RELEASE NOTES: JDK 17.0.13

Notes generated: Wed Dec 04 05:57:49 CET 2024

JEPs

None.

RELEASE NOTES

tools/jpackage

Issue Description
JDK-8295111

`jpackage` Apps May Fail to Build on Debian Linux Distros Due to Missing Shared Libraries


There is an issue on Debian Linux distros where jpackage could not always build an accurate list of required packages from shared libraries with symbolic links in their paths, causing installations to fail due to missing shared libraries.


`jpackage` May Produce an Inaccurate List of Required Packages on Debian Linux Distros


Fixed an issue on Debian Linux distros where jpackage could not always build an accurate list of required packages from shared libraries with symbolic links in their paths, causing installations to fail due to missing shared libraries.


core-libs/javax.naming

Issue Description
JDK-8290367

Update Default Value and Extend the Scope of com.sun.jndi.ldap.object.trustSerialData System Property


In this release, the JDK implementation of the LDAP provider no longer supports deserialization of Java objects by default:

  • The default value of the com.sun.jndi.ldap.object.trustSerialData system property has been updated to false.

  • The scope of the com.sun.jndi.ldap.object.trustSerialData system property has been extended to cover the reconstruction of RMI remote objects from the javaRemoteLocation LDAP attribute.

The transparent deserialization of Java objects from an LDAP context will now require an explicit opt-in. Applications that rely on reconstruction of Java objects or RMI stubs from the LDAP attributes would need to set the com.sun.jndi.ldap.object.trustSerialData system property to true.


security-libs/javax.net.ssl

Issue Description
JDK-8279164

Disabled TLS_ECDH Cipher Suites


The TLSECDH cipher suites have been disabled by default, by adding "ECDH" to the jdk.tls.disabledAlgorithms security property in the java.security configuration file. The TLSECDH cipher suites do not preserve forward-secrecy and are rarely used in practice. Note that some TLSECDH cipher suites were already disabled because they use algorithms that are disabled, such as 3DES and RC4. This action disables the rest. Any attempts to use cipher suites starting with "TLSECDH_" will fail with an SSLHandshakeException. Users can, at their own risk, re-enable these cipher suites by removing "ECDH" from the jdk.tls.disabledAlgorithms security property.

Please note that this change has no effect on the TLS_ECDHE cipher suites, which are still enabled by default.


JDK-8337664

Distrust TLS Server Certificates Anchored by Entrust Root Certificates and Issued After Nov 11, 2024


The JDK will stop trusting TLS server certificates issued after November 11, 2024 and anchored by Entrust root certificates, in line with similar plans recently announced by Google and Mozilla. The list of affected certificates includes certificates branded as AffirmTrust, which are managed by Entrust.

TLS server certificates issued on or before November 11, 2024 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected.

The restrictions will be enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the table below and the certificate has been issued after November 11, 2024.

An application will receive an Exception with a message indicating the trust anchor is not trusted, for example:

` TLS server certificate issued after 2024-11-11 and anchored by a distrusted legacy Entrust root CA: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net `

If necessary, and at your own risk, you can work around the restrictions by removing "ENTRUST_TLS" from the jdk.security.caDistrustPolicies security property in the java.security configuration file.

The restrictions are imposed on the following Entrust Root certificates included in the JDK:

Root Certificates distrusted after 2024-11-11
Distinguished Name SHA-256 Fingerprint
CN=Entrust Root Certification Authority, OU=(c) 2006 Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, O=Entrust, Inc., C=US

73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C

CN=Entrust Root Certification Authority - EC1, OU=(c) 2012 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5

CN=Entrust Root Certification Authority - G2, OU=(c) 2009 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39

CN=Entrust Root Certification Authority - G4, OU=(c) 2015 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88

CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77

CN=AffirmTrust Commercial, O=AffirmTrust, C=US

03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7

CN=AffirmTrust Networking, O=AffirmTrust, C=US

0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B

CN=AffirmTrust Premium, O=AffirmTrust, C=US

70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A

CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US

BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23

You can also use the keytool utility from the JDK to print out details of the certificate chain, as follows:

keytool -v -list -alias <your_server_alias> -keystore <your_keystore_filename>

If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server.


JDK-8341059

Distrust TLS Server Certificates Anchored by Entrust Root Certificates and Issued After Nov 11, 2024


The JDK will stop trusting TLS server certificates issued after November 11, 2024 and anchored by Entrust root certificates, in line with similar plans recently announced by Google and Mozilla. The list of affected certificates includes certificates branded as AffirmTrust, which are managed by Entrust.

TLS server certificates issued on or before November 11, 2024 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected.

The restrictions will be enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the table below and the certificate has been issued after November 11, 2024.

