This section lists and comments on the highlights of the changes in the selected update release.

    • Priority: 3
    • Title: JDK 8u231 introduces a regression with incompatible handling of XML messages
    • Component: security-libs
    • Priority: 3
    • Title: Backport TLSv1.3 protocol implementation
    • Component: security-libs
    • Priority: 3
    • Title: Remove DocuSign root certificate that is expiring in May 2020
    • Component: security-libs
    • Priority: 3
    • Title: Remove Comodo root certificate that is expiring in May 2020
    • Component: security-libs
    • Priority: 4
    • Title: Add TLSv1.3 implementation classes from 11.0.7
    • Component: security-libs

This section lists all the changes in the selected update release.

Issue
Priority
Title
Component
Voting
JDK-80062053[TESTBUG] NEED_TEST: please JTREGIFY test/compiler/7177917/Test7177917.javahotspot / compiler 0
JDK-65749894TEST_BUG: javax/sound/sampled/Clip/bug5070081.java fails sometimesclient-libs / javax.sound 0
JDK-80262365Add PrimeTest for BigIntegercore-libs / java.math 0
JDK-80258865replace [[ and == bash extensions in regtestcore-svc / java.lang.management 0
JDK-80236974failed class resolution reports different class name in detail message for the first and subsequent timeshotspot / runtime 0
JDK-80390824[TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java failsclient-libs / java.awt 0
JDK-80360885Replace strtok() with its safe equivalent strtok_s() in DefaultProxySelector.ccore-libs / java.net 0
JDK-80354933JVMTI PopFrame capability must instruct compilers not to prune localshotspot / jvmti 0
JDK-80316252javadoc problems referencing inner class constructorstools / javadoc(tool) 0
JDK-80607212Test runtime/SharedArchiveFile/LimitSharedSizes.java fails in jdk 9 fcs new platforms/compilerhotspot / runtime 0
JDK-80570033Large reference arrays cause extremely long synchronization timeshotspot / gc 0
JDK-80489334-XX:+TraceExceptions output should include the messagehotspot / runtime 0
JDK-80462743Removing dependency on jakarta-regexpxml / jaxp 0
JDK-80616163HotspotDiagnosticMXBean.getVMOption() throws IllegalArgumentException for flags of type doublecore-svc / java.lang.management 0
JDK-80643193Need to enable -XX:+TraceExceptions in release buildshotspot / runtime 0
JDK-80629474Fix exception message to correctly represent LDAP connection failurecore-libs / javax.naming 0
JDK-80788803Mark a few more intermittently failing security-libs testssecurity-libs / javax.crypto 0
JDK-80783343Mark regression tests using randomnesscore-libs 0
JDK-80761514[TESTBUG] Test java/awt/FontClass/CreateFont/fileaccess/FontFile.java failsclient-libs / java.awt 0
JDK-80757744Small readability and performance improvements for zipfscore-libs / java.nio 0
JDK-81327454TEST_BUG: minor cleanup of java/util/Scanner/ScanTest.javacore-libs / java.util 0
JDK-81323764Add @requires os.family to the client tests with access to internal OS-specific APIclient-libs / java.awt 0
JDK-81322064move ScanTest.java into OpenJDKcore-libs / java.util.regex 0
JDK-80804623Update SunPKCS11 provider with PKCS11 v2.40 supportsecurity-libs / javax.crypto:pkcs11 0
JDK-81458083[PIT] test java/awt/Graphics2D/MTGraphicsAccessTest/MTGraphicsAccessTest.java hangs on Win. 8client-libs / 2d 0
JDK-81445393Update PKCS11 tests to run with security managersecurity-libs / javax.crypto:pkcs11 0
JDK-81370874[TEST_BUG] Cygwin failure of java/awt/appletviewer/IOExceptionIfEncodedURLTest/IOExceptionIfEncodedURLTest.shclient-libs / java.awt 0
JDK-81517883NullPointerException from ntlm.Client.type3core-libs / java.net 0
JDK-81516782com/sun/jndi/ldap/LdapTimeoutTest.java failed due to timeout on DeadServerNoTimeoutTest is incorrectcore-libs / javax.naming 0
JDK-81488543Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalenthotspot / runtime 0
JDK-81487541C2 loop unrolling fails due to unexpected graph shapehotspot / compiler 0
JDK-81535834Make OutputAnalyzer.reportDiagnosticSummary publichotspot / gc 0
JDK-81534304TESTBUG: jdk regression test javax/management/loading/MletParserLocaleTest.java reduce default timeoutcore-svc / javax.management 0
JDK-81520773(cal) Calendar.roll does not always roll the hours during daylight savings changescore-libs / java.util:i18n 0
