java

JDK 8u441 Release Notes

Java Development Kit 8 Release Notes

Java SE 8u441 Bundled Patch Release (BPR) - Bug Fixes and Updates

The following sections summarize changes made in all Java SE 8u441 BPR. Bug fixes and any other changes are listed below in date order, most current BPR first. Note that bug fixes in the previous BPR are also included in the current BPR.

 

Changes in Java SE 8u441 b32

Bug Fixes

Release date: February 21, 2025

xml/javax.xml.parsers
 Change DOM Parser to Not Resolve EntityReference and Add Text Node with DocumentBuilderFactory.setExpandEntityReferences(false) (JDK-8206132)

The implementation of the ExpandEntityReferences feature was changed to comply with the specification of the DocumentBuilderFactory.setExpandEntityReferences method. Specifically, now when the method is set to false and encounters an entity reference, a DOM parser created by the DocumentBuilderFactory adds the EntityReference node to the DOM tree without the expanded Text node. Before the change, the implementation incorrectly added both nodes.

With the change, the DOM parser no longer reads and resolves entity references when the feature ExpandEntityReferences is set to false. For applications that intend to avoid resolving entity references, it will work as expected.

This change also affects the DOM Load and Save parser. The entities parameter is aligned with the ExpandEntityReferences feature, so that setting the entities parameter to true is equivalent to setting ExpandEntityReferences to false. In the following code snippet, the document will contain EntityReference nodes but not expanded Text nodes:

        LSParser domParser = domImplementationLS.createLSParser(MODE_SYNCHRONOUS, null);

        domParser.getDomConfig().setParameter("entities", true);
        LSInput src = domImplementationLS.createLSInput();
        src.setStringData(source);
        Document document = domParser.parse(src);

Because the references are not resolved, the resulting string will contain entity references without the text when the document is serialized:

        LSSerializer lsSerializer = domImplementationLS.createLSSerializer();

        lsSerializer.getDomConfig().setParameter("format-pretty-print", true);
        String result = lsSerializer.writeToString(document);

 

Changes in Java SE 8u441 b31

Bug Fixes

Release date: February 14, 2025
BugId Category Subcategory Summary
JDK-8347409 (not public) install install Install error message - javasettings No input config file

Java™ SE Development Kit 8, Update 441 (JDK 8u441)

Release date: January 21, 2025

The full version string for this update release is 1.8.0_441-b07 (where "b" means "build"). The version number is 8u441. This JDK conforms to version 8.6 of the Java SE Specification (JSR 337 MR 6 2024-07-02).

 

IANA TZ Data 2024b

JDK 8u441 contains IANA time zone data 2024b which contains the following changes since the previous update.

  • Improve historical data for Mexico, Mongolia, and Portugal.
  • System V names are now obsolescent.
  • The main data form now uses %z.
  • The code now conforms to RFC 8536 for early timestamps.
  • Support POSIX.1-2024, which removes asctime_r and ctime_r.

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines for the Java Runtime at the time of the release of JDK 8u441 are specified in the following table:

Java Family Version Security Baseline (Full Version String)
81.8.0_441-b07

 

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 8u441) be used after the next critical patch update scheduled for April 15, 2025.

Java Management Service, available to all users, can help you find vulnerable Java versions in your systems. Java SE Subscribers and customers running in Oracle Cloud can use Java Management Service to update Java Runtimes and to do further security reviews like identifying potentially vulnerable third party libraries used by your Java programs. Existing Java Management Service user click here to log in to your dashboard. The Java Management Service Documentation provides a list of features available to everyone and those available only to customers. Learn more about using Java Management Service to monitor and secure your Java Installations.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u441) on 2025-05-15. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.

 

JavaFX Will No Longer Be Included in JDK/JRE 8

This release, JDK and JRE 8 update 441, is the last release to bundle JavaFX. As announced in 2020, support for JavaFX on JDK 8, the last commercially supported version of JavaFX from Oracle, will end in March 2025. Accordingly, JDK 8 update 441 is the last upgrade of JDK/JRE 8 with JavaFX. Oracle continues to develop and release JavaFX as stand-alone modules via the OpenJFX project for the latest versions of Java only. For more details see the Java SE Spring 2024 Roadmap Update. Please contact Oracle Sales if you have any additional needs.