An application will receive an Exception with a message indicating the trust anchor is not trusted, for example:

` TLS server certificate issued after 2024-11-11 and anchored by a distrusted legacy Entrust root CA: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net `

If necessary, and at your own risk, you can work around the restrictions by removing "ENTRUST_TLS" from the jdk.security.caDistrustPolicies security property in the java.security configuration file.

The restrictions are imposed on the following Entrust Root certificates included in the JDK:

Root Certificates distrusted after 2024-11-11
Distinguished Name SHA-256 Fingerprint
CN=Entrust Root Certification Authority, OU=(c) 2006 Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, O=Entrust, Inc., C=US

73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C

CN=Entrust Root Certification Authority - EC1, OU=(c) 2012 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5

CN=Entrust Root Certification Authority - G2, OU=(c) 2009 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39

CN=Entrust Root Certification Authority - G4, OU=(c) 2015 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88

CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77

CN=AffirmTrust Commercial, O=AffirmTrust, C=US

03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7

CN=AffirmTrust Networking, O=AffirmTrust, C=US

0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B

CN=AffirmTrust Premium, O=AffirmTrust, C=US

70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A

CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US

BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23

You can also use the keytool utility from the JDK to print out details of the certificate chain, as follows:

keytool -v -list -alias <your_server_alias> -keystore <your_keystore_filename>

If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server.


tools/launcher

Issue Description
JDK-8310201

Available Locales Information Now Listed with -XshowSettings:locale Option


The showSettings launcher option no longer prints available locales information by default, when -XshowSettings is used. The -XshowSettings:locale option will continue to print all settings related to available locales.


security-libs/java.security

Issue Description
JDK-8341057

Added SSL.com TLS Root CA Certificates Issued in 2022


The following root certificates have been added to the cacerts truststore: ``` + SSL.com + ssltlsrootecc2022 DN: CN=SSL.com TLS ECC Root CA 2022, O=SSL Corporation, C=US

  • SSL.com
  • ssltlsrootrsa2022 DN: CN=SSL.com TLS RSA Root CA 2022, O=SSL Corporation, C=US ```

JDK-8051959

Thread and Timestamp Options for java.security.debug System Property


The java.security.debug system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component.

+timestamp can be appended to debug options to print a timestamp for that debug option. +thread can be appended to debug options to print thread and caller information for that debug option.

Examples: -Djava.security.debug=all+timestamp+thread adds timestamp and thread information to every debug statement generated.

-Djava.security.debug=properties+timestamp adds timestamp information to every debug statement generated for the properties component.

You can also specify -Djava.security.debug=help which will display a complete list of supported components and arguments.

See Printing Thread and Timestamp Information for more information.


Thread and Timestamp Options for java.security.debug System Property


The java.security.debug system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component.

+timestamp can be appended to debug options to print a timestamp for that debug option. +thread can be appended to debug options to print thread and caller information for that debug option.

Examples: -Djava.security.debug=all+timestamp+thread adds timestamp and thread information to every debug statement generated.

-Djava.security.debug=properties+timestamp adds timestamp information to every debug statement generated for the properties component.

You can also specify -Djava.security.debug=help which will display a complete list of supported components and arguments.

See Printing Thread and Timestamp Information for more information.


Thread and Timestamp Options for java.security.debug System Property


The java.security.debug system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component.

+timestamp can be appended to debug options to print a timestamp for that debug option. +thread can be appended to debug options to print thread and caller information for that debug option.

Examples: -Djava.security.debug=all+timestamp+thread adds timestamp and thread information to every debug statement generated.

-Djava.security.debug=properties+timestamp adds timestamp information to every debug statement generated for the properties component.

You can also specify -Djava.security.debug=help which will display a complete list of supported components and arguments.

See Printing Thread and Timestamp Information for more information.


core-svc/java.lang.management

Issue Description
JDK-8338139

The ClassLoadingMXBean and MemoryMXBean isVerbose Methods Are Now Consistent with Their setVerbose Methods


The ClassLoadingMXBean::setVerbose(boolean enabled) method will set class+load* logging on log output stdout to level info if enabled is true, and to level off otherwise. In contrast, the isVerbose method would check if exactly class+load logging was enabled at the info level on any log output. This could result in counter-intuitive behavior when logging class+load=info to a file via the command-line, as it caused isVerbose to return true, even after a call to setVerbose(false) had been made. A similar problem existed for the MemoryMXBean::isVerbose method. Starting with this release, the behavior is as follows:

  • ClassLoadingMXBean::isVerbose will return true only if class+load* logging (note the wildcard use) has been enabled at the info level (or above) on the stdout log output.
  • MemoryMXBean::isVerbose will return true only if gc logging has been enabled at the info level (or above) on the stdout log output.

