RELEASE NOTES FOR: 21.0.10 ==================================================================================================== Notes generated: Wed Oct 29 06:43:24 CET 2025 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: core-libs/java.util:i18n: JDK-8345213: Changes to the Default Time Zone Detection on Debian-based Linux On Debian-based Linux distributions such as Ubuntu, the `/etc/timezone` file was previously used to determine the JDK's default time zone (`TimeZone.getDefault()`). According to [Debian's Wiki](https://wiki.debian.org/TimeZoneChanges#Check_Configured_Timezone), `/etc/localtime` is now the primary source for the system's default time zone, making `/etc/timezone` redundant. As a result, the JDK's default time zone detection logic has been updated to use `/etc/localtime` instead of `/etc/timezone`. If `/etc/localtime` and `/etc/timezone` are inconsistent for any reason, the JDK's default time zone is now determined solely based on `/etc/localtime` file. security-libs/javax.net.ssl: JDK-8245545: Disabled TLS_RSA Cipher Suites The TLS_RSA cipher suites have been disabled by default, by adding "TLS_RSA_*" to the `jdk.tls.disabledAlgorithms` security property in the `java.security` configuration file. The TLS_RSA cipher suites do not preserve forward-secrecy and are not commonly used. Some TLS_RSA cipher suites are already disabled because they use DES, 3DES, RC4, or NULL, which are disabled. This action disables all remaining TLS_RSA cipher suites. Any attempts to use cipher suites starting with "TLS_RSA_" will fail with an `SSLHandshakeException`. Users can, at their own risk, re-enable these cipher suites by removing "TLS_RSA_*" from the `jdk.tls.disabledAlgorithms` security property. The following previously enabled cipher suites are now disabled: TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA JDK-8340321: Disabled SHA-1 in TLS 1.2 and DTLS 1.2 Handshake Signatures The SHA-1 algorithm has been disabled by default in TLS 1.2 and DTLS 1.2 handshake signatures, by adding `"rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature"` to the `jdk.tls.disabledAlgorithms` security property in the `java.security` config file. RFC 9155 deprecates the use of SHA-1 in TLS 1.2 and DTLS 1.2 digital signatures. Users can, at their own risk, re-enable the SHA-1 algorithm in TLS 1.2 and DTLS 1.2 handshake signatures by removing `"rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature"` from the `jdk.tls.disabledAlgorithms` security property. ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: client-libs: (P4) JDK-8366764: Deproblemlist java/awt/ScrollPane/ScrollPositionTest.java (P4) JDK-8307160: Fix AWT/2D/A11Y to support the permissive- flag on the Microsoft Visual C compiler client-libs/2d: (P3) JDK-8347377: Add validation checks for ICC_Profile header fields (P3) JDK-8361748: Enforce limits on the size of an XBM image (P3) JDK-8367384: The ICC_Profile class may throw exceptions during serialization (P3) JDK-8366208: Unexpected exception in sun.java2d.cmm.lcms.LCMSImageLayout (P4) JDK-8363676: [GCC static analyzer] missing return value check of malloc in OGLContext_SetTransform (P4) JDK-8364996: java/awt/font/FontNames/LocaleFamilyNames.java times out on Windows (P4) JDK-8366359: Test should throw SkippedException when there is no lpstat (P4) JDK-8362204: test/jdk/sun/awt/font/TestDevTransform.java fails on Ubuntu 24.04 (P5) JDK-8318850: Duplicate code in the LCMSImageLayout client-libs/java.awt: (P3) JDK-8354646: java.awt.TextField allows to identify the spaces in a password when double clicked at the starting and end of the text (P3) JDK-8324491: Keyboard layout didn't keep its state if it was changed when dialog was active (P4) JDK-8353470: Clean up and open source couple AWT Graphics related tests (Part 2) (P4) JDK-8354106: Clean up and open source KeyEvent related tests (Part 2) (P4) JDK-8354472: Clean up and open source KeyEvent related tests (Part 3) (P4) JDK-8354653: Clean