RELEASE NOTES: JDK 17.0.17

Notes generated: Fri Aug 29 06:42:00 CEST 2025

JEPs

None.

RELEASE NOTES

core-libs/java.net

Issue Description

Issue	Description
JDK-8342075	java.net.http.HttpClient Is Enhanced to Report HTTP/2 Flow Control Errors to the Server The `java.net.http.HttpClient` will now report HTTP/2 flow control errors to the server when they are detected. This is an implementation detail that should be transparent to users of the `HttpClient` API, but could result in streams being reset or connections being closed if connecting to a non-conformant HTTP/2 server.
java.net.http.HttpClient Is Enhanced to Report HTTP/2 Flow Control Errors to the Server The `java.net.http.HttpClient` will now report HTTP/2 flow control errors to the server when they are detected. This is an implementation detail that should be transparent to users of the `HttpClient` API, but could result in streams being reset or connections being closed if connecting to a non-conformant HTTP/2 server. The flow control limits enforced by the client can be specified with two system properties, which can be set on the java command line: `jdk.httpclient.connectionWindowSize` specifies the HTTP/2 client connection window size in bytes. The default value if unspecified is `2^26`. Valid values are in the range `[2^16-1, 2^31-1]`. If an invalid value is provided, the default value is used. The implementation guarantees that the actual value will be no smaller than the stream window size, which can be configured through the `jdk.httpclient.windowsize` system property. `jdk.httpclient.windowsize` specifies the HTTP/2 client stream window size in bytes. The default value if unspecified is `16777216` or `16 MB`. Valid values are in the range `[2^14, 2^31-1]`. If an invalid value is provided, the default value is used.

JDK-8342075

java.net.http.HttpClient Is Enhanced to Report HTTP/2 Flow Control Errors to the Server

The java.net.http.HttpClient will now report HTTP/2 flow control errors to the server when they are detected. This is an implementation detail that should be transparent to users of the HttpClient API, but could result in streams being reset or connections being closed if connecting to a non-conformant HTTP/2 server.

java.net.http.HttpClient Is Enhanced to Report HTTP/2 Flow Control Errors to the Server

The flow control limits enforced by the client can be specified with two system properties, which can be set on the java command line:

jdk.httpclient.connectionWindowSize specifies the HTTP/2 client connection window size in bytes. The default value if unspecified is 2^26. Valid values are in the range [2^16-1, 2^31-1]. If an invalid value is provided, the default value is used. The implementation guarantees that the actual value will be no smaller than the stream window size, which can be configured through the jdk.httpclient.windowsize system property.
jdk.httpclient.windowsize specifies the HTTP/2 client stream window size in bytes. The default value if unspecified is 16777216 or 16 MB. Valid values are in the range [2^14, 2^31-1]. If an invalid value is provided, the default value is used.

security-libs/javax.xml.crypto

Issue Description

Issue	Description
JDK-8344137	Update XML Security for Java to 3.0.5 The XML Signature implementation has been updated to Santuario 3.0.5. Support for four new SHA-3 based ECDSA `SignatureMethod` algorithms have been added: `SignatureMethod.ECDSA_SHA3_224`, `SignatureMethod.ECDSA_SHA3_256`, `SignatureMethod.ECDSA_SHA3_384`, and `SignatureMethod.ECDSA_SHA3_512`.

JDK-8344137

Update XML Security for Java to 3.0.5

The XML Signature implementation has been updated to Santuario 3.0.5. Support for four new SHA-3 based ECDSA SignatureMethod algorithms have been added: SignatureMethod.ECDSA_SHA3_224, SignatureMethod.ECDSA_SHA3_256, SignatureMethod.ECDSA_SHA3_384, and SignatureMethod.ECDSA_SHA3_512.

core-libs/javax.naming

Issue Description

Issue	Description
JDK-8290368	Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts: The new `jdk.jndi.ldap.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the `java.naming` module. The new `jdk.jndi.rmi.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the `jdk.rmi` module. These new factory filter properties complement the `jdk.jndi.object.factoriesFilter` global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI. An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of `javax.naming.Reference` instance returned, which may lead to a `ClassCastException` being thrown in the application. For more information, see the java.naming and jdk.naming.rmi module-info documentation.
Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts: The new `jdk.jndi.ldap.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the `java.naming` module. The new `jdk.jndi.rmi.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the `jdk.naming.rmi` module. These new factory filter properties complement the `jdk.jndi.object.factoriesFilter` global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI. An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of `javax.naming.Reference` instance returned, which may lead to a `ClassCastException` being thrown in the application.
Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts: The new `jdk.jndi.ldap.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. By default, only object factories defined with the setting of the property 'jdk.jndi.ldap.object.factoriesFilter=com.sun.jndi.ldap.;!' are allowed. The new `jdk.jndi.rmi.object.factoriesFilter` property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. By default, only object factories defined with the setting of the property `jdk.jndi.rmi.object.factoriesFilter=com.sun.jndi.rmi.;!` are allowed. These new factory filter properties complement the `jdk.jndi.object.factoriesFilter` global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI. An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of `javax.naming.Reference` instance returned, which may lead to a `ClassCastException` being thrown in the application.