FIXED ISSUES

client-libs

Priority Bug Summary
P2 JDK-8331605 jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure
P4 JDK-8328110 Allow simultaneous use of PassFailJFrame with split UI and additional windows
P4 JDK-8275851 Deproblemlist open/test/jdk/javax/swing/JComponent/6683775/bug6683775.java
P4 JDK-8284316 Support accessibility ManualTestFrame.java for non SwingSet tests
P4 JDK-8294148 Support JSplitPane for instructions and test UI

client-libs/2d

Priority Bug Summary
P3 JDK-8311666 Disabled tests in test/jdk/sun/java2d/marlin
P3 JDK-8328896 Fontmetrics for large Fonts has zero width
P4 JDK-8331746 Create a test to verify that the cmm id is not ignored
P4 JDK-8279878 java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10
P4 JDK-8320608 Many jtreg printing tests are missing the @printer keyword
P4 JDK-8320079 The ArabicBox.java test has no control buttons

client-libs/java.awt

Priority Bug Summary
P2 JDK-8309703 AIX build fails after JDK-8280982
P3 JDK-8317288 [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab
P3 JDK-8321176 [Screencast] make a second attempt on screencast failure
P3 JDK-8280982 [Wayland] [XWayland] java.awt.Robot taking screenshots
P3 JDK-8280988 [XWayland] Click on title to request focus test failures
P3 JDK-8280994 [XWayland] Drag and Drop does not work in java -> wayland app direction
P3 JDK-8280993 [XWayland] Popup is not closed on click outside of area controlled by XWayland
P3 JDK-8331011 [XWayland] TokenStorage fails under Security Manager
P3 JDK-8280990 [XWayland] XTest emulated mouse click does not bring window to front
P3 JDK-8313697 [XWayland][Screencast] consequent getPixelColor calls are slow
P3 JDK-8309621 [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1
P3 JDK-8282526 Default icon is not painted properly
P3 JDK-8305825 getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04
P3 JDK-8309756 Occasional crashes with pipewire screen capture on Wayland
P3 JDK-8193547 Regression automated test '/open/test/jdk/java/awt/Toolkit/DesktopProperties/rfe4758438.java' fails
P3 JDK-8328999 Update GIFlib to 5.2.2
P3 JDK-8329004 Update Libpng to 1.6.43
P4 JDK-8260633 [macos] java/awt/dnd/MouseEventAfterStartDragTest/MouseEventAfterStartDragTest.html test failed
P4 JDK-8310334 [XWayland][Screencast] screen capture error message in debug
P4 JDK-8317112 Add screenshot for Frame/DefaultSizeTest.java
P4 JDK-8320655 awt screencast robot spin and sync issues with native libpipewire api
P4 JDK-8328642 Convert applet test MouseDraggedOutCauseScrollingTest.html to main
P4 JDK-8328158 Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test
P4 JDK-8328115 Convert java/awt/font/TextLayout/TestJustification.html applet test to main
P4 JDK-8328011 Convert java/awt/Frame/GetBoundsResizeTest/GetBoundsResizeTest.java applet test to main
P4 JDK-8328218 Delete test java/awt/Window/FindOwner/FindOwner.html
P4 JDK-8328560 java/awt/event/MouseEvent/ClickDuringKeypress/ClickDuringKeypress.java imports Applet
P4 JDK-8280392 java/awt/Focus/NonFocusableWindowTest/NonfocusableOwnerTest.java failed with "RuntimeException: Test failed."
P4 JDK-8328269 NonFocusablePopupMenuTest.java should be marked as headful
P4 JDK-8316389 Open source few AWT applet tests
P4 JDK-8316240 Open source several add/remove MenuBar manual tests
P4 JDK-8316211 Open source several manual applet tests
P4 JDK-8315965 Open source various AWT applet tests
P4 JDK-8255898 Test java/awt/FileDialog/FilenameFilterTest/FilenameFilterTest.java fails on Mac OS
P4 JDK-8328561 test java/awt/Robot/ManualInstructions/ManualInstructions.java isn't used
P5 JDK-8279337 The MToolkit is still referenced in a few places

client-libs/javax.accessibility

Priority Bug Summary
P3 JDK-8329667 [macos] Issue with JTree related fix for JDK-8317771
P3 JDK-8279641 Create manual JTReg tests for Swing accessibility
P4 JDK-8303830 update for deprecated sprintf for jdk.accessibility

