OpenJDK 15.0.3 released

Yuri Nesterenko yan at azul.com
Tue Apr 20 18:02:10 UTC 2021 

Hi all,

let me announce the release of OpenJDK 15.0.3.

The release sources are in http://hg.openjdk.java.net/jdk-updates/jdk15u Mercurial repository
which will be made read-only and archived soon while the active master repository
will be moved to Git.
All the current development happens already in Git team repository
 https://github.com/openjdk/jdk15u-dev.

A rather short list of fixes please see below.

* Security fixes:
    JDK-8244473: Contextualize registration for JNDI
    JDK-8244543: Enhanced handling of abstract classes
    JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE after JDK-8244543
    JDK-8250568: Less ambiguous processing
    JDK-8253799: Make lists of normal filenames
    JDK-8261183: Follow on to Make lists of normal filenames
    JDK-8249906: Enhance opening JARs
    JDK-8258247: Couple of issues in fix for JDK-8249906
    JDK-8259428: AlgorithmId.getEncodedParams() should return copy
    JDK-8257001: Improve HTTP client support

* Other changes:
    (P2) JDK-8256682: JDK-8202343 is incomplete
    (P2) JDK-8202343: Disable TLS 1.0 and 1.1
    (P4) JDK-8252497: Incorrect numeric currency code for ROL
    (P2) JDK-8261912: Code IfNode::fold_compares_helper more defensively
    (P3) JDK-8245400: Upgrade to LittleCMS 2.11
    (P3) JDK-8247867: Upgrade to freetype 2.10.2
    (P3) JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a
    (P4) JDK-8259048: (tz) Upgrade time-zone data to tzdata2020f
    (P2) JDK-8261310: PPC64 Zero build fails with 'VMError::controlled_crash(int)::FunctionDescriptor
functionDescriptor' has incomplete type and cannot be defined
    (P3) JDK-8243559: Remove root certificates with 1024-bit keys
        (See CSR JDK-8262079)

* Notes on some issues:
    _______ core-libs/java.time ____________
    ==== See JDK-8259048 ========

    (tz) Upgrade time-zone data to tzdata2020f
8259428
    JDK 13.0.7 contains IANA time zone data version 2020f.
    For more information, refer to https://www.oracle.com/java/technologies/tzdata-versions.html

    ____________ security-libs/java.security ________

    === See JDK-8243559 =========

    Related CSR: JDK-8262079

    Removed Root Certificates with 1024-bit Keys

    The following root certificates with weak 1024-bit RSA public keys have been removed from the
cacerts keystore:

    alias name "thawtepremiumserverca [jdk]"
    Distinguished Name: EMAILADDRESS=premium-server at thawte.com,
        CN=Thawte Premium Server CA, OU=Certification Services Division,
        O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

    alias name "verisignclass2g2ca [jdk]"
    Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only",
        OU=Class 2 Public Primary Certification Authority - G2,
        O="VeriSign, Inc.", C=US

    alias name "verisignclass3ca [jdk]"
    Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

    alias name "verisignclass3g2ca [jdk]"
    Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only",
        OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

    alias name "verisigntsaca [jdk]"
    Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville,
ST=Western Cape, C=ZA

More information about the jdk-updates-dev mailing list