RELEASE NOTES FOR: 11.0.17 ==================================================================================================== Notes generated: Tue Apr 02 13:18:13 CEST 2024 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: core-libs/java.net: JDK-8278067: Make HttpURLConnection Default Keep Alive Timeout Configurable Two system properties have been added which control the keep alive behavior of HttpURLConnection in the case where the server does not specify a keep alive time. Two properties are defined for controlling connections to servers and proxies separately. They are `http.keepAlive.time.server` and `http.keepAlive.time.proxy` respectively. More information about them can be found in [Networking Properties](https://docs.oracle.com/en/java/javase/19/docs/api/java.base/java/net/doc-files/net-properties.html). hotspot/runtime: JDK-8281181: CPU Shares Ignored When Computing Active Processor Count Previous JDK releases used an incorrect interpretation of the Linux cgroups parameter "cpu.shares". This might cause the JVM to use fewer CPUs than available, leading to an under utilization of CPU resources when the JVM is used inside a container. Starting from this JDK release, by default, the JVM no longer considers "cpu.shares" when deciding the number of threads to be used by the various thread pools. The `-XX:+UseContainerCpuShares` command-line option can be used to revert to the previous behavior. This option is deprecated and may be removed in a future JDK release. security-libs/java.security: JDK-8269039: Disabled SHA-1 Signed JARs JARs signed with SHA-1 algorithms are now restricted by default and treated as if they were unsigned. This applies to the algorithms used to digest, sign, and optionally timestamp the JAR. It also applies to the signature and digest algorithms of the certificates in the certificate chain of the code signer and the Timestamp Authority, and any CRLs or OCSP responses that are used to verify if those certificates have been revoked. These restrictions also apply to signed JCE providers. To reduce the compatibility risk for JARs that have been previously timestamped, there is one exception to this policy: - Any JAR signed with SHA-1 algorithms and timestamped prior to January 01, 2019 will not be restricted. This exception may be removed in a future JDK release. To determine if your signed JARs are affected by this change, run `jarsigner -verify -verbose -certs` on the signed JAR, and look for instances of "SHA1" or "SHA-1" and "disabled" and a warning that the JAR will be treated as unsigned in the output. For example: ``` - Signed by "CN="Signer"" Digest algorithm: SHA-1 (disabled) Signature algorithm: SHA1withRSA (disabled), 2048-bit key WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property: jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, SHA1 denyAfter 2019-01-01 ``` JARs affected by these new restrictions should be replaced or re-signed with stronger algorithms. Users can, *at their own risk*, remove these restrictions by modifying the `java.security` configuration file (or override it by using the `java.security.properties` system property) and removing "SHA1 usage SignedJAR & denyAfter 2019-01-01" from the `jdk.certpath.disabledAlgorithms` security property and "SHA1 denyAfter 2019-01-01" from the `jdk.jar.disabledAlgorithms` security property. JDK-8267880: Upgrade the Default PKCS12 MAC Algorithm The default MAC algorithm used in a PKCS #12 keystore has been updated. The new algorithm is based on SHA-256 and is stronger than the old one based on SHA-1. See the security properties starting with `keystore.pkcs12` in the `java.security` file for detailed information. The new SHA-256 based MAC algorithms were introduced in the 11.0.12, 8u301, and 7u311 