OpenJDK 13.0.8 released

Yuri Nesterenko yan at
Wed Jul 21 06:58:33 UTC 2021

Hi all,

let me announce the release of OpenJDK 13.0.8.

The release sources are in Git repository tagged jdk-13.0.8-ga.

For October release schedule see

* Security fixes in this release:
   - JDK-8256157: Improve bytecode assembly
   - JDK-8262380: Enhance XML processing passes
   - JDK-8264460: Improve NTLM support
   - JDK-8264079: Improve abstractions
   - JDK-8264066: Enhance compiler validation
   - JDK-8262967: Improve Zip file support
   - JDK-8262477: Enhance String Conclusions
   - JDK-8262410: Enhanced rules for zones
   - JDK-8262403: Enhanced data transfers
   - JDK-8260967: Better jar file validation
   - JDK-8260960: Signs of jarsigner signing
   - JDK-8260453: Improve Font Bounding
   - JDK-8258432: Improve file transfers
   - JDK-8256491: Better HTTP transport

* Other changes:
   - JDK-8225081: Remove Telia Company CA certificate expiring in April 2021
   - JDK-8256421: Add 2 HARICA roots to cacerts truststore
   - JDK-8259312: fails as soneraclass2ca cert will 
expire in 90 days
   - JDK-8225072: Add LuxTrust certificate that is expiring in March 
2021 to list of allowed but expired certs 8258630: Add expiry exception 
for QuoVadis root certificate
   - JDK-8235368: Update BCEL to Version 6.4.1
   - JDK-8251456: [TESTBUG] 
compiler/vectorization/ failed 
   - JDK-8267235: [macos_aarch64] 
InterpreterRuntime::throw_pending_exception messing up LR results in crash
   - JDK-8225773: jdeps --check produces NPE if there is any missing 
module dependence
   - JDK-8229396: jdeps ignores multi-release when generate-module-info 
used on command line
   - JDK-8216012: Infinite loop in RSA KeyPairGenerator
   - JDK-8243452: JFR: Could not create chunk in repository with over 
200 recordings
   - JDK-8252883: AccessDeniedException caused by delayed file deletion 
on Windows
   - JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 header files
   - JDK-8229243: SunPKCS11-Solaris provider tests failing on Solaris 11.4
   - JDK-8247432: Update IANA Language Subtag Registry to Version 2020-09-29
   - JDK-8242010: Update IANA Language Subtag Registry to Version 2020-04-01
   - JDK-8241082: Upgrade IANA Language Subtag Registry data to 
03-16-2020 version
   - JDK-8262829: Native crash in 
   - JDK-8241829: Cleanup the code for PrinterJob on windows
   - JDK-8227609: (fs) Files.newInputStream(...).skip(n) should allow 
skipping beyond file size
   - JDK-8249608: Vector register used by C2 compiled method corrupted 
at safepoint
   - JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest release 
   - JDK-8227080: (fs) Files.newInputStream(...).skip(n) is slow
   - JDK-8232084: HotSpot build failed with GCC 9.2.1
   - JDK-8248043: Need to eliminate excessive i2l conversions
   - JDK-8255880: UI of Swing components is not redrawn after their 
internal state changed
   - JDK-8241248: NullPointerException in
   - JDK-8263676: AArch64: one potential bug in C1 
   - JDK-8247763: assert(outer->outcnt() == 2) failed: 'only phis' 
failure in LoopNode::verify_strip_mined()
   - JDK-8244087: 2020-04-24 public suffix list update v ff6fcea
   - JDK-8242184: Default signature algorithm for an RSASSA-PSS key
   - JDK-8231118: ARM32: Math tests failures
   - JDK-8245981: Upgrade to jQuery 3.5.1
   - JDK-8244088: [Regression] Switch of Gnome theme ends up in 
deadlocked UI
   - JDK-8264786: [macos] All Swing/AWT apps cause Allow Notifications 
prompt to appear when app is launched
   - JDK-8260380: Upgrade to LittleCMS 2.12
   - JDK-8264821: DirectIOTest fails on a system with large block size
   - JDK-8230010: Remove jdk8037819/
