java

JDK 8u31 Release Notes

Java SE 8u31 Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 8u31 BPRs. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in previous BPR are also included in the current BPR.

To determine the version of your JDK software, use the following command:

java -version

Changes in Java SE 8u31 b33

Bug Fixes

BugId Component Subcomponent Summary
8062032
(Confidential)
deploy plugin Client certificate authentication issues with TLS 1.2 and browser keystore
8068283 client-libs java.awt Mac OS Incompatibility between JDK 6 and 8 regarding input method handling
8037417 deploy   javaws fails to launch app with empty href in jnlp file if Application-Library-Allowable-Codebase is used
8063047
(Confidential)
deploy webstart Need jnlp information from cached webstart application
8062375
(Confidential)
deploy webstart Warning message doesn't contain additional info: "Launched from downloaded JNLP file" when launched from shortcut or cache viewer
8037471 deploy deployment_toolkit The warning message displays the app name and publisher as "UNKNOWN" if cache is disabled

Changes in Java SE 8u31 b32

Bug Fixes

BugId Component Subcomponent Summary
8065858
(Confidential)
deploy plugin Applet doesn't load after upgrade to JDK 8u25

Changes in Java SE 8u31 b31

Please note that fixes from the prior BPR (8u25 b32) are included in this BPR.

Bug Fixes

BugId Component Subcomponent Summary
8061648 deploy webstart JavaWS fails with proxy autoconfig due to missing "dnsResolve"

Java™ SE Development Kit 8, Update 31 (JDK 8u31)

The full version string for this update release is 1.8.0_31-b13 (where "b" means "build"). The version number is 8u31.

Highlights

This update release contains several enhancements and changes including the following:


IANA Data 2014j

JDK 8u31 contains IANA time zone data version 2014j. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u31 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)
8 1.8.0_31
7 1.7.0_75
6 1.6.0_91
5.0 1.5.0_81

For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

JRE Expiration Date

The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 8u31) will expire with the release of the next critical patch update scheduled for April 14, 2015.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u31) on May 14, 2015. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see JRE Expiration Date.

New Features and Changes

SSLv3 is disabled by default

Starting with JDK 8u31 release, the SSLv3 protocol (Secure Socket Layer) has been deactivated and is not available by default. See the java.security.Security property jdk.tls.disabledAlgorithms in <JRE_HOME>/lib/security/java.security file.

If SSLv3 is absolutely required, the protocol can be reactivated by removing "SSLv3" from the jdk.tls.disabledAlgorithms property in the java.security file or by dynamically setting this Security property to "true" before JSSE is initialized.

It should be noted that SSLv3 is obsolete and should no longer be used.

Changes to Java Control Panel

Starting with JDK 8u31 release, SSLv3 protocol is removed from Java Control Panel Advanced options.

If the user needs to use SSLv3 for applications, re-enable it manually as follows:

  • Enable SSLv3 protocol on JRE level: as described in the previous section.
  • Enable SSLv3 protocol on deploy level: edit the deployment.properties file and add the following:


    deployment.security.SSLv3=true

Bug Fixes


This release contains fixes for security vulnerabilities. For more information, see Oracle Critical Patch Update Advisory.

BugId Component Subcomponent Summary
8040617 client-libs 2d [macosx] Large JTable cell results in a OutOfMemoryException
8041990 client-libs java.awt [macosx] Language specific keys does not work in applets whenopened outside the browser
8043610 client-libs java.awt Sorting columns in JFileChooser fails with AppContext NPE
8051359 client-libs javax.swing [headless] JPopupMenu creation in headless mode with JDK9b23causes NPE
8055949 core-libs java.io ByteArrayOutputStream capacity should be maximal array sizepermitted by VM
8055222 core-libs java.util:i18n Currency update needed for ISO 4217 Amendment #159
8064560 core-libs java.util:i18n (tz) Support tzdata2014j
8033245 deploy   RFE: Instructions Not Clear For Adding Site To ESL
8048089 deploy   ClientConfig.refreshIfNeeded() doesn't restore properties with"active." prefix.
8050838 deploy   JRE Install Error in localized Windows 8.1 after join in ADdomain
8044290 deploy webstart Shortcuts are not created for javaws x64 with JRE 7u55 onWindows OS
8056979 deploy webstart Roaming user profiles by USER_JPI_PROFILE env variablesdoesn't work anymore
8061342 deploy webstart javaws help message in Japanese is corrupted
8061643 deploy webstart JavaWS fails with proxy autoconfig due to missing "resolve"permission
8062392 deploy webstart Jnlp fails to load with CouldNotLoadArgumentException
8054883 hotspot compiler Segmentation error while running program
8026303 hotspot gc CMS: JVM intermittently crashes with "FreeList of size258 violates Conservation Principle" assert
8044406 hotspot gc JVM crash with JDK8 (build 1.8.0-b132) with G1 GC
8058715 hotspot runtime stability issues when being launched as an embedded JVM viaJNI
8060169 hotspot runtime Update the Crash Reporting URL in the Java crash log
8059079 install install Typo in Installer Removal Tool UE, "hightly"
8050386 tools javac javac, follow-up of fix for 8049305
8059327 xml javax.xml.parsers XML parser returns corrupt attribute value
8038966 xml jax-ws JAX-WS handles wrongly xsd:any arguments for Web services
8036981 xml jaxb JAXB not preserving formatting for xsd:any Mixed content
8029837 xml jaxp NPE seen in XMLDocumentFragmentScannerImpl.setProperty since7u40b33