Java Runtime Environment 8.0 build 201 (32-bit)
更新細節:
Release Highlights:
IANA Data 2018e
JDK 8u201 contains IANA time zone data version 2018e. For more information, refer to Timezone Data Versions in the JRE Software.
Change: TLS anon and NULL Cipher Suites are Disabled
The TLS anon (anonymous) and NULL cipher suites have been added to the jdk.tls.disabledAlgorithms security property and are now disabled by default.
See JDK-8211883
Change: jarsigner Prints When a timestamp Will Expire
The jarsigner tool now shows more information about the lifetime of a timestamped JAR. New warning and error messages are displayed when a timestamp has expired or is expiring within one year.
See JDK-8191438
Java Expiration Date:
The expiration date for 8u201 is April 16, 2019. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u201) on May 16, 2019. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes:
This release contains fixes for security vulnerabilities described in the Oracle Java SE Critical Patch Update Advisory. For a more complete list of the bug fixes included in this release, see the JDK 8u201 Bug Fixes page.
版本下載:Java Runtime Environment 8.0 build 201 (32-bit)
Java Runtime Environment 8.0 build 191 (32-bit)
更新細節:
Java 8 Update 191 (8u191)
Release Highlights
IANA Data 2018e
JDK 8u191 contains IANA time zone data version 2018e. For more information, refer to Timezone Data Versions in the JRE Software.
Change: Changed Central File System Location for usagetracker.properties File
The file system location in Windows for the usagetracker.properties file has been moved from %ProgramData%OracleJava to %ProgramFiles%Javaconf
There is no change in the file path for Linux, Solaris, or macOS. JDK-8204901 (not public)
Change: Disabled all DES TLS Cipher Suites
DES-based TLS cipher suites are considered obsolete and should no longer be used. DES-based cipher suites have been deactivated by default in the SunJSSE implementation by adding the "DES" identifier to the jdk.tls.disabledAlgorithms security property. These cipher suites can be reactivated by removing "DES" from the jdk.tls.disabledAlgorithms security property in the java.security file or by dynamically calling the Security.setProperty() method. In both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled cipher suite list using the SSLSocket.setEnabledCipherSuites() or SSLEngine.setEnabledCipherSuites() methods.
Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the jdk.tls.disabledAlgorithms security property.
See JDK-8208350
Change: Removal of Several Symantec Root CAs
The following Symantec root certificates are no longer in use and have been removed:
Symantec
equifaxsecureca
DN: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
equifaxsecureglobalebusinessca1
DN: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
equifaxsecureebusinessca1
DN: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
verisignclass1g3ca
DN: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
verisignclass2g3ca
DN: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
verisignclass1g2ca
DN: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
verisignclass1caDN: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
See JDK-8191031
Change: Removal of Baltimore Cybertrust Code Signing CA
The following Baltimore CyberTrust Code Signing root certificate is no longer in use and has been removed:
baltimorecodesigningca
DN: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
See JDK-8189949
Bug Fix: LDAPS Communication Failure
Application code using LDAPS with a socket connect timeout that is <= 0 ( the default value ), running on the July CPU 2018 ( 8u181, 7u191, and 6u201 ), may encounter an exception when establishing the connection.
The top most frames from Exception stack traces of applications encountering such issues might resemble the following:
javax.naming.ServiceUnavailableException: ; socket closed
at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source) ...
The issue has been resolved and the fix is available in the following releases:
8u181
7u191
See JDK-8211107
Java Expiration Date
The expiration date for 8u191 is January 15, 2019. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u191) on February 15, 2019. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes
This release contains fixes for security vulnerabilities described in the Oracle Java SE Critical Patch Update Advisory. For a more complete list of the bug fixes included in this release, see the JDK 8u191 Bug Fixes page.
版本下載:Java Runtime Environment 8.0 build 191 (32-bit)
Java Runtime Environment 8.0 build 181 (32-bit)
Java Runtime Environment 8.0 build 172 (32-bit)
更新細節:
Changes:
Touch Keyboard for Swing/AWT Text Components.
Bug Fixes:
This release contains fixes for security vulnerabilities.
版本下載:Java Runtime Environment 8.0 build 172 (32-bit)
Java Runtime Environment 8.0 build 162 (32-bit)
更新細節:
Bug Fixes:
This release contains fixes for security vulnerabilities.
版本下載:Java Runtime Environment 8.0 build 162 (32-bit)
Java Runtime Environment 8.0 build 152 (32-bit)
更新細節:
New Features:
New Security property to control crypto policy.
Changes:
BigInteger performance improvements turned on by default.
Bug Fixes:
Compilers accept modification of final fields outside initializer methods.
版本下載:Java Runtime Environment 8.0 build 152 (32-bit)
Java Runtime Environment 8.0 build 151 (32-bit)
更新細節:
New Features:
New Security property to control crypto policy.
Changes:
Refactor existing providers to refer to the same constants for default values for key length.
Collections use serialization filter to limit array sizes.
keytool now prints warnings when reading or generating certificates/certificate requests/CRLs using weak algorithms.
New defaults for DSA keys in jarsigner and keytool.
Add warnings to keytool when using JKS and JCEKS.
keytool now prints out information of a certificate's public key.
Bug Fixes:
Fixes for security vulnerabilities.
版本下載:Java Runtime Environment 8.0 build 151 (32-bit)
Java Runtime Environment 8.0 build 144 (32-bit)
更新細節:
Includes important bug fixes.
版本下載:Java Runtime Environment 8.0 build 144 (32-bit)
Java Runtime Environment 8.0 build 141 (32-bit)
更新細節:
New Features:
Disable SHA-1 TLS Server Certificates.
Changes:
JMX Diagnostic improvements.
Custom HostnameVerifier enables SNI extension.
Tighter secure checks on processing WSDL files by wsimport tool.
Bug Fixes:
Fixes for security vulnerabilities.
版本下載:Java Runtime Environment 8.0 build 141 (32-bit)
Java Runtime Environment 8.0 build 131 (32-bit)
更新細節:
Includes important security fixes and bug fixes.
版本下載:Java Runtime Environment 8.0 build 131 (32-bit)
Java Runtime Environment 8.0 build 121 (32-bit)
更新細節:
* Includes important security fixes.
版本下載:Java Runtime Environment 8.0 build 121 (32-bit)
Java Runtime Environment 8.0 build 112 (32-bit)
更新細節:
- Important security fixes.
- Additional features.
版本下載:Java Runtime Environment 8.0 build 112 (32-bit)
Java Runtime Environment 8.0 build 102 (32-bit)
更新細節:
# Enhancements
* Internal package sun.invoke.anon has been removed
* New property jdk.lang.processReaperUseDefaultStackSize
* Implemented performance improvements for BigInteger.montgomeryMultiply
# Changes
* MSCAPI KeyStore can handle same-named certificates
* Modify requirements on Authority Key Identifier extension field during X509 certificate chain building
* Providing more granular levels for GC verification
* Removed PICL warning message
* Improved exception handling for bad LDAP referral replies
# Bug Fixes
* Fix to resolve "Unable to process PreMasterSecret, may be too big" issue
# This release also contains fixes for security vulnerabilities
版本下載:Java Runtime Environment 8.0 build 102 (32-bit)
Java Runtime Environment 8.0 build 101 (32-bit)
更新細節:
* Includes important security fixes.
版本下載:Java Runtime Environment 8.0 build 101 (32-bit)
Java Runtime Environment 8.0 build 92 (32-bit)
更新細節:
* This release contains fixes for security vulnerabilities.
版本下載:Java Runtime Environment 8.0 build 92 (32-bit)