This section lists and comments on the highlights of the changes in the selected update release.
|
Issue
|
Priority
|
Title
|
Component
|
Foojay Commentary
|
Category
|
Voting
|
|---|---|---|---|---|---|---|
| JDK-8249677 | 2 | Regression in 8u after JDK-8237117: Better ForkJoinPool behavior | core-libs / java.util.concurrent | The upstream OpenJDK 8u262 introduced a serious fork/join regression that, for example, breaks Hadoop clusters and potentially other pooled I/O workers. This is a generic, upstream OpenJDK 8u262 issue that affected all OpenJDK 8u262 distributions so that OpenJDK 8u265 had to be created to replace OpenJDK 8u262.
Note: This is the only change that went into 8u265 along with its test, which is JDK-8250546. |
fix | |
| JDK-8250546 | 4 | Expect changed behaviour reported in JDK-8249846 | core-libs | The test added to resolve JDK 8249677, checks the behavior and fails if it detects 8u262 behaviour.
Note: This is the only change that went into 8u265 along with the fix that it tests, which is JDK-8249677. |
test | |
| JDK-8223147 | 4 | JFR Backport | hotspot / jfr | Full Java Flight Recorder (JFR) capability added to OpenJDK 8u. JFR was originally included in Oracle JDK 8, but not in OpenJDK 8. It was open sourced in OpenJDK 11u, backported in earlier versions of some downstream 8u distros (e.g. Zulu, DragonWell), and with this change it is now integrated into the upstream 8u starting with 8u262. |
feature | |
| JDK-8226253 | 3 | JAWS reports wrong number of radio buttons when buttons are hidden | client-libs / javax.accessibility | |||
| JDK-4949105 | 3 | Access Bridge lacks html tags parsing | client-libs / javax.accessibility | |||
| JDK-8149338 | 2 | JVM Crash caused by Marlin renderer not handling NaN coordinates | client-libs / 2d | |||
| JDK-8229888 | 4 | (zipfs) Updating an existing zip file does not preserve original permissions | core-libs / java.nio | Updating an existing ZIP file with zipfs will re-create the ZIP file without preserving the original file permissions. The permissions are also problematic for new files when it moves/copies the ZIP file from the temporary location. |
fix | |
| JDK-8230235 | 2 | Rendering HTML with empty img attribute and documentBaseKey cause Exception | client-libs / javax.swing | Rendering a Label using HTML text causes a NullPointerException when the img attribute is empty and the JComponent has a custom image base URL (BasicHTML.documentBaseKey). |
fix | |
| JDK-8238452 | 3 | Keytool generates wrong expiration date if validity is set to 2050/01/01 | security-libs / java.security | The YR_2050 variable that was introduced to check if the date is JAN01 00:00 2050 GMT had been set to the wrong value JAN01 00:00 2050 PST. |
fix |
This section lists all the changes in the selected update release.
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-8250546 | 4 | Expect changed behaviour reported in JDK-8249846 | core-libs | |
| JDK-8249677 | 2 | Regression in 8u after JDK-8237117: Better ForkJoinPool behavior | core-libs / java.util.concurrent | |
| JDK-4949105 | 3 | Access Bridge lacks html tags parsing | client-libs / javax.accessibility | |
| JDK-7147060 | 4 | com/sun/org/apache/xml/internal/security/transforms/ClassLoaderTest.java doesn't run in agentvm mode | security-libs / javax.xml.crypto | |
| JDK-8003209 | 4 | JFR events for network utilization | hotspot / jfr | |
| JDK-8028591 | 4 | NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() | security-libs / java.security | |
| JDK-8028431 | 4 | NullPointerException in DerValue.equals(DerValue) | security-libs / java.security | |
| JDK-8035633 | 3 | TEST_BUG: java/net/NetworkInterface/Equals.java and some tests failed on windows intermittently | core-libs / java.net | |
| JDK-8037866 | 4 | Replace the Fun class in tests with lambdas | core-libs | |
| JDK-8030680 | 3 | 292 cleanup from default method code assessment | hotspot / compiler | |
| JDK-8041626 | 4 | Shutdown tracing event | hotspot / jfr | |
| JDK-8041915 | 4 | Move 8 awt tests to OpenJDK regression tests tree | client-libs / java.awt | |
| JDK-8067796 | 2 | (process) Process.waitFor(timeout, unit) doesn't throw NPE if timeout is less than, or equal to zero when unit == null | core-libs / java.lang | |
| JDK-8130737 | 3 | [macosx] AffineTransformOp can't handle child raster with non-zero x-offset | client-libs / 2d | |
| JDK-8076475 | 4 | Misuses of strncpy/strncat | hotspot / runtime | |
| JDK-8141056 | 2 | Erroneous assignment in HeapRegionSet.cpp | hotspot / gc | |
| JDK-8148886 | 2 | SEGV in sun.java2d.marlin.Renderer._endRendering | client-libs | |
| JDK-8146612 | 4 | C2: Precedence edges specification violated | hotspot / compiler | |