client-libs/javax.swing

Priority Bug Summary
P2 JDK-8335967 "text-decoration: none" does not work with "A" HTML tags
P2 JDK-8307091 A few client tests intermittently throw ConcurrentModificationException
P3 JDK-8323801 tag doesn't strikethrough the text
P3 JDK-8327007 javax/swing/JSpinner/8008657/bug8008657.java fails
P3 JDK-8292948 JEditorPane ignores font-size styles in external linked css-file
P3 JDK-8328953 JEditorPane.read throws ChangedCharSetException
P3 JDK-8320692 Null icon returned for .exe without custom icon
P3 JDK-8319103 Popups that request focus are not shown on Linux with Wayland
P3 JDK-8325179 Race in BasicDirectoryModel.validateFileCache
P3 JDK-8326734 text-decoration applied to lost when mixed with or
P4 JDK-7124313 [macosx] Swing Popups should overlap taskbar
P4 JDK-8327137 Add test for ConcurrentModificationException in BasicDirectoryModel
P4 JDK-8327840 Automate javax/swing/border/Test4129681.java
P4 JDK-8238169 BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock
P4 JDK-8328238 Convert few closed manual applet tests to main
P4 JDK-8327787 Convert javax/swing/border/Test4129681.java applet test to main
P4 JDK-8325620 HTMLReader uses ConvertAction instead of specified CharacterAction for , ,
P4 JDK-8257540 javax/swing/JFileChooser/8041694/bug8041694.java failed with "RuntimeException: The selected directory name is not the expected 'd ' but 'D '."
P4 JDK-8293862 javax/swing/JFileChooser/8046391/bug8046391.java failed with 'Cannot invoke "java.awt.Image.getWidth(java.awt.image.ImageObserver)" because "retVal" is null'
P4 JDK-8272232 javax/swing/JTable/4275046/bug4275046.java failed with "Expected value in the cell: 'rededited' but found 'redEDITED'."
P4 JDK-8316306 Open source and convert manual Swing test
P4 JDK-8315804 Open source several Swing JTabbedPane JTextArea JTextField tests
P4 JDK-8316104 Open source several Swing SplitPane and RadioButton related tests
P4 JDK-8316285 Opensource JButton manual tests
P4 JDK-8307193 Several Swing jtreg tests use class.forName on L&F classes
P4 JDK-8329559 Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected
P4 JDK-8302495 update for deprecated sprintf for java.desktop
P4 JDK-8305072 Win32ShellFolder2.compareTo is inconsistent

core-libs

Priority Bug Summary
P3 JDK-8333698 [17u] TestJstatdRmiPort fails after JDK-8333667
P3 JDK-8334339 Test java/nio/file/attribute/BasicFileAttributeView/CreationTime.java fails on alinux3
P4 JDK-8308022 update for deprecated sprintf for java.base

core-libs/java.io:serialization

Priority Bug Summary
P4 JDK-8222884 ConcurrentClassDescLookup.java times out intermittently

core-libs/java.lang

Priority Bug Summary
P4 JDK-8302800 Augment NaN handling tests of FDLIBM methods
P4 JDK-8273541 Cleaner Thread creates with normal priority instead of MAX_PRIORITY - 2
P4 JDK-8325621 Improve jspawnhelper version checks
P4 JDK-8325567 jspawnhelper without args fails with segfault
P4 JDK-8291760 PipelineLeaksFD.java still fails: More or fewer pipes than expected

core-libs/java.lang.invoke

Priority Bug Summary
P4 JDK-8301704 Shorten the number of GCs in UnloadingTest.java to verify a class loader not being unloaded

core-libs/java.lang:class_loading

Priority Bug Summary
P4 JDK-8309241 ClassForNameLeak fails intermittently as the class loader hasn't been unloaded

core-libs/java.net

Priority Bug Summary
P3 JDK-8299058 AssertionError in sun.net.httpserver.ServerImpl when connection is idle
P3 JDK-8292044 HttpClient doesn't handle 102 or 103 properly
P3 JDK-8304963 HttpServer closes connection after processing HEAD after JDK-7026262
P3 JDK-8333804 java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures
P3 JDK-8284585 PushPromiseContinuation test fails intermittently in timeout
P4 JDK-8330814 Cleanups for KeepAliveCache tests
P4 JDK-8313256 Exclude failing multicast tests on AIX
P4 JDK-8316387 Exclude more failing multicast tests on AIX after JDK-8315651
P4 JDK-8263031 HttpClient throws Exception if it receives a Push Promise that is too large
P4 JDK-8296410 HttpClient throws java.io.IOException: no statuscode in response for HTTP2
P4 JDK-7026262 HttpServer: improve handling of finished HTTP exchanges
P4 JDK-8303965 java.net.http.HttpClient should reset the stream if response headers contain malformed header fields
P4 JDK-8308184 Launching java with large number of jars in classpath with java.protocol.handler.pkgs system property set can lead to StackOverflowError
P4 JDK-8282354 Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests
P4 JDK-8331063 Some HttpClient tests don't report leaks
P4 JDK-8315651 Stop hiding AIX specific multicast socket errors via NetworkConfiguration (aix)
P4 JDK-8304962 sun/net/www/http/KeepAliveCache/B5045306.java: java.lang.RuntimeException: Failed: Initial Keep Alive Connection is not being reused
P4 JDK-8299487 Test java/net/httpclient/whitebox/SSLTubeTestDriver.java timed out
P4 JDK-8334600 TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64
P4 JDK-8308144 Uncontrolled memory consumption in SSLFlowDelegate.Reader
P4 JDK-8308801 update for deprecated sprintf for libnet in java.base
P5 JDK-8303216 Prefer ArrayList to LinkedList in sun.net.httpserver.ServerImpl

