RELEASE NOTES FOR: 17.0.13 ==================================================================================================== Notes generated: Sat Jan 04 04:56:44 CET 2025 Hint: Prefix bug IDs with https://bugs.openjdk.org/browse/ to reach the relevant JIRA entry. JAVA ENHANCEMENT PROPOSALS (JEP): None. RELEASE NOTES: tools/jpackage: JDK-8295111: `jpackage` Apps May Fail to Build on Debian Linux Distros Due to Missing Shared Libraries There is an issue on Debian Linux distros where `jpackage` could not always build an accurate list of required packages from shared libraries with symbolic links in their paths, causing installations to fail due to missing shared libraries. JDK-8295111: `jpackage` May Produce an Inaccurate List of Required Packages on Debian Linux Distros Fixed an issue on Debian Linux distros where `jpackage` could not always build an accurate list of required packages from shared libraries with symbolic links in their paths, causing installations to fail due to missing shared libraries. core-libs/javax.naming: JDK-8290367: Update Default Value and Extend the Scope of com.sun.jndi.ldap.object.trustSerialData System Property In this release, the JDK implementation of the LDAP provider no longer supports deserialization of Java objects by default: * The default value of the `com.sun.jndi.ldap.object.trustSerialData` system property has been updated to `false`. * The scope of the `com.sun.jndi.ldap.object.trustSerialData` system property has been extended to cover the reconstruction of RMI remote objects from the `javaRemoteLocation` LDAP attribute. The transparent deserialization of Java objects from an LDAP context will now require an explicit opt-in. Applications that rely on reconstruction of Java objects or RMI stubs from the LDAP attributes would need to set the `com.sun.jndi.ldap.object.trustSerialData` system property to `true`. security-libs/javax.net.ssl: JDK-8279164: Disabled TLS_ECDH Cipher Suites The TLS_ECDH cipher suites have been disabled by default, by adding "ECDH" to the `jdk.tls.disabledAlgorithms` security property in the `java.security` configuration file. The TLS_ECDH cipher suites do not preserve forward-secrecy and are rarely used in practice. Note that some TLS_ECDH cipher suites were already disabled because they use algorithms that are disabled, such as 3DES and RC4. This action disables the rest. Any attempts to use cipher suites starting with "TLS_ECDH_" will fail with an `SSLHandshakeException`. Users can, at their own risk, re-enable these cipher suites by removing "ECDH" from the `jdk.tls.disabledAlgorithms` security property. Please note that this change has no effect on the TLS_ECDHE cipher suites, which are still enabled by default. JDK-8337664: Distrust TLS Server Certificates Anchored by Entrust Root Certificates and Issued After Nov 11, 2024 The JDK will stop trusting TLS server certificates issued after November 11, 2024 and anchored by Entrust root certificates, in line with similar plans recently announced by Google and Mozilla. The list of affected certificates includes certificates branded as AffirmTrust, which are managed by Entrust. TLS server certificates issued on or before November 11, 2024 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected. The restrictions will be enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the table below and the certificate has been issued after November 11, 2024. An application will receive an Exception with a message indicating the trust anchor is not trusted, for example: ``` TLS server certificate issued after 2024-11-11 and anchored by a distrusted legacy Entrust root CA: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net ``` If necessary, and at your own risk, you can work around the restrictions by removing "ENTRUST_TLS" from the `jdk.security.caDistrustPolicies` security property in the `java.security` configuration file. The restrictions are imposed on the following Entrust Root certificates included in the JDK:
Root Certificates distrusted after 2024-11-11
Distinguished Name SHA-256 Fingerprint
CN=Entrust Root Certification Authority, OU=(c) 2006 Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, O=Entrust, Inc., C=US

73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C
CN=Entrust Root Certification Authority - EC1, OU=(c) 2012 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
CN=Entrust Root Certification Authority - G2, OU=(c) 2009 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
CN=Entrust Root Certification Authority - G4, OU=(c) 2015 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88
CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77
