RELEASE NOTES: JDK 17.0.18

Notes generated: Thu Oct 30 06:00:02 CET 2025

JEPs

None.

RELEASE NOTES

core-libs/java.util:i18n

Issue Description
JDK-8345213

Changes to the Default Time Zone Detection on Debian-based Linux


On Debian-based Linux distributions such as Ubuntu, the /etc/timezone file was previously used to determine the JDK's default time zone (TimeZone.getDefault()). According to Debian's Wiki, /etc/localtime is now the primary source for the system's default time zone, making /etc/timezone redundant. As a result, the JDK's default time zone detection logic has been updated to use /etc/localtime instead of /etc/timezone. If /etc/localtime and /etc/timezone are inconsistent for any reason, the JDK's default time zone is now determined solely based on /etc/localtime file.


security-libs/javax.net.ssl

Issue Description
JDK-8245545

Disabled TLS_RSA Cipher Suites


The TLSRSA cipher suites have been disabled by default, by adding "TLSRSA_" to the jdk.tls.disabledAlgorithms security property in the java.security configuration file. The TLSRSA cipher suites do not preserve forward-secrecy and are not commonly used. Some TLSRSA cipher suites are already disabled because they use DES, 3DES, RC4, or NULL, which are disabled. This action disables all remaining TLSRSA cipher suites. Any attempts to use cipher suites starting with "TLSRSA" will fail with an SSLHandshakeException. Users can, at their own risk, re-enable these cipher suites by removing "TLSRSA_" from the jdk.tls.disabledAlgorithms security property. The following previously enabled cipher suites are now disabled:

TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA

JDK-8340321

Disabled SHA-1 in TLS 1.2 and DTLS 1.2 Handshake Signatures


The SHA-1 algorithm has been disabled by default in TLS 1.2 and DTLS 1.2 handshake signatures, by adding "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" to the jdk.tls.disabledAlgorithms security property in the java.security config file. RFC 9155 deprecates the use of SHA-1 in TLS 1.2 and DTLS 1.2 digital signatures. Users can, at their own risk, re-enable the SHA-1 algorithm in TLS 1.2 and DTLS 1.2 handshake signatures by removing "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" from the jdk.tls.disabledAlgorithms security property.


FIXED ISSUES

client-libs

Priority Bug Summary
P4 JDK-8366764 Deproblemlist java/awt/ScrollPane/ScrollPositionTest.java
P4 JDK-8302838 jabswitch main() should avoid calling exit explicitly

client-libs/2d

Priority Bug Summary
P3 JDK-8347377 Add validation checks for ICC_Profile header fields
P3 JDK-8361748 Enforce limits on the size of an XBM image
P3 JDK-8292214 Memory leak in getAllConfigs of awt_GraphicsEnv.c:386
P4 JDK-8363676 [GCC static analyzer] missing return value check of malloc in OGLContext_SetTransform
P4 JDK-8364996 java/awt/font/FontNames/LocaleFamilyNames.java times out on Windows
P4 JDK-8366359 Test should throw SkippedException when there is no lpstat
P4 JDK-8362204 test/jdk/sun/awt/font/TestDevTransform.java fails on Ubuntu 24.04

