RELEASE NOTES: JDK 11.0.3

Notes generated: Mon Dec 02 13:51:23 CET 2024

JEPs

None.

RELEASE NOTES

core-libs/java.util:i18n

Issue Description
JDK-8205432

New Japanese Era Name: Reiwa


An instance representing the new Reiwa era has been added to this update. Unlike other eras, there is no public field for this era. It can be obtained by calling JapaneseEra.of(3) or JapaneseEra.valueOf("Reiwa"). JDK 13 and later will have a new public field to represent this era.

The placeholder name, "NewEra", for the Japanese era that started from May 1st, 2019 has been replaced with the new official name. Applications that relied on the placeholder name (see JDK-8202088) to obtain the new era singleton (JapaneseEra.valueOf("NewEra")) will no longer work.


JDK-8211398

Square Character Support for Japanese New Era


The code point, U+32FF, is reserved by the Unicode Consortium to represent the Japanese square character for the new era that begins from May, 2019. Relevant methods in the Character class return the same properties as the existing Japanese era characters (e.g., U+337E for "Meizi"). For details about the code point, see http://blog.unicode.org/2018/09/new-japanese-era.html.


security-libs/javax.net.ssl

Issue Description
JDK-8207258

Distrust TLS Server Certificates Anchored by Symantec Root CAs


The JDK will stop trusting TLS Server certificates issued by Symantec, in line with similar plans recently announced by Google, Mozilla, Apple, and Microsoft. The list of affected certificates includes certificates branded as GeoTrust, Thawte, and VeriSign, which were managed by Symantec.

TLS Server certificates issued on or before April 16, 2019 will continue to be trusted until they expire. Certificates issued after that date will be rejected. See the DigiCert support page for information on how to replace your Symantec certificates with a DigiCert certificate (DigiCert took over validation and issuance for all Symantec Website Security SSL/TLS certificates on December 1, 2017).

An exception to this policy is that TLS Server certificates issued through two subordinate Certificate Authorities managed by Apple, and identified below, will continue to be trusted as long as they are issued on or before December 31, 2019.

The restrictions are enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the table below.

An application will receive an Exception with a message indicating the trust anchor is not trusted, ex:

"TLS Server certificate issued after 2019-04-16 and anchored by a distrusted legacy Symantec root CA: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US"

If necessary, and at your own risk, you can work around the restrictions by removing "SYMANTEC_TLS" from the jdk.security.caDistrustPolicies security property in the java.security configuration file.

The restrictions are imposed on the following Symantec Root certificates included in the JDK:

Root Certificates distrusted after 2019-04-16
Distinguished Name SHA-256 Fingerprint
CN=GeoTrust Global CA, O=GeoTrust Inc., C=US

FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5:DB:36:A7:3A

CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US

37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8:DE:B4:D0:6C

CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

5E:DB:7A:C4:3B:82:A0:6A:87:61:E8:D7:BE:49:79:EB:F2:61:1F:7D:D7:9B:F9:1C:1C:6B:56:6A:21:9E:D7:66

CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

B4:78:B8:12:25:0D:F8:78:63:5C:2A:A7:EC:7D:15:5E:AA:62:5E:E8:29:16:E2:CD:29:43:61:88:6C:D1:FB:D4

CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US

A0:45:9B:9F:63:B2:25:59:F5:FA:5D:4C:6D:B3:F9:F7:2F:F1:93:42:03:35:78:F0:73:BF:1D:1B:46:CB:B9:12

CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

8D:72:2F:81:A9:C1:13:C0:79:1D:F1:36:A2:96:6D:B2:6C:95:0A:97:1D:B4:6B:41:99:F4:EA:54:B7:8B:FB:9F

CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US

A4:31:0D:50:AF:18:A6:44:71:90:37:2A:86:AF:AF:8B:95:1F:FB:43:1D:83:7F:1E:56:88:B4:59:71:ED:15:57

CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

4B:03:F4:58:07:AD:70:F2:1B:FC:2C:AE:71:C9:FD:E4:60:4C:06:4C:F5:FF:B6:86:BA:E5:DB:AA:D7:FD:D3:4C

EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

3F:9F:27:D5:83:20:4B:9E:09:C8:A3:D2:06:6C:4B:57:D3:A2:47:9C:36:93:65:08:80:50:56:98:10:5D:BC:E9

OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

3A:43:E2:20:FE:7F:3E:A9:65:3D:1E:21:74:2E:AC:2B:75:C2:0F:D8:98:03:05:BC:50:2C:AF:8C:2D:9B:41:A1

OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

A4:B6:B3:99:6F:C2:F3:06:B3:FD:86:81:BD:63:41:3D:8C:50:09:CC:4F:A3:29:C2:CC:F0:E2:FA:1B:14:03:05

OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

83:CE:3C:12:29:68:8A:59:3D:48:5F:81:97:3C:0F:91:95:43:1E:DA:37:CC:5E:36:43:0E:79:C7:A8:88:63:8B

CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

EB:04:CF:5E:B1:F3:9A:FA:76:2F:2B:B1:20:F2:96:CB:A5:20:C1:B9:7D:B1:58:95:65:B8:1C:B9:A1:7B:72:44

CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

69:DD:D7:EA:90:BB:57:C9:3E:13:5D:C8:5E:A6:FC:D5:48:0B:60:32:39:BD:C4:54:FC:75:8B:2A:26:CF:7F:79

CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

9A:CF:AB:7E:43:C8:D8:80:D0:6B:26:2A:94:DE:EE:E4:B4:65:99:89:C3:D0:CA:F1:9B:AF:64:05:E4:1A:B7:DF

CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

23:99:56:11:27:A5:71:25:DE:8C:EF:EA:61:0D:DF:2F:A0:78:B5:C8:06:7F:4E:82:82:90:BF:B8:60:E8:4B:3C

Subordinate Certificates distrusted after 2019-12-31
Distinguished Name SHA-256 Fingerprint
CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US

AC:2B:92:2E:CF:D5:E0:17:11:77:2F:EA:8E:D3:72:DE:9D:1E:22:45:FC:E3:F5:7A:9C:DB:EC:77:29:6A:42:4B

CN=Apple IST CA 8 - G1, OU=Certification Authority, O=Apple Inc., C=US

A4:FE:7C:7F:15:15:5F:3F:0A:EF:7A:AA:83:CF:6E:06:DE:B9:7C:A3:F9:09:DF:92:0A:C1:49:08:82:D4:88:ED

If you have a TLS Server certificate issued by one of the CAs above, you should have received a message from DigiCert with information about replacing that certificate, free of charge.

You can also use the keytool utility from the JDK to print out details of the certificate chain, as follows:

keytool -v -list -alias <your_server_alias> -keystore <your_keystore_filename>

If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server if not yours.


hotspot/runtime

Issue Description
JDK-8211845

Command-Line Flag -XX:+ExtensiveErrorReports


The command-line flag -XX:+ExtensiveErrorReports has been added to allow more extensive reporting of information related to a crash as reported in the hs_err<pid>.log file. Disabled by default in product builds, the flag can be turned on in environments where maximal information is desired - even if the resulting logs may be quite large and/or contain information that might be considered sensitive.


JDK-8211106

HotSpot Windows OS Detection Correctly Identifies Windows Server 2019


Prior to this fix, Windows Server 2019 was recognized as "Windows Server 2016", which produced incorrect values in the os.name system property and the hs_err_pid file.


hotspot/gc

Issue Description
JDK-8217014

Epsilon GC Caused Excess Metaspace Resizing Safepoints


In this release, Epsilon has been changed to accept GC requests and resize the metaspace to reduce the number of safepoints that are taken.

Before this release, the Epsilon GC was intended to provide minimal runtime overhead by not doing GC and by ignoring all incoming GC requests. However, when a metadata-heavy workload (for example, a workload having lots of classes) needed to resize the metaspace, it relied on the GC to resize the metadata at a GC safepoint. Shared GC code would enter the safepoint to call into GC for it. However, because Epsilon ignored the GC request, the safepoint would be generated, but it would not resize the metaspace. This would cause another safepoint to be generated soon afterwards without ever resizing the metaspace.


