The following sections summarize changes made in all Java SE 8u361 BPR. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in the previous BPR are also included in the current BPR.
BugId | Category | Subcategory | Summary |
---|---|---|---|
JDK-8089986 | javafx | controls | Menu beeps when mnemonics is used |
JDK-7131823 | client-libs | javax.imageio | bug in GIFImageReader |
JDK-6357887 | client-libs | 2d | selected printertray is ignored under linux |
JDK-8239559 | hotspot | runtime | Cgroups: Incorrect detection logic on some systems |
JDK-8239785 | hotspot | runtime | Cgroups: Incorrect detection logic on old systems in hotspot |
JDK-8048190 | hotspot | runtime | NoClassDefFoundError omits original ExceptionInInitializerError |
JDK-8271506 | hotspot | runtime | Add ResourceHashtable support for deleting selected entries |
BugId | Category | Subcategory | Summary |
---|---|---|---|
JDK-8205959 | core-libs | java.net | Do not restart close if errno is EINTR |
JDK-8280890 | security-libs | java.security | Cannot use '-Djava.system.class.loader' with class loader in signed JAR |
JDK-8299628 (Confidential) | javafx | graphics | BMP top-down images fail to load after JDK-8289336 |
JDK-8297804 | core-libs | java.time | (tz) Update Timezone Data to 2022g |
January 17, 2023
The full version string for this update release is 8u361-b09 (where "b" means "build"). The version number is 8u361.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u361 are specified in the following table:
JRE Family Version | JRE Security Baseline (Full Version String) |
---|---|
8 | 8u361-b09 |
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 8u361) be used after the next critical patch update scheduled for April 18, 2023.
Java SE Subscription customers managing JRE updates/installs for large number of desktops should consider using Java Advanced Management Console (AMC).
For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u361) on 2023-05-18. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.
An OCSP response signed with the RSASSA-PSS algorithm is now supported.
The “JavaScript script engine” for FXML is now disabled by default. Any .fxml file that has a "javascript" Processing Instruction (PI) will no longer load by default, and an exception will be thrown.
It can be enabled by setting the system property: -Djavafx.allowjs=true
ProcessBuilder on Windows is restored to address a regression caused by JDK-8250568. Previously, an argument to ProcessBuilder that started with a double-quote and ended with a backslash followed by a double-quote was passed to a command incorrectly and may cause the command to fail. For example the argument "C:\\Program Files\"
, would be seen by the command with extra double-quotes. This update restores the long standing behavior that does not treat the backslash before the final double-quote specially.
Two system properties have been added which control the keep alive behavior of HttpURLConnection in the case where the server does not specify a keep alive time. Two properties are defined for controlling connections to servers and proxies separately. They are http.keepAlive.time.server
and http.keepAlive.time.proxy
respectively. More information about them can be found in Networking Properties.
This version of the JDK no longer includes a copy of Java VisualVM. VisualVM is now available as a separate download from https://visualvm.github.io.
The readObject
method of _DynAnyFactoryStub
has been amended, such that, when reading the stringified IOR from serialized data, it will, by default, accept stringified IORs in IOR: URI format, only. As DynAnyFactory
is a locally or ORB constrained type, it is not useful that serialized data should contain corbaname or corbaloc URIs. Furthermore, an ORB will prohibit the binding of a name in the INS to a DynAnyFactory
IOR, as such, using a corbaname to reference an instance of DynAnyFactory
is not meaningful.
A system property is introduced, org.omg.DynamicAny.DynAnyFactoryStub.disableIORCheck
, which when set to true, will revert the _DynAnyFactoryStub::readObject
to its current behavior and bypass the additional IOR checks.
