This section lists all the changes in the selected update release.

Issue
Priority
Title
Component
Voting
JDK-7065233 4 To interpret case-insensitive string locale independently security-libs / javax.crypto 0
JDK-8219597 4 (bf) Heap buffer state changes could provoke unexpected exceptions core-libs / java.nio 0
JDK-8224549
/ CVE-2020-2757
2 Less Blocking Array Queues Serialization 0
JDK-8224541
/ CVE-2020-2756
2 Better mapping of serial ENUMs Serialization 0
JDK-8225603 2 Enhancement for big integers core-libs / java.math 0
JDK-8227542 2 Manifest improved jar headers core-svc / java.lang.instrument 0
JDK-8231415
/ CVE-2020-2773
2 Better signatures in XML Security 0
JDK-8233250 2 Better X11 rendering client-libs / 2d 0
JDK-8233410 2 Better Build Scripting infrastructure / build 0
JDK-8234027 2 Better JCEKS key support security-libs / java.security 0
JDK-8234408
/ CVE-2020-2781
2 Improve TLS session handling JSSE 0
JDK-8234825
/ CVE-2020-2800
2 Better Headings for HTTP Servers Lightweight HTTP Server 0
JDK-8234841
/ CVE-2020-2803
2 Enhance buffering of byte buffers Libraries 0
JDK-8235274
/ CVE-2020-2805
2 Enhance typing of methods Libraries 0
JDK-8236201
/ CVE-2020-2830
2 Better Scanner conversions Concurrency 0
JDK-8238960 2 linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap infrastructure / build 0
JDK-8240621 3 Build failure on Windows after JDK-8044500 security-libs / javax.security 0

This section organizes the changes in the selected update release by the main component under which each issue is filed.

Core Libs (8)

Issue
Priority
Title
Component
Voting
JDK-8219597 4 (bf) Heap buffer state changes could provoke unexpected exceptions core-libs / java.nio 0
JDK-8224549 2 Less Blocking Array Queues core-libs / java.io:serialization 0
JDK-8224541 2 Better mapping of serial ENUMs core-libs / java.io:serialization 0
JDK-8225603 2 Enhancement for big integers core-libs / java.math 0
JDK-8234825 2 Better Headings for HTTP Servers core-libs / java.net 0
JDK-8234841 2 Enhance buffering of byte buffers core-libs / java.nio 0
JDK-8235274 2 Enhance typing of methods core-libs / java.lang.invoke 0
JDK-8236201 2 Better Scanner conversions core-libs / java.util.regex 0

Security Libs (5)

Issue
Priority
Title
Component
Voting
JDK-7065233 4 To interpret case-insensitive string locale independently security-libs / javax.crypto 0
JDK-8231415 2 Better signatures in XML security-libs / javax.xml.crypto 0
JDK-8234027 2 Better JCEKS key support security-libs / java.security 0
JDK-8234408 2 Improve TLS session handling security-libs / javax.net.ssl 0
JDK-8240621 3 Build failure on Windows after JDK-8044500 security-libs / javax.security 0

Client Libs (1)

Issue
Priority
Title
Component
Voting
JDK-8233250 2 Better X11 rendering client-libs / 2d 0

Other (3)

Issue
Priority
Title
Component
Voting
JDK-8227542 2 Manifest improved jar headers core-svc / java.lang.instrument 0
JDK-8233410 2 Better Build Scripting infrastructure / build 0
JDK-8238960 2 linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap infrastructure / build 0

This section summarizes JDK Common Vulnerabilities and Exposure (CVE) fixes in the selected update release.

CVE Fixes (8)

CVE
Component
Protocol
CVSS Version 3.0 Risk (see Risk Matrix Definitions)
Base Score
Attack Vector
Attack Complex
Privs Req'd
User Interact
Scope
Confidentiality
Integrity
Availability
Notes
CVE-2020-2805
/ JDK-8235274
Libraries Multiple 8.3 Network High None Required Changed High High High Note 1 *
CVE-2020-2803
/ JDK-8234841
Libraries Multiple 8.3 Network High None Required Changed High High High Note 1 *
CVE-2020-2781
/ JDK-8234408
JSSE HTTPS 5.3 Network Low None None Unchanged None None Low Note 3 *
CVE-2020-2830
/ JDK-8236201
Concurrency Multiple 5.3 Network Low None None Unchanged None None Low Note 3 *
CVE-2020-2800
/ JDK-8234825
Lightweight HTTP Server Multiple 4.8 Network High None None Unchanged Low Low None Note 2 *
CVE-2020-2773
/ JDK-8231415
Security Multiple 3.7 Network High None None Unchanged None None Low Note 3 *
CVE-2020-2757
/ JDK-8224549
Serialization Multiple 3.7 Network High None None Unchanged None None Low Note 3 *
CVE-2020-2756
/ JDK-8224541
Serialization Multiple 3.7 Network High None None Unchanged None None Low Note 3 *

Notes:

ID Notes
1 This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).
2 This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.
3 This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.
  • ID: 1

    Notes: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

  • ID: 2

    Notes: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

  • ID: 3

    Notes: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

Security-Related Non-CVE (6)

Issue
Priority
Title
Component
JDK-8225603 2 Enhancement for big integers core-libs / java.math
JDK-8227542 2 Manifest improved jar headers core-svc / java.lang.instrument
JDK-8233250 2 Better X11 rendering client-libs / 2d
JDK-8233410 2 Better Build Scripting infrastructure / build
JDK-8234027 2 Better JCEKS key support security-libs / java.security
JDK-8238960 2 linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap infrastructure / build