| JDK-8151582 | 3 | (ch) test java/nio/channels/AsyncCloseAndInterrupt.java failing due to "Connection succeeded" | core-libs / java.nio | |
| JDK-8150986 | 2 | serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java failing because expects HPROF JAVA PROFILE 1.0.1 file format | hotspot / svc | |
| JDK-8149338 | 2 | JVM Crash caused by Marlin renderer not handling NaN coordinates | client-libs / 2d | |
| JDK-8165675 | 3 | Trace event for thread park has incorrect unit for timeout | hotspot / jfr | |
| JDK-8172559 | 4 | [PIT][TEST_BUG] Move @test to be 1st annotation in java/awt/image/Raster/TestChildRasterOp.java | client-libs / 2d | |
| JDK-8171934 | 3 | ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() does not recognize OpenJDK\'s HotSpot VM | core-libs / jdk.nashorn | |
| JDK-8176182 | 4 | 4 security tests are not run | security-libs / java.security | |
| JDK-8181841 | 4 | A TSA server returns timestamp with precision higher than milliseconds | security-libs / java.security | |
| JDK-8178374 | 2 | Problematic ByteBuffer handling in CipherSpi.bufferCrypt method | security-libs / javax.crypto | |
| JDK-8178910 | 3 | Problemlist sample tests | other-libs | |
| JDK-8183925 | 4 | Decouple crash protection from watcher thread | hotspot / runtime | |
| JDK-8191393 | 3 | Random crashes during cfree+0x1c | hotspot / gc | |
| JDK-8195819 | 4 | Remove recording=x from jcmd JFR.check output | hotspot / jfr | |
| JDK-8197441 | 2 | Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider | security-libs / java.security | |
| JDK-8196969 | 3 | JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE | hotspot / svc-agent | |
| JDK-8199712 | 2 | Flight Recorder | hotspot / jfr | |
| JDK-8202578 | 4 | Revisit location for class unload events | hotspot / jfr | |
| JDK-8203664 | 4 | JFR start failure after AppCDS archive created with JFR StartFlightRecording | hotspot / runtime | |
| JDK-8203346 | 3 | JFR: Inconsistent signature of jfr_add_string_constant | hotspot / jfr | |
| JDK-8202835 | 3 | jfr/event/os/TestSystemProcess.java fails on missing events | hotspot / runtime | |
| JDK-8203287 | 4 | Zero fails to build after JDK-8199712 (Flight Recorder) | hotspot / runtime | |
| JDK-8203929 | 4 | Limit amount of data for JFR.dump | hotspot / jfr | |
| JDK-8203921 | 2 | JFR thread sampling is missing fixes from JDK-8194552 | hotspot / jfr | |
| JDK-8205516 | 2 | JFR tool | hotspot / jfr | |
| JDK-8207829 | 3 | FlightRecorderMXBeanImpl is leaking the first classloader which calls it | hotspot / jfr | |
| JDK-8207392 | 2 | [PPC64] Implement JFR profiling. | hotspot | |
| JDK-8209960 | 3 | -Xlog:jfr* doesn't work with the JFR parser | hotspot / jfr | |
| JDK-8210024 | 4 | JFR calls virtual is_Java_thread from ~Thread() | hotspot / jfr | |
| JDK-8211239 | 2 | Build fails without JFR: empty JFR events signatures mismatch | hotspot / jfr | |
| JDK-8210776 | 2 | Upgrade X Window System 6.8.2 to the latest XWD 1.0.7 | client-libs | |
| JDK-8212232 | 3 | Wrong metadata for the configuration of the cutoff for old object sample events | hotspot / jfr | |
| JDK-8213015 | 4 | Inconsistent settings between JFR.configure and -XX:FlightRecorderOptions | hotspot / jfr | |
| JDK-8213617 | 3 | JFR should record the PID of the recorded process | hotspot / jfr | |
| JDK-8213421 | 2 | Line number information for execution samples always 0 | hotspot / jfr | |
| JDK-8213917 | 4 | [TESTBUG] Shutdown JFR event is not covered by test | hotspot / jfr | |
| JDK-8213914 | 3 | [TESTBUG] Several JFR VM events are not covered by tests | hotspot / jfr | |
| JDK-8213734 | 4 | SAXParser.parse(File, ..) does not close resources when Exception occurs. | xml / org.xml.sax | |
| JDK-8213966 | 4 | The ZGC JFR events should be marked as experimental | hotspot / jfr | |
| JDK-8214750 | 3 | Unnecessary tags in jfr classes |
hotspot / jfr | |
| JDK-8214542 | 3 | JFR: Old Object Sample event slow on a deep heap in debug builds | hotspot / jfr | |
| JDK-8214896 | 1 | JFR Tool left files behind | hotspot / jfr | |
| JDK-8214925 | 3 | [TESTBUG] JFR tool fails to execute | hotspot / jfr | |
| JDK-8214906 | 4 | [TESTBUG] jfr/event/sampling/TestNative.java fails with UnsatisfiedLinkError | hotspot / jfr | |
| JDK-8215284 | 3 | Reduce noise induced by periodic task getFileSize() | hotspot / jfr | |
| JDK-8215355 | 3 | Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1) | hotspot / runtime | |
| JDK-8215237 | 3 | jdk.jfr.Recording javadoc does not compile | hotspot / jfr | |
| JDK-8215175 | 3 | Inconsistencies in JFR event metadata | hotspot / jfr | |
| JDK-8215362 | 2 | [TESTBUG] JFR GTest JfrTestNetworkUtilization fails | hotspot / jfr | |