JDK-81518344Test SmallPrimeExponentP.java times out intermittentlysecurity-libs / java.security 0
JDK-81607684Add capability to custom resolve host/domain names within the default JNDI LDAP providercore-libs / javax.naming 0
JDK-81561693Some sound tests rarely hangs because of incorrect synchronizationclient-libs / javax.sound 0
JDK-81543134Generated javadoc scattered all over the placeinfrastructure / build 0
JDK-81659964PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlitesecurity-libs / java.security 0
JDK-81659363Potential Heap buffer overflow when seaching timezone info filescore-libs / java.util:i18n 0
JDK-81632513Hard coded loop limit prevents reading of smart card data greater than 8ksecurity-libs / javax.smartcardio 0
JDK-81619734PKIXRevocationChecker.getSoftFailExceptions() not workingsecurity-libs / java.security 0
JDK-81685174java/lang/ProcessBuilder/Basic.java failed with "java.lang.AssertionError: Some tests failed"core-libs / java.lang 0
JDK-81676154Opensource unit/regression tests for JavaSoundclient-libs / javax.sound 0
JDK-81673004Scheduling failures during gcm should be fatalhotspot / compiler 0
JDK-81661481Fix for JDK-8165936 broke Solaris buildscore-libs / java.util 0
JDK-81733003[TESTBUG]compiler/tiered/NonTieredLevelsTest.java fails with compiler.whitebox.SimpleTestCaseHelper(int) must be compiledhotspot / compiler 0
JDK-81720124[TEST_BUG] delays needed in javax/swing/JTree/4633594/bug4633594.javaclient-libs / javax.swing 0
JDK-81699253Organize licenses by module in source, JMOD file, and run-time imagetools / jlink 0
JDK-81833494Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java and WriteAfterAbort.javaclient-libs / javax.imageio 0
JDK-81833414Better cleanup for javax/imageio/AllowSearch.javaclient-libs / javax.imageio 0
JDK-81776284Opensource unit/regression tests for ImageIOclient-libs / 2d 0
JDK-81773343Update xmldsig implementation to Apache Santuario 2.1.1security-libs / javax.xml.crypto 0
JDK-81929532sun/management/jmxremote/bootstrap/*.sh tests fail with error : revokeall.exe: Permission deniedcore-svc / java.lang.management 0
JDK-81916784[TESTBUG] Add keyword headful in java/awt and javax tests.client-libs / java.awt 0
JDK-81847624ZapStackSegments should use optimized memsethotspot / runtime 0
JDK-81833514Better cleanup for jdk/test/javax/imageio/spi/AppletContextTest/BadPluginConfigurationTest.shclient-libs / javax.imageio 0
JDK-81942983Add support for per Socket configuration of TCP keepalivecore-libs / java.net 0
JDK-81932344When using -Xcheck:jni an internally allocated buffer can leakhotspot / runtime 0
JDK-81931373Nashorn crashes when given an empty script file.core-libs / jdk.nashorn 0
JDK-82003133java/awt/Gtk/GtkVersionTest/GtkVersionTest.java failsclient-libs / java.awt 0
JDK-81980044javax/swing/JFileChooser/6868611/bug6868611.java throws errorclient-libs / javax.swing 0
JDK-82016333Problems with AES-GCM native accelerationsecurity-libs / javax.crypto 0
JDK-82033573Container Metricscore-svc 0
JDK-82091133Use WeakReference for lastFontStrike for created Fontsclient-libs / 2d 0
JDK-82101473adjust some WSAGetLastError usages in windows network codingcore-libs / java.net 0
JDK-82111634UNIX version of Java_java_io_Console_echo does not return a clean booleancore-libs / java.io 0
JDK-82110493Second parameter of "initialize" method is not usedsecurity-libs / java.security 0
JDK-82117144Need to update vm_version.cpp to recognise VS2017 minor versionshotspot / runtime 0
JDK-82148623assert(proj != __null) at compile.cpp:3251hotspot / compiler 0
JDK-82176062LdapContext#reconnect always opens a new connectioncore-libs / javax.naming 0
JDK-82162833Allow shorter method sampling interval than 10 mshotspot / jfr 0
JDK-82186293XML Digital Signature throws NAMESPACE_ERR exception on OpenJDK 11, works 8/9/10security-libs / javax.xml.crypto 0
JDK-82178782ENVELOPING XML signature no longer workssecurity-libs / javax.xml.crypto 0
JDK-82176473JFR: recordings on 32-bit systems unreadablehotspot / jfr 0
JDK-82199194RuntimeStub's name lost with PrintFrameConverterAssemblyhotspot / compiler 0
JDK-82195664JFR did not collect call stacks when MaxJavaStackTraceDepth is set to zerohotspot / jfr 0
JDK-82205554JFR tool shows potentially misleading message when it cannot access a filehotspot / jfr 0
