RELEASE NOTES: JDK 17.0.18

Notes generated: Thu Oct 09 05:53:58 CEST 2025

JEPs

None.

RELEASE NOTES

security-libs/javax.net.ssl

Issue Description
JDK-8245545

Disabled TLS_RSA Cipher Suites


The TLSRSA cipher suites have been disabled by default, by adding "TLSRSA_" to the jdk.tls.disabledAlgorithms security property in the java.security configuration file. The TLSRSA cipher suites do not preserve forward-secrecy and are not commonly used. Some TLSRSA cipher suites are already disabled because they use DES, 3DES, RC4, or NULL, which are disabled. This action disables all remaining TLSRSA cipher suites. Any attempts to use cipher suites starting with "TLSRSA" will fail with an SSLHandshakeException. Users can, at their own risk, re-enable these cipher suites by removing "TLSRSA_" from the jdk.tls.disabledAlgorithms security property. The following previously enabled cipher suites are now disabled:

TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA

JDK-8340321

Disabled SHA-1 in TLS 1.2 and DTLS 1.2 Handshake Signatures


The SHA-1 algorithm has been disabled by default in TLS 1.2 and DTLS 1.2 handshake signatures, by adding "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" to the jdk.tls.disabledAlgorithms security property in the java.security config file. RFC 9155 deprecates the use of SHA-1 in TLS 1.2 and DTLS 1.2 digital signatures. Users can, at their own risk, re-enable the SHA-1 algorithm in TLS 1.2 and DTLS 1.2 handshake signatures by removing "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" from the jdk.tls.disabledAlgorithms security property.


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P3 JDK-8347377 Add validation checks for ICC_Profile header fields
P3 JDK-8361748 Enforce limits on the size of an XBM image
P3 JDK-8292214 Memory leak in getAllConfigs of awt_GraphicsEnv.c:386
P4 JDK-8362204 test/jdk/sun/awt/font/TestDevTransform.java fails on Ubuntu 24.04

client-libs/java.awt

Priority Bug Summary
P3 JDK-8354646 java.awt.TextField allows to identify the spaces in a password when double clicked at the starting and end of the text
P3 JDK-8324491 Keyboard layout didn't keep its state if it was changed when dialog was active
P3 JDK-8286159 Memory leak in getAllConfigs of awt_GraphicsEnv.c:585
P3 JDK-8332271 Reading data from the clipboard from multiple threads crashes the JVM
P4 JDK-8286447 [Linux] AWT should start in Headless mode if headful AWT library not installed
P4 JDK-8357675 Amend headless message
P4 JDK-8342782 AWTEventMulticaster throws StackOverflowError using AquaButtonUI
P4 JDK-8354106 Clean up and open source KeyEvent related tests (Part 2)
P4 JDK-8354472 Clean up and open source KeyEvent related tests (Part 3)
P4 JDK-8354653 Clean up and open source KeyEvent related tests (Part 4)
P4 JDK-8353950 Clipboard interaction on Windows is unstable
P4 JDK-8328124 Convert java/awt/Frame/ShownOnPack/ShownOnPack.html applet test to main
P4 JDK-8328562 Convert java/awt/InputMethods/DiacriticsTest/DiacriticsTest.java applet test to main
P4 JDK-8355478 DoubleActionESC.java fails intermittently
P4 JDK-8347277 java/awt/Focus/ComponentLostFocusTest.java fails intermittently
P4 JDK-8339962 Open source AWT TextField tests - Set1
P4 JDK-8354495 Open source several AWT DataTransfer tests
P4 JDK-8340015 Open source several AWT focus tests - series 7
P4 JDK-8354248 Open source several AWT GridBagLayout and List tests
P4 JDK-8353445 Open source several AWT Menu tests - Batch 1
P4 JDK-8353957 Open source several AWT ScrollPane tests - Batch 1
P4 JDK-8353958 Open source several AWT ScrollPane tests - Batch 2
P4 JDK-8352793 Open source several AWT TextComponent tests - Batch 1
P4 JDK-8352865 Open source several AWT TextComponent tests - Batch 2
P4 JDK-8353592 Open source several scrollbar tests
P4 JDK-8353586 Open source several toolkit tests
P4 JDK-8367017 Remove legacy checks from WrappedToolkitTest and convert from bash
P4 JDK-8359687 Use PassFailJFrame for java/awt/print/Dialog/DialogType.java

client-libs/java.beans

Priority Bug Summary
P3 JDK-8347826 Introspector shows wrong method list after 8071693

client-libs/javax.sound

Priority Bug Summary
P3 JDK-8350813 Rendering of bulky sound bank from MIDI sequence can cause OutOfMemoryError