JDK-8290368

Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation

In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts:

The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the java.naming module.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the jdk.rmi module.

These new factory filter properties complement the jdk.jndi.object.factoriesFilter global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI.

An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of javax.naming.Reference instance returned, which may lead to a ClassCastException being thrown in the application.

For more information, see the java.naming and jdk.naming.rmi module-info documentation.

Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation

The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the java.naming module.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the jdk.naming.rmi module.

Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation

The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. By default, only object factories defined with the setting of the property 'jdk.jndi.ldap.object.factoriesFilter=com.sun.jndi.ldap.*;!' are allowed.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. By default, only object factories defined with the setting of the property jdk.jndi.rmi.object.factoriesFilter=com.sun.jndi.rmi.**;!* are allowed.

security-libs/javax.net.ssl

Issue Description

Issue	Description
JDK-8349583	Mechanism to Disable Signature Schemes Based on Their TLS Scope TLS protocol specific usage constraints are now supported by the `jdk.tls.disabledAlgorithms` property in the `java.security` configuration file, as follows: ``` UsageConstraint: usage UsageType { UsageType } UsageType: HandshakeSignature \| CertificateSignature ``HandshakeSignature`restricts the use of the algorithm in TLS handshake signatures.`CertificateSignature`restricts the use of the algorithm in certificate signatures. An algorithm with this constraint cannot include other usage types defined in the`jdk.certpath.disabledAlgorithms` property. The usage type follows the keyword and more than one usage type can be specified with a whitespace delimiter.
JDK-8341964	Mechanism to Disable TLS Cipher Suites by Pattern Matching TLS cipher suites can be disabled with the `jdk.tls.disabledAlgorithms` security property in the `java.security` configuration file using one or more `` wildcard characters. For example, "TLSRSA" disables all cipher suites that start with "TLSRSA". Only cipher suites starting with "TLS_" are allowed to have wildcard characters.

JDK-8349583

Mechanism to Disable Signature Schemes Based on Their TLS Scope

TLS protocol specific usage constraints are now supported by the jdk.tls.disabledAlgorithms property in the java.security configuration file, as follows: ``` UsageConstraint: usage UsageType { UsageType }

UsageType: HandshakeSignature | CertificateSignature ``HandshakeSignaturerestricts the use of the algorithm in TLS handshake signatures.CertificateSignaturerestricts the use of the algorithm in certificate signatures. An algorithm with this constraint cannot include other usage types defined in thejdk.certpath.disabledAlgorithms` property. The usage type follows the keyword and more than one usage type can be specified with a whitespace delimiter.

JDK-8341964

Mechanism to Disable TLS Cipher Suites by Pattern Matching

TLS cipher suites can be disabled with the jdk.tls.disabledAlgorithms security property in the java.security configuration file using one or more * wildcard characters. For example, "TLSRSA*" disables all cipher suites that start with "TLSRSA". Only cipher suites starting with "TLS_" are allowed to have wildcard characters.

tools/launcher

Issue	Description
JDK-8337506	Disable "best-fit" Mapping on Windows Command Line Command line arguments to the Java launcher are no longer converted with Windows' "best-fit" mapping when the arguments include unmappable characters for the ANSI code page. This mapping has been intervening in the Java launcher's argument parsing. Unmappable characters are now replaced with the default replacement character, such as '?' in some cases. For rare cases, where applications need those unmappable characters on the command line, select UTF-8 in Windows Regional Settings.

Issue

Description

JDK-8337506

Disable "best-fit" Mapping on Windows Command Line

Command line arguments to the Java launcher are no longer converted with Windows' "best-fit" mapping when the arguments include unmappable characters for the ANSI code page. This mapping has been intervening in the Java launcher's argument parsing. Unmappable characters are now replaced with the default replacement character, such as '?' in some cases. For rare cases, where applications need those unmappable characters on the command line, select UTF-8 in Windows Regional Settings.

security-libs/java.security

Issue Description

Issue	Description
JDK-8361212	Removed Four AffirmTrust Root Certificates The following root certificates, which are deactivated and no longer in use, have been removed from the `cacerts` keystore: ``` + alias name "affirmtrustcommercialca [jdk]" Distinguished Name: CN=AffirmTrust Commercial, O=AffirmTrust, C=US alias name "affirmtrustnetworkingca [jdk]" Distinguished Name: CN=AffirmTrust Networking, O=AffirmTrust, C=US alias name "affirmtrustpremiumca [jdk]" Distinguished Name: CN=AffirmTrust Premium, O=AffirmTrust, C=US alias name "affirmtrustpremiumeccca [jdk]" Distinguished Name: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US ```
JDK-8313367	SunMSCAPI Provider Opens the Windows Local Computer Key Store in Read-Only Mode in Non-Elevated Processes The Local Computer key store is accessed using the `CERT_STORE_MAXIMUM_ALLOWED_FLAG`. Since this store is typically managed by administrators for security reasons, processes are only given read-only access to specific private keys. By opening the store in read-only mode, non-elevated processes can now securely use these keys without requiring elevated permissions.