core-libs/java.nio

Priority Bug Summary
P3 JDK-8338696 (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux)
P3 JDK-8313873 java/nio/channels/DatagramChannel/SendReceiveMaxSize.java fails on AIX due to small default RCVBUF size and different IPv6 Header interpretation
P3 JDK-8269657 Test java/nio/channels/DatagramChannel/Loopback.java failed: Unexpected message
P4 JDK-8332248 (fc) java/nio/channels/FileChannel/BlockDeviceSize.java failed with RuntimeException
P4 JDK-8313674 (fc) java/nio/channels/FileChannel/BlockDeviceSize.java should test for more block devices
P4 JDK-8334297 (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager
P4 JDK-8339869 [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339
P4 JDK-8299813 java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram
P4 JDK-8327650 Test java/nio/channels/DatagramChannel/StressNativeSignal.java timed out
P4 JDK-8337038 Test java/nio/file/attribute/BasicFileAttributeView/CreationTime.java shoud set as /native
P4 JDK-8336301 test/jdk/java/nio/channels/AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion

core-libs/java.nio.charsets

Priority Bug Summary
P4 JDK-8310683 Refactor StandardCharset/standard.java to use JUnit

core-libs/java.text

Priority Bug Summary
P4 JDK-8317372 Refactor some NumberFormat tests to use JUnit

core-libs/java.util.concurrent

Priority Bug Summary
P4 JDK-8325754 Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections
P4 JDK-8269428 java/util/concurrent/ConcurrentHashMap/ToArray.java timed out

core-libs/java.util.jar

Priority Bug Summary
P3 JDK-8259866 two java.util tests failed with "IOException: There is not enough space on the disk"
P4 JDK-8303920 Avoid calling out to python in DataDescriptorSignatureMissing test
P4 JDK-8330615 avoid signed integer overflows in zip_util.c readCen / hashN
P4 JDK-8303891 Speed up Zip64SizeTest using a small ZIP64 file
P4 JDK-8333398 Uncomment the commented test in test/jdk/java/util/jar/JarFile/mrjar/MultiReleaseJarAPI.java
P5 JDK-7022325 TEST_BUG: test/java/util/zip/ZipFile/ReadLongZipFileName.java leaks files if it fails

core-libs/java.util.logging

Priority Bug Summary
P4 JDK-8333270 HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3

core-libs/java.util.regex

Priority Bug Summary
P3 JDK-8273430 Suspicious duplicate condition in java.util.regex.Grapheme#isExcludedSpacingMark

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8334653 ISO 4217 Amendment 177 Update
P4 JDK-8334333 MissingResourceCauseTestRun.java fails if run by root
P4 JDK-8332174 Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml
P4 JDK-8332424 Update IANA Language Subtag Registry to Version 2024-05-16
P4 JDK-8334418 Update IANA Language Subtag Registry to Version 2024-06-14

core-libs/javax.naming

Priority Bug Summary
P3 JDK-8290367 Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property

core-svc/debugger

Priority Bug Summary
P3 JDK-8324668 JDWP process management needs more efficient file descriptor handling
P4 JDK-8307850 update for deprecated sprintf for jdk.jdi
P4 JDK-8303617 update for deprecated sprintf for jdk.jdwp.agent

core-svc/java.lang.management

Priority Bug Summary
P1 JDK-8338139 {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods
P4 JDK-8310628 GcInfoBuilder.c missing JNI Exception checks
P4 JDK-8301279 update for deprecated sprintf for management components

core-svc/javax.management

Priority Bug Summary
P4 JDK-8328273 sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use
P4 JDK-8301132 Test update for deprecated sprintf in Xcode 14

core-svc/tools

Priority Bug Summary
P4 JDK-8314476 TestJstatdPortAndServer.java failed with "java.rmi.NoSuchObjectException: no such object in table"
P4 JDK-8307848 update for deprecated sprintf for jdk.attach

docs/guides

Priority Bug Summary
P4 JDK-8331331 :tier1 target explanation in doc/testing.md is incorrect