client-libs/javax.swing

Priority Bug Summary
P3 JDK-8358532 JFileChooser in GTK L&F still displays HTML filename
P3 JDK-8139228 JFileChooser renders file names as HTML document
P3 JDK-8140527 JInternalFrame has incorrect title button width
P3 JDK-8236907 JTable added to nested panels does not paint last visible row
P3 JDK-8349188 LineBorder does not scale correctly
P3 JDK-8299553 Make ScaledEtchedBorderTest.java comprehensive
P3 JDK-8257810 Only First page are printed in JTable.scrollRectToVisible
P3 JDK-8210807 Printing a JTable with a JScrollPane prints table without rows populated
P3 JDK-8322135 Printing JTable in Windows L&F throws InternalError: HTHEME is null
P3 JDK-8294680 Refactor scaled border rendering
P4 JDK-8327748 Convert javax/swing/JFileChooser/6798062/bug6798062.java applet test to main
P4 JDK-8322140 javax/swing/JTable/JTableScrollPrintTest.java does not print the rows and columns of the table in Nimbus and Aqua LookAndFeel
P4 JDK-8354873 javax/swing/plaf/metal/MetalIconFactory/bug4952462.java failing on CI
P4 JDK-8139392 JInternalFrame has incorrect padding
P4 JDK-8353589 Open source a few Swing menu-related tests
P4 JDK-8354552 Open source a few Swing tests
P4 JDK-8354701 Open source few JToolTip tests
P4 JDK-8354532 Open source JFileChooser Tests - Set 7
P4 JDK-8353309 Open source several Swing text tests
P4 JDK-8353483 Open source some JProgressBar tests
P4 JDK-8354451 Open source some more Swing popup menu tests
P4 JDK-8353011 Open source Swing JButton tests - Set 1
P4 JDK-8353319 Open source Swing tests - Set 3
P4 JDK-8353486 Open source Swing Tests - Set 4
P4 JDK-8354340 Open source Swing Tests - Set 6
P4 JDK-8354214 Open source Swing tests Batch 2
P4 JDK-8354418 Open source Swing tests Batch 4
P4 JDK-8353201 Open source Swing Tooltip tests - Set 2
P4 JDK-8328247 Remove redundant dir for tests converted from applet to main
P4 JDK-8361298 SwingUtilities/bug4967768.java fails where character P is not underline
P4 JDK-8359428 Test 'javax/swing/JTabbedPane/bug4499556.java' failed because after selecting one of L&F items, the test case automatically failed when clicking on L&F Menu button again
P4 JDK-8335986 Test javax/swing/JCheckBox/4449413/bug4449413.java fails on Windows 11 x64 because RBMenuItem's and CBMenuItem's checkmark on the left side are not visible
P5 JDK-8359418 Test "javax/swing/text/GlyphView/bug4188841.java" failed because the phrase of text pane does not match the instructions

core-libs/java.io

Priority Bug Summary
P4 JDK-8355444 [java.io] Use @requires tag instead of exiting based on "os.name" property value
P4 JDK-8360411 [TEST] open/test/jdk/java/io/File/MaxPathLength.java Refactor extract method to encapsulate Windows specific test logic
P4 JDK-8359449 [TEST] open/test/jdk/java/io/File/SymLinks.java Refactor extract method for Windows specific test
P4 JDK-8363720 Follow up to JDK-8360411 with post review comments
P4 JDK-8355558 SJIS.java test is always ignored
P4 JDK-8359182 Use @requires instead of SkippedException for MaxPath.java

core-libs/java.lang

Priority Bug Summary
P4 JDK-8282047 Enhance StringDecode/Encode microbenchmarks

core-libs/java.lang.module

Priority Bug Summary
P4 JDK-8304163 Move jdk.internal.module.ModuleInfoWriter to the test library

core-libs/java.net

Priority Bug Summary
P3 JDK-8358048 java/net/httpclient/HttpsTunnelAuthTest.java incorrectly calls Thread::stop
P4 JDK-8360408 [TEST] Use @requires tag instead of exiting based on "os.name" property value for sun/net/www/protocol/file/FileURLTest.java
P4 JDK-8288109 HttpExchangeImpl.setAttribute does not allow null value after JDK-8266897
P4 JDK-8338740 java/net/httpclient/HttpsTunnelAuthTest.java fails with java.io.IOException: HTTP/1.1 header parser received no bytes
P4 JDK-8359402 Test CloseDescriptors.java should throw SkippedException when there is no lsof/sctp
P4 JDK-8362855 Test java/net/ipv6tests/TcpTest.java should report SkippedException when there no ia4addr or ia6addr

core-libs/java.nio.charsets

Priority Bug Summary
P4 JDK-8310049 Refactor Charset tests to use JUnit

core-libs/java.text

Priority Bug Summary
P4 JDK-8353585 Provide ChoiceFormat#parse(String, ParsePosition) tests

core-libs/java.util

Priority Bug Summary
P4 JDK-8351567 Jar Manifest test ValueUtf8Coding produces misleading diagnostic output

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8204868 java/util/zip/ZipFile/TestCleaner.java still fails with "cleaner failed to clean zipfile."

