OpenJDK 17.0.8.1 Released

Andrew Hughes gnu.andrew at redhat.com
Fri Sep 15 17:01:50 UTC 2023 

We are pleased to announce the release of OpenJDK 17.0.8.1.

The source tarball is available from:

* https://openjdk-sources.osci.io/openjdk17/openjdk-17.0.8.1+1.tar.xz

The tarball is accompanied by a digital signature available at:

* https://openjdk-sources.osci.io/openjdk17/openjdk-17.0.8.1+1.tar.xz.sig

This is signed by our Red Hat OpenJDK key (openjdk at redhat.com):

PGP Key: rsa4096/0x92EF8D39DC13168F (hkp://keys.gnupg.net)
Fingerprint = CA5F 11C6 CE22 644D 42C6  AC44 92EF 8D39 DC13 168F

SHA256 checksums:

80aa1a103315324092406501601853c43ca0c61da53b01de6da5b91c0a087bcf  openjdk-17.0.8.1+1.tar.xz
904258b7882a61699c36c759b3629708bf768fb8f41b33a4663bfdb0fda86eef  openjdk-17.0.8.1+1.tar.xz.sig

The checksums can be downloaded from:

* https://openjdk-sources.osci.io/openjdk17/openjdk-17.0.8.1+1.sha256

New in release OpenJDK 17.0.8.1 (2023-08-24):
=============================================
Live versions of these release notes can be found at:
  * https://bit.ly/openjdk17081

* Other changes
  - JDK-8313765: Invalid CEN header (invalid zip64 extra data field size)
  - JDK-8314677: Bump update version for OpenJDK: jdk-17.0.8.1

Notes on individual issues:
===========================

core-libs/java.util.jar:

JDK-8313765: Invalid CEN header (invalid zip64 extra data field size)
=====================================================================
Additional validity checks in the handling of Zip64 files,
JDK-8302483, were introduced in the 11.0.20 release of OpenJDK,
causing the use of some valid zip files to now fail with an
error. This release, 11.0.20.1, allows for zero length headers and
additional padding produced by some Zip64 creation tools.  With both
releases, the checks can be disabled by setting the new system
property, `jdk.util.zip.disableZip64ExtraFieldValidation` to `true`.

Thanks,
-- 
Andrew :)
Pronouns: he / him or they / them
Principal Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

Please contact via e-mail, not proprietary chat networks
Available on Libera Chat & OFTC IRC networks as gnu_andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://mail.openjdk.org/pipermail/jdk-updates-dev/attachments/20230915/21e624de/signature.asc>

More information about the jdk-updates-dev mailing list