RELEASE NOTES: JDK openjdk8u292

Notes generated: Sun Dec 01 22:58:44 CET 2024

JEPs

None.

RELEASE NOTES

tools/javac

Issue Description
JDK-8078024

Several incorporation steps are silently failing when an error should be reported


Reporting previously silent errors found during incorporation, JLS 8 §18.3, was supposed to be a clean-up with performance only implications. But consider the test case: ``` import java.util.Arrays; import java.util.List;

class Klass { public static List> foo(List... lists) { return foo(Arrays.asList(lists)); }

public static <B> List<List<B>> foo(List<? extends List<? extends B>> lists) {
    return null;
}

} ``` This code was not accepted before the patch for [1], but after this patch the compiler is accepting it. Accepting this code is the right behavior as not reporting incorporation errors was a bug in the compiler.

While determining the applicability of method: ` <B> List<List<B>> foo(List<? extends List<? extends B>> lists) For which we have the constraints: `` b <: Object t <: List t<: Object List <: t ``` First, inference variable b is selected for instantiation: ``` b = CAP1 of ? extends A ``` so this implies that: ``` t <: List t<: Object List <: t ``` Now all the bounds are checked for consistency. While checking if List is a subtype of List a bound error is reported. Before the compiler was just swallowing it. As now the error is reported while inference variable b is being instantiated, the bound set is rolled back to it's initial state, 'b' is instantiated to Object, and with this instantiation the constraint set is solvable, the method is applicable, it's the only applicable one and the code is accepted as correct. The compiler behavior in this case is defined at JLS 8 §18.4

This fix has source compatibility impact, right now code that wasn't being accepted is now being accepted by the javac compiler. Currently there are no reports of any other kind of incompatibility.

[1] https://bugs.openjdk.java.net/browse/JDK-8078024


security-libs/javax.net.ssl

Issue Description
JDK-8202343

Disable TLS 1.0 and 1.1


TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer considered secure and have been superseded by more secure and modern versions (TLS 1.2 and 1.3).

These versions have now been disabled by default. If you encounter issues, you can, at your own risk, re-enable the versions by removing "TLSv1" and/or "TLSv1.1" from the jdk.tls.disabledAlgorithms security property in the java.security configuration file.


JDK-8253368

Behavior changes for SSLSocket input stream shut down


The SunJSSE close notification checks for SSLSocket have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs.

If an application tries to close the input stream of an SSLSocket (via shutdownInput() method) without having received a close notification message from its peer, the SSLSocket will no longer:

  1. trigger the transmission of a TLS fatal-level alert to the peer, and
  2. invalidate the current TLS session.

The new behavior will still consider this condition an error and will throw a local javax.net.ssl.SSLException. A fatal-level alert will no longer be sent to the peer, and the underlying session will remain valid.

In addition, the internal transport context for the SSLSocket will also now be closed. Previously, this step didn't occur if a fatal message was generated.


JDK-8242141

New System Properties to Configure the TLS Signature Schemes


Two new system properties have been added to customize the TLS signature schemes in JDK. jdk.tls.client.SignatureSchemes has been added for the TLS client side, and jdk.tls.server.SignatureSchemes has been added for the server side.

Each system property contains a comma-separated list of supported signature scheme names specifying the signature schemes that could be used for the TLS connections.

The names are described in the "Signature Schemes" section of the Java Security Standard Algorithm Names Specification.


client-libs/java.awt

Issue Description
JDK-8211301

Deprecated NSWindowStyleMaskTexturedBackground


After an upgrade of the macOS SDK used to build the JDK, the behavior of the apple.awt.brushMetalLook and textured Swing properties has changed. When these properties are set, the title of the frame is still visible. It is recommended that the apple.awt.transparentTitleBar property be set to true to make the title of the frame invisible again. The apple.awt.fullWindowContent property can also be used.

Please note that Textured window support was implemented by using the NSTexturedBackgroundWindowMask value of NSWindowStyleMask. However, this was deprecated in macOS 10.12 along with NSWindowStyleMaskTexturedBackground, which was deprecated in macOS 10.14.