| JDK-8216064 | 3 | -XX:StartFlightRecording:settings= doesn't work properly | hotspot / jfr | |
| JDK-8215771 | 3 | The jfr tool should pretty print reference chains | hotspot / jfr | |
| JDK-8216486 | 4 | Possibility of integer overflow in JfrThreadSampler::run() | hotspot / jfr | |
| JDK-8216578 | 4 | Remove unused/obsolete method in JFR code | hotspot / jfr | |
| JDK-8216559 | 3 | [JFR] Native libraries not correctly parsed from /proc/self/maps | hotspot / runtime | |
| JDK-8216528 | 4 | test/jdk/java/rmi/transport/runtimeThreadInheritanceLeak/RuntimeThreadInheritanceLeak.java failing with Xcomp | core-libs / java.rmi | |
| JDK-8216995 | 4 | Clean up JFR command line processing | hotspot / jfr | |
| JDK-8217748 | 4 | [TESTBUG] Exclude TestSig test case from JFR TestShutdownEvent | hotspot / jfr | |
| JDK-8217744 | 4 | [TESTBUG] JFR TestShutdownEvent fails on some systems due to process surviving SIGINT | hotspot / jfr | |
| JDK-8219597 | 4 | (bf) Heap buffer state changes could provoke unexpected exceptions | core-libs / java.nio | |
| JDK-8218935 | 4 | Make jfr strncpy uses GCC 8.x friendly | hotspot / jfr | |
| JDK-8220293 | 2 | Deadlock in JFR string pool | hotspot / jfr | |
| JDK-8223147 | 4 | JFR Backport | hotspot / jfr | |
| JDK-8223690 | 4 | Add JFR BiasedLock Event Support | hotspot / jfr | |
| JDK-8223689 | 4 | Add JFR Thread Sampling Support | hotspot / jfr | |
| JDK-8223692 | 4 | Add JFR G1 Heap Summary Event Support | hotspot / jfr | |
| JDK-8223691 | 4 | Add JFR G1 Region Type Change Event Support | hotspot / jfr | |
| JDK-8224475 | 3 | JTextPane does not show images in HTML rendering | client-libs / javax.swing | |
| JDK-8225069 | 3 | Remove Comodo root certificate that is expiring in May 2020 | security-libs / java.security | |
| JDK-8225068 | 3 | Remove DocuSign root certificate that is expiring in May 2020 | security-libs / java.security | |
| JDK-8225130 | 4 | Add exception for expiring Comodo roots to VerifyCACerts test | security-libs / java.security | |
| JDK-8226253 | 3 | JAWS reports wrong number of radio buttons when buttons are hidden | client-libs / javax.accessibility | |
| JDK-8226779 | 3 | [TESTBUG] Test JFR API from Java agent | hotspot / jfr | |
| JDK-8226892 | 3 | ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys | client-libs / javax.swing | |
| JDK-8227011 | 2 | Starting a JFR recording in response to JVMTI VMInit and / or Java agent premain corrupts memory | hotspot / jfr | |
| JDK-8227269 | 4 | Slow class loading when running with JDWP | core-svc / debugger | |
| JDK-8227605 | 2 | Kitchensink fails "assert((((klass)->trace_id() & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) failed: invariant" | hotspot / jfr | |
| JDK-8229401 | 3 | Fix JFR code cache test failures | hotspot / jfr | |
| JDK-8229366 | 2 | JFR backport allows unchecked writing to memory | hotspot / jfr | |
| JDK-8229708 | 4 | JFR backport code does not initialize | hotspot / jfr | |
| JDK-8229888 | 4 | (zipfs) Updating an existing zip file does not preserve original permissions | core-libs / java.nio | |
| JDK-8229873 | 4 | 8229401 broke jdk8u-jfr-incubator | hotspot / jfr | |
| JDK-8229899 | 4 | java.io.File.isInvalid() is racy | core-libs / java.io | |
| JDK-8230235 | 2 | Rendering HTML with empty img attribute and documentBaseKey cause Exception | client-libs / javax.swing | |
| JDK-8230448 | 4 | [test] JFRSecurityTestSuite.java is failing on Windows | hotspot / jfr | |
| JDK-8230597 | 2 | Update GIFlib library to the 5.2.1 | client-libs / java.awt | |
| JDK-8230707 | 4 | [test] JFR related tests are failing | hotspot / jfr | |
| JDK-8230782 | 3 | Robot.createScreenCapture() fails if “awt.robot.gtk” is set to false | client-libs / java.awt | |
| JDK-8230769 | 3 | BufImg_SetupICM add ReleasePrimitiveArrayCritical call in early return | client-libs / 2d | |
| JDK-8230856 | 4 | Java_java_net_NetworkInterface_getByName0 on unix misses ReleaseStringUTFChars in early return | core-libs / java.net | |
| JDK-8230926 | 3 | [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout | client-libs / java.awt | |
| JDK-8230947 | 4 | [test] TestLookForUntestedEvents.java is failing after JDK-8230707 | hotspot / jfr | |
| JDK-8231995 | 3 | two jtreg tests failed after 8229366 is fixed | hotspot / jfr | |
| JDK-8233197 | 3 | Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing | hotspot / jfr | |
| JDK-8233623 | 5 | Add classpath exception to copyright in EventHandlerProxyCreator.java file | hotspot / jfr | |
| JDK-8233880 | 3 | Support compilers with multi-digit major version numbers | infrastructure / build | |