JDK-8361212

Removed Four AffirmTrust Root Certificates

The following root certificates, which are deactivated and no longer in use, have been removed from the cacerts keystore:

``` + alias name "affirmtrustcommercialca [jdk]" Distinguished Name: CN=AffirmTrust Commercial, O=AffirmTrust, C=US

alias name "affirmtrustnetworkingca [jdk]" Distinguished Name: CN=AffirmTrust Networking, O=AffirmTrust, C=US
alias name "affirmtrustpremiumca [jdk]" Distinguished Name: CN=AffirmTrust Premium, O=AffirmTrust, C=US
alias name "affirmtrustpremiumeccca [jdk]" Distinguished Name: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US ```

JDK-8313367

SunMSCAPI Provider Opens the Windows Local Computer Key Store in Read-Only Mode in Non-Elevated Processes

The Local Computer key store is accessed using the CERT_STORE_MAXIMUM_ALLOWED_FLAG. Since this store is typically managed by administrators for security reasons, processes are only given read-only access to specific private keys. By opening the store in read-only mode, non-elevated processes can now securely use these keys without requiring elevated permissions.

FIXED ISSUES

client-libs

Priority	Bug	Summary
P4	JDK-8355515	Clarify the purpose of forcePass() and forceFail() methods
P4	JDK-8276046	codestrings.validate_vm gtest fails on ppc64, s390
P4	JDK-8345566	Deproblemlist test/jdk/javax/swing/JComboBox/6559152/bug6559152.java
P4	JDK-8357672	Extreme font sizes can cause font substitution
P4	JDK-8355441	Remove antipattern from PassFailJFrame.forcePass javadoc
P5	JDK-8352624	Add missing {@code} to PassFailJFrame.Builder.splitUI

client-libs/2d

Priority	Bug	Summary
P3	JDK-8312191	ColorConvertOp.filter for the default destination is too slow
P3	JDK-8355528	Update HarfBuzz to 11.2.0
P4	JDK-8358697	TextLayout/MyanmarTextTest.java passes if no Myanmar font is found

client-libs/java.awt

Priority	Bug	Summary
P2	JDK-8351907	[XWayland] [OL10] Robot.mousePress() is delivered to wrong place
P3	JDK-8185429	[macos] After a modal dialog is closed, no window becomes active
P3	JDK-8354415	[Ubuntu25.04] api/java_awt/GraphicsDevice/indexTGF.html#SetDisplayMode - setDisplayMode_REFRESH_RATE_UNKNOWN fails: Height is different on vnc
P3	JDK-8360647	[XWayland] [OL10] NumPad keys are not triggered
P3	JDK-8335468	[XWayland] JavaFX hangs when calling java.awt.Robot.getPixelColor
P3	JDK-8362390	AIX make fails in awt_GraphicsEnv.c
P3	JDK-8203867	Delete test java/awt/TrayIcon/DblClickActionEventTest/DblClickActionEventTest.html
P3	JDK-8225777	java/awt/Mixing/MixingOnDialog.java fails on Ubuntu
P3	JDK-8358452	JNI exception pending in Java_sun_awt_screencast_ScreencastHelper_remoteDesktopKeyImpl of screencast_pipewire.c:1214 (ID: 51119)
P4	JDK-8079786	[macosx] Test java/awt/Frame/DisposeParentGC/DisposeParentGC.java fails for Mac only
P4	JDK-8353655	Clean up and open source KeyEvent related tests (Part 1)
P4	JDK-8328000	Convert /java/awt/im/8154816/bug8154816.java applet test to main
P4	JDK-8328190	Convert AWTPanelSmoothWheel.html applet test to main
P4	JDK-8328225	Convert ImageDecoratedDnD.html applet test to main
P4	JDK-8328012	Convert InputMethod (/java/awt/im) applet tests to main
P4	JDK-8328367	Convert java/awt/Component/UpdatingBootTime test to main
P4	JDK-8328279	Convert java/awt/Cursor/CursorOverlappedPanelsTest test to main
P4	JDK-8328378	Convert java/awt/FileDialog/FileDialogForDirectories test to main
P4	JDK-8328382	Convert java/awt/FileDialog/FileDialogForPackages test to main
P4	JDK-8328384	Convert java/awt/FileDialog/FileDialogOpenDirTest test to main
P4	JDK-8328385	Convert java/awt/FileDialog/FileDialogReturnTest test to main
P4	JDK-8328386	Convert java/awt/FileDialog/FileNameOverrideTest test to main
P4	JDK-8327838	Convert java/awt/FileDialog/MultipleMode/MultipleMode.html applet test to main
P4	JDK-8327835	Convert java/awt/FileDialog/RegexpFilterTest/RegexpFilterTest applet test to main
