None.
Issue |
Description |
JDK-8290368 |
Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation
In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts:
The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the java.naming module.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the jdk.rmi module.
These new factory filter properties complement the jdk.jndi.object.factoriesFilter global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI.
An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of javax.naming.Reference instance returned, which may lead to a ClassCastException being thrown in the application.
For more information, see the java.naming and jdk.naming.rmi module-info documentation.
|
Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation
In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts:
The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories defined in the java.naming module.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value only allows object factories defined in the jdk.naming.rmi module.
These new factory filter properties complement the jdk.jndi.object.factoriesFilter global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI.
An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of javax.naming.Reference instance returned, which may lead to a ClassCastException being thrown in the application.
|
Introduce LDAP and RMI Protocol Specific Object Factory Filters to JNDI Implementation
In this release, new system and security properties are introduced to allow more granular control over the set of JNDI object factories allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts:
The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. By default, only object factories defined with the setting of the property 'jdk.jndi.ldap.object.factoriesFilter=com.sun.jndi.ldap.*;!' are allowed.
The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. By default, only object factories defined with the setting of the property jdk.jndi.rmi.object.factoriesFilter=com.sun.jndi.rmi.**;!* are allowed.
These new factory filter properties complement the jdk.jndi.object.factoriesFilter global factories filter property by determining if a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI.
An application depending on custom object factories to recreate Java objects from JNDI/LDAP or JNDI/RMI contexts will need to supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. If usage of a factory is denied, the lookup operation may result in a plain instance of javax.naming.Reference instance returned, which may lead to a ClassCastException being thrown in the application.
|
Issue |
Description |
JDK-8361212 |
Removed Four AffirmTrust Root Certificates
The following root certificates, which are deactivated and no longer in use, have been removed from the cacerts keystore:
```
+ alias name "affirmtrustcommercialca [jdk]"
Distinguished Name: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
alias name "affirmtrustnetworkingca [jdk]"
Distinguished Name: CN=AffirmTrust Networking, O=AffirmTrust, C=US
alias name "affirmtrustpremiumca [jdk]"
Distinguished Name: CN=AffirmTrust Premium, O=AffirmTrust, C=US
alias name "affirmtrustpremiumeccca [jdk]"
Distinguished Name: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
```
|
JDK-8313367 |
SunMSCAPI Provider Opens the Windows Local Computer Key Store in Read-Only Mode in Non-Elevated Processes
