84a771
Key:
84a771
84a771
JDK-X  - https://bugs.openjdk.java.net/browse/JDK-X
84a771
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
84a771
efcefa
New in release OpenJDK 8u265 (2020-07-27):
efcefa
===========================================
efcefa
Live versions of these release notes can be found at:
efcefa
  * https://bitly.com/openjdk8u265
efcefa
  * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u265.txt
efcefa
efcefa
* Bug fixes
efcefa
  - JDK-8249677: Regression in 8u after JDK-8237117: Better ForkJoinPool behavior
efcefa
  - JDK-8250546: Expect changed behaviour reported in JDK-8249846
efcefa
8df9ce
New in release OpenJDK 8u262 (2020-07-14):
8df9ce
===========================================
8df9ce
Live versions of these release notes can be found at:
8df9ce
  * https://bitly.com/oj8u262
8df9ce
  * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u262.txt
8df9ce
8df9ce
* New features
8df9ce
  - JDK-8223147: JFR Backport
8df9ce
* Security fixes
8df9ce
  - JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue)
8df9ce
  - JDK-8028591, CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString()
8df9ce
  - JDK-8230613: Better ASCII conversions
8df9ce
  - JDK-8231800: Better listing of arrays
8df9ce
  - JDK-8232014: Expand DTD support
8df9ce
  - JDK-8233255: Better Swing Buttons
8df9ce
  - JDK-8234032: Improve basic calendar services
8df9ce
  - JDK-8234042: Better factory production of certificates
8df9ce
  - JDK-8234418: Better parsing with CertificateFactory
8df9ce
  - JDK-8234836: Improve serialization handling
8df9ce
  - JDK-8236191: Enhance OID processing
8df9ce
  - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
8df9ce
  - JDK-8237592, CVE-2020-14577: Enhance certificate verification
8df9ce
  - JDK-8238002, CVE-2020-14581: Better matrix operations
8df9ce
  - JDK-8238804: Enhance key handling process
8df9ce
  - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
8df9ce
  - JDK-8238843: Enhanced font handing
8df9ce
  - JDK-8238920, CVE-2020-14583: Better Buffer support
8df9ce
  - JDK-8238925: Enhance WAV file playback
8df9ce
  - JDK-8240119, CVE-2020-14593: Less Affine Transformations
8df9ce
  - JDK-8240482: Improved WAV file playback
8df9ce
  - JDK-8241379: Update JCEKS support
8df9ce
  - JDK-8241522: Manifest improved jar headers redux
8df9ce
  - JDK-8242136, CVE-2020-14621: Better XML namespace handling
8df9ce
* Other changes
8df9ce
  - JDK-4949105: Access Bridge lacks html tags parsing
8df9ce
  - JDK-7147060: com/sun/org/apache/xml/internal/security/transforms/ClassLoaderTest.java doesn't run in agentvm mode
8df9ce
  - JDK-8003209: JFR events for network utilization
8df9ce
  - JDK-8030680: 292 cleanup from default method code assessment
8df9ce
  - JDK-8035633: TEST_BUG: java/net/NetworkInterface/Equals.java and some tests failed on windows intermittently
8df9ce
  - JDK-8037866: Replace the Fun class in tests with lambdas
8df9ce
  - JDK-8041626: Shutdown tracing event
8df9ce
  - JDK-8041915: Move 8 awt tests to OpenJDK regression tests tree
8df9ce
  - JDK-8067796: (process) Process.waitFor(timeout, unit) doesn't throw NPE if timeout is less than, or equal to zero when unit == null
8df9ce
