We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

JDK 8u361 Release Notes

Java SE 8u361 Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 8u361 BPR. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in the previous BPR are also included in the current BPR.


Changes in Java SE 8u361 b32

Bug Fixes

BugId Category Subcategory Summary
JDK-8089986 javafx controls Menu beeps when mnemonics is used
JDK-7131823 client-libs javax.imageio bug in GIFImageReader
JDK-6357887 client-libs 2d selected printertray is ignored under linux
JDK-8239559 hotspot runtime Cgroups: Incorrect detection logic on some systems
JDK-8239785 hotspot runtime Cgroups: Incorrect detection logic on old systems in hotspot
JDK-8048190 hotspot runtime NoClassDefFoundError omits original ExceptionInInitializerError
JDK-8271506 hotspot runtime Add ResourceHashtable support for deleting selected entries


Changes in Java SE 8u361 b31

Bug Fixes

BugId Category Subcategory Summary
JDK-8205959 core-libs java.net Do not restart close if errno is EINTR
JDK-8280890 security-libs java.security Cannot use '-Djava.system.class.loader' with class loader in signed JAR
JDK-8299628 (Confidential) javafx graphics BMP top-down images fail to load after JDK-8289336
JDK-8297804 core-libs java.time (tz) Update Timezone Data to 2022g

Java™ SE Development Kit 8, Update 361 (JDK 8u361)

January 17, 2023

The full version string for this update release is 8u361-b09 (where "b" means "build"). The version number is 8u361.


IANA TZ Data 2022d, 2022e, 2022f

JDK 8u361 contains IANA time zone data 2022d, 2022e, 2022f.
  • Palestine transitions are now Saturdays at 02:00.
  • Simplify three Ukraine zones into one.
  • Jordan and Syria switch from +02/+03 with DST to year-round +03.
  • Mexico will no longer observe DST except near the US border.
  • Chihuahua moves to year-round -06 on 2022-10-30.
  • Fiji no longer observes DST.
  • Move links to 'backward'.
  • In vanguard form, GMT is now a Zone and Etc/GMT a link.
  • zic now supports links to links, and vanguard form uses this.
  • Simplify four Ontario zones.
  • Fix a Y2438 bug when reading TZif data.
  • Enable 64-bit time_t on 32-bit glibc platforms.
  • Omit large-file support when no longer needed.
  • In C code, use some C23 features if available.
  • Remove no-longer-needed workaround for Qt bug 53071.
For more information, refer to Timezone Data Versions in the JRE Software.


Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u361 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)


Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 8u361) be used after the next critical patch update scheduled for April 18, 2023.

Java SE Subscription customers managing JRE updates/installs for large number of desktops should consider using Java Advanced Management Console (AMC).

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u361) on 2023-05-18. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.


New Features

 Support for RSASSA-PSS in OCSP Response (JDK-8274471)

An OCSP response signed with the RSASSA-PSS algorithm is now supported.


Other Notes

 FXML JavaScript Engine Disabled by Default (JDK-8294779 (not public))

The “JavaScript script engine” for FXML is now disabled by default. Any .fxml file that has a "javascript" Processing Instruction (PI) will no longer load by default, and an exception will be thrown.

It can be enabled by setting the system property: -Djavafx.allowjs=true

 Incorrect Handling of Quoted Arguments in ProcessBuilder (JDK-8282008)

ProcessBuilder on Windows is restored to address a regression caused by JDK-8250568. Previously, an argument to ProcessBuilder that started with a double-quote and ended with a backslash followed by a double-quote was passed to a command incorrectly and may cause the command to fail. For example the argument "C:\\Program Files\", would be seen by the command with extra double-quotes. This update restores the long standing behavior that does not treat the backslash before the final double-quote specially.

 Make HttpURLConnection Default Keep Alive Timeout Configurable (JDK-8278067)

Two system properties have been added which control the keep alive behavior of HttpURLConnection in the case where the server does not specify a keep alive time. Two properties are defined for controlling connections to servers and proxies separately. They are http.keepAlive.time.server and http.keepAlive.time.proxy respectively. More information about them can be found in Networking Properties.

 VisualVM tool no longer bundled (JDK-8294184)

This version of the JDK no longer includes a copy of Java VisualVM. VisualVM is now available as a separate download from https://visualvm.github.io.

 CORBA _DynAnyFactoryStub readObject Accepts Only Stringified ior in IOR: URI format (JDK-8285021 (not public))

The readObject method of _DynAnyFactoryStub has been amended, such that, when reading the stringified IOR from serialized data, it will, by default, accept stringified IORs in IOR: URI format, only. As DynAnyFactory is a locally or ORB constrained type, it is not useful that serialized data should contain corbaname or corbaloc URIs. Furthermore, an ORB will prohibit the binding of a name in the INS to a DynAnyFactory IOR, as such, using a corbaname to reference an instance of DynAnyFactory is not meaningful.

