Notes generated: Sun Dec 01 22:26:38 CET 2024
None.
Issue | Description |
---|---|
JDK-8236645 |
Oracle Specific JDK Update of System Property to Fall Back to Legacy Base64 Encoding Format Oracle JDK 8u231 has upgraded the Apache Santuario libraries to v2.1.3. This upgrade introduced an issue in which XML signatures using Base64 encoding appended Oracle JDK 8u221 using the legacy encoder returns encoded data in a format without Therefore an Oracle specific JDK 8 Update of a new system property Users can set this flag in one of two ways:
This new system property is disabled by default. It has no effect on default behavior or when the Later JDK family versions will only support the recommended property: |
JDK-8217878 |
com.sun.org.apache.xml.internal.security.ignoreLineBreaks System Property An Apache Santuario library version upgrade, used by the javax.xml.crypto.* packages, introduces a behavioral change where a new Base64 encoder uses "\r\n" as end-of-line terminator. By default, XML signatures signed using API calls form the javax.xml.crypto.dsig package includes the escaped '\r' character, encoded as "
" or "
". A new Additional information can be found at https://issues.apache.org/jira/browse/SANTUARIO-482. |
JDK-8177334 |
Updated xmldsig Implementation to Apache Santuario 2.1.1 The XMLDSig provider implementation in the |
Issue | Description |
---|---|
JDK-8239385 |
Support for canonicalize in krb5.conf The 'canonicalize' flag in the krb5.conf file is now supported by the JDK Kerberos implementation. When set to true, RFC 6806 name canonicalization is requested by clients in TGT requests to KDC services (AS protocol). Otherwise, and by default, it is not requested. The new default behavior is different from JDK 14 and previous releases where name canonicalization was always requested by clients in TGT requests to KDC services (provided that support for RFC 6806 was not explicitly disabled with the sun.security.krb5.disableReferrals system or security properties). |
Issue | Description |
---|---|
JDK-8209965 |
supported_groups Extension Should Not be Present in ServerHello Handshake Message While the |
JDK-8028518 |
Increase the priorities of GCM cipher suites In TLS, a ciphersuite defines a specific set of cryptography algorithms used in a TLS connection. JSSE maintains a prioritized list of ciphersuites. In this update, GCM-based cipher suites are configured as the most preferable default cipher suites in the SunJSSE provider. In the SunJSSE provider, the following ciphersuites are now the most preferred by default: ``` TLSECDHEECDSAWITHAES256GCMSHA384 TLSECDHEECDSAWITHAES128GCMSHA256 TLSECDHERSAWITHAES256GCMSHA384 TLSRSAWITHAES256GCMSHA384 TLSECDHECDSAWITHAES256GCMSHA384 TLSECDHRSAWITHAES256GCMSHA384 TLSDHERSAWITHAES256GCMSHA384 TLSDHEDSSWITHAES256GCM_SHA384 TLSECDHERSAWITHAES128GCMSHA256 TLSRSAWITHAES128GCMSHA256 TLSECDHECDSAWITHAES128GCMSHA256 TLSECDHRSAWITHAES128GCMSHA256 TLSDHERSAWITHAES128GCMSHA256 TLSDHEDSSWITHAES128GCM_SHA256 ``` Note that this is a behavior change of the SunJSSE provider in the JDK, it is not guaranteed to be examined and used by other JSSE providers. There is no guarantee the cipher suites priorities will remain the same in future updates or releases. |
Issue | Description |
---|---|
JDK-8080462 |
SunPKCS11 Provider Upgraded with Support for PKCS#11 v2.40 The SunPKCS11 provider has been updated with support for PKCS#11 v2.40. This version adds support for more algorithms such as the AES/GCM/NoPadding cipher, DSA signatures using SHA-2 family of message digests, and RSASSA-PSS signatures when the corresponding PKCS11 mechanisms are supported by the underlying PKCS11 library. |
Issue | Description |
---|---|
JDK-8243320 |
Added 3 SSL Corporation Root CA Certificates The following root certificates have been added to the cacerts truststore: ``` + SSL Corporation + sslrootrsaca DN: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US
|
JDK-8243321 |
Added Entrust Root Certification Authority - G4 certificate The following root certificate has been added to the cacerts truststore:
|
Issue | Description |
---|---|
JDK-8226575 |
OperatingSystemMXBean Methods Inside a Container Return Container Specific Data When executing in a container, or other virtualized operating environment, the following
|
