RELEASE NOTES: JDK 11.0.17

Notes generated: Fri Jul 01 01:50:27 CEST 2022

JEPs

None.

RELEASE NOTES

core-libs/java.io:serialization

Issue Description
JDK-8261160

JDK Flight Recorder Event for Deserialization


It is now possible to monitor deserialization of objects using JDK Flight Recorder (JFR). When JFR is enabled and the JFR configuration includes deserialization events, JFR will emit an event whenever the running program attempts to deserialize an object. The deserialization event is named jdk.Deserialization, and it is disabled by default. The deserialization event contains information that is used by the serialization filter mechanism; see the ObjectInputFilter specification. Additionally, if a filter is enabled, the JFR event indicates whether the filter accepted or rejected deserialization of the object. For further information about how to use the JFR deserialization event, see the article Monitoring Deserialization to Improve Application Security. For reference information about using and configuring JFR, see the JFR Runtime Guide and JFR Command Reference sections of the JDK Mission Control documentation.


JDK Flight Recorder Event for Deserialization


It is now possible to monitor deserialization of objects using JDK Flight Recorder (JFR). When JFR is enabled and the JFR configuration includes deserialization events, JFR will emit an event whenever the running program attempts to deserialize an object. The deserialization event is named jdk.Deserialization, and it is disabled by default. The deserialization event contains information that is used by the serialization filter mechanism; see the ObjectInputFilter specification. Additionally, if a filter is enabled, the JFR event indicates whether the filter accepted or rejected deserialization of the object. For further information about how to use the JFR deserialization event, see the article Monitoring Deserialization to Improve Application Security. For reference information about using and configuring JFR, see the JFR Runtime Guide and JFR Command Reference sections of the JDK Mission Control documentation.


security-libs/org.ietf.jgss:krb5

Issue Description
JDK-8139348

Deprecate 3DES and RC4 in Kerberos


The des3-hmac-sha1 and rc4-hmac Kerberos encryption types (etypes) are now deprecated and disabled by default. Users can set allow_weak_crypto = true in the krb5.conf configuration file to re-enable them (along with other weak etypes including des-cbc-crc and des-cbc-md5) at their own risk. To disable a subset of the weak etypes, users can list preferred etypes explicitly in any of the default_tkt_enctypes, default_tgs_enctypes, or permitted_enctypes settings.


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P4 JDK-8284680 sun.font.FontConfigManager.getFontConfig() leaks charset

client-libs/java.awt

Priority Bug Summary
P4 JDK-8281569 Create tests for Frame.setMinimumSize() method
P4 JDK-8159694 HiDPI, Unity, java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java
P4 JDK-8284956 Potential leak awtImageData/color_data when initializes X11GraphicsEnvironment
P4 JDK-8225122 Test AncestorResized.java fails when Windows desktop is scaled.

client-libs/javax.swing

Priority Bug Summary
P3 JDK-8239902 [macos] Remove direct usage of JSlider, JProgressBar classes in CAccessible class
P3 JDK-8212904 JTextArea line wrapping incorrect when using UI scale
P4 JDK-8172065 javax/swing/JTree/4908142/bug4908142.java The selected index should be "aad"

core-libs/java.io:serialization

Priority Bug Summary
P3 JDK-8261160 Add a deserialization JFR event

core-libs/java.lang

Priority Bug Summary
P4 JDK-8183372 Refactor java/lang/Class shell tests to java

core-libs/java.nio

Priority Bug Summary
P4 JDK-8264400 (fs) WindowsFileStore equality depends on how the FileStore was constructed
P4 JDK-8265100 (fs) WindowsFileStore.hashCode() should read cached hash code once

core-libs/java.rmi

Priority Bug Summary
P4 JDK-8286114 [test] show real exception in bomb call in sun/rmi/runtime/Log/checkLogging/CheckLogging.java

core-libs/java.util

Priority Bug Summary
P4 JDK-8274517 java/util/DoubleStreamSums/CompensatedSums.java fails with expected [true] but found [false]

core-libs/java.util.concurrent

Priority Bug Summary
P4 JDK-8214427 probable bug in logic of ConcurrentHashMap.addCount()