For additional information, refer to the following documentation: - apple.awt.brushMetalLook: https://developer.apple.com/documentation/appkit/nstexturedbackgroundwindowmask?language=objc - apple.awt.transparentTitleBar: https://developer.apple.com/documentation/appkit/nswindow/1419167-titlebarappearstransparent?language=objc - apple.awt.fullWindowContent: https://developer.apple.com/documentation/appkit/nsfullsizecontentviewwindowmask


security-libs/java.security

Issue Description
JDK-8233228

Weak Named Curves in TLS, CertPath, and Signed JAR Disabled by Default


Weak named curves are disabled by default by adding them to the following disabledAlgorithms security properties: jdk.tls.disabledAlgorithms, jdk.certpath.disabledAlgorithms, and jdk.jar.disabledAlgorithms. The named curves are listed below.

With 47 weak named curves to be disabled, adding individual named curves to each disabledAlgorithms property would be overwhelming. To relieve this, a new security property, jdk.disabled.namedCurves, is implemented that can list the named curves common to all of the disabledAlgorithms properties. To use the new property in the disabledAlgorithms properties, precede the full property name with the keyword include. Users can still add individual named curves to disabledAlgorithms properties separate from this new property. No other properties can be included in the disabledAlgorithms properties.

To restore the named curves, remove the include jdk.disabled.namedCurves either from specific or from all disabledAlgorithms security properties. To restore one or more curves, remove the specific named curve(s) from the jdk.disabled.namedCurves property.

Curves that are disabled through jdk.disabled.namedCurves include the following: secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1

Curves that remain enabled are: secp256r1, secp384r1, secp521r1, X25519, X448


JDK-8256421

Added 2 HARICA Root CA Certificates


The following root certificates have been added to the cacerts truststore: ``` + HARICA + haricarootca2015 DN: CN=Hellenic Academic and Research Institutions RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR

  • haricaeccrootca2015 DN: CN=Hellenic Academic and Research Institutions ECC RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR ```

JDK-8172404

Tools Warn If Weak Algorithms Are Used


The keytool and jarsigner tools have been updated to warn users when weak cryptographic algorithms are used in keys, certificates, and signed JARs before they are disabled. The weak algorithms are set in the jdk.security.legacyAlgorithms security property in the java.security configuration file. In this release, the tools issue warnings for the SHA-1 hash algorithm and 1024-bit RSA/DSA keys.


FIXED ISSUES

client-libs

Priority Bug Summary
P4 JDK-8081547 Prepare client libs regression tests for running in a concurrent, headless jtreg environment

client-libs/2d

Priority Bug Summary
P3 JDK-8244621 [macos10.15] Garbled FX printing plus CoreText warnings on Catalina when building with Xcode 11
P4 JDK-7185221 [macosx] Regtest should not throw exception if a suitable display mode found
P4 JDK-6949753 [TEST BUG]: java/awt/print/PageFormat/PDialogTest.java needs update by removing a infinite loop
P4 JDK-7131835 [TEST_BUG] Test does not consider that the rounded edges of the window in Mac OS 10.7
P4 JDK-8038723 Open up some PrinterJob tests
P4 JDK-6345095 regression test EmptyClipRenderingTest fails
P4 JDK-8239091 Reversed arguments in call to strstr in freetype "debug" code.

client-libs/java.awt

Priority Bug Summary
P2 JDK-8261231 Windows IME was disabled after DnD operation
P3 JDK-8211301 [macos] support full window content options
P3 JDK-8249183 JVM crash in "AwtFrame::WmSize" method
P4 JDK-8041464 [TEST_BUG] CustomClassLoaderTransferTest does not support OS X
P4 JDK-8080953 [TEST_BUG]Test java/awt/FontClass/DebugFonts.java fails due to wrongly typed bugid
P4 JDK-8252470 java/awt/dnd/DisposeFrameOnDragCrash/DisposeFrameOnDragTest.java fails on Windows
P4 JDK-8198334 java/awt/FileDialog/8003399/bug8003399.java fails in headless mode
P4 JDK-7112454 TEST_BUG: java/awt/Choice/PopdownGeneratesMouseEvents/PopdownGeneratesMouseEvents.html failed

client-libs/javax.accessibility

Priority Bug Summary
P3 JDK-8249588 libwindowsaccessbridge issues on 64bit Windows
P4 JDK-8225805 Java Access Bridge does not close the logger

client-libs/javax.imageio

Priority Bug Summary
P4 JDK-8255937 Better cleanup for test/jdk/javax/imageio/stream/StreamFlush.java
P4 JDK-8167281 IIOMetadataNode bugs in getElementsByTagName and NodeList.item methods

