RELEASE NOTES: JDK 26.0.2

Notes generated: Fri Apr 10 07:34:06 CEST 2026

JEPs

None.

RELEASE NOTES

security-libs/javax.crypto

Issue Description
JDK-8347938

Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings


The JDK now encodes ML-KEM and ML-DSA private keys in PKCS #8 format using the DER-encoded ASN.1 CHOICE formats defined in Section 6 of RFC 9935 and Section 6 of RFC 9881. Two new security properties (jdk.mlkem.pkcs8.encoding and jdk.mldsa.pkcs8.encoding) control the encoding used when generating new keys with a KeyPairGenerator or when translating keys with a KeyFactory. Valid values are "seed", "expandedKey", and "both" (case-insensitive). If a system property of the same name is also specified, it supersedes the security property value. All three formats are supported when decoding previously encoded private keys with a KeyFactory.

When these algorithms were introduced in JDK 24, the encoding format was equivalent to the "expandedKey" choice. This release changes the default to "seed". As a result, ML-KEM and ML-DSA private keys generated by this JDK release will not be accepted by older releases by default, although keys generated by older releases are still readable by this release. To make a new private key acceptable by older releases, set the relevant property to "expandedKey" and use KeyFactory.translateKey to convert it to the older format.

Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings


The JDK now encodes ML-KEM and ML-DSA private keys in PKCS #8 format using the DER-encoded ASN.1 CHOICE formats defined in Section 6 of RFC 9935 and Section 6 of RFC 9881. Two new security properties (jdk.mlkem.pkcs8.encoding and jdk.mldsa.pkcs8.encoding) control the encoding used when generating new keys with a KeyPairGenerator or when translating keys with a KeyFactory. Valid values are "seed", "expandedKey", and "both" (case-insensitive). If a system property of the same name is also specified, it supersedes the security property value. All three formats are supported when decoding previously encoded private keys with a KeyFactory.

When these algorithms were introduced in JDK 24, the encoding format was equivalent to the "expandedKey" choice. This release changes the default to "seed". As a result, ML-KEM and ML-DSA private keys generated by this JDK release will not be accepted by older releases by default, although keys generated by older releases are still readable by this release. To make a new private key acceptable by older releases, set the relevant property to "expandedKey" and use KeyFactory.translateKey to convert it to the older format.

This change is planned to be backported to Oracle's JDK update releases that support ML-KEM and ML-DSA, so the interoperability impact is expected to be temporary.

FIXED ISSUES

client-libs/2d

Priority Bug Summary
P3 JDK-8297191 [macos] Printing a page range with starting page > 1 results in missing pages
P3 JDK-8378201 [OGL] glXMakeContextCurrent() drops the buffers of the unbound drawable
P3 JDK-8378417 Printing All pages results in NPE for 1.1 PrintJob
P3 JDK-8375057 Update HarfBuzz to 12.3.2
P3 JDK-8375065 Update LCMS to 2.18
P4 JDK-8377602 Create automated test for PageRange
P4 JDK-8369561 sun/java2d/OpenGL/DrawBitmaskImage.java#id0: Incorrect color for first pixel (actual=ff000000)

client-libs/java.awt

Priority Bug Summary
P3 JDK-8378727 [macOS] Missing dispatch_release for semaphores in CDesktopPeer
P3 JDK-8376233 Clean up code in Desktop native peer
P3 JDK-8379256 Update GIFlib to 6.1.1
P3 JDK-8380078 Update GIFlib to 6.1.2
P3 JDK-8377526 Update Libpng to 1.6.55
P3 JDK-8380959 Update Libpng to 1.6.56
P4 JDK-8379499 [AIX] headless-only build of libjawt.so fails
P4 JDK-8346154 [XWayland] Some tests fail intermittently in the CI, but not locally
P4 JDK-8381745 Ensure Modal/FileDialog tests explicitly reference Asserts class
P4 JDK-8374304 MultiResolutionSplashTest.java fails in CI: "Image with wrong resolution is used for splash screen!"
P4 JDK-8373239 Test java/awt/print/PrinterJob/PageRanges.java fails with incorrect selection of printed pages
P4 JDK-8360160 ubuntu-22-04 machine is failing client tests
P5 JDK-8068378 [TEST_BUG]The java/awt/Modal/PrintDialogsTest/PrintDialogsTest.java instruction need to update