JDK-82203133[TESTBUG] Update base image for Docker testing to OL 7.6hotspot / runtime 0
JDK-82202932Deadlock in JFR string poolhotspot / jfr 0
JDK-82201652Encryption using GCM results in RuntimeException: input length out of boundsecurity-libs / javax.crypto 0
JDK-82215693JFR tool produces incorrect output when both --categories and --events are specifiedhotspot / jfr 0
JDK-82206744[TESTBUG] MetricsMemoryTester failcount test in docker container only works with debug JVMscore-svc 0
JDK-82220794Don't use memset to initialize fields decode_env constructor in disassembler.cpphotspot / compiler 0
JDK-82242173RecordingInfo should use textual representation of pathhotspot / jfr 0
JDK-82250693Remove Comodo root certificate that is expiring in May 2020security-libs / java.security 2
JDK-82250683Remove DocuSign root certificate that is expiring in May 2020security-libs / java.security 2
JDK-8225695132-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support)security-libs / javax.crypto:pkcs11 0
JDK-82268094Circular reference in printed stack trace is not correctly indented & ambiguouscore-libs / java.lang 0
JDK-82266974Several tests which need the @key headful keyword are missing it.client-libs / javax.swing 0
JDK-82265753OperatingSystemMXBean should be made container awarecore-svc / java.lang.management 0
JDK-82288353Memory leak in PKCS11 provider when using AES GCMsecurity-libs / javax.crypto:pkcs11 0
JDK-82293784jdwp library loader in linker_md.c quietly truncates on buffer overflowcore-svc / debugger 0
JDK-82303033JDB hangs when running monitor commandcore-svc / debugger 0
JDK-82307113ConnectionGraph::unique_java_object(Node* N) return NULL if n is not in the CGhotspot / compiler 0
JDK-82312134Migrate SimpleDateFormatConstTest to JDK Repocore-libs / java.text 0
JDK-82317793crash HeapWord*ParallelScavengeHeap::failed_mem_allocatehotspot / gc 0
JDK-82331973Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsinghotspot / jfr 0
JDK-82330972Fontmetrics for large Fonts has zero widthclient-libs / 2d 0
JDK-82336213Mismatch in jsse.enableMFLNExtension property namesecurity-libs / javax.net.ssl 0
JDK-82346173C1: Incorrect result of field load due to missing narrowing conversionhotspot / compiler 0
JDK-82356872Contents/MacOS/libjli.dylib cannot be a symlinkinfrastructure / build 0
JDK-82353252build failure on Linux after 8235243hotspot / runtime 0
JDK-82352434handle VS2017 15.9 and VS2019 in abstract_vm_versionhotspot / runtime 0
JDK-82360392JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3security-libs / javax.net.ssl 0
JDK-82366453JDK 8u231 introduces a regression with incompatible handling of XML messagessecurity-libs / javax.xml.crypto 24
JDK-8236862
/ CVE-2020-14779
2Enhance support of Proxy classSerialization 0
JDK-82379514CTW: C2 compilation fails with "malformed control flow"hotspot / compiler 0
JDK-8237995
/ CVE-2020-14782
2Enhance certificate processingLibraries 0
JDK-8237990
/ CVE-2020-14781
2Enhanced LDAP contextsJNDI 0
JDK-82382253Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binaryinfrastructure / build 0
JDK-82383884libj2gss/NativeFunc.o "multiple definition" link errors with GCC10security-libs / java.security 0
JDK-82383864(sctp) jdk.sctp/unix/native/libsctp/SctpNet.c "multiple definition" link errors with GCC10core-libs / java.net 0
JDK-82383804java.base/unix/native/libjava/childproc.c "multiple definition" link errors with GCC10core-libs 0
JDK-82388982Missing hash characters for header on license filesecurity-libs / javax.crypto:pkcs11 0
JDK-82398194XToolkit: Misread of screen information memoryclient-libs / java.awt 0
JDK-82393853Support the 'canonicalize' setting (krb5.conf) in the Kerberos clientsecurity-libs / javax.security 0
JDK-82402954hs_err elapsed time in seconds is not accurate enoughhotspot / runtime 0
JDK-82406763Meet not symmetric failure when running lucene on jdk8hotspot / compiler 0
JDK-8241114
/ CVE-2020-14792
2Better range handlingHotspot 0
JDK-82418884Mirror jdk.security.allowNonCaAnchor system property with a security onesecurity-libs / jdk.security 0
JDK-82424982Invalid "sun.awt.TimedWindowEvent" object leads to JVM crashclient-libs / java.awt 0
JDK-82425563Cannot load RSASSA-PSS public key with non-null params from byte arraysecurity-libs / java.security 0