client-libs/javax.sound

Priority Bug Summary
P3 JDK-8160217 JavaSound should clean up resources better
P4 JDK-8256642 [TEST_BUG] jdk/test/javax/sound/midi/MidiSystem/DefaultProperties.java failed

client-libs/javax.swing

Priority Bug Summary
P2 JDK-8249251 [dark_mode ubuntu 20.04] The selected menu is not highlighted in GTKLookAndFeel
P3 JDK-8255880 UI of Swing components is not redrawn after their internal state changed
P3 JDK-8078614 WindowsClassicLookAndFeel : MetalComboBoxUI.getbaseLine fails with IllegalArgumentException
P4 JDK-8258430 8u backport of JDK-8063107 missing test/javax/swing/JRadioButton/8041561/bug8041561.java changes
P4 JDK-8041561 Inconsistent opacity behaviour between JCheckBox and JRadioButton

core-libs

Priority Bug Summary
P3 JDK-8255908 ExceptionInInitializerError due to UncheckedIOException while initializing cgroupv1 subsystem

core-libs/java.lang

Priority Bug Summary
P2 JDK-6896810 TEST_BUG: java/lang/ref/SoftReference/Pin.java fails with OOME during System.out.println
P3 JDK-8251397 NPE on ClassValue.ClassValueMap.cacheArray

core-libs/java.lang.invoke

Priority Bug Summary
P3 JDK-8035186 j2se_jdk/jdk/test/java/lang/invoke/lambda/LogGeneratedClassesTest.java - assertion error

core-libs/java.net

Priority Bug Summary
P3 JDK-8228434 jdk/net/Sockets/Test.java fails after JDK-8227642
P4 JDK-8238579 HttpsURLConnection drops the timeout and hangs forever in read
P4 JDK-8158525 Update a few java/net tests to use the loopback address instead of the host address

core-libs/java.nio

Priority Bug Summary
P4 JDK-8150204 (fs) Enhance java/nio/file/Files/probeContentType/Basic.java debugging output
P4 JDK-8061777 (zipfs) IllegalArgumentException in ZipCoder.toString when using Shitft_JIS
P4 JDK-8186090 java.nio.Bits.unaligned() doesn't handle aarch64

core-libs/java.time

Priority Bug Summary
P3 JDK-8260356 (tz) Upgrade Timezone Data to tzdata2021a
P4 JDK-8259048 (tz) Upgrade Timezone Data to tzdata2020f

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8225435 Update IANA Language Subtag Registry to Version 2019-09-16

core-svc

Priority Bug Summary
P3 JDK-8258241 [8u] Missing doPrivileged() hunks from JDK-8226575

core-svc/java.lang.management

Priority Bug Summary
P3 JDK-8031126 java/lang/management/ThreadMXBean/ThreadUserTime.java fails intermittently

core-svc/tools

Priority Bug Summary
P3 JDK-8254854 [cgroups v1] Metric limits not properly detected on some join controller combinations

