java

JDK 8u333 Release Notes

Java SE 8u333 Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 8u333 BPR. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in the previous BPR are also included in the current BPR.

 

Changes in Java SE 8u333 b33

Bug Fixes

BugId Category Subcategory Summary
JDK-8288212 core-libs java.net WLS12.2.1.3/JDK8u281 high throughput servlet performance

 

Changes in Java SE 8u333 b32

Bug Fixes

BugId Category Subcategory Summary
JDK-8279842 core-libs java.net HTTPS Channel Binding support for Java GSS/Kerberos
JDK-8088420 javafx web JavaFX WebView memory leak via EventListener

 

Changes in Java SE 8u333 b31

Fixes from the prior BPR are included in this version.


Java™ SE Development Kit 8, Patch 8u333 (JDK 8u333)

May 2, 2022

The full version string for this update release is 8u333-b02 (where "b" means "build"). The version number is 8u333.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines are unchanged from the release of JDK 8u331.

JRE Family Version JRE Security Baseline (Full Version String)
8 8u331-b09
7 7u341-b08

 

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 8u333) be used after the next critical patch update scheduled for July 19, 2022.

Java SE Subscription customers managing JRE updates/installs for large number of desktops should consider using Java Advanced Management Console (AMC).

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u333) on 2022-08-19. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.

 

Changes

core-libs/java.io
 New System Property to Disable Windows Alternate Data Stream Support in java.io.File

The Windows implementation of java.io.File allows access to NTFS Alternate Data Streams (ADS) by default. Such streams have a structure like “filename:streamname”. A system property jdk.io.File.enableADS has been added to control this behavior. To disable ADS support in java.io.File, the system property jdk.io.File.enableADS should be set to false (case ignored). Stricter path checking however prevents the use of special devices such as NUL:

See JDK-8285445

 

 

Bug Fixes

This release is based on the previous CPU and does not contain any additional security fixes. The following issues have also been resolved:

BugId Category Subcategory Summary
JDK-8284920 xml javax.xml.path Incorrect Token type causes XPath expression to return incorrect results
JDK-8284548 xml jaxp Invalid XPath expression causes StringIndexOutOfBoundsException