  - JDK-8076475: Misuses of strncpy/strncat
8df9ce
  - JDK-8130737: AffineTransformOp can't handle child raster with non-zero x-offset
8df9ce
  - JDK-8141056: Erroneous assignment in HeapRegionSet.cpp
8df9ce
  - JDK-8146612: C2: Precedence edges specification violated
8df9ce
  - JDK-8148886: SEGV in sun.java2d.marlin.Renderer._endRendering
8df9ce
  - JDK-8149338: JVM Crash caused by Marlin renderer not handling NaN coordinates
8df9ce
  - JDK-8150986: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java failing because expects HPROF JAVA PROFILE 1.0.1 file format
8df9ce
  - JDK-8151582: (ch) test java/nio/channels/AsyncCloseAndInterrupt.java failing due to "Connection succeeded"
8df9ce
  - JDK-8165675: Trace event for thread park has incorrect unit for timeout
8df9ce
  - JDK-8171934: ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() does not recognize OpenJDK's HotSpot VM
8df9ce
  - JDK-8172559: [PIT][TEST_BUG] Move @test to be 1st annotation in java/awt/image/Raster/TestChildRasterOp.java
8df9ce
  - JDK-8176182: 4 security tests are not run
8df9ce
  - JDK-8178374: Problematic ByteBuffer handling in CipherSpi.bufferCrypt method
8df9ce
  - JDK-8178910: Problemlist sample tests
8df9ce
  - JDK-8181841: A TSA server returns timestamp with precision higher than milliseconds
8df9ce
  - JDK-8183925: Decouple crash protection from watcher thread
8df9ce
  - JDK-8191393: Random crashes during cfree+0x1c
8df9ce
  - JDK-8195817: JFR.stop should require name of recording
8df9ce
  - JDK-8195818: JFR.start should increase autogenerated name by one
8df9ce
  - JDK-8195819: Remove recording=x from jcmd JFR.check output
8df9ce
  - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE
8df9ce
  - JDK-8199712: Flight Recorder
8df9ce
  - JDK-8202578: Revisit location for class unload events
8df9ce
  - JDK-8202835: jfr/event/os/TestSystemProcess.java fails on missing events
8df9ce
  - JDK-8203287: Zero fails to build after JDK-8199712 (Flight Recorder)
8df9ce
  - JDK-8203346: JFR: Inconsistent signature of jfr_add_string_constant
8df9ce
  - JDK-8203664: JFR start failure after AppCDS archive created with JFR StartFlightRecording
8df9ce
  - JDK-8203921: JFR thread sampling is missing fixes from JDK-8194552
8df9ce
  - JDK-8203929: Limit amount of data for JFR.dump
8df9ce
  - JDK-8205516: JFR tool
8df9ce
  - JDK-8207392: [PPC64] Implement JFR profiling
8df9ce
  - JDK-8207829: FlightRecorderMXBeanImpl is leaking the first classloader which calls it
8df9ce
  - JDK-8209960: -Xlog:jfr* doesn't work with the JFR
8df9ce
  - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread()
8df9ce
  - JDK-8210776: Upgrade X Window System 6.8.2 to the latest XWD 1.0.7
8df9ce
  - JDK-8211239: Build fails without JFR: empty JFR events signatures mismatch
8df9ce
  - JDK-8212232: Wrong metadata for the configuration of the cutoff for old object sample events
8df9ce
  - JDK-8213015: Inconsistent settings between JFR.configure and -XX:FlightRecorderOptions
8df9ce
  - JDK-8213421: Line number information for execution samples always 0
8df9ce
  - JDK-8213617: JFR should record the PID of the recorded process
8df9ce
  - JDK-8213734: SAXParser.parse(File, ..) does not close resources when Exception occurs.