JDK-8242695
/ CVE-2020-14798
2Enhanced Buffer SupportLibraries 0
JDK-8242685
/ CVE-2020-14797
2Better Path ValidationLibraries 0
JDK-8242680
/ CVE-2020-14796
2Improved URI supportLibraries 0
JDK-82433213Add Entrust root CA - G4 to Oracle Root CA programsecurity-libs / java.security 0
JDK-82433203Add SSL root certificates to Oracle Root CA programsecurity-libs / java.security 0
JDK-82431384Enhance BaseLdapServer to support starttls extended requestcore-libs / javax.naming 0
JDK-82435413(tz) Upgrade time-zone data to tzdata2020acore-libs / java.time 0
JDK-82434894Thread CPU Load event may contain wrong data for CPU time under certain conditionshotspot / jfr 0
JDK-82441362Improved Buffer supports 0
JDK-82441514Update MUSCLE PC/SC-Lite headers to the latest release 1.8.26security-libs / javax.smartcardio 0
JDK-82448182[macos] Java2D Queue Flusher crash while moving application window to external monitorclient-libs / 2d 0
JDK-82451674Top package in method profiling shows "null" in JMChotspot / jfr 0
JDK-82454694Remove DTLS protocol implementationsecurity-libs 0
JDK-82454684Add TLSv1.3 implementation classes from 11.0.7security-libs 2
JDK-82454674Remove 8u TLSv1.2 implementation filessecurity-libs 0
JDK-82454663Backport TLSv1.3 protocol implementationsecurity-libs / javax.net.ssl 9
JDK-82454734OCSP stapling supportsecurity-libs 0
JDK-82454724Backport JDK-8038893 to JDK8security-libs 0
JDK-82454714Revert JDK-8148188security-libs 0
JDK-82454704Fix JDK8 compatibility issuessecurity-libs 0
JDK-82454774Adjust TLS tests locationsecurity-libs 0
JDK-82454764Disable TLSv1.3 protocol in the ClientHello message by defaultsecurity-libs 0
JDK-82454744Add TLS_KRB5 cipher suites support according to RFC-2712security-libs 0
JDK-82456813Add TLSv1.3 regression test from 11.0.7security-libs / javax.net.ssl 0
JDK-82456534Remove 8u TLS testssecurity-libs / javax.net.ssl 0
JDK-82461933Possible NPE in ENC-PA-REP search in AS-REQsecurity-libs / org.ietf.jgss:krb5 0
JDK-82463104Clean commented-out code about ModuleEntry andPackageEntry in JFRhotspot / jfr 0
JDK-82462232Windows build fails after JDK-8227269core-svc / debugger 0
JDK-82463844Enable JFR by default on supported architectures for October 2020 releasehotspot / jfr 0
JDK-82467034[TESTBUG] Add test for JDK-8233197hotspot / jfr 0
JDK-82472764Backport JDK-8161973security-libs / javax.net.ssl 0
JDK-82483994[8u262] Build installs jfr binary when JFR is disabledinfrastructure / build 0
JDK-82486434Remove extra leading space in JDK-8240295 8u backporthotspot / runtime 0
JDK-82487154[8u262] New JavaTimeSupplementary localisation for 'in' installed in wrong packagecore-libs / java.util:i18n 0
JDK-82488512CMS: Missing memory fences between free chunk check and klass readhotspot / gc 0
JDK-82491584THREAD_START and THREAD_END event posted in primordial phasehotspot / jvmti 0
JDK-82496104Make sun.security.krb5.Config.getBooleanObject(String... keys) method publicsecurity-libs / javax.security 0
JDK-82496772Regression in 8u after JDK-8237117: Better ForkJoinPool behaviorcore-libs / java.util.concurrent 0
JDK-82505464Expect changed behaviour reported in JDK-8249846core-libs / java.util.concurrent 0
JDK-82507554Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.javaclient-libs / javax.imageio 0
JDK-82506274Use -XX:+/-UseContainerSupport for enabling/disabling Java container metricscore-libs 0
JDK-82511204[8u] HotSpot build assumes ENABLE_JFR is set to either true or falseinfrastructure / build 0
JDK-82511174Cannot check P11Key size in P11Cipher and P11AEADCiphersecurity-libs / javax.crypto:pkcs11 0
JDK-82508754Incorrect parameter type for update_number in JDK_Version::jdk_updatehotspot / runtime 0
JDK-82514784Backport TLSv1.3 regression tests to JDK8usecurity-libs 0
JDK-82513414Minimal Java specification changesecurity-libs / javax.net.ssl 0
JDK-82520844Minimal VM fails to bootcycle: undefined symbol: AgeTableTracer::is_tenuring_distribution_event_enabledhotspot / jfr 0
JDK-825154638u backport of JDK-8194298 breaks AIX and Solaris buildscore-libs / java.net 0
JDK-825257328u: Windows build failed after 8222079 backporthotspot / compiler 0
JDK-82528863[TESTBUG] sun/security/ec/TestEC.java : Compilation failedsecurity-libs / javax.net.ssl 0