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8286582 Build fails on macos aarch64 when using --with-zlib=bundled

docs

Priority Bug Summary
P4 JDK-8251551 Use .md filename extension for README

hotspot/compiler

Priority Bug Summary
P2 JDK-8282555 Missing memory edge when spilling MoveF2I, MoveD2L etc
P3 JDK-8283441 C2: segmentation fault in ciMethodBlocks::make_block_at(int)
P3 JDK-8269517 compiler/loopopts/TestPartialPeelingSinkNodes.java crashes with -XX:+VerifyGraphEdges
P3 JDK-8288467 remove memory_operand assert for spilled instructions
P3 JDK-8284882 SIGSEGV in Node::verify_edges due to compilation bailout

hotspot/gc

Priority Bug Summary
P3 JDK-8267271 Fix gc/arguments/TestNewRatioFlag.java expectedNewSize calculation
P3 JDK-8217170 gc/arguments/TestUseCompressedOopsErgo.java timed out
P3 JDK-8213695 gc/TestAllocateHeapAtMultiple.java is slow in some configs
P3 JDK-8288754 GCC 12 fails to build zReferenceProcessor.cpp
P4 JDK-8223575 add subspace transitions to gc+metaspace=info log lines
P4 JDK-8069343 Improve gc/g1/TestHumongousCodeCacheRoots.java to use jtreg @requires
P4 JDK-8217332 JTREG: Clean up, use generics instead of raw types

hotspot/jvmti

Priority Bug Summary
P4 JDK-8278519 serviceability/jvmti/FieldAccessWatch/FieldAccessWatch.java failed "assert(handle != __null) failed: JNI handle should not be null"

hotspot/runtime

Priority Bug Summary
P3 JDK-8273526 Extend the OSContainer API pids controller with pids.current
P3 JDK-8266490 Extend the OSContainer API to support the pids controller of cgroups
P3 JDK-8284754 print more interesting env variables in hs_err and VM.info
P3 JDK-8209736 runtime/RedefineTests/ModifyAnonymous.java fails with NullPointerException when running in CDS mode
P3 JDK-8272398 Update DockerTestUtils.buildJdkDockerImage()

hotspot/svc

Priority Bug Summary
P3 JDK-8283849 AsyncGetCallTrace may crash JVM on guarantee

hotspot/test

Priority Bug Summary
P4 JDK-8219149 ProcessTools.ProcessBuilder should print timing info for subprocesses
P4 JDK-8274506 TestPids.java and TestPidsLimit.java fail with podman run as root
P4 JDK-8210107 vmTestbase/nsk/stress/network tests fail with Cannot assign requested address (Bind failed)

infrastructure

Priority Bug Summary
P4 JDK-8287017 Bump update version for OpenJDK: jdk-11.0.17

infrastructure/build

Priority Bug Summary
P3 JDK-8287366 Improve test failure reporting in GHA
P4 JDK-8287202 GHA: Add macOS aarch64 to the list of default platforms for workflow_dispatch event
P4 JDK-8287336 GHA: Workflows break on patch versions
P4 JDK-8283017 GHA: Workflows break with update release versions

security-libs

Priority Bug Summary
P3 JDK-8282538 PKCS11 tests fail on CentOS Stream 9

security-libs/java.security

Priority Bug Summary
P2 JDK-8285696 AlgorithmConstraints:permits not throwing IllegalArgumentException when 'alg' is null

security-libs/javax.crypto

Priority Bug Summary
P3 JDK-8281628 KeyAgreement : generateSecret intermittently not resetting

security-libs/javax.net.ssl

Priority Bug Summary
P4 JDK-8284694 Avoid evaluating SSLAlgorithmConstraints twice
P4 JDK-8266881 Enable debug log for SSLEngineExplorerMatchedSNI.java
P4 JDK-8226976 SessionTimeOutTests uses == operator for String value check
P4 JDK-8164804 sun/security/ssl/SSLSocketImpl/CloseSocket.java makes not reliable time assumption

security-libs/jdk.security

Priority Bug Summary
P4 JDK-8285398 Cache the results of constraint checks

security-libs/org.ietf.jgss

Priority Bug Summary
P4 JDK-8253829 Wrong length compared in SSPI bridge

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P3 JDK-8139348 Deprecate 3DES and RC4 in Kerberos

tools/javadoc(tool)

Priority Bug Summary
P3 JDK-8282214 Upgrade JQuery to version 3.6.0
P4 JDK-8236823 Ensure that API documentation uses minified libraries

tools/jlink

Priority Bug Summary
P3 JDK-8240903 Add test to check that jmod hashes are reproducible

xml/jaxp

Priority Bug Summary
P4 JDK-8210722 JAXP Tests: CatalogSupport2 and CatalogSupport3 generate incorrect messages upon failure