The Local Computer key store is accessed using the CERT_STORE_MAXIMUM_ALLOWED_FLAG . Since this store is typically managed by administrators for security reasons, processes are only given read-only access to specific private keys. By opening the store in read-only mode, non-elevated processes can now securely use these keys without requiring elevated permissions.
|
Priority |
Bug |
Summary |
P2 |
JDK-8351907 |
[XWayland] [OL10] Robot.mousePress() is delivered to wrong place |
P3 |
JDK-8185429 |
[macos] After a modal dialog is closed, no window becomes active |
P3 |
JDK-8354415 |
[Ubuntu25.04] api/java_awt/GraphicsDevice/indexTGF.html#SetDisplayMode - setDisplayMode_REFRESH_RATE_UNKNOWN fails: Height is different on vnc |
P3 |
JDK-8360647 |
[XWayland] [OL10] NumPad keys are not triggered |
P3 |
JDK-8335468 |
[XWayland] JavaFX hangs when calling java.awt.Robot.getPixelColor |
P3 |
JDK-8362390 |
AIX make fails in awt_GraphicsEnv.c |
P3 |
JDK-8203867 |
Delete test java/awt/TrayIcon/DblClickActionEventTest/DblClickActionEventTest.html |
P3 |
JDK-8225777 |
java/awt/Mixing/MixingOnDialog.java fails on Ubuntu |
P3 |
JDK-8358452 |
JNI exception pending in Java_sun_awt_screencast_ScreencastHelper_remoteDesktopKeyImpl of screencast_pipewire.c:1214 (ID: 51119) |
P4 |
JDK-8079786 |
[macosx] Test java/awt/Frame/DisposeParentGC/DisposeParentGC.java fails for Mac only |
P4 |
JDK-8353655 |
Clean up and open source KeyEvent related tests (Part 1) |
P4 |
JDK-8328000 |
Convert /java/awt/im/8154816/bug8154816.java applet test to main |
P4 |
JDK-8328190 |
Convert AWTPanelSmoothWheel.html applet test to main |
P4 |
JDK-8328225 |
Convert ImageDecoratedDnD.html applet test to main |
P4 |
JDK-8328012 |
Convert InputMethod (/java/awt/im) applet tests to main |
P4 |
JDK-8328367 |
Convert java/awt/Component/UpdatingBootTime test to main |
P4 |
JDK-8328279 |
Convert java/awt/Cursor/CursorOverlappedPanelsTest test to main |
P4 |
JDK-8328378 |
Convert java/awt/FileDialog/FileDialogForDirectories test to main |
P4 |
JDK-8328382 |
Convert java/awt/FileDialog/FileDialogForPackages test to main |
P4 |
JDK-8328384 |
Convert java/awt/FileDialog/FileDialogOpenDirTest test to main |
P4 |
JDK-8328385 |
Convert java/awt/FileDialog/FileDialogReturnTest test to main |
P4 |
JDK-8328386 |
Convert java/awt/FileDialog/FileNameOverrideTest test to main |
P4 |
JDK-8327838 |
Convert java/awt/FileDialog/MultipleMode/MultipleMode.html applet test to main |
P4 |
JDK-8327835 |
Convert java/awt/FileDialog/RegexpFilterTest/RegexpFilterTest applet test to main |
P4 |
JDK-8327972 |
Convert java/awt/FileDialog/SaveFileNameOverrideTest/SaveFileNameOverrideTest.html applet test to main |
P4 |
JDK-8328401 |
Convert java/awt/Frame/InitialMaximizedTest/InitialMaximizedTest.html applet test to automated |
P4 |
JDK-8328398 |
Convert java/awt/im/4490692/bug4490692.html applet test to main |
P4 |
JDK-8328631 |
Convert java/awt/InputMethods/InputMethodsTest/InputMethodsTest.java applet test to manual |
P4 |
JDK-8343977 |
Convert java/awt/TextArea/TextAreaCursorTest/HoveringAndDraggingTest to main |
P4 |
JDK-8355366 |
Fix the wrong usage of PassFailJFrame.forcePass() in some manual tests |
P4 |
JDK-8202667 |
java/awt/Debug/DumpOnKey/DumpOnKey.java times out on Windows |
P4 |
JDK-8196017 |
java/awt/Mouse/GetMousePositionTest/GetMousePositionWithPopup.java fails |
P4 |
JDK-8334016 |
Make PrintNullString.java automatic |
P4 |
JDK-8352860 |
Open source events tests batch0 |
P4 |
JDK-8353126 |
Open source events tests batch1 |
P4 |
JDK-8353549 |
Open source events tests batch2 |
P4 |
JDK-8351277 |
Remove pipewire from AIX build |
P4 |
JDK-8343618 |
Stack smashing in awt_InputMethod.c on Linux s390x |
