RELEASE NOTES: JDK openjdk8u412

Notes generated: Fri Mar 01 05:31:12 CET 2024

JEPs

None.

RELEASE NOTES

security-libs/org.ietf.jgss:krb5

Issue Description
JDK-8168518

rcache interop with krb5-1.15


The hash algorithm used in the Kerberos 5 replay cache file (rcache) is updated from MD5 to SHA256 with this change. This is also the algorithm used by MIT krb5-1.15. This change is interoperable with earlier releases of MIT krb5, which means Kerberos 5 acceptors from JDK 9 and MIT krb5-1.14 can share the same rcache file.

A new system property named jdk.krb5.rcache.useMD5 is introduced. If the system property is set to "true", JDK 9 will still use the MD5 hash algorithm in rcache. This is useful when both of the following conditions are true: 1) the system has a very coarse clock and has to depend on hash values in replay attack detection, and 2) interoperability with earlier versions of JDK for rcache files is required. The default value of this system property is "false".


FIXED ISSUES

client-libs/2d

Priority Bug Summary
P4 JDK-8192931 Regression test java/awt/font/TextLayout/CombiningPerf.java fails

client-libs/java.awt

Priority Bug Summary
P3 JDK-8021961 setAlwaysOnTop doesn't behave correctly in Linux/Solaris under certain scenarios
P4 JDK-8222323 ChildAlwaysOnTopTest.java fails with "RuntimeException: Failed to unset alwaysOnTop"

client-libs/javax.sound

Priority Bug Summary
P3 JDK-8301310 The SendRawSysexMessage test may cause a JVM crash

client-libs/javax.swing

Priority Bug Summary
P3 JDK-8016451 Scary messages emitted by build.tools.generatenimbus.PainterGenerator during build

core-libs/java.net

Priority Bug Summary
P4 JDK-8155590 Dubious collection management in sun.net.www.http.KeepAliveCache

core-libs/java.time

Priority Bug Summary
P3 JDK-8322725 (tz) Update Timezone Data to 2023d
P3 JDK-8325150 (tz) Update Timezone Data to 2024a

core-svc/tools

Priority Bug Summary
P4 JDK-8251155 HostIdentifier fails to canonicalize hostnames starting with digits
P4 JDK-8276139 TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test

docs

Priority Bug Summary
P4 JDK-8251551 Use .md filename extension for README

hotspot/compiler

Priority Bug Summary
P4 JDK-8324530 Build error with gcc 10

hotspot/runtime

Priority Bug Summary
P3 JDK-8079441 Intermittent failures on Windows with "Unexpected exit from test [exit code: 1080890248]" (0x406d1388)
P4 JDK-8186199 [windows] JNI_DestroyJavaVM not covered by SEH
P4 JDK-8074860 Structured Exception Catcher missing around CreateJavaVM on Windows
P4 JDK-8183503 Update hotspot tests to allow for unique test classes directory
P4 JDK-8213410 UseCompressedOops requirement check fails fails on 32-bit system

hotspot/test

Priority Bug Summary
P2 JDK-8208701 Fix for JDK-8208655 causes test failures in CI tier1
P3 JDK-8208706 compiler/tiered/ConstantGettersTransitionsTest.java fails to compile
P4 JDK-8208655 use JTreg skipped status in hotspot tests

infrastructure/build

Priority Bug Summary
P4 JDK-8321060 [8u] hotspot needs to recognise VS2022
P4 JDK-8323202 [8u] Remove get_source.sh and hgforest.sh
P4 JDK-8270517 Add Zero support for LoongArch
P4 JDK-8011180 Delete obsolete scripts
P4 JDK-8324184 Windows VS2010 build failed with "error C2275: 'int64_t'"

infrastructure/release_eng

Priority Bug Summary
P4 JDK-8320713 Bump update version of OpenJDK: 8u412

other-libs/other

Priority Bug Summary
P4 JDK-8186095 upgrade to jtreg 4.2 b08

security-libs

Priority Bug Summary
P3 JDK-8315757 [8u] Add cacerts JTREG tests to GHA tier1 test set
P3 JDK-8315042 NPE in PKCS7.parseOldSignedData
P4 JDK-8270280 security/infra/java/security/cert/CertPathValidator/certification/LetsEncryptCA.java OCSP response error

security-libs/java.security

Priority Bug Summary
P3 JDK-8308592 Framework for CA interoperability testing
P3 JDK-8268678 LetsEncryptCA.java test fails as Let’s Encrypt Authority X3 is retired
P3 JDK-8224768 Test ActalisCA.java fails
P3 JDK-8288132 Update test artifacts in QuoVadis CA interop tests
P4 JDK-8272708 [Test]: Cleanup: test/jdk/security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java no longer needs ocspEnabled
P4 JDK-8297955 LDAP CertStore should use LdapName and not String for DNs
P4 JDK-8312126 NullPointerException in CertStore.getCRLs after 8297955

security-libs/org.ietf.jgss:krb5

Priority Bug Summary
P4 JDK-8168518 rcache interop with krb5-1.15