The following sections summarize changes made in all Java SE 8u144 BPRs. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in previous BPR are also included in the current BPR.
To determine the version of your JDK software, use the following command:
|security-libs||javax.crypto||com/sun/crypto/provider/Cipher/CTS/CTSMode.java test crashed due to unhandled case of cipher length value as 0|
|8185572||hotspot||compiler||Enable AssumeMP by default on SPARC machines|
|8074544||deploy||webstart||webstart app fails with CouldNotLoadArgumentException when account in Japanese|
|deploy||webstart||deployJava.launchWebStartApplication() couldn't work|
|deploy||webstart||Crash in native javaws base64 code|
|deploy||plugin||Forms context lost when legacy_lifecycle=yes|
|8180048||hotspot||gc||Interned string and symbol table leak memory during parallel unlinking|
|deploy||webstart||Reduce security dialogs when only application args change|
|deploy||webstart||WebStart cached jar verification intermittently slow in native ReadFile function|
Please note that fixes from prior BPR (8u141 b32) are included in this version.
July 26, 2017
The full version string for this update release is 1.8.0_144-b01 (where "b" means "build"). The version number is 8u144.
JDK 8u144 contains IANA time zone data version 2017b. For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u144 are specified in the following table:
|JRE Family Version||JRE Security Baseline (Full Version String)|
The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 8u144) will expire with the release of the next critical patch update scheduled for October 17, 2017.
For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u144) on November 17, 2017. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see JRE Expiration Date.
java.util.zip.ZipFile.getEntry() now always returns the ZipEntry instance with a / ended entry name for directory entry
java.util.zip.ZipEntry API doc specifies "A directory entry is defined to be one whose name ends with a
/". However, in previous JDK releases,
java.util.zip.ZipFile.getEntry(String entryName) may return a
ZipEntry instance with an entry name that does not end with
/ for an existing zip directory entry when
entryNamedoes not end with a /, and
/in the zip file.
With this release, the name of the
ZipEntry instance returned from
java.util.zip.ZipFile.getEntry() always ends with
/ for any zip directory entry.
To revert to the previous behavior, set the system property
jdk.util.zip.ensureTrailingSlash to "false".
This change was made in order to fix a regression introduced in JDK 8u141 when verifying signed JARs that has caused some WebStart applications to fail to load.
This release also contains fixes for security vulnerabilities described in the Oracle Java SE Critical Patch Update Advisory.
|1||JDK-8184993||security‑libs||java.security||Jar file verification failing with SecurityException: digest missing xxx|