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8244818 | [macos] Java2D Queue Flusher crash while moving application window to external monitor |
P2 | JDK-8233097 | Fontmetrics for large Fonts has zero width |
P3 | JDK-8145808 | [PIT] test java/awt/Graphics2D/MTGraphicsAccessTest/MTGraphicsAccessTest.java hangs on Win. 8 |
P3 | JDK-8209113 | Use WeakReference for lastFontStrike for created Fonts |
P4 | JDK-8177628 | Opensource unit/regression tests for ImageIO |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8242498 | Invalid "sun.awt.TimedWindowEvent" object leads to JVM crash |
P3 | JDK-8200313 | java/awt/Gtk/GtkVersionTest/GtkVersionTest.java fails |
P4 | JDK-8137087 | [TEST_BUG] Cygwin failure of java/awt/appletviewer/IOExceptionIfEncodedURLTest/IOExceptionIfEncodedURLTest.sh |
P4 | JDK-8039082 | [TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java fails |
P4 | JDK-8132376 | Add @requires os.family to the client tests with access to internal OS-specific API |
P4 | JDK-8239819 | XToolkit: Misread of screen information memory |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8183341 | Better cleanup for javax/imageio/AllowSearch.java |
P4 | JDK-8250755 | Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java |
P4 | JDK-8183349 | Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java and WriteAfterAbort.java |
P4 | JDK-8183351 | Better cleanup for jdk/test/javax/imageio/spi/AppletContextTest/BadPluginConfigurationTest.sh |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8156169 | Some sound tests rarely hangs because of incorrect synchronization |
P4 | JDK-8167615 | Opensource unit/regression tests for JavaSound |
P4 | JDK-6574989 | TEST_BUG: javax/sound/sampled/Clip/bug5070081.java fails sometimes |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8172012 | [TEST_BUG] delays needed in javax/swing/JTree/4633594/bug4633594.java |
P4 | JDK-8198004 | javax/swing/JFileChooser/6868611/bug6868611.java throws error |
P4 | JDK-8226697 | Several tests which need the @key headful keyword are missing it. |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8078334 | Mark regression tests using randomness |
P4 | JDK-8238380 | java.base/unix/native/libjava/childproc.c "multiple definition" link errors with GCC10 |
P4 | JDK-8250627 | Use -XX:+/-UseContainerSupport for enabling/disabling Java container metrics |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8211163 | UNIX version of Java_java_io_Console_echo does not return a clean boolean |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8226809 | Circular reference in printed stack trace is not correctly indented & ambiguous |
P4 | JDK-8168517 | java/lang/ProcessBuilder/Basic.java failed with "java.lang.AssertionError: Some tests failed" |
Priority | Bug | Summary |
---|---|---|
P5 | JDK-8026236 | Add PrimeTest for BigInteger |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8251546 | 8u backport of JDK-8194298 breaks AIX and Solaris builds |
P3 | JDK-8194298 | Add support for per Socket configuration of TCP keepalive |
P3 | JDK-8210147 | adjust some WSAGetLastError usages in windows network coding |
P3 | JDK-8151788 | NullPointerException from ntlm.Client.type3 |
P4 | JDK-8238386 | (sctp) jdk.sctp/unix/native/libsctp/SctpNet.c "multiple definition" link errors with GCC10 |
P5 | JDK-8036088 | Replace strtok() with its safe equivalent strtok_s() in DefaultProxySelector.c |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8075774 | Small readability and performance improvements for zipfs |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8231213 | Migrate SimpleDateFormatConstTest to JDK Repo |
Priority | Bug | Summary |
---|---|---|
P1 | JDK-8166148 | Fix for JDK-8165936 broke Solaris builds |
P4 | JDK-8132745 | TEST_BUG: minor cleanup of java/util/Scanner/ScanTest.java |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8132206 | move ScanTest.java into OpenJDK |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8152077 | (cal) Calendar.roll does not always roll the hours during daylight savings changes |
P3 | JDK-8165936 | Potential Heap buffer overflow when seaching timezone info files |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8151678 | com/sun/jndi/ldap/LdapTimeoutTest.java failed due to timeout on DeadServerNoTimeoutTest is incorrect |
P2 | JDK-8217606 | LdapContext#reconnect always opens a new connection |
