RELEASE NOTES: JDK 15.0.10

Notes generated: Wed Apr 03 02:03:47 CEST 2024

JEPs

None.

RELEASE NOTES

security-libs/javax.net.ssl

Issue Description
JDK-8253368

Behavior changes for SSLSocket input stream shut down


The SunJSSE close notification checks for SSLSocket have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs.

If an application tries to close the input stream of an SSLSocket (via shutdownInput() method) without having received a close notification message from its peer, the SSLSocket will no longer:

  1. trigger the transmission of a TLS fatal-level alert to the peer, and
  2. invalidate the current TLS session.

The new behavior will still consider this condition an error and will throw a local javax.net.ssl.SSLException. A fatal-level alert will no longer be sent to the peer, and the underlying session will remain valid.

In addition, the internal transport context for the SSLSocket will also now be closed. Previously, this step didn't occur if a fatal message was generated.


JDK-8273553

Change in SSLEngine.closeInbound() Behavior


The SunJSSE close notification checks for SSLEngine to have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs. See also JDK-8253368.

Specifically, if an application tries to close its SSLEngine inbound side using SSLEngine.closeInbound() without having received a close notification message from its peer, the SSLEngine will no longer:

  1. trigger the transmission of a TLS fatal-level alert to the peer, and
  2. invalidate the current TLS session.

The new behavior will still consider this condition an error and will throw a local javax.net.ssl.SSLException. But a fatal-level alert will no longer be generated to be sent to the peer, and the underlying session will remain valid.

In addition, the internal transport context for the SSLEngine will also now be closed. This may result in a different SSLEngineResult.HandshakeStatus value on the SSLEngine. Any outstanding outbound data must still be obtained (SSLEngine.wrap()) and sent in order to gracefully close the connection.


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P3 JDK-8293672 Update freetype md file

client-libs/java.awt

Priority Bug Summary
P3 JDK-8296957 One more cast in SAFE_SIZE_NEW_ARRAY2
P3 JDK-8296496 Overzealous check in sizecalc.h prevents large memory allocation
P4 JDK-8295554 Move the "sizecalc.h" to the correct location

client-libs/javax.accessibility

Priority Bug Summary
P3 JDK-8284690 [macos] VoiceOver : Getting java.lang.IllegalArgumentException: Invalid location on Editable JComboBox

client-libs/javax.imageio

Priority Bug Summary
P4 JDK-8266171 -Warray-bounds happens in imageioJPEG.c
P4 JDK-8266174 -Wmisleading-indentation happens in libmlib_image sources

core-libs

Priority Bug Summary
P4 JDK-8283059 Uninitialized warning in check_code.c with GCC 11.2

core-libs/java.lang

Priority Bug Summary
P4 JDK-8297530 java.lang.IllegalArgumentException: Negative length on strings concatenation

core-libs/java.text

Priority Bug Summary
P3 JDK-8299439 java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR

core-libs/java.time

Priority Bug Summary
P3 JDK-8294357 (tz) Update Timezone Data to 2022d
P3 JDK-8295173 (tz) Update Timezone Data to 2022e
P3 JDK-8296108 (tz) Update Timezone Data to 2022f
P3 JDK-8297804 (tz) Update Timezone Data to 2022g

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8295530 Update Zlib Data Compression Library to Version 1.2.13

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8296715 CLDR v42 update for tzdata 2022f
P3 JDK-8294307 ISO 4217 Amendment 173 Update
P3 JDK-8296239 ISO 4217 Amendment 174 Update
P4 JDK-8261279 sun/util/resources/cldr/TimeZoneNamesTest.java timed out
P4 JDK-8267038 Update IANA Language Subtag Registry to Version 2022-03-02
P4 JDK-8287180 Update IANA Language Subtag Registry to Version 2022-08-08

hotspot/compiler

Priority Bug Summary
P1 JDK-8297027 Fix broken aarch64 build of 13u/15u after bad backport of 8293044
P2 JDK-8292158 AES-CTR cipher state corruption with AVX-512
P2 JDK-8293044 C1: Missing access check on non-accessible class
P3 JDK-8293816 CI: ciBytecodeStream::get_klass() is not consistent
P3 JDK-8290451 Incorrect result when switching to C2 OSR compilation from C1

infrastructure

Priority Bug Summary
P4 JDK-8293987 Bump update version for OpenJDK: jdk-15.0.10

infrastructure/build

Priority Bug Summary
P3 JDK-8295211 Fix autoconf 2.71 warning "AC_CHECK_HEADERS: you should use literals"
P4 JDK-8283323 libharfbuzz optimization level results in extreme build times

security-libs/java.security

Priority Bug Summary
P3 JDK-8296480 java/security/cert/pkix/policyChanges/TestPolicy.java is failing

security-libs/javax.net.ssl

Priority Bug Summary
P3 JDK-8270344 Session resumption errors
P3 JDK-8273553 sun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368
P3 JDK-8253368 TLS connection always receives close_notify exception
P4 JDK-8277881 Missing SessionID in TLS1.3 resumption in compatibility mode

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P4 JDK-8273894 ConcurrentModificationException raised every time ReferralsCache drops referral

tools

Priority Bug Summary
P3 JDK-8293701 jdeps InverseDepsAnalyzer runs into NoSuchElementException: No value present

xml/org.w3c.dom

Priority Bug Summary
P3 JDK-8287076 Document.normalizeDocument() produces different results