| JDK-8235744 | 4 | PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64 | client-libs / javax.swing | |
| JDK-8236002 | 2 | [JFR Backport] CSR for JFR backport suggests not leaving out the package-info | hotspot / jfr | |
| JDK-8236008 | 4 | [JFR Backport] Some backup files were accidentally left in the hotspot tree | hotspot | |
| JDK-8236074 | 2 | [JFR Backport] Missed package-info. | hotspot / jfr | |
| JDK-8236174 | 2 | [JFR Backport] Should update javadoc since tags. | hotspot / jfr | |
| JDK-8236996 | 4 | Incorrect Roboto font rendering on Windows with subpixel antialiasing | client-libs / 2d | |
| JDK-8238076 | 4 | Fix OpenJDK 7 Bootstrap Broken by JFR Backport | hotspot / jfr | |
| JDK-8238452 | 3 | Keytool generates wrong expiration date if validity is set to 2050/01/01 | security-libs / java.security | |
| JDK-8238555 | 4 | Allow initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB | security-libs / javax.crypto:pkcs11 | |
| JDK-8238589 | 4 | Necessary code cleanup in JFR for JDK8u | hotspot / jfr | |
| JDK-8238590 | 4 | Enable JFR by default during compilation in 8u incubator | hotspot / jfr | |
| JDK-8238842 | 3 | AIOOBE in GIFImageReader.initializeStringTable | client-libs / javax.imageio | |
| JDK-8239055 | 4 | Wrong implementation of VMState.hasListener | core-svc / debugger | |
| JDK-8239140 | 4 | Backport JFR to OpenJDK 8 | hotspot / jfr | |
| JDK-8239476 | 4 | 8238589: broke windows build by moving OrderedPair | hotspot | |
| JDK-8239479 | 4 | minimal1 and zero builds are failing | hotspot / jfr | |
| JDK-8239852 | 3 | java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed | hotspot / compiler | |
| JDK-8239867 | 4 | correct over use of INCLUDE_JFR macro | hotspot / jfr | |
| JDK-8240375 | 4 | Disable JFR by default for July 2020 release | hotspot / jfr | |
| JDK-8240521 | 2 | Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call | core-libs / java.lang | |
| JDK-8240576 | 2 | JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges | hotspot / compiler | |
| JDK-8241296 | 2 | Segfault in JNIHandleBlock::oops_do() | hotspot / runtime | |
| JDK-8241307 | 3 | Marlin renderer should not be the default in 8u252 | client-libs / 2d | |
| JDK-8241444 | 4 | Metaspace::_class_vsm not initialized if compressed class pointers are disabled | hotspot / runtime | |
| JDK-8241638 | 4 | launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set | tools / launcher | |
| JDK-8241750 | 4 | x86_32 build failure after JDK-8227269 | core-svc / debugger | |
| JDK-8241902 | 2 | AIX Build broken after integration of JDK-8223147 (JFR Backport) | hotspot / jfr | |
| JDK-8242883 | 4 | Incomplete backport of JDK-8078268: backport test part | client-libs / javax.swing | |
| JDK-8242788 | 4 | Non-PCH build is broken after JDK-8191393 | hotspot / gc | |
| JDK-8243059 | 3 | Build fails when --with-vendor-name contains a comma | infrastructure / build | |
| JDK-8243474 | 4 | [TESTBUG] removed three tests of 0 bytes | client-libs | |
| JDK-8243539 | 4 | Copyright info (Year) should be updated for fix of 8241638 | core-libs | |
| JDK-8243541 | 3 | (tz) Upgrade time-zone data to tzdata2020a | core-libs / java.time | |
| JDK-8244407 | 2 | JVM crashes after transformation in C2 IdealLoopTree::split_fall_in | hotspot / compiler | |
| JDK-8244461 | 3 | [JDK 8u] Build fails with glibc 2.32 | core-libs / java.net | |
| JDK-8244548 | 4 | JDK 8u: sun.misc.Version.jdkUpdateVersion() returns wrong result | core-libs | |
| JDK-8244777 | 4 | ClassLoaderStats VM Op uses constant hash value | hotspot / jfr | |
| JDK-8244843 | 3 | [JDK 8u] JapanEraNameCompatTest fails | core-libs / java.util:i18n | |
| JDK-8245167 | 4 | Top package in method profiling shows "null" in JMC | hotspot / jfr | |
| JDK-8246223 | 2 | Windows build fails after JDK-8227269 | core-svc / debugger | |
| JDK-8246703 | 4 | [TESTBUG] Add test for JDK-8233197 | hotspot / jfr | |
| JDK-8248399 | 4 | [8u262] Build installs jfr binary when JFR is disabled | infrastructure / build | |
| JDK-8245422 / CVE-2020-14664 |
8.3 | CVE-2020-14664 | JavaFX | |
| JDK-8238920 / CVE-2020-14583 |
8.3 | CVE-2020-14583 | Libraries | |
| JDK-8240119 / CVE-2020-14593 |
7.4 | CVE-2020-14593 | 2D | |
| JDK-8242136 / CVE-2020-14621 |
5.3 | CVE-2020-14621 | JAXP | |
| JDK-8237117 / CVE-2020-14556 |
4.8 | CVE-2020-14556 | Libraries | |
| JDK-8237736 / CVE-2020-14579 |
3.7 | CVE-2020-14579 | Libraries | |
| JDK-8238002 / CVE-2020-14581 |
3.7 | CVE-2020-14581 | 2D | |
| JDK-8237731 / CVE-2020-14578 |
3.7 | CVE-2020-14578 | Libraries | |
| JDK-8237592 / CVE-2020-14577 |
3.7 | CVE-2020-14577 | JSSE |
This section organizes the changes in the selected update release by the main component under which each issue is filed.