up and open source KeyEvent related tests (Part 4) (P4) JDK-8354928: Clean up and open source some miscellaneous AWT tests (P4) JDK-8328124: Convert java/awt/Frame/ShownOnPack/ShownOnPack.html applet test to main (P4) JDK-8328562: Convert java/awt/InputMethods/DiacriticsTest/DiacriticsTest.java applet test to main (P4) JDK-8355478: DoubleActionESC.java fails intermittently (P4) JDK-8367348: Enhance PassFailJFrame to support links in HTML (P4) JDK-8347277: java/awt/Focus/ComponentLostFocusTest.java fails intermittently (P4) JDK-8356145: ListEnterExitTest.java fails on macos (P4) JDK-8356752: Log mouse enter and exit events for debugging (P4) JDK-8340354: Open source AWT desktop properties and print related tests (P4) JDK-8354495: Open source several AWT DataTransfer tests (P4) JDK-8340015: Open source several AWT focus tests - series 7 (P4) JDK-8354248: Open source several AWT GridBagLayout and List tests (P4) JDK-8353445: Open source several AWT Menu tests - Batch 1 (P4) JDK-8353957: Open source several AWT ScrollPane tests - Batch 1 (P4) JDK-8353958: Open source several AWT ScrollPane tests - Batch 2 (P4) JDK-8352793: Open source several AWT TextComponent tests - Batch 1 (P4) JDK-8352865: Open source several AWT TextComponent tests - Batch 2 (P4) JDK-8354553: Open source several clipboard tests batch0 (P4) JDK-8353592: Open source several scrollbar tests (P4) JDK-8353586: Open source several toolkit tests (P4) JDK-8354365: Opensource few Modal and Full Screen related tests (P4) JDK-8354493: Opensource Several MultiScreen and Insets related tests (P4) JDK-8367017: Remove legacy checks from WrappedToolkitTest and convert from bash (P4) JDK-8359687: Use PassFailJFrame for java/awt/print/Dialog/DialogType.java (P5) JDK-8162380: [TEST_BUG] MouseEvent/.../AltGraphModifierTest.java has only "Fail" button client-libs/javax.sound: (P3) JDK-8355561: [macos] Build failure with Xcode 16.3 (P3) JDK-8350813: Rendering of bulky sound bank from MIDI sequence can cause OutOfMemoryError client-libs/javax.swing: (P3) JDK-8357305: Compilation failure in javax/swing/JMenuItem/bug6197830.java (P3) JDK-8358532: JFileChooser in GTK L&F still displays HTML filename (P3) JDK-8139228: JFileChooser renders file names as HTML document (P3) JDK-8140527: JInternalFrame has incorrect title button width (P3) JDK-8349188: LineBorder does not scale correctly (P3) JDK-8210807: Printing a JTable with a JScrollPane prints table without rows populated (P3) JDK-8322135: Printing JTable in Windows L&F throws InternalError: HTHEME is null (P4) JDK-8365425: [macos26] javax/swing/JInternalFrame/8160248/JInternalFrameDraggingTest.java fails on macOS 26 (P4) JDK-8357799: Improve instructions for JFileChooser/HTMLFileName.java (P4) JDK-8365615: Improve JMenuBar/RightLeftOrientation.java (P4) JDK-8322140: javax/swing/JTable/JTableScrollPrintTest.java does not print the rows and columns of the table in Nimbus and Aqua LookAndFeel (P4) JDK-8354873: javax/swing/plaf/metal/MetalIconFactory/bug4952462.java failing on CI (P4) JDK-8346234: javax/swing/text/DefaultEditorKit/4278839/bug4278839.java still fails in CI (P4) JDK-8139392: JInternalFrame has incorrect padding (P4) JDK-8354466: Open some misc Swing bugs 9 (P4) JDK-8353589: Open source a few Swing menu-related tests (P4) JDK-8354552: Open source a few Swing tests (P4) JDK-8354701: Open source few JToolTip tests (P4) JDK-8354532: Open source JFileChooser Tests - Set 7 (P4) JDK-8352997: Open source several Swing JTabbedPane tests (P4) JDK-8354561: Open source several swing tests batch0 (P4) JDK-8353309: Open source several Swing text tests (P4) JDK-8353483: Open source some JProgressBar tests (P4) JDK-8354451: Open source some more Swing popup menu tests (P4) JDK-8353011: Open source Swing JButton tests - Set 1 (P4) JDK-8353319: Open source Swing tests - Set 3 (P4) JDK-8353486: Open source Swing Tests - Set 4 (P4) JDK-8354340: Open source Swing Tests - Set 6 (P4) JDK-8354214: Open source Swing tests Batch 2 (P4) JDK-8354418: Open source Swing tests Batch 4 (P4) JDK-8353201: Open source Swing Tooltip tests - Set 2 (P4) JDK-8352678: Opensource few JMenuItem tests (P4) JDK-8328247: Remove redundant dir for tests converted from applet to main (P4) JDK-8361298: SwingUtilities/bug4967768.java fails where character P is not underline (P4) JDK-8359428: Test 'javax/swing/JTabbedPane/bug4499556.java' failed because after selecting one of L&F items, the test case automatically failed when clicking on L&F Menu button again (P4) JDK-8335986: Test javax/swing/JCheckBox/4449413/bug4449413.java fails on Windows 11 x64 because RBMenuItem's and CBMenuItem's checkmark on the left side are not visible (P5) JDK-8359418: Test "javax/swing/text/GlyphView/bug4188841.java" failed because the phrase of text pane does not match the instructions core-libs: (P4) JDK-8352016: Improve java/lang/RuntimeTests/RuntimeExitLogTest.java core-libs/java.io: (P4) JDK-8355444: [java.io] Use @requires tag instead of exiting based on "os.name" property value (P4) JDK-8360411: [TEST] open/test/jdk/java/io/File/MaxPathLength.java Refactor extract method to encapsulate Windows specific test logic (P4) JDK-8359449: [TEST] open/test/jdk/java/io/File/SymLinks.java Refactor extract method for Windows specific test (P4) JDK-8363720: Follow up to JDK-8360411 with post review comments (P4) JDK-8355558: SJIS.java test is always ignored (P4) JDK-8367869: Test java/io/FileDescriptor/Sync.java timed out (P4) JDK-8359182: Use @requires instead of SkippedException for MaxPath.java core-libs/java.lang: (P4) JDK-8362207: Add more test cases for possible double-rounding in fma (P4) JDK-8357561: BootstrapLoggerTest does not work on Ubuntu 24 with LANG de_DE.UTF-8 (P4) JDK-8352533: Report useful IOExceptions when jspawnhelper fails (P4) JDK-8368192: Test java/lang/ProcessBuilder/Basic.java#id0 fails with Exception: Stack trace (P4) JDK-8344143: Test jdk/java/lang/Thread/virtual/stress/GetStackTraceALotWhenPinned.java timed out on macosx-x64 (P4) JDK-8344577: Virtual thread tests are timing out on some macOS systems core-libs/java.lang.invoke: (P3) JDK-8199149: Improve the exception message thrown by VarHandle of unsupported operation core-libs/java.net: (P3) JDK-8365086: CookieStore.getURIs() and get(URI) should return an immutable List (P3) JDK-8358048: java/net/httpclient/HttpsTunnelAuthTest.java incorrectly calls Thread::stop (P4) JDK-8360408: [TEST] Use @requires tag instead of exiting based on "os.name" property value for sun/net/www/protocol/file/FileURLTest.java (P4) JDK-8361423: Add IPSupport::printPlatformSupport to java/net/NetworkInterface/IPv4Only.java (P4) JDK-8359477: com/sun/net/httpserver/Test12.java appears to have a temp file race (P4) JDK-8364263: HttpClient: Improve encapsulation of ProxyServer (P4) JDK-8304065: HttpServer.stop should terminate immediately if no exchanges are in progress (P4) JDK-8320577: Improve MessageHeader's toString() function to make HttpURLConnection's debug log readable (P4) JDK-8353013: java.net.URI.create(String) may have low performance to scan the host/domain name from URI string when the hostname starts with number (P4) JDK-8349705: java.net.URI.scanIPv4Address throws unnecessary URISyntaxException (P4) JDK-8338740: java/net/httpclient/HttpsTunnelAuthTest.java fails with java.io.IOException: HTTP/1.1 header parser received no bytes (P4) JDK-8365834: Mark java/net/httpclient/ManyRequests.java as intermittent (P4) JDK-8360981: Remove use of Thread.stop in test/jdk/java/net/Socket/DeadlockTest.java (P4) JDK-8367904: Test java/net/InetAddress/ptr/Lookup.java should throw SkippedException (P4) JDK-8364786: Test java/net/vthread/HttpALot.java intermittently fails - 24999 handled, expected 25000 core-libs/java.nio: (P3) JDK-8358764: (sc) SocketChannel.close when thread blocked in read causes connection to be reset (win) (P4) JDK-8333783: java/nio/channels/FileChannel/directio/DirectIOTest.java is unstable with AV software