This section organizes the changes in the selected update release by the main component under which each issue is filed.

Core Libs (30)

Issue
Priority
Title
Component
Voting
JDK-80262365Add PrimeTest for BigIntegercore-libs / java.math 0
JDK-80360885Replace strtok() with its safe equivalent strtok_s() in DefaultProxySelector.ccore-libs / java.net 0
JDK-80629474Fix exception message to correctly represent LDAP connection failurecore-libs / javax.naming 0
JDK-80783343Mark regression tests using randomnesscore-libs 0
JDK-80757744Small readability and performance improvements for zipfscore-libs / java.nio 0
JDK-81327454TEST_BUG: minor cleanup of java/util/Scanner/ScanTest.javacore-libs / java.util 0
JDK-81322064move ScanTest.java into OpenJDKcore-libs / java.util.regex 0
JDK-81517883NullPointerException from ntlm.Client.type3core-libs / java.net 0
JDK-81516782com/sun/jndi/ldap/LdapTimeoutTest.java failed due to timeout on DeadServerNoTimeoutTest is incorrectcore-libs / javax.naming 0
JDK-81520773(cal) Calendar.roll does not always roll the hours during daylight savings changescore-libs / java.util:i18n 0
JDK-81607684Add capability to custom resolve host/domain names within the default JNDI LDAP providercore-libs / javax.naming 0
JDK-81659363Potential Heap buffer overflow when seaching timezone info filescore-libs / java.util:i18n 0
JDK-81685174java/lang/ProcessBuilder/Basic.java failed with "java.lang.AssertionError: Some tests failed"core-libs / java.lang 0
JDK-81661481Fix for JDK-8165936 broke Solaris buildscore-libs / java.util 0
JDK-81942983Add support for per Socket configuration of TCP keepalivecore-libs / java.net 0
JDK-81931373Nashorn crashes when given an empty script file.core-libs / jdk.nashorn 0
JDK-82101473adjust some WSAGetLastError usages in windows network codingcore-libs / java.net 0
JDK-82111634UNIX version of Java_java_io_Console_echo does not return a clean booleancore-libs / java.io 0
JDK-82176062LdapContext#reconnect always opens a new connectioncore-libs / javax.naming 0
JDK-82268094Circular reference in printed stack trace is not correctly indented & ambiguouscore-libs / java.lang 0
JDK-82312134Migrate SimpleDateFormatConstTest to JDK Repocore-libs / java.text 0
JDK-82383864(sctp) jdk.sctp/unix/native/libsctp/SctpNet.c "multiple definition" link errors with GCC10core-libs / java.net 0
JDK-82383804java.base/unix/native/libjava/childproc.c "multiple definition" link errors with GCC10core-libs 0
JDK-82431384Enhance BaseLdapServer to support starttls extended requestcore-libs / javax.naming 0
JDK-82435413(tz) Upgrade time-zone data to tzdata2020acore-libs / java.time 0
JDK-82487154[8u262] New JavaTimeSupplementary localisation for 'in' installed in wrong packagecore-libs / java.util:i18n 0
JDK-82496772Regression in 8u after JDK-8237117: Better ForkJoinPool behaviorcore-libs / java.util.concurrent 0
JDK-82505464Expect changed behaviour reported in JDK-8249846core-libs / java.util.concurrent 0
JDK-82506274Use -XX:+/-UseContainerSupport for enabling/disabling Java container metricscore-libs 0
JDK-825154638u backport of JDK-8194298 breaks AIX and Solaris buildscore-libs / java.net 0

Security Libs (48)

