RELEASE NOTES FOR: 13.0.3
====================================================================================================

Notes generated: Tue Apr 02 17:28:53 CEST 2024

Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry.

JAVA ENHANCEMENT PROPOSALS (JEP):

  None.

RELEASE NOTES:

security-libs/org.ietf.jgss:krb5:

    JDK-8005819: Support cross-realm MSSFU

      The support for the Kerberos MSSFU extensions [1] is now extended to cross-realm environments.
      
      By leveraging the Kerberos cross-realm referrals enhancement introduced in the context of
      JDK-8215032, the 'S4U2Self' and 'S4U2Proxy' extensions may be used to impersonate user and
      service principals located on different realms.
      
      [1] -
      https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/3bff5864-8135-400e-bdd9-33b552051d94

security-libs/javax.xml.crypto:

    JDK-8231507: Apache Santuario Library Updated to Version 2.1.4

      The Apache Santuario library has been upgraded to version 2.1.4. As a result, a new system
      property `com.sun.org.apache.xml.internal.security.parser.pool-size` has been introduced.
      
      This new system property sets the pool size of the internal `DocumentBuilder` cache used when
      processing XML Signatures. The function is equivalent to the
      `org.apache.xml.security.parser.pool-size` system property used in Apache Santuario and has
      the same default value of 20.


ALL FIXED ISSUES, BY COMPONENT AND PRIORITY:

client-libs/2d:
  (P2) JDK-8232154: Update Mesa 3-D Headers to version 19.2.1

client-libs/java.awt:
  (P2) JDK-8230597: Update GIFlib library to the 5.2.1

client-libs/javax.swing:
  (P2) JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception

core-libs/java.net:
  (P2) JDK-8068184: Fix for JDK-8032832 caused a deadlock

core-libs/java.nio:
  (P2) JDK-8232879: (zipfs) Writing out data with ZipFileSystem leads to a CRC failure in the generated jar file
  (P4) JDK-8234080: (zipfs) jdk/nio/zipfs/CRCWriteTest.java fails

core-libs/java.rmi:
  (P2) JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read

hotspot:
  (P4) JDK-8241489: restore missed in backports tests for 8229016, 8239787

hotspot/compiler:
  (P1) JDK-8230671: x86_32 build failures after JDK-8229496
  (P2) JDK-8230061: #  assert(mode == ControlAroundStripMined && use == sfpt) failed: missed a node
  (P2) JDK-8231620: assert(bol->is_Bool()) crash during split if due to FastLockNode
  (P2) JDK-8230062: assert(i == p->size()-1) failed: must be last element of the pack
  (P2) JDK-8233032: assert(in_bb(n)) failed: must be
  (P2) JDK-8234350: assert(mode == ControlAroundStripMined && (use == sfpt || !use->is_reachable_from_root())) failed: missed a node
  (P2) JDK-8229450: C2 compilation fails with assert(found_sfpt) failed: no node in loop that's not input to safepoint
  (P2) JDK-8229016: C2 scalarization crashes with assert(node->Opcode() == Op_CastP2X) failed: ConvP2XNode required
  (P2) JDK-8231055: C2: arraycopy with same non escaping src and dest but different positions causes wrong execution
  (P2) JDK-8233529: loopTransform.cpp:2984:  Error: assert(p_f->Opcode() == Op_IfFalse) failed
  (P2) JDK-8234610: MaxVectorSize set wrongly when UseAVX=3 is specified after JDK-8221092
  (P2) JDK-8229496: SIGFPE (division by zero) in C2 OSR compiled method
  (P2) JDK-8232539: SIGSEGV in C2 Node::unique_ctrl_out
  (P2) JDK-8231988: Unexpected test result caused by C2 IdealLoopTree::do_remove_empty_loop
  (P3) JDK-8233656:  assert(d->is_CFG() && n->is_CFG()) failed: must have CFG nodes
  (P3) JDK-8221092: UseAVX=3 has performance degredation on Skylake (X7) processors
  (P4) JDK-8231665: 8231055 broke escapeAnalysis/TestSelfArrayCopy.java
  (P5) JDK-8232874: Add missing test for 8230062

hotspot/jfr:
  (P2) JDK-8229437: assert(is_aligned(ref, HeapWordSize)) failed: invariant

hotspot/runtime:
  (P2) JDK-8227528: TestAbortVMOnSafepointTimeout.java failed due to "RuntimeException: 'Safepoint sync time longer than' missing from stdout/stderr"
  (P3) JDK-8239787: AArch64: String.indexOf may incorrectly handle empty strings.

infrastructure:
  (P4) JDK-8241051: Bump update version for OpenJDK: jdk-13.0.3

infrastructure/build:
  (P2) JDK-8235687: Contents/MacOS/libjli.dylib cannot be a symlink
  (P3) JDK-8238225: Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary

security-libs/java.security:
  (P2) JDK-8228969: 2019-09-28 public suffix list update
  (P3) JDK-8228578: fix CFData object leak in macosx KeystoreImpl.m
  (P4) JDK-8230861: missing ReleaseStringUTFChars in Java_sun_security_pkcs11_wrapper_PKCS11_connect

security-libs/javax.crypto:pkcs11:
  (P3) JDK-8228835: Memory leak in PKCS11 provider when using AES GCM
  (P3) JDK-8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.
  (P4) JDK-8231222: fix pkcs11 P11_DEBUG guarded native traces

security-libs/javax.net.ssl:
  (P2) JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
  (P4) JDK-8133489: Better messaging for PKIX path validation matching

security-libs/javax.security:
  (P4) JDK-8229767: Typo in java.security: Sasl.createClient and Sasl.createServer

security-libs/javax.xml.crypto:
  (P3) JDK-8231507: Update Apache Santuario (XML Signature) to version 2.1.4

security-libs/org.ietf.jgss:krb5:
  (P4) JDK-8005819: Support cross-realm MSSFU