CN=AffirmTrust Commercial, O=AffirmTrust, C=US

03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7
CN=AffirmTrust Networking, O=AffirmTrust, C=US

0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B
CN=AffirmTrust Premium, O=AffirmTrust, C=US

70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A
CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US

BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23
You can also use the `keytool` utility from the JDK to print out details of the certificate chain, as follows: keytool -v -list -alias -keystore If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server. JDK-8341059: Distrust TLS Server Certificates Anchored by Entrust Root Certificates and Issued After Nov 11, 2024 The JDK will stop trusting TLS server certificates issued after November 11, 2024 and anchored by Entrust root certificates, in line with similar plans recently announced by Google and Mozilla. The list of affected certificates includes certificates branded as AffirmTrust, which are managed by Entrust. TLS server certificates issued on or before November 11, 2024 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected. The restrictions will be enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the table below and the certificate has been issued after November 11, 2024. An application will receive an Exception with a message indicating the trust anchor is not trusted, for example: ``` TLS server certificate issued after 2024-11-11 and anchored by a distrusted legacy Entrust root CA: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net ``` If necessary, and at your own risk, you can work around the restrictions by removing "ENTRUST_TLS" from the `jdk.security.caDistrustPolicies` security property in the `java.security` configuration file. The restrictions are imposed on the following Entrust Root certificates included in the JDK:
Root Certificates distrusted after 2024-11-11
Distinguished Name SHA-256 Fingerprint
CN=Entrust Root Certification Authority, OU=(c) 2006 Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, O=Entrust, Inc., C=US

73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C
CN=Entrust Root Certification Authority - EC1, OU=(c) 2012 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
CN=Entrust Root Certification Authority - G2, OU=(c) 2009 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
CN=Entrust Root Certification Authority - G4, OU=(c) 2015 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C=US

DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88
CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77
CN=AffirmTrust Commercial, O=AffirmTrust, C=US

03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7
CN=AffirmTrust Networking, O=AffirmTrust, C=US

0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B
CN=AffirmTrust Premium, O=AffirmTrust, C=US

70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A
CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US

BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23
You can also use the `keytool` utility from the JDK to print out details of the certificate chain, as follows: keytool -v -list -alias -keystore If any of the certificates in the chain are issued by one of the root CAs in the table above are listed in the output you will need to update the certificate or contact the organization that manages the server. tools/launcher: JDK-8310201: Available Locales Information Now Listed with -XshowSettings:locale Option The `showSettings` launcher option no longer prints available locales information by default, when `-XshowSettings` is used. The `-XshowSettings:locale` option will continue to print all settings related to available locales. security-libs/java.security: JDK-8341057: Added SSL.com TLS Root CA Certificates Issued in 2022 The following root certificates have been added to the cacerts truststore: ``` + SSL.com + ssltlsrootecc2022 DN: CN=SSL.com TLS ECC Root CA 2022, O=SSL Corporation, C=US + SSL.com + ssltlsrootrsa2022 DN: CN=SSL.com TLS RSA Root CA 2022, O=SSL Corporation, C=US ``` JDK-8051959: Thread and Timestamp Options for java.security.debug System Property The `java.security.debug` system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component. `+timestamp` can be appended to debug options to print a timestamp for that debug option. `+thread` can be appended to debug options to print thread and caller information for that debug option. Examples: `-Djava.security.debug=all+timestamp+thread` adds timestamp and thread information to every debug statement generated. `-Djava.security.debug=properties+timestamp` adds timestamp information