add JFR G1 Region Type Change Event Support
0382ac
  - JDK-8223692: Add JFR G1 Heap Summary Event Support
0382ac
  - JDK-8223898: Forward references to Nashorn
0382ac
  - JDK-8223904: Improve Nashorn matching
0382ac
  - JDK-8224172: assert(jfr_is_event_enabled(id)) failed: invariant
0382ac
  - JDK-8224475: JTextPane does not show images in HTML rendering
0382ac
  - JDK-8224541: Better mapping of serial ENUMs
0382ac
  - JDK-8224549: Less Blocking Array Queues
0382ac
  - JDK-8225068: Remove DocuSign root certificate that is expiring in May 2020
0382ac
  - JDK-8225069: Remove Comodo root certificate that is expiring in May 2020
0382ac
  - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
0382ac
  - JDK-8225603: Enhancement for big integers
0382ac
  - JDK-8226253: JAWS reports wrong number of radio buttons when buttons are hidden.
0382ac
  - JDK-8226779: [TESTBUG] Test JFR API from Java agent
0382ac
  - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys
0382ac
  - JDK-8227011: Starting a JFR recording in response to JVMTI VMInit and / or Java agent premain corrupts memory
0382ac
  - JDK-8227269: Slow class loading when running with JDWP
0382ac
  - JDK-8227542: Manifest improved jar headers
0382ac
  - JDK-8227605: Kitchensink fails "assert((((klass)->trace_id() & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) failed: invariant"
0382ac
  - JDK-8229366: JFR backport allows unchecked writing to memory
0382ac
  - JDK-8229401: Fix JFR code cache test failures
0382ac
  - JDK-8229708: JFR backport code does not initialize
0382ac
  - JDK-8229873: 8229401 broke jdk8u-jfr-incubator
0382ac
  - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions
0382ac
  - JDK-8229899: Make java.io.File.isInvalid() less racy
0382ac
  - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception
0382ac
  - JDK-8230448: [test] JFRSecurityTestSuite.java is failing on Windows
0382ac
  - JDK-8230597: Update GIFlib library to the 5.2.1
0382ac
  - JDK-8230707: JFR related tests are failing
0382ac
  - JDK-8230769: BufImg_SetupICM add ReleasePrimitiveArrayCritical call in early return
0382ac
  - JDK-8230782: Robot.createScreenCapture() fails if ?awt.robot.gtk? is set to false
0382ac
  - JDK-8230856: Java_java_net_NetworkInterface_getByName0 on unix misses ReleaseStringUTFChars in early return
0382ac
  - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout
0382ac
  - JDK-8230947: TestLookForUntestedEvents.java is failing after JDK-8230707
0382ac
  - JDK-8231415: Better signatures in XML
0382ac
  - JDK-8231995: two jtreg tests failed after 8229366 is fixed
0382ac
  - JDK-8233197: Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing
0382ac
  - JDK-8233250: Better X11 rendering
0382ac
  - JDK-8233410: Better Build Scripting
0382ac
  - JDK-8233623: Add classpath exception to copyright in EventHandlerProxyCreator.java file
0382ac
  - JDK-8233880: Support compilers with multi-digit major version numbers
0382ac
  - JDK-8234027: Better JCEKS key support
0382ac
  - JDK-8234408: Improve TLS session handling
0382ac
  - JDK-8234825: Better Headings for HTTP Servers
0382ac
  - JDK-8234841: Enhance buffering of byte buffers
0382ac
  - JDK-8235274: Enhance typing of methods
0382ac
  - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64
0382ac
  - JDK-8236002: CSR for JFR backport suggests not leaving out the package-info
0382ac
  - JDK-8236008: Some backup files were accidentally left in the hotspot tree
0382ac
  - JDK-8236074: Missed package-info
0382ac
  - JDK-8236174: Should update javadoc since tags
0382ac
  - JDK-8236201: Better Scanner conversions
0382ac
  - JDK-8236996: Incorrect Roboto font rendering on Windows with subpixel antialiasing
0382ac
