Java MSI x64 및 x86 다운로드 8.0.1910.12.
For installtion with Configuration Manager use:
x86
msiexec.exe /i "jre1.8.0_191.msi" /qn JU=0 JAVAUPDATE=0 AUTOUPDATECHECK=0 RebootYesNo=No
x64
msiexec.exe /i "jre1.8.0_19164.msi" /qn JU=0 JAVAUPDATE=0 AUTOUPDATECHECK=0 RebootYesNo=No
제거용:
x86
msiexec /x {26A24AE4-039D-4CA4-87B4-2F32180191F0} /qn /norestart
x64
msiexec /x {26A24AE4-039D-4CA4-87B4-2F64180191F0} /qn /norestart
릴리스 하이라이트
New Features
infrastructure/build
Build Environment Update Linux x86/x64 Moved to gcc 7.3On x86/x64 Linux, the toolchain used to build the JDK has been upgraded from GCC 4.3 to GCC 7.3.
Changes
core-svc
Changed Central File System Location for usagetracker.properties FileThe file system location in Windows for theusagetracker.properties
file has been moved from%ProgramData%\Oracle\Java\
에게%ProgramFiles%\Java\conf
There is no change in the file path for Linux, Solaris, or macOS.
security-libs/javax.net.ssl
Disabled all DES TLS Cipher SuitesDES-based TLS cipher suites are considered obsolete and should no longer be used. DES-based cipher suites have been deactivated by default in the SunJSSE implementation by adding the “DES” identifier to thejdk.tls.disabledAlgorithms
security property. These cipher suites can be reactivated by removing “DES” from thejdk.tls.disabledAlgorithms
security property in thejava.security
file or by dynamically calling theSecurity.setProperty()
방법. In both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled cipher suite list using theSSLSocket.setEnabledCipherSuites()
또는SSLEngine.setEnabledCipherSuites()
methods.
Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via thejdk.tls.disabledAlgorithms
security property.
security-libs/java.security
Removal of Several Symantec Root CAsThe following Symantec root certificates are no longer in use and have been removed:
- Symantec
- equifaxsecurecaDN: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
- equifaxsecureglobalebusinessca1DN: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
- equifaxsecureebusinessca1DN: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
- verisignclass1g3caDN: CN=VeriSign Class 1 Public Primary Certification Authority – G3, OU=”(씨) 1999 VeriSign, Inc. – For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US
- verisignclass2g3caDN: CN=VeriSign Class 2 Public Primary Certification Authority – G3, OU=”(씨) 1999 VeriSign, Inc. – For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US
- verisignclass1g2caDN: OU=VeriSign Trust Network, OU=”(씨) 1998 VeriSign, Inc. – For authorized use only”, OU=Class 1 Public Primary Certification Authority – G2, O=”VeriSign, Inc.”, C=US
- verisignclass1caDN: OU=Class 1 Public Primary Certification Authority, O=”VeriSign, Inc.”, C=US
security-libs/java.security
Removal of Baltimore Cybertrust Code Signing CAThe following Baltimore CyberTrust Code Signing root certificate is no longer in use and has been removed:
- baltimorecodesigningcaDN: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
security-libs/java.security
Removal of SECOM Root CertificateThe following SECOM root certificate is no longer in use and has been removed:
- secomevrootca1DN: OU=Security Communication EV RootCA1, O=”SECOM Trust Systems CO.,LTD.”, C=JP
hotspot/runtime
Java Improvements for Docker ContainersThe following changes have been introduced in JDK 10 to improve the execution and configurability of Java running in Docker containers:
- JDK-8146115 Improve docker container detection and resource configuration usage
The JVM has been modified to be aware that it is running in a Docker container and will extract container specific configuration information instead of querying the operating system. The information being extracted is the number of CPUs and total memory that have been allocated to the container. The total number of CPUs available to the Java process is calculated from any specified cpu sets, cpu shares or cpu quotas. This support is only available on Linux based platforms. This new support is enabled by default and can be disabled in the command line with the JVM option:
-XX:-UseContainerSupport
게다가, this change adds a JVM option that provides the ability to specify the number of CPUs that the JVM will use:
-XX:ActiveProcessorCount=count
This count overrides any other automatic CPU detection logic in the JVM.
- JDK-8186248 Allow more flexibility in selecting Heap % of available RAM
Three new JVM options have been added to allow Docker container users to gain more fine grained control over the amount of system memory that will be used for the Java Heap:
-XX:InitialRAMPercentage
-XX:MaxRAMPercentage
-XX:MinRAMPercentage
These options replace the deprecated Fraction forms (-XX:InitialRAMFraction
, -XX:MaxRAMFraction
, 그리고-XX:MinRAMFraction
).
- JDK-8179498 attach in linux should be relative to /proc/pid/root and namespace aware
This bug fix corrects the attach mechanism when trying to attach from a host process to a Java process that is running in a Docker container.
security-libs/javax.crypto
Improved Cipher Inputs사양javax.crypto.CipherInputStream
has been clarified to indicate that this class may catch BadPaddingException and other exceptions thrown by failed integrity checks during decryption. 이러한 예외는 다시 발생되지 않습니다., so the client may not be informed that integrity checks failed. 이런 행동 때문에, 이 클래스는 인증된 작업 모드에서 암호 해독에 사용하기에 적합하지 않을 수 있습니다. (e.g. GCM). Applications that require authenticated encryption can use the Cipher API directly as an alternative to using this class.
버그 수정
The following are some of the notable bug fixes included in this release:
core-libs/javax.naming
LDAPS Communication FailureApplication code using LDAPS with a socket connect timeout that is <= 0 ( the default value ) may encounter an exception when establishing the connection.
The top most frames from Exception stack traces of applications encountering such issues might resemble the following:
javax.naming.ServiceUnavailableException: <server:port>; socket closed
at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
...
core-libs/java.net
Better HTTP Redirection Support이번 릴리스에서는, the behavior of methods which application code uses to set request properties injava.net.HttpURLConnection
has changed. When a redirect occurs automatically from the original destination server to a resource on a different server, then all such properties are cleared for the redirect and any subsequent redirects. If these properties are required to be set on the redirected requests, then the redirect responses should be handled by the application by callingHttpURLConnection.setInstanceFollowRedirects(false)
for the original request.