P4 | JDK-8160768 | Add capability to custom resolve host/domain names within the default JNDI LDAP provider |
P4 | JDK-8243138 | Enhance BaseLdapServer to support starttls extended request |
P4 | JDK-8062947 | Fix exception message to correctly represent LDAP connection failure |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8193137 | Nashorn crashes when given an empty script file. |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8203357 | Container Metrics |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8230303 | JDB hangs when running monitor command |
P4 | JDK-8229378 | jdwp library loader in linker_md.c quietly truncates on buffer overflow |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8192953 | sun/management/jmxremote/bootstrap/*.sh tests fail with error : revokeall.exe: Permission denied |
P3 | JDK-8061616 | HotspotDiagnosticMXBean.getVMOption() throws IllegalArgumentException for flags of type double |
P3 | JDK-8226575 | OperatingSystemMXBean should be made container aware |
P5 | JDK-8025886 | replace [[ and == bash extensions in regtest |
Priority | Bug | Summary |
---|---|---|
P1 | JDK-8148754 | C2 loop unrolling fails due to unexpected graph shape |
P2 | JDK-8252573 | 8u: Windows build failed after 8222079 backport |
P3 | JDK-8214862 | assert(proj != __null) at compile.cpp:3251 |
P3 | JDK-8234617 | C1: Incorrect result of field load due to missing narrowing conversion |
P3 | JDK-8230711 | ConnectionGraph::unique_java_object(Node* N) return NULL if n is not in the CG |
P3 | JDK-8240676 | Meet not symmetric failure when running lucene on jdk8 |
P4 | JDK-8237951 | CTW: C2 compilation fails with "malformed control flow" |
P4 | JDK-8222079 | Don't use memset to initialize fields decode_env constructor in disassembler.cpp |
P4 | JDK-8219919 | RuntimeStub's name lost with PrintFrameConverterAssembly |
P4 | JDK-8167300 | Scheduling failures during gcm should be fatal |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8248851 | CMS: Missing memory fences between free chunk check and klass read |
P3 | JDK-8231779 | crash HeapWord*ParallelScavengeHeap::failed_mem_allocate |
P3 | JDK-8057003 | Large reference arrays cause extremely long synchronization times |
P4 | JDK-8153583 | Make OutputAnalyzer.reportDiagnosticSummary public |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8216283 | Allow shorter method sampling interval than 10 ms |
P3 | JDK-8221569 | JFR tool produces incorrect output when both --categories and --events are specified |
P3 | JDK-8217647 | JFR: recordings on 32-bit systems unreadable |
P3 | JDK-8224217 | RecordingInfo should use textual representation of path |
P4 | JDK-8246310 | Clean commented-out code about ModuleEntry andPackageEntry in JFR |
P4 | JDK-8246384 | Enable JFR by default on supported architectures for October 2020 release |
P4 | JDK-8219566 | JFR did not collect call stacks when MaxJavaStackTraceDepth is set to zero |
P4 | JDK-8220555 | JFR tool shows potentially misleading message when it cannot access a file |
P4 | JDK-8252084 | Minimal VM fails to bootcycle: undefined symbol: AgeTableTracer::is_tenuring_distribution_event_enabled |
P4 | JDK-8243489 | Thread CPU Load event may contain wrong data for CPU time under certain conditions |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8254673 | call for JvmtiExport::post_vm_start() was removed by the fix for JDK-8249158 |
P3 | JDK-8035493 | JVMTI PopFrame capability must instruct compilers not to prune locals |
P4 | JDK-8249158 | THREAD_START and THREAD_END event posted in primordial phase |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8235325 | build failure on Linux after 8235243 |
P2 | JDK-8060721 | Test runtime/SharedArchiveFile/LimitSharedSizes.java fails in jdk 9 fcs new platforms/compiler |
P3 | JDK-8148854 | Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalent |
P3 | JDK-8064319 | Need to enable -XX:+TraceExceptions in release builds |
P4 | JDK-8048933 | -XX:+TraceExceptions output should include the message |
P4 | JDK-8023697 | failed class resolution reports different class name in detail message for the first and subsequent times |
P4 | JDK-8235243 | handle VS2017 15.9 and VS2019 in abstract_vm_version |
P4 | JDK-8240295 | hs_err elapsed time in seconds is not accurate enough |