JDK-8215724

Epsilon GC handled checked array stores incorrectly


Epsilon GC may have violated the specification requirements by accepting the type-incompatible store into the array, instead of throwing the ArrayStoreException. This is now handled correctly, both in this release, and associated backports. Users are advised to upgrade as soon as possible.


core-libs/java.time

Issue Description
JDK-8212941

Support New Japanese Era in java.time.chrono.JapaneseEra


The JapaneseEra class and its of(int), valueOf(String), and values() methods are clarified to accommodate future Japanese era additions, such as how the singleton instances are defined, what the associated integer era values are, etc.


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P2 JDK-8216965 crash in freetypeScaler.c CopyBW2Grey8
P3 JDK-8201818 [macosx] Printing attributes break page size set via "java.awt.print.Book" object

client-libs/java.awt

Priority Bug Summary
P2 JDK-8213583 Error while opening the JFileChooser when desktop contains shortcuts pointing to deleted files
P3 JDK-8213983 [macosx] Keyboard shortcut “cmd +`” stops working properly if popup window is displayed
P3 JDK-8207070 Webstart app popup on wrong screen in a one-screen setup changing to multi-monitor
P4 JDK-8211218 remove double semicolon in src/java.desktop/macosx/classes/sun/font/CFont.java
P4 JDK-8211267 StackOverflowError happened by TextField.setFont(...)

client-libs/java.awt:i18n

Priority Bug Summary
P4 JDK-8213183 InputMethod cannot be used after its restarting

client-libs/javax.swing

Priority Bug Summary
P2 JDK-8187364 Unable to enter zero width non-joiner (ZWNJ) symbol in Swing text component

core-libs

Priority Bug Summary
P2 JDK-8213151 [AIX] Some class library files are missing the Classpath exception
P3 JDK-8214063 [AIX] Disable symbol visibility flags

core-libs/java.io

Priority Bug Summary
P4 JDK-8211163 UNIX version of Java_java_io_Console_echo does not return a clean boolean

core-libs/java.lang

Priority Bug Summary
P3 JDK-8216546 Support new Japanese era in java.lang.Character for Java SE 11
P4 JDK-8218915 Change isJavaIdentifierStart and isJavaIdentifierPart to handle new code points

core-libs/java.nio

Priority Bug Summary
P3 JDK-8197398 (zipfs) Files.walkFileTree walk indefinitelly while processing JAR file with "/" as a directory inside.
P3 JDK-8210394 (zipfs) jdk/nio/zipfs/ZFSTests.java rootdir.zip: The process cannot access the file because it is being used by another process
P4 JDK-8217427 (dc) nio/channels/DatagramChannel/UseDGWithIPv6.java fails without IPv6
P4 JDK-8034802 (zipfs) newFileSystem throws UOE when the zip file is located in a custom file system

core-libs/java.nio.charsets

Priority Bug Summary
P3 JDK-8211382 ISO2022JP and GB18030 NIO converter issues

core-libs/java.sql

Priority Bug Summary
P3 JDK-8211295 DriverManager::getConnection fails to find driver if it's called from JDBC RowSet

core-libs/java.time

Priority Bug Summary
P2 JDK-8212941 Support new Japanese era in java.time.chrono.JapaneseEra
P4 JDK-8210633 Cannot parse JapaneseDate string with DateTimeFormatterBuilder Mapped-values

core-libs/java.util

Priority Bug Summary
P3 JDK-8172695 (scanner) java/util/Scanner/ScanTest.java fails

