java-17-openjdk/SOURCES/NEWS
2021-12-09 15:55:10 +00:00

155 lines
8.8 KiB
Plaintext

Key:
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
New in release OpenJDK 15.0.2 (2021-01-19):
===========================================
Live versions of these release notes can be found at:
* https://builds.shipilev.net/backports-monitor/release-notes-15.0.2.txt
* Security fixes
- JDK-8247619: Improve Direct Buffering of Characters
* Other changes
- JDK-8197981: Missing return statement in __sync_val_compare_and_swap_8
- JDK-8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test
- JDK-8247741: Test test/hotspot/jtreg/runtime/7162488/TestUnrecognizedVmOption.java fails when -XX:+IgnoreUnrecognizedVMOptions is set
- JDK-8248411: [aarch64] Insufficient error handling when CodeBuffer is exhausted
- JDK-8248596: [TESTBUG] compiler/loopopts/PartialPeelingUnswitch.java times out with Graal enabled
- JDK-8248667: Need support for building native libraries located in the test/lib directory
- JDK-8249176: Update GlobalSignR6CA test certificates
- JDK-8249192: MonitorInfo stores raw oops across safepoints
- JDK-8249217: Unexpected StackOverflowError in "process reaper" thread still happens
- JDK-8249781: AArch64: AOT compiled code crashes if C2 allocates r27
- JDK-8250257: Bump release strings for JDK 15.0.2
- JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray
- JDK-8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails
- JDK-8253191: C2: Masked byte comparisons with large masks produce wrong result on x86
- JDK-8253375: OSX build fails with Xcode 12.0 (12A7209)
- JDK-8253566: clazz.isAssignableFrom will return false for interface implementors
- JDK-8253756: C2 CompilerThread0 crash in Node::add_req(Node*)
- JDK-8253791: Issue with useAppleColor check in CSystemColors.m
- JDK-8253960: Memory leak in Java_java_lang_ClassLoader_defineClass0()
- JDK-8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate
- JDK-8254166: Zero: return-type warning in zeroInterpreter_zero.cpp
- JDK-8254177: (tz) Upgrade time-zone data to tzdata2020b
- JDK-8254319: Shenandoah: Interpreter native-LRB needs to activate during HAS_FORWARDED
- JDK-8254320: Shenandoah: C2 native LRB should activate for non-cset objects
- JDK-8254790: SIGSEGV in string_indexof_char and stringL_indexof_char intrinsics
- JDK-8254854: [cgroups v1] Metric limits not properly detected on some join controller combinations
- JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c
- JDK-8255065: Zero: accessor_entry misses the IRIW case
- JDK-8255067: Restore Copyright line in file modified by 8253191
- JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d
- JDK-8255599: Change jdk 15.0.2 milestone to fcs for build b04
- JDK-8255603: Memory/Performance regression after JDK-8210985
- JDK-8256051: nmethod_entry_barrier stub miscalculates xmm spill size on x86_32
- JDK-8256427: Test com/sun/jndi/dns/ConfigTests/PortUnreachable.java does not work on AIX
- JDK-8256618: Zero: Linux x86_32 build still fails
- JDK-8257181: s390x builds are very noisy with gc-sections messages
- JDK-8257641: Shenandoah: Query is_at_shenandoah_safepoint() from control thread should return false
- JDK-8257701: Shenandoah: objArrayKlass metadata is not marked with chunked arrays
Notes on individual issues:
===========================
core-libs/java.time:
JDK-8254177: US/Pacific-New Zone name removed as part of tzdata2020b
====================================================================
Following JDK's update to tzdata2020b, the long-obsolete files
pacificnew and systemv have been removed. As a result, the
"US/Pacific-New" zone name declared in the pacificnew data file is no
longer available for use.
