7u80 Update Release Notes

Update Release Notes Index

Java™ SE Development Kit 7, Update 80 (JDK 7u80)

The full version string for this update release is 1.7.0_80-b15 (where "b" means "build"). The version number is 7u80.

Highlights

This update release contains several enhancements and changes including the following:

IANA Data 2015a

JDK 7u80 contains IANA time zone data version 2015a. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 7u80 are specified in the following table:

JRE Family Version JRE Security Baseline
(Full Version String)
7 1.7.0_79
6 1.6.0_95
5.0 1.5.0_85

For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

JRE Expiration Date

The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 7u80) will expire with the release of the next critical patch update scheduled for July 14, 2015.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 7u80) on August 14, 2015. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see JRE Expiration Date.

JavaFX Release Notes

This JDK release includes JavaFX version 2.2.80.

New Features and Changes

New Command-line option to Identify Use of Deprecated Mechanisms

The endorsed-standards override mechanism and the extension mechanism are deprecated in JDK 8u40 and may be removed in a future release. There are no runtime changes. Existing applications using the 'endorsed-standards override' or 'extension' mechanisms are recommended to migrate away from using these mechanisms. To help identify any existing uses of these mechanisms, the -XX:+CheckEndorsedAndExtDirs command-line option is available. It will fail if any of the following conditions is true:

  • -Djava.endorsed.dirs or -Djava.ext.dirs system property is set to alter the default location; or
  • ${java.home}/lib/endorsed directory exists; or
  • ${java.home}/lib/ext contains any JAR files excluding the ones that JDK ships; or
  • any platform-specific system-wide extension directory contains any JAR files.

The -XX:+CheckEndorsedAndExtDirs command-line option is supported in JDK 7u80 and later releases.

Issues with Third party's JCE Providers

The fix for JDK-8023069 updated both the SunJSSE and and SunJCE providers, including some internal interfaces.

Some third party JCE providers (such as RSA JSAFE) are using some sun.* internal interfaces, and therefore will not work with the updated SunJSSE provider. Such providers will need to be updated in order for them to work with the updated SunJSSE provider.

If you have been impacted by this issue, contact your JCE vendor for an update.

See 8133502.

Blacklist Entries

A new blacklist entry is included in this release.

For more details on the entry, see the related Cisco Security Advisory.

Bug Fixes

This release contains fixes for security vulnerabilities. For more information, see Oracle Java SE Critical Patch Update Advisory.

For a list of bug fixes included in this release, see JDK 7u80 Bug Fixes page.

The following are some of the notable bug fixes included in this release:

Area: tools/jar
Synopsis: Improve jar file handling

Starting with JDK 7u79 release, the jar tool no longer allows the leading slash "/" and ".." (dot-dot) path component in zip entry file name when creating new and/or extracting from zip and jar file. If needed, the new command line option "-P" should be used explicitly to preserve the dot-dot and/or absolute path component.

See 8064601 (not public).