RELEASE NOTES FOR: openjdk8u462 ==================================================================================================== Notes generated: Thu Jul 03 05:11:22 CEST 2025 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: security-libs/java.security: JDK-8359170: Added 4 New Root Certificates from Sectigo Limited The following root certificates have been added to the cacerts truststore: ``` + Sectigo Limited + sectigocodesignroote46 DN: CN=Sectigo Public Code Signing Root E46, O=Sectigo Limited, C=GB + Sectigo Limited + sectigocodesignrootr46 DN: CN=Sectigo Public Code Signing Root R46, O=Sectigo Limited, C=GB + Sectigo Limited + sectigotlsroote46 DN: CN=Sectigo Public Server Authentication Root E46, O=Sectigo Limited, C=GB + Sectigo Limited + sectigotlsrootr46 DN: CN=Sectigo Public Server Authentication Root R46, O=Sectigo Limited, C=GB ``` JDK-8350498: Removed Two Camerfirma Root Certificates The following root certificates, which are terminated and no longer in use, have been removed from the `cacerts` keystore: ``` + alias name "camerfirmachamberscommerceca [jdk]" Distinguished Name: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU + alias name "camerfirmachambersignca [jdk]" Distinguished Name: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU ``` JDK-8303770: Removed Baltimore CyberTrust Root Certificate After Expiry Date The following expired root certificate has been removed from the `cacerts` keystore: ``` + alias name "baltimorecybertrustca [jdk]" Distinguished Name: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE ``` ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: client-libs/java.awt: (P3) JDK-8274597: Some of the dnd tests time out and fail intermittently (P4) JDK-8028998: [TEST_BUG] [macosx] java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java failed (P4) JDK-8346887: DrawFocusRect() may cause an assertion failure (P4) JDK-8159694: HiDPI, Unity, java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java client-libs/java.awt:i18n: (P3) JDK-8278472: Invalid value set to CANDIDATEFORM structure core-libs/java.time: (P3) JDK-8352716: (tz) Update Timezone Data to 2025b core-libs/java.util:i18n: (P3) JDK-8356096: ISO 4217 Amendment 179 Update core-svc/debugger: (P3) JDK-8046883: com/sun/jdi/ProcessAttachTest.sh gets "java.io.IOException: Invalid process identifier" on windows hotspot/compiler: (P4) JDK-8071996: split_if accesses NULL region of ConstraintCast hotspot/runtime: (P2) JDK-8186787: clang-4.0 SIGSEGV in Unsafe_PutByte infrastructure/build: (P4) JDK-8293107: GHA: Bump to Ubuntu 22.04 infrastructure/release_eng: (P4) JDK-8351098: Bump update version of OpenJDK: 8u462 security-libs/java.security: (P2) JDK-8359170: Add 2 TLS and 2 CS Sectigo roots (P2) JDK-8186143: keytool -ext option doesn't accept wildcards for DNS subject alternative names (P3) JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts (P3) JDK-8303770: Remove Baltimore root certificate expiring in May 2025 (P4) JDK-8026976: ECParameters, Point does not match field size (P4) JDK-8350498: Remove two Camerfirma root CA certificates (P4) JDK-8345133: Test sun/security/tools/jarsigner/TsacertOptionTest.java failed: Warning found in stdout security-libs/jdk.security: (P4) JDK-8341946: [8u] sun/security/pkcs11/ec/ tests fail on RHEL9 tools/javadoc(tool): (P4) JDK-8248001: javadoc generates invalid HTML pages whose ftp:// links are broken xml: (P4) JDK-8274606: Fix jaxp/javax/xml/jaxp/unittest/transform/SurrogateTest.java test