Zulu 9.0.4, 8.27, 7.22, and 6.19 Release

Released 2018 January

Zulu 9.0.4, 8.27, 7.22, and 6.19 release provides accumulated fixes reflecting January 18 OpenJDK changes. New Java levels are updated on all platforms.

This Zulu release establishes support for Solaris 10 for Zulu 8 and Zulu 7 on x86 64-bit and SPARC v9.

OpenJDK removes restrictions on cryptography by providing the JCE Unlimited Strength Jurisdiction Policy Files for Java SE 8, 7, and 6. You can download the JCE policy files from the following location:

https://www.java.com/en/configure_crypto.html#unlimitedJCE

See the security roadmap changes below.

This release of Zulu contains IANA time zone data version 2017c. Consider upgrading your time zone data to 2018b.

All Zulu8 and Zulu9 deb installers support the update-java-alternatives command since 9.0.4, 8.27 release.

Zulu follows the OpenJDK security roadmap. The following table shows the roadmap changes implemented in January release.

Algorithm/

Protocol

JDK Levels

Applicable in Zulu

Action
DSA 8 , 7 , 6

JAR files signed with DSA keys less than 1024 bits will be treated as unsigned JARs.

DES, RC4 9, 8 , 7 , 6

Disable the TLS EXPORT cipher suites.

RSA, DSA, Diffie-Hellman 9, 8 , 7 , 6

Increase the default key size of the RSA, DSA, and DiffieHellman AlgorithmParameterGenerator and KeyPairGenerator implementations from 1024 to 2048 bits

Diffie-Hellman, DSA 8 , 7 , 6

Add support for DiffieHellman keys up to 8192 bits and DSA keys up to 3072 bits.

Several 8 , 7 , 6

Enable unlimited cryptographic policy by default.

Diffie-Hellman 8 , 7 , 6

For TLS, increase the minimum key length to 1024 bits.

 

 

©2016 - 2018 Azul Systems. All Rights Reserved.