RELEASE NOTES FOR: 11.0.30 ==================================================================================================== Notes generated: Fri Nov 28 05:19:39 CET 2025 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: security-libs/javax.net.ssl: JDK-8341964: Mechanism to Disable TLS Cipher Suites by Pattern Matching TLS cipher suites can be disabled with the `jdk.tls.disabledAlgorithms` security property in the `java.security` configuration file using one or more `*` wildcard characters. For example, "TLS_RSA_*" disables all cipher suites that start with "TLS_RSA_". Only cipher suites starting with "TLS_" are allowed to have wildcard characters. hotspot/runtime: JDK-8313083: Print 'rss' and 'cache' As Part of the Container Information The HotSpot runtime code has been updated to additionally print a container's 'rss' and 'cache'. The additional output can be found in the JVM's response to a "jcmd [PID] VM.info" request and in the `hs_err` file generated in case of JVM abrupt termination. This will help monitoring and troubleshooting OutOfMemory situations as OOM killer can terminate a process if its `rss` + `cache` usage reaches the max memory limit of the container. ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: client-libs: (P4) JDK-8271456: Avoid looking up standard charsets in "java.desktop" module (P5) JDK-8274893: Update java.desktop classes to use try-with-resources client-libs/2d: (P3) JDK-8263622: The java.awt.color.ICC_Profile#setData invert the order of bytes for the "head" tag (P3) JDK-8355528: Update HarfBuzz to 11.2.0 (P4) JDK-8366359: Test should throw SkippedException when there is no lpstat client-libs/javax.imageio: (P3) JDK-8347911: Limit the length of inflated text chunks client-libs/javax.sound: (P3) JDK-8350813: Rendering of bulky sound bank from MIDI sequence can cause OutOfMemoryError core-libs/java.lang: (P4) JDK-8368192: Test java/lang/ProcessBuilder/Basic.java#id0 fails with Exception: Stack trace core-libs/java.net: (P4) JDK-8359402: Test CloseDescriptors.java should throw SkippedException when there is no lsof/sctp core-libs/java.util.concurrent: (P4) JDK-8351933: Inaccurate masking of TC subfield decrement in ForkJoinPool core-libs/java.util.jar: (P4) JDK-8299748: java/util/zip/Deinflate.java failing on s390x hotspot/compiler: (P3) JDK-8354941: Build failure with glibc 2.42 due to uabs() name collision hotspot/gc: (P4) JDK-8366125: [11u] Test compiler/loopopts/TestRangeCheckPredicatesControl.java fails OOM hotspot/runtime: (P3) JDK-8347129: cpuset cgroups controller is required for no good reason (P3) JDK-8313083: Print 'rss' and 'cache' as part of the container information (P4) JDK-8264524: jdk/internal/platform/docker/TestDockerMemoryMetrics.java fails due to swapping not working hotspot/test: (P4) JDK-8358004: Delete applications/scimark/Scimark.java test infrastructure/build: (P3) JDK-8357657: [11u][windows] cannot stat '/jdk.crypto.ec/*': No such file or directory (P4) JDK-8336451: [11u] GHA macos-13 and macos-15 builders are unable to resolve local hostname (P4) JDK-8224087: Compile C code for at least C99 Standard compliance (P4) JDK-8369226: GHA: Switch to MacOS 15 (P4) JDK-8341861: GHA: Use only retention mechanism to remove bundles infrastructure/release_eng: (P4) JDK-8366572: Bump update version of OpenJDK: 11.0.30 other-libs: (P4) JDK-8364597: Replace THL A29 Limited with Tencent security-libs/java.security: (P4) JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with /manual and /timeout security-libs/javax.net.ssl: (P3) JDK-8341964: Add mechanism to disable different parts of TLS cipher suite security-libs/jdk.security: (P3) JDK-8353299: VerifyJarEntryName.java test fails (P4) JDK-8339280: jarsigner -verify performs cross-checking between CEN and LOC (P4) JDK-8367782: VerifyJarEntryName.java: Fix modifyJarEntryName to operate on bytes and re-introduce verifySignatureEntryName