Java™ SE Development Kit 17; Update 17.0.14 (JDK 17.0.14)$$$January 21; 2025$$$$$$The full version string for this update release is 17.0.14+8 (where + means build). The version number is 17.0.14. This JDK conforms to version 17.1 of the Java SE Specification (JSR 392 MR 1 2024-07-02).$$$$$$IANA TZ Data 2024b$$$JDK 17.0.14 contains IANA time zone data 2024b which contains the following changes:$$$$$$Improve historical data for Mexico; Mongolia; and Portugal.$$$System V names are now obsolescent.$$$The main data form now uses %z.$$$The code now conforms to RFC 8536 for early timestamps.$$$Support POSIX.1-2024; which removes asctime_r and ctime_r.$$$$$$Refer - https://www.oracle.com/java/technologies/javase/17all-relnotes.html#R17_0_14

Java™ SE Development Kit 17; Update 17.0.14 (JDK 17.0.14)$$$January 21; 2025$$$$$$The full version string for this update release is 17.0.14+8 (where + means build). The version number is 17.0.14. This JDK conforms to version 17.1 of the Java SE Specification (JSR 392 MR 1 2024-07-02).$$$$$$IANA TZ Data 2024b$$$JDK 17.0.14 contains IANA time zone data 2024b which contains the following changes:$$$$$$Improve historical data for Mexico; Mongolia; and Portugal.$$$System V names are now obsolescent.$$$The main data form now uses %z.$$$The code now conforms to RFC 8536 for early timestamps.$$$Support POSIX.1-2024; which removes asctime_r and ctime_r.$$$$$$Refer - https://www.oracle.com/java/technologies/javase/17all-relnotes.html#R17_0_14

Important Oracle JDK 17 License Update starting with JDK 17.0.13$$$JDK 17.0.13 is the first JDK 17 update release made available under the Oracle Technology Network License Agreement for Oracle Java SE (OTN for Java SE). This license is substantially different from the Oracle No-fee Terms and Conditions (NTFC) used in earlier JDK 17 updates. The OTN for Java SE license permits certain uses; such as personal use and development use; at no cost; but other uses authorized under the NFTC may no longer be available. Please review the terms carefully before using this product. An FAQ is available here.$$$$$$New Features$$$security-libs/java.security$$$? Thread and Timestamp Options for java.security.debug System Property (JDK-8051959)$$$The java.security.debug system property now accepts arguments which add thread ID; thread name; caller information; and timestamp information to debug statements for all components or a specific component.$$$$$$+timestamp can be appended to debug options to print a timestamp for that debug option. +thread can be appended to debug options to print thread and caller information for that debug option.$$$$$$Examples: -Djava.security.debug=all+timestamp+thread adds timestamp and thread information to every debug statement generated.$$$$$$-Djava.security.debug=properties+timestamp adds timestamp information to every debug statement generated for the properties component.$$$$$$You can also specify -Djava.security.debug=help which will display a complete list of supported components and arguments.$$$$$$See Printing Thread and Timestamp Information for more information.$$$$$$ $$$$$$Notable Issues Fixed$$$install/install$$$? JDK RPM Upgrade Leaves Orphan Alternatives Entry (JDK-8336107 (not public))$$$Fixed the issue with entries in the java and javac groups not being properly managed during an RPM upgrade.$$$$$$Upgrading from an older Java RPM installed into a shared directory (/usr/lib/jvm/jdk-${FEATURE}-oracle-${ARCH}) to a Java RPM installing into a version-specific directory (/usr/lib/jvm/jdk-${VERSION}-oracle-${ARCH}); results in the older Java entries in the java and javac groups not being deleted.$$$$$$The issue does not manifest until the new Java is uninstalled. When it is uninstalled and Java from the lower release is installed; running Java commands like java or keytool without the full path specified will result in the command not found error. For example; install 21.0.3; upgrade it to 21.0.4; uninstall 21.0.4; install any Java update of 17 or 11 or 8 release; run java from the command line. The command will fail with the command not found error.$$$$$$Manually delete orphan Java entries in the java and javac groups to workaround the issue.$$$For more details refer - https://www.oracle.com/java/technologies/javase/17-0-13-relnotes.html#R17_0_13

