Notes generated: Thu May 02 15:10:25 CEST 2024





Issue Description

The Default TLS Diffie-Hellman Group Size Has Been Increased from 1024-bit to 2048-bit

The JDK implementation of TLS 1.2 now uses a default Diffie Hellman keysize of 2048 bits when a TLS_DHE cipher suite is negotiated and either the client or server does not support FFDHE, which can negotiate a stronger keysize. The JDK TLS implementation supports FFDHE and it is enabled by default.

As a workaround, users can revert to the previous size by setting the jdk.tls.ephemeralDHKeySize system property to 1024 (at their own risk).

This change does not affect TLS 1.3 as the minimum DH group size is already 2048 bits.


Use Server Cipher Suites Preference by Default

For TLS connections, the cipher suite selection, by default, is updated to use the server cipher suites preference. Applications can configure the behavior by using the SSLParameters.setUseCipherSuitesOrder​() method.


Issue Description

JDK Now Accepts RSA Keys in PKCS#1 Format

RSA private and public keys in PKCS#1 format can now be accepted by JDK providers, such as the RSA KeyFactory.impl from the SunRsaSign provider. The RSA private or public key object should have the PKCS#1 format and an encoding matching the ASN.1 syntax for a PKCS#1 RSA private key and public key.


Issue Description

`-XshowSettings:locale` Output Now Includes Tzdata Version

The -XshowSettings launcher option has been enhanced to print the tzdata version configured with the JDK. The tzdata version is displayed as part of the locale showSettings option.

Example output using -X:showSettings:locale: ` ..... Locale settings: default locale = English default display locale = English default format locale = English tzdata version = 2023c ..... `


Issue Description

Removed SECOM Trust System's RootCA1 Root Certificate

The following root certificate from SECOM Trust System has been removed from the cacerts keystore: ``` + alias name "secomscrootca1 [jdk]" Distinguished Name: OU=Security Communication RootCA1, O=SECOM, C=JP



Throw Error If Default File Fails to Load

A behavioral change has been made when the default conf/security/ security configuration file fails to load. In such a scenario, the JDK will now throw an InternalError.

Such a scenario should never occur. The default security file should always be present. Prior to this change, a static security configuration was loaded.


Added Certigna Root CA Certificate

The following root certificate has been added to the cacerts truststore: ` + Certigna (Dhimyotis) + certignarootca DN: CN=Certigna Root CA, OU=0002 48146308100036, O=Dhimyotis, C=FR `



Priority Bug Summary
P4 JDK-8307569 Build with gcc8 is broken after JDK-8307301
P4 JDK-8296084 javax/swing/JSpinner/4788637/ fails intermittently on a VM


Priority Bug Summary
P3 JDK-8307603 [AIX] Broken build after JDK-8307301
P3 JDK-8307604 gcc12 based Alpine build broken build after JDK-8307301
P3 JDK-8312555 Ideographic characters aren't stretched by AffineTransform.scale(2, 1)
P3 JDK-8306881 Update FreeType to 2.13.0
P3 JDK-8307301 Update HarfBuzz to 7.2.0
P4 JDK-8311033 [macos] PrinterJob does not take into account Sides attribute
P4 JDK-8298974 Add ftcolor.c to imported freetype sources
P4 JDK-8295737 macOS: Print content cut off when width > height with portrait orientation
P4 JDK-8275303 sun/java2d/pipe/ fails with D3D basic render driver
P4 JDK-8297681 Unnecessary color conversion during 4BYTE_ABGR_PRE to INT_ARGB_PRE blit


Priority Bug Summary
P2 JDK-8307799 Newly added java/awt/dnd/ has invalid jtreg `@requires` clause
P2 JDK-8311689 Wrong visible amount in Adjustable of ScrollPane
P3 JDK-6176679 Application freezes when copying an animated gif image to the system clipboard
P3 JDK-8286481 Exception printed to stdout on Windows when storing transparent image in clipboard
P3 JDK-8297923 java.awt.ScrollPane broken after multiple scroll up/down
P3 JDK-8310054 ScrollPane insets are incorrect
P3 JDK-8305815 Update Libpng to 1.6.39
P4 JDK-8314086 [11u] A typo in the fix for JDK-8312462 is causing test failure in
P4 JDK-8222323 fails with "RuntimeException: Failed to unset alwaysOnTop"
P4 JDK-8298921 Create a regression test for JDK-8139581
P4 JDK-8307135 java/awt/dnd/NotReallySerializableTest/ failed
P4 JDK-8304054 Linux: NullPointerException from FontConfiguration.getVersion in case no fonts are installed
P4 JDK-8306682 Open source a few more AWT Choice tests
P4 JDK-8306133 Open source few AWT Drag & Drop related tests
P4 JDK-8306954 Open source five Focus related tests
P4 JDK-8306484 Open source several AWT Choice jtreg tests
P4 JDK-8306137 Open source several AWT ScrollPane related tests
P4 JDK-8306638 Open source some AWT tests related to datatransfer and Toolkit
P4 JDK-8307128 Open source some drag and drop tests 4
P4 JDK-8307078 Opensource and clean up five more AWT Focus related tests
P4 JDK-8306718 Optimize and opensource some old AWT tests
P4 JDK-8297523 Various GetPrimitiveArrayCritical miss result - NULL check