  - JDK-8238076: Fix OpenJDK 7 Bootstrap Broken by JFR Backport
0382ac
  - JDK-8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01
0382ac
  - JDK-8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB
0382ac
  - JDK-8238589: Necessary code cleanup in JFR for JDK8u
0382ac
  - JDK-8238590: Enable JFR by default during compilation in 8u
0382ac
  - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap
0382ac
  - JDK-8239055: Wrong implementation of VMState.hasListener
0382ac
  - JDK-8239476: JDK-8238589 broke windows build by moving OrderedPair
0382ac
  - JDK-8239479: minimal1 and zero builds are failing
0382ac
  - JDK-8239852: java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed
0382ac
  - JDK-8239867: correct over use of INCLUDE_JFR macro
0382ac
  - JDK-8240375: Disable JFR by default for July 2020 release
0382ac
  - JDK-8240521: Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call
0382ac
  - JDK-8240576: JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges
0382ac
  - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
0382ac
  - JDK-8241307: Marlin renderer should not be the default in 8u252
0382ac
  - JDK-8241444: Metaspace::_class_vsm not initialized if compressed class pointers are disabled
0382ac
  - JDK-8241638: launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set
0382ac
  - JDK-8241750: x86_32 build failure after JDK-8227269
0382ac
  - JDK-8241902: AIX Build broken after integration of JDK-8223147 (JFR Backport)
0382ac
  - JDK-8242788: Non-PCH build is broken after JDK-8191393
0382ac
  - JDK-8242883: Incomplete backport of JDK-8078268: backport test part
0382ac
  - JDK-8243059: Build fails when --with-vendor-name contains a comma
0382ac
  - JDK-8243474: [TESTBUG] removed three tests of 0 bytes
0382ac
  - JDK-8243539: Copyright info (Year) should be updated for fix of 8241638
0382ac
  - JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a
0382ac
  - JDK-8244407: JVM crashes after transformation in C2 IdealLoopTree::split_fall_in
0382ac
  - JDK-8244461: [JDK 8u] Build fails with glibc 2.32
0382ac
  - JDK-8244548: JDK 8u: sun.misc.Version.jdkUpdateVersion() returns wrong result
0382ac
  - JDK-8244777: ClassLoaderStats VM Op uses constant hash value
0382ac
  - JDK-8244843: JapanEraNameCompatTest fails
0382ac
  - JDK-8245167: Top package in method profiling shows null in JMC
0382ac
  - JDK-8246223: Windows build fails after JDK-8227269
0382ac
  - JDK-8246703: [TESTBUG] Add test for JDK-8233197
0382ac
  - JDK-8248399: Build installs jfr binary when JFR is disabled
0382ac
  - JDK-8248715: New JavaTimeSupplementary localisation for 'in' installed in wrong package
0382ac
0382ac
Notes on individual issues:
0382ac
===========================
0382ac
0382ac
hotspot/jfr:
0382ac
0382ac
JDK-8240687: JDK Flight Recorder Integrated to OpenJDK 8u
0382ac
=========================================================
0382ac
0382ac
OpenJDK 8u now contains the backport of JEP 328: Flight Recorder
0382ac
(https://openjdk.java.net/jeps/328) from later versions of OpenJDK.
0382ac
0382ac
JFR is a low-overhead framework to collect and provide data helpful to
0382ac
troubleshoot the performance of the OpenJDK runtime and of Java
0382ac
applications. It consists of a new API to define custom events under
0382ac
the jdk.jfr namespace and a JMX interface to interact with the
0382ac
framework. The recording can also be initiated with the application
0382ac
startup using the -XX:+FlightRecorder flag or via jcmd. JFR replaces
0382ac
the +XX:EnableTracing feature introduced in JEP 167, providing a more
0382ac
efficient way to retrieve the same information. For compatibility
0382ac
reasons, +XX:EnableTracing is still accepted, however no data will be
0382ac
printed.