8df9ce
  - JDK-8213914: [TESTBUG] Several JFR VM events are not covered by tests
8df9ce
  - JDK-8213917: [TESTBUG] Shutdown JFR event is not covered by test
8df9ce
  - JDK-8213966: The ZGC JFR events should be marked as experimental
8df9ce
  - JDK-8214542: JFR: Old Object Sample event slow on a deep heap in debug builds
8df9ce
  - JDK-8214750: Unnecessary 

tags in jfr classes

8df9ce
  - JDK-8214896: JFR Tool left files behind
8df9ce
  - JDK-8214906: [TESTBUG] jfr/event/sampling/TestNative.java fails with UnsatisfiedLinkError
8df9ce
  - JDK-8214925: JFR tool fails to execute
8df9ce
  - JDK-8215175: Inconsistencies in JFR event metadata
8df9ce
  - JDK-8215237: jdk.jfr.Recording javadoc does not compile
8df9ce
  - JDK-8215284: Reduce noise induced by periodic task getFileSize()
8df9ce
  - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1)
8df9ce
  - JDK-8215362: JFR GTest JfrTestNetworkUtilization fails
8df9ce
  - JDK-8215771: The jfr tool should pretty print reference chains
8df9ce
  - JDK-8216064: -XX:StartFlightRecording:settings= doesn't work properly
8df9ce
  - JDK-8216486: Possibility of integer overflow in JfrThreadSampler::run()
8df9ce
  - JDK-8216528: test/jdk/java/rmi/transport/runtimeThreadInheritanceLeak/RuntimeThreadInheritanceLeak.java failing with Xcomp
8df9ce
  - JDK-8216559: [JFR] Native libraries not correctly parsed from /proc/self/maps
8df9ce
  - JDK-8216578: Remove unused/obsolete method in JFR code
8df9ce
  - JDK-8216995: Clean up JFR command line processing
8df9ce
  - JDK-8217744: [TESTBUG] JFR TestShutdownEvent fails on some systems due to process surviving SIGINT
8df9ce
  - JDK-8217748: [TESTBUG] Exclude TestSig test case from JFR TestShutdownEvent
8df9ce
  - JDK-8218935: Make jfr strncpy uses GCC 8.x friendly
8df9ce
  - JDK-8220293: Deadlock in JFR string pool
8df9ce
  - JDK-8223689: Add JFR Thread Sampling Support
8df9ce
  - JDK-8223690: Add JFR BiasedLock Event Support
8df9ce
  - JDK-8223691: Add JFR G1 Region Type Change Event Support
8df9ce
  - JDK-8223692: Add JFR G1 Heap Summary Event Support
8df9ce
  - JDK-8224172: assert(jfr_is_event_enabled(id)) failed: invariant
8df9ce
  - JDK-8224475: JTextPane does not show images in HTML rendering
8df9ce
  - JDK-8225068: Remove DocuSign root certificate that is expiring in May 2020
8df9ce
  - JDK-8225069: Remove Comodo root certificate that is expiring in May 2020
8df9ce
  - JDK-8226253: JAWS reports wrong number of radio buttons when buttons are hidden.
8df9ce
  - JDK-8226779: [TESTBUG] Test JFR API from Java agent
8df9ce
  - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys
8df9ce
  - JDK-8227011: Starting a JFR recording in response to JVMTI VMInit and / or Java agent premain corrupts memory
8df9ce
  - JDK-8227269: Slow class loading when running with JDWP
8df9ce
  - JDK-8227605: Kitchensink fails "assert((((klass)->trace_id() & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) failed: invariant"
8df9ce
  - JDK-8229366: JFR backport allows unchecked writing to memory
8df9ce
  - JDK-8229401: Fix JFR code cache test failures
8df9ce
  - JDK-8229708: JFR backport code does not initialize
8df9ce
  - JDK-8229873: 8229401 broke jdk8u-jfr-incubator
8df9ce
  - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions
8df9ce
  - JDK-8229899: Make java.io.File.isInvalid() less racy
8df9ce
  - JDK-8230448: [test] JFRSecurityTestSuite.java is failing on Windows
8df9ce
  - JDK-8230597: Update GIFlib library to the 5.2.1
8df9ce
  - JDK-8230707: JFR related tests are failing
8df9ce
  - JDK-8230769: BufImg_SetupICM add ReleasePrimitiveArrayCritical call in early return
8df9ce
  - JDK-8230782: Robot.createScreenCapture() fails if ?awt.robot.gtk? is set to false
8df9ce