JDK versions. Keystores created using this newer, stronger, MAC algorithm cannot be opened in JDK versions earlier than 11.0.12, 8u301, and 7u311. A 'java.security.NoSuchAlgorithmException' exception will be thrown in such circumstances. For compatibility, use the `keystore.pkcs12.legacy` system property, which will revert the algorithms to use the older, weaker algorithms. There is no value defined for this property. core-libs/java.time: JDK-8292579: Update Timezone Data to 2022c This version includes changes from 2022b that merged multiple regions that have the same timestamp data post-1970 into a single time zone database. All time zone IDs remain the same but the merged time zones will point to a shared zone database. As a result, pre-1970 data may not be compatible with earlier JDK versions. The affected zones are ```Antarctica/Vostok, Asia/Brunei, Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen, Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm, Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe, Indian/Reunion, Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake, Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland, Pacific/Ponape, Pacific/Truk, and Pacific/Yap```. For more details, refer to the announcement of [2022b](https://mm.icann.org/pipermail/tz-announce/2022-August/000071.html) core-libs/java.io:serialization: JDK-8261160: JDK Flight Recorder Event for Deserialization A new JDK Flight Recorder (JFR) event has been added to monitor deserialization of objects. When JFR is enabled and the JFR configuration includes deserialization events, JFR will emit an event whenever the running program attempts to deserialize an object. The deserialization event is named `java/deserialization`, and it is disabled by default. The deserialization event contains information that is used by the serialization filter mechanism. Additionally, if a filter is enabled, the JFR event indicates whether the filter accepted or rejected deserialization of the object. The new Deserialization Event captures: * Whether a serialization filter is configured or not. * The serialization filter status, if one is configured. * The class of the object being deserialized. * The number of array elements when deserializing an array. * The current graph depth. * The current number of object references. * The current number of bytes in the stream that have been consumed. * The exception type and message, if thrown by the serialization filter. Refer to [Context-Specific Deserialization Filter](https://bugs.openjdk.org/browse/JDK-8268701) and [Serialization Filtering Guide](https://docs.oracle.com/en/java/javase/11/core/serialization-filtering1.html#GUID-3ECB288D-E5BD-4412-892F-E9BB11D4C98A) for details. JDK-8261160: JDK Flight Recorder Event for Deserialization It is now possible to monitor deserialization of objects using JDK Flight Recorder (JFR). When JFR is enabled and the JFR configuration includes deserialization events, JFR will emit an event whenever the running program attempts to deserialize an object. The deserialization event is named `jdk.Deserialization`, and it is disabled by default. The deserialization event contains information that is used by the serialization filter mechanism; see the [ObjectInputFilter](https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/io/ObjectInputFilter.html) specification. Additionally, if a filter is enabled, the JFR event indicates whether the filter accepted or rejected deserialization of the object. For further information about how to use the JFR deserialization event, see the article [Monitoring Deserialization to Improve Application Security](https://inside.java/2021/03/02/monitoring-deserialization-activity-in-the-jdk/). For reference information about using