to every debug statement generated for the `properties` component. You can also specify `-Djava.security.debug=help` which will display a complete list of supported components and arguments. See [Printing Thread and Timestamp Information](https://docs.oracle.com/en/java/javase/23/security/troubleshooting-security.html#GUID-EDB76EF1-D4B2-4D32-83C1-554129526FB4) for more information. JDK-8051959: Thread and Timestamp Options for java.security.debug System Property The `java.security.debug` system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component. `+timestamp` can be appended to debug options to print a timestamp for that debug option. `+thread` can be appended to debug options to print thread and caller information for that debug option. Examples: `-Djava.security.debug=all+timestamp+thread` adds timestamp and thread information to every debug statement generated. `-Djava.security.debug=properties+timestamp` adds timestamp information to every debug statement generated for the `properties` component. You can also specify `-Djava.security.debug=help` which will display a complete list of supported components and arguments. See [Printing Thread and Timestamp Information](https://docs.oracle.com/en/java/javase/17/security/troubleshooting-security.html#GUID-EDB76EF1-D4B2-4D32-83C1-554129526FB4) for more information. JDK-8051959: Thread and Timestamp Options for java.security.debug System Property The `java.security.debug` system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component. `+timestamp` can be appended to debug options to print a timestamp for that debug option. `+thread` can be appended to debug options to print thread and caller information for that debug option. Examples: `-Djava.security.debug=all+timestamp+thread` adds timestamp and thread information to every debug statement generated. `-Djava.security.debug=properties+timestamp` adds timestamp information to every debug statement generated for the `properties` component. You can also specify `-Djava.security.debug=help` which will display a complete list of supported components and arguments. See [Printing Thread and Timestamp Information](https://docs.oracle.com/en/java/javase/21/security/troubleshooting-security.html#GUID-EDB76EF1-D4B2-4D32-83C1-554129526FB4) for more information. core-svc/java.lang.management: JDK-8338139: The ClassLoadingMXBean and MemoryMXBean isVerbose Methods Are Now Consistent with Their setVerbose Methods The `ClassLoadingMXBean::setVerbose(boolean enabled)` method will set `class+load*` logging on log output `stdout` to level `info` if `enabled` is true, and to level `off` otherwise. In contrast, the `isVerbose` method would check if exactly `class+load` logging was enabled at the `info` level on _any_ log output. This could result in counter-intuitive behavior when logging `class+load=info` to a file via the command-line, as it caused `isVerbose` to return true, even after a call to `setVerbose(false)` had been made. A similar problem existed for the `MemoryMXBean::isVerbose` method. Starting with this release, the behavior is as follows: - `ClassLoadingMXBean::isVerbose` will return true only if `class+load*` logging (note the wildcard use) has been enabled at the `info` level (or above) on the `stdout` log output. - `MemoryMXBean::isVerbose` will return true only if `gc` logging has been enabled at the `info` level (or above) on the `stdout` log output. ALL FIXED ISSUES, BY COMPONENT AND PRIORITY: client-libs: (P2) JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure (P4) JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows (P4) JDK-8275851: Deproblemlist open/test/jdk/javax/swing/JComponent/6683775/bug6683775.java (P4) JDK-8284316: Support accessibility ManualTestFrame.java for non SwingSet tests (P4) JDK-8294148: Support JSplitPane for instructions and test UI client-libs/2d: (P3) JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin (P3) JDK-8328896: Fontmetrics for large Fonts has zero width (P4) JDK-8331746: Create a test to verify that the cmm id is not ignored (P4) JDK-8279878: java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10 (P4) JDK-8320608: Many jtreg printing tests are missing the @printer keyword (P4) JDK-8320079: The ArabicBox.java test has no control buttons client-libs/java.awt: (P2) JDK-8309703: AIX build fails after JDK-8280982 (P3) JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab (P3) JDK-8321176: [Screencast] make a second attempt on screencast failure (P3) JDK-8280982: [Wayland] [XWayland] java.awt.Robot taking screenshots (P3) JDK-8280988: [XWayland] Click on title to request focus test failures (P3) JDK-8280994: [XWayland] Drag