Java SE 17.0.12 - Bundled Patch Release (BPR) - Bug Fixes and Updates$$$The following sections summarize changes made in all Java SE 17.0.12 BPR releases. The BPR releases are listed below in date order; most current BPR first. Note that bug fixes in previous BPRs are also included in the current BPR.$$$$$$ $$$$$$Changes in Java SE 17.0.12.0.1$$$Bug Fixes$$$July 16; 2024$$$Fixes from the prior BPR are included in this version.$$$$$$Java™ SE Development Kit 17; Update 17.0.12 (JDK 17.0.12)$$$Release date: July 16; 2024$$$The full version string for this update release is 17.0.12+8 (where + means build). The version number is 17.0.12.$$$$$$ $$$$$$IANA TZ Data 2024a$$$For more information; refer to Timezone Data Versions in the JRE Software.$$$$$$ $$$$$$Security Baselines$$$The security baselines for the Java Runtime at the time of the release of JDK 17.0.12 are specified in the following table:$$$$$$Java Family VersiontSecurity Baseline (Full Version String)$$$17t17.0.12+8$$$11t11.0.24+7$$$8t8u421-b09$$$ $$$$$$Keeping the JDK up to Date$$$Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest; the Security Baseline page can be used to determine which is the latest version for each release family.$$$$$$Critical patch updates; which contain security vulnerability fixes; are announced one year in advance on Critical Patch Updates; Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.12) be used after the next critical patch update scheduled for October 15; 2024.$$$$$$Java Management Service; available to all users; can help you find vulnerable Java versions in your systems. Java SE Subscribers and customers running in Oracle Cloud can use Java Management Service to update Java Runtimes and to do further security reviews like identifying potentially vulnerable third party libraries used by your Java programs. Existing Java Management Service user click here to log in to your dashboard. The Java Management Service Documentation provides a list of features available to everyone and those available only to customers. Learn more about using Java Management Service to monitor and secure your Java Installations.$$$$$$ $$$$$$Availability of Oracle JDK 17 under NFTC$$$Oracle JDK 17 LTS; released in September 2021; has been permissively licensed under the free Java license and will continue to be so until one year after the subsequent LTS release. Oracle designated Oracle JDK 21; released in September of 2023; as a Long Term Support (LTS) release. Therefore; update releases of Oracle JDK 17 after September of 2024 will switch to the Java SE OTN license; the same license under which we offer updates to Java 8 and 11. Users wishing to receive updates of the Oracle JDK under the free Java license should migrate to Oracle JDK 21.$$$$$$ $$$$$$New Features$$$security-libs/java.security$$$? New Security Category for -XshowSettings Launcher Option (JDK-8281658)$$$The -XshowSettings launcher has a new security category. Settings from security properties; security providers and TLS related settings are displayed with this option. A security sub-category can be passed as an argument to the security category option. See the output from java -X:$$$$$$ -XshowSettings:security$$$$$$ show all security settings and continue$$$ -XshowSettings:security:*sub-category*$$$ show settings for the specified security sub-category and continue. Possible *sub-category* arguments for this option include:$$$ all: show all security settings and continue$$$ properties: show security properties and continue$$$ providers: show static security provider settings and continue$$$ tls: show TLS related security settings and continue$$$Third party security provider details will be reported if they are included in the application class path or module path and such providers are configured in the java.security file.$$$$$$ $$$$$$Notable Issues Fixed$$$tools/jpackage$$$? jpackage May Produce an Inacc

