We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

JDK 18.0.2 Release Notes

Java Development Kit 18 Release Notes

Java™ SE Development Kit 18, Patch 18.0.2.1 (JDK 18.0.2.1)

August 18, 2022

The full version string for this update release is 18.0.2.1+1 (where "+" means "build"). The version number is 18.0.2.1.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines are unchanged from the release of JDK 18.0.2.

JRE Family Version JRE Security Baseline (Full Version String)
18 18.0.2+9
17 17.0.4+11
11 11.0.16+11
8 8u341-b10
7 7u351-b07

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 18.0.2.1) be used after the next critical patch update scheduled for October 18, 2022.

Oracle recommends that all JDK 18 users, even those that have already updated to 18.0.2, uptake the 18.0.2.1 patch release.

 

Changes

hotspot/compiler
 C2 Compilation Errors Unpredictably Crashes JVM

Fixes a regression in the C2 JIT compiler which caused the Java Runtime to crash unpredictably.


Java™ SE Development Kit 18.0.2 (JDK 18.0.2)

July 19, 2022

The full version string for this update release is 18.0.2+9 (where "+" means "build"). The version number is 18.0.2.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 18.0.2 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)
18 18.0.2+9
17 17.0.4+11
11 11.0.16+11
8 8u341-b10
7 7u351-b07

 

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 18.0.2) be used after the next critical patch update scheduled for October 18, 2022.

 

Removed Features and Options

security-libs/javax.security
 Remove the Alternate ThreadLocal Implementation of the Subject::current and Subject::callAs APIs

The “jdk.security.auth.subject.useTL” system property and the alternate ThreadLocal implementation of the Subject::current and Subject::callAs APIs have been removed. The default implementation of these APIs is still supported.

See JDK-8282676 (not public)

Other Notes

core-libs/java.net
 java.net.InetAddress Updated to Reject Ambiguous IPv4 Address Literals

The java.net.InetAddress class has been updated to strictly accept IPv4 address literals in decimal quad notation. The InetAddress class methods are updated to throw an java.net.UnknownHostException for invalid IPv4 address literals. To disable this check, the new "jdk.net.allowAmbiguousIPAddressLiterals" system property can be set to "true".

See JDK-8277608 (not public)
hotspot/runtime
 CPU Shares Ignored When Computing Active Processor Count

Previous JDK releases used an incorrect interpretation of the Linux cgroups parameter "cpu.shares". This might cause the JVM to use fewer CPUs than available, leading to an under utilization of CPU resources when the JVM is used inside a container.

Starting from this JDK release, by default, the JVM no longer considers "cpu.shares" when deciding the number of threads to be used by the various thread pools. The -XX:+UseContainerCpuShares command-line option can be used to revert to the previous behavior. This option is deprecated and may be removed in a future JDK release.

tools/javac
 Lambda Deserialization Fails for Object Method References on Interfaces

Deserialization of serialized method references to Object methods, which was using an interface as the type on which the method is invoked, can now be deserialized again. Note the classfiles need to be recompiled to allow the deserialization.

 

Bug Fixes

This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 18.0.2 Bug Fixes page.