and configuring JFR, see the [JFR Runtime Guide](https://docs.oracle.com/javacomponents/jmc-5-5/jfr-runtime-guide/preface_jfrrt.htm#JFRRT165) and [JFR Command Reference](https://docs.oracle.com/javacomponents/jmc-5-5/jfr-command-reference/command-line-options.htm#JFRCR-GUID-FE61CA60-E1DF-460E-A8E0-F4FF5D58A7A0) sections of the JDK Mission Control documentation. JDK-8261160: JDK Flight Recorder Event for Deserialization It is now possible to monitor deserialization of objects using JDK Flight Recorder (JFR). When JFR is enabled and the JFR configuration includes deserialization events, JFR will emit an event whenever the running program attempts to deserialize an object. The deserialization event is named `jdk.Deserialization`, and it is disabled by default. The deserialization event contains information that is used by the serialization filter mechanism; see the [ObjectInputFilter](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/io/ObjectInputFilter.html) specification. Additionally, if a filter is enabled, the JFR event indicates whether the filter accepted or rejected deserialization of the object. For further information about how to use the JFR deserialization event, see the article [Monitoring Deserialization to Improve Application Security](https://inside.java/2021/03/02/monitoring-deserialization-activity-in-the-jdk/). For reference information about using and configuring JFR, see the [JFR Runtime Guide](https://docs.oracle.com/javacomponents/jmc-5-5/jfr-runtime-guide/preface_jfrrt.htm#JFRRT165) and [JFR Command Reference](https://docs.oracle.com/javacomponents/jmc-5-5/jfr-command-reference/command-line-options.htm#JFRCR-GUID-FE61CA60-E1DF-460E-A8E0-F4FF5D58A7A0) sections of the JDK Mission Control documentation. security-libs/org.ietf.jgss:krb5: JDK-8139348: Deprecate 3DES and RC4 in Kerberos The `des3-hmac-sha1` and `rc4-hmac` Kerberos encryption types (etypes) are now deprecated and disabled by default. Users can set `allow_weak_crypto = true` in the `krb5.conf` configuration file to re-enable them (along with other weak etypes including `des-cbc-crc` and `des-cbc-md5`) at their own risk. To disable a subset of the weak etypes, users can list preferred etypes explicitly in any of the `default_tkt_enctypes`, `default_tgs_enctypes`, or `permitted_enctypes` settings. ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: client-libs: (P4) JDK-8283712: Create a manual test framework class (P4) JDK-8284898: Enhance PassFailJFrame (P4) JDK-8270312: Error: Not a test or directory containing tests: java/awt/print/PrinterJob/XparColor.java (P4) JDK-8284535: Fix PrintLatinCJKTest.java test that is failing with Parse Exception (P4) JDK-8283803: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintGlyphVectorTest.java and fix test client-libs/2d: (P3) JDK-8290334: Update FreeType to 2.12.1 (P3) JDK-8289853: Update HarfBuzz to 4.4.1 (P4) JDK-8255724: [XRender] the BlitRotateClippedArea test fails on Linux in the XR pipeline (P4) JDK-8284680: sun.font.FontConfigManager.getFontConfig() leaks charset client-libs/java.awt: (P4) JDK-6854300: [TEST_BUG] java/awt/event/MouseEvent/SpuriousExitEnter/SpuriousExitEnter_3.java fails in jdk6u14 & jdk7 (P4) JDK-8281569: Create tests for Frame.setMinimumSize() method (P4) JDK-8159694: HiDPI, Unity, java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java (P4) JDK-8288928: Incorrect GPL header in pnglibconf.h (backport of JDK-8185041) (P4) JDK-8169468: NoResizeEventOnDMChangeTest.java fails because FS Window didn't receive all resizes! (P4) JDK-8284956: Potential leak awtImageData/color_data when initializes X11GraphicsEnvironment (P4) JDK-8225122: Test AncestorResized.java fails when Windows desktop is scaled. client-libs/javax.accessibility: (P4) JDK-8282933: Create a test for JDK-4529616 (P4) JDK-8283245: Create a test for JDK-4670319 (P4) JDK-8283015: Create a test for JDK-4715496 (P4) JDK-8283087: Create a test or JDK-4715503 (P4) JDK-8284077: Create an automated test for JDK-4170173 (P4) JDK-8285693: Create an automated test for JDK-4702199 client-libs/javax.imageio: (P4) JDK-7131823: bug in GIFImageReader client-libs/javax.swing: (P3) JDK-8239902: [macos] Remove direct usage of JSlider, JProgressBar classes in CAccessible class (P3) JDK-8212904: JTextArea line wrapping incorrect when using UI scale (P4) JDK-8281738: Create a regression test for checking the 'Space' key activation of focused Button (P4) JDK-8282548: Create a regression test for JDK-4330998 (P4) JDK-8281745: Create a regression test for JDK-4514331 (P4) JDK-8282343: Create a regression test for JDK-4518432 (P4) JDK-8282234: Create a regression test for JDK-4532513 (P4) JDK-8281988: Create a regression test for JDK-4618767 (P4) JDK-8281535: Create a regression test for JDK-4670051 (P4) JDK-8280913: Create a regression test for JRootPane.setDefaultButton() method (P4) JDK-8283507: Create a regression test for RFE 4287690 (P4) JDK-8282789: Create a regression test for the JTree usecase of JDK-4618767 (P4) JDK-8283623: Create an automated regression test for JDK-4525475 (P4) JDK-8283493: Create an automated regression test for RFE 4231298 (P4) JDK-8283624: Create an automated regression test for RFE-4390885 (P4) JDK-8262085: Hovering Metal HTML Tooltips in different windows cause IllegalArgExc on Linux (P4) JDK-8172065: javax/swing/JTree/4908142/bug4908142.java The selected index should be "aad" (P4) JDK-8283621: Write a regression test for CCC4400728 (P4) JDK-8282860: Write a regression test for JDK-4164779 core-libs: (P3) JDK-8287663: Add a regression test for JDK-8287073 (P4) JDK-8287073: NPE from CgroupV2Subsystem.getInstance() (P4) JDK-8267180: Typo in copyright header for HashesTest core-libs/java.io: (P3) JDK-8266460: java.io tests fail on null stream with upgraded jtreg/TestNG core-libs/java.io:serialization: (P3) JDK-8261160: Add a deserialization JFR event core-libs/java.lang: (P3) JDK-8265020: tests must be updated for new TestNG module name (P4) JDK-8289569: [test] java/lang/ProcessBuilder/Basic.java fails on Alpine/musl (P4) JDK-8183372: Refactor java/lang/Class shell tests to java (P4) JDK-8266774: System property values for stdout/err on Windows UTF-8 core-libs/java.net: (P3) JDK-8266250: WebSocketTest and WebSocketProxyTest call assertEquals(List, List) (P4) JDK-8290886: [11u]: Backport of JDK-8266250 introduced test failures (P4) JDK-8278067: Make HttpURLConnection default keep alive timeout configurable core-libs/java.nio: (P4) JDK-8214078: (fs) SecureDirectoryStream not supported on arm32 (P4) JDK-8264400: (fs) WindowsFileStore equality depends on how the FileStore was constructed (P4) JDK-8265100: (fs) WindowsFileStore.hashCode() should read cached hash code once core-libs/java.rmi: (P4) JDK-8286114: [test] show real exception in bomb call in sun/rmi/runtime/Log/checkLogging/CheckLogging.java core-libs/java.text: (P4) JDK-8264792: The NumberFormat for locale sq_XK formats price incorrectly. core-libs/java.time: (P3) JDK-8292579: (tz) Update Timezone Data to 2022c core-libs/java.util: (P4) JDK-8274517: java/util/DoubleStreamSums/CompensatedSums.java fails with expected [true] but found [false] core-libs/java.util.concurrent: (P4) JDK-8214427: probable bug in logic of ConcurrentHashMap.addCount() core-libs/java.util.jar: (P4) JDK-8286582: Build fails on macos aarch64 when using --with-zlib=bundled (P4) JDK-8288763: Pack200 extraction failure with invalid size core-libs/java.util.regex: (P4) JDK-8247546: Pattern matching does not skip correctly over supplementary characters