Issue
Priority
Title
Component
Voting
JDK-80788803Mark a few more intermittently failing security-libs testssecurity-libs / javax.crypto 0
JDK-80804623Update SunPKCS11 provider with PKCS11 v2.40 supportsecurity-libs / javax.crypto:pkcs11 0
JDK-81445393Update PKCS11 tests to run with security managersecurity-libs / javax.crypto:pkcs11 0
JDK-81518344Test SmallPrimeExponentP.java times out intermittentlysecurity-libs / java.security 0
JDK-81659964PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlitesecurity-libs / java.security 0
JDK-81632513Hard coded loop limit prevents reading of smart card data greater than 8ksecurity-libs / javax.smartcardio 0
JDK-81619734PKIXRevocationChecker.getSoftFailExceptions() not workingsecurity-libs / java.security 0
JDK-81773343Update xmldsig implementation to Apache Santuario 2.1.1security-libs / javax.xml.crypto 0
JDK-82016333Problems with AES-GCM native accelerationsecurity-libs / javax.crypto 0
JDK-82110493Second parameter of "initialize" method is not usedsecurity-libs / java.security 0
JDK-82186293XML Digital Signature throws NAMESPACE_ERR exception on OpenJDK 11, works 8/9/10security-libs / javax.xml.crypto 0
JDK-82178782ENVELOPING XML signature no longer workssecurity-libs / javax.xml.crypto 0
JDK-82201652Encryption using GCM results in RuntimeException: input length out of boundsecurity-libs / javax.crypto 0
JDK-82250693Remove Comodo root certificate that is expiring in May 2020security-libs / java.security 2
JDK-82250683Remove DocuSign root certificate that is expiring in May 2020security-libs / java.security 2
JDK-8225695132-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support)security-libs / javax.crypto:pkcs11 0
JDK-82288353Memory leak in PKCS11 provider when using AES GCMsecurity-libs / javax.crypto:pkcs11 0
JDK-82336213Mismatch in jsse.enableMFLNExtension property namesecurity-libs / javax.net.ssl 0
JDK-82360392JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3security-libs / javax.net.ssl 0
JDK-82366453JDK 8u231 introduces a regression with incompatible handling of XML messagessecurity-libs / javax.xml.crypto 24
JDK-82383884libj2gss/NativeFunc.o "multiple definition" link errors with GCC10security-libs / java.security 0
JDK-82388982Missing hash characters for header on license filesecurity-libs / javax.crypto:pkcs11 0
JDK-82393853Support the 'canonicalize' setting (krb5.conf) in the Kerberos clientsecurity-libs / javax.security 0
JDK-82418884Mirror jdk.security.allowNonCaAnchor system property with a security onesecurity-libs / jdk.security 0
JDK-82425563Cannot load RSASSA-PSS public key with non-null params from byte arraysecurity-libs / java.security 0
JDK-82433213Add Entrust root CA - G4 to Oracle Root CA programsecurity-libs / java.security 0
JDK-82433203Add SSL root certificates to Oracle Root CA programsecurity-libs / java.security 0
JDK-82441514Update MUSCLE PC/SC-Lite headers to the latest release 1.8.26security-libs / javax.smartcardio 0
JDK-82454694Remove DTLS protocol implementationsecurity-libs 0
JDK-82454684Add TLSv1.3 implementation classes from 11.0.7security-libs 2
JDK-82454674Remove 8u TLSv1.2 implementation filessecurity-libs 0
JDK-82454663Backport TLSv1.3 protocol implementationsecurity-libs / javax.net.ssl 9
JDK-82454734OCSP stapling supportsecurity-libs 0
JDK-82454724Backport JDK-8038893 to JDK8security-libs 0
JDK-82454714Revert JDK-8148188security-libs 0
JDK-82454704Fix JDK8 compatibility issuessecurity-libs 0
JDK-82454774Adjust TLS tests locationsecurity-libs 0
JDK-82454764Disable TLSv1.3 protocol in the ClientHello message by defaultsecurity-libs 0
JDK-82454744Add TLS_KRB5 cipher suites support according to RFC-2712security-libs 0
JDK-82456813Add TLSv1.3 regression test from 11.0.7security-libs / javax.net.ssl 0
JDK-82456534Remove 8u TLS testssecurity-libs / javax.net.ssl 0
JDK-82461933Possible NPE in ENC-PA-REP search in AS-REQsecurity-libs / org.ietf.jgss:krb5 0
JDK-82472764Backport JDK-8161973security-libs / javax.net.ssl 0
JDK-82496104Make sun.security.krb5.Config.getBooleanObject(String... keys) method publicsecurity-libs / javax.security 0
JDK-82511174Cannot check P11Key size in P11Cipher and P11AEADCiphersecurity-libs / javax.crypto:pkcs11 0
JDK-82514784Backport TLSv1.3 regression tests to JDK8usecurity-libs 0
JDK-82513414Minimal Java specification changesecurity-libs / javax.net.ssl 0
JDK-82528863[TESTBUG] sun/security/ec/TestEC.java : Compilation failedsecurity-libs / javax.net.ssl 0

Hotspot (46)

