Notes generated: Tue Dec 03 01:03:32 CET 2024
None.
Issue | Description |
---|---|
JDK-8254631 |
Improve Encoding of TLS Application-Layer Protocol Negotiation (ALPN) Values Certain TLS ALPN values couldn't be properly read or written by the SunJSSE provider. This is due to the choice of Strings as the API interface and the undocumented internal use of the UTF-8 Character Set which converts characters larger than U+00007F (7-bit ASCII) into multi-byte arrays that may not be expected by a peer. ALPN values are now represented using the network byte representation expected by the peer, which should require no modification for standard 7-bit ASCII-based character Strings. However, SunJSSE now encodes/decodes String characters as 8-bit ISO88591/LATIN-1 characters. This means applications that used characters above U+000007F that were previously encoded using UTF-8 may need to either be modified to perform the UTF-8 conversion, or set the Java security property |
Improve Encoding of TLS Application-Layer Protocol Negotiation (ALPN) Values Certain TLS ALPN values couldn't be properly read or written by the SunJSSE provider. This is due to the choice of Strings as the API interface and the undocumented internal use of the UTF-8 character set which converts characters larger than U+00007F (7-bit ASCII) into multi-byte arrays that may not be expected by a peer. SunJSSE now encodes/decodes String characters as 8-bit ISO88591/LATIN-1 characters. This means applications that used characters above U+000007F that were previously encoded using UTF-8 may need to either be modified to perform the UTF-8 conversion, or set the Java security property See the updated guide at https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/alpn.html for more information. |
|
JDK-8206925 |
Support for certificate_authorities Extension The "certificate_authorities" extension is an optional extension introduced in TLS 1.3. It is used to indicate the certificate authorities (CAs) that an endpoint supports and should be used by the receiving endpoint to guide certificate selection. With this JDK release, the "certificate_authorities" extension is supported for TLS 1.3 in both the client and the server sides. This extension is always present for client certificate selection, while it is optional for server certificate selection. Applications can enable this extension for server certificate selection by setting the Note that if the client trusts more CAs than the size limit of the extension (less than 2^16 bytes), the extension is not enabled. Also, some server implementations do not allow handshake messages to exceed 2^14 bytes. Consequently, there may be interoperability issues when |
Issue | Description |
---|---|
JDK-8172404 |
Tools Warn If Weak Algorithms Are Used The |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8273671 | Backport of 8260616 misses one JNF header inclusion removal |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8262392 | Update Mesa 3-D Headers to version 21.0.3 |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8272602 | [macOS] not all KEY_PRESSED events sent when control modifier is used |
P3 | JDK-8270216 | [macOS] Update named used for Java run loop mode |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8268775 | Password is being converted to String in AccessibleJPasswordField |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8266248 | Compilation failure in PLATFORM_API_MacOSX_MidiUtils.c with Xcode 12.5 |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8258373 | Update the text handling in the JPasswordField |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8257620 | Do not use objc_msgSend_stret to get macOS version |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8254967 | com.sun.net.HttpsServer spins on TLS session close |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8263361 | Incorrect arraycopy stub selected by C2 for SATB collectors |
P2 | JDK-8226871 | invalid use of incomplete type class MacroAssembler when building minimal after JDK-8191278 |
P2 | JDK-8191278 | MappedByteBuffer bulk access memory failures are not handled gracefully |
P2 | JDK-8226878 | zero crashes after JDK-8191278 |
P4 | JDK-8267625 | AARCH64: typo in LIR_Assembler::emit_profile_type |
P4 | JDK-8229254 | solaris_x64 build fails after JDK-8191278 |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8259271 | gc/parallel/TestDynShrinkHeap.java still fails "assert(covered_region.contains(new_memregion)) failed: new region is not in covered_region" |
P2 | JDK-8257999 | Parallel GC crash in gc/parallel/TestDynShrinkHeap.java: new region is not in covered_region |
P2 | JDK-8260704 | ParallelGC: oldgen expansion needs release-store for _end |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8253899 | Make IsClassUnloadingEnabled signature match specification |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8268635 | Corrupt oop in ClassLoaderData |
P3 | JDK-8269934 | RunThese24H.java failed with EXCEPTION_ACCESS_VIOLATION in java_lang_Thread::get_thread_status |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8261236 | C2: ClhsdbJstackXcompStress test fails when StressGCM is enabled |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8269390 | Bump update version for OpenJDK: jdk-13.0.9 |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8261109 | [macOS] Remove disabled warning for JNF in make/autoconf/flags-cflags.m4 |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8172404 | Tools should warn if weak algorithms are used before restricting them |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8254631 | Better support ALPN byte wire values in SunJSSE |
P3 | JDK-8206925 | Support the certificate_authorities extension |
P3 | JDK-8268965 | TCP Connection Reset when connecting simple socket to SSL server |
P4 | JDK-8270317 | Large Allocation in CipherSuite |
P4 | JDK-8215712 | Parsing extension failure may alert decode_error |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8241888 | Mirror jdk.security.allowNonCaAnchor system property with a security one |