Notes generated: Wed May 13 05:23:30 CEST 2026
None.
| Issue | Description | ||||
|---|---|---|---|---|---|
| JDK-8369282 |
Distrust TLS Server Certificates Anchored by Chunghwa Root Certificates and Issued After March 17, 2026 The JDK will stop trusting TLS server certificates issued after March 17, 2026 and anchored by Chunghwa root certificates, in line with similar plans announced by Google and Mozilla. TLS server certificates issued on or before March 17, 2026 will continue to be trusted until they expire. Certificates issued after that date, and anchored by the Certificate Authority listed in the table below, will be rejected. The restrictions are enforced in the JDK implementation (the An application will receive an exception with a message indicating the trust anchor is not trusted, for example:
The JDK can be configured to trust these certificates again by removing "CHUNGHWA_TLS" from the The restrictions are imposed on the following Chunghwa Root certificates included in the JDK:
You can also use the If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server. |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383018 | On the latest macOS+XCode the Robot API may report wrong colors |
| P3 | JDK-8382975 | Relax the java.awt.Robot specification |
| P5 | JDK-8274893 | Update java.desktop classes to use try-with-resources |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383011 | Additional negative value check in JPEG decoding |
| P3 | JDK-8382959 | Disabled tests in test/jdk/sun/java2d/marlin |
| P3 | JDK-8361748 | Enforce limits on the size of an XBM image |
| P3 | JDK-8373727 | New XBM images parser regression: only the first line of the bitmap array is parsed |
| P3 | JDK-8373290 | Update FreeType to 2.14.1 |
| P3 | JDK-8379158 | Update FreeType to 2.14.2 |
| P3 | JDK-8383022 | Upgrade to LittleCMS 2.12 |
| P4 | JDK-8383067 | [8u] The Marlin tests should be updated after JDK-8241307 |
| P4 | JDK-8382991 | [8u] Windows x86 VS2010 build broken by JDK-8320097 |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8376352 | [8u] Build failure on Windows 32-bit after JDK-8362308 |
| P3 | JDK-8312518 | [macos13] setFullScreenWindow() shows black screen on macOS 13 & above |
| P3 | JDK-8328999 | Update GIFlib to 5.2.2 |
| P3 | JDK-8379256 | Update GIFlib to 6.1.1 |
| P3 | JDK-8380078 | Update GIFlib to 6.1.2 |
| P3 | JDK-8375063 | Update Libpng to 1.6.54 |
| P3 | JDK-8380959 | Update Libpng to 1.6.56 |
| P3 | JDK-8382047 | Update Libpng to 1.6.57 |
| P4 | JDK-8376272 | [8u] Windows x86-32 fails to build after JDK-8359501 |
| P4 | JDK-8383070 | [TEST_BUG] Test java/awt/Mixing/HWDisappear.java fails with GTKL&F |
| P4 | JDK-8383118 | DrawFocusRect() may cause an assertion failure |
| P4 | JDK-8339271 | giflib attribution correction |
| P4 | JDK-8225487 | giflib legal file is missing attribution for openbsd-reallocarray.c. |
| P4 | JDK-8383004 | java/awt/event/KeyEvent/KeyTyped/CtrlASCII.html fails from jdk b09 on windows. |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383009 | Compilation failure in PLATFORM_API_MacOSX_MidiUtils.c with Xcode 12.5 |
| P4 | JDK-8383010 | TEST_BUG: closed/javax/sound/midi/Synthesizer/Receiver/bug6186488.java fails |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383023 | [macOS] javax/swing/JFrame/NSTexturedJFrame/NSTexturedJFrame.java |
| P3 | JDK-8383002 | javax/swing/JSpinner/8008657/bug8008657.java fails |
| P3 | JDK-8383063 | Swing: Invalid position of candidate pop-up of InputMethod in Hi-DPI on Windows |
| P4 | JDK-8383003 | [8u] The test java/awt/Mixing/AWT_Mixing/JButtonOverlapping.java started to fail after 8159690 |
| P4 | JDK-8383001 | Broken license in javax/swing/JComboBox/8072767/bug8072767.java |
| P4 | JDK-8383024 | Open source several Swing Text related tests |
| P4 | JDK-8383000 | PIT: javax/swing/RepaintManager/IconifyTest/IconifyTest.java fails on ubuntu18.04 |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383126 | [8u] test/java/util/TimeZone/tools/share/Makefile use wrong path to tzdb |
