RELEASE NOTES: JDK 11.0.20

Notes generated: Sat May 03 13:52:35 CEST 2025

JEPs

None.

RELEASE NOTES

hotspot/compiler

Issue Description

Issue	Description
JDK-8308884	GregorianCalender.computeTime() JVM Crash A virtual machine crash was observed in JDK 11.0.19 and 17.0.7 when executing the `GregorianCalender.computeTime()` method (JDK-8307683). It was found that although the root cause of the crash is an old issue, a recent fix for a rare issue in the C2 compiler (JDK-8297951) made the crash much more likely. To mitigate this, the fix has been reverted in JDK 11.0.20 and 17.0.8 and will be reapplied once JDK-8307683 is resolved.

GregorianCalender.computeTime() JVM Crash

A virtual machine crash was observed in JDK 11.0.19 and 17.0.7 when executing the GregorianCalender.computeTime() method (JDK-8307683). It was found that although the root cause of the crash is an old issue, a recent fix for a rare issue in the C2 compiler (JDK-8297951) made the crash much more likely. To mitigate this, the fix has been reverted in JDK 11.0.20 and 17.0.8 and will be reapplied once JDK-8307683 is resolved.

core-libs/java.nio.charsets

Issue Description

Issue	Description
JDK-8301119	Support for GB18030-2022 China National Standard body (CESI) has recently published GB18030-2022 which is an updated version of the GB18030 standard and brings GB18030 in sync with Unicode version 11.0. The `Charset` implementation for this new standard has now replaced the prior `2000` standard. However, this new standard has some incompatible changes from the prior implementation. For those who need to use the old mappings, a new system property `jdk.charset.GB18030` is introduced. By setting its value to `2000`, the previous JDK releases' mappings for the `GB18030 Charset` are used which are based on the `2000` standard.

JDK-8301119

Support for GB18030-2022

China National Standard body (CESI) has recently published GB18030-2022 which is an updated version of the GB18030 standard and brings GB18030 in sync with Unicode version 11.0. The Charset implementation for this new standard has now replaced the prior 2000 standard. However, this new standard has some incompatible changes from the prior implementation. For those who need to use the old mappings, a new system property jdk.charset.GB18030 is introduced. By setting its value to 2000, the previous JDK releases' mappings for the GB18030 Charset are used which are based on the 2000 standard.

tools/javadoc(tool)

Issue Description

Issue	Description
JDK-8259530	Legal Headers for Generated Files The set of files generated by the Standard Doclet typically includes some files with associated licensing requirements. The Standard Doclet now provides support for including the associated legal files, with default behavior for the common case and a new command-line option (`--legal-notices`) to override that behavior when appropriate.

JDK-8259530

Legal Headers for Generated Files

The set of files generated by the Standard Doclet typically includes some files with associated licensing requirements. The Standard Doclet now provides support for including the associated legal files, with default behavior for the common case and a new command-line option (--legal-notices) to override that behavior when appropriate.

security-libs/java.security

Issue	Description
JDK-8307134	Added 4 GTS Root CA Certificates The following root certificates have been added to the cacerts truststore: ``` + Google Trust Services LLC + gtsrootcar1 DN: CN=GTS Root R1, O=Google Trust Services LLC, C=US Google Trust Services LLC gtsrootcar2 DN: CN=GTS Root R2, O=Google Trust Services LLC, C=US Google Trust Services LLC gtsrootecccar3 DN: CN=GTS Root R3, O=Google Trust Services LLC, C=US Google Trust Services LLC gtsrootecccar4 DN: CN=GTS Root R4, O=Google Trust Services LLC, C=US ```
JDK-8305975	Added TWCA Root CA Certificate The following root certificate has been added to the cacerts truststore: ` + TWCA + twcaglobalrootca DN: CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW`
JDK-8304760	Added Microsoft Corporation's 2 TLS Root CA Certificates The following root certificates have been added to the cacerts truststore: ``` + Microsoft Corporation + microsoftecc2017 DN: CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft Corporation, C=US Microsoft Corporation microsoftrsa2017 DN: CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft Corporation, C=US ```
JDK-8303465	Enhance Contents (Trusted Certificate Entries) of macOS KeychainStore The macOS KeychainStore implementation now exposes certificates with proper trust in the user domain, admin domain, or both. Before, only the user domain was considered. Furthermore, if there exists a "deny" entry for a particular purpose in a certificate's trust settings in either domain, the certificate will not be part of the macOS KeychainStore.

