July 14, 2020
The full version string for this update release is 14.0.2+12 (where "+" means "build"). The version number is 14.0.2.
JDK 14.0.2 contains IANA time zone data version 2020a. For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 14.0.2 are specified in the following table:
JRE Family Version | JRE Security Baseline (Full Version String) |
---|---|
14 | 14.0.2+12 |
11 | 11.0.8+10 |
8 | 1.8.0_261-b12 |
7 | 1.7.0_271-b10 |
Oracle recommends that the JDK is updated with each Critical Patch Update (CPU). In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 14.0.2) be used after the next critical patch update scheduled for October 20, 2020.
The following expired Comodo root CA certificate has been removed from the cacerts
keystore:
+ alias name "addtrustclass1ca [jdk]"
Distinguished Name: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
The following expired DocuSign root CA certificate has been removed from the cacerts
keystore:
+ alias name "keynectisrootca [jdk]"
Distinguished Name: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
The preferred way to copy a collection is to use a "copy constructor." For example, to copy a collection into a new ArrayList, one would write new ArrayList<>(collection)
. In certain circumstances, an additional, temporary copy of the collection's contents might be made in order to improve robustness. If the collection being copied is exceptionally large, then the application should be (aware of/monitor) the significant resources required involved in making the copy.
In JDK 11 and later, javax.net.ssl.SSLEngine
by default used client mode when handshaking. As a result, the set of default enabled protocols may differ to what is expected. SSLEngine
would usually be used in server mode. From this JDK release onwards, SSLEngine
will default to server mode. The javax.net.ssl.SSLEngine.setUseClientMode(boolean mode)
method may be used to configure the mode.
When setting a serialization filter by using java.io.ObjectInputStream.setObjectInputFilter
the method must be called before reading any objects from the stream. If the methods readObject
or readUnshared
are called, the setObjectInputFilter
method throws IllegalStateException
.
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 14.0.2 Bug Fixes page.