| P4 | JDK-8382957 | Update the Zlib version in open/src/java.base/share/legal/zlib.md to 1.3.1 |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383087 | Update tests for additional TestNG test permissions |
| P4 | JDK-8382973 | Update system property for Java SE specification maintenance version |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383038 | Zero name_index item of MethodParameters attribute cause MalformedParameterException. |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8223145 | Replace wildcard address with loopback or local host in tests - part 1 |
| P3 | JDK-8285836 | sun/net/www/http/KeepAliveCache/KeepAliveProperty.java failed with "RuntimeException: Failed in server" |
| P4 | JDK-8382963 | (sctp) JDK-7118373 is not fixed for SctpChannel |
| P4 | JDK-8382943 | KeepAliveCache Blocks Threads while Closing Connections |
| P4 | JDK-8153147 | Mark java/net/BindException/Test.java as intermittently failing |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383062 | (fs) java/nio/file/Files/probeContentType/ParallelProbes.java should use othervm mode |
| P4 | JDK-8277159 | Fix java/nio/file/FileStore/Basic.java test by ignoring /run/user/* mount points |
| P4 | JDK-8383016 | java/nio/file/Files/probeContentType/ForceLoad.java failing with ServiceConfigurationError without jtreg -agentvm option |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8382946 | IBM-943 charset encoder needs updating |
| P4 | JDK-8382947 | XMLEncoder/Test4625418.java fails due to "Error: Cp943 - can't read properly" |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383119 | (tz) Update Timezone Data to 2024b |
| P3 | JDK-8383122 | (tz) Update Timezone Data to 2025a |
| P3 | JDK-8373476 | (tz) Update Timezone Data to 2025c |
| P3 | JDK-8379035 | (tz) Update Timezone Data to 2026a |
| P4 | JDK-8383128 | (tz) zone.tab update missed in 2025a backport |
| P4 | JDK-8383114 | [8u] Update TzdbZoneRulesCompiler to ignore HST/EST/MST links |
| P4 | JDK-8383104 | Improve parsing of Day/Month in tzdata rules |
| Priority | Bug | Summary |
|---|---|---|
| P2 | JDK-8383014 | java/util/zip/CloseInflaterDeflaterTest.java failed with "AssertionError: Expected IOException to be thrown, but nothing was thrown" |
| P4 | JDK-8382995 | [8u] Fix SupplementalJapaneseEraTest.java for jdks with symlinked conf dir |
| P4 | JDK-8382970 | Formatter.format might take a long time to format an integer or floating-point |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383013 | Infinite loop in DeflaterOutputStream.finish() |
| P4 | JDK-8383008 | Infinite loop in ZipOutputStream.close() |
| P4 | JDK-8383123 | jdk.test.lib.util.JarUtils updates jar files incorrectly |
| P4 | JDK-8382956 | Update Zlib Data Compression Library to Version 1.3 |
| P4 | JDK-8382955 | Update Zlib Data Compression Library to Version 1.3.1 |
| P5 | JDK-8383072 | Add an operation mode to the jar command when extracting to not overwriting existing files |
| Priority | Bug | Summary |
|---|---|---|
| P2 | JDK-8383127 | XCG currency code not recognized in JDK 8u |
| P3 | JDK-8382997 | ISO 4217 Amendment 175 Update |
| P3 | JDK-8382999 | ISO 4217 Amendment 176 Update |
| P3 | JDK-8383012 | ISO 4217 Amendment 177 Update |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383028 | Add JNDI test com/sun/jndi/ldap/blits/AddTests/AddNewEntry.java |
| P3 | JDK-8237834 | com/sun/jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read timeout |
| P3 | JDK-8383052 | Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property |
| P4 | JDK-8251189 | com/sun/jndi/ldap/LdapDnsProviderTest.java failed due to timeout |
| P4 | JDK-8383032 | Update LDAP tests not to use wildcard addresses |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383109 | [8u] Test com/sun/jdi/PrivateTransportTest.sh fails on MacOS |
| P4 | JDK-8382962 | com/sun/jdi/JdbExprTest.sh: Required output "Can\\'t convert 2147483648 to int" not found |
| P4 | JDK-8382958 | TTY: NumberFormatException while trying to set values by 'set' command |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8382990 | sun/management/jmxremote/bootstrap/RmiSslBootstrapTest failed with Connection failed for no credentials |