hotspot/compiler

Priority Bug Summary
P2 JDK-8322726 C2: Unloaded signature class kills argument value
P3 JDK-8330611 AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)
P3 JDK-8331885 C2: meet between unloaded and speculative types is not symmetric
P3 JDK-8329126 No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462
P3 JDK-8296812 sprintf is deprecated in Xcode 14
P4 JDK-8307352 AARCH64: Improve itable_stub
P4 JDK-8323122 AArch64: Increase itable stub size estimate
P4 JDK-8323584 AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe
P4 JDK-8320379 C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64
P4 JDK-8317831 compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string
P4 JDK-8315576 compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837
P4 JDK-8321025 Enable Neoverse N1 optimizations for Neoverse V2
P4 JDK-8005885 enhance PrintCodeCache to print more data
P4 JDK-8279068 IGV: Update to work with JDK 16 and 17
P4 JDK-8319406 x86: Shorter movptr(reg, imm) for 32-bit immediates
P5 JDK-8314837 5 compiled/codecache tests ignore VM flags
P5 JDK-8277042 add test for 8276036 to compiler/codecache
P5 JDK-8335536 Fix assertion failure in IdealGraphPrinter when append is true
P5 JDK-8272558 IR Test Framework README misses some flags
P5 JDK-8315024 Vector API FP reduction tests should not test for exact equality

hotspot/gc

Priority Bug Summary
P2 JDK-8334482 Shenandoah: Deadlock when safepoint is pending during nmethods iteration
P3 JDK-8170817 G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping
P3 JDK-8316328 Test jdk/jfr/event/oldobject/TestSanityDefault.java times out for some heap sizes
P3 JDK-8332936 Test vmTestbase/metaspace/gc/watermark_70_80/TestDescription.java fails with no GC's recorded
P3 JDK-8329109 Threads::print_on() tries to print CPU time for terminated GC threads
P4 JDK-8315774 Enable parallelism in vmTestbase/gc/g1/unloading tests
P4 JDK-8324755 Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests
P4 JDK-8317316 G1: Make TestG1PercentageOptions use createTestJvm
P4 JDK-8317358 G1: Make TestMaxNewSize use createTestJvm
P4 JDK-8290966 G1: Record number of PLAB filled and number of direct allocations
P4 JDK-8316973 GC: Make TestDisableDefaultGC use createTestJvm
P4 JDK-8317343 GC: Make TestHeapFreeRatio use createTestJvm
P4 JDK-8317228 GC: Make TestXXXHeapSizeFlags use createTestJvm
P4 JDK-8322330 JavadocHelperTest.java OOMEs with Parallel GC and ZGC
P4 JDK-8319713 Parallel: Remove PSAdaptiveSizePolicy::should_full_GC
P4 JDK-8315936 Parallelize gc/stress/TestStressG1Humongous.java test
P4 JDK-8329134 Reconsider TLAB zapping
P4 JDK-8299971 Remove metaprogramming/conditional.hpp
P4 JDK-8299479 Remove metaprogramming/decay.hpp
P4 JDK-8299399 Remove metaprogramming/isArray.hpp
P4 JDK-8299398 Remove metaprogramming/isConst.hpp
P4 JDK-8299397 Remove metaprogramming/isFloatingPoint.hpp
P4 JDK-8299482 Remove metaprogramming/isIntegral.hpp
P4 JDK-8299402 Remove metaprogramming/isVolatile.hpp
P4 JDK-8299395 Remove metaprogramming/removeCV.hpp
P4 JDK-8299396 Remove metaprogramming/removeExtent.hpp
P4 JDK-8299481 Remove metaprogramming/removePointer.hpp
P4 JDK-8299972 Remove metaprogramming/removeReference.hpp
P4 JDK-8331798 Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java
P4 JDK-8328075 Shenandoah: Avoid forwarding when objects don't move in full-GC
P4 JDK-8333716 Shenandoah: Check for disarmed method before taking the nmethod lock
P4 JDK-8334769 Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator
P4 JDK-8328647 TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp

hotspot/jfr

Priority Bug Summary
P3 JDK-8321220 JFR: RecordedClass reports incorrect modifiers
P3 JDK-8317360 Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines
P3 JDK-8265919 RunThese30M fails "assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8)) != 0))))) failed: invariant"
P3 JDK-8256291 RunThese30M fails "assert(_class_unload ? true : ((((JfrTraceIdBits::load(class_loader_klass)) & ((1 << 4) << 8)) != 0))) failed: invariant"
P3 JDK-8326446 The User and System of jdk.CPULoad on Apple M1 are inaccurate
P3 JDK-8326106 Write and clear stack trace table outside of safepoint
P4 JDK-8313394 Array Elements in OldObjectSample event has the incorrect description
P4 JDK-8304375 jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Expected at least some events to be out of order! Reuse = false"
P4 JDK-8316193 jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak
P4 JDK-8329995 Restricted access to `/proc` can cause JFR initialization to crash
P4 JDK-8335808 update for deprecated sprintf for jfrTypeSetUtils

