Changes in 1.5.0_19
The full internal version number for this update release is 1.5.0_19-b02 (where "b" means "build"). The external version number is 5.0u19.
OlsonData 2009g
This release contains Olson time zone data version 2009g. For more information, refer to Timezone Data Versions in the JRE Software .
Security Baseline
This update release specifies the following security baseline:
JRE Family Version Java SE
Security Baseline Java SE for Business
Security Baseline 1.4.2 1.4.2_19 1.4.2_20
In December, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) include the Access Only option and are available to Java SE for Business subscribers.
For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .
Additional Supported System Configurations
As of this update, support has been added for the following system configurations:
* Internet Explorer 8
* Windows Server 2008
* SLES 11
Refer to the Supported System Configurations page.
Service Tag Support
Service Tag support on Solaris, Linux, and Windows is add in this release. If Service Tag software has been installed on a system where JRE 1.5.0_19 is being installed, a unique service tag is automatically created for that particular JRE instance. There is no change in the JDK/JRE installation instruction, and there is no change in the Java runtime.
Service Tag software can be downloaded from Sun Inventory. JDK and JRE service tags allow installed instances of the JDK and JRE to be discovered and registered under a user's account on Sun Connection.
Known Issues
IE 8 Hangs with OBJECT Tag
When an OBJECT tag is used to specify an applet, and the browser does not receive any mouse button events or keyboard events before the browser gets to the point of interpreting (executing) the OBJECT> tag, then IE 8 hangs.
This bug is seen when an html file containing OBJECT tag is specified as a command line parameter while launching IE. For example:
iexplorer.exe file.html
In this case, there is no mouse button event between invocation of IE and OBJECT tag execution.
A workaround is to force the user to use a mouse or keyboard before IE8 reaches the tag. For example, if applet.html contains an OBJECT tag, then the following command line invocation hangs the browser:
iexplorer.exe applet.html
However, if you specify applet.html in another html file, as follows, then the user is forced to use the keyboard or mouse button, and the hang does not occur:
<HTML><BODY><A href="file:applet.html"> click </A> </BODY></HT
ML>
Refer to CR 6825659 for further information.
Bug Fixes
Bug fixes are listed in the following table.
BugId Category Subcategory Description 6260293 hotspot compiler2 fix set_ctrl() inconsistencies in loopopts
6394438 hotspot compiler2 crash in C2 compiler in MachSpillCopyNode::implementation on 5.0_U4
6435614 hotspot compiler2 code fails with impossible ArrayIndexOutOfBounds Exception
6754146 hotspot compiler2 1.5.0_15 C2 compiler crashes in PhaseChaitin::Split()
6788347 hotspot compiler2 C2Compiler crash 6u7
6798785 hotspot compiler2 Crash in OopFlow::build_oop_map: incorrect comparison of 64bit pointers
5081701 hotspot garbage_collector CMS: ATG crash with perm gen collection enabled
6415354 hotspot garbage_collector CMS: assert(thisOop->is_oop_or_null(true),"expected an oop or NULL")
6722112 hotspot garbage_collector CMS: Incorrect encoding of overflown object arrays during concurrent precleaning
6722113 hotspot garbage_collector CMS: Incorrect overflow handling during precleaning of Reference lists
6739357 hotspot garbage_collector CMS: Switch off CMSPrecleanRefLists1 until 6722113 can be fixed
6786503 hotspot garbage_collector Overflow list performance can be improved
6787254 hotspot garbage_collector Work queue capacity can be increased substantially on some platforms
6751861 hotspot jvmti Memory leak occurs in JVMTI(jdk5.0u16)
6447157 hotspot other Crashdump (hs_err_pid*.log) does not contain the crash time
6320309 hotspot runtime_system symbol resolution -- wait() vs interrupt -- can result in IE being thrown from unexpected locations
6680485 hotspot runtime_system Wrong error-handling with Solaris-specific interruptible I/O (Solaris)
6821003 hotspot runtime_system Update hotspot windows os_win32 for windows 7
6277781 idl serialization Serialization of Enums over IIOP is broke.