| P4 | JDK-8383107 | [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708 |
| P4 | JDK-8382994 | [8u] Test JMXStartStopTest.java fails after JDK-8334415 |
| P4 | JDK-8382960 | sun/management/jmxremote/startstop/JMXStartStopTest.java fails intermittently: Port already in use |
| Priority | Bug | Summary |
|---|---|---|
| P2 | JDK-8383073 | jdk8u432-b06 does not compile on AIX |
| P2 | JDK-8383037 | test/compiler/8009761/Test8009761.java failed with: java.lang.RuntimeException: static java.lang.Object Test8009761.m3(boolean,boolean) not compiled |
| P3 | JDK-8383027 | C2 crash due to unexpected exception control flow |
| P3 | JDK-8383105 | C2 crashes at ciObject::get_oop() const+0x0 |
| P3 | JDK-8383094 | C2 crashes with assert(field != __null) failed: missing field |
| P3 | JDK-8382965 | C2: assert(n != __null) failed: Bad immediate dominator info. |
| P3 | JDK-8382967 | C2: failed: malformed control flow. Limit type made precise with MaxL/MinL |
| P3 | JDK-8383007 | compiler/8009761/Test8009761.java "Failed: init recursive calls: 51. After deopt 50" |
| P3 | JDK-8170464 | Remove shell script from compiler/c2/cr7005594/Test7005594.java |
| P4 | JDK-8382968 | [8u] JDK-8303466 backport to 8u requires 3 ::Identity signature fixes |
| P4 | JDK-8383106 | Bad indentation in backport of JDK-8250825 |
| P4 | JDK-8383033 | fix 2 compiler tests to avoid JDK-8208690 |
| P4 | JDK-8383025 | Fix undefined behavior in Canonicalizer::do_ShiftOp |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8186149 | quarantine gc/survivorAlignment/TestPromotionFromSurvivorToTenuredAfterMinorGC.java |
| P3 | JDK-8383017 | Test jdk/jfr/event/oldobject/TestSanityDefault.java times out for some heap sizes |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8360869 | jcstress is able to crash jdk8 on aarch64 with jfr on |
| P4 | JDK-8383101 | jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak |
| P4 | JDK-8382971 | jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java failed with "Expected chains but found none" |
| P4 | JDK-8382953 | JFR: CompilerPhase event test fails on windows 32 bit |
| P4 | JDK-8382949 | JFR: Test for CompilerCompile events fails due to time out |
| P4 | JDK-8383111 | Wrong format parameter in create_emergency_chunk_path |
| Priority | Bug | Summary |
|---|---|---|
| P1 | JDK-8382944 | [8u] AIX build break from JDK-8320005 backport |
| P2 | JDK-8383116 | clang-4.0 SIGSEGV in Unsafe_PutByte |
| P3 | JDK-8313770 | jdk/internal/platform/docker/TestSystemMetrics.java fails on Ubuntu |
| P3 | JDK-8174734 | Safepoint sync time did not increase |
| P4 | JDK-8284758 | [linux] improve print_container_info |
| P4 | JDK-8383005 | Fix container tests for jdks with symlinked conf dir |
| P4 | JDK-8056039 | Hotspot does not compile with clang 3.4 on Linux |
| P4 | JDK-8287011 | Improve container information |
| P4 | JDK-8220658 | Improve the readability of container information in the error log |
| P4 | JDK-8264524 | jdk/internal/platform/docker/TestDockerMemoryMetrics.java fails due to swapping not working |
| P4 | JDK-8382988 | Perform array bound checks while getting a length of bytecode instructions |
| P4 | JDK-8383065 | Replace ThreadLocalStorage::thread with Thread::current_or_null in jdk8 backport of JDK-8183925 |
| Priority | Bug | Summary |
|---|---|---|
| P1 | JDK-8383026 | JMXStartStopTest fails to connect to port 38112 |
| P4 | JDK-8383061 | [8u] Profiler crashes at guarantee(is_result_safe || is_in_asgct()): unsafe access to zombie method |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8377344 | [8u] Compilation failure on Windows for Linux-specific platform metric tests |
| P4 | JDK-8383015 | [8u] TestNoEagerReclaimOfHumongousRegions.java should be in gc/g1 directory |
| P4 | JDK-8376338 | Test7005594.sh fails when given a memory value with decimals |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8157758 | JDK9 does not compile on Linux with GCC 6.1 because left-shifting a negative number has undefined behavior |
| P4 | JDK-8374917 | [8u] C++ flags get passed to C compiles in the HotSpot build |
| P4 | JDK-8374899 | [8u] Fully handle clang as the toolchain in flags.m4 |