P4 |
JDK-8341370 |
Test java/awt/Frame/ShapeNotSetSometimes/ShapeNotSetSometimes.java fails intermittently on macOS-aarch64 |
P4 |
JDK-8339561 |
The test/jdk/java/awt/Paint/ListRepaint.java may fail after JDK-8327401 |
Priority |
Bug |
Summary |
P3 |
JDK-8042381 |
Test javax/swing/JRootPane/4670486/bug4670486.java fails with Action has not been received |
P3 |
JDK-8334457 |
Test javax/swing/JTabbedPane/bug4666224.java fail on macOS with because pressing the āCā key does not switch the layout to WRAP_TAB_LAYOUT |
P4 |
JDK-8328089 |
Automate javax/swing/JTable/4222153/bug4222153.java applet test |
P4 |
JDK-8328087 |
Automate javax/swing/JTable/TAB/TAB.java applet test |
P4 |
JDK-8328570 |
Convert closed JViewport manual applet tests to main |
P4 |
JDK-8327826 |
Convert javax/swing/border/Test4243289.java applet test to main |
P4 |
JDK-8327873 |
Convert javax/swing/border/Test4247606.java applet test to main |
P4 |
JDK-8327876 |
Convert javax/swing/border/Test4252164.java applet test to main |
P4 |
JDK-8327879 |
Convert javax/swing/border/Test4760089.java applet test to main |
P4 |
JDK-8327969 |
Convert javax/swing/border/Test6910490.java applet test to main |
P4 |
JDK-8327750 |
Convert javax/swing/JFileChooser/FileFilterDescription/FileFilterDescription.java applet test to main |
P4 |
JDK-8327751 |
Convert javax/swing/JInternalFrame/6726866/bug6726866.java applet test to main |
P4 |
JDK-8327752 |
Convert javax/swing/JOptionPane/4174551/bug4174551.java applet to main |
P4 |
JDK-8327753 |
Convert javax/swing/JOptionPane/8024926/bug8024926.java applet to main |
P4 |
JDK-8327754 |
Convert javax/swing/JPopupMenu/7160604/bug7160604.java applet to main |
P4 |
JDK-8327755 |
Convert javax/swing/JScrollBar/8039464/Test8039464.java applet to main |
P4 |
JDK-8327756 |
Convert javax/swing/JSlider/4987336/bug4987336.java applet to main |
P4 |
JDK-8328248 |
Convert javax/swing/JSlider/6587742/bug6587742.java applet test to main |
P4 |
JDK-8328244 |
Convert javax/swing/JSlider/6742358/bug6742358.java applet test to main |
P4 |
JDK-8328262 |
Convert javax/swing/JSplitPane/8132123/bug8132123.java applet test to main |
P4 |
JDK-8328328 |
Convert javax/swing/JTabbedPane/4666224/bug4666224.java applet test to main |
P4 |
JDK-8327872 |
Convert javax/swing/JToolTip/4644444/bug4644444.java applet test to main |
P4 |
JDK-8327874 |
Convert javax/swing/JTree/4314199/bug4314199.java applet test to main |
P4 |
JDK-8328030 |
Convert javax/swing/text/GlyphView/4984669/bug4984669.java applet test to main |
P4 |
JDK-8328035 |
Convert javax/swing/text/html/TableView/7030332/bug7030332.java applet test to main |
P4 |
JDK-8328154 |
Convert sun/java2d/loops/CopyAreaSpeed.java applet test to main |
P4 |
JDK-8280818 |
Expand bug8033699.java to iterate over all LaFs |
P4 |
JDK-8345767 |
javax/swing/JSplitPane/4164779/JSplitPaneKeyboardNavigationTest.java fails in ubuntu22.04 |
P4 |
JDK-8344338 |
javax/swing/JTextArea/bug4265784.java fails on Ubuntu 24.04.1 |
P4 |
JDK-8355429 |
Open source ProgressMonitor test |
P4 |
JDK-8353000 |
Open source several swing tests batch2 |
P4 |
JDK-8353213 |
Open source several swing tests batch3 |
P4 |
JDK-8353293 |
Open source several swing tests batch4 |
P4 |
JDK-8353748 |
Open source several swing tests batch6 |
P4 |
JDK-8354285 |
Open source Swing tests Batch 3 |
P4 |
JDK-8353304 |
Open source two JTabbedPane tests |
P4 |
JDK-8352677 |
Opensource JMenu tests - series2 |
P4 |
JDK-8351884 |
Refactor bug8033699.java test code |
P4 |
JDK-8266247 |
Swing test bug7154030.java sometimes fails on macOS 11 ARM |
P4 |