core-libs/java.nio.charsets: (P4) JDK-8369078: Fix faulty test conversion in IllegalCharsetName.java (P4) JDK-8310049: Refactor Charset tests to use JUnit core-libs/java.rmi: (P4) JDK-7191877: TEST_BUG: java/rmi/transport/checkLeaseInfoLeak/CheckLeaseLeak.java failing intermittently core-libs/java.text: (P3) JDK-8367237: Thread-Safety Usage Warning for java.text.Collator Classes (P4) JDK-8353585: Provide ChoiceFormat#parse(String, ParsePosition) tests core-libs/java.util: (P4) JDK-8351567: Jar Manifest test ValueUtf8Coding produces misleading diagnostic output core-libs/java.util.concurrent: (P4) JDK-8362123: ClassLoader Leak via Executors.newSingleThreadExecutor(...) core-libs/java.util.jar: (P4) JDK-8204868: java/util/zip/ZipFile/TestCleaner.java still fails with "cleaner failed to clean zipfile." core-libs/java.util:i18n: (P3) JDK-8369184: SimpleTimeZone equals() Returns True for Unequal Instances with Different hashCode Values (P4) JDK-8324065: Daylight saving information for `Africa/Casablanca` are incorrect (P4) JDK-8356040: java/util/PluggableLocale/LocaleNameProviderTest.java timed out (P4) JDK-8345213: JVM Prefers /etc/timezone Over /etc/localtime on Debian 12 (P4) JDK-8313231: Redundant if statement in ZoneInfoFile (P4) JDK-8347841: Test fixes that use deprecated time zone IDs (P4) JDK-8327434: Test java/util/PluggableLocale/TimeZoneNameProviderTest.java timed out (P4) JDK-8342582: user.region for formatting number no longer works for 21.0.5 core-svc/debugger: (P3) JDK-8353953: com/sun/jdi tests should be fixed to not always require includevirtualthreads=y (P3) JDK-8355071: Fix nsk/jdi test to not require lookup of main thread in order to set the breakpoint used for communication (P4) JDK-8359167: Remove unused test/hotspot/jtreg/vmTestbase/nsk/share/jpda/BindServer.java (P4) JDK-8072701: resume001 failed due to ERROR: timeout for waiting for a BreakpintEvent (P4) JDK-8355773: Some nsk/jdi tests can fetch ThreadReference from static field in the debuggee (P4) JDK-8356023: Some nsk/jdi tests can fetch ThreadReference from static field in the debuggee: part 2 (P4) JDK-8355569: Some nsk/jdi tests can glean the "main" thread by using the ClassPrepareEvent for the debuggee main class (P4) JDK-8367131: Test com/sun/jdi/ThreadMemoryLeakTest.java fails on 32 bits (P4) JDK-8327704: Update nsk/jdi tests to use driver instead of othervm core-svc/java.lang.management: (P4) JDK-8366092: [GCC static analyzer] UnixOperatingSystem.c warning: use of uninitialized value 'systemTicks' (P4) JDK-8362533: Tests sun/management/jmxremote/bootstrap/* duplicate VM flags core-svc/javax.management: (P2) JDK-8364484: misc tests fail with Received fatal alert: handshake_failure core-svc/tools: (P3) JDK-8361751: Test sun/tools/jcmd/TestJcmdSanity.java timed out on Windows (P4) JDK-8318730: MonitorVmStartTerminate.java still times out after JDK-8209595 (P4) JDK-8305567: serviceability/tmtools/jstat/GcTest01.java failed utils.JstatGcResults.assertConsistency docs/hotspot: (P5) JDK-8325731: Installation instructions for Debian/Ubuntu don't mention autoconf hotspot/compiler: (P3) JDK-8369616: JavaFrameAnchor on RISC-V has unnecessary barriers and wrong store order in MacroAssembler (P4) JDK-8325277: [21u] Backout test change of JDK-8291809 (P4) JDK-8325647: [IR framework] Only prints stdout if exitCode is 134 (P4) JDK-8355387: [jittester] Disable downcasts by default (P4) JDK-8339366: [jittester] Make it possible to generate tests without execution (P4) JDK-8357822: C2: Multiple string optimization tests are no longer testing string concatenation optimizations (P4) JDK-8216437: PPC64: Add intrinsic for GHASH algorithm (P5) JDK-8323803: ConstantOopReadValue::print_on should print 'null' instead of 'nullptr' hotspot/gc: (P3) JDK-8360288: Shenandoah crash at size_given_klass in op_degenerated (P4) JDK-8305186: Reference.waitForReferenceProcessing should be more accessible to tests (P4) JDK-8365919: Replace currentTimeMillis with nanoTime in Stresser.java (P4) JDK-8367372: Test `test/hotspot/jtreg/gc/TestObjectAlignmentCardSize.java` fails on 32 bit systems (P4) JDK-8362532: Test gc/g1/plab/* duplicate command-line options hotspot/jfr: (P3) JDK-8364556: JFR: Disable SymbolTableStatistics and StringTableStatistics in default.jfc (P3) JDK-8364993: JFR: Disable jdk.ModuleExport in default.jfc (P3) JDK-8364257: JFR: User-defined events and settings with a one-letter name cannot be configured (P4) JDK-8346875: Test jdk/jdk/jfr/event/os/TestCPULoad.java fails on macOS hotspot/jvmti: (P3) JDK-8304811: vmTestbase/vm/mlvm/indy/func/jvmti/stepBreakPopReturn/INDIFY_Test.java fails with JVMTI_ERROR_TYPE_MISMATCH (P4) JDK-8365240: [asan] exclude some tests when using asan enabled binaries (P4) JDK-8311076: RedefineClasses doesn't check for ConstantPool overflow (P4) JDK-8300708: Some nsk jvmti tests fail with virtual thread wrapper due to jvmti missing some virtual thread support (P4) JDK-8358577: Test serviceability/jvmti/thread/GetCurrentContendedMonitor/contmon01/contmon01.java failed: unexpexcted monitor object (P4) JDK-8361314: Test serviceability/jvmti/VMEvent/MyPackage/VMEventRecursionTest.java FATAL ERROR in native method: Failed during the GetClassSignature call hotspot/runtime: (P2) JDK-8369946: Bytecode rewriting causes Java heap corruption on PPC (P2) JDK-8361754: New test runtime/jni/checked/TestCharArrayReleasing.java can cause disk full errors (P2) JDK-8333200: Test containers/docker/TestPids.java fails Limit value -1 is not accepted as unlimited (P3) JDK-8361447: [REDO] Checked version of JNI ReleaseArrayElements needs to filter out known wrapped arrays (P3) JDK-8343191: Cgroup v1 subsystem fails to set subsystem path (P3) JDK-8331231: containers/docker/TestContainerInfo.java fails (P3) JDK-8364235: Fix for JDK-8361447 breaks the alignment requirements for GuardedMemory (P3) JDK-8290043: serviceability/attach/ConcAttachTest.java failed "guarantee(!CheckJNICalls) failed: Attached JNI thread exited without being detached" (P4) JDK-8347143: [aix] Fix strdup use in os::dll_load (P4) JDK-8334217: [AIX] Misleading error messages after JDK-8320005 (P4) JDK-8365442: [asan] runtime/ErrorHandling/CreateCoredumpOnCrash.java fails (P4) JDK-8364514: [asan] runtime/jni/checked/TestCharArrayReleasing.java heap-buffer-overflow (P4) JDK-8365487: [asan] some oops (mode) related tests fail (P4) JDK-8364660: ClassVerifier::ends_in_athrow() should be removed (P4) JDK-8361253: CommandLineOptionTest library should report observed values on failure (P4) JDK-8360533: ContainerRuntimeVersionTestUtils fromVersionString fails with some docker versions (P4) JDK-8364199: Enhance list of environment variables printed in hserr/hsinfo file (P4) JDK-8350623: Fix -Wzero-as-null-pointer-constant warnings in nsk native test utilities (P4) JDK-8308780: Fix the Java Integer types on Windows (P4) JDK-8321183: Incorrect warning from cds about the modules file (P4) JDK-8315130: java.lang.IllegalAccessError when processing classlist to create CDS archive (P4) JDK-8320836: jtreg gtest runs should limit heap size (P4) JDK-8358748: Large page size initialization fails with assert "page_size must be a power of 2" (P4) JDK-8351382: New test containers/docker/TestMemoryWithSubgroups.java is failing (P4) JDK-8364198: NMT should have a better corruption message (P4) JDK-8348402: PerfDataManager stalls shutdown for 1ms (P4) JDK-8317132: Prepare HotSpot for permissive- (P4) JDK-8359207: Remove runtime/signal/TestSigusr2.java since it is always skipped (P4) JDK-8348240: Remove SystemDictionaryShared::lookup_super_for_unregistered_class() (P4) JDK-8341138: Rename jtreg property docker.support as container.support (P4) JDK-8347434: Richer VM operations events logging (P4) JDK-8365913: Support latest MSC_VER in abstract_vm_version.cpp (P4) JDK-8360178: TestArguments.atojulong gtest has incorrect format string hotspot/svc: (P4) JDK-8325530: Vague error message when com.sun.tools.attach.VirtualMachine fails to load