Java SE 17.0.10 - Bundled Patch Release (BPR) - Bug Fixes and Updates$$$The following sections summarize changes made in all Java SE 17.0.10 BPR releases. The BPR releases are listed below in date order; most current BPR first. Note that bug fixes in previous BPRs are also included in the current BPR.$$$$$$ $$$$$$Changes in Java SE 17.0.10.0.1$$$Bug Fixes$$$January 16; 2024$$$Fixes from the prior BPR are included in this version.$$$$$$Java™ SE Development Kit 17; Update 17.0.10 (JDK 17.0.10)$$$January 16; 2024$$$The full version string for this update release is 17.0.10+11 (where + means build). The version number is 17.0.10.$$$$$$ $$$$$$IANA TZ Data 2023c$$$For more information; refer to Timezone Data Versions in the JRE Software.$$$$$$ $$$$$$Security Baselines$$$The security baselines for the Java Runtime at the time of the release of JDK 17.0.10 are specified in the following table:$$$$$$Java Family VersiontSecurity Baseline (Full Version String)$$$17t17.0.10+11$$$11t11.0.22+9$$$8t8u401-b10$$$ $$$$$$Keeping the JDK up to Date$$$Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest; the Security Baseline page can be used to determine which is the latest version for each release family.$$$$$$Critical patch updates; which contain security vulnerability fixes; are announced one year in advance on Critical Patch Updates; Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.10) be used after the next critical patch update scheduled for April 16; 2024.$$$$$$Java SE Subscription products customers managing JRE updates/installs for large number of desktops should consider using Java Management Service (JMS).$$$$$$ $$$$$$New Features$$$security-libs/javax.xml.crypto$$$? New System Property to Toggle XML Signature Secure Validation Mode (JDK-8301260)$$$A new system property named org.jcp.xml.dsig.secureValidation has been added. It can be used to enable or disable the XML Signature secure validation mode. The system property should be set to true to enable; or false to disable. Any other value for the system property is treated as false. If the system property is set; it supersedes the XMLCryptoContext property value.$$$$$$By default; secure validation mode is enabled. Disabling secure validation mode is done at your own risk.$$$$$$ $$$$$$Known Issues$$$hotspot/compiler$$$? Potential Performance Regression Due to Limited Range Check Elimination (JDK-8314468 (not public))$$$When the C1 compiler is the only compiler available to the VM; it applies loop predication to remove array access range checks from loop bodies. Due to a defect; this optimization was disabled; potentially leading to a performance regression.$$$$$$This only affects the client VM or VMs running with the non-default command line flags -XX:+NeverActAsServerClassMachine or -XX:TieredStopAtLevel=[1;2;3].$$$$$$

Java™ SE Development Kit 17; Update 17.0.9 (JDK 17.0.9)$$$October 17; 2023$$$The full version string for this update release is 17.0.9+11 (where + means build). The version number is 17.0.9.$$$$$$ $$$$$$IANA TZ Data 2023c$$$For more information; refer to Timezone Data Versions in the JRE Software.$$$$$$ $$$$$$Security Baselines$$$The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 17.0.9 are specified in the following table:$$$$$$JRE Family VersiontJRE Security Baseline (Full Version String)$$$17t17.0.9+11$$$11t11.0.21+9$$$8t8u391-b13$$$ $$$$$$Keeping the JDK up to Date$$$Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest; the Security Baseline page can be used to determine which is the latest version for each release family.$$$$$$Critical patch updates; which contain security vulnerability fixes; are announced one year in advance on Critical Patch Updates; Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.9) be used after the next critical patch update scheduled for January 16; 2024.$$$$$$ $$$$$$New Features$$$tools/launcher$$$? -XshowSettings:locale Output Now Includes Tzdata Version (JDK-8305950)$$$The -XshowSettings launcher option has been enhanced to print the tzdata version configured with the JDK. The tzdata version is displayed as part of the locale showSettings option.$$$$$$Example output using -X:showSettings:locale:$$$$$$.....$$$$$$Locale settings:$$$ default locale = English$$$ default display locale = English$$$ default format locale = English$$$ tzdata version = 2023c$$$ .....$$$ $$$$$$Removed Features and Options$$$security-libs/java.security$$$? Removed SECOM Trust Systems RootCA1 Root Certificate (JDK-8295894)$$$The following root certificate from SECOM Trust System has been removed from the cacerts keystore:$$$$$$+ alias name secomscrootca1 [jdk]$$$$$$ Distinguished Name: OU=Security Communication RootCA1; O=SECOM Trust.net; C=JP$$$ $$$$$$Other Notes$$$security-libs/java.security$$$? Added Certigna Root CA Certificate (JDK-8314960)$$$The following root certificate has been added to the cacerts truststore:$$$$$$+ Certigna (Dhimyotis)$$$$$$ + certignarootca$$$ DN: CN=Certigna Root CA; OU=0002 48146308100036; O=Dhimyotis; C=FR$$$security-libs/javax.net.ssl$$$? The Default TLS Diffie-Hellman Group Size Has Been Increased from 1024-bit to 2048-bit (JDK-8301700)$$$The JDK implementation of TLS 1.2 now uses a default Diffie Hellman keysize of 2048 bits when a TLS_DHE cipher suite is negotiated and either the client or server does not support FFDHE; which can negotiate a stronger keysize. The JDK TLS implementation supports FFDHE and it is enabled by default.$$$$$$As a workaround; users can revert to the previous size by setting the jdk.tls.ephemeralDHKeySize system property to 1024 (at their own risk).$$$$$$This change does not affect TLS 1.3 as the minimum DH group size is already 2048 bits.$$$$$$ $$$$$$Bug Fixes$$$This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update.$$$$$$? Issues fixed in 17.0.9:$$$$$$