FIXED ISSUES

client-libs

Priority	Bug	Summary
P3	JDK-8298887	On the latest macOS+XCode the Robot API may report wrong colors

client-libs/2d

Priority	Bug	Summary
P3	JDK-8304291	[AIX] Broken build after JDK-8301998
P3	JDK-8301998	Update HarfBuzz to 7.0.1
P3	JDK-8303482	Update LCMS to 2.15
P4	JDK-8304350	Font.getStringBounds calculates wrong width for TextAttribute.TRACKING other than 0.0
P4	JDK-8304295	harfbuzz build fails with GCC 7 after JDK-8301998

client-libs/java.awt

Priority	Bug	Summary
P4	JDK-8213531	Test javax/swing/border/TestTitledBorderLeak.java fails
P4	JDK-8296934	Write a test to verify whether Undecorated Frame can be iconified or not

client-libs/javax.accessibility

Priority	Bug	Summary
P3	JDK-8263420	Incorrect function name in NSAccessibilityStaticText native peer implementation

client-libs/javax.imageio

Priority	Bug	Summary
P3	JDK-8302151	BMPImageReader throws an exception reading BMP images

client-libs/javax.swing

Priority	Bug	Summary
P3	JDK-8264290	Create implementation for NSAccessibilityComponentGroup protocol peer
P3	JDK-8264304	Create implementation for NSAccessibilityToolbar protocol peer
P3	JDK-8227257	javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError
P4	JDK-8277775	Fixup bugids in RemoveDropTargetCrashTest.java - add 4357905
P4	JDK-8297450	ScaledTextFieldBorderTest.java fails when run with -show parameter
P4	JDK-8300205	Swing test bug8078268 make latch timeout configurable

core-libs

Priority	Bug	Summary
P3	JDK-8275735	[linux] Remove deprecated Metrics api (kernel memory limit)
P4	JDK-8283059	Uninitialized warning in check_code.c with GCC 11.2

core-libs/java.lang

Priority	Bug	Summary
P3	JDK-8171426	java/lang/ProcessBuilder/Basic.java failed with Stream closed
P4	JDK-8276880	Remove java/lang/RuntimeTests/exec/ExecWithDir as unnecessary

core-libs/java.lang.module

Priority	Bug	Summary
P4	JDK-8257856	Make ClassFileVersionsTest.java robust to JDK version updates

core-libs/java.lang:class_loading

Priority	Bug	Summary
P4	JDK-8302791	Add specific ClassLoader object to Proxy IllegalArgumentException message

core-libs/java.net

Priority	Bug	Summary
P3	JDK-8291226	Create Test Cases to cover scenarios for JDK-8278067
P3	JDK-8291637	HttpClient default keep alive timeout not followed if server sends invalid value
P3	JDK-8291638	Keep-Alive timeout of 0 should close connection immediately
P4	JDK-8232853	AuthenticationFilter.Cache::remove may throw ConcurrentModificationException
P4	JDK-8187522	test/sun/net/ftp/FtpURLConnectionLeak.java timed out

core-libs/java.nio

Priority	Bug	Summary
P4	JDK-8305528	[11u] Backport of JDK-8259530 breaks build with JDK10 bootstrap VM

core-libs/java.nio.charsets

Priority	Bug	Summary
P4	JDK-8301119	Support for GB18030-2022

core-libs/java.time

Priority	Bug	Summary
P3	JDK-8305113	(tz) Update Timezone Data to 2023c
P3	JDK-8278434	timeouts in test java/time/test/java/time/format/TestZoneTextPrinterParser.java

core-libs/java.util:i18n

Priority	Bug	Summary
P3	JDK-8305400	ISO 4217 Amendment 175 Update
P3	JDK-8275721	Name of UTC timezone in a locale changes depending on previous code
P3	JDK-8303440	The "ZonedDateTime.parse" may not accept the "UTC+XX" zone id
P3	JDK-8209880	tzdb.dat is not reproducibly built
P3	JDK-8209167	Use CLDR's time zone mappings for Windows
P4	JDK-8274864	Remove Amman/Cairo hacks in ZoneInfoFile

core-svc/tools

Priority	Bug	Summary
P3	JDK-8303937	Corrupted heap dumps due to missing retries for os::write()

hotspot/compiler

Priority	Bug	Summary
P3	JDK-8308884	[17u/11u] Backout JDK-8297951
P3	JDK-8303564	C2: "Bad graph detected in build_loop_late" after a CMove is wrongly split thru phi
P3	JDK-8269746	C2: assert(!in->is_CFG()) failed: CFG Node with no controlling input?
P3	JDK-8299259	C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE
P3	JDK-8300079	SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument
P4	JDK-8282467	add extra diagnostics for JDK-8268184
P4	JDK-8305711	Arm: C2 always enters slowpath for monitorexit
P5	JDK-8306768	CodeCache Analytics reports wrong threshold