client-libs/java.awt

Priority Bug Summary
P3 JDK-8354646 java.awt.TextField allows to identify the spaces in a password when double clicked at the starting and end of the text
P3 JDK-8324491 Keyboard layout didn't keep its state if it was changed when dialog was active
P3 JDK-8286159 Memory leak in getAllConfigs of awt_GraphicsEnv.c:585
P3 JDK-8332271 Reading data from the clipboard from multiple threads crashes the JVM
P4 JDK-8286447 [Linux] AWT should start in Headless mode if headful AWT library not installed
P4 JDK-8357675 Amend headless message
P4 JDK-8281440 AWT: Conversion from string literal loses const qualifier
P4 JDK-8342782 AWTEventMulticaster throws StackOverflowError using AquaButtonUI
P4 JDK-8353470 Clean up and open source couple AWT Graphics related tests (Part 2)
P4 JDK-8354106 Clean up and open source KeyEvent related tests (Part 2)
P4 JDK-8354472 Clean up and open source KeyEvent related tests (Part 3)
P4 JDK-8354653 Clean up and open source KeyEvent related tests (Part 4)
P4 JDK-8354928 Clean up and open source some miscellaneous AWT tests
P4 JDK-8353950 Clipboard interaction on Windows is unstable
P4 JDK-8328124 Convert java/awt/Frame/ShownOnPack/ShownOnPack.html applet test to main
P4 JDK-8328562 Convert java/awt/InputMethods/DiacriticsTest/DiacriticsTest.java applet test to main
P4 JDK-8355478 DoubleActionESC.java fails intermittently
P4 JDK-8367348 Enhance PassFailJFrame to support links in HTML
P4 JDK-8347277 java/awt/Focus/ComponentLostFocusTest.java fails intermittently
P4 JDK-8356145 ListEnterExitTest.java fails on macos
P4 JDK-8356752 Log mouse enter and exit events for debugging
P4 JDK-8340354 Open source AWT desktop properties and print related tests
P4 JDK-8339962 Open source AWT TextField tests - Set1
P4 JDK-8354495 Open source several AWT DataTransfer tests
P4 JDK-8340015 Open source several AWT focus tests - series 7
P4 JDK-8354248 Open source several AWT GridBagLayout and List tests
P4 JDK-8353445 Open source several AWT Menu tests - Batch 1
P4 JDK-8353957 Open source several AWT ScrollPane tests - Batch 1
P4 JDK-8353958 Open source several AWT ScrollPane tests - Batch 2
P4 JDK-8352793 Open source several AWT TextComponent tests - Batch 1
P4 JDK-8352865 Open source several AWT TextComponent tests - Batch 2
P4 JDK-8354553 Open source several clipboard tests batch0
P4 JDK-8353592 Open source several scrollbar tests
P4 JDK-8353586 Open source several toolkit tests
P4 JDK-8354365 Opensource few Modal and Full Screen related tests
P4 JDK-8354493 Opensource Several MultiScreen and Insets related tests
P4 JDK-8367017 Remove legacy checks from WrappedToolkitTest and convert from bash
P4 JDK-8359687 Use PassFailJFrame for java/awt/print/Dialog/DialogType.java

client-libs/java.beans

Priority Bug Summary
P3 JDK-8347826 Introspector shows wrong method list after 8071693

client-libs/javax.accessibility

Priority Bug Summary
P4 JDK-8281523 Accessibility: Conversion from string literal loses const qualifier

client-libs/javax.sound

Priority Bug Summary
P3 JDK-8350813 Rendering of bulky sound bank from MIDI sequence can cause OutOfMemoryError