6614558 idl serialization jmx interop JDK5 - JDK6 issue when calling getMBeanInfo
6529796 java char_encodings Support JIS X 0213:2004 in existing JDK versions, especially for Windows Vista
6710199 java char_encodings SJIS_0213 does not handle "unmappable" encoding operation correctly
4744405 java classes_2d RFE: lookupPrintServices() to refresh the printers list dynamically
6358622 java classes_2d hotspot crash when printing to non-available network printer
6428762 java classes_2d RHEL5: Sazanami Mincho Font rendering quality is poor
6574633 java classes_2d native printDialog crashes when changing printer
6633656 java classes_2d Cross platform print dialog doesn't check for orientation being unsupported.
6524352 java classes_awt support for high-resolution mouse wheel
6668385 java classes_awt Java applet crashes IE 6 in AwtComponent::ImmAssociateContext()
6675956 java classes_awt REGRESSION : Different behavior of Container.findComponentAt in jdk5
6707023 java classes_awt Chinese Characters in JTextPane Cause Pane to Hang
6219755 java classes_io PipedOutputStream.write() remains blocked after PipedInputStream was closed
6242664 java classes_lang String.offsetByCodePoints doesn't work for Strings returned by String.substring
6819886 java classes_lang System.getProperty("os.name") reports Vista on Windows 7
6651382 java classes_management The Java JVM SNMP provider reports incorrect stats when asked for multiple OIDs
6598160 java classes_net Windows IPv6 Socket implementation doesn't set the handle to not inherit
6648001 java classes_net Cancelling HTTP authentication causes subsequent deadlocks
6693244 java classes_net Java Web Start app fails on 6u10 beta w/ AssertionError in AuthenticationInfo.requestCompleted
5100121 java classes_nio (se) select not immune to EINTR
6497734 java classes_nio (dc) assert "JNI handle should not be null" under Java_sun_nio_ch_FileDispatcher_preClose0()
6552236 java classes_security PolicyFile not synchronized during refresh
6699856 java classes_swing Creating text in a JTextPane using Chinese text causes undesired behavior
6735259 java classes_swing NPE at WindowsComboBoxUI$XPComboBoxButton.getState(WindowsComboBoxUI.java:408)
4823811 java classes_text [Fmt-Da] SimpleDateFormat patterns don't allow embedding of some literal punctuation
6576792 java classes_util_concurrent ThreadPoolExecutor methods leak interrupts when run in pool threads
6409997 java classes_util_i18n Default locale/encoding detection for Windows Vista
6834474 java classes_util_i18n (tz) Support tzdata2009g
6740278 java dragndrop An image(256 colors) in clipboard should be displayed correctly
6404011 java imageio IllegalArgumentException: "Invalid ICC Profile Data" when reading certain JPEGs
6687968 java imageio PNGImageReader leaks native memory through an Inflater.
6541870 java serialization NullPointerException in ObjectInputStream with Externalizables
6608975 java serviceability HeapDumpPath option is ignored for dumps written by HeapDumpOnCtrlBreak functionality
6745217 java serviceability jmap throws sun.jvm.hotspot.utilities.AssertionFailure: BitMap index out of bounds (1.5.0_15-b04)
6754987 java serviceability Crash triggering Heapdump via -XX:+HeapDumpOnCtrlBreak AND -XX:+UseParallelOldGC
6803304 java sunservicetags Service Tag support for JRE for solaris/linux/windows
6680432 java_deployment security Display only Digital Signature key usage certificate in client authentication dialog box.
6567254 java_plugin ns6 Stack stomp in CSecureJNIEnv
6603064 java_plugin other Legacy_lifecycle:Exception getting thrown on while making LiveConnect calls once applet is refreshed
6595618 java_plugin plugin Intermittent problems with signed applet certificate verification
6618901 java_plugin plugin 6.0 JRE applet running on Vista limits heap to 64 MB
6696175 javawebstart jnlp_file javaws not recognizing properties which contains % character
6809409 jaxp sax jaxp Issue 56 SAXException doesn't do the exception chaining properly
6809019 jaxp xslt Performance degradation for fix to: 6537909 in 1.5.0_14
6796140 jets other Further ORB changes after 6725987
6176036 jndi ldap Require a way to specify read timeout for LDAP operations
Changes in 1.5.0_18
The full internal version number for this update release is 1.5.0_18-b02 (where "b" means "build"). The external version number is 5.0u18.