and Drop does not work in java -> wayland app direction (P3) JDK-8280993: [XWayland] Popup is not closed on click outside of area controlled by XWayland (P3) JDK-8331011: [XWayland] TokenStorage fails under Security Manager (P3) JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front (P3) JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow (P3) JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 (P3) JDK-8282526: Default icon is not painted properly (P3) JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 (P3) JDK-8309756: Occasional crashes with pipewire screen capture on Wayland (P3) JDK-8193547: Regression automated test '/open/test/jdk/java/awt/Toolkit/DesktopProperties/rfe4758438.java' fails (P3) JDK-8328999: Update GIFlib to 5.2.2 (P3) JDK-8329004: Update Libpng to 1.6.43 (P4) JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/MouseEventAfterStartDragTest.html test failed (P4) JDK-8310334: [XWayland][Screencast] screen capture error message in debug (P4) JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java (P4) JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api (P4) JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main (P4) JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test (P4) JDK-8328115: Convert java/awt/font/TextLayout/TestJustification.html applet test to main (P4) JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/GetBoundsResizeTest.java applet test to main (P4) JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html (P4) JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ClickDuringKeypress.java imports Applet (P4) JDK-8280392: java/awt/Focus/NonFocusableWindowTest/NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." (P4) JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful (P4) JDK-8316389: Open source few AWT applet tests (P4) JDK-8316240: Open source several add/remove MenuBar manual tests (P4) JDK-8316211: Open source several manual applet tests (P4) JDK-8315965: Open source various AWT applet tests (P4) JDK-8255898: Test java/awt/FileDialog/FilenameFilterTest/FilenameFilterTest.java fails on Mac OS (P4) JDK-8328561: test java/awt/Robot/ManualInstructions/ManualInstructions.java isn't used (P5) JDK-8279337: The MToolkit is still referenced in a few places client-libs/javax.accessibility: (P3) JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 (P3) JDK-8279641: Create manual JTReg tests for Swing accessibility (P4) JDK-8303830: update for deprecated sprintf for jdk.accessibility client-libs/javax.swing: (P2) JDK-8335967: "text-decoration: none" does not work with "A" HTML tags (P2) JDK-8307091: A few client tests intermittently throw ConcurrentModificationException (P3) JDK-8323801: tag doesn't strikethrough the text (P3) JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails (P3) JDK-8292948: JEditorPane ignores font-size styles in external linked css-file (P3) JDK-8328953: JEditorPane.read throws ChangedCharSetException (P3) JDK-8320692: Null icon returned for .exe without custom icon (P3) JDK-8319103: Popups that request focus are not shown on Linux with Wayland (P3) JDK-8325179: Race in BasicDirectoryModel.validateFileCache (P3) JDK-8326734: text-decoration applied to lost when mixed with or (P4) JDK-7124313: [macosx] Swing Popups should overlap taskbar (P4) JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel (P4) JDK-8327840: Automate javax/swing/border/Test4129681.java (P4) JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock (P4) JDK-8328238: Convert few closed manual applet tests to main (P4) JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main (P4) JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for , , (P4) JDK-8257540: javax/swing/JFileChooser/8041694/bug8041694.java failed with "RuntimeException: The selected directory name is not the expected 'd ' but 'D '." (P4) JDK-8293862: javax/swing/JFileChooser/8046391/bug8046391.java failed with 'Cannot invoke "java.awt.Image.getWidth(java.awt.image.ImageObserver)" because "retVal" is null' (P4) JDK-8272232: javax/swing/JTable/4275046/bug4275046.java failed with "Expected value in the cell: 'rededited' but found 'redEDITED'." (P4) JDK-8316306: Open source and convert manual Swing test (P4) JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests (P4) JDK-8316104: Open source several Swing SplitPane and RadioButton related tests (P4) JDK-8316285: Opensource JButton manual tests (P4) JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes (P4) JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected (P4) JDK-8302495: update for deprecated sprintf for java.desktop (P4) JDK-8305072: Win32ShellFolder2.compareTo is