A regression where the /usr/java/default
symlink is
not created by RPM installers on Linux platforms has been fixed.
Installers will create the /usr/java/default
symlink
if it doesn't exist, targeting the /usr/java/latest
symlink.
JDK 20.0.2 Release Notes
Notable Issues Fixed
Missing /usr/java/default
Symlink on Linux
Restored (JDK-8306690 (not
public))
Known Issues
Problem Upgrading JDK on Windows if System User Is Using Shared Files (JDK-8310932 (not public))
Installing into the same, shared jdk-<family>
directory is the default behavior for the JDK starting with the
July 2023 CPU. It could lead to FilesInUse
issues if
JDK files are locked by the "System User". We recommend shutting
down any apps using the JDK as the "System User" before
upgrading.
Other Notes
Added 4 GTS Root CA Certificates (JDK-8307134)
The following root certificates have been added to the cacerts truststore:
+ Google Trust Services LLC
+ gtsrootcar1
DN: CN=GTS Root R1, O=Google Trust Services LLC, C=US
+ Google Trust Services LLC
+ gtsrootcar2
DN: CN=GTS Root R2, O=Google Trust Services LLC, C=US
+ Google Trust Services LLC
+ gtsrootecccar3
DN: CN=GTS Root R3, O=Google Trust Services LLC, C=US
+ Google Trust Services LLC
+ gtsrootecccar4
DN: CN=GTS Root R4, O=Google Trust Services LLC, C=US
Added Microsoft Corporation's 2 TLS Root CA Certificates (JDK-8304760)
The following root certificates have been added to the cacerts truststore:
+ Microsoft Corporation
+ microsoftecc2017
DN: CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft Corporation, C=US
+ Microsoft Corporation
+ microsoftrsa2017
DN: CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft Corporation, C=US
Added TWCA Root CA Certificate (JDK-8305975)
The following root certificate has been added to the cacerts truststore:
+ TWCA
+ twcaglobalrootca
DN: CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW
Improved ZIP64 Extra Field Validation (JDK-8302483 (not public))
java.util.zip.ZipFile
has been updated to provide
additional validation of ZIP64 extra fields when opening a ZIP
file. This validation may be disabled by setting the system
property jdk.util.zip.disableZip64ExtraFieldValidation
to true
.
ASLR Support for CDS Archive (JDK-8294323 (not public))
Starting with the July 2023 CPU, on operating systems where ASLR (Address Space Layout Randomization) is enabled, the CDS archive will be placed at a random address picked by the operating system.
This change may have a minor performance impact: (a) Start-up time may increase because the JVM needs to patch pointers inside the CDS archive; (b) Memory usage may increase because the memory used by the CDS archive is no longer shareable across processes. We expect the impact to be small because such increases should be only a small fraction of the overall application usage.
In the unlikely event that you must disable ASLR for CDS, you
can use the JVM flags -XX:+UnlockDiagnosticVMOptions
-XX:ArchiveRelocationMode=0
. The usage of such flags is not
recommended.
New System Property to Control the Maximum Size of Signature Files (JDK-8300596 (not public))
A new system property,
jdk.jar.maxSignatureFileSize
, has been added to allow
applications to control the maximum size of signature files in a
signed JAR. The value of the system property is the desired size in
bytes. The default value is 8000000 bytes.