Priority Bug Summary
P4 JDK-8284524 Create an automated test for JDK-4422362
P4 JDK-8284767 Create an automated test for JDK-4422535


Priority Bug Summary
P3 JDK-8269091 javax/sound/sampled/Clip/ failed with ArrayIndexOutOfBoundsException: Array index out of range: -4


Priority Bug Summary
P3 JDK-8263970 Manual test javax/swing/JTextField/JapaneseReadingAttributes/ failed
P4 JDK-8286172 Create an automated test for JDK-4516019
P4 JDK-8286620 Create regression test for verifying setMargin() of JRadioButton
P4 JDK-8285635 javax/swing/JRootPane/ failed with Default Button not pressed for L&F:
P4 JDK-8306955 Open source several JComboBox jtreg tests
P4 JDK-8307133 Open source some JTable jtreg tests
P4 JDK-8307080 Open source some more JComboBox jtreg tests
P4 JDK-8225012 sanity/client/SwingSet/src/ fails on Windows
P4 JDK-8299713 Test javax/swing/JTableHeader/6889007/ failed: Wrong type of cursor


Priority Bug Summary
P3 JDK-8229333 java/io/File/ timed out
P4 JDK-8249699 java/io/ByteArrayOutputStream/ should use @requires instead of @ignore


Priority Bug Summary
P3 JDK-8276651 java/lang/ProcessHandle tests fail with "RuntimeException: Input/output error" in java.lang.ProcessHandleImpl$Info.info0
P4 JDK-8260934 java/lang/StringBuilder/ fails without Compact Strings


Priority Bug Summary
P4 JDK-8292443 Weak CAS VarHandle/Unsafe tests should test always-failing cases


Priority Bug Summary
P4 JDK-8232195 Enable BigInteger tests: DivisionOverflow, SymmetricRangeTests and StringConstructorOverflow
P4 JDK-8239007 java/math/BigInteger/largeMemory/ tests should be disabled on 32-bit platforms
P4 JDK-8232840 java/math/BigInteger/largeMemory/ fails due to "OutOfMemoryError: Requested array size exceeds VM limit"
P4 JDK-8241097 java/math/BigInteger/largeMemory/ requires -XX:+CompactStrings


Priority Bug Summary
P3 JDK-8217237 HttpClient does not deal well with multi-valued WWW-Authenticate challenge headers
P3 JDK-8223573 Replace wildcard address with loopback or local host in tests - part 4
P3 JDK-8223856 Replace wildcard address with loopback or local host in tests - part 8
P4 JDK-8232101 (sctp) Add minimal sanity tests for SCTP
P4 JDK-8223714 HTTPSetAuthenticatorTest could be made more resilient
P4 JDK-8229348 java/net/DatagramSocket/ fails intermittently
P4 JDK-8231037 java/net/InetAddress/ptr/ fails intermittently due to reverse lookup failed
P4 JDK-8230132 java/net/NetworkInterface/ to skip Teredo Tunneling Pseudo-Interface
P4 JDK-8293562 KeepAliveCache Blocks Threads while Closing Connections
P4 JDK-8231516 network failed due to "SocketException: maximum number of DatagramSockets reached"
P4 JDK-8305763 Parsing a URI with an underscore goes through a silent exception, negatively impacting performance
P4 JDK-8268464 Remove dependancy of TestHttpsServer, HttpTransaction, HttpCallback from open/test/jdk/sun/net/www/protocol/https/ tests
P4 JDK-8223783 sun/net/www/http/HttpClient/ sometimes detect threads+1 connections
P4 JDK-8229481 sun/net/www/protocol/https/ failed with a SSLException


Priority Bug Summary
P3 JDK-8237183 Bug ID missing for test in patch which fixed JDK-8230665
P4 JDK-8224617 (fs) java/nio/file/FileStore/ found filesystem twice
P4 JDK-8283756 (zipfs) ZipFSOutputStreamTest.testOutputStream should only check inflated bytes
P4 JDK-8279536 jdk/nio/zipfs/ timed out


Priority Bug Summary
P4 JDK-8158880 test/java/time/tck/java/time/format/ fail with zh_CN locale