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8206120 Add test cases for lenient Japanese era parsing
P3 JDK-8219890 Calendar.getDisplayName() returns empty string for new Japanese Era on some locales
P3 JDK-8217609 New era placeholder not recognized by java.text.SimpleDateFormat
P3 JDK-8205432 Replace the placeholder Japanese era name
P3 JDK-8211398 Square character support for the Japanese new era
P4 JDK-8208656 Move java/util/Calendar/CalendarTestScripts tests into OpenJDK

core-svc/debugger

Priority Bug Summary
P3 JDK-8214122 JDWP is broken on 32 bit Windows: transport library missing onLoad entry
P4 JDK-8214061 Buffer written into itself
P4 JDK-8214892 Delayed starting of debugging via jcmd

hotspot/compiler

Priority Bug Summary
P1 JDK-8214206 Fix for JDK-8213419 is broken on 32-bit
P2 JDK-8215317 [GRAAL] unit test CheckGraalIntrinsics failed after 8213754
P2 JDK-8215100 AArch64: fix compareTo intrinsic with four-character Latin/Unicode
P2 JDK-8215202 AArch64: jtreg test test/jdk/sun/nio/cs/FindEncoderBugs.java fails
P2 JDK-8209511 C2 asserts with UseSSE < 4 and AVX enabled: "Label was never bound to a location, but it was used as a jmp target'
P2 JDK-8208275 C2 crash in Node::add_req(Node*)
P2 JDK-8211100 HotSpot C1 issue with comparing long numbers on x86 32-bit
P2 JDK-8215888 Register to register spill may use AVX 512 move instruction on unsupported platform.
P2 JDK-8211451 ~2.5% regression on compression benchmark starting with 12-b11
P3 JDK-8216350 AArch64: monitor unlock fast path not called
P3 JDK-8211320 AArch64: unsafe.compareAndSetByte() and unsafe.compareAndSetShort() c2 intrinsics broken with negative expected value
P3 JDK-8209544 AES encrypt performance regression in jdk11b11
P3 JDK-8213419 C2 may hang in MulLNode::Ideal()/MulINode::Ideal() with gcc 8.2.1
P3 JDK-8214189 test/hotspot/jtreg/compiler/intrinsics/mathexact/MulExactLConstantTest.java fails on Windows x64 when run with -XX:-TieredCompilation
P4 JDK-8217459 [PPC64] Cleanup non-vector version of CRC32
P4 JDK-8216060 [PPC64] Vector CRC implementation should be used by interpreter and be faster for short arrays
P4 JDK-8214352 C1: Unnecessary "compilation bailout: block join failed" with JVMTI
P4 JDK-8213086 Compiler thread creation should be bounded by available space in memory and Code Cache
P4 JDK-8219651 compiler/ciReplay/TestServerVM.java is failing on windows
P4 JDK-8212070 Introduce diagnostic flag to abort VM on failed JIT compilation
P4 JDK-8214451 PPC64/s390: Clean up unused CRC32 prototype and function
P4 JDK-8214205 PPC64: Add instructions for counting trailing zeros
P4 JDK-8213754 PPC64: Add Intrinsics for isDigit/isLowerCase/isUpperCase/isWhitespace
P4 JDK-8214059 Undefined behaviour in ADLC

hotspot/gc

Priority Bug Summary
P1 JDK-8215724 Epsilon: ArrayStoreExceptionTest.java fails; missing arraycopy check
P2 JDK-8214118 HeapRegions marked as archive even if CDS mapping fails
P3 JDK-8209357 [PPC64] Fix build which was broken by 8208672 (Enable -Wreorder)
P3 JDK-8209433 [s390] Fix build which was broken by 8208672 (Enable -Wreorder)
P4 JDK-8209758 2 classes with same name G1PrintCollectionSetClosure cause crash when logging is enabled
P4 JDK-8217342 Build failed with excluding JFR
P4 JDK-8211926 Catastrophic size_t underflow in BitMap::*_large methods
P4 JDK-8217014 Epsilon should not ignore Metadata GC causes
P4 JDK-8210192 Hsperf counter ParNew::CMS should be ParNew:CMS
P4 JDK-8217432 MetaspaceGC::_capacity_until_GC exceeds MaxMetaspaceSize
P4 JDK-8213829 Remove circular dependency between g1CollectedHeap and g1ConcurrentMark
P4 JDK-8218192 Remove copy constructor for MemRegion
P4 JDK-8220294 ZGC fails to build on GCC 4.4.7: Type parameter issue
P4 JDK-8214476 ZGC: Build ZGC by default