P4	JDK-8327972	Convert java/awt/FileDialog/SaveFileNameOverrideTest/SaveFileNameOverrideTest.html applet test to main
P4	JDK-8328401	Convert java/awt/Frame/InitialMaximizedTest/InitialMaximizedTest.html applet test to automated
P4	JDK-8328398	Convert java/awt/im/4490692/bug4490692.html applet test to main
P4	JDK-8328631	Convert java/awt/InputMethods/InputMethodsTest/InputMethodsTest.java applet test to manual
P4	JDK-8343977	Convert java/awt/TextArea/TextAreaCursorTest/HoveringAndDraggingTest to main
P4	JDK-8355366	Fix the wrong usage of PassFailJFrame.forcePass() in some manual tests
P4	JDK-8202667	java/awt/Debug/DumpOnKey/DumpOnKey.java times out on Windows
P4	JDK-8196017	java/awt/Mouse/GetMousePositionTest/GetMousePositionWithPopup.java fails
P4	JDK-8334016	Make PrintNullString.java automatic
P4	JDK-8352860	Open source events tests batch0
P4	JDK-8353126	Open source events tests batch1
P4	JDK-8353549	Open source events tests batch2
P4	JDK-8351277	Remove pipewire from AIX build
P4	JDK-8343618	Stack smashing in awt_InputMethod.c on Linux s390x
P4	JDK-8341370	Test java/awt/Frame/ShapeNotSetSometimes/ShapeNotSetSometimes.java fails intermittently on macOS-aarch64
P4	JDK-8339561	The test/jdk/java/awt/Paint/ListRepaint.java may fail after JDK-8327401

client-libs/javax.accessibility

Priority	Bug	Summary
P3	JDK-8341311	[Accessibility,macOS,VoiceOver] VoiceOver announces incorrect number of items in submenu of JPopupMenu

client-libs/javax.swing

Priority	Bug	Summary
P3	JDK-8042381	Test javax/swing/JRootPane/4670486/bug4670486.java fails with Action has not been received
P3	JDK-8334457	Test javax/swing/JTabbedPane/bug4666224.java fail on macOS with because pressing the ‘C’ key does not switch the layout to WRAP_TAB_LAYOUT
P4	JDK-8328089	Automate javax/swing/JTable/4222153/bug4222153.java applet test
P4	JDK-8328087	Automate javax/swing/JTable/TAB/TAB.java applet test
P4	JDK-8328570	Convert closed JViewport manual applet tests to main
P4	JDK-8327826	Convert javax/swing/border/Test4243289.java applet test to main
P4	JDK-8327873	Convert javax/swing/border/Test4247606.java applet test to main
P4	JDK-8327876	Convert javax/swing/border/Test4252164.java applet test to main
P4	JDK-8327879	Convert javax/swing/border/Test4760089.java applet test to main
P4	JDK-8327969	Convert javax/swing/border/Test6910490.java applet test to main
P4	JDK-8327750	Convert javax/swing/JFileChooser/FileFilterDescription/FileFilterDescription.java applet test to main
P4	JDK-8327751	Convert javax/swing/JInternalFrame/6726866/bug6726866.java applet test to main
P4	JDK-8327752	Convert javax/swing/JOptionPane/4174551/bug4174551.java applet to main
P4	JDK-8327753	Convert javax/swing/JOptionPane/8024926/bug8024926.java applet to main
P4	JDK-8327754	Convert javax/swing/JPopupMenu/7160604/bug7160604.java applet to main
P4	JDK-8327755	Convert javax/swing/JScrollBar/8039464/Test8039464.java applet to main
P4	JDK-8327756	Convert javax/swing/JSlider/4987336/bug4987336.java applet to main
P4	JDK-8328248	Convert javax/swing/JSlider/6587742/bug6587742.java applet test to main
P4	JDK-8328244	Convert javax/swing/JSlider/6742358/bug6742358.java applet test to main
P4	JDK-8328262	Convert javax/swing/JSplitPane/8132123/bug8132123.java applet test to main
P4	JDK-8328328	Convert javax/swing/JTabbedPane/4666224/bug4666224.java applet test to main
P4	JDK-8327872	Convert javax/swing/JToolTip/4644444/bug4644444.java applet test to main
P4	JDK-8327874	Convert javax/swing/JTree/4314199/bug4314199.java applet test to main
P4	JDK-8328030	Convert javax/swing/text/GlyphView/4984669/bug4984669.java applet test to main
P4	JDK-8328035	Convert javax/swing/text/html/TableView/7030332/bug7030332.java applet test to main
P4	JDK-8328154	Convert sun/java2d/loops/CopyAreaSpeed.java applet test to main
P4	JDK-8280818	Expand bug8033699.java to iterate over all LaFs
