RELEASE NOTES FOR: 11.0.1 ==================================================================================================== Notes generated: Sun Nov 01 02:50:20 CET 2020 JIRA Query: project = JDK AND (status in (Closed, Resolved)) AND (resolution not in ("Won't Fix", Duplicate, "Cannot Reproduce", "Not an Issue", Withdrawn)) AND (labels not in (release-note, testbug, openjdk-na, testbug) OR labels is EMPTY) AND (summary !~ 'testbug') AND (summary !~ 'problemlist') AND (summary !~ 'problem list') AND (summary !~ 'release note') AND (issuetype != CSR) AND fixVersion = 11.0.1 Acquiring pages (910 total): ................... done Loading issues (910 total): ................... done Resolving issues (910 total): .................. done Resolving parents (910 total): .................. done Resolving backports (910 total): .................. done JIRA Query: project = JDK AND issuetype = JEP AND fixVersion = 11.0.1 ORDER BY summary ASC Acquiring pages (0 total): done Loading issues (0 total): done Resolving issues (0 total): done Resolving parents (0 total): done Filtered 899 issues carried over, 8 pushes left. Hint: Prefix bug IDs with https://bugs.openjdk.java.net/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES, BY COMPONENT: core-libs/javax.naming: JDK-8211745: LDAPS Communication Failure Application code using LDAPS with a socket connect timeout that is <= 0 ( the default value ), may encounter an exception when establishing the connection. The top most frames from Exception stack traces of applications encountering such issues might resemble the following: ``` javax.naming.ServiceUnavailableException: ; socket closed at com.sun.jndi.ldap.Connection.readReply(Unknown Source) at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source) ... ``` security-libs/java.security: JDK-8210436: Added Additional TeliaSonera Root Certificate The following root certificate have been added to the OpenJDK cacerts truststore: + TeliaSonera + teliasonerarootcav1 DN: CN=TeliaSonera Root CA v1, O=TeliaSonera security-libs/javax.net.ssl: JDK-8209658: Disabled All DES TLS Cipher Suites DES-based TLS cipher suites are considered obsolete and should no longer be used. DES-based cipher suites have been deactivated by default in the SunJSSE implementation by adding the "DES" identifier to the `jdk.tls.disabledAlgorithms` security property. These cipher suites can be reactivated by removing "DES" from the `jdk.tls.disabledAlgorithms` security property in the `java.security` file or by dynamically calling the `Security.setProperty()` method. In both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled cipher suite list using the `SSLSocket.setEnabledCipherSuites()` or `SSLEngine.setEnabledCipherSuites()` methods. Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the `jdk.tls.disabledAlgorithms` security property. ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: core-libs/java.io: (P2) JDK-8210345: The Japanese message of FileNotFoundException garbled. core-libs/java.net: (P2) JDK-8204667: Resources not freed on exception core-libs/javax.naming: (P2) JDK-8211107: LDAPS communication failure with jdk 1.8.0_181 infrastructure/build: (P2) JDK-8211237: Oracle JDK builds for "11.0.1" should indicate they are "LTS" security-libs/java.security: (P2) JDK-8210432: Add additional TeliaSonera root certificate security-libs/javax.net.ssl: (P2) JDK-8209916: NPE in SupportedGroupsExtension (P2) JDK-8210846: TLSv.1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth (P3) JDK-8208350: Disable all DES cipher suites