core-libs/java.util:i18n: (P3) JDK-8283277: ISO 4217 Amendment 171 Update (P3) JDK-8289549: ISO 4217 Amendment 172 Update (P3) JDK-8272352: Java launcher can not parse Chinese character when system locale is set to UTF-8 (P4) JDK-8028265: Add legacy tz tests to OpenJDK (P4) JDK-8238203: Return value of GetUserDefaultUILanguage() should be handled as LANGID core-libs/javax.naming: (P4) JDK-8287672: jtreg test com/sun/jndi/ldap/LdapPoolTimeoutTest.java fails intermittently in nightly run core-libs/jdk.nashorn: (P4) JDK-8290813: jdk/nashorn/api/scripting/test/ScriptObjectMirrorTest.java fails: assertEquals is ambiguous core-svc/debugger: (P3) JDK-8208471: nsk/jdb/unwatch/unwatch002/unwatch002.java fails with "Prompt is not received during 300200 milliseconds" (P4) JDK-8274687: JDWP deadlocks if some Java thread reaches wait in blockOnDebuggerSuspend core-svc/java.lang.management: (P4) JDK-8283903: GetContainerCpuLoad does not return the correct result in share mode docs: (P4) JDK-8251551: Use .md filename extension for README hotspot/compiler: (P1) JDK-8289856: [PPC64] SIGSEGV in C2Compiler::init_c2_runtime() after JDK-8289060 (P2) JDK-8288865: [aarch64] LDR instructions must use legitimized addresses (P2) JDK-8235870: C2 crashes in IdealLoopTree::est_loop_flow_merge_sz() (P2) JDK-8287432: C2: assert(tn->in(0) != __null) failed: must have live top node (P2) JDK-8288360: CI: ciInstanceKlass::implementor() is not consistent for well-known classes (P2) JDK-8282555: Missing memory edge when spilling MoveF2I, MoveD2L etc (P3) JDK-8251152: ARM32: jtreg c2 Test8202414 test crash (P3) JDK-8291713: assert(!phase->exceeding_node_budget()) failed: sanity after JDK-8223389 (P3) JDK-8284944: assert(cnt++ < 40) failed: infinite cycle in loop optimization (P3) JDK-8287223: C1: Inlining attempt through MH::invokeBasic() with null receiver (P3) JDK-8288781: C1: LIR_OpVisitState::maxNumberOfOperands too small (P3) JDK-8286177: C2: "failed: non-reduction loop contains reduction nodes" assert failure (P3) JDK-8270090: C2: LCM may prioritize CheckCastPP nodes over projections (P3) JDK-8285820: C2: LCM prioritizes locally dependent CreateEx nodes over projections after 8270090 (P3) JDK-8279622: C2: miscompilation of map pattern as a vector reduction (P3) JDK-8283441: C2: segmentation fault in ciMethodBlocks::make_block_at(int) (P3) JDK-8269517: compiler/loopopts/TestPartialPeelingSinkNodes.java crashes with -XX:+VerifyGraphEdges (P3) JDK-8258946: Fix optimization-unstable code involving signed integer overflow (P3) JDK-8288467: remove memory_operand assert for spilled instructions (P3) JDK-8284882: SIGSEGV in Node::verify_edges due to compilation bailout (P3) JDK-8290246: test fails "assert(init != __null) failed: initialization not found" (P3) JDK-8286314: Trampoline not created for far runtime targets outside small CodeCache (P3) JDK-8271010: vmTestbase/gc/lock/malloc/malloclock04/TestDescription.java crashes intermittently (P4) JDK-8277893: Arraycopy stress tests (P4) JDK-8279032: compiler/loopopts/TestSkeletonPredicateNegation.java times out with -XX:TieredStopAtLevel < 4 (P4) JDK-8271078: jdk/incubator/vector/Float128VectorTests.java failed a subtest hotspot/gc: (P3) JDK-8267271: Fix gc/arguments/TestNewRatioFlag.java expectedNewSize calculation (P3) JDK-8217170: gc/arguments/TestUseCompressedOopsErgo.java timed out (P3) JDK-8213695: gc/TestAllocateHeapAtMultiple.java is slow in some configs (P3) JDK-8288754: GCC 12 fails to build zReferenceProcessor.cpp (P3) JDK-8290198: Shenandoah: a few Shenandoah tests failure after JDK-8214799 11u backport (P4) JDK-8223575: add subspace transitions to gc+metaspace=info log lines (P4) JDK-8069343: Improve gc/g1/TestHumongousCodeCacheRoots.java to use jtreg @requires (P4) JDK-8217332: JTREG: Clean up, use generics instead of raw types hotspot/jfr: (P3) JDK-8290004: [PPC64] JfrGetCallTrace: assert(_pc != nullptr) failed: must have PC (P3) JDK-8287463: JFR: Disable TestDevNull.java on Windows (P3) JDK-8282947: JFR: Dump on shutdown live-locks in some conditions (P3) JDK-8239265: JFR: Test cleanup of jdk.jfr.api.consumer package (P4) JDK-8242188: error in jtreg test jdk/jfr/api/consumer/TestRecordedFrame.java on linux-aarch64 (P4) JDK-8239423: jdk/jfr/jvm/TestJFRIntrinsic.java failed with -XX:-TieredCompilation hotspot/jvmti: (P4) JDK-6606767: resexhausted00[34] fail assert(!thread->owns_locks(), "must release all locks when leaving VM") (P4) JDK-8278519: serviceability/jvmti/FieldAccessWatch/FieldAccessWatch.java failed "assert(handle != __null) failed: JNI handle should not be null" (P4) JDK-8249623: test @ignore-d due to 7013634 should be returned back to execution (P4) JDK-8218128: vmTestbase/nsk/jvmti/ResourceExhausted/resexhausted003 and 004 use wrong path to test classes hotspot/runtime: (P3) JDK-8289799: Build warning in methodData.cpp memset zero-length parameter (P3) JDK-8287107: CgroupSubsystemFactory.setCgroupV2Path asserts with freezer controller (P3) JDK-8281181: Do not use CPU Shares to compute active processor count (P3) JDK-8273526: Extend the OSContainer API pids controller with pids.current (P3) JDK-8266490: Extend the OSContainer API to support the pids controller of cgroups (P3) JDK-8287741: Fix of JDK-8287107 (unused cgv1 freezer controller) was incomplete (P3) JDK-8289477: Memory corruption with CPU_ALLOC, CPU_FREE on muslc (P3) JDK-8284754: print more interesting env variables in hs_err and VM.info (P3) JDK-8209736: runtime/RedefineTests/ModifyAnonymous.java fails with NullPointerException when running in CDS mode (P3) JDK-8272398: Update DockerTestUtils.buildJdkDockerImage() (P4) JDK-8292852: [11u] TestMemoryWithCgroupV1 fails after JDK-8292768 (P4) JDK-8284758: [linux] improve print_container_info (P4) JDK-8284950: CgroupV1 detection code should consider memory.swappiness (P4) JDK-8230708: Hotspot fails to build on linux-sparc with gcc-9 (P4) JDK-8253916: ResourceExhausted/resexhausted001 crashes on Linux-x64 (P4) JDK-8257623: vmTestbase/nsk/jvmti/ResourceExhausted/resexhausted001/TestDescription.java shouldn't use timeout hotspot/svc: (P3) JDK-8283849: AsyncGetCallTrace may crash JVM on guarantee hotspot/svc-agent: (P3) JDK-8238268: Many SA tests are not running on OSX because they do not attempt to use sudo when available (P3) JDK-8238196: tests that use SA Attach should not be allowed to run against signed binaries on Mac OS X 10.14.5 and later hotspot/test: (P4) JDK-8219149: ProcessTools.ProcessBuilder should print timing info for subprocesses (P4) JDK-8274506: TestPids.java and TestPidsLimit.java fail with podman run as root (P4) JDK-8210107: vmTestbase/nsk/stress/network tests fail with Cannot assign requested address (Bind failed) infrastructure: (P3) JDK-8268185: Update GitHub Actions for jtreg 6 (P3) JDK-8266254: Update to use jtreg 6 (P4) JDK-8287017: Bump update version for OpenJDK: jdk-11.0.17 infrastructure/build: (P3) JDK-8287366: Improve test failure reporting in GHA (P3) JDK-8218413: make reconfigure ignores configure-time AUTOCONF environment variable (P3) JDK-8252145: Unify Info.plist files with correct version strings (P4) JDK-8291794: [11u] Corrections after backport of JDK-8212028 (P4) JDK-8210960: Allow --with-boot-jdk-jvmargs to work during configure (P4) JDK-8285728: Alpine Linux build fails with busybox tar (P4) JDK-8290000: Bump macOS GitHub actions to macOS 11 (P4) JDK-8265531: doc/building.md should mention homebrew install freetype (P4) JDK-8287202: GHA: Add macOS aarch64 to the list of default platforms for workflow_dispatch event (P4) JDK-8287336: GHA: Workflows break on patch versions (P4) JDK-8283017: GHA: Workflows break with update release versions (P4) JDK-8275008: gtest build failure due to stringop-overflow warning with gcc11 (P4) JDK-8233712: Limit default tests jobs based on ulimit -u setting (P4) JDK-8221907: make reconfigure breaks when configured with relative paths (P4) JDK-8254178: Remove .hgignore (P4) JDK-8254318: Remove .hgtags infrastructure/release_eng: (P4) JDK-8295057: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.17 security-libs: (P3) JDK-8285380: Fix typos in security (P3) JDK-8282538: PKCS11 tests fail on CentOS Stream 9 (P4) JDK-8279385: [test] Adjust sun/security/pkcs12/KeytoolOpensslInteropTest.java after 8278344 (P4) JDK-8278344: sun/security/pkcs12/KeytoolOpensslInteropTest.java test fails because of different openssl output security-libs/java.security: (P2) JDK-8285696: AlgorithmConstraints:permits not throwing IllegalArgumentException when 'alg' is null (P2) JDK-8186143: keytool -ext option doesn't accept wildcards for DNS subject alternative names (P3) JDK-8269039: Disable SHA-1 Signed JARs (P3) JDK-8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled (P3) JDK-8267880: Upgrade the default PKCS12 MAC algorithm security-libs/javax.crypto: (P3) JDK-8281628: KeyAgreement : generateSecret intermittently not resetting security-libs/javax.net.ssl: (P4) JDK-8284694: Avoid evaluating SSLAlgorithmConstraints twice (P4) JDK-8266881: Enable debug log for SSLEngineExplorerMatchedSNI.java (P4) JDK-8226976: SessionTimeOutTests uses == operator for String value check (P4) JDK-8164804: sun/security/ssl/SSLSocketImpl/CloseSocket.java makes not reliable time assumption security-libs/javax.smartcardio: (P3) JDK-8286211: Update PCSC-Lite for SUSE Linux to 1.9.5 security-libs/javax.xml.crypto: (P3) JDK-8247964: All log0() in com/sun/org/slf4j/internal/Logger.java should be private (P3) JDK-8247907: XMLDsig logging does not work security-libs/jdk.security: (P4) JDK-8293429: [11u] minor update in attribute style (P4) JDK-8285398: Cache the results of constraint checks security-libs/org.ietf.jgss: (P4) JDK-8253829: Wrong length compared in SSPI bridge security-libs/org.ietf.jgss:krb5: (P3) JDK-8139348: Deprecate 3DES and RC4 in Kerberos tools/javac: (P2) JDK-8203277: preflow visitor used during lambda attribution shouldn't visit class definitions inside the lambda body (P3) JDK-8236490: Compiler bug relating to @NonNull annotation (P3) JDK-8193462: Fix Filer handling of package-info initial elements (P4) JDK-8255729: com.sun.tools.javac.processing.JavacFiler.FilerOutputStream is inefficient (P4) JDK-8266675: Optimize IntHashTable for encapsulation and ease of use tools/javadoc(tool): (P3) JDK-8215291: Broken links when generating from project without modules (P3) JDK-8221871: javadoc should not set role=region on
elements (P3) JDK-8282214: Upgrade JQuery to version 3.6.0 (P3) JDK-8284367: Upgrade JQuery UI to 1.13.1 from 1.12.1 (P4) JDK-8236823: Ensure that API documentation uses minified libraries (P4) JDK-8209052: Low contrast in docs/api/constant-values.html tools/jlink: (P3) JDK-8240903: Add test to check that jmod hashes are reproducible (P3) JDK-8266461: tools/jmod/hashes/HashesTest.java fails: static @Test methods xml: (P5) JDK-8285097: Duplicate XML keys in XPATHErrorResources.java and XSLTErrorResources.java xml/javax.xml.xpath: (P5) JDK-8289471: Issue in Initialization of keys in ErrorMsg.java and XPATHErrorResources.java xml/jaxp: (P3) JDK-8289486: Improve XSLT XPath operators count efficiency (P4) JDK-8285081: Improve XPath operators count accuracy (P4) JDK-8210722: JAXP Tests: CatalogSupport2 and CatalogSupport3 generate incorrect messages upon failure (P4) JDK-8282280: Update Xerces2 Java to Version 2.12.2