Core Libs (18)
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-8250546 | 4 | Expect changed behaviour reported in JDK-8249846 | core-libs | |
| JDK-8249677 | 2 | Regression in 8u after JDK-8237117: Better ForkJoinPool behavior | core-libs / java.util.concurrent | |
| JDK-8035633 | 3 | TEST_BUG: java/net/NetworkInterface/Equals.java and some tests failed on windows intermittently | core-libs / java.net | |
| JDK-8037866 | 4 | Replace the Fun class in tests with lambdas | core-libs | |
| JDK-8067796 | 2 | (process) Process.waitFor(timeout, unit) doesn't throw NPE if timeout is less than, or equal to zero when unit == null | core-libs / java.lang | |
| JDK-8151582 | 3 | (ch) test java/nio/channels/AsyncCloseAndInterrupt.java failing due to "Connection succeeded" | core-libs / java.nio | |
| JDK-8171934 | 3 | ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() does not recognize OpenJDK\'s HotSpot VM | core-libs / jdk.nashorn | |
| JDK-8216528 | 4 | test/jdk/java/rmi/transport/runtimeThreadInheritanceLeak/RuntimeThreadInheritanceLeak.java failing with Xcomp | core-libs / java.rmi | |
| JDK-8219597 | 4 | (bf) Heap buffer state changes could provoke unexpected exceptions | core-libs / java.nio | |
| JDK-8229888 | 4 | (zipfs) Updating an existing zip file does not preserve original permissions | core-libs / java.nio | |
| JDK-8229899 | 4 | java.io.File.isInvalid() is racy | core-libs / java.io | |
| JDK-8230856 | 4 | Java_java_net_NetworkInterface_getByName0 on unix misses ReleaseStringUTFChars in early return | core-libs / java.net | |
| JDK-8240521 | 2 | Revert backport of 8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call | core-libs / java.lang | |
| JDK-8243539 | 4 | Copyright info (Year) should be updated for fix of 8241638 | core-libs | |
| JDK-8243541 | 3 | (tz) Upgrade time-zone data to tzdata2020a | core-libs / java.time | |
| JDK-8244461 | 3 | [JDK 8u] Build fails with glibc 2.32 | core-libs / java.net | |
| JDK-8244548 | 4 | JDK 8u: sun.misc.Version.jdkUpdateVersion() returns wrong result | core-libs | |
| JDK-8244843 | 3 | [JDK 8u] JapanEraNameCompatTest fails | core-libs / java.util:i18n |
Security Libs (12)
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-7147060 | 4 | com/sun/org/apache/xml/internal/security/transforms/ClassLoaderTest.java doesn't run in agentvm mode | security-libs / javax.xml.crypto | |
| JDK-8028591 | 4 | NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() | security-libs / java.security | |
| JDK-8028431 | 4 | NullPointerException in DerValue.equals(DerValue) | security-libs / java.security | |
| JDK-8176182 | 4 | 4 security tests are not run | security-libs / java.security | |
| JDK-8181841 | 4 | A TSA server returns timestamp with precision higher than milliseconds | security-libs / java.security | |
| JDK-8178374 | 2 | Problematic ByteBuffer handling in CipherSpi.bufferCrypt method | security-libs / javax.crypto | |
| JDK-8197441 | 2 | Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider | security-libs / java.security | |
| JDK-8225069 | 3 | Remove Comodo root certificate that is expiring in May 2020 | security-libs / java.security | |
| JDK-8225068 | 3 | Remove DocuSign root certificate that is expiring in May 2020 | security-libs / java.security | |
| JDK-8225130 | 4 | Add exception for expiring Comodo roots to VerifyCACerts test | security-libs / java.security | |
| JDK-8238452 | 3 | Keytool generates wrong expiration date if validity is set to 2050/01/01 | security-libs / java.security | |
| JDK-8238555 | 4 | Allow initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB | security-libs / javax.crypto:pkcs11 |
Hotspot (93)
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-8003209 | 4 | JFR events for network utilization | hotspot / jfr | |
| JDK-8030680 | 3 | 292 cleanup from default method code assessment | hotspot / compiler | |
| JDK-8041626 | 4 | Shutdown tracing event | hotspot / jfr | |
| JDK-8076475 | 4 | Misuses of strncpy/strncat | hotspot / runtime | |
| JDK-8141056 | 2 | Erroneous assignment in HeapRegionSet.cpp | hotspot / gc | |
| JDK-8146612 | 4 | C2: Precedence edges specification violated | hotspot / compiler | |
| JDK-8150986 | 2 | serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java failing because expects HPROF JAVA PROFILE 1.0.1 file format | hotspot / svc | |
| JDK-8165675 | 3 | Trace event for thread park has incorrect unit for timeout | hotspot / jfr | |