P4 | JDK-8250875 | Incorrect parameter type for update_number in JDK_Version::jdk_update |
P4 | JDK-8211714 | Need to update vm_version.cpp to recognise VS2017 minor versions |
P4 | JDK-8248643 | Remove extra leading space in JDK-8240295 8u backport |
P4 | JDK-8254937 | Revert JDK-8148854 for 8u272 |
P4 | JDK-8193234 | When using -Xcheck:jni an internally allocated buffer can leak |
P4 | JDK-8184762 | ZapStackSegments should use optimized memset |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8235687 | Contents/MacOS/libjli.dylib cannot be a symlink |
P3 | JDK-8238225 | Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary |
P4 | JDK-8251120 | [8u] HotSpot build assumes ENABLE_JFR is set to either true or false |
P4 | JDK-8154313 | Generated javadoc scattered all over the place |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8245474 | Add TLS_KRB5 cipher suites support according to RFC-2712 |
P4 | JDK-8245468 | Add TLSv1.3 implementation classes from 11.0.7 |
P4 | JDK-8245477 | Adjust TLS tests location |
P4 | JDK-8245472 | Backport JDK-8038893 to JDK8 |
P4 | JDK-8251478 | Backport TLSv1.3 regression tests to JDK8u |
P4 | JDK-8245476 | Disable TLSv1.3 protocol in the ClientHello message by default |
P4 | JDK-8245470 | Fix JDK8 compatibility issues |
P4 | JDK-8245473 | OCSP stapling support |
P4 | JDK-8245467 | Remove 8u TLSv1.2 implementation files |
P4 | JDK-8245469 | Remove DTLS protocol implementation |
P4 | JDK-8245471 | Revert JDK-8148188 |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8243321 | Add Entrust root CA - G4 to Oracle Root CA program |
P3 | JDK-8243320 | Add SSL root certificates to Oracle Root CA program |
P3 | JDK-8242556 | Cannot load RSASSA-PSS public key with non-null params from byte array |
P3 | JDK-8211049 | Second parameter of "initialize" method is not used |
P4 | JDK-8238388 | libj2gss/NativeFunc.o "multiple definition" link errors with GCC10 |
P4 | JDK-8165996 | PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite |
P4 | JDK-8161973 | PKIXRevocationChecker.getSoftFailExceptions() not working |
P4 | JDK-8151834 | Test SmallPrimeExponentP.java times out intermittently |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8220165 | Encryption using GCM results in RuntimeException: input length out of bound |
P2 | JDK-8233954 | UnsatisfiedLinkError or NoSuchAlgorithmException after removing sunec.dll |
P3 | JDK-8078880 | Mark a few more intermittently failing security-libs tests |
P3 | JDK-8201633 | Problems with AES-GCM native acceleration |
Priority | Bug | Summary |
---|---|---|
P1 | JDK-8225695 | 32-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support) |
P2 | JDK-8238898 | Missing hash characters for header on license file |
P3 | JDK-8228835 | Memory leak in PKCS11 provider when using AES GCM |
P3 | JDK-8165275 | Replace the reflective call to the implUpdate method in HandshakeMessage::digestKey |
P3 | JDK-8144539 | Update PKCS11 tests to run with security manager |
P3 | JDK-8080462 | Update SunPKCS11 provider with PKCS11 v2.40 support |
P4 | JDK-8251117 | Cannot check P11Key size in P11Cipher and P11AEADCipher |
Priority | Bug | Summary |
---|---|---|
P1 | JDK-8207317 | SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy |
P2 | JDK-8206929 | Check session context for TLS 1.3 session resumption |
P2 | JDK-8236039 | JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3 |
P2 | JDK-8209916 | NPE in SupportedGroupsExtension |
P2 | JDK-8206176 | Remove the temporary tls13VN field |
P2 | JDK-8214129 | SSL session resumption/SNI with TLS1.2 causes StackOverflowError |
P2 | JDK-8145854 | SSLContextImpl.statusResponseManager should be generated if required |
P2 | JDK-8206355 | SSLSessionImpl.getLocalPrincipal() throws NPE |
P2 | JDK-8216326 | SSLSocket stream close() does not close the associated socket |
P2 | JDK-8207237 | SSLSocket#setEnabledCipherSuites is accepting empty string |
P2 | JDK-8208166 | Still unable to use custom SSLEngine with default TrustManagerFactory after JDK-8207029 |
P2 | JDK-8214098 | sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. |
P2 | JDK-8216045 | The size of key_exchange may be wrong on FFDHE |
P2 | JDK-8207009 | TLS 1.3 half-close and synchronization issues |
P2 | JDK-8211806 | TLS 1.3 handshake server name indication is missing on a session resume |
P2 | JDK-8196584 | TLS 1.3 Implementation |