Priority Bug Summary
P2 JDK-8259796 timed CompletableFuture.get may swallow InterruptedException
P3 JDK-8254350 CompletableFuture.get may swallow InterruptedException
P3 JDK-8300098 java/util/concurrent/ConcurrentHashMap/ fails with internal timeout when executed with TieredCompilation1/3


Priority Bug Summary
P3 JDK-8315135 Memory leak in the native implementation of Pack200.Unpacker.unpack()


Priority Bug Summary
P5 JDK-8229338 clean up test/jdk/java/util/RandomAccess/


Priority Bug Summary
P3 JDK-8234808 jdb quoted option parsing broken
P4 JDK-8260878 com/sun/jdi/ fails without jfr


Priority Bug Summary
P3 JDK-8300659 Refactor TestMemoryAwareness to use WhiteBox api for host values


Priority Bug Summary
P3 JDK-8293657 sun/management/jmxremote/bootstrap/ failed with "SSLHandshakeException: Remote host terminated the handshake"


Priority Bug Summary
P2 JDK-8307572 AArch64: Vector registers are clobbered by some macroassemblers
P3 JDK-8299658 C1 compilation crashes in LinearScan::resolve_exception_edge
P3 JDK-8289748 C2 compiled code crashes with SIGFPE with -XX:+StressLCM and -XX:+StressGCM
P3 JDK-8297730 C2: Arraycopy intrinsic throws incorrect exception
P3 JDK-8303511 C2: assert(get_ctrl(n) == cle_out) during unrolling
P3 JDK-8301491 C2: java.lang.StringUTF16::indexOfChar intrinsic called with negative character argument
P3 JDK-8201516 DebugNonSafepoints generates incorrect information
P4 JDK-8306636 Disable compiler/c2/ with -XX:TieredStopAtLevel=3
P4 JDK-8313878 Exclude two compiler/rtm/locking tests on ppc64le
P4 JDK-8218471 does not correctly invoke
P4 JDK-8273807 Zero: Drop incorrect test block from compiler/startup/
P5 JDK-8301959 Compile command in compiler.loopopts.TestRemoveEmptyCountedLoop does not work


Priority Bug Summary
P3 JDK-8310176 JDK 11 G1 crash during full GC with +UseStringDeduplication
P4 JDK-8315529 [11u] Exclude some failing Z-GC tests


Priority Bug Summary
P4 JDK-8313803 [11u] Exclude jdk/jfr/event/sampling/


Priority Bug Summary
P2 JDK-8291830 jvmti/RedefineClasses/StressRedefine failed: assert(!is_null(v)) failed: narrow klass value can never be zero
P3 JDK-8221372 Test vmTestbase/nsk/jvmti/GetThreadState/thrstat001/ times out
P3 JDK-8257993 vmTestbase/nsk/jvmti/RedefineClasses/StressRedefine/ crash intermittently
P4 JDK-8211343 nsk_jvmti_parseoptions should handle multiple suboptions
P4 JDK-8216059 nsk_jvmti_parseoptions still has dependency on tilde separator


Priority Bug Summary
P4 JDK-8239537 cgroup MetricsTester testMemorySubsystem fails sometimes when testing memory.kmem.tcp.usage_in_bytes
P4 JDK-8314950 CMS may miss NMT tag after mark stack expansion
P4 JDK-8299424 containers/docker/ fails on SLES12 ppc64le when testing Memory and Swap Limit
P4 JDK-8309138 Fix container tests for jdks with symlinked conf dir
P4 JDK-8265980 Fix systemDictionary and loaderConstraints printing
P4 JDK-8312138 jcmd VM.metaspace vslist has no newline character before the Class: label.
P4 JDK-8229147 Linux os::create_thread() overcounts guardpage size with newer glibc (>=2.27)
P4 JDK-8297887 Update Siphash
P4 JDK-8305421 Work around JDK-8305420 in


Priority Bug Summary
P4 JDK-8313796 AsyncGetCallTrace crash on unreadable interpreter method pointer
P4 JDK-8181383 com/sun/jdi/ fails intermittently with bind failed: Address already in use


Priority Bug Summary
P4 JDK-8217612 (CL)HSDB cannot show some JVM flags
P4 JDK-8243210 ClhsdbScanOops fails with NullPointerException in FileMapHeader.inCopiedVtableSpace
P4 JDK-8217850 CompressedClassSpaceSizeInJmapHeap fails after JDK-8217612


Priority Bug Summary
P4 JDK-8313159 [11u] Fix test after Merge error
P4 JDK-8244078 ProcessTools executeTestJvm and createJavaProcessBuilder have inconsistent handling of test.*.opts
P5 JDK-8252530 Fix inconsistencies in hotspot whitebox