client-libs/javax.accessibility

Priority Bug Summary
P3 JDK-8286258 [Accessibility,macOS,VoiceOver] VoiceOver reads the spinner value wrong and sometime partially

client-libs/javax.imageio

Priority Bug Summary
P4 JDK-8377167 javax/imageio/ReadAbortTest.java throw NPE when x11 unavailable

client-libs/javax.sound

Priority Bug Summary
P4 JDK-8374727 Audio configuration Platform class - use nio for getting endianness of the underlying platform
P4 JDK-8373931 Test javax/sound/sampled/Clip/AutoCloseTimeCheck.java timed out

client-libs/javax.swing

Priority Bug Summary
P3 JDK-8374506 Incorrect positioning of arrow icon in parent JMenu in Windows L&F
P3 JDK-8373650 Test "javax/swing/JMenuItem/6458123/ManualBug6458123.java" fails because the check icons are not aligned properly as expected
P3 JDK-8359433 The final modifier on Windows L&F internal UI classes prevents extending them in apps
P4 JDK-8376151 Test javax/swing/JFileChooser/4966171/bug4966171.java is failing with OOME
P4 JDK-8373847 Test javax/swing/JMenuItem/MenuItemTest/bug6197830.java failed because The test case automatically fails when clicking any items in the “Nothing” menu in all four windows (Left-to-right)-Menu Item Test and (Right-to-left)-Menu Item Test
P5 JDK-8379952 Revert JDK-8365711: Restore protected visibility of menuBarHeight and hotTrackingOn

core-libs

Priority Bug Summary
P4 JDK-8373718 jdk/internal/misc/VM/RuntimeArguments.java test fails in Virtual threads mode

core-libs/java.io

Priority Bug Summary
P4 JDK-8377910 Minor cleanup of java/io/FileDescriptor/Sharing.java
P4 JDK-8372377 Test java/io/File/GetXSpace.java failed: The system cannot find the path specified

core-libs/java.io:serialization

Priority Bug Summary
P4 JDK-8373623 Refactor Serialization tests for Records to JUnit
P4 JDK-8373913 Refactor serialization tests to use JUnit

core-libs/java.lang

Priority Bug Summary
P3 JDK-8373120 Virtual thread stuck in BLOCKED state
P4 JDK-8379967 (process) Improve ProcessBuilder error reporting

core-libs/java.lang.invoke

Priority Bug Summary
P4 JDK-8375742 Test java/lang/invoke/MethodHandleProxies/Driver.java does not run Unnamed.java

core-libs/java.net

Priority Bug Summary
P3 JDK-8376031 HttpsURLConnection.getServerCertificates() throws "java.lang.IllegalStateException: connection not yet open" for the HEAD method
P4 JDK-8373362 Http3TestServer should not log an exception stack trace when it is stopping normally
P4 JDK-8373704 Improve "SocketException: Protocol family unavailable" message
P4 JDK-8376308 java/net/httpclient/CancelRequestTest.java fails intermittently with "Expected CancellationException not received"
P4 JDK-8373537 Migrate "test/jdk/com/sun/net/httpserver/" to null-safe "SimpleSSLContext" methods
P4 JDK-8373808 Refactor java/net/httpclient qpack and hpack tests to use JUnit
P4 JDK-8373796 Refactor java/net/httpclient/ThrowingPublishers*.java tests to use JUnit5
P4 JDK-8373869 Refactor java/net/httpclient/ThrowingPushPromises*.java tests to use JUnit5
P4 JDK-8373866 Refactor java/net/httpclient/ThrowingSubscribers*.java tests to use JUnit5
P4 JDK-8373893 Refactor networking http server tests to use JUnit
P4 JDK-8369950 TLS connection to IPv6 address fails with BCJSSE due to IllegalArgumentException

