October 19, 2021
The full version string for this update release is 17.0.1+12 (where "+" means "build"). The version number is 17.0.1.
For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 17.0.1 are specified in the following table:
JRE Family Version | JRE Security Baseline (Full Version String) |
---|---|
17 | 17.0.1+12 |
11 | 11.0.13+10 |
8 | 8u311-b11 |
7 | 7u321-b08 |
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.1) be used after the next critical patch update scheduled for January 18, 2022.
The following root certificate from IdenTrust has been removed from the cacerts
keystore:
+ alias name "identrustdstx3 [jdk]"
Distinguished Name: CN=DST Root CA X3, O=Digital Signature Trust Co.
This release doesn't correctly identify Windows 11. The property os.name
is set to Windows 10
on Windows 11. In HotSpot error logs, the OS is identified as Windows 10
; however, the HotSpot error log does show the Build number. Windows 11 has Build 22000.194 or above.
The scope of the com.sun.jndi.ldap.object.trustSerialData
system property has been extended to control the deserialization of java objects from the javaReferenceAddress
LDAP attribute. This system property now controls the deserialization of java objects from the javaSerializedData
and javaReferenceAddress
LDAP attributes.
To prevent deserialization of java objects from these attributes, the system property can be set to false
. By default, the deserialization of java objects from javaSerializedData
and javaReferenceAddress
attributes is allowed.
This release doesn't correctly identify Windows Server 2022. The property os.name
is set to Windows Server 2019
on Windows Server 2022. In HotSpot error logs the OS is identified as Windows Server 2019
; however, the HotSpot error log does show the Build number. Windows Server 2022 has Build 20348, or above.
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 17.0.1 Bug Fixes page.