RELEASE NOTES FOR: 11.0.1
====================================================================================================

Notes generated: Sat Sep 02 06:12:40 CEST 2023

Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry.

JAVA ENHANCEMENT PROPOSALS (JEP):

  None.

RELEASE NOTES:

security-libs/javax.net.ssl:

    JDK-8208350: Disabled All DES TLS Cipher Suites

      DES-based TLS cipher suites are considered obsolete and should no longer be used.  DES-based
      cipher suites have been deactivated by default in the SunJSSE implementation by adding the
      "DES" identifier to the `jdk.tls.disabledAlgorithms` security property.  These cipher suites
      can be reactivated by removing "DES" from the `jdk.tls.disabledAlgorithms` security property
      in the `java.security` file or by dynamically calling the `Security.setProperty()` method.  In
      both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled
      cipher suite list using the `SSLSocket.setEnabledCipherSuites()` or
      `SSLEngine.setEnabledCipherSuites()` methods.
      
      Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the
      `jdk.tls.disabledAlgorithms` security property.

security-libs/java.security:

    JDK-8210432: Added Additional TeliaSonera Root Certificate

      The following root certificate have been added to the OpenJDK cacerts truststore:  +
      TeliaSonera   + teliasonerarootcav1
      
      DN: CN=TeliaSonera Root CA v1, O=TeliaSonera 

core-libs/javax.naming:

    JDK-8211107: LDAPS Communication Failure

      Application code using LDAPS with a socket connect timeout that is <= 0 ( the default value ),
      may encounter an exception when establishing the connection.
      
      The top most frames from Exception stack traces of applications encountering such issues might
      resemble the following:
      
      ```     javax.naming.ServiceUnavailableException: <server:port>; socket closed     at  
      com.sun.jndi.ldap.Connection.readReply(Unknown Source)       at  
      com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)     ... ```


ALL FIXED ISSUES, BY COMPONENT AND PRIORITY:

core-libs/java.io:
  (P2) JDK-8210345: The Japanese message of FileNotFoundException garbled.

core-libs/java.net:
  (P2) JDK-8204667: Resources not freed on exception

core-libs/javax.naming:
  (P2) JDK-8211107: LDAPS communication failure with jdk 1.8.0_181

hotspot/compiler:
  (P3) JDK-8206513: [Graal] Compilation fails during nmethod printing with "assert(bci == 0 || 0 <= bci && bci < code_size()) failed: illegal bci"

infrastructure/build:
  (P2) JDK-8211237: Oracle JDK builds for "11.0.1" should indicate they are "LTS"

security-libs/java.security:
  (P2) JDK-8210432: Add additional TeliaSonera root certificate

security-libs/javax.net.ssl:
  (P2) JDK-8209916: NPE in SupportedGroupsExtension
  (P2) JDK-8210846: TLSv.1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth
  (P3) JDK-8208350: Disable all DES cipher suites