A system property is introduced, org.omg.DynamicAny.DynAnyFactoryStub.disableIORCheck, which when set to true, will revert the _DynAnyFactoryStub::readObject to its current behavior and bypass the additional IOR checks.


Bug Fixes

This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. The following table lists the bug fixes included in the JDK 8u361 release:

# BugId Component Summary
1JDK-8240756client-libs/2d[macos] SwingSet2:TableDemo:Printed Japanese characters were garbled
2JDK-8212677client-libs/java.awtX11 default visual support for IM status window on VNC
3JDK-8231445client-libs/java.awtcheck ZALLOC return values in awt coding
4JDK-8284033client-libs/java.awtLeak XVisualInfo in getAllConfigs in awt_GraphicsEnv.c
5JDK-8277497client-libs/javax.accessibilityLast column cell in the JTable row is read as empty cell
6JDK-8280950core-libs/java.utilRandomGenerator:NextDouble() default behavior non conformant after JDK-8280550 fix
7JDK-8281183core-libs/java.utilRandomGenerator:NextDouble() default behavior partially fixed by JDK-8280950
8JDK-8294307core-libs/java.util:i18nISO 4217 Amendment 173 Update
9JDK-8215571core-svc/debuggerjdb does not include jdk.* in the default class filter
10JDK-8197387core-svc/toolsjcmd started by "root" must be allowed to access all VM processes
11JDK-8294294docs/guidesDocument jdk.xml.xpathExprGrpLimit, jdk.xml.xpathExprOpLimit, and jdk.xml.xpathTotalOpLimit in the JAXP Security Guide
12JDK-8145458docs/hotspotJDK 8 man page incorrectly states -XX:ThreadStackSize=size sets the thread stack size (in bytes).
13JDK-8217359hotspot/compilerC2 compiler triggers SIGSEGV after transformation in ConvI2LNode::Ideal
14JDK-8255058hotspot/compilerC1: assert(is_virtual()) failed: type check
15JDK-8253816hotspot/compilerSupport macOS W^X
16JDK-8253795hotspot/compilerImplementation of JEP 391: macOS/AArch64 Port
17JDK-8168712hotspot/compiler[AOT] assert(false) failed: DEBUG MESSAGE: InterpreterMacroAssembler::call_VM_base: last_sp != NULL
18JDK-8261336hotspot/compilerIGV: enhance default filters
19JDK-8253817hotspot/runtimeSupport macOS Aarch64 ABI in Interpreter
20JDK-8200109hotspot/runtimeNMT: diff_malloc_site assert(early->flags() == current->flags(), "Must be the same memory type")
21JDK-8238676hotspot/runtimejni crashes on accessing it from process exit hook
22JDK-8230305hotspot/runtimeCgroups v2: Container awareness
23JDK-8027429hotspot/runtimeAdd diagnostic command VM.info to get hs_err print-out
24JDK-8253714hotspot/runtime[cgroups v2] Soft memory limit incorrectly using memory.high
25JDK-8253727hotspot/runtime[cgroups v2] Memory and swap limits reported incorrectly
26JDK-8255716hotspot/runtimeAArch64: Regression: JVM crashes if manually offline a core
27JDK-8281181hotspot/runtimeDo not use CPU Shares to compute active processor count
28JDK-8191846hotspot/svcjstat prints debug message when debugging is disabled
29JDK-8038392hotspot/svcGenerating prelink cache breaks JAVA 'jinfo' utility normal behaviour
30JDK-8087557javafx/accessibility[Win] [Accessibility, Dialogs] Alert Dialog content is not fully read by Screen Reader
31JDK-8284281javafx/accessibility[Accessibility] [Win] [Narrator] Exceptions with TextArea & TextField when deleted last char
32JDK-8291087javafx/accessibilityWrong position of focus of screen reader on Windows with screen scale > 1
33JDK-8293795javafx/accessibility[Accessibility] [Win] [Narrator] Exceptions When Deleting Text with Continuous Key Press in TextArea and TextField
34JDK-8289542javafx/graphicsUpdate JPEG Image Decoding Software to 9e
35JDK-8293971javafx/mediaLoading new Media from resources can sometimes fail when loading from FXML
36JDK-8289541javafx/webUpdate ICU4C to 71.1
37JDK-8257722security-libs/java.securityImprove "keytool -printcert -jarfile" output
38JDK-8273553security-libs/javax.net.sslsun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368