The full version string for this update release is 11.0.20.1+1. The version number is 11.

Liberica JDK 11.0.20.1+1

Liberica is a certified, Java SE 11-compliant distribution of OpenJDK 11 which works on server (Linux x86_64, Linux ARM64, Windows 64), desktop (Windows 64, Windows 32, Mac, Linux x86_64), and embedded devices (Linux ARM64, Linux ARMv7, including Raspberry Pi 2 & 3 (ARMv6 hardfloat)). It has the following notable additions:

  • Linux x86_64 version contains experimental support for ZGC.

  • Linux x86_64, ARMv8 and ARMv7 distributions include a choice of Client VM, Server VM and Minimal VM.

  • Alpine Linux x86_64 version is build with musl support.

  • Windows x86_64, Windows x86, Windows ARMv8, Mac, Linux x86_64, Linux x86 and Linux ARMv7 distributions contain OpenJFX 11.

  • Linux ARMv7 distribution contains Device IO API compiled for Raspberry Pi.

Please refer to the Oracle JDK 11.0.20.1 release notes for further information on JDK 11 features. This document further outlines the peculiarities of Liberica distribution as compared to Oracle JDK 11 distribution.

Supported Server and Desktop configurations

Liberica is supported on the following OSes:

  • Ubuntu Linux 16.04, 18.04, 20.04 (x86, x86_64, ARMv7, ARMv8)

  • Debian Linux 8, 9, 10 (x86, x86_64, ARMv7, ARMv8)

  • Red Hat, Oracle Linux and CentOS 8x, 6.x, 7.x (x86, x86_64, ARMv7, ARMv8)

  • Alpine Linux 3.7+ (x86_64, ARMv8)

  • SUSE Linux Enterprise 12, 15 and tumbleweed (x86_64, ARMv8)

  • Apple macOS 10.11+ (x86_64, ARMv8)

  • Microsoft Windows 2019, Windows 2016, Windows 2012 R2, Windows 10, Windows 8, Windows 7 (x86, x86_64, ARMv8)

It is also known to work on other Linux distributions and Windows versions.

Note: The minimum supported Linux kernel version is 2.6.18 and GLIBC version 2.6. LibericaFX works on all supported Ubuntu versions, Red Hat Linux family starting from 7.x and SUSE versions with GTK3 backend.

Supported Embedded configurations

Liberica is tested and certified on Raspberry Pi 2, 3 and 4 running the following OSes:

  • Raspbian OS (armhf)

  • OpenSUSE (armv8)

It is also known to work with Debian (armhf) and Ubuntu (armhf).

Liberica JDK 11 distribution

Liberica JDK 11 are distributed as .rpm, .zip, .deb and .tar.gz packages. Please select the one which is most appropriate for your purposes.

Liberica JDK 11 introduced all new features supported by OpenJDK 11.

With the introduction of the Jigsaw feature in JDK 9 and Minimal VM it is now possible to create a Runtime that is sufficient to run your application and trim down the size of the Runtime. To generate a Runtime with just the Minimal VM, add --vm=minimal to jlink options.

Liberica JDK continues to provide support for AOT and Graal JIT. Since in OpenJDK 11 builds these features are deemed experimental and deprecated, it is recommended to compile native executables with Liberica Native Image Kit to avoid errors.

By default, the Liberica uses Server VM. Server VM and Client VM can be enabled with -server and -client command line options, respectively. In case the deployment requires to minimize the footprint, it may be beneficial to use Minimal VM, which emphasises on a minimal footprint. It has C1 JIT compiler only, Serial GC and no serviceability features.

LibericaFX for the Raspberry Pi

Liberica JDK 11 come with a bundled LibericaFX implementation, which is based on OpenJFX. The following tables lists Java FX modules status of Liberica distribution

  • Java FX Graphics - works.

  • Java FX Controls - works.

  • Java FX Media - does not work.

  • Java FX Webkit - does not work.

The following pipelines are known to work: EGL, SW (direct framebuffer) and GTK. By default, Liberica tries to use the accelerated EGL pipeline, which requires the presence of EGL libraries. If they are not found, the implementation falls back to software rendering.

Use the following command line options to specify the rendering pipeline:

  • -Dprism.order=sw forces the use of software rendering pipeline. *

  • -Dprism.order=es2 forces the use of EGL pipeline and hardware acceleration. *

  • -Djavafx.platform=gtk if you would like to launch a LibericaFX application using Liberica from X11.

  • Not supported on Raspberry Pi 4.

Please refer to the following wiki for more information.

Device IO API for the Raspberry Pi

Liberica JDK 11 comes with a bundled OpenJDK Device I/O (DIO) API implementation module. DIO provides a Java API for accessing Raspberry PI GPIO pins and for communicating with peripheral devices:

  • General Purpose Input/Output (GPIO).

  • Inter-Integrated Circuit Bus (I2C), Serial Peripheral Interface (SPI).

  • Universal Asynchronous Receiver/Transmitter (UART).

Please refer to the following wiki for more information.

Security Baselines

BellSoft Liberica follows the security baselines for Oracle Java SE. Please refer to the Oracle documentation for a list of issues fixed in a given release.

Known Issues

LibericaFX and EGL on Raspbian

As of 2017, the default location of Broadcom libEGL.so and libGLESv2.so has changed in Raspbian OS. If you’d like to leverage hardware EGL acceleration available from Broadcom video drivers in LibericaFX while running a recent Raspbian OS, run the following command:

cd /opt/vc/lib
sudo ln -s libbrcmEGL.so libEGL.so
sudo ln -s libbrcmGLESv2.so libGLESv2.so

CVEs

This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.

CVE IDScoreComponentModuleAttack vectorComplexityPrivilegesUser interactionScopeConfidentialityIntegrityAvailability

CVE-2023-22043

5.9

javafx

graphics

network

high

none

none

unchanged

none

high

none

CVE-2023-22041

5.1

hotspot

compiler

local

high

none

none

unchanged

high

none

none

CVE-2023-25193

3.7

client-libs

2d

network

high

none

none

unchanged

none

none

low

CVE-2023-22045

3.7

hotspot

compiler

network

high

none

none

unchanged

low

none

none

CVE-2023-22049

3.7

core-libs

java.io

network

high

none

none

unchanged

none

low

none

CVE-2023-22036

3.7

core-libs

java.util

network

high

none

none

unchanged

none

none

low

CVE-2023-22006

3.1

core-libs

java.net

network

high

none

required

unchanged

none

low

none

Issues fixed

IssueDescription

JDK-8313765

Invalid CEN header (invalid zip64 extra data field size)

ON THIS PAGE