| P4 | JDK-8376225 | [8u] GHA: Apply work-around for missing JNF for MacOSX builds |
| P4 | JDK-8382951 | [8u] GHA: Dead VS2010 download link |
| P4 | JDK-8382952 | [8u] GHA: update sysroot for cross builds to Debian bullseye |
| P4 | JDK-8374948 | [8u] saproc & jsig builds add duplicate linker flags on Darwin/MacOS |
| P4 | JDK-8383064 | [8u] Separate jdk_security_infra tests from jdk_tier1 |
| P4 | JDK-8382987 | [GHA] Update checkout action to use v4 |
| P4 | JDK-8382966 | [windows, vs<2017] C4800 after 8203197 |
| P4 | JDK-8382964 | [windows] Build broken on VS2010 after "8046148: JEP 158: Unified JVM Logging" |
| P4 | JDK-8383030 | Add SECURITY.md file |
| P4 | JDK-8382969 | Enable -Woverloaded-virtual C++ warning for HotSpot build |
| P4 | JDK-8382993 | Flags introduced by configure script are not passed to ADLC build |
| P4 | JDK-8382974 | GHA: Bump macOS and Xcode versions |
| P4 | JDK-8383155 | GHA: Bump to Ubuntu 22.04 |
| P4 | JDK-8382998 | GHA: Bundle artifacts removal broken |
| P4 | JDK-8383035 | GHA: some of bundles may not get removed |
| P4 | JDK-8369226 | GHA: Switch to MacOS 15 |
| P4 | JDK-8382986 | GHA: Upgrade some actions to avoid deprecated Node 16 |
| P4 | JDK-8382976 | The macro definition for LoongArch64 zero build is not accurate. |
| P5 | JDK-8383108 | Add .vscode to .hgignore and .gitignore |
| P5 | JDK-8383112 | Harden TzdbZoneRulesCompiler against missing zone names |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8382996 | [8u] Remove duplicate license files |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8382950 | Bump update version of OpenJDK: 8u432 |
| P4 | JDK-8383020 | Bump update version of OpenJDK: 8u442 |
| P4 | JDK-8383071 | Bump update version of OpenJDK: 8u452 |
| P4 | JDK-8383115 | Bump update version of OpenJDK: 8u462 |
| P4 | JDK-8373250 | Bump update version of OpenJDK: 8u492 |
| Priority | Bug | Summary |
|---|---|---|
| P2 | JDK-8383036 | Add 2 SSL.com TLS roots |
| P3 | JDK-8382948 | Add GlobalSign 2 TLS root certificates |
| P3 | JDK-8382945 | Google CAInterop test failures |
| P3 | JDK-8383124 | Jarsigner should print a warning if an entry is removed |
| P4 | JDK-8132786 | java/security/cert/CertPathValidator/OCSP/AIACheck.java fails intermittently |
| Priority | Bug | Summary |
|---|---|---|
| P2 | JDK-8383034 | Change Entrust TLS distrust date to November 12, 2024 |
| P3 | JDK-8382961 | Disable TLS_ECDH_* cipher suites |
| P3 | JDK-8383121 | Distrust TLS server certificates anchored by Camerfirma Root CAs |
| P3 | JDK-8369282 | Distrust TLS server certificates anchored by Chunghwa ePKI Root CA |
| P3 | JDK-8383029 | Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs |
| P3 | JDK-8383089 | javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch |
| P3 | JDK-8383090 | Tests fail with SSLProtocolException: Input record too big |
| P4 | JDK-8383088 | Enable debug log for SSLEngineExplorerMatchedSNI.java |
| P4 | JDK-8383120 | Unaddressed comments during code review of JDK-8337664 |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383117 | [8u] sun/security/pkcs11/ec/ tests fail on RHEL9 |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8345578 | New test in JDK-8343622 fails with a promoted build |
| P4 | JDK-8343622 | AesDkCrypto.stringToKey should not return null |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8382972 | sun/tools/native2ascii/Native2AsciiTests.sh fails on Japanese |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383125 | Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract |
| P5 | JDK-8383110 | [8u] tools/jar/ExtractFilesTest.java and tools/jar/MultipleManifestTest.java fails with jtreg5.1 |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8383113 | clean up use of bad arguments for `@clean` in langtools tests |
| Priority | Bug | Summary |
|---|---|---|
| P3 | JDK-8074840 | Resolve disabled warnings for libjli and libjli_static |
| P4 | JDK-8353657 | [8u] Test tools/launcher/VersionCheck.java fails with debug build |
| Priority | Bug | Summary |
|---|---|---|
| P4 | JDK-8383069 | XML Transformer outputs Unicode supplementary character incorrectly to HTML |