hotspot/compiler

Priority Bug Summary
P1 JDK-8195685 AArch64 cannot build with JDK-8174962
P1 JDK-8207838 AArch64: Float registers incorrectly restored in JNI call
P1 JDK-8206163 AArch64: incorrect code generation for StoreCM
P1 JDK-8155653 TestVectorUnalignedOffset.java not pushed with 8155612
P2 JDK-8172881 AArch64: assertion failure: the int pressure is incorrect
P2 JDK-8179954 AArch64: C1 and C2 volatile accesses are not sequentially consistent
P2 JDK-8173472 AArch64: C1 comparisons with null only use 32-bit instructions
P2 JDK-8177661 AArch64: Incorrect C2 patterns cause system register corruption
P2 JDK-8207345 AArch64: Trampoline generation code reads from uninitialized memory
P2 JDK-8191915 JCK tests produce incorrect results with C2
P3 JDK-8214857 "bad trailing membar" assert failure at memnode.cpp:3220
P3 JDK-8248336 AArch64: C2: offset overflow in BoxLockNode::emit
P3 JDK-8171537 aarch64: compiler/c1/Test6849574.java generates guarantee failure in C1
P3 JDK-8161190 AArch64: Fix overflow in immediate cmp instruction
P3 JDK-8171410 aarch64: long multiplyExact shifts by 31 instead of 63
P3 JDK-8216350 AArch64: monitor unlock fast path not called
P3 JDK-8257192 Integrate AArch64 JIT port into 8u
P3 JDK-8211233 MemBarNode::trailing_membar() and MemBarNode::leading_membar() need to handle dying subgraphs better
P3 JDK-8264171 Missing aarch64 parts of JDK-8236179 (C1 register allocation failure with T_ADDRESS)
P4 JDK-8168888 AArch64 port of JDK-8160591
P4 JDK-8153797 aarch64: Add Arrays.fill stub code
P4 JDK-8131779 AARCH64: add Montgomery multiply intrinsic
P4 JDK-8221658 aarch64: add necessary predicate for ubfx patterns
P4 JDK-8151775 aarch64: add support for 8.1 LSE atomic operations
P4 JDK-8150394 aarch64: add support for 8.1 LSE CAS instructions
P4 JDK-8150045 AArch64: arraycopy causes segfaults in SATB during garbage collection
P4 JDK-8155015 Aarch64: bad assert in spill generation code
P4 JDK-8217368 AArch64: C2 recursive stack locking optimisation not triggered
P4 JDK-8155617 aarch64: ClearArray does not use DC ZVA
P4 JDK-8209835 Aarch64: elide barriers on all volatile operations
P4 JDK-8132875 AArch64: Fix error introduced into AArch64 CodeCache by commit for 8130309
P4 JDK-8165673 AArch64: Fix JNI floating point argument handling
P4 JDK-8164113 AArch64: follow-up the fix for 8161598
P4 JDK-8148948 aarch64: generate_copy_longs calls align() incorrectly
P4 JDK-8153172 aarch64: hotspot crashes after the 8.1 LSE patch is merged
P4 JDK-8152840 aarch64: improve _unsafe_arraycopy stub routine
P4 JDK-8153713 aarch64: improve short array clearing using store pair
P4 JDK-8167421 AArch64: in one core system, fatal error: Illegal threadstate encountered
P4 JDK-8191129 AARCH64: Invalid value passed to critical JNI function
P4 JDK-8224880 AArch64: java/javac error with AllocatePrefetchDistance
P4 JDK-8161072 AArch64: jtreg compiler/uncommontrap/TestDeoptOOM failure
P4 JDK-8150038 aarch64: Make use of CBZ and CBNZ when comparing narrow pointer with zero
P4 JDK-8152537 aarch64: Make use of CBZ and CBNZ when comparing unsigned values with zero
P4 JDK-8149365 aarch64: memory copy does not prefetch on backwards copy
P4 JDK-8135018 AARCH64: Missing memory barriers for CMS collector
P4 JDK-8247979 aarch64: missing side effect of killing flags for clearArray_reg_reg
P4 JDK-8240353 AArch64: missing support for -XX:+ExtendedDTraceProbes in C1
P4 JDK-8150313 aarch64: optimise array copy using SIMD instructions
P4 JDK-8150082 aarch64: optimise small array copy
P4 JDK-8159063 aarch64: optimise unaligned array copy long
P4 JDK-8151502 aarch64: optimize pd_disjoint_words and pd_conjoint_words
P4 JDK-8150229 aarch64: pipeline class for several instructions is not set correctly
P4 JDK-8157841 aarch64: prefetch ignores cache line size
P4 JDK-8151340 aarch64: prefetch the destination word for write prior to ldxr/stxr loops
P4 JDK-8149080 AArch64: Recognize disjoint array copy in stub code
P4 JDK-8155100 AArch64: Relax alignment requirement for byte_map_base
P4 JDK-8167595 AArch64: SEGV in stub code cipherBlockChaining_decryptAESCrypt
P4 JDK-8158913 aarch64: SEGV running Spark terasort
P4 JDK-8148783 aarch64: SEGV running SpecJBB2013
P4 JDK-8154537 AArch64: some integer rotate instructions are never emitted
P4 JDK-8157906 aarch64: some more integer rotate instructions are never emitted
P4 JDK-8205421 AARCH64: StubCodeMark should be placed after alignment
P4 JDK-8154739 AArch64: TemplateTable::fast_xaccess loads in wrong mode
P4 JDK-8149907 aarch64: use load/store pair instructions in call_stub
P4 JDK-8155612 Aarch64: vector nodes need to support misaligned offset
P4 JDK-8213134 AArch64: vector shift failed with MaxVectorSize=8
P4 JDK-8193133 Assertion failure because 0xDEADDEAD can be in-heap
P4 JDK-8216989 CardTableBarrierSetAssembler::gen_write_ref_array_post_barrier() does not check for zero length on AARCH64
P4 JDK-8216987 ciMethodData::load_data() unpacks MDOs with non-atomic copy
P4 JDK-8219011 Implement MacroAssembler::warn method on AArch64
P4 JDK-8150652 Remove unused code in AArch64 back end
P4 JDK-8209420 Track membars for volatile accesses so they can be properly optimized