Security Baseline
This update release specifies the following security baseline:
JRE Family Version Security Baseline 1.4.2 1.4.2_20
For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .
OlsonData 2009a
This release contains Olson time zone data version 2009a. For more information, refer to Timezone Data Versions in the JRE Software .
Java Naming and Directory Interface (JNDI) API Change
The behavior of the JNDI feature to store and retrieve Java objects in an LDAP directory has been slightly modified.
When storing a Java object in an LDAP directory, the location of the object's class file (its codebase) may be specified. Later, when restoring the original object, its codebase along with additional object data is retrieved from the directory and used by the class loader.
An object's codebase is no longer implicitly trusted. Instead, a new system property called com.sun.jndi.ldap.object.trustURLCodebase must explicitly be set to the string value true in order for a codebase to be used. Otherwise, the codebase will be ignored by the class loader when restoring a Java object, and only those class files that appear on the classpath will be recognized.
Java Management Extensions(JMX) Change
In a JMX access property file, the readwrite access no longer allows the remote createMBean and unregisterMBean operations. These must now be provided explicitly via new clauses.
The default jmxremote.access file of the JRE ($JRE_HOME/lib/management/jmxremote.access) shows what this looks like:
monitorRole readonly
controlRole readwrite \
create javax.management.monitor.*,javax.management.timer.* \
unregister
CORBA Memory Leak Fix - Special Note
This update release and revision 5.0u16-rev-b12 and subsequent updates and revisions contain a fix for 6725987. When using updates and revisions prior to these, an ORB may contain valid references (that is, a memory leak) even after calling its shutdown() and destroy() methods, and it may respond to some method calls.
With this fix, the ORB correctly cleans up and the Garbage Collector can free up the memory held by such references. Incorrect accesses to such references or methods are likely to result in a NullPointerException to the application.
Root Certificates Included
Root Certificates are included in this release. The following root certificates have been added:
* VeriSign TSA Root Cert to the JDK (Refer to 6732157.)
* Two additional T-systems root CA certs (Refer to 6803022.)
* Two Unizeto root certs (Refer to 6803036.)
Bug Fixes
This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 254569, 254570, 254571, 254608, and 254611.
Other bug fixes are listed in the following table.
BugId Category Subcategory Description 6676016 hotspot garbage_collector ParallelOldGC leaks memory
6461933 java classes_awt To adjust system boot time in nowMillisUTC() frequently
6637607 java classes_awt 1st char. is discarded after a modal dialogue shows up and disappears
6677578 java classes_awt Print dialog doesn't come up when brower window is maximized
6571589 java classes_lang (thread) Thread.getStackTrace() returns null
6446855 java classes_net https connections failing when connecting through a proxy
6687282 java classes_net URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
6720866 java classes_net Slow performance using HttpURLConnection for upload
6732157 java classes_security Add VeriSign TSA Root Cert to the JDK
6803022 java classes_security Add T-systems root CA certs to the JRE
6803036 java classes_security Add Unizeto root certs to the JRE
6639183 java classes_util_concurrent Scheduling large negative delay hangs entire ScheduledExecutor
6725789 java classes_util_concurrent ScheduledExecutorService does not work as expected in jdk7/6/5
6598520 java classes_util_i18n (tz) Windows time zone mapping table needs to be updated for KB933360
6650748 java classes_util_i18n (tz) Java runtime doesn't detect VET time zone correctly on Windows
6743394 java classes_util_i18n (tz) tzmappings must be updated for Windows
6783139 java classes_util_i18n (tz) Windows time zone mapping table needs to be updated for KB955839
6796489 java classes_util_i18n (tz) Support tzdata2009a
6487638 java classes_util_logging Calling LogManager.addLogger() and Logger.getLogger() cause deadlock
6719011 java_plugin ocx Applet isn't started when it's outside of the visible area of a browser window
6643769 java_plugin other Applet main windows steals focus on Popup windows which is running Applet.
6784894 java_plugin other Regression: applets loaded from local disk can not access co-located resources
6591117 jce pkcs11_csp Poor preformance of PKCS#11 security provider compared to Sun default provider
6725987 jets other ORB.destroy() does not cleanup correctly and ORB object instances are not garbage collected.
Changes in 1.5.0_17
The full internal version number for this update release is 1.5.0_17-b04 (where "b" means "build"). The external version number is 5.0u17.