client-libs/javax.swing

Priority Bug Summary
P3 JDK-8357305 Compilation failure in javax/swing/JMenuItem/bug6197830.java
P3 JDK-8358532 JFileChooser in GTK L&F still displays HTML filename
P3 JDK-8139228 JFileChooser renders file names as HTML document
P3 JDK-8140527 JInternalFrame has incorrect title button width
P3 JDK-8236907 JTable added to nested panels does not paint last visible row
P3 JDK-8349188 LineBorder does not scale correctly
P3 JDK-8299553 Make ScaledEtchedBorderTest.java comprehensive
P3 JDK-8257810 Only First page are printed in JTable.scrollRectToVisible
P3 JDK-8210807 Printing a JTable with a JScrollPane prints table without rows populated
P3 JDK-8322135 Printing JTable in Windows L&F throws InternalError: HTHEME is null
P3 JDK-8294680 Refactor scaled border rendering
P4 JDK-8365425 [macos26] javax/swing/JInternalFrame/8160248/JInternalFrameDraggingTest.java fails on macOS 26
P4 JDK-8327748 Convert javax/swing/JFileChooser/6798062/bug6798062.java applet test to main
P4 JDK-8357799 Improve instructions for JFileChooser/HTMLFileName.java
P4 JDK-8365615 Improve JMenuBar/RightLeftOrientation.java
P4 JDK-8322140 javax/swing/JTable/JTableScrollPrintTest.java does not print the rows and columns of the table in Nimbus and Aqua LookAndFeel
P4 JDK-8354873 javax/swing/plaf/metal/MetalIconFactory/bug4952462.java failing on CI
P4 JDK-8346234 javax/swing/text/DefaultEditorKit/4278839/bug4278839.java still fails in CI
P4 JDK-8139392 JInternalFrame has incorrect padding
P4 JDK-8354341 Open some JTable bugs 7
P4 JDK-8354465 Open some JTable bugs 8
P4 JDK-8354466 Open some misc Swing bugs 9
P4 JDK-8353589 Open source a few Swing menu-related tests
P4 JDK-8354552 Open source a few Swing tests
P4 JDK-8354701 Open source few JToolTip tests
P4 JDK-8354532 Open source JFileChooser Tests - Set 7
P4 JDK-8352997 Open source several Swing JTabbedPane tests
P4 JDK-8354561 Open source several swing tests batch0
P4 JDK-8353309 Open source several Swing text tests
P4 JDK-8353483 Open source some JProgressBar tests
P4 JDK-8354451 Open source some more Swing popup menu tests
P4 JDK-8353011 Open source Swing JButton tests - Set 1
P4 JDK-8353319 Open source Swing tests - Set 3
P4 JDK-8353486 Open source Swing Tests - Set 4
P4 JDK-8354340 Open source Swing Tests - Set 6
P4 JDK-8354214 Open source Swing tests Batch 2
P4 JDK-8354418 Open source Swing tests Batch 4
P4 JDK-8353201 Open source Swing Tooltip tests - Set 2
P4 JDK-8352678 Opensource few JMenuItem tests
P4 JDK-8328247 Remove redundant dir for tests converted from applet to main
P4 JDK-8361298 SwingUtilities/bug4967768.java fails where character P is not underline
P4 JDK-8359428 Test 'javax/swing/JTabbedPane/bug4499556.java' failed because after selecting one of L&F items, the test case automatically failed when clicking on L&F Menu button again
P4 JDK-8335986 Test javax/swing/JCheckBox/4449413/bug4449413.java fails on Windows 11 x64 because RBMenuItem's and CBMenuItem's checkmark on the left side are not visible
P5 JDK-8359418 Test "javax/swing/text/GlyphView/bug4188841.java" failed because the phrase of text pane does not match the instructions

core-libs/java.io

Priority Bug Summary
P4 JDK-8355444 [java.io] Use @requires tag instead of exiting based on "os.name" property value
P4 JDK-8360411 [TEST] open/test/jdk/java/io/File/MaxPathLength.java Refactor extract method to encapsulate Windows specific test logic
P4 JDK-8359449 [TEST] open/test/jdk/java/io/File/SymLinks.java Refactor extract method for Windows specific test
P4 JDK-8363720 Follow up to JDK-8360411 with post review comments
P4 JDK-8355558 SJIS.java test is always ignored
P4 JDK-8367869 Test java/io/FileDescriptor/Sync.java timed out
P4 JDK-8359182 Use @requires instead of SkippedException for MaxPath.java

core-libs/java.io:serialization

Priority Bug Summary
P4 JDK-8327180 Failed: java/io/ObjectStreamClass/ObjectStreamClassCaching.java#G1

core-libs/java.lang

Priority Bug Summary
P4 JDK-8362207 Add more test cases for possible double-rounding in fma
P4 JDK-8357561 BootstrapLoggerTest does not work on Ubuntu 24 with LANG de_DE.UTF-8
P4 JDK-8282047 Enhance StringDecode/Encode microbenchmarks
P4 JDK-8368192 Test java/lang/ProcessBuilder/Basic.java#id0 fails with Exception: Stack trace

core-libs/java.lang.module

Priority Bug Summary
P4 JDK-8304163 Move jdk.internal.module.ModuleInfoWriter to the test library