core-libs/java.nio

Priority Bug Summary
P4 JDK-8375294 (fs) Files.copy can fail with EOPNOTSUPP when copy_file_range not supported
P4 JDK-8378878 Refactor java/nio/channels/AsynchronousSocketChannel test to use JUnit

core-libs/java.rmi

Priority Bug Summary
P4 JDK-8170896 TEST_BUG: java/rmi/server/Unreferenced/leaseCheckInterval/LeaseCheckInterval.java failed with unreferenced() not invoked after 20.0 seconds

core-libs/java.time

Priority Bug Summary
P4 JDK-8373829 Refactor test/jdk/java/time/tck tests to use JUnit over TestNG
P4 JDK-8373830 Refactor test/jdk/java/time/test tests to use JUnit over TestNG

core-libs/java.util

Priority Bug Summary
P4 JDK-8373716 Refactor further java/util tests from TestNG to JUnit
P4 JDK-8375231 Refactor util/ServiceLoader tests to use JUnit
P4 JDK-8375232 Refactor util/StringJoiner tests to use JUnit
P4 JDK-8375233 Refactor util/Vector tests to use JUnit

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8377461 Add ZipFile test for incorrect number of entries reported in ENDTOT

core-libs/javax.naming

Priority Bug Summary
P5 JDK-8375999 com/sun/jndi/ldap/LdapPoolTimeoutTest.java fails sporadically on Windows

core-svc/java.lang.management

Priority Bug Summary
P4 JDK-8377944 LowMemoryTest2.java#id1 intermittent fails OOME: Metaspace

core-svc/tools

Priority Bug Summary
P4 JDK-8278102 containers/docker/TestJcmd.java failed with "RuntimeException: Could not find specified process"

hotspot/compiler

Priority Bug Summary
P3 JDK-8378353 [PPC64] StringCoding.countPositives causes errors when the length is not a proper 32 bit int
P3 JDK-8373021 aarch64: MacroAssembler::arrays_equals reads out of bounds
P3 JDK-8376104 C2 crashes in PhiNode::Ideal(PhaseGVN*, bool) accessing NULL pointer
P3 JDK-8374903 C2 VectorAPI: assert(vbox->as_Phi()->region() == vect->as_Phi()->region()) failed
P3 JDK-8375010 C2 VectorAPI: assert(vbox->is_CheckCastPP()) failed: should be expanded
P3 JDK-8374043 C2: assert(_base >= VectorMask && _base <= VectorZ) failed: Not a Vector
P3 JDK-8378713 C2: performance regression due to missing constant folding for Math.pow()
P3 JDK-8370502 C2: segfault while adding node to IGVN worklist
P3 JDK-8366138 Parse::jump_switch_ranges() could cause stack overflow when compiling huge switch statement
P4 JDK-8381596 Adjust checks which use supports_ht() on x86 for hybrid CPUs
P4 JDK-8381315 compiler/vectorapi/TestVectorReallocation.java fails with -XX:UseAVX=1 after JDK-8380565
P4 JDK-8374744 Enable dumping of APX EGPRs (R16–R31) in JVM fatal error logs
P4 JDK-8375598 VM crashes with "assert((labs(val) & 0xFFFFFFFF00000000) == 0 || dest == (address)-1) failed: must be 32bit offset or -1" when using too high value for NonNMethodCodeHeapSize
P5 JDK-8368977 Provide clear naming for AVX10 identifiers
P5 JDK-8344345 test/hotspot/gtest/x86/x86-asmtest.py has trailing whitespaces