P4	JDK-8345767	javax/swing/JSplitPane/4164779/JSplitPaneKeyboardNavigationTest.java fails in ubuntu22.04
P4	JDK-8344338	javax/swing/JTextArea/bug4265784.java fails on Ubuntu 24.04.1
P4	JDK-8355429	Open source ProgressMonitor test
P4	JDK-8353000	Open source several swing tests batch2
P4	JDK-8353213	Open source several swing tests batch3
P4	JDK-8353293	Open source several swing tests batch4
P4	JDK-8353748	Open source several swing tests batch6
P4	JDK-8354285	Open source Swing tests Batch 3
P4	JDK-8353304	Open source two JTabbedPane tests
P4	JDK-8352677	Opensource JMenu tests - series2
P4	JDK-8351884	Refactor bug8033699.java test code
P4	JDK-8266247	Swing test bug7154030.java sometimes fails on macOS 11 ARM
P4	JDK-8266246	Swing test PressedIconTest.java sometimes fails on macOS 11 ARM
P4	JDK-8335131	Test "javax/swing/JColorChooser/Test6977726.java" failed on ubuntu x64 because "Preview" title is missing for GTK L&F
P4	JDK-8326606	Test javax/swing/text/BoxView/6494356/bug6494356.java performs a synchronization on a value based class

core-libs

Priority	Bug	Summary
P4	JDK-8335252	Reduce size of j.u.Formatter.Conversion#isValid
P4	JDK-8339834	Replace usages of -mx and -ms in some tests

core-libs/java.io

Priority	Bug	Summary
P4	JDK-8136895	Writer not closed with disk full error, file resource leaked

core-libs/java.lang

Priority	Bug	Summary
P4	JDK-8353489	Increase timeout and improve Windows compatibility in test/jdk/java/lang/ProcessBuilder/Basic.java
P4	JDK-8334394	Race condition in Class::protectionDomain

core-libs/java.math

Priority	Bug	Summary
P4	JDK-8319174	Enhance robustness of some j.m.BigInteger constructors

core-libs/java.net

Priority	Bug	Summary
P3	JDK-8299338	AssertionError in ResponseSubscribers$HttpResponseInputStream::onSubscribe
P3	JDK-8294916	Cancelling a request must eventually cause its response body subscriber to be unregistered
P3	JDK-8343855	HTTP/2 ConnectionWindowUpdateSender may miss some unprocessed DataFrames from closed streams
P3	JDK-8277969	HttpClient SelectorManager shuts down when custom Executor rejects a task
P3	JDK-8286171	HttpClient/2 : Expect:100-Continue blocks indefinitely when response is not 100
P3	JDK-8335181	Incorrect handling of HTTP/2 GOAWAY frames in HttpClient
P3	JDK-8297424	java/net/httpclient/AsyncExecutorShutdown.java fails in AssertionError due to misplaced assert
P3	JDK-8298340	java/net/httpclient/CancelRequestTest.java fails with AssertionError: Found some subscribers for testPostInterrupt
P3	JDK-8298931	java/net/httpclient/CancelStreamedBodyTest.java fails with AssertionError due to Pending TCP connections: 1
P3	JDK-8307648	java/net/httpclient/ExpectContinueTest.java timed out
P4	JDK-8274453	(sctp) com/sun/nio/sctp/SctpChannel/CloseDescriptors.java test should be resilient to lsof warnings
P4	JDK-8355578	[java.net] Use @requires tag instead of exiting based on "os.name" property value
P4	JDK-8351601	[JMH] test UnixSocketChannelReadWrite failed for 2 threads config
P4	JDK-8353662	Add test for non-local file URL fallback to FTP
P4	JDK-8276681	Additional malformed Javadoc inline tags in JDK source
P4	JDK-8292876	Do not include the deprecated userinfo component of the URI in HTTP/2 headers
P4	JDK-8286194	ExecutorShutdown test fails intermittently
P4	JDK-8347373	HTTP/2 flow control checks may count unprocessed data twice
P4	JDK-8317808	HTTP/2 stream cancelImpl may leave subscriber registered
P4	JDK-8301255	Http2Connection may send too many GOAWAY frames
P4	JDK-8288746	HttpClient resources could be reclaimed more eagerly
P4	JDK-8293786	HttpClient will not send more than 64 kb of data from the 2nd request in http2
P4	JDK-8316580	HttpClient with StructuredTaskScope does not close when a task fails
P4	JDK-8301004	httpclient: Add more debug to HttpResponseInputStream
P4	JDK-8342075	HttpClient: improve HTTP/2 flow control checks
P4	JDK-8293713	java/net/httpclient/BufferingSubscriberTest.java fails in timeout, blocked in submission publisher