core-libs/java.net

Priority Bug Summary
P3 JDK-8365086 CookieStore.getURIs() and get(URI) should return an immutable List
P3 JDK-8299325 java/net/httpclient/CancelRequestTest.java fails "test CancelRequestTest.testGetSendAsync("https://localhost:46509/https1/x/same/interrupt", true, true)"
P3 JDK-8295991 java/net/httpclient/CancelRequestTest.java fails intermittently
P3 JDK-8358048 java/net/httpclient/HttpsTunnelAuthTest.java incorrectly calls Thread::stop
P4 JDK-8360408 [TEST] Use @requires tag instead of exiting based on "os.name" property value for sun/net/www/protocol/file/FileURLTest.java
P4 JDK-8361423 Add IPSupport::printPlatformSupport to java/net/NetworkInterface/IPv4Only.java
P4 JDK-8359477 com/sun/net/httpserver/Test12.java appears to have a temp file race
P4 JDK-8364263 HttpClient: Improve encapsulation of ProxyServer
P4 JDK-8288109 HttpExchangeImpl.setAttribute does not allow null value after JDK-8266897
P4 JDK-8338740 java/net/httpclient/HttpsTunnelAuthTest.java fails with java.io.IOException: HTTP/1.1 header parser received no bytes
P4 JDK-8365834 Mark java/net/httpclient/ManyRequests.java as intermittent
P4 JDK-8359402 Test CloseDescriptors.java should throw SkippedException when there is no lsof/sctp
P4 JDK-8362855 Test java/net/ipv6tests/TcpTest.java should report SkippedException when there no ia4addr or ia6addr

core-libs/java.nio

Priority Bug Summary
P4 JDK-8333783 java/nio/channels/FileChannel/directio/DirectIOTest.java is unstable with AV software

core-libs/java.nio.charsets

Priority Bug Summary
P4 JDK-8369078 Fix faulty test conversion in IllegalCharsetName.java
P4 JDK-8310049 Refactor Charset tests to use JUnit

core-libs/java.rmi

Priority Bug Summary
P4 JDK-7191877 TEST_BUG: java/rmi/transport/checkLeaseInfoLeak/CheckLeaseLeak.java failing intermittently

core-libs/java.text

Priority Bug Summary
P3 JDK-8367237 Thread-Safety Usage Warning for java.text.Collator Classes
P4 JDK-8353585 Provide ChoiceFormat#parse(String, ParsePosition) tests

core-libs/java.util

Priority Bug Summary
P4 JDK-8351567 Jar Manifest test ValueUtf8Coding produces misleading diagnostic output

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8204868 java/util/zip/ZipFile/TestCleaner.java still fails with "cleaner failed to clean zipfile."

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8369184 SimpleTimeZone equals() Returns True for Unequal Instances with Different hashCode Values
P4 JDK-8324065 Daylight saving information for `Africa/Casablanca` are incorrect
P4 JDK-8356040 java/util/PluggableLocale/LocaleNameProviderTest.java timed out
P4 JDK-8345213 JVM Prefers /etc/timezone Over /etc/localtime on Debian 12
P4 JDK-8347841 Test fixes that use deprecated time zone IDs
P4 JDK-8327434 Test java/util/PluggableLocale/TimeZoneNameProviderTest.java timed out

core-svc/java.lang.management

Priority Bug Summary
P4 JDK-8366092 [GCC static analyzer] UnixOperatingSystem.c warning: use of uninitialized value 'systemTicks'
P4 JDK-8362533 Tests sun/management/jmxremote/bootstrap/* duplicate VM flags

core-svc/javax.management

Priority Bug Summary
P2 JDK-8364484 misc tests fail with Received fatal alert: handshake_failure
P3 JDK-8358701 Remove misleading javax.management.remote API doc wording about JMX spec, and historic link to JMXMP

core-svc/tools

Priority Bug Summary
P3 JDK-8361751 Test sun/tools/jcmd/TestJcmdSanity.java timed out on Windows
P4 JDK-8318730 MonitorVmStartTerminate.java still times out after JDK-8209595
P4 JDK-8305567 serviceability/tmtools/jstat/GcTest01.java failed utils.JstatGcResults.assertConsistency