| JDK-8183925 | 4 | Decouple crash protection from watcher thread | hotspot / runtime | |
| JDK-8191393 | 3 | Random crashes during cfree+0x1c | hotspot / gc | |
| JDK-8195819 | 4 | Remove recording=x from jcmd JFR.check output | hotspot / jfr | |
| JDK-8196969 | 3 | JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE | hotspot / svc-agent | |
| JDK-8199712 | 2 | Flight Recorder | hotspot / jfr | |
| JDK-8202578 | 4 | Revisit location for class unload events | hotspot / jfr | |
| JDK-8203664 | 4 | JFR start failure after AppCDS archive created with JFR StartFlightRecording | hotspot / runtime | |
| JDK-8203346 | 3 | JFR: Inconsistent signature of jfr_add_string_constant | hotspot / jfr | |
| JDK-8202835 | 3 | jfr/event/os/TestSystemProcess.java fails on missing events | hotspot / runtime | |
| JDK-8203287 | 4 | Zero fails to build after JDK-8199712 (Flight Recorder) | hotspot / runtime | |
| JDK-8203929 | 4 | Limit amount of data for JFR.dump | hotspot / jfr | |
| JDK-8203921 | 2 | JFR thread sampling is missing fixes from JDK-8194552 | hotspot / jfr | |
| JDK-8205516 | 2 | JFR tool | hotspot / jfr | |
| JDK-8207829 | 3 | FlightRecorderMXBeanImpl is leaking the first classloader which calls it | hotspot / jfr | |
| JDK-8207392 | 2 | [PPC64] Implement JFR profiling. | hotspot | |
| JDK-8209960 | 3 | -Xlog:jfr* doesn't work with the JFR parser | hotspot / jfr | |
| JDK-8210024 | 4 | JFR calls virtual is_Java_thread from ~Thread() | hotspot / jfr | |
| JDK-8211239 | 2 | Build fails without JFR: empty JFR events signatures mismatch | hotspot / jfr | |
| JDK-8212232 | 3 | Wrong metadata for the configuration of the cutoff for old object sample events | hotspot / jfr | |
| JDK-8213015 | 4 | Inconsistent settings between JFR.configure and -XX:FlightRecorderOptions | hotspot / jfr | |
| JDK-8213617 | 3 | JFR should record the PID of the recorded process | hotspot / jfr | |
| JDK-8213421 | 2 | Line number information for execution samples always 0 | hotspot / jfr | |
| JDK-8213917 | 4 | [TESTBUG] Shutdown JFR event is not covered by test | hotspot / jfr | |
| JDK-8213914 | 3 | [TESTBUG] Several JFR VM events are not covered by tests | hotspot / jfr | |
| JDK-8213966 | 4 | The ZGC JFR events should be marked as experimental | hotspot / jfr | |
| JDK-8214750 | 3 | Unnecessary tags in jfr classes |
hotspot / jfr | |
| JDK-8214542 | 3 | JFR: Old Object Sample event slow on a deep heap in debug builds | hotspot / jfr | |
| JDK-8214896 | 1 | JFR Tool left files behind | hotspot / jfr | |
| JDK-8214925 | 3 | [TESTBUG] JFR tool fails to execute | hotspot / jfr | |
| JDK-8214906 | 4 | [TESTBUG] jfr/event/sampling/TestNative.java fails with UnsatisfiedLinkError | hotspot / jfr | |
| JDK-8215284 | 3 | Reduce noise induced by periodic task getFileSize() | hotspot / jfr | |
| JDK-8215355 | 3 | Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1) | hotspot / runtime | |
| JDK-8215237 | 3 | jdk.jfr.Recording javadoc does not compile | hotspot / jfr | |
| JDK-8215175 | 3 | Inconsistencies in JFR event metadata | hotspot / jfr | |
| JDK-8215362 | 2 | [TESTBUG] JFR GTest JfrTestNetworkUtilization fails | hotspot / jfr | |
| JDK-8216064 | 3 | -XX:StartFlightRecording:settings= doesn't work properly | hotspot / jfr | |
| JDK-8215771 | 3 | The jfr tool should pretty print reference chains | hotspot / jfr | |
| JDK-8216486 | 4 | Possibility of integer overflow in JfrThreadSampler::run() | hotspot / jfr | |
| JDK-8216578 | 4 | Remove unused/obsolete method in JFR code | hotspot / jfr | |
| JDK-8216559 | 3 | [JFR] Native libraries not correctly parsed from /proc/self/maps | hotspot / runtime | |
| JDK-8216995 | 4 | Clean up JFR command line processing | hotspot / jfr | |
| JDK-8217748 | 4 | [TESTBUG] Exclude TestSig test case from JFR TestShutdownEvent | hotspot / jfr | |
| JDK-8217744 | 4 | [TESTBUG] JFR TestShutdownEvent fails on some systems due to process surviving SIGINT | hotspot / jfr | |
| JDK-8218935 | 4 | Make jfr strncpy uses GCC 8.x friendly | hotspot / jfr | |
| JDK-8220293 | 2 | Deadlock in JFR string pool | hotspot / jfr | |
| JDK-8223147 | 4 | JFR Backport | hotspot / jfr | |
| JDK-8223690 | 4 | Add JFR BiasedLock Event Support | hotspot / jfr | |
| JDK-8223689 | 4 | Add JFR Thread Sampling Support | hotspot / jfr | |
| JDK-8223692 | 4 | Add JFR G1 Heap Summary Event Support | hotspot / jfr | |