hotspot/gc

Priority Bug Summary
P2 JDK-8166229 Eliminate ParNew's use of klass_or_null()
P2 JDK-8166607 G1 needs klass_or_null_acquire
P2 JDK-8129626 G1: set_in_progress() and clear_started() needs a barrier on non-TSO platforms

hotspot/jfr

Priority Bug Summary
P2 JDK-8258396 SIGILL in jdk.jfr.internal.PlatformRecorder.rotateDisk()

hotspot/jvmti

Priority Bug Summary
P2 JDK-8215951 AArch64: jtreg test vmTestbase/nsk/jvmti/PopFrame/popframe005 segfaults
P4 JDK-8209415 Fix JVMTI test failure HS202

hotspot/other

Priority Bug Summary
P5 JDK-8224851 AArch64: fix warnings and errors with Clang and GCC 8.3

hotspot/runtime

Priority Bug Summary
P1 JDK-8196136 AArch64: Correct register use in patch for JDK-8195685
P1 JDK-8196221 AArch64: Mistake in committed patch for JDK-8195859
P1 JDK-8195859 AArch64: vtableStubs gtest fails after 8174962
P2 JDK-8211064 [AArch64] Interpreter and c1 don't correctly handle jboolean results in native calls
P2 JDK-8221725 AArch64 build failures after JDK-8221408 (Windows 32bit build build errors/warnings in hotspot)
P3 JDK-8248219 aarch64: missing memory barrier in fast_storefield and fast_accessfield
P3 JDK-8262073 assert(allocates2(pc)) failed: not in CodeBuffer memory
P3 JDK-8260349 Cannot programmatically retrieve Metaspace max set via JAVA_TOOL_OPTIONS
P3 JDK-8203481 Incorrect constraint for unextended_sp in frame:safe_for_sender
P3 JDK-8257746 Regression introduced with JDK-8250984 - memory might be null in some machines
P4 JDK-8217338 [Containers] Improve systemd slice memory limit support
P4 JDK-8237512 AArch64: aarch64TestHook leaks a BufferBlob
P4 JDK-8221220 AArch64: Add StoreStore membar explicitly for Volatile Writes in TemplateTable
P4 JDK-8154413 AArch64: Better byte behaviour
P4 JDK-8167200 AArch64: Broken stack pointer adjustment in interpreter
P4 JDK-8170100 AArch64: Crash in C1-compiled code accessing References
P4 JDK-8182581 aarch64: fix for crash caused by earlyret of compiled method
P4 JDK-8156731 aarch64: java/util/Arrays/Correct.java fails due to _generic_arraycopy stub routine
P4 JDK-8186325 AArch64: jtreg test hotspot/test/gc/g1/TestJNIWeakG1/TestJNIWeakG1.java SEGV
P4 JDK-8219635 aarch64: missing LoadStore barrier in TemplateTable::fast_storefield
P4 JDK-8218185 aarch64: missing LoadStore barrier in TemplateTable::putfield_or_static
P4 JDK-8233839 aarch64: missing memory barrier in NewObjectArrayStub and NewTypeArrayStub
P4 JDK-8228725 AArch64: Purge method call format support
P4 JDK-8148328 aarch64: redundant lsr instructions in stub code
P4 JDK-8224828 aarch64: rflags is not correct after safepoint poll
P4 JDK-8145320 Create unsafe_arraycopy and generic_arraycopy for AArch64
P4 JDK-8223186 HotSpot compile warnings from GCC 9
P4 JDK-8203699 java/lang/invoke/SpecialInterfaceCall fails with SIGILL on aarch64
P4 JDK-8215961 jdk/jfr/event/os/TestCPUInformation.java fails on AArch64
P4 JDK-8250984 Memory Docker tests fail on some Linux kernels w/o cgroupv1 swap limit capabilities
P4 JDK-8259568 PPC64 builds broken after JDK-8221408 8u backport
P4 JDK-8228400 Remove built-in AArch64 simulator
P4 JDK-8228716 Revert InstanceKlass::print_on debug additions
P4 JDK-8253476 TestUseContainerSupport.java fails on some Linux kernels w/o swap limit capabilities
P4 JDK-8221408 Windows 32bit build build errors/warnings in hotspot