hotspot/compiler

Priority Bug Summary
P2 JDK-8358334 C2/Shenandoah: incorrect execution with Unsafe
P4 JDK-8325647 [IR framework] Only prints stdout if exitCode is 134
P4 JDK-8303089 [jittester] Add time limit to IRTree generation
P4 JDK-8355387 [jittester] Disable downcasts by default
P4 JDK-8339366 [jittester] Make it possible to generate tests without execution
P4 JDK-8288180 C2: VectorPhase must ensure that SafePointNode memory input is a MergeMemNode
P4 JDK-8314319 LogCompilation doesn't reset lateInlining when it encounters a failure.

hotspot/gc

Priority Bug Summary
P3 JDK-8360288 Shenandoah crash at size_given_klass in op_degenerated
P4 JDK-8305186 Reference.waitForReferenceProcessing should be more accessible to tests
P4 JDK-8365919 Replace currentTimeMillis with nanoTime in Stresser.java
P4 JDK-8362532 Test gc/g1/plab/* duplicate command-line options

hotspot/jfr

Priority Bug Summary
P3 JDK-8364556 JFR: Disable SymbolTableStatistics and StringTableStatistics in default.jfc
P3 JDK-8364993 JFR: Disable jdk.ModuleExport in default.jfc
P3 JDK-8369992 JFR: Disable Placeholder-, LoaderConstraints- and ProtectionDomainCacheTableStatistics in default.jfc
P4 JDK-8346875 Test jdk/jdk/jfr/event/os/TestCPULoad.java fails on macOS

hotspot/jvmti

Priority Bug Summary
P3 JDK-8304811 vmTestbase/vm/mlvm/indy/func/jvmti/stepBreakPopReturn/INDIFY_Test.java fails with JVMTI_ERROR_TYPE_MISMATCH
P4 JDK-8361314 Test serviceability/jvmti/VMEvent/MyPackage/VMEventRecursionTest.java FATAL ERROR in native method: Failed during the GetClassSignature call

hotspot/runtime

Priority Bug Summary
P2 JDK-8361754 New test runtime/jni/checked/TestCharArrayReleasing.java can cause disk full errors
P3 JDK-8361447 [REDO] Checked version of JNI ReleaseArrayElements needs to filter out known wrapped arrays
P3 JDK-8331231 containers/docker/TestContainerInfo.java fails
P3 JDK-8347129 cpuset cgroups controller is required for no good reason
P3 JDK-8364235 Fix for JDK-8361447 breaks the alignment requirements for GuardedMemory
P4 JDK-8339386 Assertion on AIX - original PC must be in the main code section of the compiled method
P4 JDK-8361253 CommandLineOptionTest library should report observed values on failure
P4 JDK-8308780 Fix the Java Integer types on Windows
P4 JDK-8297302 gtest/AsyncLogGtest.java fails AsyncLogTest.stdoutOutput_vm
P4 JDK-8320836 jtreg gtest runs should limit heap size
P4 JDK-8359207 Remove runtime/signal/TestSigusr2.java since it is always skipped
P4 JDK-8341138 Rename jtreg property docker.support as container.support
P4 JDK-8346929 runtime/ClassUnload/DictionaryDependsTest.java fails with "Test failed: should be unloaded"
P4 JDK-8252329 runtime/LoadClass/TestResize.java timed out
P4 JDK-8365913 Support latest MSC_VER in abstract_vm_version.cpp
P4 JDK-8360178 TestArguments.atojulong gtest has incorrect format string
P4 JDK-8297936 Use reachabilityFence to manage liveness in ClassUnload tests

hotspot/svc

Priority Bug Summary
P4 JDK-8350106 [PPC] Avoid ticks_unknown_not_Java AsyncGetCallTrace() if JavaFrameAnchor::_last_Java_pc not set
P4 JDK-8352800 [PPC] OpenJDK fails to build on PPC after JDK-8350106