P2 | JDK-8210334 | TLS 1.3 server fails if ClientHello doesn't have pre_shared_key and psk_key_exchange_modes |
P2 | JDK-8210846 | TLSv.1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth |
P2 | JDK-8207029 | Unable to use custom SSLEngine with default TrustManagerFactory after updating to JDK 11 b21 |
P3 | JDK-8245681 | Add TLSv1.3 regression test from 11.0.7 |
P3 | JDK-8207058 | Backport System Property jdk.tls.server.protocols |
P3 | JDK-8245466 | Backport TLSv1.3 protocol implementation |
P3 | JDK-8225766 | Curve in certificate should not affect signature scheme when using TLSv1.3 |
P3 | JDK-8219389 | Delegated task created by SSLEngine throws BufferUnderflowException |
P3 | JDK-8215790 | Delegated task created by SSLEngine throws java.nio.BufferUnderflowException |
P3 | JDK-8221270 | Duplicated synchronized keywords in SSLSocketImpl |
P3 | JDK-8215524 | Finished message validation failure should be decrypt_error alert |
P3 | JDK-8218889 | Improperly use of the Optional API |
P3 | JDK-8212738 | Incorrectly named signature scheme ecdsa_secp512r1_sha512 |
P3 | JDK-8028518 | Increase the priorities of GCM cipher suites |
P3 | JDK-8203687 | javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3 |
P3 | JDK-8231810 | javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java fails intermittently with "java.lang.Exception: Unexpected EOF" |
P3 | JDK-8233621 | Mismatch in jsse.enableMFLNExtension property name |
P3 | JDK-8210974 | No extensions debug log for ClientHello |
P3 | JDK-8213782 | NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers |
P3 | JDK-8213202 | Possible race condition in TLS 1.3 session resumption |
P3 | JDK-8210989 | RSASSA-PSS certificate cannot be selected for client auth on TLSv1.2 |
P3 | JDK-8207223 | SSL Handshake failures are reported with more generic SSLException |
P3 | JDK-8214339 | SSLSocketImpl erroneously wraps SocketException |
P3 | JDK-8209965 | The "supported_groups" extension in ServerHellos |
P3 | JDK-8211866 | TLS 1.3 CertificateRequest message sometimes offers disallowed signature algorithms |
P3 | JDK-8212885 | TLS 1.3 resumed session does not retain peer certificate chain |
P3 | JDK-8214688 | TLS 1.3 session resumption with hello retry request failed with "illegal_parameter" |
P3 | JDK-8217610 | TLSv1.3 fail with ClassException when EC keys are stored in PKCS11 |
P3 | JDK-8221253 | TLSv1.3 may generate TLSInnerPlainText longer than 2^14+1 bytes |
P4 | JDK-4919790 | Errors in alert ssl message does not reflect the actual certificate status |
P4 | JDK-8234724 | javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java supports TLSv1.3 |
P4 | JDK-8234723 | javax/net/ssl/TLS tests support TLSv1.3 |
P4 | JDK-8251341 | Minimal Java specification change |
P4 | JDK-8214321 | Misleading code in SSLCipher |
P4 | JDK-8245653 | Remove 8u TLS tests |
P4 | JDK-8223482 | Unsupported ciphersuites may be offered by a TLS client |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8239385 | Support the 'canonicalize' setting (krb5.conf) in the Kerberos client |
P4 | JDK-8249610 | Make sun.security.krb5.Config.getBooleanObject(String... keys) method public |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8163251 | Hard coded loop limit prevents reading of smart card data greater than 8k |
P4 | JDK-8244151 | Update MUSCLE PC/SC-Lite headers to1.8.26 |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8217878 | ENVELOPING XML signature no longer works |
P3 | JDK-8236645 | JDK 8u231 introduces a regression with incompatible handling of XML messages |
P3 | JDK-8177334 | Update xmldsig implementation to Apache Santuario 2.1.1 |
P3 | JDK-8218629 | XML Digital Signature throws NAMESPACE_ERR exception on OpenJDK 11, works 8/9/10 |
Priority | Bug | Summary |
---|---|---|
P4 | JDK-8241888 | Mirror jdk.security.allowNonCaAnchor system property with a security one |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8246193 | Possible NPE in ENC-PA-REP search in AS-REQ |
Priority | Bug | Summary |
---|---|---|
P2 | JDK-8031625 | javadoc problems referencing inner class constructors |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8169925 | Organize licenses by module in source, JMOD file, and run-time image |
Priority | Bug | Summary |
---|---|---|
P3 | JDK-8046274 | Removing dependency on jakarta-regexp |