OpenJDK 11.0.20.1 Released

Andrew Hughes gnu.andrew at redhat.com
Mon Sep 11 17:05:17 UTC 2023 

We are pleased to announce the release of OpenJDK 11.0.20.1.

The source tarball is available from:

* https://openjdk-sources.osci.io/openjdk11/openjdk-11.0.20.1+1.tar.xz

The tarball is accompanied by a digital signature available at:

* https://openjdk-sources.osci.io/openjdk11/openjdk-11.0.20.1+1.tar.xz.sig

This is signed by our Red Hat OpenJDK key (openjdk at redhat.com):

PGP Key: rsa4096/0x92EF8D39DC13168F (hkp://keys.gnupg.net)
Fingerprint = CA5F 11C6 CE22 644D 42C6  AC44 92EF 8D39 DC13 168F

SHA256 checksums:

19ff7b05c6bc5f7ca326bb5a6ba5375ab14b2e810f6ca81da9ca644e2764304d  openjdk-11.0.20.1+1.tar.xz
6055964a52e113b68431251a9b96411ef66235ce5856b767e2fffd7d1687ec54  openjdk-11.0.20.1+1.tar.xz.sig

The checksums can be downloaded from:

* https://openjdk-sources.osci.io/openjdk11/openjdk-11.0.20.1+1.sha256

New in release OpenJDK 11.0.20.1 (2023-08-24):
==============================================
Live versions of these release notes can be found at:
  * https://bit.ly/openjdk110201

* Other changes
  - JDK-8313765: Invalid CEN header (invalid zip64 extra data field size)
  - JDK-8314678: Bump update version for OpenJDK: jdk-11.0.20.1

Notes on individual issues:
===========================

core-libs/java.util.jar:

JDK-8313765: Invalid CEN header (invalid zip64 extra data field size)
=====================================================================
Additional validity checks in the handling of Zip64 files,
JDK-8302483, were introduced in the 11.0.20 release of OpenJDK,
causing the use of some valid zip files to now fail with an
error. This release, 11.0.20.1, allows for zero length headers and
additional padding produced by some Zip64 creation tools.  With both
releases, the checks can be disabled by setting the new system
property, `jdk.util.zip.disableZip64ExtraFieldValidation` to `true`.

Thanks,
-- 
Andrew :)
Pronouns: he / him or they / them
Principal Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

Please contact via e-mail, not proprietary chat networks
Available on Libera Chat & OFTC IRC networks as gnu_andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://mail.openjdk.org/pipermail/jdk-updates-dev/attachments/20230911/fc3259b9/signature.asc>

More information about the jdk-updates-dev mailing list