java

JDK 17.0.4 Release Notes

Java SE 17.0.4.1 - Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 17.0.4.1 BPR releases. The BPR releases are listed below in date order, most current BPR first. Note that bug fixes in previous BPRs are also included in the current BPR.

 

Changes in Java SE 17.0.4.1.1

Fixes from the prior BPR are included in this version.


Java™ SE Development Kit 17, Patch 17.0.4.1 (JDK 17.0.4.1)

August 18, 2022

The full version string for this update release is 17.0.4.1+1 (where "+" means "build"). The version number is 17.0.4.1.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines are unchanged from the release of JDK 17.0.4.

JRE Family Version JRE Security Baseline (Full Version String)
17 17.0.4+11
11 11.0.16+11
8 8u341-b10
7 7u351-b07

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.4.1) be used after the next critical patch update scheduled for October 18, 2022.

Oracle recommends that all JDK 17 users, even those that have already updated to 17.0.4, uptake the 17.0.4.1 patch release.

 

Changes

hotspot/compiler
 C2 Compilation Errors Unpredictably Crashes JVM

Fixes a regression in the C2 JIT compiler which caused the Java Runtime to crash unpredictably.


Java SE 17.0.4 - Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 17.0.4 BPR releases. The BPR releases are listed below in date order, most current BPR first. Note that bug fixes in previous BPRs are also included in the current BPR.

 

Changes in Java SE 17.0.4.0.1

Bug Fixes

BugId Category Subcategory Description
JDK-8255439 client-libs java.awt System Tray icons get corrupted when windows scaling changes

Java™ SE Development Kit 17.0.4 (JDK 17.0.4)

July 19, 2022

The full version string for this update release is 17.0.4+11 (where "+" means "build"). The version number is 17.0.4.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 17.0.4 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)
1717.0.4+11
1111.0.16+11
88u341-b10
77u351-b07

 

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.4) be used after the next critical patch update scheduled for October 18, 2022.

New Features

core-libs/java.net
 HTTPS Channel Binding Support for Java GSS/Kerberos

Support has been added for TLS channel binding tokens for Negotiate/Kerberos authentication over HTTPS through javax.net.HttpsURLConnection.

Channel binding tokens are increasingly required as an enhanced form of security which can mitigate certain kinds of socially engineered, man in the middle (MITM) attacks. They work by communicating from a client to a server the client's understanding of the binding between connection security (as represented by a TLS server cert) and higher level authentication credentials (such as a username and password). The server can then detect if the client has been fooled by a MITM and shutdown the session/connection.

The feature is controlled through a new system property jdk.https.negotiate.cbt which is described fully in the Networking Properties page.

Other Notes

core-libs/java.net
 Update java.net.InetAddress to Detect Ambiguous IPv4 Address Literals

The java.net.InetAddress class has been updated to strictly accept IPv4 address literals in decimal quad notation. The InetAddress class methods are updated to throw an java.net.UnknownHostException for invalid IPv4 address literals. To disable this check, the new "jdk.net.allowAmbiguousIPAddressLiterals" system property can be set to "true".

See JDK-8277608 (not public)
core-libs/java.util.jar
 Default JDK Compressor Will Be Closed when IOException Is Encountered

DeflaterOutputStream.close() and GZIPOutputStream.finish() methods have been modified to close out the associated default JDK compressor before propagating a Throwable up the stack. ZIPOutputStream.closeEntry() method has been modified to close out the associated default JDK compressor before propagating an IOException, not of type ZipException, up the stack.

hotspot/runtime
 CPU Shares Ignored When Computing Active Processor Count

Previous JDK releases used an incorrect interpretation of the Linux cgroups parameter "cpu.shares". This might cause the JVM to use fewer CPUs than available, leading to an under utilization of CPU resources when the JVM is used inside a container.

Starting from this JDK release, by default, the JVM no longer considers "cpu.shares" when deciding the number of threads to be used by the various thread pools. The -XX:+UseContainerCpuShares command-line option can be used to revert to the previous behavior. This option is deprecated and may be removed in a future JDK release.

 

Bug Fixes

This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update.

Issues fixed in 17.0.4:

# JBS Component Subcomponent Sumary
1JDK-8283217client-libs2dLeak FcObjectSet in getFontConfigLocations() in fontpath.c
2JDK-8278604client-libsdemoSwingSet2 table demo does not have accessible description set for images
3JDK-8274751client-libsjava.awtDrag And Drop hangs on Windows
4JDK-8278526client-libsjavax.accessibility[macos] Screen reader reads SwingSet2 JTable row selection as null, dimmed row for last column
5JDK-8279586client-libsjavax.accessibility[macos] custom JCheckBox and JRadioBox with custom icon set: focus is still displayed after unchecking
6JDK-8277922client-libsjavax.accessibilityUnable to click JCheckBox in JTable through Java Access Bridge
7JDK-8274735client-libsjavax.imageiojavax.imageio.IIOException: Unsupported Image Type while processing a valid JPEG image
8JDK-8279842core-libsjava.netHTTPS Channel Binding support for Java GSS/Kerberos
9JDK-8282293core-libsjava.netDomain value for system property jdk.https.negotiate.cbt should be case-insensitive
10JDK-8282929core-libsjava.textLocalized monetary symbols are not reflected in `toLocalizedPattern` return value
11JDK-8280543docshotspotUpdate the "java" and "jcmd" tool specification for CDS
12JDK-8279219hotspotcompiler[REDO] C2 crash when allocating array of size too large
13JDK-8278796hotspotcompilerIncorrect behavior of FloatVector.withLane on X86
14JDK-8277906hotspotcompilerIncorrect type for IV phi of long counted loops after CCP
15JDK-8268231hotspotcompilerAarch64: Use Ldp in intrinsics for String.compareTo
16JDK-8273139hotspotcompilerC2: assert(f <= 1 && f >= 0) failed: Incorrect frequency
17JDK-8280799hotspotcompilerС2: assert(false) failed: cyclic dependency prevents range check elimination
18JDK-8265317hotspotcompiler[vector] assert(payload->is_object()) failed: expected 'object' value for scalar-replaced boxed vector but got: NULL
19JDK-8283451hotspotcompilerC2: assert(_base == Long) failed: Not a Long
20JDK-8282592hotspotcompilerC2: assert(false) failed: graph should be schedulable
21JDK-8282590hotspotcompilerC2: assert(addp->is_AddP() && addp->outcnt() > 0) failed: Don't process dead nodes
22JDK-8282312hotspotcompilerMinor corrections to evbroadcasti32x4 intrinsic on x86
23JDK-8281811hotspotcompilerassert(_base == Tuple) failed: Not a Tuple after JDK-8280799
24JDK-8275854hotspotcompilerC2: assert(stride_con != 0) failed: missed some peephole opt
25JDK-8275638hotspotcompilerGraphKit::combine_exception_states fails with "matching stack sizes" assert
26JDK-8256368hotspotcompilerAvoid repeated upcalls into Java to re-resolve MH/VH linkers/invokers
27JDK-8283641hotspotcompilerLarge value for CompileThresholdScaling causes assert
28JDK-8283408hotspotcompilerFix a C2 crash when filling arrays with unsafe
29JDK-8280867hotspotcompilerCpuid1Ecx feature parsing is incorrect for AMD CPUs
30JDK-8280600hotspotcompilerC2: assert(!had_error) failed: bad dominance
31JDK-8279837hotspotcompilerC2: assert(is_Loop()) failed: invalid node class: Region
32JDK-8279668hotspotcompilerx86: AVX2 versions of vpxor should be asserted
33JDK-8275337hotspotcompilerC1: assert(false) failed: live_in set of first block must be empty
34JDK-8274983hotspotcompilerC1 optimizes the invocation of private interface methods
35JDK-8280901hotspotcompilerMethodHandle::linkToNative stub is missing w/ -Xint
36JDK-8280526hotspotcompilerx86_32 Math.sqrt performance regression with -XX:UseSSE={0,1}
37JDK-8279356hotspotcompilerMethod linking fails with guarantee(mh->adapter() != NULL) failed: Adapter blob must already exist!
38JDK-8278948hotspotcompilercompiler/vectorapi/reshape/TestVectorCastAVX1.java crashes in assembler
39JDK-8277180hotspotcompilerIntrinsify recursive ObjectMonitor locking for C2 x64 and A64
40JDK-8282874hotspotcompilerBad performance on gather/scatter API caused by different IntSpecies of indexMap
41JDK-8281266hotspotcompiler[JVMCI] MetaUtil.toInternalName() doesn't handle hidden classes correctly
42JDK-8279515hotspotcompilerC1: No inlining through invokedynamic and invokestatic call sites when resolved class is not linked
43JDK-8279822hotspotcompilerCI: Constant pool entries in error state are not supported
44JDK-8279560hotspotcompilerAArch64: generate_compare_long_string_same_encoding and LARGE_LOOP_PREFETCH alignment
45JDK-8279437hotspotcompiler[JVMCI] exception in HotSpotJVMCIRuntime.translate can exit the VM
46JDK-8275830hotspotcompilerC2: Receiver downcast is missing when inlining through method handle linkers
47JDK-8282231hotspotcompilerx86-32: runtime call to SharedRuntime::ldiv corrupts registers
48JDK-8282295hotspotruntimeSymbolPropertyEntry::set_method_type fails with assert
49JDK-8281274hotspotruntimedeal with ActiveProcessorCount in os::Linux::print_container_info
50JDK-8281275hotspotruntimeUpgrading from 8 to 11 no longer accepts '/' as filepath separator in gc paths
51JDK-8281181hotspotruntimeDo not use CPU Shares to compute active processor count
52JDK-8278553hotspottestRunThese30M.java failed due to errors in JckStressModule.out
53JDK-8281517installinstallImprove the error message shown when a user tries to install the aarch64 bundle on an intel mac
54JDK-8278851security-libsjava.securityCorrect signer logic for jars signed with multiple digest algorithms
55JDK-8255266security-libsjava.securityUpdate Public Suffix List to 3c213aa
56JDK-8274524security-libsjavax.net.sslSSLSocket.close() hangs if it is called during the ssl handshake
57JDK-8275082security-libsjavax.xml.cryptoUpdate XML Security for Java to 2.3.0
58JDK-8279520security-libsorg.ietf.jgssSPNEGO has not passed channel binding info into the underlying mechanism
59JDK-8277165toolsjdeps --multi-release --print-module-deps fails if module-info.class in different versioned directories
60JDK-8225559toolsjavacassertion error at TransTypes.visitApply