   - JDK-8230002: 
javax/xml/jaxp/unittest/transform/ runs zero test
   - JDK-8255845: Memory leak in imageFile.cpp
   - JDK-8261170: Upgrade to FreeType 2.10.4
   - JDK-8256633: Fix product build on Windows+Arm64
   - JDK-8247502: PhaseStringOpts crashes while optimising effectively 
dead code
   - JDK-8265837: Update version .jcheck/conf in jdk13u to be 13.0.8
   - JDK-8247753: UIManager.getSytemLookAndFeelClassName() returns wrong 
value on Fedora 32
   - JDK-8262110: DST starts from incorrect time in 2038
   - JDK-8073446: TimeZone getOffset API does not  return a dst offset 
between years 2038-2137
   - JDK-8251549: Update docs on building for Git
   - JDK-8256359: AArch64: 
runtime/ReservedStack/ fails
   - JDK-8263846: Bad JNI lookup getFocusOwner in accessibility code on 
Mac OS X
   - JDK-8261198: [macOS] Incorrect JNI parameters in number conversion 
in A11Y code
   - JDK-8254790: SIGSEGV in string_indexof_char and 
stringL_indexof_char intrinsics
   - JDK-8259585: [macos] Bad JNI lookup error : Accessible actions do 
not work on macOS
   - JDK-8244853: The static build of libextnet is missing the 
JNI_OnLoad_extnet function
   - JDK-8259232: Bad JNI lookup during printing
   - JDK-8241948: enhance list of environment variables printed in 
hs_err file
   - JDK-8264640: CMS ParScanClosure misses a barrier
   - JDK-8257988: Remove JNF dependency from libsaproc/MacosxDebuggerLocal.m
   - JDK-8260616: Removing remaining JNF dependencies in the 
java.desktop module
   - JDK-8259869: [macOS] Remove desktop module dependencies on JNF 
Reference APIs
   - JDK-8259651: [macOS] Replace JNF_COCOA_ENTER/EXIT macros
   - JDK-8259343: [macOS] Update JNI error handling in Cocoa code.
   - JDK-8257853: Remove dependencies on JNF's JNI utility functions in 
AWT and 2D code
   - JDK-8240487: Cleanup whitespace in .cc, .hh, .m, and .mm files
   - JDK-8261585: Restore HandleArea used in Deoptimization::uncommon_trap
   - JDK-8257858: [macOS]: Remove JNF dependency from 
   - JDK-8257860: [macOS]: Remove JNF dependency from 
   - JDK-8256501: libTestMainKeyWindow fails to build with Xcode 12.2
   - JDK-8248552: C2 crashes with SIGFPE due to division by zero
   - JDK-8256682: JDK-8202343 is incomplete
   - JDK-8202343: Disable TLS 1.0 and 1.1
   - JDK-8261397: Try Catch Method Failing to Work When Dividing An 
Integer By 0
   - JDK-8234691: Potential double-free in ParallelSPCleanupTask constructor

* Notes on some issues:


   JDK-8202343: Disable TLS 1.0 and 1.1

   TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer 
considered secure and have been superseded by more secure and modern 
versions (TLS 1.2 and 1.3).

   These versions have now been disabled by default. If you encounter 
issues, you can, at your own risk, re-enable the versions by removing 
"TLSv1" and/or "TLSv1.1" from the `jdk.tls.disabledAlgorithms` security 
property in the `` configuration file.


   JDK-8225081: Remove Telia Company CA certificate expiring in April 2021

   The following root certificate has been removed from the cacerts 

   + Telia Company
     + soneraclass2ca
       DN: CN=Sonera Class2 CA, O=Sonera, C=FI


   JDK-8256421: Add 2 HARICA roots to cacerts truststore

   The following root certificates have been added to the cacerts 

     + haricarootca2015
       DN: CN=Hellenic Academic and Research Institutions RootCA 2015, 
O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, 

     + haricaeccrootca2015
       DN: CN=Hellenic Academic and Research Institutions ECC RootCA 
2015, O=Hellenic Academic and Research Institutions Cert. Authority, 
L=Athens, C=GR


More information about the jdk-updates-dev mailing list