| JDK-8223691 | 4 | Add JFR G1 Region Type Change Event Support | hotspot / jfr | |
| JDK-8226779 | 3 | [TESTBUG] Test JFR API from Java agent | hotspot / jfr | |
| JDK-8227011 | 2 | Starting a JFR recording in response to JVMTI VMInit and / or Java agent premain corrupts memory | hotspot / jfr | |
| JDK-8227605 | 2 | Kitchensink fails "assert((((klass)->trace_id() & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) failed: invariant" | hotspot / jfr | |
| JDK-8229401 | 3 | Fix JFR code cache test failures | hotspot / jfr | |
| JDK-8229366 | 2 | JFR backport allows unchecked writing to memory | hotspot / jfr | |
| JDK-8229708 | 4 | JFR backport code does not initialize | hotspot / jfr | |
| JDK-8229873 | 4 | 8229401 broke jdk8u-jfr-incubator | hotspot / jfr | |
| JDK-8230448 | 4 | [test] JFRSecurityTestSuite.java is failing on Windows | hotspot / jfr | |
| JDK-8230707 | 4 | [test] JFR related tests are failing | hotspot / jfr | |
| JDK-8230947 | 4 | [test] TestLookForUntestedEvents.java is failing after JDK-8230707 | hotspot / jfr | |
| JDK-8231995 | 3 | two jtreg tests failed after 8229366 is fixed | hotspot / jfr | |
| JDK-8233197 | 3 | Invert JvmtiExport::post_vm_initialized() and Jfr:on_vm_start() start-up order for correct option parsing | hotspot / jfr | |
| JDK-8233623 | 5 | Add classpath exception to copyright in EventHandlerProxyCreator.java file | hotspot / jfr | |
| JDK-8236002 | 2 | [JFR Backport] CSR for JFR backport suggests not leaving out the package-info | hotspot / jfr | |
| JDK-8236008 | 4 | [JFR Backport] Some backup files were accidentally left in the hotspot tree | hotspot | |
| JDK-8236074 | 2 | [JFR Backport] Missed package-info. | hotspot / jfr | |
| JDK-8236174 | 2 | [JFR Backport] Should update javadoc since tags. | hotspot / jfr | |
| JDK-8238076 | 4 | Fix OpenJDK 7 Bootstrap Broken by JFR Backport | hotspot / jfr | |
| JDK-8238589 | 4 | Necessary code cleanup in JFR for JDK8u | hotspot / jfr | |
| JDK-8238590 | 4 | Enable JFR by default during compilation in 8u incubator | hotspot / jfr | |
| JDK-8239140 | 4 | Backport JFR to OpenJDK 8 | hotspot / jfr | |
| JDK-8239476 | 4 | 8238589: broke windows build by moving OrderedPair | hotspot | |
| JDK-8239479 | 4 | minimal1 and zero builds are failing | hotspot / jfr | |
| JDK-8239852 | 3 | java/util/concurrent tests fail with -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: verification should have failed | hotspot / compiler | |
| JDK-8239867 | 4 | correct over use of INCLUDE_JFR macro | hotspot / jfr | |
| JDK-8240375 | 4 | Disable JFR by default for July 2020 release | hotspot / jfr | |
| JDK-8240576 | 2 | JVM crashes after transformation in C2 IdealLoopTree::merge_many_backedges | hotspot / compiler | |
| JDK-8241296 | 2 | Segfault in JNIHandleBlock::oops_do() | hotspot / runtime | |
| JDK-8241444 | 4 | Metaspace::_class_vsm not initialized if compressed class pointers are disabled | hotspot / runtime | |
| JDK-8241902 | 2 | AIX Build broken after integration of JDK-8223147 (JFR Backport) | hotspot / jfr | |
| JDK-8242788 | 4 | Non-PCH build is broken after JDK-8191393 | hotspot / gc | |
| JDK-8244407 | 2 | JVM crashes after transformation in C2 IdealLoopTree::split_fall_in | hotspot / compiler | |
| JDK-8244777 | 4 | ClassLoaderStats VM Op uses constant hash value | hotspot / jfr | |
| JDK-8245167 | 4 | Top package in method profiling shows "null" in JMC | hotspot / jfr | |
| JDK-8246703 | 4 | [TESTBUG] Add test for JDK-8233197 | hotspot / jfr |
Client Libs (21)
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-4949105 | 3 | Access Bridge lacks html tags parsing | client-libs / javax.accessibility | |
| JDK-8041915 | 4 | Move 8 awt tests to OpenJDK regression tests tree | client-libs / java.awt | |
| JDK-8130737 | 3 | [macosx] AffineTransformOp can't handle child raster with non-zero x-offset | client-libs / 2d | |
| JDK-8148886 | 2 | SEGV in sun.java2d.marlin.Renderer._endRendering | client-libs | |
| JDK-8149338 | 2 | JVM Crash caused by Marlin renderer not handling NaN coordinates | client-libs / 2d | |
| JDK-8172559 | 4 | [PIT][TEST_BUG] Move @test to be 1st annotation in java/awt/image/Raster/TestChildRasterOp.java | client-libs / 2d | |
| JDK-8210776 | 2 | Upgrade X Window System 6.8.2 to the latest XWD 1.0.7 | client-libs | |
| JDK-8224475 | 3 | JTextPane does not show images in HTML rendering | client-libs / javax.swing | |