Information regarding the update can be viewed at
https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html
New in release OpenJDK 15.0.1 (2020-10-20):
===========================================
Live versions of these release notes can be found at:
* https://builds.shipilev.net/backports-monitor/release-notes-15.0.1.txt
* Security fixes
- JDK-8233624: Enhance JNI linkage
- JDK-8236196: Improve string pooling
- JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
- JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
- JDK-8237995, CVE-2020-14782: Enhance certificate processing
- JDK-8240124: Better VM Interning
- JDK-8241114, CVE-2020-14792: Better range handling
- JDK-8242680, CVE-2020-14796: Improved URI Support
- JDK-8242685, CVE-2020-14797: Better Path Validation
- JDK-8242695, CVE-2020-14798: Enhanced buffer support
- JDK-8243302: Advanced class supports
- JDK-8244136, CVE-2020-14803: Improved Buffer supports
- JDK-8244479: Further constrain certificates
- JDK-8244955: Additional Fix for JDK-8240124
- JDK-8245407: Enhance zoning of times
- JDK-8245412: Better class definitions
- JDK-8245417: Improve certificate chain handling
- JDK-8248574: Improve jpeg processing
- JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
- JDK-8253019: Enhanced JPEG decoding
* Other changes
- JDK-8232114: JVM crashed at imjpapi.dll in native code
- JDK-8243470: [macos] bring back O2 opt level for unsafe.cpp
- JDK-8247251: Assert '(_pcs_length == 0 || last_pc()->pc_offset() < pc_offset) failed: must specify a new, larger pc offset' failure
- JDK-8248495: [macos] zerovm is broken due to libffi headers location
- JDK-8248745: Add jarsigner and keytool tests for restricted algorithms
- JDK-8249165: Remove unneeded nops introduced by 8234160 changes
- JDK-8249183: JVM crash in "AwtFrame::WmSize" method
- JDK-8249266: Bump release strings for JDK 15.0.1
- JDK-8249266: Change jdk 15.0.1 milestone to fcs for build b02
- JDK-8250612: jvmciCompilerToVM.cpp declares jio_printf with "void" return type, should be "int"
- JDK-8250665: Wrong translation for the month name of May in ar_JO,LB,SY
- JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)
- JDK-8250876: Fix issues with cross-compile on macos
- JDK-8250928: JFR: Improve hash algorithm for stack traces
- JDK-8251359: Shenandoah: filter null oops before calling enqueue/SATB barrier
- JDK-8251458: Parse::do_lookupswitch fails with "assert(_cnt >= 0) failed"
- JDK-8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails
- JDK-8251910: Shenandoah: Handshake threads between weak-roots and reset phases
- JDK-8252120: compiler/oracle/TestCompileCommand.java misspells "occured"
- JDK-8252292: 8240795 may cause anti-dependence to be missed
- JDK-8252359: HotSpot Not Identifying it is Running in a Container
- JDK-8252367: Undo JDK-8245000: Windows GDI functions don't support large pages
- JDK-8252368: Undo JDK-8245002: Windows GDI functions don't support NUMA interleaving
- JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/DisposeFrameOnDragTest.java fails on Windows
- JDK-8252660: Shenandoah: support manageable SoftMaxHeapSize option
- JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent
- JDK-8253222: Shenandoah: unused AlwaysTrueClosure after JDK-8246591
- JDK-8253224: Shenandoah: ShenandoahStrDedupQueue destructor calls virtual num_queues()
- JDK-8253226: Shenandoah: remove unimplemented ShenandoahStrDedupQueue::verify
- JDK-8253284: Zero OrderAccess barrier mappings are incorrect
- JDK-8253714: [cgroups v2] Soft memory limit incorrectly using memory.high
- JDK-8253727: [cgroups v2] Memory and swap limits reported incorrectly
- JDK-8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint should not access VMThread state from other threads
- JDK-8254144: Non-x86 Zero builds fail with return-type warning in os_linux_zero.cpp
- JDK-8254560: Shenandoah: Concurrent Strong Roots logging is incorrect
Notes on individual issues:
===========================
security-libs/java.security:
JDK-8250756: Added Entrust Root Certification Authority - G4 certificate
========================================================================
The Entrust root certificate has been added to the cacerts truststore:
Alias Name: entrustrootcag4
Distinguished Name: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
JDK-8250860: Added 3 SSL Corporation Root CA Certificates
=========================================================
The following root certificates have been added to the cacerts truststore for the SSL Corporation:
Alias Name: sslrootrsaca
Distinguished Name: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US
Alias Name: sslrootevrsaca
Distinguished Name: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US
Alias Name: sslrooteccca
Distinguished Name: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US