hotspot/test

Priority Bug Summary
P4 JDK-8338428 Add logging of final VM flags while setting properties
P4 JDK-8362602 Add test.timeout.factor to CompileFactory to avoid test timeouts
P4 JDK-8356187 TestJcmd.java may incorrectly parse podman version

infrastructure

Priority Bug Summary
P4 JDK-8285915 failure_handler: gather the contents of /etc/hosts file

infrastructure/build

Priority Bug Summary
P4 JDK-8281525 Enable Zc:strictStrings flag in Visual Studio build
P4 JDK-8341097 GHA: Demote Mac x86 jobs to build only
P4 JDK-8363966 GHA: Switch cross-compiling sysroots to Debian trixie
P4 JDK-8341861 GHA: Use only retention mechanism to remove bundles
P4 JDK-8365098 make/RunTests.gmk generates a wrong path to test artifacts on Alpine
P4 JDK-8201183 sjavac build failures: "Connection attempt failed: Connection refused"

infrastructure/release_eng

Priority Bug Summary
P4 JDK-8366233 Bump update version for OpenJDK: jdk-17.0.18

other-libs

Priority Bug Summary
P4 JDK-8364597 Replace THL A29 Limited with Tencent

security-libs/java.security

Priority Bug Summary
P4 JDK-8219408 Tests should handle ${} in the view of jtreg "smart action"

security-libs/javax.crypto

Priority Bug Summary
P4 JDK-8356897 Update NSS library to 3.111

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P4 JDK-8361871 [GCC static analyzer] complains about use of uninitialized value ckpObject in p11_util.c
P4 JDK-8230016 re-visit test sun/security/pkcs11/Serialize/SerializeProvider.java
P4 JDK-8365168 Use 64-bit aligned addresses for CK_ULONG access in PKCS11 native key code

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8340321 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
P3 JDK-8245545 Disable TLS_RSA cipher suites
P4 JDK-8367133 DTLS: fragmentation of Finished message results in handshake failure
P4 JDK-8277424 javax/net/ssl/TLSCommon/TLSTest.java fails with connection refused
P4 JDK-8201778 Speed up test javax/net/ssl/DTLS/PacketLossRetransmission.java
P4 JDK-8354235 Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine

security-libs/jdk.security

Priority Bug Summary
P3 JDK-8353299 VerifyJarEntryName.java test fails
P4 JDK-8339280 jarsigner -verify performs cross-checking between CEN and LOC
P4 JDK-8365660 test/jdk/sun/security/pkcs11/KeyAgreement/ tests skipped without SkipExceprion
P4 JDK-8367782 VerifyJarEntryName.java: Fix modifyJarEntryName to operate on bytes and re-introduce verifySignatureEntryName
P5 JDK-8337723 Remove redundant tests from com/sun/security/sasl/gsskerb

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P3 JDK-8297531 sun/security/krb5/MicroTime.java fails with "Exception: What? only 100 musec precision?"
P4 JDK-8349534 Refactor jdk/sun/security/krb5/runNameEquals.sh to java test

tools/javac

Priority Bug Summary
P5 JDK-8360022 ClassRefDupInConstantPoolTest.java fails when running in repeat

tools/jpackage

Priority Bug Summary
P3 JDK-8287401 jpackage tests failing on Windows due to powershell issue
P3 JDK-8290557 tools/jpackage/share/AddLauncherTest.java#id1 failed with "ERROR: Failed: Check icon file"
P4 JDK-8343875 Minor improvements of jpackage test library
P4 JDK-8343314 Move common properties from jpackage jtreg test declarations to TEST.properties file
P4 JDK-8344326 Move jpackage tests from "jdk.jpackage.tests" package to the default package
P4 JDK-8281682 Redundant .ico files in Windows app-image cause unnecessary bloat
P4 JDK-8299278 tools/jpackage/share/AddLauncherTest.java#id1 failed AddLauncherTest.bug8230933
P4 JDK-8344275 tools/jpackage/windows/Win8301247Test.java fails on localized Windows platform
P4 JDK-8296489 tools/jpackage/windows/WinL10nTest.java fails with timeout