hotspot/svc

Priority Bug Summary
P3 JDK-8209414 AArch64: method handle invocation does not respect JVMTI interp_only mode

hotspot/svc-agent

Priority Bug Summary
P3 JDK-7107012 sun.jvm.hostspot.code.CompressedReadStream readDouble() conversion to long mishandled
P4 JDK-8209413 AArch64: NPE in clhsdb jstack command
P4 JDK-8155627 Enable SA on AArch64

hotspot/test

Priority Bug Summary
P4 JDK-8078450 Implement consistent process for quarantine of tests

infrastructure

Priority Bug Summary
P3 JDK-8261766 [8u] hotspot needs to recognise cl.exe 19.16 to build with VS2017

infrastructure/build

Priority Bug Summary
P4 JDK-8263008 AARCH64: Add debug info for libsaproc.so
P4 JDK-8236500 Windows ucrt.dll should be looked up in versioned WINSDK subdirectory

security-libs/java.security

Priority Bug Summary
P2 JDK-8233228 Disable weak named curves by default in TLS, CertPath, and Signed JAR
P2 JDK-8259312 VerifyCACerts.java fails as soneraclass2ca cert will expire in 90 days
P3 JDK-8256421 Add 2 HARICA roots to cacerts truststore
P3 JDK-8172404 Tools should warn if weak algorithms are used before restricting them
P4 JDK-8185934 keytool and jarsigner shows "Signature algorithm: SHA1withECDSA, -1-bit key"
P4 JDK-8141457 keytool default cert fingerprint algorithm should be SHA-256
P4 JDK-8080911 sun/security/krb5/auto/UseCacheAndStoreKey.java timed out intermittently

security-libs/javax.crypto

Priority Bug Summary
P3 JDK-8035166 Remove dependency on EC classes from pkcs11 provider

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P4 JDK-8258833 Cancel multi-part cipher operations in SunPKCS11 after failures

security-libs/javax.net.ssl

Priority Bug Summary
P2 JDK-8202343 Disable TLS 1.0 and 1.1
P2 JDK-8256682 JDK-8202343 is incomplete
P2 JDK-8209333 Socket reset issue for TLS 1.3 socket close
P3 JDK-8219991 New fix of the deadlock in sun.security.ssl.SSLSocketImpl
P3 JDK-8242141 New System Properties to configure the TLS signature schemes
P3 JDK-8235263 Revert TLS 1.3 change that wrapped IOExceptions
P3 JDK-8235874 The ordering of Cipher Suites is not maintained provided through “jdk.tls.client.cipherSuites” and “jdk.tls.server.cipherSuites” system property.
P3 JDK-8253368 TLS connection always receives close_notify exception
P4 JDK-8240827 Downport SSLSocketImpl.java from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
P4 JDK-8211339 NPE during SSL handshake caused by HostnameChecker
P4 JDK-8234728 Some security tests should support TLSv1.3
P4 JDK-8253932 SSL debug log prints incorrect caller info
P4 JDK-8234727 sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3
P4 JDK-8235311 Tag mismatch may alert bad_record_mac

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P2 JDK-8250582 Revert Principal Name type to NT-UNKNOWN when requesting TGS Kerberos tickets

tools/javac

Priority Bug Summary
P3 JDK-8145051 Wrong parameter name in synthetic lambda method leads to verifier error
P4 JDK-8078024 javac, several incorporation steps are silently failing when an error should be reported

tools/launcher

Priority Bug Summary
P4 JDK-8163363 AArch64: Stack size in tools/launcher/Settings.java needs to be adjusted

xml/jaxp

Priority Bug Summary
P4 JDK-8259384 CUP version wrong in THIRD_PARTY_README after JDK-8233548