JDK-8266246 |
Swing test PressedIconTest.java sometimes fails on macOS 11 ARM |
P4 |
JDK-8335131 |
Test "javax/swing/JColorChooser/Test6977726.java" failed on ubuntu x64 because "Preview" title is missing for GTK L&F |
P4 |
JDK-8326606 |
Test javax/swing/text/BoxView/6494356/bug6494356.java performs a synchronization on a value based class |
Priority |
Bug |
Summary |
P3 |
JDK-8299338 |
AssertionError in ResponseSubscribers$HttpResponseInputStream::onSubscribe |
P3 |
JDK-8294916 |
Cancelling a request must eventually cause its response body subscriber to be unregistered |
P3 |
JDK-8343855 |
HTTP/2 ConnectionWindowUpdateSender may miss some unprocessed DataFrames from closed streams |
P3 |
JDK-8277969 |
HttpClient SelectorManager shuts down when custom Executor rejects a task |
P3 |
JDK-8286171 |
HttpClient/2 : Expect:100-Continue blocks indefinitely when response is not 100 |
P3 |
JDK-8335181 |
Incorrect handling of HTTP/2 GOAWAY frames in HttpClient |
P3 |
JDK-8297424 |
java/net/httpclient/AsyncExecutorShutdown.java fails in AssertionError due to misplaced assert |
P3 |
JDK-8298340 |
java/net/httpclient/CancelRequestTest.java fails with AssertionError: Found some subscribers for testPostInterrupt |
P3 |
JDK-8298931 |
java/net/httpclient/CancelStreamedBodyTest.java fails with AssertionError due to Pending TCP connections: 1 |
P3 |
JDK-8307648 |
java/net/httpclient/ExpectContinueTest.java timed out |
P4 |
JDK-8274453 |
(sctp) com/sun/nio/sctp/SctpChannel/CloseDescriptors.java test should be resilient to lsof warnings |
P4 |
JDK-8355578 |
[java.net] Use @requires tag instead of exiting based on "os.name" property value |
P4 |
JDK-8351601 |
[JMH] test UnixSocketChannelReadWrite failed for 2 threads config |
P4 |
JDK-8353662 |
Add test for non-local file URL fallback to FTP |
P4 |
JDK-8276681 |
Additional malformed Javadoc inline tags in JDK source |
P4 |
JDK-8292876 |
Do not include the deprecated userinfo component of the URI in HTTP/2 headers |
P4 |
JDK-8286194 |
ExecutorShutdown test fails intermittently |
P4 |
JDK-8347373 |
HTTP/2 flow control checks may count unprocessed data twice |
P4 |
JDK-8317808 |
HTTP/2 stream cancelImpl may leave subscriber registered |
P4 |
JDK-8301255 |
Http2Connection may send too many GOAWAY frames |
P4 |
JDK-8288746 |
HttpClient resources could be reclaimed more eagerly |
P4 |
JDK-8293786 |
HttpClient will not send more than 64 kb of data from the 2nd request in http2 |
P4 |
JDK-8316580 |
HttpClient with StructuredTaskScope does not close when a task fails |
P4 |
JDK-8301004 |
httpclient: Add more debug to HttpResponseInputStream |
P4 |
JDK-8342075 |
HttpClient: improve HTTP/2 flow control checks |
P4 |
JDK-8293713 |
java/net/httpclient/BufferingSubscriberTest.java fails in timeout, blocked in submission publisher |
P4 |
JDK-8297075 |
java/net/httpclient/CancelStreamedBodyTest.java fails with "java.lang.AssertionError: WARNING: tracker for HttpClientImpl(1) has outstanding operations" |
P4 |
JDK-8217914 |
java/net/httpclient/ConnectTimeoutHandshakeSync.java failed on connection refused while doing POST |
P4 |
JDK-8297200 |
java/net/httpclient/SpecialHeadersTest.java failed once in AssertionError due to selector thread remaining alive |
P4 |
JDK-8301169 |
java/net/httpclient/ThrowingSubscribersAsInputStream.java,ThrowingSubscribersAsInputStreamAsync.java, and other httpclient tests failing on windows: Unable to establish loopback connection |
P4 |
JDK-8358617 |
java/net/HttpURLConnection/HttpURLConnectionExpectContinueTest.java fails with 403 due to system proxies |
