JDK 8u66 Release Notes
Java SE 8u66 Bundled Patch Release (BPR) - Bug Fixes and Updates
The following sections summarize changes made in all Java SE 8u66 BPRs. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in previous BPR are also included in the current BPR.
To determine the version of your JDK software, use the following command:
java -version
Changes in Java SE 8u66 b36
Bug Fixes
| BugId | Component | Subcomponent | Summary |
|---|---|---|---|
| 8130212 (Confidential) |
hotspot | runtime | Thread::current() might access freed memory on Solaris |
| 8132890 | client-libs | 2d | Text Overlapping on Dot Matrix Printers |
| 8133458 (Confidential) |
deploy | webstart | 8u51 is slower than 6u101 to launch JWS application |
| 8098826 (Confidential) |
deploy | webstart | WS sends multiple request to server to download extensions |
| 8141527 | deploy | webstart | AddRemoveTest tests fail as second request to jnlp not getting to server, but resource requests going through fine |
Changes in Java SE 8u66 b35
Bug Fixes
| BugId | Component | Subcomponent | Summary |
|---|---|---|---|
| 8142908 (Confidential) |
deploy | plugin | Java Plug-in crashes under some scenarios using FF42 |
| 8133523 | deploy | plugin | _releaseObject called from wrong thread |
| 8134828 | client-libs | javax.swing | Scrollbar thumb disappears with Nimbus L&F |
| 8144110 (Confidential) |
install | install | 32-bit JRE install fails on 64-bit Windows Server 2012 under System Account |
| 8140670 (Confidential) |
install | install | 32-bit JRE silent install fails on 64-bit Windows under System Account |
| 8067422 | tools | javac | Lambda method names are unnecessarily unstable |
Changes in Java SE 8u66 b33
Bug Fixes
| BugId | Component | Subcomponent | Summary |
|---|---|---|---|
| 8136759 (Confidential) |
deploy | deployment_toolkit | Regression in Applet startup time with Internet Explorer on 8u60 and 8u65-b14 |
Changes in Java SE 8u66 b31
Please note that fixes from the prior BPR (8u60 b32) are included in this BPR.
Bug Fixes
| BugId | Component | Subcomponent | Summary |
|---|---|---|---|
| 8135307 (Confidential) |
tools | javac | CompletionFailure thrown when calling FieldDoc.type, if the field's type is missing |
Java™ SE Development Kit 8, Update 66 (JDK 8u66)
The full version string for this update release is 1.8.0_66-b18 (where "b" means "build") for the Microsoft Windows JRE and JDK and 1.8.0_66-b17 for all other platforms and for the Microsoft Windows Server JRE. The version number is 8u66.
This update release contains several enhancements and changes including the following.
IANA Data 2015f
JDK 8u66 contains IANA time zone data version 2015f. For more information, refer to Timezone Data Versions in the JRE Software.
Security Baselines
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 8u66 are specified in the following table:
| JRE Family Version | JRE Security Baseline (Full Version String) |
|---|---|
| 8 | 1.8.0_65 |
| 7 | 1.7.0_91 |
| 6 | 1.6.0_105 |
For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.
JRE Expiration Date
The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 8u66) will expire with the release of the next critical patch update scheduled for January 19, 2016.
For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u66) on February 20, 2016. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see JRE Expiration Date.
Notes
When running on OSX 10.11 "El Capitan", when SIP is enabled, certain environment variables intended for debugging applications, such as DYLD_LIBRARY_PATH, may be stripped from the environment when running Java from the command line or when double-clicking a JAR file. Applications should not rely on these variables in a production environment, they are only intended for debugging during development. New Features and Changes
The following are some of the notable new features and changes in this release:
Support ISO 4217 "Current funds codes" table (A.2)
This enhancement adds support for ISO 4217 table A.2 fund codes. Previously the JDK only supported those currencies listed in table A.1.
See JDK-8074350.
Bug Fixes
This release contains fixes for security vulnerabilities. For more information, see Oracle Critical Patch Update Advisory.
The following are some of the notable bug fixes included in this release:
Kerberos changes for applications running with security manager
This JDK release introduces some changes to how Kerberos requests are handled when a security manager is present.
Note that if a security manager is installed while a KerberosPricipal is being created, a {@link ServicePermission} must be granted and the service principal of the permission must minimally be inside the {@code KerberosPrincipal}'s realm.
For example, if the result of {@code new KerberosPrincipal("user")} is {@code user@EXAMPLE.COM}, then a {@code ServicePermission} with service principal {@code host/www.example.com@EXAMPLE.COM} (and any action) must be granted.
Also note that if a single GSS-API principal entity that contains a Kerberos name element without providing its realm is being created via the org.ietf.jgss.GSSName interface and a security manager is installed, then this release introduces a new requirement. A {@link javax.security.auth.kerberos.ServicePermission ServicePermission} must be granted and the service principal of the permission must minimally be inside the Kerberos name element's realm.