0382ac
0382ac
While JFR is not built by default upstream, it is included in Red Hat
0382ac
binaries for supported architectures (x86_64, AArch64 & PowerPC 64)
0382ac
0382ac
hotspot/runtime:
0382ac
0382ac
JDK-8205622: JFR Start Failure After AppCDS Archive Created with JFR StartFlightRecording
0382ac
=========================================================================================
0382ac
0382ac
JFR will be disabled with a warning message if it is enabled during
0382ac
CDS dumping. The user will see the following warning message:
0382ac
0382ac
OpenJDK 64-Bit Server VM warning: JFR will be disabled during CDS dumping
0382ac
0382ac
if JFR is enabled during CDS dumping such as in the following command
0382ac
line:
0382ac
0382ac
$ java -Xshare:dump -XX:StartFlightRecording=dumponexit=true
0382ac
0382ac
security-libs/java.security:
0382ac
0382ac
JDK-8244167: Removal of Comodo Root CA Certificate
0382ac
==================================================
0382ac
0382ac
The following expired Comodo root CA certificate was removed from the
0382ac
`cacerts` keystore: + alias name "addtrustclass1ca [jdk]"
0382ac
0382ac
Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
0382ac
0382ac
JDK-8244166: Removal of DocuSign Root CA Certificate
0382ac
====================================================
0382ac
0382ac
The following expired DocuSign root CA certificate was removed from
0382ac
 the `cacerts` keystore: + alias name "keynectisrootca [jdk]"
0382ac
0382ac
Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
0382ac
0382ac
security-libs/javax.crypto:pkcs11:
0382ac
0382ac
JDK-8240191: Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database
0382ac
============================================================================================================================
0382ac
0382ac
The SunPKCS11 security provider can now be initialized with NSS when
0382ac
FIPS-enabled external modules are configured in the Security Modules
0382ac
Database (NSSDB). Prior to this change, the SunPKCS11 provider would
0382ac
throw a RuntimeException with the message: "FIPS flag set for
0382ac
non-internal module" when such a library was configured for NSS in
0382ac
non-FIPS mode.
0382ac
0382ac
This change allows the JDK to work properly with recent NSS releases
0382ac
on GNU/Linux operating systems when the system-wide FIPS policy is
0382ac
turned on.
0382ac
0382ac
Further information can be found in JDK-8238555.
0382ac
d92b92
New in release OpenJDK 8u252 (2020-04-14):
d92b92
===========================================
d92b92
Live versions of these release notes can be found at:
d92b92
  * https://bitly.com/oj8u252
d92b92
  * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u252.txt
d92b92
d92b92
* Security fixes
d92b92
  - JDK-8223898, CVE-2020-2754: Forward references to Nashorn
d92b92
  - JDK-8223904, CVE-2020-2755: Improve Nashorn matching
d92b92
  - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs
d92b92
  - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues
d92b92
  - JDK-8225603: Enhancement for big integers
d92b92
  - JDK-8227542: Manifest improved jar headers
d92b92
  - JDK-8231415, CVE-2020-2773: Better signatures in XML
d92b92
  - JDK-8233250: Better X11 rendering
d92b92
  - JDK-8233410: Better Build Scripting
d92b92
  - JDK-8234027: Better JCEKS key support
d92b92
  - JDK-8234408, CVE-2020-2781: Improve TLS session handling
d92b92
  - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers
d92b92
  - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers
d92b92
  - JDK-8235274, CVE-2020-2805: Enhance typing of methods
d92b92
  - JDK-8236201, CVE-2020-2830: Better Scanner conversions
d92b92
  - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap
d92b92
* Other changes
d92b92
  - JDK-8005819: Support cross-realm MSSFU
d92b92
  - JDK-8022263: use same Clang warnings on BSD as on Linux
d92b92
  - JDK-8038631: Create wrapper for awt.Robot with additional functionality
d92b92
  - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor is invalid
d92b92
  - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and some unit tests
d92b92
  - JDK-8068184: Fix for JDK-8032832 caused a deadlock
d92b92
  - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature
d92b92
  - JDK-8132130: some docs cleanup
d92b92
  - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit
d92b92
  - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods is not optimal
d92b92
  - JDK-8144446: Automate the Marlin crash test
d92b92
  - JDK-8144526: Remove Marlin logging use of deleted internal API
d92b92
  - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats
d92b92
  - JDK-8144654: Improve Marlin logging
d92b92
  - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with huge coordinates and round joins
d92b92
  - JDK-8166976: TestCipherPBECons has wrong @run line
d92b92
  - JDK-8167409: Invalid value passed to critical JNI function
d92b92
  - JDK-8181872: C1: possible overflow when strength reducing integer multiply by constant
d92b92
  - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT
d92b92
  - JDK-8191227: issues with unsafe handle resolution
d92b92
  - JDK-8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider
d92b92
  - JDK-8204152: SignedObject throws NullPointerException for null keys with an initialized Signature object
d92b92
  - JDK-8215756: Memory leaks in the AWT on macOS
d92b92
  - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win)
d92b92
  - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from mtInternal to mtThread
d92b92
  - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions
d92b92
  - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test
d92b92
  - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
d92b92
  - JDK-8229022: BufferedReader performance can be improved by using StringBuilder
d92b92
  - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC
d92b92
  - JDK-8229872: (fs) Increase buffer size used with getmntent
d92b92
  - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception
d92b92
  - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type
d92b92
  - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64
d92b92
  - JDK-8235904: Infinite loop when rendering huge lines
d92b92
  - JDK-8236179: C1 register allocation error with T_ADDRESS
d92b92
  - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read
d92b92
  - JDK-8240521: Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call
d92b92
  - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
d92b92
  - JDK-8241307: Marlin renderer should not be the default in 8u252
d92b92
d92b92
Notes on individual issues:
d92b92
===========================
d92b92
d92b92
hotspot/svc:
d92b92
d92b92
JDK-8174881: Binary format for HPROF updated 
d92b92
============================================
d92b92
d92b92
When dumping the heap in binary format, HPROF format 1.0.2 is always
d92b92
used now. Previously, format 1.0.1 was used for heaps smaller than
d92b92
2GB. HPROF format 1.0.2 is also used by jhsdb jmap for the
d92b92
serviceability agent.
d92b92
d92b92
security-libs/java.security:
d92b92
d92b92
JDK-8229518: Added Support for PKCS#1 v2.2 Algorithms Including RSASSA-PSS Signature
d92b92
====================================================================================
d92b92
d92b92
The SunRsaSign and SunJCE providers have been enhanced with support
d92b92
for more algorithms defined in PKCS#1 v2.2, such as RSASSA-PSS
d92b92
signature and OAEP using FIPS 180-4 digest algorithms. New
d92b92
constructors and methods have been added to relevant JCA/JCE classes
d92b92
under the `java.security.spec` and `javax.crypto.spec` packages for
d92b92
supporting additional RSASSA-PSS parameters.
d92b92
d92b92
security-libs/javax.crypto:
d92b92
d92b92
JDK-8205471: RSASSA-PSS Signature Support Added to SunMSCAPI
d92b92
============================================================
d92b92
d92b92
The RSASSA-PSS signature algorithm support has been added to the SunMSCAPI provider.
d92b92
d92b92
security-libs/javax.security:
d92b92
d92b92
JDK-8227564: Allow SASL Mechanisms to Be Restricted
d92b92
===================================================
d92b92
d92b92
A security property named `jdk.sasl.disabledMechanisms` has been added
d92b92
that can be used to disable SASL mechanisms. Any disabled mechanism
d92b92
will be ignored if it is specified in the `mechanisms` argument of
d92b92
`Sasl.createSaslClient` or the `mechanism` argument of
d92b92
`Sasl.createSaslServer`. The default value for this security property
d92b92
is empty, which means that no mechanisms are disabled out-of-the-box.