Java™ SE Development Kit 17; Update 17.0.8 (JDK 17.0.8)$$$July 18; 2023$$$The full version string for this update release is 17.0.8+9 (where + means build). The version number is 17.0.8.$$$$$$ $$$$$$IANA TZ Data 2023c$$$JDK 17.0.8 contains IANA time zone data 2023c which contains the following changes:$$$$$$Egypt now uses DST again; from April through October.$$$This year Morocco springs forward April 23; not April 30.$$$Palestine delays the start of DST this year.$$$Much of Greenland still uses DST from 2024 on.$$$America/Yellowknife now links to America/Edmonton.$$$tzselect can now use current time to help infer timezone.$$$The code now defaults to C99 or later.$$$Fix use of C23 attributes.$$$This releases code and data are identical to 2023a.$$$For more information; refer to Timezone Data Versions in the JRE Software.$$$$$$ $$$$$$Security Baselines$$$The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 17.0.8 are specified in the following table:$$$$$$JRE Family VersiontJRE Security Baseline (Full Version String)$$$17t17.0.8+9$$$11t11.0.20+9$$$8t8u381-b09$$$ $$$$$$Keeping the JDK up to Date$$$Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest; the Security Baseline page can be used to determine which is the latest version for each release family.$$$$$$Critical patch updates; which contain security vulnerability fixes; are announced one year in advance on Critical Patch Updates; Security Alerts and Bulletins. It is not recommended that this JDK (version 17.0.8) be used after the next critical patch update scheduled for October 17; 2023.$$$$$$ $$$$$$New Features$$$core-libs/java.nio.charsets$$$? Support for GB18030-2022 (JDK-8307229)$$$The China National Standard body (CESI) has recently published GB18030-2022; which is an updated version of the GB18030 standard and brings GB18030 in sync with Unicode version 11.0. The Charset implementation for this new standard has now replaced the prior 2000 standard. However; this new standard has some incompatible changes from the prior implementation. For those who need to use the old mappings; a new system property; jdk.charset.GB18030; is introduced. By setting its value to 2000; the previous JDK releases mappings for the GB18030 Charset are used; which are based on the 2000 standard.$$$$$$security-libs/java.security$$$? Windows KeyStore Updated to Include Access to the Local Machine Location (JDK-6782021)$$$The Windows KeyStore support in the SunMSCAPI provider has been expanded to include access to the local machine location. The new keystore types are:$$$$$$Windows-MY-LOCALMACHINE$$$Windows-ROOT-LOCALMACHINE$$$The following keystore types were also added; allowing developers to make it clear they map to the current user:$$$$$$Windows-MY-CURRENTUSER (same as Windows-MY)$$$Windows-ROOT-CURRENTUSER (same as Windows-ROOT)$$$security-libs/java.security$$$? New JFR Event: jdk.SecurityProviderService (JDK-8254711)$$$A new Java Flight Recorder (JFR) event has been added to record details of java.security.Provider.getService(String type; String algorithm) calls.$$$$$$The new event name is jdk.SecurityProviderService and contains the following fields:$$$$$$Field nametField Description$$$typetType of Service$$$algorithmtAlgorithm Name$$$providertSecurity Provider$$$This event is disabled by default and can be enabled via the JFR configuration files or via standard JFR options.$$$$$$ $$$$$$Known Issues$$$install$$$? Problem Upgrading JDK on Windows if System User Is Using Shared Files (JDK-8310932 (not public))$$$Installing into the same; shared jdk-(family) directory is the default behavior for the JDK starting with the July 2023 CPU. It could lead to FilesInUse issues if JDK files are locked by the System User. We recommend shutting down any apps using the JDK as the System User before upgrading.$$$$$$