  - JDK-8230856: Java_java_net_NetworkInterface_getByName0 on unix misses ReleaseStringUTFChars in early return
8df9ce
  - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout
8df9ce
  - JDK-8230947: TestLookForUntestedEvents.java is failing after JDK-8230707
8df9ce
  - JDK-8231995: two jtreg tests failed after 8229366 is fixed
8df9ce
  - JDK-8233197: Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing
8df9ce
  - JDK-8233623: Add classpath exception to copyright in EventHandlerProxyCreator.java file
8df9ce
  - JDK-8233880: Support compilers with multi-digit major version numbers
8df9ce
  - JDK-8236002: CSR for JFR backport suggests not leaving out the package-info
8df9ce
  - JDK-8236008: Some backup files were accidentally left in the hotspot tree
8df9ce
  - JDK-8236074: Missed package-info
8df9ce
  - JDK-8236174: Should update javadoc since tags
8df9ce
  - JDK-8236996: Incorrect Roboto font rendering on Windows with subpixel antialiasing
8df9ce
  - JDK-8238076: Fix OpenJDK 7 Bootstrap Broken by JFR Backport
8df9ce
  - JDK-8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01
8df9ce
  - JDK-8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB
8df9ce
  - JDK-8238589: Necessary code cleanup in JFR for JDK8u
8df9ce
  - JDK-8238590: Enable JFR by default during compilation in 8u
8df9ce
  - JDK-8239055: Wrong implementation of VMState.hasListener
8df9ce
  - JDK-8239476: JDK-8238589 broke windows build by moving OrderedPair
8df9ce
  - JDK-8239479: minimal1 and zero builds are failing
8df9ce
  - JDK-8239852: java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed
8df9ce
  - JDK-8239867: correct over use of INCLUDE_JFR macro
8df9ce
  - JDK-8240375: Disable JFR by default for July 2020 release
8df9ce
  - JDK-8240576: JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges
8df9ce
  - JDK-8241444: Metaspace::_class_vsm not initialized if compressed class pointers are disabled
8df9ce
  - JDK-8241638: launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set
8df9ce
  - JDK-8241750: x86_32 build failure after JDK-8227269
8df9ce
  - JDK-8241902: AIX Build broken after integration of JDK-8223147 (JFR Backport)
8df9ce
  - JDK-8242788: Non-PCH build is broken after JDK-8191393
8df9ce
  - JDK-8242883: Incomplete backport of JDK-8078268: backport test part
8df9ce
  - JDK-8243059: Build fails when --with-vendor-name contains a comma
8df9ce
  - JDK-8243474: [TESTBUG] removed three tests of 0 bytes
8df9ce
  - JDK-8243539: Copyright info (Year) should be updated for fix of 8241638
8df9ce
  - JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a
8df9ce
  - JDK-8244407: JVM crashes after transformation in C2 IdealLoopTree::split_fall_in
8df9ce
  - JDK-8244461: [JDK 8u] Build fails with glibc 2.32
8df9ce
  - JDK-8244548: JDK 8u: sun.misc.Version.jdkUpdateVersion() returns wrong result
8df9ce
  - JDK-8244777: ClassLoaderStats VM Op uses constant hash value
8df9ce
  - JDK-8244843: JapanEraNameCompatTest fails
8df9ce
  - JDK-8245167: Top package in method profiling shows null in JMC
8df9ce
  - JDK-8246223: Windows build fails after JDK-8227269
8df9ce
  - JDK-8246703: [TESTBUG] Add test for JDK-8233197
8df9ce
  - JDK-8248399: Build installs jfr binary when JFR is disabled
8df9ce
  - JDK-8248715: New JavaTimeSupplementary localisation for 'in' installed in wrong package
8df9ce
8df9ce
Notes on individual issues:
8df9ce
===========================
8df9ce
8df9ce
hotspot/jfr:
8df9ce
8df9ce
JDK-8240687: JDK Flight Recorder Integrated to OpenJDK 8u
8df9ce
=========================================================
8df9ce
8df9ce
OpenJDK 8u now contains the backport of JEP 328: Flight Recorder
8df9ce
(https://openjdk.java.net/jeps/328) from later versions of OpenJDK.