P4	JDK-8297075	java/net/httpclient/CancelStreamedBodyTest.java fails with "java.lang.AssertionError: WARNING: tracker for HttpClientImpl(1) has outstanding operations"
P4	JDK-8217914	java/net/httpclient/ConnectTimeoutHandshakeSync.java failed on connection refused while doing POST
P4	JDK-8297200	java/net/httpclient/SpecialHeadersTest.java failed once in AssertionError due to selector thread remaining alive
P4	JDK-8301169	java/net/httpclient/ThrowingSubscribersAsInputStream.java,ThrowingSubscribersAsInputStreamAsync.java, and other httpclient tests failing on windows: Unable to establish loopback connection
P4	JDK-8358617	java/net/HttpURLConnection/HttpURLConnectionExpectContinueTest.java fails with 403 due to system proxies
P4	JDK-8314978	Multiple server call from connection failing with expect100 in getOutputStream
P4	JDK-8302635	Race condition in HttpBodySubscriberWrapper when cancelling request
P4	JDK-8297149	REDO JDK-8296889: Race condition when cancelling a request
P4	JDK-8317522	Test logic for BODY_CF in AbstractThrowingSubscribers.java is wrong
P4	JDK-8343074	test/jdk/com/sun/net/httpserver/docs/test1/largefile.txt could be generated
P4	JDK-8365811	test/jdk/java/net/CookieHandler/B6644726.java failure - "Should have 5 cookies. Got only 4, expires probably didn't parse correctly"
P4	JDK-8355475	UNCTest should use an existing UNC path
P4	JDK-8308185	Update Http2TestServerConnection to use SSLSocket.startHandshake()
P4	JDK-8276401	Use blessed modifier order in java.net.http
P4	JDK-8352895	UserCookie.java runs wrong test class
P5	JDK-8275079	Remove unnecessary conversion to String in java.net.http

core-libs/java.nio.charsets

Priority	Bug	Summary
P4	JDK-8167252	Some of Charset.availableCharsets() does not contain itself

core-libs/java.rmi

Priority	Bug	Summary
P4	JDK-8303525	Refactor/cleanup open/test/jdk/javax/rmi/ssl/SSLSocketParametersTest.java

core-libs/java.text

Priority	Bug	Summary
P4	JDK-8340554	Improve MessageFormat readObject checks

core-libs/java.util

Priority	Bug	Summary
P4	JDK-8282144	RandomSupport.convertSeedBytesToLongs sign extension overwrites previous bytes
P4	JDK-8294509	The sign extension bug applies to 'public static int[] convertSeedBytesToInts(byte[] seed, int n, int z)' in RandomSupport

core-libs/java.util.concurrent

Priority	Bug	Summary
P4	JDK-8351933	Inaccurate masking of TC subfield decrement in ForkJoinPool
P4	JDK-8357285	JSR166 Test case testShutdownNow_delayedTasks failed

core-libs/java.util.jar

Priority	Bug	Summary
P4	JDK-8346871	Improve robustness of java/util/zip/EntryCount64k.java test

core-libs/java.util.regex

Priority	Bug	Summary
P4	JDK-8300207	Add a pre-check for the number of canonical equivalent permutations in j.u.r.Pattern

core-libs/java.util:i18n

Priority	Bug	Summary
P4	JDK-8348365	Bad format string in CLDRDisplayNamesTest
P4	JDK-8353713	Improve Currency.getInstance exception handling
P4	JDK-8314611	Provide more explicative error message parsing Currencies
P4	JDK-8343804	Show the default time zone with -XshowSettings option
P4	JDK-8348328	Update IANA Language Subtag Registry to Version 2025-05-15

core-libs/javax.naming

Priority	Bug	Summary
P3	JDK-8290368	Introduce LDAP and RMI protocol-specific object factory filters to JNDI implementation

core-svc/debugger

Priority	Bug	Summary
P3	JDK-8298907	nsk JDI tests pass if the debuggee failed to launch
P4	JDK-8317804	com/sun/jdi/JdwpAllowTest.java fails on Alpine 3.17 / 3.18
P4	JDK-8355453	nsk.share.jdi.Debugee.waitingEvent() does not timeout properly
P4	JDK-8330535	Update nsk/jdb tests to use driver instead of othervm
P4	JDK-8298514	vmTestbase/nsk/jdi/EventRequestManager/threadDeathRequests/thrdeathreq002/TestDescription.java fails with usage tracker
P4	JDK-8285032	vmTestbase/nsk/jdi/EventSet/suspendPolicy/suspendpolicy008/ fails with "eventSet.suspendPolicy() != policyExpected"

