Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenJDK Update (January 2024 Patch releases) #11906

Closed
reta opened this issue Jan 17, 2024 · 10 comments
Closed

OpenJDK Update (January 2024 Patch releases) #11906

reta opened this issue Jan 17, 2024 · 10 comments
Assignees
Labels
Build Build Tasks/Gradle Plugin, groovy scripts, build tools, Javadoc enforcement. CVE Fixes a CVE enhancement Enhancement or improvement to existing feature or request v1.3.15 Issues targeting release v1.3.15 v2.12.0 Issues and PRs related to version 2.12.0 v3.0.0 Issues and PRs related to version 3.0.0

Comments

@reta
Copy link
Collaborator

reta commented Jan 17, 2024

Is your feature request related to a problem? Please describe

OpenJDK JDK 21.0.2 [1], 17.0.10, 11.0.22, and 8u401 have been released [3]

[1] https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029090.html
[2] https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029089.html
[3] https://blogs.oracle.com/java/post/jdk-2102-17010-11022-and-8u401-have-been-released

Describe the solution you'd like

Update JDKs across all maintenance branches.

Related component

Build
Documentation: opensearch-project/documentation-website#6246

Describe alternatives you've considered

N/A

Additional context

Possible update blockers:

@reta reta added enhancement Enhancement or improvement to existing feature or request v3.0.0 Issues and PRs related to version 3.0.0 v2.12.0 Issues and PRs related to version 2.12.0 v1.3.15 Issues targeting release v1.3.15 labels Jan 17, 2024
@reta reta self-assigned this Jan 17, 2024
@github-actions github-actions bot added Build Build Tasks/Gradle Plugin, groovy scripts, build tools, Javadoc enforcement. untriaged labels Jan 17, 2024
@peternied peternied added CVE Fixes a CVE and removed untriaged labels Jan 17, 2024
@peternied
Copy link
Member

[Triage - attendees 1 2 3]
Thanks for filing, lets make sure to take these update to get CVE fixes from the JDK

@kiranprakash154
Copy link
Contributor

Hi, are we on track for this to be released in 2.12 ?

@reta
Copy link
Collaborator Author

reta commented Jan 19, 2024

Hi, are we on track for this to be released in 2.12 ?

@kiranprakash154 I am not sure yet, watching [1], [2] few platforms are still not available.

[1] https://adoptium.net/temurin/releases/
[2] adoptium/temurin#17

@bbarani
Copy link
Member

bbarani commented Jan 19, 2024

I see a new version (jdk-21.0.2+13) released yesterday https://github.com/adoptium/temurin21-binaries/releases CC @reta

@reta
Copy link
Collaborator Author

reta commented Jan 19, 2024

@bbarani I know, we need more platforms, please check adoptium/temurin#17

@msfroh
Copy link
Collaborator

msfroh commented Jan 19, 2024

I see a new version (jdk-21.0.2+13) released yesterday https://github.com/adoptium/temurin21-binaries/releases CC @reta

Would we want to pick up 21.0.2+13 if it has https://bugs.openjdk.org/browse/JDK-8323659 ? (The ExecutorScalingQueue class in that code snippet is still in use in OpenSearch.)

@reta
Copy link
Collaborator Author

reta commented Jan 19, 2024

Would we want to pick up 21.0.2+13 if it has https://bugs.openjdk.org/browse/JDK-8323659 ? (The ExecutorScalingQueue class in that code snippet is still in use in OpenSearch.)

We'll double check, we use LinkedTransferQueue (the description has it as the context item)

@reta
Copy link
Collaborator Author

reta commented Jan 22, 2024

A quick update, the regression in JDK-21.0.2 (https://bugs.openjdk.org/browse/JDK-8323659) seems to be reported by Elasticsearch folks and directly applies (and impacts) to OpenSearch (we've largely the same codebase), we either ether have to:

  • come up with workaround (probably best option, since there are security fixes there)
  • ban 21.0.2 (worst case)

@dbwiddis
Copy link
Member

dbwiddis commented Jan 22, 2024

Option 3 is to try to encourage the JDK folks to release 21.0.2.1.

I see you've already got a PR for the first option.

@reta
Copy link
Collaborator Author

reta commented Jan 23, 2024

Option 3 is to try to encourage the JDK folks to release 21.0.2.1.

Thanks @dbwiddis , I think this is off the table right now - I've gone through mailing list and apparently this bug alone does not warrant the patch release (at least, this is what I have understood).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Build Build Tasks/Gradle Plugin, groovy scripts, build tools, Javadoc enforcement. CVE Fixes a CVE enhancement Enhancement or improvement to existing feature or request v1.3.15 Issues targeting release v1.3.15 v2.12.0 Issues and PRs related to version 2.12.0 v3.0.0 Issues and PRs related to version 3.0.0
Projects
Status: Planned work items
Development

No branches or pull requests

6 participants