Security Baseline
This update release specifies the following security baseline:
JRE Family Version Security Baseline 1.4.2 1.4.2_19
For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .
OlsonData 2008i
This release contains Olson time zone data version 2008i. For more information, refer to Timezone Data Versions in the JRE Software .
Updated UTF-8 Charset Implementation
Due to security concerns, the UTF-8 charset implementation in the JRE has been updated to handle the non-shortest form of UTF-8 byte sequences, and this introduces an incompatibility from previous releases. For example, the byte sequence of 0xc0 0xaf for U+002f, which has the shortest form of 0x2f, is a malformed input to the decoding operation. More details regarding the Non-shortest form of UTF-8 can be found at:
* UTF8-Shortest Form
* UTF8 Specification
Root Certificates Included
Root Certificates are included in this release. The following root certificates have been added:
* Camerfirma root certificates
* T-systems root CA certificate (Deutsche Telekom Root CA 2)
* SwissSign root certificates
Bug Fixes
This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 244986, 244987, 244988, 244990, 244991, 244992, 245246, 246266, 246286, 246346, 246386, and 246387.
Other bug fixes are listed in the following table.
BugId Category Subcategory Description 6403625 hotspot compiler2 crash in compiled code when using profiler agent
6519515 hotspot compiler2 Loop-opts incorrectly removed a safepoint poll from a loop with an early exit
6606675 hotspot compiler2 Crash in CodeBuffer resize in 1.4.2_15
6676462 hotspot compiler2 JVM sometimes would suddenly consume significant amount of memory
6704367 hotspot runtime_system Stack sizes error with 1.5.0_14
6372405 idl orb Server thread hangs when fragments don't complete because of connection abort
5005426 java char_encodings Buffered stream data is discarded by IllegalStateException in 1.4.2 and Tiger
6359722 java classes_2d Uncatchable recursive NullPointerException at sun.font.TrueTypeFont.open()
6448405 java classes_2d static HashMap cache in LineBreakMeasurer can grow wihout bounds
6525150 java classes_2d Printer has "paper out" status and won't print due to a PrinterException
6638533 java classes_2d Layout should not apply shaping to precomposed arabic presentation form glyphs.
6532373 java classes_awt xcb_xlib.c:50: xcb_xlib_unlock: Assertion 'c->xlib.lock' failed.
6678061 java classes_awt undefined keycodes for certain keyboard layouts
6689088 java classes_awt Focus traversal doesn't work in the reverse order / related to the SR 70175950 / CR 6684528
6446990 java classes_net HttpURLConnection#available() reads more and more data into memory
6448457 java classes_nio (ch) Channels.newOutputStream().write() does not write all data
6728890 java classes_security Add SwissSign root certificates to the JDK
6754779 java classes_security Add Camerfirma root certificates to the JDK
6768559 java classes_security Add t-systems root CA certificate (Deutsche Telekom Root CA 2) to the JRE
6438246 java classes_swing File name field is mislabeled when JFileChooser is used in DIRECTORIES_ONLY mode
6581899 java classes_swing JTextField & JTextArea - Poor performance with JRE 1.5.0_08
6648714 java classes_swing JScrollPane repaints incorrectly on larger monitor of dual monitor system (5.0)
6466476 java classes_util_i18n (tz) Introduction of tzdata2005r can introduce incompatility issues with some JDK1.1 3-letter TZ Ids
6764308 java classes_util_i18n (tz) Support tzdata2008i
6623981 java compiler javac StackOverFlowError in 1.4.1/1.4.2
6709709 java javadoctool javadoc does not get compilation errors after type erasure
6536107 java_plugin iexplorer GDI leak detected by opening the Print Dialog repeatedly
6746185 javawebstart other Malformed URL Exception: JWS regression introduced in 1.5.0_16
6578538 jce classes_crypto com.sun.crypto.provider.SunJCE instance leak using KRB5 and LoginContext
6697180 jmx classes JMX query results in java.io.IOException: Illegal state - also a deadlock can also be seen
6618387 jsse runtime SSL client sessions do not close cleanly. A TCP reset occurs instead of a close_notify alert.
6668231 jsse runtime Presence of a critical subjectAltName causes JSSE's SunX509 to fail trusted checks
5180e2657c