core-libs/java.util:i18n

Priority Bug Summary
P4 JDK-8356040 java/util/PluggableLocale/LocaleNameProviderTest.java timed out

core-svc/javax.management

Priority Bug Summary
P2 JDK-8364484 misc tests fail with Received fatal alert: handshake_failure
P3 JDK-8358701 Remove misleading javax.management.remote API doc wording about JMX spec, and historic link to JMXMP

core-svc/tools

Priority Bug Summary
P3 JDK-8361751 Test sun/tools/jcmd/TestJcmdSanity.java timed out on Windows
P4 JDK-8318730 MonitorVmStartTerminate.java still times out after JDK-8209595
P4 JDK-8305567 serviceability/tmtools/jstat/GcTest01.java failed utils.JstatGcResults.assertConsistency

hotspot/compiler

Priority Bug Summary
P2 JDK-8358334 C2/Shenandoah: incorrect execution with Unsafe
P4 JDK-8325647 [IR framework] Only prints stdout if exitCode is 134
P4 JDK-8288180 C2: VectorPhase must ensure that SafePointNode memory input is a MergeMemNode
P4 JDK-8314319 LogCompilation doesn't reset lateInlining when it encounters a failure.

hotspot/gc

Priority Bug Summary
P4 JDK-8365919 Replace currentTimeMillis with nanoTime in Stresser.java
P4 JDK-8362532 Test gc/g1/plab/* duplicate command-line options

hotspot/jvmti

Priority Bug Summary
P4 JDK-8361314 Test serviceability/jvmti/VMEvent/MyPackage/VMEventRecursionTest.java FATAL ERROR in native method: Failed during the GetClassSignature call

hotspot/runtime

Priority Bug Summary
P3 JDK-8331231 containers/docker/TestContainerInfo.java fails
P3 JDK-8347129 cpuset cgroups controller is required for no good reason
P4 JDK-8339386 Assertion on AIX - original PC must be in the main code section of the compiled method
P4 JDK-8297302 gtest/AsyncLogGtest.java fails AsyncLogTest.stdoutOutput_vm
P4 JDK-8320836 jtreg gtest runs should limit heap size
P4 JDK-8359207 Remove runtime/signal/TestSigusr2.java since it is always skipped
P4 JDK-8341138 Rename jtreg property docker.support as container.support
P4 JDK-8346929 runtime/ClassUnload/DictionaryDependsTest.java fails with "Test failed: should be unloaded"
P4 JDK-8252329 runtime/LoadClass/TestResize.java timed out
P4 JDK-8365913 Support latest MSC_VER in abstract_vm_version.cpp
P4 JDK-8297936 Use reachabilityFence to manage liveness in ClassUnload tests

hotspot/svc

Priority Bug Summary
P4 JDK-8350106 [PPC] Avoid ticks_unknown_not_Java AsyncGetCallTrace() if JavaFrameAnchor::_last_Java_pc not set
P4 JDK-8352800 [PPC] OpenJDK fails to build on PPC after JDK-8350106

hotspot/test

Priority Bug Summary
P4 JDK-8338428 Add logging of final VM flags while setting properties
P4 JDK-8362602 Add test.timeout.factor to CompileFactory to avoid test timeouts
P4 JDK-8356187 TestJcmd.java may incorrectly parse podman version

infrastructure

Priority Bug Summary
P4 JDK-8285915 failure_handler: gather the contents of /etc/hosts file

infrastructure/build

Priority Bug Summary
P4 JDK-8363966 GHA: Switch cross-compiling sysroots to Debian trixie
P4 JDK-8365098 make/RunTests.gmk generates a wrong path to test artifacts on Alpine
P4 JDK-8201183 sjavac build failures: "Connection attempt failed: Connection refused"

infrastructure/release_eng

Priority Bug Summary
P4 JDK-8366233 Bump update version for OpenJDK: jdk-17.0.18

other-libs

Priority Bug Summary
P4 JDK-8364597 Replace THL A29 Limited with Tencent

security-libs/java.security

Priority Bug Summary
P4 JDK-8219408 Tests should handle ${} in the view of jtreg "smart action"

security-libs/javax.crypto

Priority Bug Summary
P4 JDK-8356897 Update NSS library to 3.111

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P4 JDK-8230016 re-visit test sun/security/pkcs11/Serialize/SerializeProvider.java
P4 JDK-8365168 Use 64-bit aligned addresses for CK_ULONG access in PKCS11 native key code

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8340321 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
P3 JDK-8245545 Disable TLS_RSA cipher suites
P4 JDK-8277424 javax/net/ssl/TLSCommon/TLSTest.java fails with connection refused

security-libs/jdk.security

Priority Bug Summary
P3 JDK-8353299 VerifyJarEntryName.java test fails
P4 JDK-8339280 jarsigner -verify performs cross-checking between CEN and LOC
P4 JDK-8367782 VerifyJarEntryName.java: Fix modifyJarEntryName to operate on bytes and re-introduce verifySignatureEntryName
P5 JDK-8337723 Remove redundant tests from com/sun/security/sasl/gsskerb