agent library hotspot/test: (P3) JDK-8352926: New test TestDockerMemoryMetricsSubgroup.java fails (P3) JDK-8354475: TestDockerMemoryMetricsSubgroup.java fails with exitValue = 1 (P4) JDK-8338428: Add logging of final VM flags while setting properties (P4) JDK-8362602: Add test.timeout.factor to CompileFactory to avoid test timeouts (P4) JDK-8366558: Gtests leave /tmp/cgroups-test* files (P4) JDK-8360478: libjsig related tier3 jtreg tests fail when asan is configured (P4) JDK-8356187: TestJcmd.java may incorrectly parse podman version infrastructure: (P4) JDK-8366231: Bump update version for OpenJDK: jdk-21.0.10 infrastructure/build: (P4) JDK-8319570: Change to GCC 13.2.0 for building on Linux at Oracle (P4) JDK-8341097: GHA: Demote Mac x86 jobs to build only (P4) JDK-8363966: GHA: Switch cross-compiling sysroots to Debian trixie (P4) JDK-8369226: GHA: Switch to MacOS 15 (P4) JDK-8365098: make/RunTests.gmk generates a wrong path to test artifacts on Alpine (P4) JDK-8201183: sjavac build failures: "Connection attempt failed: Connection refused" (P4) JDK-8362516: Support of GCC static analyzer (-fanalyzer) infrastructure/other: (P4) JDK-8306579: Consider building with /Zc:throwingNew other-libs: (P4) JDK-8364597: Replace THL A29 Limited with Tencent performance/libraries: (P4) JDK-8346142: [perf] scalability issue for the specjvm2008::xml.validation workload security-libs/java.security: (P4) JDK-8320049: PKCS10 would not discard the cause when throw SignatureException on invalid key (P4) JDK-8317332: Prepare security for permissive- (P4) JDK-8219408: Tests should handle ${} in the view of jtreg "smart action" security-libs/javax.crypto: (P4) JDK-8356897: Update NSS library to 3.111 security-libs/javax.crypto:pkcs11: (P4) JDK-8361868: [GCC static analyzer] complains about missing calloc - NULL checks in p11_util.c (P4) JDK-8361871: [GCC static analyzer] complains about use of uninitialized value ckpObject in p11_util.c (P4) JDK-8230016: re-visit test sun/security/pkcs11/Serialize/SerializeProvider.java (P4) JDK-8365168: Use 64-bit aligned addresses for CK_ULONG access in PKCS11 native key code security-libs/javax.net.ssl: (P2) JDK-8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures (P3) JDK-8245545: Disable TLS_RSA cipher suites (P4) JDK-8367133: DTLS: fragmentation of Finished message results in handshake failure (P4) JDK-8277424: javax/net/ssl/TLSCommon/TLSTest.java fails with connection refused (P4) JDK-8201778: Speed up test javax/net/ssl/DTLS/PacketLossRetransmission.java (P4) JDK-8354235: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine security-libs/jdk.security: (P3) JDK-8353299: VerifyJarEntryName.java test fails (P4) JDK-8339280: jarsigner -verify performs cross-checking between CEN and LOC (P4) JDK-8365660: test/jdk/sun/security/pkcs11/KeyAgreement/ tests skipped without SkipExceprion (P4) JDK-8367782: VerifyJarEntryName.java: Fix modifyJarEntryName to operate on bytes and re-introduce verifySignatureEntryName (P5) JDK-8337723: Remove redundant tests from com/sun/security/sasl/gsskerb security-libs/org.ietf.jgss:krb5: (P3) JDK-8297531: sun/security/krb5/MicroTime.java fails with "Exception: What? only 100 musec precision?" (P4) JDK-8349534: Refactor jdk/sun/security/krb5/runNameEquals.sh to java test tools/javac: (P4) JDK-8334756: javac crashed on call to non-existent generic method with explicit annotated type arg (P4) JDK-8342934: TYPE_USE annotations printed with error causing "," in toString output (P5) JDK-8360022: ClassRefDupInConstantPoolTest.java fails when running in repeat (P5) JDK-8309511: Regression test ExtraImportSemicolon.java refers to the wrong bug tools/jpackage: (P3) JDK-8343876: Enhancements to jpackage test lib (P4) JDK-8350102: Decouple jpackage test-lib Executor.Result and Executor classes (P4) JDK-8343875: Minor improvements of jpackage test library tools/launcher: (P4) JDK-8370214: [21u] Remove -Xdebug and -Xnoagent from tests: backport parts of 8227229 and 8312072