Priority Bug Summary
P4 JDK-8309108 Bump update version for OpenJDK: jdk-11.0.21


Priority Bug Summary
P3 JDK-8291444 GHA builds/tests won't run manually if disabled from automatic running
P4 JDK-8304867 Explicitly disable dtrace for ppc builds


Priority Bug Summary
P4 JDK-8317644 [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.21


Priority Bug Summary
P2 JDK-8314960 Add Certigna Root CA - 2
P3 JDK-8293858 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG
P3 JDK-8224729 Cleanups in sun/security/provider/certpath/ldap/
P3 JDK-8239264 Clearup the legacy ObjectIdentifier constructor from int array
P3 JDK-8242151 Improve OID mapping and reuse among JDK security providers for aliases registration
P3 JDK-8242897 KeyFactory.generatePublic( x509Spec ) failed with
P3 JDK-8255348 NPE in PKIXCertPathValidator event logging code
P3 JDK-8295894 Remove SECOM certificate that is expiring in September 2023
P3 JDK-8228403 failed with File name too long
P3 JDK-8224768 Test fails
P3 JDK-8155246 Throw error if default file is missing
P3 JDK-8302182 Update Public Suffix List to 88467c9
P4 JDK-8271838 interop test fails
P4 JDK-8317040 Exclude cleaner test failing on older releases
P4 JDK-8292297 Fix up loading of override properties file
P4 JDK-8277353 java/security/MessageDigest/ test times out
P4 JDK-8297955 LDAP CertStore should use LdapName and not String for DNs
P4 JDK-8239333 Mark test with intermittent key
P4 JDK-8292033 Move jdk.X509Certificate event logic to JCA layer
P4 JDK-8309088 security/infra/java/security/cert/CertPathValidator/certification/ fails
P4 JDK-8238157 security/infra/java/security/cert/CertPathValidator/certification/ test failures because of revocation date
P4 JDK-8247895 is calling setSeed(0)
P4 JDK-8308156 misses blank in error output


Priority Bug Summary
P3 JDK-8023980 JCE doesn't provide any class to handle RSA private key in PKCS#1
P3 JDK-8247968 test/jdk/javax/crypto/SecretKeyFactory/ has wrong header
P4 JDK-8260274 Cipher.init(int, key) does not use highest priority provider for random bytes


Priority Bug Summary
P3 JDK-8209398 sun/security/pkcs11/KeyStore/ failed with "PKCS11Exception: CKR_ATTRIBUTE_SENSITIVE"
P3 JDK-8226221 Update PKCS11 tests to use NSS 3.46 libs
P4 JDK-8231357 sun/security/pkcs11/Cipher/ fails on SLES11 using mozilla-nss-3.14


Priority Bug Summary
P3 JDK-8301700 Increase the default TLS Diffie-Hellman group size from 1024-bit to 2048-bit
P3 JDK-8240193 loadLibrary("osxsecurity") should not be removed
P3 JDK-8168261 Use server cipher suites preference by default


Priority Bug Summary
P3 JDK-8242330 Arrays should be cloned in several JAAS Callback classes
P3 JDK-8284910 Buffer clean in PasswordCallback


Priority Bug Summary
P3 JDK-8220410 sun/security/tools/jarsigner/warnings/ failed with missing expected output
P4 JDK-8228341 fails intermittently on Windows


Priority Bug Summary
P3 JDK-8303809 Dispose context in SPNEGO NegotiatorImpl


Priority Bug Summary
P3 JDK-8274205 Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC


Priority Bug Summary
P3 JDK-8217395 Update langtools shell tests to use ${EXE_SUFFIX}
P4 JDK-8300751 [17u] Remove duplicate entry in


Priority Bug Summary
P3 JDK-8293180 JQuery UI license file not updated
P4 JDK-8297437 javadoc cannot link to old docs (with old style anchors)
P4 JDK-8248001 javadoc generates invalid HTML pages whose ftp:// links are broken
P4 JDK-8302161 Upgrade jQuery UI to version 1.13.2


Priority Bug Summary
P3 JDK-8304498 JShell does not switch to raw mode when there is no /bin/test
P3 JDK-8297587 Upgrade JLine to 3.22.0


Priority Bug Summary
P4 JDK-8212045 Add back the tests that were removed from and
P4 JDK-8305950 Have -XshowSettings option display tzdata version


Priority Bug Summary
P4 JDK-8274606 Fix jaxp/javax/xml/jaxp/unittest/transform/ test
P4 JDK-8268457 XML Transformer outputs Unicode supplementary character incorrectly to HTML


Priority Bug Summary
P4 JDK-8289508 Improve test coverage for XPath Axes: ancestor, ancestor-or-self, preceding, and preceding-sibling
P4 JDK-8301269 Update Commons BCEL to Version 6.7.0