RELEASE NOTES: JDK 13.0.3

Notes generated: Mon Dec 02 23:56:14 CET 2024

JEPs

None.

RELEASE NOTES

security-libs/org.ietf.jgss:krb5

Issue Description
JDK-8005819

Support cross-realm MSSFU


The support for the Kerberos MSSFU extensions [1] is now extended to cross-realm environments.

By leveraging the Kerberos cross-realm referrals enhancement introduced in the context of JDK-8215032, the 'S4U2Self' and 'S4U2Proxy' extensions may be used to impersonate user and service principals located on different realms.

[1] - https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/3bff5864-8135-400e-bdd9-33b552051d94


security-libs/javax.xml.crypto

Issue Description
JDK-8231507

Apache Santuario Library Updated to Version 2.1.4


The Apache Santuario library has been upgraded to version 2.1.4. As a result, a new system property com.sun.org.apache.xml.internal.security.parser.pool-size has been introduced.

This new system property sets the pool size of the internal DocumentBuilder cache used when processing XML Signatures. The function is equivalent to the org.apache.xml.security.parser.pool-size system property used in Apache Santuario and has the same default value of 20.


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P2 JDK-8232154 Update Mesa 3-D Headers to version 19.2.1

client-libs/java.awt

Priority Bug Summary
P2 JDK-8230597 Update GIFlib library to the 5.2.1

client-libs/javax.swing

Priority Bug Summary
P2 JDK-8230235 Rendering HTML with empty img attribute and documentBaseKey cause Exception

core-libs/java.net

Priority Bug Summary
P2 JDK-8068184 Fix for JDK-8032832 caused a deadlock

core-libs/java.nio

Priority Bug Summary
P2 JDK-8232879 (zipfs) Writing out data with ZipFileSystem leads to a CRC failure in the generated jar file
P4 JDK-8234080 (zipfs) jdk/nio/zipfs/CRCWriteTest.java fails

core-libs/java.rmi

Priority Bug Summary
P2 JDK-8237368 Problem with NullPointerException in RMI TCPEndpoint.read

hotspot/compiler

Priority Bug Summary
P1 JDK-8230671 x86_32 build failures after JDK-8229496
P2 JDK-8230061 # assert(mode == ControlAroundStripMined && use == sfpt) failed: missed a node
P2 JDK-8231620 assert(bol->is_Bool()) crash during split if due to FastLockNode
P2 JDK-8230062 assert(i == p->size()-1) failed: must be last element of the pack
P2 JDK-8233032 assert(in_bb(n)) failed: must be
P2 JDK-8234350 assert(mode == ControlAroundStripMined && (use == sfpt || !use->is_reachable_from_root())) failed: missed a node
P2 JDK-8229450 C2 compilation fails with assert(found_sfpt) failed: no node in loop that's not input to safepoint
P2 JDK-8229016 C2 scalarization crashes with assert(node->Opcode() == Op_CastP2X) failed: ConvP2XNode required
P2 JDK-8231055 C2: arraycopy with same non escaping src and dest but different positions causes wrong execution
P2 JDK-8233529 loopTransform.cpp:2984: Error: assert(p_f->Opcode() == Op_IfFalse) failed
P2 JDK-8234610 MaxVectorSize set wrongly when UseAVX=3 is specified after JDK-8221092
P2 JDK-8229496 SIGFPE (division by zero) in C2 OSR compiled method
P2 JDK-8232539 SIGSEGV in C2 Node::unique_ctrl_out
P2 JDK-8231988 Unexpected test result caused by C2 IdealLoopTree::do_remove_empty_loop
P3 JDK-8233656 assert(d->is_CFG() && n->is_CFG()) failed: must have CFG nodes
P3 JDK-8221092 UseAVX=3 has performance degredation on Skylake (X7) processors
P4 JDK-8231665 8231055 broke escapeAnalysis/TestSelfArrayCopy.java
P4 JDK-8241489 restore missed in backports tests for 8229016, 8239787
P5 JDK-8232874 Add missing test for 8230062

hotspot/jfr

Priority Bug Summary
P2 JDK-8229437 assert(is_aligned(ref, HeapWordSize)) failed: invariant

hotspot/runtime

Priority Bug Summary
P2 JDK-8227528 TestAbortVMOnSafepointTimeout.java failed due to "RuntimeException: 'Safepoint sync time longer than' missing from stdout/stderr"
P3 JDK-8239787 AArch64: String.indexOf may incorrectly handle empty strings.

infrastructure

Priority Bug Summary
P4 JDK-8241051 Bump update version for OpenJDK: jdk-13.0.3

infrastructure/build

Priority Bug Summary
P2 JDK-8235687 Contents/MacOS/libjli.dylib cannot be a symlink
P3 JDK-8238225 Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary

security-libs/java.security

Priority Bug Summary
P2 JDK-8228969 2019-09-28 public suffix list update
P3 JDK-8228578 fix CFData object leak in macosx KeystoreImpl.m
P4 JDK-8230861 missing ReleaseStringUTFChars in Java_sun_security_pkcs11_wrapper_PKCS11_connect

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P3 JDK-8228835 Memory leak in PKCS11 provider when using AES GCM
P3 JDK-8232950 SUNPKCS11 Provider incorrectly check key length for PSS Signatures.
P4 JDK-8231222 fix pkcs11 P11_DEBUG guarded native traces

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8236039 JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
P4 JDK-8133489 Better messaging for PKIX path validation matching

security-libs/javax.security

Priority Bug Summary
P4 JDK-8229767 Typo in java.security: Sasl.createClient and Sasl.createServer

security-libs/javax.xml.crypto

Priority Bug Summary
P3 JDK-8231507 Update Apache Santuario (XML Signature) to version 2.1.4

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P4 JDK-8005819 Support cross-realm MSSFU