hotspot/jfr

Priority Bug Summary
P2 JDK-8213421 Line number information for execution samples always 0
P3 JDK-8209960 -Xlog:jfr* doesn't work with the JFR parser
P3 JDK-8207829 FlightRecorderMXBeanImpl is leaking the first classloader which calls it
P3 JDK-8215175 Inconsistencies in JFR event metadata
P3 JDK-8215727 Restore JFR thread sampler loop to old / previous behavior
P3 JDK-8165675 Trace event for thread park has incorrect unit for timeout
P3 JDK-8212232 Wrong metadata for the configuration of the cutoff for old object sample events
P4 JDK-8216486 Possibility of integer overflow in JfrThreadSampler::run()
P4 JDK-8216578 Remove unused/obsolete method in JFR code
P4 JDK-8213966 The ZGC JFR events should be marked as experimental

hotspot/jvmti

Priority Bug Summary
P2 JDK-8215951 AArch64: jtreg test vmTestbase/nsk/jvmti/PopFrame/popframe005 segfaults
P4 JDK-8213834 JVMTI ResourceExhausted should not be posted in CompilerThread

hotspot/runtime

Priority Bug Summary
P2 JDK-8211064 [AArch64] Interpreter and c1 don't correctly handle jboolean results in native calls
P2 JDK-8215397 jsig.c missing classpath exception
P2 JDK-8207924 serviceability/sa/TestUniverse.java#id0 intermittently fails with assert(get_instanceKlass()->is_loaded()) failed: must be at least loaded
P3 JDK-8211844 [aix] ProcessBuilder: Piping between created processes does not work.
P3 JDK-8216559 [JFR] Native libraries not correctly parsed from /proc/self/maps
P3 JDK-8216376 [PPC64] Possibly unreliable stack frame resizing in template interpreter
P3 JDK-8211106 [windows] Update OS detection code to recognize Windows Server 2019
P3 JDK-8206107 [x86_32] jck tests for ldc2_w bytecode fail
P3 JDK-8211326 add OS user related information to hs_err file
P3 JDK-8214827 Incorrect call ClassLoaders.toFileURL("jrt:/java.compiler")
P3 JDK-8210043 Invalid assert(HeapBaseMinAddress > 0) in ReservedHeapSpace::initialize_compressed_heap
P3 JDK-8215947 JVM crash with -XX:+DumpSharedSpaces
P3 JDK-8214162 Need to add new flag ExtensiveErrorReports to the command-line flags section in the java command reference
P3 JDK-8200109 NMT: diff_malloc_site assert(early->flags() == current->flags(), "Must be the same memory type")
P3 JDK-8211821 PrintStringTableStatistics crashes JVM
P3 JDK-8216049 stringTable::intern creates redundant String when looking up existing one
P3 JDK-8215962 Support ThreadPriorityPolicy mode 1 for non-root users on linux/bsd
P3 JDK-8205633 TestOptionsWithRanges.java of '-XX:TLABSize=2147483648' fails intermittently
P3 JDK-8212173 Thread._stack_base/_stack_size initialized too late for new threads
P4 JDK-8218156 "jcmd VM.metaspace basic" misreports free chunk space
P4 JDK-8211845 A new switch to control verbosity of hs-err files
P4 JDK-8216982 Assertion poison page established too early
P4 JDK-8206075 On x86, assert on unbound assembler Labels used as branch targets
P4 JDK-8217994 os::print_hex_dump should be more resilient against unreadable memory
P4 JDK-8212937 Parent class loader may not have a referred ClassLoaderData instance when obtained in Klass::class_in_module_of_loader
P4 JDK-8212481 PPC64: Enable POWER9 CPU detection
P4 JDK-8217315 Proper units should print more significant digits
P4 JDK-8213992 Rename and make DieOnSafepointTimeout the diagnostic option
P4 JDK-8216302 StackTraceElement::fill_in can use cached Class.name
P4 JDK-8216308 StackTraceElement::fill_in can use injected Class source-file
P4 JDK-8208480 Test failure: assert(is_bound() || is_unused()) after JDK-8206075 in C1
P4 JDK-8213410 UseCompressedOops requirement check fails fails on 32-bit system
P4 JDK-8217378 UseCriticalCMSThreadPriority is broken
P4 JDK-8217628 Verbose ArrayIndexOutOfBoundsException message also in JNI calls.
P4 JDK-8220283 ZGC fails to build on GCC 4.4.7: ATTRIBUTE_ALIGNED compatibility issue