inconsistent core-libs: (P3) JDK-8333698: [17u] TestJstatdRmiPort fails after JDK-8333667 (P3) JDK-8334339: Test java/nio/file/attribute/BasicFileAttributeView/CreationTime.java fails on alinux3 (P4) JDK-8308022: update for deprecated sprintf for java.base core-libs/java.io:serialization: (P4) JDK-8222884: ConcurrentClassDescLookup.java times out intermittently core-libs/java.lang: (P4) JDK-8302800: Augment NaN handling tests of FDLIBM methods (P4) JDK-8273541: Cleaner Thread creates with normal priority instead of MAX_PRIORITY - 2 (P4) JDK-8325621: Improve jspawnhelper version checks (P4) JDK-8325567: jspawnhelper without args fails with segfault (P4) JDK-8291760: PipelineLeaksFD.java still fails: More or fewer pipes than expected core-libs/java.lang.invoke: (P4) JDK-8301704: Shorten the number of GCs in UnloadingTest.java to verify a class loader not being unloaded core-libs/java.lang:class_loading: (P4) JDK-8309241: ClassForNameLeak fails intermittently as the class loader hasn't been unloaded core-libs/java.net: (P3) JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle (P3) JDK-8292044: HttpClient doesn't handle 102 or 103 properly (P3) JDK-8304963: HttpServer closes connection after processing HEAD after JDK-7026262 (P3) JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures (P3) JDK-8284585: PushPromiseContinuation test fails intermittently in timeout (P4) JDK-8330814: Cleanups for KeepAliveCache tests (P4) JDK-8313256: Exclude failing multicast tests on AIX (P4) JDK-8316387: Exclude more failing multicast tests on AIX after JDK-8315651 (P4) JDK-8263031: HttpClient throws Exception if it receives a Push Promise that is too large (P4) JDK-8296410: HttpClient throws java.io.IOException: no statuscode in response for HTTP2 (P4) JDK-7026262: HttpServer: improve handling of finished HTTP exchanges (P4) JDK-8303965: java.net.http.HttpClient should reset the stream if response headers contain malformed header fields (P4) JDK-8308184: Launching java with large number of jars in classpath with java.protocol.handler.pkgs system property set can lead to StackOverflowError (P4) JDK-8282354: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests (P4) JDK-8331063: Some HttpClient tests don't report leaks (P4) JDK-8315651: Stop hiding AIX specific multicast socket errors via NetworkConfiguration (aix) (P4) JDK-8304962: sun/net/www/http/KeepAliveCache/B5045306.java: java.lang.RuntimeException: Failed: Initial Keep Alive Connection is not being reused (P4) JDK-8299487: Test java/net/httpclient/whitebox/SSLTubeTestDriver.java timed out (P4) JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 (P4) JDK-8308144: Uncontrolled memory consumption in SSLFlowDelegate.Reader (P4) JDK-8308801: update for deprecated sprintf for libnet in java.base (P5) JDK-8303216: Prefer ArrayList to LinkedList in sun.net.httpserver.ServerImpl core-libs/java.nio: (P3) JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) (P3) JDK-8313873: java/nio/channels/DatagramChannel/SendReceiveMaxSize.java fails on AIX due to small default RCVBUF size and different IPv6 Header interpretation (P3) JDK-8269657: Test java/nio/channels/DatagramChannel/Loopback.java failed: Unexpected message (P4) JDK-8332248: (fc) java/nio/channels/FileChannel/BlockDeviceSize.java failed with RuntimeException (P4) JDK-8313674: (fc) java/nio/channels/FileChannel/BlockDeviceSize.java should test for more block devices (P4) JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager (P4) JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 (P4) JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram (P4) JDK-8327650: Test java/nio/channels/DatagramChannel/StressNativeSignal.java timed out (P4) JDK-8337038: Test java/nio/file/attribute/BasicFileAttributeView/CreationTime.java shoud set as /native (P4) JDK-8336301: test/jdk/java/nio/channels/AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion core-libs/java.nio.charsets: (P4) JDK-8310683: Refactor StandardCharset/standard.java to use JUnit core-libs/java.text: (P4) JDK-8317372: Refactor some NumberFormat tests to use JUnit core-libs/java.util.concurrent: (P4) JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections (P4) JDK-8269428: java/util/concurrent/ConcurrentHashMap/ToArray.java timed out core-libs/java.util.jar: (P3) JDK-8259866: two java.util tests failed with "IOException: There is not enough space on the disk" (P4) JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test (P4) JDK-8330615: avoid signed integer overflows in zip_util.c readCen / hashN (P4) JDK-8303891: Speed up Zip64SizeTest using a small ZIP64 file (P4) JDK-8333398: Uncomment the commented test in