RELEASE NOTES: JDK 13.0.7

Notes generated: Tue Apr 02 18:50:49 CEST 2024

JEPs

None.

RELEASE NOTES

security-libs/java.security

Issue Description

Issue	Description
JDK-8243320	Added 3 SSL Corporation Root CA Certificates The following root certificates have been added to the cacerts truststore: ``` + SSL Corporation + sslrootrsaca DN: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US sslrootevrsaca DN: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US sslrooteccca DN: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US ```
JDK-8243559	Removed Root Certificates with 1024-bit Keys The following root certificates with weak 1024-bit RSA public keys have been removed from the `cacerts` keystore: ``` + alias name "thawtepremiumserverca [jdk]" Distinguished Name: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA alias name "verisignclass2g2ca [jdk]" Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US alias name "verisignclass3ca [jdk]" Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US alias name "verisignclass3g2ca [jdk]" Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US alias name "verisigntsaca [jdk]" Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA ```
JDK-8243321	Added Entrust Root Certification Authority - G4 certificate The following root certificate has been added to the cacerts truststore: ` + Entrust + entrustrootcag4 DN: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US`

Added 3 SSL Corporation Root CA Certificates

The following root certificates have been added to the cacerts truststore: ``` + SSL Corporation + sslrootrsaca DN: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US

sslrootevrsaca DN: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US
sslrooteccca DN: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US ```

JDK-8243559

Removed Root Certificates with 1024-bit Keys

The following root certificates with weak 1024-bit RSA public keys have been removed from the cacerts keystore: ``` + alias name "thawtepremiumserverca [jdk]" Distinguished Name: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