hotspot/gc

Priority Bug Summary
P2 JDK-8371420 Still sporadic failures of gc/TestAlwaysPreTouchBehavior.java# on Linux after JDK-8359104
P4 JDK-8374371 Failed assertion in G1HeapRegion gtest
P4 JDK-8377347 jdk/jfr/event/gc/detailed/TestZAllocationStallEvent.java intermittent OOME
P4 JDK-8378561 Mark gc/shenandoah/compiler/TestLinkToNativeRBP.java as /native

hotspot/jfr

Priority Bug Summary
P3 JDK-8380011 Path-to-gcroots search should not trigger stack overflows
P4 JDK-8376889 Enhance JfrRecorder::on_create_vm_3() assert output
P4 JDK-8279196 Test: jdk/jfr/event/gc/stacktrace/TestG1OldAllocationPendingStackTrace.java timed out
P4 JDK-8377949 TestZRelocationSetEvent.java intermittent fails OOME

hotspot/runtime

Priority Bug Summary
P3 JDK-8377512 AOT cache creation fails with invalid native pointer
P3 JDK-8380565 PPC64: deoptimization stub should save vector registers
P4 JDK-8377932 AOT cache is not rejected when JAR file has changed
P4 JDK-8378871 CPU feature flags are not properly set in vm_version_windows_aarch64.cpp
P4 JDK-8376402 Dependencies::print_statistics() and AbstractClassHierarchyWalker::print_statistics() are not called from PRODUCT code
P4 JDK-8374998 Failing os::write - remove bad file
P4 JDK-8374343 Fix SIGSEGV when lib/modules is unreadable
P4 JDK-8376688 Gtest os.attempt_reserve_memory_between_small_range_fill_hole_vm fails on AIX 7.3
P4 JDK-8377898 Hotspot build on AIX with unused-functions warning reports some unused functions
P4 JDK-8374711 Hotspot runtime/CommandLine/OptionsValidation/TestOptionsWithRanges fails without printing the option name
P4 JDK-8377777 Improve logging when rejecting assets from the AOT archive
P4 JDK-8374178 Missing include in systemDictionary.cpp after JDK-8365526
P4 JDK-8374769 PPC: MASM::pop_cont_fastpath() should reset _cont_fastpath if SP == _cont_fastpath
P4 JDK-8371503 RETAIN_IMAGE_AFTER_TEST do not work for some tests
P4 JDK-8374056 RISC-V: Fix argument passing for the RiscvFlushIcache::flush
P4 JDK-8375311 Some builds are missing debug helpers

hotspot/svc

Priority Bug Summary
P4 JDK-8380663 Update jcmd man page to include AOT.end_recording diagnostic command

infrastructure/build

Priority Bug Summary
P4 JDK-8379416 AIX build fails if system (not GNU) date tool is in PATH
P4 JDK-8376684 Compile OpenJDK in headless mode without required X11 libraries
P4 JDK-8378836 Enable linktime-gc by default on Linux ppc64le
P4 JDK-8381205 GHA: Upgrade Node.js 20 to 24
P4 JDK-8378218 MSYS2 reports cygwin triplet causing bash configure failure
P4 JDK-8379202 Support linktime-gc on Linux with clang

release-team

Priority Bug Summary
P3 JDK-8376485 Update the release version and date for OpenJDK 26u

security-libs/java.security

Priority Bug Summary
P4 JDK-8373690 Unexpected Keystore message using jdk.crypto.disabledAlgorithms

security-libs/javax.crypto

Priority Bug Summary
P2 JDK-8347938 Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings

security-libs/javax.net.ssl

Priority Bug Summary
P4 JDK-8373101 JdkClient and JdkServer test classes ignore namedGroups field

security-libs/jdk.security

Priority Bug Summary
P4 JDK-8367994 test/jdk/sun/security/pkcs11/Signature/ tests pass when they should skip
P4 JDK-8368524 Tests are skipped and shown as passed in test/jdk/sun/security/pkcs11/Cipher/KeyWrap

tools/javac

Priority Bug Summary
P4 JDK-8377334 Test framework used by langtools regression tests can produce false positives