test/jdk/java/util/jar/JarFile/mrjar/MultiReleaseJarAPI.java (P5) JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ReadLongZipFileName.java leaks files if it fails core-libs/java.util.logging: (P4) JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 core-libs/java.util.regex: (P3) JDK-8273430: Suspicious duplicate condition in java.util.regex.Grapheme#isExcludedSpacingMark core-libs/java.util:i18n: (P3) JDK-8334653: ISO 4217 Amendment 177 Update (P4) JDK-8334333: MissingResourceCauseTestRun.java fails if run by root (P4) JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml (P4) JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 (P4) JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 core-libs/javax.naming: (P3) JDK-8290367: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property core-svc/debugger: (P3) JDK-8324668: JDWP process management needs more efficient file descriptor handling (P4) JDK-8307850: update for deprecated sprintf for jdk.jdi (P4) JDK-8303617: update for deprecated sprintf for jdk.jdwp.agent core-svc/java.lang.management: (P1) JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods (P4) JDK-8310628: GcInfoBuilder.c missing JNI Exception checks (P4) JDK-8301279: update for deprecated sprintf for management components core-svc/javax.management: (P4) JDK-8328273: sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use (P4) JDK-8301132: Test update for deprecated sprintf in Xcode 14 core-svc/tools: (P4) JDK-8314476: TestJstatdPortAndServer.java failed with "java.rmi.NoSuchObjectException: no such object in table" (P4) JDK-8307848: update for deprecated sprintf for jdk.attach docs/guides: (P4) JDK-8331331: :tier1 target explanation in doc/testing.md is incorrect hotspot/compiler: (P2) JDK-8322726: C2: Unloaded signature class kills argument value (P3) JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) (P3) JDK-8331885: C2: meet between unloaded and speculative types is not symmetric (P3) JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 (P3) JDK-8296812: sprintf is deprecated in Xcode 14 (P4) JDK-8307352: AARCH64: Improve itable_stub (P4) JDK-8323122: AArch64: Increase itable stub size estimate (P4) JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe (P4) JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 (P4) JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string (P4) JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 (P4) JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 (P4) JDK-8005885: enhance PrintCodeCache to print more data (P4) JDK-8279068: IGV: Update to work with JDK 16 and 17 (P4) JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates (P5) JDK-8314837: 5 compiled/codecache tests ignore VM flags (P5) JDK-8277042: add test for 8276036 to compiler/codecache (P5) JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true (P5) JDK-8272558: IR Test Framework README misses some flags (P5) JDK-8315024: Vector API FP reduction tests should not test for exact equality hotspot/gc: (P2) JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration (P3) JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping (P3) JDK-8316328: Test jdk/jfr/event/oldobject/TestSanityDefault.java times out for some heap sizes (P3) JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/TestDescription.java fails with no GC's recorded (P3) JDK-8329109: Threads::print_on() tries to print CPU time for terminated GC threads (P4) JDK-8315774: Enable parallelism in vmTestbase/gc/g1/unloading tests (P4) JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests (P4) JDK-8317316: G1: Make TestG1PercentageOptions use createTestJvm (P4) JDK-8317358: G1: Make TestMaxNewSize use createTestJvm (P4) JDK-8290966: G1: Record number of PLAB filled and number of direct allocations (P4) JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm (P4) JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm (P4) JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm (P4) JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC (P4) JDK-8319713: Parallel: Remove PSAdaptiveSizePolicy::should_full_GC (P4) JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test (P4) JDK-8329134: Reconsider TLAB zapping (P4) JDK-8299971: Remove metaprogramming/conditional.hpp (P4) JDK-8299479: Remove metaprogramming/decay.hpp (P4) JDK-8299399: Remove metaprogramming/isArray.hpp (P4) JDK-8299398: Remove metaprogramming/isConst.hpp (P4) JDK-8299397: Remove metaprogramming/isFloatingPoint.hpp (P4) JDK-8299482: Remove metaprogramming/isIntegral.hpp (P4) JDK-8299402: Remove metaprogramming/isVolatile.hpp (P4) JDK-8299395: Remove metaprogramming/removeCV.hpp (P4) JDK-8299396: Remove