Java™ SE Development Kit 17; Update 17.0.7 (JDK 17.0.7)$$$April 18; 2023$$$The full version string for this update release is 17.0.7+8 (where + means build). The version number is 17.0.7.$$$$$$ $$$$$$IANA TZ Data 2022g$$$JDK 17.0.7 contains IANA time zone data 2022g which contains the following changes:$$$$$$The northern edge of Chihuahua changes to US timekeeping.$$$Much of Greenland stops changing clocks after March 2023.$$$Fix some pre-1996 timestamps in northern Canada.$$$C89 is now deprecated; please use C99 or later.$$$Portability fixes for AIX; libintl; MS-Windows; musl; z/OS.$$$In C code; use more C23 features if available.$$$C23 timegm now supported by default.$$$Fixes for unlikely integer overflows.$$$For more information; refer to Timezone Data Versions in the JRE Software.$$$ $$$$$$IANA TZ Data 2022d; 2022e; 2022f$$$JDK 17.0.6 contains IANA time zone data 2022d; 2022e; 2022f.$$$Palestine transitions are now Saturdays at 02:00.$$$Simplify three Ukraine zones into one.$$$Jordan and Syria switch from +02/+03 with DST to year-round +03.$$$Mexico will no longer observe DST except near the US border.$$$Chihuahua moves to year-round -06 on 2022-10-30.$$$Fiji no longer observes DST.$$$Move links to backward.$$$In vanguard form; GMT is now a Zone and Etc/GMT a link.$$$zic now supports links to links; and vanguard form uses this.$$$Simplify four Ontario zones.$$$Fix a Y2438 bug when reading TZif data.$$$Enable 64-bit time_t on 32-bit glibc platforms.$$$Omit large-file support when no longer needed.$$$In C code; use some C23 features if available.$$$Remove no-longer-needed workaround for Qt bug 53071.

Java™ SE Development Kit 17.0.6 (JDK 17.0.6)$$$January 17; 2023$$$$$$The full version string for this update release is 17.0.6+9 (where + means build). The version number is 17.0.6.$$$$$$ $$$$$$IANA TZ Data 2022d; 2022e; 2022f$$$JDK 17.0.6 contains IANA time zone data 2022d; 2022e; 2022f.$$$Palestine transitions are now Saturdays at 02:00.$$$Simplify three Ukraine zones into one.$$$Jordan and Syria switch from +02/+03 with DST to year-round +03.$$$Mexico will no longer observe DST except near the US border.$$$Chihuahua moves to year-round -06 on 2022-10-30.$$$Fiji no longer observes DST.$$$Move links to backward.$$$In vanguard form; GMT is now a Zone and Etc/GMT a link.$$$zic now supports links to links; and vanguard form uses this.$$$Simplify four Ontario zones.$$$Fix a Y2438 bug when reading TZif data.$$$Enable 64-bit time_t on 32-bit glibc platforms.$$$Omit large-file support when no longer needed.$$$In C code; use some C23 features if available.$$$Remove no-longer-needed workaround for Qt bug 53071.

Java™ SE Development Kit 17.0.5 (JDK 17.0.5)$$$October 18; 2022$$$$$$The full version string for this update release is 17.0.5+9 (where + means build). The version number is 17.0.5.$$$$$$ $$$$$$IANA TZ Data 2022b; 2022c$$$JDK 17.0.5 contains IANA time zone data 2022b; 2022c.$$$$$$Chiles DST is delayed by a week in September 2022.$$$Iran no longer observes DST after 2022.$$$Rename Europe/Kiev to Europe/Kyiv.$$$New zic -R option$$$Vanguard form now uses %z.$$$Finish moving duplicate-since-1970 zones to backzone.$$$New build option PACKRATLIST.$$$New tailored_tarballs target; replacing rearguard_tarballs.$$$Work around awk bug in FreeBSD; macOS; etc.$$$Improve tzselect on intercontinental Zones.

Changes$$$$$$hotspot/compiler$$$? C2 Compilation Errors Unpredictably Crashes JVM$$$Fixes a regression in the C2 JIT compiler which caused the Java Runtime to crash unpredictably.$$$$$$Refer the below link for more details