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. The following table lists the bug fixes included in the JDK 8u361 release:
# | BugId | Component | Summary |
---|---|---|---|
1 | JDK-8240756 | client-libs/2d | [macos] SwingSet2:TableDemo:Printed Japanese characters were garbled |
2 | JDK-8212677 | client-libs/java.awt | X11 default visual support for IM status window on VNC |
3 | JDK-8231445 | client-libs/java.awt | check ZALLOC return values in awt coding |
4 | JDK-8284033 | client-libs/java.awt | Leak XVisualInfo in getAllConfigs in awt_GraphicsEnv.c |
5 | JDK-8277497 | client-libs/javax.accessibility | Last column cell in the JTable row is read as empty cell |
6 | JDK-8280950 | core-libs/java.util | RandomGenerator:NextDouble() default behavior non conformant after JDK-8280550 fix |
7 | JDK-8281183 | core-libs/java.util | RandomGenerator:NextDouble() default behavior partially fixed by JDK-8280950 |
8 | JDK-8294307 | core-libs/java.util:i18n | ISO 4217 Amendment 173 Update |
9 | JDK-8215571 | core-svc/debugger | jdb does not include jdk.* in the default class filter |
10 | JDK-8197387 | core-svc/tools | jcmd started by "root" must be allowed to access all VM processes |
11 | JDK-8294294 | docs/guides | Document jdk.xml.xpathExprGrpLimit, jdk.xml.xpathExprOpLimit, and jdk.xml.xpathTotalOpLimit in the JAXP Security Guide |
12 | JDK-8145458 | docs/hotspot | JDK 8 man page incorrectly states -XX:ThreadStackSize=size sets the thread stack size (in bytes). |
13 | JDK-8217359 | hotspot/compiler | C2 compiler triggers SIGSEGV after transformation in ConvI2LNode::Ideal |
14 | JDK-8255058 | hotspot/compiler | C1: assert(is_virtual()) failed: type check |
15 | JDK-8253816 | hotspot/compiler | Support macOS W^X |
16 | JDK-8253795 | hotspot/compiler | Implementation of JEP 391: macOS/AArch64 Port |
17 | JDK-8168712 | hotspot/compiler | [AOT] assert(false) failed: DEBUG MESSAGE: InterpreterMacroAssembler::call_VM_base: last_sp != NULL |
18 | JDK-8261336 | hotspot/compiler | IGV: enhance default filters |
19 | JDK-8253817 | hotspot/runtime | Support macOS Aarch64 ABI in Interpreter |
20 | JDK-8200109 | hotspot/runtime | NMT: diff_malloc_site assert(early->flags() == current->flags(), "Must be the same memory type") |
21 | JDK-8238676 | hotspot/runtime | jni crashes on accessing it from process exit hook |
22 | JDK-8230305 | hotspot/runtime | Cgroups v2: Container awareness |
23 | JDK-8027429 | hotspot/runtime | Add diagnostic command VM.info to get hs_err print-out |
24 | JDK-8253714 | hotspot/runtime | [cgroups v2] Soft memory limit incorrectly using memory.high |
25 | JDK-8253727 | hotspot/runtime | [cgroups v2] Memory and swap limits reported incorrectly |
26 | JDK-8255716 | hotspot/runtime | AArch64: Regression: JVM crashes if manually offline a core |
27 | JDK-8281181 | hotspot/runtime | Do not use CPU Shares to compute active processor count |
28 | JDK-8191846 | hotspot/svc | jstat prints debug message when debugging is disabled |
29 | JDK-8038392 | hotspot/svc | Generating prelink cache breaks JAVA 'jinfo' utility normal behaviour |
30 | JDK-8087557 | javafx/accessibility | [Win] [Accessibility, Dialogs] Alert Dialog content is not fully read by Screen Reader |
31 | JDK-8284281 | javafx/accessibility | [Accessibility] [Win] [Narrator] Exceptions with TextArea & TextField when deleted last char |
32 | JDK-8291087 | javafx/accessibility | Wrong position of focus of screen reader on Windows with screen scale > 1 |
33 | JDK-8293795 | javafx/accessibility | [Accessibility] [Win] [Narrator] Exceptions When Deleting Text with Continuous Key Press in TextArea and TextField |
34 | JDK-8289542 | javafx/graphics | Update JPEG Image Decoding Software to 9e |
35 | JDK-8293971 | javafx/media | Loading new Media from resources can sometimes fail when loading from FXML |
36 | JDK-8289541 | javafx/web | Update ICU4C to 71.1 |
37 | JDK-8257722 | security-libs/java.security | Improve "keytool -printcert -jarfile" output |
38 | JDK-8273553 | security-libs/javax.net.ssl | sun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368 |