8df9ce
8df9ce
JFR is a low-overhead framework to collect and provide data helpful to
8df9ce
troubleshoot the performance of the OpenJDK runtime and of Java
8df9ce
applications. It consists of a new API to define custom events under
8df9ce
the jdk.jfr namespace and a JMX interface to interact with the
8df9ce
framework. The recording can also be initiated with the application
8df9ce
startup using the -XX:+FlightRecorder flag or via jcmd. JFR replaces
8df9ce
the +XX:EnableTracing feature introduced in JEP 167, providing a more
8df9ce
efficient way to retrieve the same information. For compatibility
8df9ce
reasons, +XX:EnableTracing is still accepted, however no data will be
8df9ce
printed.
8df9ce
8df9ce
While JFR is not built by default upstream, it is included in Red Hat
8df9ce
binaries for supported architectures (x86_64, AArch64 & PowerPC 64)
8df9ce
8df9ce
hotspot/runtime:
8df9ce
8df9ce
JDK-8205622: JFR Start Failure After AppCDS Archive Created with JFR StartFlightRecording
8df9ce
=========================================================================================
8df9ce
8df9ce
JFR will be disabled with a warning message if it is enabled during
8df9ce
CDS dumping. The user will see the following warning message:
8df9ce
8df9ce
OpenJDK 64-Bit Server VM warning: JFR will be disabled during CDS dumping
8df9ce
8df9ce
if JFR is enabled during CDS dumping such as in the following command
8df9ce
line:
8df9ce
8df9ce
$ java -Xshare:dump -XX:StartFlightRecording=dumponexit=true
8df9ce
8df9ce
security-libs/java.security:
8df9ce
8df9ce
JDK-8244167: Removal of Comodo Root CA Certificate
8df9ce
==================================================
8df9ce
8df9ce
The following expired Comodo root CA certificate was removed from the
8df9ce
`cacerts` keystore: + alias name "addtrustclass1ca [jdk]"
8df9ce
8df9ce
Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
8df9ce
8df9ce
JDK-8244166: Removal of DocuSign Root CA Certificate
8df9ce
====================================================
8df9ce
8df9ce
The following expired DocuSign root CA certificate was removed from
8df9ce
 the `cacerts` keystore: + alias name "keynectisrootca [jdk]"
8df9ce
8df9ce
Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
8df9ce
8df9ce
security-libs/javax.crypto:pkcs11:
8df9ce
8df9ce
JDK-8240191: Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database
8df9ce
============================================================================================================================
8df9ce
8df9ce
The SunPKCS11 security provider can now be initialized with NSS when
8df9ce
FIPS-enabled external modules are configured in the Security Modules
8df9ce
Database (NSSDB). Prior to this change, the SunPKCS11 provider would
8df9ce
throw a RuntimeException with the message: "FIPS flag set for
8df9ce
non-internal module" when such a library was configured for NSS in
8df9ce
non-FIPS mode.
8df9ce
8df9ce
This change allows the JDK to work properly with recent NSS releases
8df9ce
on GNU/Linux operating systems when the system-wide FIPS policy is
8df9ce
turned on.
8df9ce
8df9ce
Further information can be found in JDK-8238555.
8df9ce
84a771
New in release OpenJDK 8u252 (2020-04-14):
84a771
===========================================
84a771
Live versions of these release notes can be found at:
84a771
  * https://bitly.com/oj8u252
84a771
  * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u252.txt
84a771
84a771
* Security fixes
84a771
  - JDK-8223898, CVE-2020-2754: Forward references to Nashorn
84a771
  - JDK-8223904, CVE-2020-2755: Improve Nashorn matching
84a771
  - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs
84a771
  - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues
84a771
  - JDK-8225603: Enhancement for big integers
84a771
  - JDK-8227542: Manifest improved jar headers
84a771
  - JDK-8231415, CVE-2020-2773: Better signatures in XML
84a771
  - JDK-8233250: Better X11 rendering
84a771
  - JDK-8233410: Better Build Scripting
84a771
  - JDK-8234027: Better JCEKS key support
84a771
  - JDK-8234408, CVE-2020-2781: Improve TLS session handling
84a771
  - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers
84a771
  - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers
84a771
  - JDK-8235274, CVE-2020-2805: Enhance typing of methods
84a771
  - JDK-8236201, CVE-2020-2830: Better Scanner conversions
84a771
  - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap
84a771
* Other changes
84a771
  - JDK-8005819: Support cross-realm MSSFU
84a771
  - JDK-8022263: use same Clang warnings on BSD as on Linux
84a771
  - JDK-8038631: Create wrapper for awt.Robot with additional functionality
84a771
  - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor is invalid
84a771
  - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and some unit tests
84a771
  - JDK-8068184: Fix for JDK-8032832 caused a deadlock
84a771
  - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature
84a771
  - JDK-8132130: some docs cleanup
84a771
  - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit
84a771
  - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods is not optimal
84a771
  - JDK-8144446: Automate the Marlin crash test
84a771
  - JDK-8144526: Remove Marlin logging use of deleted internal API
84a771
  - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats
84a771
  - JDK-8144654: Improve Marlin logging
84a771
  - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with huge coordinates and round joins
84a771
  - JDK-8166976: TestCipherPBECons has wrong @run line
84a771
  - JDK-8167409: Invalid value passed to critical JNI function
84a771
  - JDK-8181872: C1: possible overflow when strength reducing integer multiply by constant
84a771
  - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT
84a771
  - JDK-8191227: issues with unsafe handle resolution
84a771
  - JDK-8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider
84a771
  - JDK-8204152: SignedObject throws NullPointerException for null keys with an initialized Signature object
84a771
  - JDK-8215756: Memory leaks in the AWT on macOS
84a771
  - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win)
84a771
  - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from mtInternal to mtThread
84a771
  - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions
84a771
  - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test
84a771
  - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
84a771
  - JDK-8229022: BufferedReader performance can be improved by using StringBuilder
84a771
  - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC
84a771
  - JDK-8229872: (fs) Increase buffer size used with getmntent
84a771
  - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception
84a771
  - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type
84a771
  - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64
84a771
  - JDK-8235904: Infinite loop when rendering huge lines
84a771
  - JDK-8236179: C1 register allocation error with T_ADDRESS
84a771
  - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read
84a771
  - JDK-8240521: Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call
84a771
  - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
84a771
  - JDK-8241307: Marlin renderer should not be the default in 8u252
84a771
84a771
Notes on individual issues:
84a771
===========================
84a771
84a771
hotspot/svc:
84a771
84a771
JDK-8174881: Binary format for HPROF updated 
84a771
============================================
84a771
84a771
When dumping the heap in binary format, HPROF format 1.0.2 is always
84a771
used now. Previously, format 1.0.1 was used for heaps smaller than
84a771
2GB. HPROF format 1.0.2 is also used by jhsdb jmap for the
84a771
serviceability agent.
84a771
84a771
security-libs/java.security:
84a771
84a771
JDK-8229518: Added Support for PKCS#1 v2.2 Algorithms Including RSASSA-PSS Signature
84a771
====================================================================================
84a771
84a771
The SunRsaSign and SunJCE providers have been enhanced with support
84a771
for more algorithms defined in PKCS#1 v2.2, such as RSASSA-PSS
84a771
signature and OAEP using FIPS 180-4 digest algorithms. New
84a771
constructors and methods have been added to relevant JCA/JCE classes
84a771
under the `java.security.spec` and `javax.crypto.spec` packages for
84a771
supporting additional RSASSA-PSS parameters.
84a771
84a771
security-libs/javax.crypto:
84a771
84a771
JDK-8205471: RSASSA-PSS Signature Support Added to SunMSCAPI
84a771
============================================================
84a771
84a771
The RSASSA-PSS signature algorithm support has been added to the SunMSCAPI provider.
84a771
84a771
security-libs/javax.security:
84a771
84a771
JDK-8227564: Allow SASL Mechanisms to Be Restricted
84a771
===================================================
84a771
84a771
A security property named `jdk.sasl.disabledMechanisms` has been added
84a771
that can be used to disable SASL mechanisms. Any disabled mechanism
84a771
will be ignored if it is specified in the `mechanisms` argument of
84a771
`Sasl.createSaslClient` or the `mechanism` argument of
84a771
`Sasl.createSaslServer`. The default value for this security property
84a771
is empty, which means that no mechanisms are disabled out-of-the-box.