Your search did not match any results.
We suggest you try the following to help find what you’re looking for:
July 14, 2020
The full version string for this update release is 11.0.8+10 (where "+" means "build"). The version number is 11.0.8.
JDK 11.0.8 contains IANA time zone data version 2020a. For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 11.0.8 are specified in the following table:
|JRE Family Version||JRE Security Baseline (Full Version String)|
Oracle recommends that the JDK is updated with each Critical Patch Update (CPU). In order to determine if a release is the latest, the following Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 11.0.8) be used after the next critical patch update scheduled for October 20, 2020.
➜ New System Properties to Configure the TLS Signature Schemes
Two new System Properties are added to customize the TLS signature schemes in JDK.
jdk.tls.client.SignatureSchemes is added for TLS client side, and
jdk.tls.server.SignatureSchemes for server side.
Each System Property contains a comma-separated list of supported signature scheme names, which specifying the signature schemes that could be used for the TLS connections.
The names are described in the "Signature Schemes" section of the Java Security Standard Algorithm Names Specification.
➜ Apache Santuario Library Updated to Version 2.1.4
The Apache Santuario library has been upgraded to version 2.1.4. As a result, a new system property
com.sun.org.apache.xml.internal.security.parser.pool-size has been introduced.
This new system property sets the pool size of the internal
DocumentBuilder cache used when processing XML Signatures. The function is equivalent to the
org.apache.xml.security.parser.pool-size system property used in Apache Santuario and has the same default value of 20.
➜ Toolchain Upgrade to Xcode 10.1
Build Environment Update for macOS Moved to Xcode 10.1 On macOS, the toolchain used to build the JDK has been upgraded from Xcode 4.5 to Xcode 10.1.
JDK-8232007 (not public)
➜ Removal of Comodo Root CA Certificate
The following expired Comodo root CA certificate was removed from the
Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
➜ Removal of DocuSign Root CA Certificate
The following expired DocuSign root CA certificate was removed from the
Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
➜ Default SSLEngine Should Create in Server Role
In JDK 11 and later,
javax.net.ssl.SSLEngine by default used client mode when handshaking. As a result, the set of default enabled protocols may differ to what is expected.
SSLEngine would usually be used in server mode. From this JDK release onwards,
SSLEngine will default to server mode. The
javax.net.ssl.SSLEngine.setUseClientMode(boolean mode) method may be used to configure the mode.
➜ OperatingSystemMXBean Methods Inside a Container Return Container Specific Data
When executing in a container, or other virtualized operating environment, the following
OperatingSystemMXBean methods in this release return container specific information, if available. Otherwise, they return host specific data:
➜ Default SSL Session Cache Size Updated to 20480
The default SSL session cache size has been updated to 20480 in this JDK release
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 11.0.8 Bug Fixes page.