hotspot/svc

Priority Bug Summary
P5 JDK-8021335 Missing synchronization when reading counters for live threads and peak thread count

hotspot/test

Priority Bug Summary
P3 JDK-8208647 switch jtreg to 4.2b13
P4 JDK-8217520 Remove vm.opt.MaxGCPauseMillis == "null" from TestOldGenCollectionUsage.java

infrastructure/build

Priority Bug Summary
P2 JDK-8219251 Langtools tests default memory size needs to be 768m
P3 JDK-8219260 Default number of test jobs needs to be consistently calculated
P4 JDK-8211268 Disable unsupported GCs for Zero

infrastructure/licensing

Priority Bug Summary
P2 JDK-8213154 Update copyright headers of files in src tree that are missing Classpath exception

other-libs/other

Priority Bug Summary
P4 JDK-8215128 Test library OSInfo.getSolarisVersion cannot determine Solaris version

security-libs/java.security

Priority Bug Summary
P2 JDK-8214513 A PKCS12 keystore from Java 8 using custom PBE parameters cannot be read in Java 11
P2 JDK-8216280 Allow later Symantec Policy distrust date for two Apple SubCAs
P3 JDK-8211049 Second parameter of "initialize" method is not used
P3 JDK-8214100 use of keystore probing results in unnecessary exception thrown
P4 JDK-8213952 Relax DNSName restriction as per RFC 1123

security-libs/javax.crypto

Priority Bug Summary
P1 JDK-8210912 Build error in src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_convert.c after JDK-8029661

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8214129 SSL session resumption/SNI with TLS1.2 causes StackOverflowError
P2 JDK-8217579 TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled after 8211883
P3 JDK-8207258 Distrust TLS server certificates anchored by Symantec Root CAs
P3 JDK-8210974 No extensions debug log for ClientHello
P3 JDK-8213782 NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers
P3 JDK-8213202 Possible race condition in TLS 1.3 session resumption
P3 JDK-8210989 RSASSA-PSS certificate cannot be selected for client auth on TLSv1.2
P3 JDK-8214339 SSLSocketImpl erroneously wraps SocketException
P3 JDK-8029661 Support TLS v1.2 algorithm in SunPKCS11 provider
P3 JDK-8212885 TLS 1.3 resumed session does not retain peer certificate chain
P3 JDK-8214688 TLS 1.3 session resumption with hello retry request failed with "illegal_parameter"
P4 JDK-8211787 javax/net/ssl/TLSCommon/TLSTest.java throws java.net.SocketTimeoutException: Read timed out

security-libs/jdk.security

Priority Bug Summary
P4 JDK-8217657 Move the test for default value of jdk.includeInExceptions into own test

tools/jar

Priority Bug Summary
P3 JDK-8207395 jar should support UNC-path arguments for the jar -C parameter

tools/javadoc(tool)

Priority Bug Summary
P3 JDK-8212233 javadoc fails on jdk12 with "The code being documented uses modules but the packages defined in $URL are in the unnamed module."

xml/javax.xml.stream

Priority Bug Summary
P3 JDK-8209615 ParseError in XMLEventReader on a valid input
P4 JDK-8210874 Test for JDK-8209615

xml/javax.xml.transform

Priority Bug Summary
P4 JDK-8221769 Revert JDK-8221767 mistakenly pushed to jdk11u 11.0.3

xml/jaxp

Priority Bug Summary
P3 JDK-8215330 javax.xml.catalog.CatalogResolverImpl: GroupEntry.matchURI fails to match