hotspot/jvmti

Priority Bug Summary
P4 JDK-8317635 Improve GetClassFields test to verify correctness of field order
P4 JDK-8335775 Remove extraneous 's' in comment of rawmonitor.cpp test file

hotspot/runtime

Priority Bug Summary
P2 JDK-8316468 os::write incorrectly handles partial write
P3 JDK-8306929 Avoid CleanClassLoaderDataMetaspaces safepoints when previous versions are shared
P3 JDK-8315559 Delay TempSymbol cleanup to avoid symbol table churn
P3 JDK-8318986 Improve GenericWaitBarrier performance
P3 JDK-8293872 Make runtime/Thread/ThreadCountLimit.java more robust
P4 JDK-8324753 [AIX] adjust os_posix after JDK-8318696
P4 JDK-8324577 [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE
P4 JDK-8306583 Add JVM crash check in CDSTestUtils.executeAndLog
P4 JDK-8300169 Build failure with clang-15
P4 JDK-8318089 Class space not marked as such with NMT when CDS is off
P4 JDK-8324933 ConcurrentHashTable::statistics_calculate synchronization is expensive
P4 JDK-8318696 Do not use LFS64 symbols on Linux
P4 JDK-8294691 dynamicArchive/RelativePath.java is running other test case
P4 JDK-8322008 Exclude some CDS tests from running with -Xshare:off
P4 JDK-8318474 Fix memory reporter for thread_count
P4 JDK-8329605 hs errfile generic events - move memory protections and nmethod flushes to separate sections
P4 JDK-8329663 hs_err file event log entry for thread adding/removing should print current thread
P4 JDK-8330524 Linux ppc64le compile warning with clang in os_linux_ppc.cpp
P4 JDK-8289182 NMT: MemTracker::baseline should return void
P4 JDK-8315362 NMT: summary diff reports threads count incorrectly
P4 JDK-8303942 os::write should write completely
P4 JDK-8183227 read/write APIs in class os shall return ssize_t
P4 JDK-8305079 Remove finalize() from compiler/c2/Test719030
P4 JDK-8305081 Remove finalize() from test/hotspot/jtreg/compiler/runtime/Test8168712
P4 JDK-8300910 Remove metaprogramming/integralConstant.hpp
P4 JDK-8300264 Remove metaprogramming/isPointer.hpp
P4 JDK-8300260 Remove metaprogramming/isSame.hpp
P4 JDK-8300265 Remove metaprogramming/isSigned.hpp
P4 JDK-8312049 runtime/logging/ClassLoadUnloadTest can be improved
P4 JDK-8310108 Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified
P4 JDK-8299254 Support dealing with standard assert macro
P4 JDK-8308891 TestCDSVMCrash.java needs @requires vm.cds
P4 JDK-8298596 vmTestbase/nsk/sysdict/vm/stress/chain/chain008/chain008.java fails with "NoClassDefFoundError: Could not initialize class java.util.concurrent.ThreadLocalRandom"
P4 JDK-8305959 x86: Improve itable_stub

hotspot/svc

Priority Bug Summary
P3 JDK-8273216 JCMD does not work across container boundaries with Podman
P4 JDK-8329103 assert(!thread->in_asgct()) failed during multi-mode profiling
P4 JDK-8272777 Clean up remaining AccessController warnings in test library
P4 JDK-8315437 Enable parallelism in vmTestbase/nsk/monitoring/stress/classload tests
P4 JDK-8315442 Enable parallelism in vmTestbase/nsk/monitoring/stress/thread tests
P4 JDK-8307448 Test RedefineSharedClassJFR fail due to wrong assumption

hotspot/svc-agent

Priority Bug Summary
P4 JDK-8283728 jdk.hotspot.agent: Wrong location for RISCV64ThreadContext.java
P4 JDK-8303527 update for deprecated sprintf for jdk.hotspot.agent
P5 JDK-8333353 Delete extra empty line in CodeBlob.java

hotspot/test

Priority Bug Summary
P3 JDK-8306946 jdk/test/lib/process/ProcessToolsStartProcessTest.java fails with "wrong number of lines in OutputAnalyzer output"
P4 JDK-8301200 Don't scale timeout stress with timeout factor
P4 JDK-8318605 Enable parallelism in vmTestbase/nsk/stress/stack tests
P4 JDK-8332898 failure_handler: log directory of commands
P4 JDK-8299635 Hotspot update for deprecated sprintf in Xcode 14
P4 JDK-8233725 ProcessTools.startProcess() has output issues when using an OutputAnalyzer at the same time
P4 JDK-8299378 sprintf is deprecated in Xcode 14
P4 JDK-8335918 update for deprecated sprintf for jvmti
P4 JDK-8332113 Update nsk.share.Log to be always verbose
P5 JDK-8328234 Remove unused nativeUtils files