 

Other Notes

core-libs/java.lang
 ProcessBuilder on Windows Quotes Argument Strings Containing Any Space Character (JDK-8335428 (not public))

On Windows, the ProcessBuilder has expanded the quoting of argument strings when starting a process to ensure they are recognized by the application as a single command argument. The set of space characters has been expanded from space (0x20) to include all space characters as defined by java.lang.Character.isSpaceChar, which includes all Unicode space separator characters, such as EN-SPACE (0x2002), and line separator and paragraph separator characters.

core-libs/java.time
 Support for Time Zone Database 2024b (JDK-8339637)

IANA Time Zone Database has been upgraded to 2024b. This version mainly includes changes to improve historical data for Mexico, Mongolia, and Portugal. It also changes one timestamp abbreviation, for the time zone 'MET'. Also Asia/Choibalsan is now an alias for Asia/Ulaanbaatar.

The new tzdata changes also impact some legacy time zone IDs. As per 2024b changes "EST" links to "America/Panama", "HST" links to "Pacific/Honolulu" and "MST" links to "America/Phoenix". To maintain compatibility with the Java SE specification, the java.time.ZoneId.SHORT_IDS Map has not changed. Further details are available at JDK-8342331

 

Updates to Third Party Libraries

Library New Version Module JBS
Pipewire 0.3.68 java.desktop JDK-8280982
Sparkle 2.6.4 JDK-8342000 (not public)
GStreamer 1.24.6 javafx.media JDK-8336940
Glib 2.80.4 javafx.media JDK-8336939
libFFI 3.4.6 javafx.media JDK-8336938
libxslt 1.1.42 javafx.web JDK-8336941

 

Bug Fixes

This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update.

The following table lists the bug fixes included in the JDK 8u441 release:

# BugId Component Summary
1JDK-8280993client-libs/java.awt[XWayland] Popup is not closed on click outside of area controlled by XWayland
2JDK-8309756client-libs/java.awt Occasional crashes with pipewire screen capture on Wayland
3JDK-8313697client-libs/java.awt[XWayland][Screencast] consequent getPixelColor calls are slow
4JDK-8331011client-libs/java.awt[XWayland] TokenStorage fails under Security Manager
5JDK-8321176client-libs/java.awt[Screencast] make a second attempt on screencast failure
6JDK-8280994client-libs/java.awt[XWayland] Drag and Drop does not work in java -> wayland app direction
7JDK-8158380client-libs/java.awt[macosx] Regression: java/awt/List/ActionEventTest/ActionEventTest.java
8JDK-8215921client-libs/java.awtThere is no change when select different Foreground and Background by mouse.
9JDK-8014503client-libs/java.awtAWT Choice implementation should be made consistent across platforms.
10JDK-8280982client-libs/java.awt[Wayland] [XWayland] java.awt.Robot taking screenshots
11JDK-8329667client-libs/javax.accessibility[macos] Issue with JTree related fix for JDK-8317771
12JDK-8319103client-libs/javax.swingPopups that request focus are not shown on Linux with Wayland
13JDK-8079841core-libs/java.util.jarBuffer underflow with empty zip entry names
14JDK-8219448hotspot/compilersplit-if update_uses accesses stale idom data
15JDK-8340387hotspot/runtimeUpdate OS detection code to recognize Windows Server 2025
16JDK-8338701javafx/mediaProvide media support for libavcodec version 61
17JDK-8337481javafx/webFile API: file.name contains path instead of name
18JDK-8340208javafx/webAdditional WebKit 619.1 fixes from WebKitGTK 2.44.4
19JDK-8334124javafx/webRendering issues with CSS "text-shadow" in WebView
20JDK-8328723security-libs/java.securityIP Address error when client enables HTTPS endpoint check on server socket