Issue
Priority
Title
Component
Voting
JDK-80062053[TESTBUG] NEED_TEST: please JTREGIFY test/compiler/7177917/Test7177917.javahotspot / compiler 0
JDK-80236974failed class resolution reports different class name in detail message for the first and subsequent timeshotspot / runtime 0
JDK-80354933JVMTI PopFrame capability must instruct compilers not to prune localshotspot / jvmti 0
JDK-80607212Test runtime/SharedArchiveFile/LimitSharedSizes.java fails in jdk 9 fcs new platforms/compilerhotspot / runtime 0
JDK-80570033Large reference arrays cause extremely long synchronization timeshotspot / gc 0
JDK-80489334-XX:+TraceExceptions output should include the messagehotspot / runtime 0
JDK-80643193Need to enable -XX:+TraceExceptions in release buildshotspot / runtime 0
JDK-81488543Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalenthotspot / runtime 0
JDK-81487541C2 loop unrolling fails due to unexpected graph shapehotspot / compiler 0
JDK-81535834Make OutputAnalyzer.reportDiagnosticSummary publichotspot / gc 0
JDK-81673004Scheduling failures during gcm should be fatalhotspot / compiler 0
JDK-81733003[TESTBUG]compiler/tiered/NonTieredLevelsTest.java fails with compiler.whitebox.SimpleTestCaseHelper(int) must be compiledhotspot / compiler 0
JDK-81847624ZapStackSegments should use optimized memsethotspot / runtime 0
JDK-81932344When using -Xcheck:jni an internally allocated buffer can leakhotspot / runtime 0
JDK-82117144Need to update vm_version.cpp to recognise VS2017 minor versionshotspot / runtime 0
JDK-82148623assert(proj != __null) at compile.cpp:3251hotspot / compiler 0
JDK-82162833Allow shorter method sampling interval than 10 mshotspot / jfr 0
JDK-82176473JFR: recordings on 32-bit systems unreadablehotspot / jfr 0
JDK-82199194RuntimeStub's name lost with PrintFrameConverterAssemblyhotspot / compiler 0
JDK-82195664JFR did not collect call stacks when MaxJavaStackTraceDepth is set to zerohotspot / jfr 0
JDK-82205554JFR tool shows potentially misleading message when it cannot access a filehotspot / jfr 0
JDK-82203133[TESTBUG] Update base image for Docker testing to OL 7.6hotspot / runtime 0
JDK-82202932Deadlock in JFR string poolhotspot / jfr 0
JDK-82215693JFR tool produces incorrect output when both --categories and --events are specifiedhotspot / jfr 0
JDK-82220794Don't use memset to initialize fields decode_env constructor in disassembler.cpphotspot / compiler 0
JDK-82242173RecordingInfo should use textual representation of pathhotspot / jfr 0
JDK-82307113ConnectionGraph::unique_java_object(Node* N) return NULL if n is not in the CGhotspot / compiler 0
JDK-82317793crash HeapWord*ParallelScavengeHeap::failed_mem_allocatehotspot / gc 0
JDK-82331973Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsinghotspot / jfr 0
JDK-82346173C1: Incorrect result of field load due to missing narrowing conversionhotspot / compiler 0
JDK-82353252build failure on Linux after 8235243hotspot / runtime 0
JDK-82352434handle VS2017 15.9 and VS2019 in abstract_vm_versionhotspot / runtime 0
JDK-82379514CTW: C2 compilation fails with "malformed control flow"hotspot / compiler 0
JDK-82402954hs_err elapsed time in seconds is not accurate enoughhotspot / runtime 0
JDK-82406763Meet not symmetric failure when running lucene on jdk8hotspot / compiler 0
JDK-82434894Thread CPU Load event may contain wrong data for CPU time under certain conditionshotspot / jfr 0
JDK-82451674Top package in method profiling shows "null" in JMChotspot / jfr 0
JDK-82463104Clean commented-out code about ModuleEntry andPackageEntry in JFRhotspot / jfr 0
JDK-82463844Enable JFR by default on supported architectures for October 2020 releasehotspot / jfr 0
JDK-82467034[TESTBUG] Add test for JDK-8233197hotspot / jfr 0
JDK-82486434Remove extra leading space in JDK-8240295 8u backporthotspot / runtime 0
JDK-82488512CMS: Missing memory fences between free chunk check and klass readhotspot / gc 0
JDK-82491584THREAD_START and THREAD_END event posted in primordial phasehotspot / jvmti 0
JDK-82508754Incorrect parameter type for update_number in JDK_Version::jdk_updatehotspot / runtime 0
JDK-82520844Minimal VM fails to bootcycle: undefined symbol: AgeTableTracer::is_tenuring_distribution_event_enabledhotspot / jfr 0
JDK-825257328u: Windows build failed after 8222079 backporthotspot / compiler 0

Client Libs (23)

Issue
Priority
Title
Component
Voting
JDK-65749894TEST_BUG: javax/sound/sampled/Clip/bug5070081.java fails sometimesclient-libs / javax.sound 0
JDK-80390824[TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.java failsclient-libs / java.awt 0
JDK-80761514[TESTBUG] Test java/awt/FontClass/CreateFont/fileaccess/FontFile.java failsclient-libs / java.awt 0
JDK-81323764Add @requires os.family to the client tests with access to internal OS-specific APIclient-libs / java.awt 0
JDK-81458083[PIT] test java/awt/Graphics2D/MTGraphicsAccessTest/MTGraphicsAccessTest.java hangs on Win. 8client-libs / 2d 0
JDK-81370874[TEST_BUG] Cygwin failure of java/awt/appletviewer/IOExceptionIfEncodedURLTest/IOExceptionIfEncodedURLTest.shclient-libs / java.awt 0
JDK-81561693Some sound tests rarely hangs because of incorrect synchronizationclient-libs / javax.sound 0
JDK-81676154Opensource unit/regression tests for JavaSoundclient-libs / javax.sound 0
JDK-81720124[TEST_BUG] delays needed in javax/swing/JTree/4633594/bug4633594.javaclient-libs / javax.swing 0
JDK-81833494Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java and WriteAfterAbort.javaclient-libs / javax.imageio 0
JDK-81833414Better cleanup for javax/imageio/AllowSearch.javaclient-libs / javax.imageio 0
JDK-81776284Opensource unit/regression tests for ImageIOclient-libs / 2d 0
JDK-81916784[TESTBUG] Add keyword headful in java/awt and javax tests.client-libs / java.awt 0
JDK-81833514Better cleanup for jdk/test/javax/imageio/spi/AppletContextTest/BadPluginConfigurationTest.shclient-libs / javax.imageio 0
JDK-82003133java/awt/Gtk/GtkVersionTest/GtkVersionTest.java failsclient-libs / java.awt 0
JDK-81980044javax/swing/JFileChooser/6868611/bug6868611.java throws errorclient-libs / javax.swing 0
JDK-82091133Use WeakReference for lastFontStrike for created Fontsclient-libs / 2d 0
JDK-82266974Several tests which need the @key headful keyword are missing it.client-libs / javax.swing 0
JDK-82330972Fontmetrics for large Fonts has zero widthclient-libs / 2d 0
JDK-82398194XToolkit: Misread of screen information memoryclient-libs / java.awt 0
JDK-82424982Invalid "sun.awt.TimedWindowEvent" object leads to JVM crashclient-libs / java.awt 0
JDK-82448182[macos] Java2D Queue Flusher crash while moving application window to external monitorclient-libs / 2d 0
JDK-82507554Better cleanup for jdk/test/javax/imageio/plugins/shared/CanWriteSequence.javaclient-libs / javax.imageio 0