infrastructure

Priority Bug Summary
P4 JDK-8334166 Enable binary check
P4 JDK-8332008 Enable issuestitle check

infrastructure/build

Priority Bug Summary
P3 JDK-8325444 GHA: JDK-8325194 causes a regression
P4 JDK-8337283 configure.log is truncated when build dir is on different filesystem
P4 JDK-8331164 createJMHBundle.sh download jars fail when url needed to be redirected
P4 JDK-8319197 Exclude hb-subset and hb-style from compilation
P4 JDK-8325194 GHA: Add macOS M1 testing
P4 JDK-8318039 GHA: Bump macOS and Xcode versions
P4 JDK-8336928 GHA: Bundle artifacts removal broken
P4 JDK-8309934 Update GitHub Actions to use JDK 17 for building jtreg
P4 JDK-8300806 Update googletest to v1.13.0
P5 JDK-8333477 Delete extra empty spaces in Makefiles

infrastructure/release_eng

Priority Bug Summary
P4 JDK-8341673 [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13
P4 JDK-8331265 Bump update version for OpenJDK: jdk-17.0.13

performance/hotspot

Priority Bug Summary
P5 JDK-8298809 Clean up vm/compiler/InterfaceCalls JMH

security-libs/java.security

Priority Bug Summary
P2 JDK-8341057 Add 2 SSL.com TLS roots
P3 JDK-8276660 Scalability bottleneck in java.security.Provider.getService()
P4 JDK-8318479 [jmh] the test security.CacheBench failed for multiple threads run
P4 JDK-8051959 Add thread and timestamp options to java.security.debug system property
P4 JDK-8324646 Avoid Class.forName in SecureRandom constructor
P4 JDK-8324648 Avoid NoSuchMethodError when instantiating NativePRNG
P4 JDK-8279222 Incorrect legacyMap.get in java.security.Provider after JDK-8276660
P4 JDK-8292739 Invalid legacy entries may be returned by Provider.getServices() call
P4 JDK-8288568 Reduce runtime of java.security microbenchmarks
P4 JDK-8294994 Update Jarsigner and Keytool i18n tests to validate i18n compliance
P5 JDK-8280970 Cleanup dead code in java.security.Provider

security-libs/javax.crypto

Priority Bug Summary
P4 JDK-8315684 Parallelize sun/security/util/math/TestIntegerModuloP.java
P4 JDK-8301274 update for deprecated sprintf for security components

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P3 JDK-8261433 Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8341059 Change Entrust TLS distrust date to November 12, 2024
P3 JDK-8279164 Disable TLS_ECDH_* cipher suites
P3 JDK-8337664 Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
P3 JDK-8298381 Improve handling of session tickets for multiple SSLContexts
P3 JDK-8325384 sun/security/ssl/SSLSessionImpl/ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread
P4 JDK-8337669 [17u] Backport of JDK-8284047 missed to delete a file
P4 JDK-8241550 [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use"
P4 JDK-8315422 getSoTimeout() would be in try block in SSLSocketImpl
P4 JDK-8325022 Incorrect error message on client authentication
P4 JDK-8332524 Instead of printing "TLSv1.3," it is showing "TLS13"
P4 JDK-8310070 Test: javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out
P4 JDK-8301686 TLS 1.3 handshake fails if server_name doesn't match resuming session

tools

Priority Bug Summary
P4 JDK-8331077 nroff man page update for jar tool

tools/javac

Priority Bug Summary
P3 JDK-8312229 Crash involving yield, switch and anonymous classes

tools/javadoc(tool)

Priority Bug Summary
P3 JDK-8281944 JavaDoc throws java.lang.IllegalStateException: ERRONEOUS
P3 JDK-8326332 Unclosed inline tags cause misalignment in summary tables
P3 JDK-8330063 Upgrade jQuery to 3.7.1
P4 JDK-8334332 TestIOException.java fails if run by root

tools/jpackage

Priority Bug Summary
P2 JDK-8295111 dpkg appears to have problems resolving symbolically linked native libraries
P4 JDK-8299779 Test tools/jpackage/share/jdk/jpackage/tests/MainClassTest.java timed out

tools/jshell

Priority Bug Summary
P2 JDK-8314614 jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen"
P4 JDK-8312140 jdk/jshell tests failed with JDI socket timeouts

tools/launcher

Priority Bug Summary
P3 JDK-8310201 Reduce verbose locale output in -XshowSettings launcher option

xml/javax.xml.validation

Priority Bug Summary
P4 JDK-8320602 Lock contention in SchemaDVFactory.getInstance()