core-svc/java.lang.management

Priority	Bug	Summary
P3	JDK-8132785	java/lang/management/ThreadMXBean/ThreadLists.java fails intermittently
P4	JDK-8332551	Test vmTestbase/nsk/monitoring/MemoryNotificationInfo/from/from001/TestDescription.java timed out

core-svc/tools

Priority	Bug	Summary
P3	JDK-8226919	attach in linux hangs due to permission denied accessing /proc/pid/root
P3	JDK-8279005	sun/tools/jstat tests do not check for test case exit codes after JDK-8245129

hotspot/compiler

Priority	Bug	Summary
P3	JDK-8273539	[PPC64] gtest build error after JDK-8264207
P3	JDK-8354941	Build failure with glibc 2.42 due to uabs() name collision
P3	JDK-8342330	C2: "node pinned on loop exit test?" assert failure
P3	JDK-8274039	codestrings gtest fails when hsdis is present
P3	JDK-8294839	Disable StressLongCountedLoop in compiler/loopopts/TestRemoveEmptyLoop.java
P4	JDK-8350483	AArch64: turn on signum intrinsics by default on Ampere CPUs
P4	JDK-8330106	C2: VectorInsertNode::make() shouldn't call ConINode::make() directly
P4	JDK-8345471	Clean up compiler/intrinsics/sha/cli tests
P4	JDK-8264207	CodeStrings does not honour fixed address assumption.
P4	JDK-8295005	compiler/loopopts/TestRemoveEmptyLoop.java fails with release VMs after JDK-8294839
P4	JDK-8315505	CompileTask timestamp printed can overflow
P4	JDK-8295210	IR framework should not whitelist -XX:-UseTLAB

hotspot/gc

Priority	Bug	Summary
P2	JDK-8340389	vmTestbase/gc/gctests/PhantomReference/phantom001/TestDescription.java Test exit code: 97 with -Xcomp UseAVX=3
P3	JDK-8340146	ZGC: TestAllocateHeapAt.java should not run with UseLargePages
P4	JDK-8332494	java/util/zip/EntryCount64k.java failing with java.lang.RuntimeException: '\\A\\Z' missing from stderr
P4	JDK-8297499	Parallel: Missing iteration over klass when marking objArrays/objArrayOops during Full GC
P4	JDK-8285773	Replace Algorithms.eatMemory(...) with WB.fullGC() in vmTestbase/gc/gctests/ReferencesGC/ReferencesGC.java
P4	JDK-8285951	Replace Algorithms.eatMemory(...) with WB.fullGC() in vmTestbase_vm_gc_ref tests
P4	JDK-8297740	runtime/ClassUnload/UnloadTest.java failed with "Test failed: should still be live"
P5	JDK-8345173	BlockLocationPrinter::print_location misses a ResourceMark

hotspot/jfr

Priority	Bug	Summary
P4	JDK-8353235	Test jdk/jfr/api/metadata/annotations/TestPeriod.java fails with IllegalArgumentException
P4	JDK-8352879	TestPeriod.java and TestGetContentType.java run wrong test class

hotspot/jvmti

Priority	Bug	Summary
P3	JDK-8339725	Concurrent GC crashed due to GetMethodDeclaringClass
P4	JDK-8346998	Test nsk/jvmti/ResourceExhausted/resexhausted003 fails with java.lang.OutOfMemoryError when CDS is off

hotspot/runtime

Priority	Bug	Summary
P2	JDK-8351997	AArch64: Interpreter volatile reference stores with G1 are not sequentially consistent
P3	JDK-8319932	[JVMCI] class unloading related tests can fail on libgraal
P3	JDK-8357793	[PPC64] VM crashes with -XX:-UseSIGTRAP -XX:-ImplicitNullChecks
P3	JDK-8344671	Few JFR streaming tests fail with application not alive error on MacOS 15
P3	JDK-8313083	Print 'rss' and 'cache' as part of the container information
P3	JDK-8297106	Remove the -Xcheck:jni local reference capacity checking
P4	JDK-8286660	codestrings gtest fails on AArch64: "udf" in padding
P4	JDK-8276175	codestrings.validate_vm gtest still broken on ppc64 after JDK-8276046
P4	JDK-8330022	Failure test/hotspot/jtreg/vmTestbase/nsk/sysdict/share/BTreeTest.java: Could not initialize class java.util.concurrent.ThreadLocalRandom
P4	JDK-8350767	Fix -Wzero-as-null-pointer-constant warnings in nsk jni stress tests
P4	JDK-8325910	Rename jnihelper.h
P4	JDK-8334320	Replace vmTestbase/metaspace/share/TriggerUnloadingWithWhiteBox.java with ClassUnloadCommon from testlibrary
P4	JDK-8354327	Rewrite runtime/LoadClass/LoadClassNegative.java
P4	JDK-8357968	RISC-V: Interpreter volatile reference stores with G1 are not sequentially consistent
