RELEASE NOTES FOR: 11.0.1 ==================================================================================================== Notes generated: Wed Oct 02 04:33:26 CEST 2024 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: security-libs/javax.net.ssl: JDK-8208350: Disabled All DES TLS Cipher Suites DES-based TLS cipher suites are considered obsolete and should no longer be used. DES-based cipher suites have been deactivated by default in the SunJSSE implementation by adding the "DES" identifier to the `jdk.tls.disabledAlgorithms` security property. These cipher suites can be reactivated by removing "DES" from the `jdk.tls.disabledAlgorithms` security property in the `java.security` file or by dynamically calling the `Security.setProperty()` method. In both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled cipher suite list using the `SSLSocket.setEnabledCipherSuites()` or `SSLEngine.setEnabledCipherSuites()` methods. Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the `jdk.tls.disabledAlgorithms` security property. security-libs/java.security: JDK-8210432: Added Additional TeliaSonera Root Certificate The following root certificate have been added to the OpenJDK cacerts truststore: + TeliaSonera + teliasonerarootcav1 DN: CN=TeliaSonera Root CA v1, O=TeliaSonera core-libs/javax.naming: JDK-8211107: LDAPS Communication Failure Application code using LDAPS with a socket connect timeout that is <= 0 ( the default value ), may encounter an exception when establishing the connection. The top most frames from Exception stack traces of applications encountering such issues might resemble the following: ``` javax.naming.ServiceUnavailableException: ; socket closed at com.sun.jndi.ldap.Connection.readReply(Unknown Source) at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source) ... ``` ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: core-libs/java.io: (P2) JDK-8210345: The Japanese message of FileNotFoundException garbled. core-libs/java.net: (P2) JDK-8204667: Resources not freed on exception core-libs/javax.naming: (P2) JDK-8211107: LDAPS communication failure with jdk 1.8.0_181 hotspot/compiler: (P3) JDK-8206513: [Graal] Compilation fails during nmethod printing with "assert(bci == 0 || 0 <= bci && bci < code_size()) failed: illegal bci" infrastructure/build: (P2) JDK-8211237: Oracle JDK builds for "11.0.1" should indicate they are "LTS" security-libs/java.security: (P2) JDK-8210432: Add additional TeliaSonera root certificate security-libs/javax.net.ssl: (P2) JDK-8209916: NPE in SupportedGroupsExtension (P2) JDK-8210846: TLSv.1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth (P3) JDK-8208350: Disable all DES cipher suites