The following sections summarize changes made in all Java SE 8u181 BPRs. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in previous BPR are also included in the current BPR.
To determine the version of your JDK software, use the following command:
|8211107||core-libs||javax.naming||LDAPS communication failure with jdk 1.8.0_181|
|deploy||deployment_toolkit||Context lost after resizing the browser window in applet with Forms|
|8201818||client-libs||2d||[macosx] Printing attributes break page size set via "java.awt.print.Book" object|
|8202696||client-libs||javax.swing||Remove exclusion range for phonetic chars in windows fontconfig.properties|
|deploy||webstart||Java Web Start checks "user.dir" read permission when opening http connection|
Please note that fixes from the prior BPR (8u172 b37) are included in this version.
|8195095||client-libs||javax.swing||Images are not scaled correctly in JEditorPane|
July 17, 2018
The full version string for this update release is 1.8.0_181-b13 (where "b" means "build"). The version number is 8u181.
JDK 8u181 contains IANA time zone data version 2018e. For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u181 are specified in the following table:
|JRE Family Version||JRE Security Baseline (Full Version String)|
The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. This JRE (version 8u181) will expire with the release of the next critical patch update scheduled for October 16, 2018.
For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u181) on November 16, 2018. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see JRE Expiration Date.
Java DB, also known as Apache Derby, has been removed in this release.
We recommend that you obtain the latest Apache Derby directly from the Apache project at:
JDK-8197871 (not public)
Endpoint identification has been enabled on LDAPS connections.
To improve the robustness of LDAPS (secure LDAP over TLS) connections, endpoint identification algorithms have been enabled by default.
Note that there may be situations where some applications that were previously able to successfully connect to an LDAPS server may no longer be able to do so. Such applications may, if they deem appropriate, disable endpoint identification using a new system property:
Define this system property (or set it to
true) to disable endpoint identification algorithms.
JDK-8200666 (not public)
New access checks have been added during the object creation phase of deserialization. This should not affect ordinary uses of deserialization. However, reflective frameworks that make use of JDK-internal APIs may be impacted. The new checks can be disabled if necessary by setting the system property jdk.disableSerialConstructorChecks to the value "true". This must be done by adding the argument -Djdk.disableSerialConstructorChecks=true to the Java command line.
JDK-8197925 (not public)
The following are some of the notable bug fixes included in this release:
Unable to use the JDWP API in JDK 8 to debug JDK >=9
The implementation of VirtualMachineImpl.canGetInstanceInfo() has been corrected, so it is now able to see JDK JVMs >= JDK 9.
This correction allows certain debugger agents to operate correctly without any action required from a user (developer).
A klass that has been considered unreachable by the concurrent marking of G1, can be looked up in the ClassLoaderData/SystemDictionary, and its _java_mirror or _class_loader fields can be stored in a root or any other reachable object making it alive again. Whenever a klass is resurrected in this manner, the SATB part of G1 needs to be notified about this, otherwise, the concurrent marking remark phase will erroneously unload that klass.
In this particular crash, while G1 was doing concurrent marking and had prepared its list of unreachable classes, JVMTI on a Java thread could traverse classes in the CLD and store thread-local JNIHandles for the java_mirror of the loaded classes. G1 did not have knowledge of these thread-local JNIHandles, and in the remark phase, it unloaded the classes per its prior knowledge of unreachable classes. When these JNIHandles were later scanned, it lead to a crash.
This fix for JDK-8187577 informs G1's SATB that a klass has been resurrected and it should not be unloaded.
Better stability with older NUMA libraries (-XX+UseNuma)
A fix included in JDK 8 Update 152 introduced a regression that might cause the HotSpot JVM to crash during startup when the UseNUMA flag is used on Linux systems with versions of libnuma older than 2.0.9. This issue has been resolved.
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update.
|1||JDK-8201433||client-libs||2d||Fix potential crash in BufImg_SetupICM|
|2||JDK-8198605||client-libs||java.awt||Touch keyboard is shown for a non-focusable text component|
|3||JDK-8198606||client-libs||java.awt||Touch keyboard does not hide, when a text component looses focus|
|4||JDK-8199748||client-libs||java.awt||Touch keyboard is not shown, if text component gets focus from other text component|
|5||JDK-8187635||client-libs||java.awt||On Windows Swing changes keyboard layout on a window activation|
|6||JDK-8203368||core-libs||java.io:serialization||ObjectInputStream filterCheck method throws NullPointerException|
|7||JDK-8202996||core-libs||java.rmi||Remove debug print statements from RMI fix|
|8||JDK-8197943||core-svc||debugger||Unable to use JDWP API in JDK 8 to debug JDK 9 VM|
|9||JDK-8194690||deploy||JRE bundled in App-V package will not start Java Web Start applications|
|10||JDK-8190689||deploy||plugin||Java incorrectly requires "HttpOnly" cookie attribute to be case sensitive|
|11||JDK-8201133||deploy||webstart||Security check failure for main jar downlaod with jnlp.versionEnabled and Deployment Rule Set feature|
|12||JDK-8189783||deploy||webstart||Java Web Start application with file extension association is removed from cache when invoked for the second time from browser|
|13||JDK-8187223||deploy||webstart||Long JNLP file is not parsed correctly and ends with javaws path|
|14||JDK-8199304||deploy||webstart||javaws.exe failed to launch UTF-8 encoded JNLP file|
|15||JDK-8038636||hotspot||compiler||speculative traps break when classes are redefined|
|16||JDK-8156137||hotspot||compiler||SIGSEGV in ReceiverTypeData::clean_weak_klass_links|
|17||JDK-8188223||hotspot||compiler||IfNode::range_check_trap_proj() should handle dying subgraph with single if proj|
|18||JDK-8169201||hotspot||compiler||Montgomery multiply intrinsic should use correct name|
|19||JDK-8187577||hotspot||gc||JVM crash during gc doing concurrent marking|
|20||JDK-8199406||hotspot||gc||Performance drop with Java JDK 1.8.0_162-b32|
|21||JDK-8055008||hotspot||jvmti||Clean up code that saves the previous versions of redefined classes|
|22||JDK-8057570||hotspot||jvmti||RedefineClasses() tests fail assert(((Metadata*)obj)->is_valid()) failed: obj is valid|
|23||JDK-8198794||hotspot||runtime||Hotspot crash on Cassandra 3.11.1 startup with libnuma 2.0.3|
|24||JDK-8078628||hotspot||runtime||linux-zero does not build without precompiled header|
|25||JDK-8202065||install||install||jre/bin/javaw.exe is missing from server-jre for windows since 8u171|
|26||JDK-8199650||install||install||JDK installation uninstalls public JRE|
|27||JDK-8200418||javafx||web||webPage.executeCommand("removeFormat", null) removes the style of the body element|
|28||JDK-8196011||javafx||web||Intermittent crash when using WebView from JFXPanel application|
|29||JDK-8076117||security-libs||java.security||EndEntityChecker should not process custom extensions after PKIX validation|
|30||JDK-8170035||security-libs||javax.net.ssl||When determining the ciphersuite lists there is no debug output for disabled suites.|
|31||JDK-8074373||tools||launcher||NMT is not enabled if NMT option is specified after class path specifiers|
|32||JDK-8196491||xml||jax-ws||Newlines in JAXB string values of SOAP-requests are escaped to " "|