P4	JDK-8283467	runtime/Thread/StopAtExit.java needs updating
P4	JDK-8352946	SEGV_BND signal code of SIGSEGV missing from our signal-code table
P4	JDK-8353568	SEGV_BNDERR signal code adjust definition
P4	JDK-8347004	vmTestbase/metaspace/shrink_grow/ShrinkGrowTest/ShrinkGrowTest.java fails with CDS disabled

hotspot/test

Priority	Bug	Summary
P4	JDK-8332252	Clean up vmTestbase/vm/share
P4	JDK-8358004	Delete applications/scimark/Scimark.java test
P4	JDK-8359272	Several vmTestbase/compact tests timed out on large memory machine

infrastructure

Priority	Bug	Summary
P2	JDK-8357173	Split jtreg test group jdk tier3

infrastructure/build

Priority	Bug	Summary
P3	JDK-8360042	GHA: Bump MSVC to 14.44
P4	JDK-8362582	GHA: Increase bundle retention time to deal with infra overload better
P4	JDK-8363965	GHA: Switch cross-compiling sysroots to Debian bookworm
P4	JDK-8361478	GHA: Use MSYS2 from GHA runners
P4	JDK-8349214	Improve size optimization flags for MSVC builds
P4	JDK-8355249	Remove the use of WMIC from the entire source code
P4	JDK-8358538	Update GHA Windows runner to 2025
P4	JDK-8340185	Use make -k on GHA to catch more build errors

infrastructure/release_eng

Priority	Bug	Summary
P4	JDK-8358660	Bump update version for OpenJDK: jdk-17.0.17

security-libs

Priority	Bug	Summary
P4	JDK-8350964	Add an ArtifactResolver.fetch(clazz) method

security-libs/java.security

Priority	Bug	Summary
P3	JDK-8361212	Remove AffirmTrust root CAs
P3	JDK-8313367	SunMSCAPI cannot read Local Computer certs w/o Windows elevation
P3	JDK-8357253	Test test/jdk/sun/security/ssl/SSLSessionImpl/ResumeClientTLS12withSNI.java writes in src dir
P3	JDK-8350830	Values converted incorrectly when reading TLS session tickets
P4	JDK-8349151	Refactor test/java/security/cert/CertificateFactory/slowstream.sh to java test
P5	JDK-8352509	Update jdk.test.lib.SecurityTools jar method to accept List parameter

security-libs/javax.crypto:pkcs11

Priority	Bug	Summary
P4	JDK-8336499	Failure when creating non-CRT RSA private keys in SunPKCS11
P4	JDK-8349849	PKCS11 SunTlsKeyMaterial crashes when used with TLS1.2 TlsKeyMaterialParameterSpec

security-libs/javax.net.ssl

Priority	Bug	Summary
P2	JDK-8349583	Add mechanism to disable signature schemes based on their TLS scope
P2	JDK-8355779	When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension
P3	JDK-8341964	Add mechanism to disable different parts of TLS cipher suite
P3	JDK-8350582	Correct the parsing of the ssl value in javax.net.debug
P4	JDK-8288209	SSL debug message wrong about unsupported authentication scheme
P4	JDK-8294985	SSLEngine throws IAE during parsing of X500Principal
P4	JDK-8355262	Test sun/security/ssl/SSLSessionImpl/NoInvalidateSocketException.java failed: accept timed out
P4	JDK-8249825	Tests sun/security/ssl/SSLSocketImpl/SetClientMode.java and NonAutoClose.java marked with @ignore

security-libs/javax.xml.crypto

Priority	Bug	Summary
P3	JDK-8344137	Update XML Security for Java to 3.0.5

security-libs/jdk.security

Priority	Bug	Summary
P4	JDK-8346285	Update jarsigner compatibility test for change in default digest algorithm

security-libs/org.ietf.jgss:krb5

Priority	Bug	Summary
P4	JDK-8352719	Add an equals sign to the modules statement

tools/javac

Priority	Bug	Summary
P4	JDK-8346751	Internal java compiler error with type annotations in constants expression in constant fields
P4	JDK-8352896	LambdaExpr02.java runs wrong test class

tools/javadoc(tool)

Priority	Bug	Summary
P4	JDK-8347381	Upgrade jQuery UI to version 1.14.1

tools/jlink

Priority	Bug	Summary
P4	JDK-8347302	Mark test tools/jimage/JImageToolTest.java as flagless

tools/jpackage

Priority	Bug	Summary
P4	JDK-8320858	Move jpackage tests to tier3

tools/jshell

Priority	Bug	Summary
P4	JDK-8312475	org.jline.util.PumpReader signed byte problem

tools/launcher

Priority	Bug	Summary
P4	JDK-8337506	Disable "best-fit" mapping on Windows command line