metaprogramming/removeExtent.hpp (P4) JDK-8299481: Remove metaprogramming/removePointer.hpp (P4) JDK-8299972: Remove metaprogramming/removeReference.hpp (P4) JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java (P4) JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC (P4) JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock (P4) JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator (P4) JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp hotspot/jfr: (P3) JDK-8321220: JFR: RecordedClass reports incorrect modifiers (P3) JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines (P3) JDK-8265919: RunThese30M fails "assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8)) != 0))))) failed: invariant" (P3) JDK-8256291: RunThese30M fails "assert(_class_unload ? true : ((((JfrTraceIdBits::load(class_loader_klass)) & ((1 << 4) << 8)) != 0))) failed: invariant" (P3) JDK-8326446: The User and System of jdk.CPULoad on Apple M1 are inaccurate (P3) JDK-8326106: Write and clear stack trace table outside of safepoint (P4) JDK-8313394: Array Elements in OldObjectSample event has the incorrect description (P4) JDK-8304375: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Expected at least some events to be out of order! Reuse = false" (P4) JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak (P4) JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash (P4) JDK-8335808: update for deprecated sprintf for jfrTypeSetUtils hotspot/jvmti: (P4) JDK-8317635: Improve GetClassFields test to verify correctness of field order (P4) JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file hotspot/runtime: (P2) JDK-8316468: os::write incorrectly handles partial write (P3) JDK-8306929: Avoid CleanClassLoaderDataMetaspaces safepoints when previous versions are shared (P3) JDK-8315559: Delay TempSymbol cleanup to avoid symbol table churn (P3) JDK-8318986: Improve GenericWaitBarrier performance (P3) JDK-8293872: Make runtime/Thread/ThreadCountLimit.java more robust (P4) JDK-8324753: [AIX] adjust os_posix after JDK-8318696 (P4) JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE (P4) JDK-8306583: Add JVM crash check in CDSTestUtils.executeAndLog (P4) JDK-8300169: Build failure with clang-15 (P4) JDK-8318089: Class space not marked as such with NMT when CDS is off (P4) JDK-8324933: ConcurrentHashTable::statistics_calculate synchronization is expensive (P4) JDK-8318696: Do not use LFS64 symbols on Linux (P4) JDK-8294691: dynamicArchive/RelativePath.java is running other test case (P4) JDK-8322008: Exclude some CDS tests from running with -Xshare:off (P4) JDK-8318474: Fix memory reporter for thread_count (P4) JDK-8329605: hs errfile generic events - move memory protections and nmethod flushes to separate sections (P4) JDK-8329663: hs_err file event log entry for thread adding/removing should print current thread (P4) JDK-8330524: Linux ppc64le compile warning with clang in os_linux_ppc.cpp (P4) JDK-8289182: NMT: MemTracker::baseline should return void (P4) JDK-8315362: NMT: summary diff reports threads count incorrectly (P4) JDK-8303942: os::write should write completely (P4) JDK-8183227: read/write APIs in class os shall return ssize_t (P4) JDK-8305079: Remove finalize() from compiler/c2/Test719030 (P4) JDK-8305081: Remove finalize() from test/hotspot/jtreg/compiler/runtime/Test8168712 (P4) JDK-8300910: Remove metaprogramming/integralConstant.hpp (P4) JDK-8300264: Remove metaprogramming/isPointer.hpp (P4) JDK-8300260: Remove metaprogramming/isSame.hpp (P4) JDK-8300265: Remove metaprogramming/isSigned.hpp (P4) JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved (P4) JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified (P4) JDK-8299254: Support dealing with standard assert macro (P4) JDK-8308891: TestCDSVMCrash.java needs @requires vm.cds (P4) JDK-8298596: vmTestbase/nsk/sysdict/vm/stress/chain/chain008/chain008.java fails with "NoClassDefFoundError: Could not initialize class java.util.concurrent.ThreadLocalRandom" (P4) JDK-8305959: x86: Improve itable_stub hotspot/svc: (P3) JDK-8273216: JCMD does not work across container boundaries with Podman (P4) JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling (P4) JDK-8272777: Clean up remaining AccessController warnings in test library (P4) JDK-8315437: Enable parallelism in vmTestbase/nsk/monitoring/stress/classload tests (P4) JDK-8315442: Enable parallelism in vmTestbase/nsk/monitoring/stress/thread tests (P4) JDK-8307448: Test RedefineSharedClassJFR fail due to wrong assumption hotspot/svc-agent: (P4) JDK-8283728: jdk.hotspot.agent: Wrong location for RISCV64ThreadContext.java (P4) JDK-8303527: update for deprecated sprintf