alias name "verisignclass2g2ca [jdk]" Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
alias name "verisignclass3ca [jdk]" Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
alias name "verisignclass3g2ca [jdk]" Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
alias name "verisigntsaca [jdk]" Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA

```

JDK-8243321

Added Entrust Root Certification Authority - G4 certificate

The following root certificate has been added to the cacerts truststore: ` + Entrust + entrustrootcag4 DN: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US`

FIXED ISSUES

client-libs/java.awt

Priority	Bug	Summary
P3	JDK-7185258	[macOS] Deadlock in SunToolKit.realSync()
P3	JDK-8221823	Requested JDialog width is ignored
P3	JDK-8243925	Toolkit#getScreenInsets() returns wrong value on HiDPI screens (Windows)
P4	JDK-8257414	Drag n Drop target area is wrong on high DPI systems

client-libs/javax.swing

Priority	Bug	Summary
P2	JDK-8249251	[dark_mode ubuntu 20.04] The selected menu is not highlighted in GTKLookAndFeel

core-libs/java.lang

Priority	Bug	Summary
P4	JDK-8253409	Double-rounding possibility in float fma

core-libs/java.nio

Priority	Bug	Summary
P4	JDK-8246707	(sc) SocketChannel.read/write throws AsynchronousCloseException on closed channel

core-libs/java.time

Priority	Bug	Summary
P3	JDK-8260356	(tz) Upgrade Timezone Data to tzdata2021a
P4	JDK-8259048	(tz) Upgrade Timezone Data to tzdata2020f

core-libs/java.util:i18n

Priority	Bug	Summary
P3	JDK-8242283	Can't start JVM when java home path includes non-ASCII character

core-libs/javax.naming

Priority	Bug	Summary
P4	JDK-8259707	LDAP channel binding does not work with StartTLS extension

core-libs/jdk.nashorn

Priority	Bug	Summary
P3	JDK-8198540	Dynalink leaks memory when generating type converters
P3	JDK-8261483	jdk/dynalink/TypeConverterFactoryMemoryLeakTest.java failed with "AssertionError: Should have GCd a method handle by now"

core-svc/tools

Priority	Bug	Summary
P3	JDK-8238710	LingeredApp doesn't log stdout/stderr if exits with non-zero code
P4	JDK-8240711	TestJstatdPort.java failed due to "ExportException: Port already in use:"

hotspot

Priority	Bug	Summary
P1	JDK-8263996	Fix build on 13u after JDK-8234779 backport

hotspot/compiler

Priority	Bug	Summary
P2	JDK-8261022	Fix incorrect result of Math.abs() with char type
P2	JDK-8246027	Minimal fastdebug build broken after JDK-8245801
P3	JDK-8262726	AArch64: C1 StubAssembler::call_RT can corrupt stack
P3	JDK-8263425	AArch64: two potential bugs in C1 LIRGenerator::generate_address()
P3	JDK-8259619	C1: 3-arg StubAssembler::call_RT stack-use condition is incorrect
P3	JDK-8237950	C2 compilation fails with "Live Node limit exceeded limit" during ConvI2L::Ideal optimization
P4	JDK-8241458	[JVMCI] add mark value to expose CodeOffsets::Frame_Complete
P4	JDK-8255625	AArch64: Implement Base64.encodeBlock accelerator/intrinsic
P4	JDK-8234541	C1 emits an empty message when it inlines successfully
P4	JDK-8245801	StressRecompilation triggers assert "redundunt OSR recompilation detected. memory leak in CodeCache!"
P4	JDK-8241319	WB_GetCodeBlob doesn't have ResourceMark
P5	JDK-8260308	Update LogCompilation junit to 4.13.1

hotspot/gc

Priority	Bug	Summary
P2	JDK-8234662	Sweeper should keep current nmethod alive before yielding for ICStub refills
P3	JDK-8241478	vmTestbase/gc/gctests/Steal/steal001/steal001.java fails with OOME

hotspot/jfr

Priority	Bug	Summary
P2	JDK-8232905	JFR fails with assertion: assert(t->unflushed_size() == 0) failed: invariant
P2	JDK-8245283	JFR: Can't handle constant dynamic used by Jacoco agent
P3	JDK-8239497	SEGV in EdgeUtils::field_name_symbol(Edge const&)

hotspot/jvmti

Priority	Bug	Summary
P2	JDK-8235829	graal crashes with Zombie.java test
P3	JDK-8216324	GetClassMethods is confused by the presence of default methods in super interfaces

hotspot/runtime

Priority	Bug	Summary
P3	JDK-8257746	Regression introduced with JDK-8250984 - memory might be null in some machines
P3	JDK-8234058	runtime/CompressedOops/CompressedClassPointers.java fails with 'Narrow klass base: 0x0000000000000000' missing from stdout/stderr
P3	JDK-8227275	Within native OOM error handling, assertions may hang the process
P4	JDK-8250911	[windows] os::pd_map_memory error detection broken
P4	JDK-8240295	hs_err elapsed time in seconds is not accurate enough
P4	JDK-8234779	Provide idiom for declaring classes noncopyable
P4	JDK-8253476	TestUseContainerSupport.java fails on some Linux kernels w/o swap limit capabilities

hotspot/svc-agent

Priority	Bug	Summary
P3	JDK-8196969	JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE

infrastructure/build

Priority	Bug	Summary
P3	JDK-8233880	Support compilers with multi-digit major version numbers
P4	JDK-8259949	x86 32-bit build fails when -fcf-protection is passed in the compiler flags

security-libs/java.security

Priority	Bug	Summary
P3	JDK-8243321	Add Entrust root CA - G4 to Oracle Root CA program
P3	JDK-8243320	Add SSL root certificates to Oracle Root CA program
P3	JDK-8243559	Remove root certificates with 1024-bit keys
P4	JDK-8249176	jdk jtreg test security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java fails

security-libs/javax.net.ssl

Priority	Bug	Summary
P3	JDK-8237977	Further update javax/net/ssl/compatibility/Compatibility.java

tools/javap

Priority	Bug	Summary
P4	JDK-8244573	java.lang.ArrayIndexOutOfBoundsException thrown for malformed class file

tools/jshell

Priority	Bug	Summary
P3	JDK-8241598	Upgrade JLine to 3.14.0
P3	JDK-8242030	Wrong package declarations in jline classes after JDK-8241598
P4	JDK-8229815	Upgrade Jline to 3.12.1