hotspot/runtime

Priority	Bug	Summary
P2	JDK-8215575	C2 crash: assert(get_instanceKlass()->is_loaded()) failed: must be at least loaded
P3	JDK-8287007	[cgroups] Consistently use stringStream throughout parsing code
P3	JDK-8295974	jni_FatalError and Xcheck:jni warnings should print the native stack when there are no Java frames
P3	JDK-8243936	NonWriteable system properties are actually writeable
P3	JDK-8292206	TestCgroupMetrics.java fails as getMemoryUsage() is lower than expected
P4	JDK-8303861	Error handling step timeouts should never be blocked by OnError and others
P4	JDK-8214807	Improve handling of very old class files
P4	JDK-8308006	Missing NMT memory tagging in CMS

hotspot/svc

Priority	Bug	Summary
P3	JDK-8301170	perfMemory_windows.cpp add free_security_attr to early returns
P4	JDK-8303102	jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN

hotspot/test

Priority	Bug	Summary
P4	JDK-8307811	[TEST] compilation of TimeoutInErrorHandlingTest fails after backport of JDK-8303861
P4	JDK-8303822	gtestMain should give more helpful output

infrastructure

Priority	Bug	Summary
P4	JDK-8303432	Bump update version for OpenJDK: jdk-11.0.20

infrastructure/build

Priority	Bug	Summary
P2	JDK-8306543	GHA: MSVC installation is failing
P3	JDK-8303476	Add the runtime version in the release file of a JDK image
P3	JDK-8306658	GHA: MSVC installation could be optional since it might already be pre-installed
P3	JDK-8306664	GHA: Update MSVC version to latest stepping
P3	JDK-8300490	Spaces in name of MacOS Code Signing Identity are not correctly handled after JDK-8293550
P4	JDK-8220093	Change to GCC 8.2 for building on Linux at Oracle
P4	JDK-8304134	jib bootstrapper fails to quote filename when checking download filetype
P4	JDK-8248701	On Windows generated modules-deps.gmk can contain backslash-r (CR) characters
P4	JDK-8289735	UTIL_LOOKUP_PROGS fails on pathes with space
P4	JDK-8306976	UTIL_REQUIRE_SPECIAL warning on grep
P5	JDK-8297000	[jib] Add more friendly warning for proxy issues
P5	JDK-8305721	add `make compile-commands` artifacts to .gitignore

infrastructure/release_eng

Priority	Bug	Summary
P4	JDK-8311465	[11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.20

security-libs

Priority	Bug	Summary
P3	JDK-8303354	addCertificatesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return
P4	JDK-8303576	addIdentitiesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return

security-libs/java.security

Priority	Bug	Summary
P3	JDK-8304760	Add 2 Microsoft TLS roots
P3	JDK-8307134	Add GTS root CAs
P3	JDK-8305975	Add TWCA Global Root CA
P3	JDK-8282201	Consider removal of expiry check in VerifyCACerts.java test
P3	JDK-8303465	KeyStore of type KeychainStore, provider Apple does not show all trusted certificates
P4	JDK-8246383	NullPointerException in JceSecurity.getVerificationResult when using Entrust provider

security-libs/javax.crypto

Priority	Bug	Summary
P3	JDK-8280703	CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption
P4	JDK-8178806	Better exception logging in crypto code

security-libs/javax.crypto:pkcs11

Priority	Bug	Summary
P3	JDK-8294906	Memory leak in PKCS11 NSS TLS server
P4	JDK-8293232	Fix race condition in pkcs11 SessionManager
P4	JDK-8214459	NSS source should be removed
P4	JDK-8289301	P11Cipher should not throw out of bounds exception during padding
P4	JDK-8293815	P11PSSSignature.engineUpdate should not print debug messages during normal operation
P4	JDK-8282077	PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error

security-libs/javax.net.ssl

Priority	Bug	Summary
P3	JDK-8282600	SSLSocketImpl should not use user_canceled workaround when not necessary

security-libs/javax.xml.crypto

Priority	Bug	Summary
P4	JDK-8287246	DSAKeyValue should check for missing params instead of relying on KeyFactory provider

security-libs/jdk.security

Priority	Bug	Summary
P3	JDK-8209546	Make sun/security/tools/keytool/autotest.sh to support macosx

tools/javac

Priority	Bug	Summary
P3	JDK-8275233	Incorrect line number reported in exception stack trace thrown from a lambda expression

tools/javadoc(tool)

Priority	Bug	Summary
P3	JDK-8259530	Generated docs contain MIT/GPL-licenced works without reproducing the licence

tools/jlink

Priority	Bug	Summary
P4	JDK-8309476	[11u] tools/jmod/hashes/HashesOrderTest.java fails intermittently

tools/jshell

Priority	Bug	Summary
P3	JDK-8287897	Augment src/jdk.internal.le/share/legal/jline.md with information on 4th party dependencies
P4	JDK-8286398	Address possibly lossy conversions in jdk.internal.le