| JDK-8226253 | 3 | JAWS reports wrong number of radio buttons when buttons are hidden | client-libs / javax.accessibility | |
| JDK-8226892 | 3 | ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys | client-libs / javax.swing | |
| JDK-8230235 | 2 | Rendering HTML with empty img attribute and documentBaseKey cause Exception | client-libs / javax.swing | |
| JDK-8230597 | 2 | Update GIFlib library to the 5.2.1 | client-libs / java.awt | |
| JDK-8230782 | 3 | Robot.createScreenCapture() fails if “awt.robot.gtk” is set to false | client-libs / java.awt | |
| JDK-8230769 | 3 | BufImg_SetupICM add ReleasePrimitiveArrayCritical call in early return | client-libs / 2d | |
| JDK-8230926 | 3 | [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout | client-libs / java.awt | |
| JDK-8235744 | 4 | PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64 | client-libs / javax.swing | |
| JDK-8236996 | 4 | Incorrect Roboto font rendering on Windows with subpixel antialiasing | client-libs / 2d | |
| JDK-8238842 | 3 | AIOOBE in GIFImageReader.initializeStringTable | client-libs / javax.imageio | |
| JDK-8241307 | 3 | Marlin renderer should not be the default in 8u252 | client-libs / 2d | |
| JDK-8242883 | 4 | Incomplete backport of JDK-8078268: backport test part | client-libs / javax.swing | |
| JDK-8243474 | 4 | [TESTBUG] removed three tests of 0 bytes | client-libs |
Other (10)
|
Issue
|
Priority
|
Title
|
Component
|
Voting
|
|---|---|---|---|---|
| JDK-8178910 | 3 | Problemlist sample tests | other-libs | |
| JDK-8213734 | 4 | SAXParser.parse(File, ..) does not close resources when Exception occurs. | xml / org.xml.sax | |
| JDK-8227269 | 4 | Slow class loading when running with JDWP | core-svc / debugger | |
| JDK-8233880 | 3 | Support compilers with multi-digit major version numbers | infrastructure / build | |
| JDK-8239055 | 4 | Wrong implementation of VMState.hasListener | core-svc / debugger | |
| JDK-8241638 | 4 | launcher time metrics always report 1 on Linux when _JAVA_LAUNCHER_DEBUG set | tools / launcher | |
| JDK-8241750 | 4 | x86_32 build failure after JDK-8227269 | core-svc / debugger | |
| JDK-8243059 | 3 | Build fails when --with-vendor-name contains a comma | infrastructure / build | |
| JDK-8246223 | 2 | Windows build fails after JDK-8227269 | core-svc / debugger | |
| JDK-8248399 | 4 | [8u262] Build installs jfr binary when JFR is disabled | infrastructure / build |
This section summarizes JDK Common Vulnerabilities and Exposure (CVE) fixes in the selected update release.
CVE Fixes (9)
|
CVE
|
Component
|
Protocol
|
CVSS Version 3.0 Risk (see Risk Matrix Definitions)
Base
Score
|
Attack
Vector
|
Attack
Complex
|
Privs
Req'd
|
User
Interact
|
Scope
|
Confidentiality
|
Integrity
|
Availability
|
Notes
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| CVE-2020-14664 / JDK-8245422 |
JavaFX | Multiple | 8.3 | Network | High | None | Required | Changed | High | High | High | Note 1 * |
| CVE-2020-14583 / JDK-8238920 |
Libraries | Multiple | 8.3 | Network | High | None | Required | Changed | High | High | High | Note 1 * |
| CVE-2020-14593 / JDK-8240119 |
2D | Multiple | 7.4 | Network | Low | None | Required | Changed | None | High | None | Note 1 * |
| CVE-2020-14621 / JDK-8242136 |
JAXP | Multiple | 5.3 | Network | Low | None | None | Unchanged | None | Low | None | Note 2 * |
| CVE-2020-14556 / JDK-8237117 |
Libraries | Multiple | 4.8 | Network | High | None | None | Unchanged | Low | Low | None | Note 3 * |
| CVE-2020-14579 / JDK-8237736 |
Libraries | Multiple | 3.7 | Network | High | None | None | Unchanged | None | Low | None | Note 3 * |
| CVE-2020-14581 / JDK-8238002 |
2D | Multiple | 3.7 | Network | High | None | None | Unchanged | Low | None | None | Note 3 * |
| CVE-2020-14578 / JDK-8237731 |
Libraries | Multiple | 3.7 | Network | High | None | None | Unchanged | None | None | Low | Note 3 * |
| CVE-2020-14577 / JDK-8237592 |
JSSE | TLS | 3.7 | Network | High | None | None | Unchanged | Low | None | None | Note 3 * |
Notes:
| ID | Notes |
|---|---|
| 1 | This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). |
| 2 | This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service. |
| 3 | This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service. |
-
ID: 1
Notes: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).
-
ID: 2
Notes: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.
-
ID: 3
Notes: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.