RELEASE NOTES: JDK openjdk8u362

Notes generated: Thu Feb 02 01:38:52 CET 2023

JEPs

None.

RELEASE NOTES

hotspot/runtime

Issue Description
JDK-8274840

Release Doesn't Correctly Recognize Windows 11


This release doesn't correctly identify Windows 11. The property os.name is set to Windows 10 on Windows 11. In HotSpot error logs, the OS is identified as Windows 10; however, the HotSpot error log does show the Build number. Windows 11 has Build 22000.194 or above.


security-libs/java.security

Issue Description
JDK-8269039

Disabled SHA-1 Signed JARs


JARs signed with SHA-1 algorithms are now restricted by default and treated as if they were unsigned. This applies to the algorithms used to digest, sign, and optionally timestamp the JAR. It also applies to the signature and digest algorithms of the certificates in the certificate chain of the code signer and the Timestamp Authority, and any CRLs or OCSP responses that are used to verify if those certificates have been revoked. These restrictions also apply to signed JCE providers.

To reduce the compatibility risk for JARs that have been previously timestamped, there is one exception to this policy:

  • Any JAR signed with SHA-1 algorithms and timestamped prior to January 01, 2019 will not be restricted.

This exception may be removed in a future JDK release. To determine if your signed JARs are affected by this change, run jarsigner -verify -verbose -certs on the signed JAR, and look for instances of "SHA1" or "SHA-1" and "disabled" and a warning that the JAR will be treated as unsigned in the output.

For example:

``` - Signed by "CN="Signer"" Digest algorithm: SHA-1 (disabled) Signature algorithm: SHA1withRSA (disabled), 2048-bit key

WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, SHA1 denyAfter 2019-01-01

```

JARs affected by these new restrictions should be replaced or re-signed with stronger algorithms.

Users can, at their own risk, remove these restrictions by modifying the java.security configuration file (or override it by using the java.security.properties system property) and removing "SHA1 usage SignedJAR & denyAfter 2019-01-01" from the jdk.certpath.disabledAlgorithms security property and "SHA1 denyAfter 2019-01-01" from the jdk.jar.disabledAlgorithms security property.


FIXED ISSUES

client-libs

Priority Bug Summary
P4 JDK-8295164 JDK 8 jdi tests should not use tasklist command on Windows

client-libs/java.awt

Priority Bug Summary
P4 JDK-8079255 [TEST_BUG] [macosx] Test closed/java/awt/Robot/RobotWheelTest/RobotWheelTest fails for Mac only
P4 JDK-8159599 [TEST_BUG] java/awt/Modal/ModalInternalFrameTest/ModalInternalFrameTest.java
P4 JDK-8129827 [TEST_BUG] Test java/awt/Robot/RobotWheelTest/RobotWheelTest.java fails
P4 JDK-8288928 Incorrect GPL header in pnglibconf.h (backport of JDK-8185041)

client-libs/javax.swing

Priority Bug Summary
P4 JDK-7124218 [TEST_BUG] [macosx] Space should select cell in the JTable

core-libs

Priority Bug Summary
P3 JDK-8269850 Most JDK releases report macOS version 12 as 10.16 instead of 12.0

core-libs/java.io

Priority Bug Summary
P4 JDK-8293461 Add a test for JDK-8290832

core-libs/java.lang

Priority Bug Summary
P4 JDK-8253702 BigSur version number reported as 10.16, should be 11.nn

core-libs/java.text

Priority Bug Summary
P3 JDK-8299439 java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR

core-libs/java.util.jar

Priority Bug Summary
P4 JDK-8286582 Build fails on macos aarch64 when using --with-zlib=bundled

core-libs/java.util:i18n

Priority Bug Summary
P3 JDK-8283277 ISO 4217 Amendment 171 Update
P3 JDK-8289549 ISO 4217 Amendment 172 Update

core-svc/java.lang.management

Priority Bug Summary
P4 JDK-8283903 GetContainerCpuLoad does not return the correct result in share mode

core-svc/tools

Priority Bug Summary
P4 JDK-8054066 com/sun/jdi/DoubleAgentTest.java fails with timeout

hotspot/compiler

Priority Bug Summary
P2 JDK-8271459 C2: Missing NegativeArraySizeException when creating StringBuilder with negative capacity
P4 JDK-8159720 Failure of C2 compilation with tiered prevents some C1 compilations

hotspot/gc

Priority Bug Summary
P4 JDK-8073464 GC workers do not have thread names

hotspot/jfr

Priority Bug Summary
P4 JDK-8274563 jfr/event/oldobject/TestClassLoaderLeak.java fails when GC cycles are not happening
P4 JDK-8293828 JFR: jfr/event/oldobject/TestClassLoaderLeak.java still fails when GC cycles are not happening

hotspot/runtime

Priority Bug Summary
P2 JDK-8197859 VS2017 Complains about UINTPTR_MAX definition in globalDefinitions_VisCPP.hpp
P3 JDK-8148005 One byte may be corrupted by get_datetime_string()
P3 JDK-8274840 Update OS detection code to recognize Windows 11
P3 JDK-8071530 Update OS detection code to reflect Windows 10 version change
P4 JDK-8273176 handle latest VS2019 in abstract_vm_version
P4 JDK-8241086 Test runtime/NMT/HugeArenaTracking.java is failing on 32bit Windows
P5 JDK-6885993 Named Thread: introduce print() and print_on(outputStream* st) methods

hotspot/test

Priority Bug Summary
P4 JDK-8296959 Fix hotspot shell tests of 8u on multilib systems
P4 JDK-8297141 Fix hotspot/test/runtime/SharedArchiveFile/DefaultUseWithClient.java for 8u
P4 JDK-8295288 Some vm_flags tests associate with a wrong BugID

infrastructure

Priority Bug Summary
P4 JDK-8296555 Enable hotspot/tier1 for 64-bit builds in GHA for 8u
P4 JDK-8295950 Enable langtools/tier1 in GHA for 8u

infrastructure/build

Priority Bug Summary
P3 JDK-8295714 GHA ::set-output is deprecated and will be removed
P4 JDK-8294863 Enable partial tier1 testing in GHA for JDK8
P4 JDK-8284389 Improve stability of GHA Pre-submit testing by caching cygwin installer
P4 JDK-8300178 JDK-8286496 causes build failure on older GCC
P4 JDK-8300225 JDK-8288516 causes build failure on Windows + VS2010
P4 JDK-8292762 Remove .jcheck directories from jdk8u subcomponents
P4 JDK-8284622 Update versions of some Github Actions used in JDK workflow

infrastructure/release_eng

Priority Bug Summary
P4 JDK-8293181 Bump update version of OpenJDK: 8u362

security-libs/java.security

Priority Bug Summary
P3 JDK-8269039 Disable SHA-1 Signed JARs
P3 JDK-8275887 jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled

security-libs/javax.crypto:pkcs11

Priority Bug Summary
P4 JDK-8195607 sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1

security-libs/javax.net.ssl

Priority Bug Summary
P3 JDK-8270344 Session resumption errors

security-libs/javax.xml.crypto

Priority Bug Summary
P3 JDK-8255559 Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()

tools/javac

Priority Bug Summary
P3 JDK-8265527 tools/javac/diags/CheckExamples.java fails after JDK-8078024 8u backport