P4 |
JDK-8314978 |
Multiple server call from connection failing with expect100 in getOutputStream |
P4 |
JDK-8302635 |
Race condition in HttpBodySubscriberWrapper when cancelling request |
P4 |
JDK-8297149 |
REDO JDK-8296889: Race condition when cancelling a request |
P4 |
JDK-8317522 |
Test logic for BODY_CF in AbstractThrowingSubscribers.java is wrong |
P4 |
JDK-8343074 |
test/jdk/com/sun/net/httpserver/docs/test1/largefile.txt could be generated |
P4 |
JDK-8365811 |
test/jdk/java/net/CookieHandler/B6644726.java failure - "Should have 5 cookies. Got only 4, expires probably didn't parse correctly" |
P4 |
JDK-8355475 |
UNCTest should use an existing UNC path |
P4 |
JDK-8308185 |
Update Http2TestServerConnection to use SSLSocket.startHandshake() |
P4 |
JDK-8276401 |
Use blessed modifier order in java.net.http |
P4 |
JDK-8352895 |
UserCookie.java runs wrong test class |
P5 |
JDK-8275079 |
Remove unnecessary conversion to String in java.net.http |
Priority |
Bug |
Summary |
P3 |
JDK-8273539 |
[PPC64] gtest build error after JDK-8264207 |
P3 |
JDK-8354941 |
Build failure with glibc 2.42 due to uabs() name collision |
P3 |
JDK-8342330 |
C2: "node pinned on loop exit test?" assert failure |
P3 |
JDK-8274039 |
codestrings gtest fails when hsdis is present |
P3 |
JDK-8294839 |
Disable StressLongCountedLoop in compiler/loopopts/TestRemoveEmptyLoop.java |
P4 |
JDK-8350483 |
AArch64: turn on signum intrinsics by default on Ampere CPUs |
P4 |
JDK-8330106 |
C2: VectorInsertNode::make() shouldn't call ConINode::make() directly |
P4 |
JDK-8345471 |
Clean up compiler/intrinsics/sha/cli tests |
P4 |
JDK-8264207 |
CodeStrings does not honour fixed address assumption. |
P4 |
JDK-8295005 |
compiler/loopopts/TestRemoveEmptyLoop.java fails with release VMs after JDK-8294839 |
P4 |
JDK-8315505 |
CompileTask timestamp printed can overflow |
P4 |
JDK-8295210 |
IR framework should not whitelist -XX:-UseTLAB |
Priority |
Bug |
Summary |
P2 |
JDK-8351997 |
AArch64: Interpreter volatile reference stores with G1 are not sequentially consistent |
P3 |
JDK-8319932 |
[JVMCI] class unloading related tests can fail on libgraal |
P3 |
JDK-8357793 |
[PPC64] VM crashes with -XX:-UseSIGTRAP -XX:-ImplicitNullChecks |
P3 |
JDK-8344671 |
Few JFR streaming tests fail with application not alive error on MacOS 15 |
P3 |
JDK-8313083 |
Print 'rss' and 'cache' as part of the container information |
P3 |
JDK-8297106 |
Remove the -Xcheck:jni local reference capacity checking |
P4 |
JDK-8286660 |
codestrings gtest fails on AArch64: "udf" in padding |
P4 |
JDK-8276175 |
codestrings.validate_vm gtest still broken on ppc64 after JDK-8276046 |
P4 |
JDK-8330022 |
Failure test/hotspot/jtreg/vmTestbase/nsk/sysdict/share/BTreeTest.java: Could not initialize class java.util.concurrent.ThreadLocalRandom |
P4 |
JDK-8350767 |
Fix -Wzero-as-null-pointer-constant warnings in nsk jni stress tests |
P4 |
JDK-8325910 |
Rename jnihelper.h |
P4 |
JDK-8334320 |
Replace vmTestbase/metaspace/share/TriggerUnloadingWithWhiteBox.java with ClassUnloadCommon from testlibrary |
P4 |
JDK-8354327 |
Rewrite runtime/LoadClass/LoadClassNegative.java |
P4 |
JDK-8357968 |
RISC-V: Interpreter volatile reference stores with G1 are not sequentially consistent |
P4 |
JDK-8283467 |
runtime/Thread/StopAtExit.java needs updating |
P4 |
JDK-8352946 |
SEGV_BND signal code of SIGSEGV missing from our signal-code table |
P4 |
JDK-8353568 |
SEGV_BNDERR signal code adjust definition |
P4 |
JDK-8347004 |
vmTestbase/metaspace/shrink_grow/ShrinkGrowTest/ShrinkGrowTest.java fails with CDS disabled |