JDK 7u331 Update Release Notes
Java™ SE Development Kit 7, Update 331 (JDK 7u331)
January 18, 2022
The full version string for this update release is 7u331-b06 (where "b" means "build"). The version number is 7u331.
IANA TZ Data 2021b, 2021c, 2021d, 2021e
- Jordan now starts DST on February's last Thursday.
- Samoa no longer observes DST.
- Merge more location-based Zones whose timestamps agree since 1970.
- Move some backward-compatibility links to 'backward'.
- Rename Pacific/Enderbury to Pacific/Kanton.
- Correct many pre-1993 transitions in Malawi, Portugal, etc.
- zic now creates each output file or link atomically.
- zic -L no longer omits the POSIX TZ string in its output.
- zic fixes for truncation and leap second table expiration.
- zic now follows POSIX for TZ strings using all-year DST.
- Fix some localtime crashes and bugs in obscure cases.
- zdump -v now outputs more-useful boundary cases.
- tzfile.5 better matches a draft successor to RFC 8536.
- A new file SECURITY.
- Revert most 2021b changes to 'backward'.
- Fix 'zic -b fat' bug in pre-1970 32-bit data.
- Fix two Link line typos.
- Distribute SECURITY file.
This release is intended as a bugfix release, to fix compatibility problems and typos reported since 2021b was released.
- Fiji suspends DST for the 2021/2022 season.
- 'zic -r' marks unspecified timestamps with "-00".
- Palestine will fall back 10-29 (not 10-30) at 01:00.
Security Baselines
The security baseline for the Java Runtime Environment (JRE) at the time of the release of JDK 7u331 is specified in the following table:
| JRE Family Version | JRE Security Baseline (Full Version String) |
|---|---|
| 7 | 7u331-b06 |
Keeping the JDK up to Date
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 7u331) be used after the next critical patch update scheduled for April 19, 2022.
Java SE Subscription customers managing JRE updates/installs for large number of desktops should consider using Java Advanced Management Console (AMC).
For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 7u331) on 2022-05-19. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.
New Features
The Apache Santuario library has been upgraded to version 2.1.4. As a result, a new system property com.sun.org.apache.xml.internal.security.parser.pool-size has been introduced.
This new system property sets the pool size of the internal DocumentBuilder cache used when processing XML Signatures. The function is equivalent to the org.apache.xml.security.parser.pool-size system property used in Apache Santuario and has the same default value of 20.
Removed Features and Options
The following root certificate from Google has been removed from the cacerts keystore:
+ alias name "globalsignr2ca [jdk]"
Distinguished Name: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Other Notes
IANA Time Zone Database, on which JDK's Date/Time libraries are based, has made a tweak to some time zone rules since 2021c. Note that since this update, some of the time zone rules prior to the year 1970 have been modified according to the changes which were introduced with 2021b. For more detail, refer to the announcement of 2021b
Bug Fixes
This release contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 7u331 Bug Fixes page.