January 18, 2022
The full version string for this update release is 17.0.2+8 (where "+" means "build"). The version number is 17.0.2.
This release is intended as a bugfix release, to fix compatibility problems and typos reported since 2021b was released.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 17.0.2 are specified in the following table:
JRE Family Version | JRE Security Baseline (Full Version String) |
---|---|
17 | 17.0.2+8 |
11 | 11.0.14+8 |
8 | 8u321-b07 |
7 | 7u331-b06 |
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.2) be used after the next critical patch update scheduled for April 19, 2022.
The following root certificate from Google has been removed from the cacerts
keystore:
+ alias name "globalsignr2ca [jdk]"
Distinguished Name: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
On Windows 11 and Windows Server 2022, there can be some slowness with the extraction of temporary installation files when launched from a mapped network drive. The installer will still work, but there can be a temporary delay.
The initialization of the file.encoding
system property on non macOS platforms has been reverted to align with the behavior on or before JDK 11. This has been an issue especially on Windows where the system and user's locales are not the same.
The ZIP file system provider has been changed to reject existing ZIP files that contain entries with "." or ".." in name elements. ZIP files with these entries cannot be used as a file system. Invoking the java.nio.file.FileSystems.newFileSystem(...)
methods throw ZipException
if the ZIP file contains these entries.
IANA Time Zone Database, on which JDK's Date/Time libraries are based, has made a tweak to some time zone rules since 2021c. Note that since this update, some of the time zone rules prior to the year 1970 have been modified according to the changes which were introduced with 2021b. For more detail, refer to the announcement of 2021b
A bug has been fixed that could cause long "Concurrent Process Non-Strong References" times with ZGC. The bug blocked the GC from making significant progress, and caused both latency and throughput issues for the Java application.
The long times could be seen in the GC logs when running with -Xlog:gc*
:
[17606.140s][info][gc,phases ] GC(719) Concurrent Process Non-Strong References 25781.928ms
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 17.0.2 Bug Fixes page.