for jdk.hotspot.agent (P5) JDK-8333353: Delete extra empty line in CodeBlob.java hotspot/test: (P3) JDK-8306946: jdk/test/lib/process/ProcessToolsStartProcessTest.java fails with "wrong number of lines in OutputAnalyzer output" (P4) JDK-8301200: Don't scale timeout stress with timeout factor (P4) JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests (P4) JDK-8332898: failure_handler: log directory of commands (P4) JDK-8299635: Hotspot update for deprecated sprintf in Xcode 14 (P4) JDK-8233725: ProcessTools.startProcess() has output issues when using an OutputAnalyzer at the same time (P4) JDK-8299378: sprintf is deprecated in Xcode 14 (P4) JDK-8335918: update for deprecated sprintf for jvmti (P4) JDK-8332113: Update nsk.share.Log to be always verbose (P5) JDK-8328234: Remove unused nativeUtils files infrastructure: (P4) JDK-8334166: Enable binary check (P4) JDK-8332008: Enable issuestitle check infrastructure/build: (P3) JDK-8325444: GHA: JDK-8325194 causes a regression (P4) JDK-8337283: configure.log is truncated when build dir is on different filesystem (P4) JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected (P4) JDK-8319197: Exclude hb-subset and hb-style from compilation (P4) JDK-8325194: GHA: Add macOS M1 testing (P4) JDK-8318039: GHA: Bump macOS and Xcode versions (P4) JDK-8336928: GHA: Bundle artifacts removal broken (P4) JDK-8309934: Update GitHub Actions to use JDK 17 for building jtreg (P4) JDK-8300806: Update googletest to v1.13.0 (P5) JDK-8333477: Delete extra empty spaces in Makefiles infrastructure/release_eng: (P4) JDK-8341673: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13 (P4) JDK-8331265: Bump update version for OpenJDK: jdk-17.0.13 performance/hotspot: (P5) JDK-8298809: Clean up vm/compiler/InterfaceCalls JMH security-libs/java.security: (P2) JDK-8341057: Add 2 SSL.com TLS roots (P3) JDK-8276660: Scalability bottleneck in java.security.Provider.getService() (P4) JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run (P4) JDK-8051959: Add thread and timestamp options to java.security.debug system property (P4) JDK-8324646: Avoid Class.forName in SecureRandom constructor (P4) JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG (P4) JDK-8279222: Incorrect legacyMap.get in java.security.Provider after JDK-8276660 (P4) JDK-8292739: Invalid legacy entries may be returned by Provider.getServices() call (P4) JDK-8288568: Reduce runtime of java.security microbenchmarks (P4) JDK-8294994: Update Jarsigner and Keytool i18n tests to validate i18n compliance (P5) JDK-8280970: Cleanup dead code in java.security.Provider security-libs/javax.crypto: (P4) JDK-8315684: Parallelize sun/security/util/math/TestIntegerModuloP.java (P4) JDK-8301274: update for deprecated sprintf for security components security-libs/javax.crypto:pkcs11: (P3) JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit security-libs/javax.net.ssl: (P2) JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 (P3) JDK-8279164: Disable TLS_ECDH_* cipher suites (P3) JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs (P3) JDK-8298381: Improve handling of session tickets for multiple SSLContexts (P3) JDK-8325384: sun/security/ssl/SSLSessionImpl/ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread (P4) JDK-8337669: [17u] Backport of JDK-8284047 missed to delete a file (P4) JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" (P4) JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl (P4) JDK-8325022: Incorrect error message on client authentication (P4) JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" (P4) JDK-8310070: Test: javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out (P4) JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session tools: (P4) JDK-8331077: nroff man page update for jar tool tools/javac: (P3) JDK-8312229: Crash involving yield, switch and anonymous classes tools/javadoc(tool): (P3) JDK-8281944: JavaDoc throws java.lang.IllegalStateException: ERRONEOUS (P3) JDK-8326332: Unclosed inline tags cause misalignment in summary tables (P3) JDK-8330063: Upgrade jQuery to 3.7.1 (P4) JDK-8334332: TestIOException.java fails if run by root tools/jpackage: (P2) JDK-8295111: dpkg appears to have problems resolving symbolically linked native libraries (P4) JDK-8299779: Test tools/jpackage/share/jdk/jpackage/tests/MainClassTest.java timed out tools/jshell: (P2) JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" (P4) JDK-8312140: jdk/jshell tests failed with JDI socket timeouts tools/launcher: (P3) JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option xml/javax.xml.validation: (P4) JDK-8320602: Lock contention in SchemaDVFactory.getInstance()