For example, if the result of {@link GSSManager#createName(String, Oid) createName("user", NT_USER_NAME)} contains a Kerberos name element {@code user@EXAMPLE.COM}, then a {@code ServicePermission} with service principal {@code host/www.example.com@EXAMPLE.COM} (and any action) must be granted. Otherwise, the creation will throw a {@link GSSException} containing the {@code GSSException.FAILURE} error code.
JDK-8048030 (not public)
Hotspot should use PICL interface to get cacheline size on SPARC
The libpicl library is now required on Solaris/SPARC to determine the size of the cache lines. In case the library is not present or the PICL service is not available the JVM will display a warning and compiler optimizations that utilize the BIS (Block Initializing Store) instruction will be turned off.
See JDK-8056124.
Preloading libjsig.dylib causes deadlock when signal() is called
Applications need to preload the libjsig library to enable signal chaining. Previously, on OS X, after libjsig.dylib was preloaded, any call from native code to signal() caused a deadlock. This has been corrected.
See JDK-8072147.
VM crash when class is redefined with Instrumentation.redefineClasses
The JVM could crash when a class was redefined with Instrumentation.redefineClasses(). The crash could either be a segmentation fault at SystemDictionary::resolve_or_null, or an internal error with the message "tag mismatch with resolution error table". This has now been fixed.
See JDK-8076110.
_releaseObject called from wrong thread
A recent change to Firefox caused the _releaseObject call to be made from a thread other than the main thread. This may cause a race condition, which may inadvertently crash the browser. This has been addressed in build 18 of 8u66. For more information, see Bugs@Mozilla 1221448.
See JDK-8133523.
Java plug-in does not work in Firefox after installing Java
Firefox 42 may crash when trying to run the Java plug-in.
NOTE: The workaround applies to Firefox 42 and requires Windows Java Version 8 Update 66 Build 18 or later versions.
See JDK-8133523 for related information.
There are several workaround options. The simplest method is noted first and is recommended. The remaining available options are not recommended for non-technical users.
Option 1: Add property name dom.ipc.plugins.java.enabled in Firefox preferences
- Launch Firefox
- Type
about:configin the address bar - You will be presented with a Firefox warning about the configuration settings. After acknowledging the Firefox alert, you should see a listing of the configuration preferences.
- Right-click anywhere inside the displayed list of preferences. Select New then select Boolean.
- Add property name as
dom.ipc.plugins.java.enabled - Add Preference name as dom.ipc.plugins.java.enabled.
- A window will be displayed, select false. Then select OK.
Option 2: Create "user.js" file with preference entry
Instructions are based on Mozilla references listed below.
- Use a text editor to create a "user.js" file in your Firefox profiles folder
- Add entry:
user_pref("dom.ipc.plugins.java.enabled", false);
Option 3: Update "pref.js" file with preference entry
- Locate the "pref.js" file in the Mozilla profiles folder
- Find and update preference:
user_pref("dom.ipc.plugins.java.enabled", false);
Correction to end time checking for native TGT
The end times for native TGTs (ticket-granting tickets) are now compared with UTC time stamps.
See JDK-8078495.
Bug Fix List
| BugId | Component | Subcomponent | Summary |
|---|---|---|---|
| JDK-8087201 | client-libs | 2D | OGL: rendering of lcd text is slow |
| JDK-8130938 | client-libs | 2D | [solaris] Incomplete 8ux fix for 8071710: libfontmanager & t2k should link against headless awt on solaris |
| JDK-8037371 | client-libs | java.awt | [macosx] Test closed/java/awt/dnd/ImageTransferTest/ImageTransferTest.html fails |
| JDK-8131752 | client-libs | java.awt | [Regression] Test java/awt/GraphicsDevice/CheckDisplayModes.java fails |
| JDK-8134453 | client-libs | javax.accessibility | JAWS crashes in WindowsAccessBridge.DLL on 32 bit 8u60 running on 32 bit Win 7 |
| JDK-8134403 | core-libs | jdk.nashorn | Nashorn react.js benchmark performance regression |
| JDK-8079618 | deploy | plugin | AccessControlException with deployment cache and RMI |
| JDK-8135116 | globalization | translation | [de] Missing the link of license agreement |
| JDK-6904403 | hotspot | jvmti | assert(f == k->has_finalizer(),"inconsistent has_finalizer") with debug VM |
| JDK-8048353 | hotspot | runtime | jstack -l crashes VM when a Java mirror for a primitive type is locked |
| JDK-8072147 | hotspot | runtime | Preloading libjsig.dylib causes deadlock when signal() is called |
| JDK-8076110 | hotspot | runtime | VM crash when class is redefined with Instrumentation.redefineClasses |
| JDK-8133191 | install | NVDA screen reader and JAWS can't read the "Look and Feel" Selections. | |
| JDK-8078495 | security-libs | org.ietf.jgss:krb5 | End time checking for native TGT is wrong |
| JDK-8131907 | xml | jaxp | Numerous threads lock during XML processing while running Weblogic 12.1.3 |
| JDK-8133523 | deploy | plugin | _releaseObject called from wrong thread |