Other (26)

Issue
Priority
Title
Component
Voting
JDK-80258865replace [[ and == bash extensions in regtestcore-svc / java.lang.management 0
JDK-80316252javadoc problems referencing inner class constructorstools / javadoc(tool) 0
JDK-80462743Removing dependency on jakarta-regexpxml / jaxp 0
JDK-80616163HotspotDiagnosticMXBean.getVMOption() throws IllegalArgumentException for flags of type doublecore-svc / java.lang.management 0
JDK-81534304TESTBUG: jdk regression test javax/management/loading/MletParserLocaleTest.java reduce default timeoutcore-svc / javax.management 0
JDK-81543134Generated javadoc scattered all over the placeinfrastructure / build 0
JDK-81699253Organize licenses by module in source, JMOD file, and run-time imagetools / jlink 0
JDK-81929532sun/management/jmxremote/bootstrap/*.sh tests fail with error : revokeall.exe: Permission deniedcore-svc / java.lang.management 0
JDK-82033573Container Metricscore-svc 0
JDK-82206744[TESTBUG] MetricsMemoryTester failcount test in docker container only works with debug JVMscore-svc 0
JDK-82265753OperatingSystemMXBean should be made container awarecore-svc / java.lang.management 0
JDK-82293784jdwp library loader in linker_md.c quietly truncates on buffer overflowcore-svc / debugger 0
JDK-82303033JDB hangs when running monitor commandcore-svc / debugger 0
JDK-82356872Contents/MacOS/libjli.dylib cannot be a symlinkinfrastructure / build 0
JDK-82368622Enhance support of Proxy class 0
JDK-82379952Enhance certificate processing 0
JDK-82379902Enhanced LDAP contexts 0
JDK-82382253Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binaryinfrastructure / build 0
JDK-82411142Better range handling 0
JDK-82426952Enhanced Buffer Support 0
JDK-82426852Better Path Validation 0
JDK-82426802Improved URI support 0
JDK-82441362Improved Buffer supports 0
JDK-82462232Windows build fails after JDK-8227269core-svc / debugger 0
JDK-82483994[8u262] Build installs jfr binary when JFR is disabledinfrastructure / build 0
JDK-82511204[8u] HotSpot build assumes ENABLE_JFR is set to either true or falseinfrastructure / build 0

This section summarizes JDK Common Vulnerabilities and Exposure (CVE) fixes in the selected update release.

CVE Fixes (7)

CVE
Component
Protocol
CVSS Version 3.0 Risk (see Risk Matrix Definitions)
Base Score
Attack Vector
Attack Complex
Privs Req'd
User Interact
Scope
Confidentiality
Integrity
Availability
Notes
CVE-2020-14792
/ JDK-8241114
HotspotMultiple4.2NetworkHighNoneRequiredUnchangedLowLowNoneNote 2 *
CVE-2020-14797
/ JDK-8242685
LibrariesMultiple3.7NetworkHighNoneNoneUnchangedNoneLowNoneNote 2 *
CVE-2020-14782
/ JDK-8237995
LibrariesMultiple3.7NetworkHighNoneNoneUnchangedNoneLowNoneNote 2 *
CVE-2020-14781
/ JDK-8237990
JNDIMultiple3.7NetworkHighNoneNoneUnchangedLowNoneNoneNote 2 *
CVE-2020-14779
/ JDK-8236862
SerializationMultiple3.7NetworkHighNoneNoneUnchangedNoneNoneLowNote 2 *
CVE-2020-14798
/ JDK-8242695
LibrariesMultiple3.1NetworkHighNoneRequiredUnchangedNoneLowNoneNote 1 *
CVE-2020-14796
/ JDK-8242680
LibrariesMultiple3.1NetworkHighNoneRequiredUnchangedLowNoneNoneNote 1 *

Notes:

IDNotes
1This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).
2This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.
  • ID: 1

    Notes: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

  • ID: 2

    Notes: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.