Update Release Notes

Update Release Notes Index

Java™ SE Development Kit 7, Update 6 (JDK 7u6)



The full version string for this update release is 1.7.0_06-b24 (where "b" means "build") and the version number is 7u6.

Highlights

This update release contains the following enhancements:

  • JDK and JRE Support for Mac OS X
  • JDK for Linux on ARM
  • JavaFX SDK and JavaFX Runtime included in JDK 7u6 and JRE 7u6
  • Java Access Bridge included in JRE 7u6
  • Alternative Hash Function
  • Changes to Security Warning Dialog Box for Trusted Signed and Self Signed Applications

Olson Data 2012c

JDK 7u6 contains Olson time zone data version 2012c. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 7u6 are specified in the following table:

JRE Family Version JRE Security Baseline
(Full Version String)
7 1.7.0_05
6 1.6.0_33
5.0 1.5.0_36
1.4.2 1.4.2_38

For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

JDK and JRE Support for Mac OS X

This release includes fully supported JDK and JRE for Mac OS X 10.7.3 (Lion) and above. You can download the Mac OS X JDK and JRE from Java SE Downloads page.

A new Install App is available for easy installation of the JDK and the JRE. For information on installing JDK and JRE 7u6 for Mac OS X, see Installation for Mac OS X page.

Oracle's JDK and JRE for Mac OS X differ from Apple's implementation, and some details, such as location of files, have changed. The Note for Users of Macs that Include Apple Java and Mac FAQ pages contains some of this information.

For developers of Java applications, additional information is available at Packaging a Java App for Distribution on a Mac page.

For support details, see Certified System Configurations page.

JDK for Linux on ARM

This release includes support for a new platform, JDK for Linux on ARM. The product offers headful support for ARMv6 and ARMv7.

No support is available for WebStart, Plug-In, Java Flight Recorder, and Garbage First (G1) Collector. Also some features of the Serviceability Agent are not available for Linux on ARM platform.

The JDK for Linux on ARM does not include support for JavaFX SDK or JavaFX Runtime.

Java support on ARM is specific to the GNOME Desktop Environment version 1:2.30+7.

The demos and samples for Linux on ARM contain samples of webstart and applets, technologies that are not supported on Linux on ARM. These samples are still left in the demos and samples bundle to help developers who want to host applets on Linux on ARM, which can be accessed from other platforms.

JavaFX SDK and JavaFX Runtime included in JDK 7u6 and JRE 7u6

Starting from 7u6, JavaFX SDK and JavaFX Runtime are included in JDK 7u6 and JRE 7u6 respectively. JavaFX is installed as part of the JDK or JRE installation with no extra steps if you are installing on Windows, Mac, and Linux platforms.

JavaFX SDK or JavaFX Runtime are not available in JDK for Linux on ARM.

Java Access Bridge included in JRE 7u6

Java Access Bridge is a technology that enables Java applications and applets that implement the Java Accessibility API to be visible to assistive technologies on Microsoft Windows systems.

Java Access Bridge is included with Java SE Runtime Environment 7 Update 6 (JRE 7u6) and later. By default, Java Access Bridge is disabled.

For more information, see Access Bridge documentation.

Alternative Hash Function

Starting from JDK 7u6, an important change is made to hash based Map implementations to improve performance. An alternative hashing function is made available to keys of type String.

Alternative hashing is DISABLED by default, by setting the system property, jdk.map.althashing.threshold value to "-1". To enable the alternative hash function, set the jdk.map.althashing.threshold system property to a different value. The recommended value is 512.

For more information, see Alternative Hash Function documentation.

Changes to Security Warning Dialog Box for Trusted Signed and Self Signed Applications

The security warning dialog box that is displayed for applications signed by trusted certificate authorities has been modified. The "Always trust content from this publisher" checkbox is no longer checked by default. This change is made in accordance with RFE 6982308.

The security warning dialog box that is displayed for applications using Self Signed Certificates has been modified to include more direct language and an additional required step before the "Run" button is enabled. In addition, the "Always trust content from this publisher" checkbox has been moved under the "Show Options" button. These changes are made in accordance with RFE 7067943.

Bug Fixes

Notable Bug Fixes in JDK 7u6

This list includes some of the notable bug fixes in JDK 7u6.

Area: java/classes_nio
Description: Selector briefly spins when asynchronously closing a registered channel on Windows

If a SocketChannel's close() method is invoked to close a SocketChannel that is registered with one or more Selectors, then the underlying connection will not be closed until the SocketChannel is flushed from each of the Selectors.

The issue is specific to Windows platform. On other platforms, the closing of the connection will be initiated by the close() method, although the resources will not be released until the SocketChannel is flushed from each of the Selectors.

See 6346658.

For other bug fixes included in this release, see JDK 7u6 Bug Fixes page.


Known Issues

Area: java/classes_security
Description: Issues when using the Apple KeyChain JCE provider with the keytool command on Mac OS X

The following issues can occur when using the Apple KeyChain JCE provider with the keytool command on Mac OS X:

keytool ... -provider apple.security.AppleProvider
  • Exception shown when using keytool:

    KeychainStore Ignored Exception:
    java.security.cert.CertificateException:
    Could not parse certificate: java.io.IOException: Empty input

    The exception is shown as a warning but the command will succeed.

  • When importing a PKCS12 or JKS keystore into a OS X keychainStore using keytool, the PrivateKeyEntry in a JKS or PKCS12 keystore will become a trustedCertEntry.

    As a workaround, use the Mac OS X security import command to import a PKCS12 keystore into the KeychainStore. For a JKS keystore, first export it to a PKCS12 keystore using the keytool and then use the import. But do not override the default provider by using the -provider option.

  • Generating keypairs by using keytool and the Apple provider does not work.

    A workaround is to use the Mac OS X security create-keypair command.

Area: java/classes_net
Description: No BindException is raised when another program is using the same port on Windows

When using Java 7 in Windows Vista and later versions, under certain circumstances the OS incorrectly allows binding to a port already in use, without throwing a BindException.

A work around for this issue, to ensure that the expected BindException is thrown, is to disable IPv6 by setting the system property java.net.preferIPv4Stack to "true".

See 7179799.