Java Blog

Java SE 8u9[1|2] Update

Alles News unter

Interessanbt finde ich unter anderem:

New JVM Options added: ExitOnOutOfMemoryError and CrashOnOutOfMemoryError
Two new JVM flags have been added:

  • ExitOnOutOfMemoryError – When you enable this option, the JVM exits on the first occurrence of an out-of-memory error. It can be used if you prefer restarting an instance of the JVM rather than handling out of memory errors.
  • CrashOnOutOfMemoryError – If this option is enabled, when an out-of-memory error occurs, the JVM crashes and produces text and binary crash files (if core files are enabled).

See JDK-8138745.


Disable MD5withRSA signature algorithm in the JSSE provider
The MD5withRSA signature algorithm is now considered insecure and should no longer be used. Accordingly, MD5withRSA has been deactivated by default in the Oracle JSSE implementation by adding „MD5withRSA“ to the „jdk.tls.disabledAlgorithms“ security property. Now, both TLS handshake messages and X.509 certificates signed with MD5withRSA algorithm are no longer acceptable by default. This change extends the previous MD5-based certificate restriction („jdk.certpath.disabledAlgorithms“) to also include handshake messages in TLS version 1.2. If required, this algorithm can be reactivated by removing „MD5withRSA“ from the „jdk.tls.disabledAlgorithms“ security property.

JDK-8144773 (not public)