Liberica JDK 17.0.17+15: Release Notes
Published: November 20, 2025
1. Version information
This document provides information about Liberica JDK 17.0.17 release. This is a cumulative release of Liberica JDK that includes all fixed bugs and CVEs from Liberica JDK 17.0.17+11. For the list of updates, see What’s New.
The full version string for this update release is 17.0.17+15. The version number is 17.
Liberica JDK 17 is distributed as .apk, .rpm, .zip, .deb, .pkg, and .tar.gz packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
CDS update
CDS archives (classes*.jsa files) were missing in Linux AArch64 builds in the previous version of Liberica JDK. Linux AArch64 builds in Liberica JDK 17.0.17+15 now contain CDS archives. This update affects JDK versions 11, 17, and 21.
Builds of Liberica JDK With CRaC
This release of Liberica JDK includes full CRaC support. CRaC support is available for Liberica JDK 17 and 21. For more information, see Using CRaC with Java applications.
IANA TZ Data update
This release of Liberica JDK 17.0.17 upgrades the in-tree copy of the IANA timezone database to 2025b. The following are the key changes of this update:
Future Timestamps:
New Time Zone:
A new time zone, America/Coyhaique, is created for Chile’s Aysén Region, which will now observe UTC−03 year-round (no daylight saving time).
-
This diverges from America/Santiago starting March 20, 2025.
-
Aysén will not change clocks on April 5, 2025.
-
This aligns Aysén with Magallanes Region.
Past Timestamps:
Iran Time Change Correction:
Iran changed from UTC+04 to UTC+03:30 on November 10, 1978, not at the end of the year as previously recorded.
Code Fixes:
Improved behavior for the zic tool:
-
It no longer creates invalid symlinks when using -l with multiple arguments.
-
A buffer underflow issue is resolved.
For more information, see JDK-8352716.
3. Known Issues
This release does not contain any known issues.
4. Fixed CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-10911 | 5.5 | javafx | libxslt | local | low | none | required | unchanged | none | none | high |
CVE-2025-6021 | 7.5 | javafx | libxml2 | network | low | none | none | unchanged | none | none | high |
CVE-2025-7424 | 7.8 | javafx | libxslt | local | high | none | none | changed | none | high | high |
CVE-2025-7425 | 7.8 | javafx | libxslt | local | high | none | none | changed | none | high | high |
5. Resolved Issues
JFX issues
This is the list of JFX issues fixed in this release.
| Issue ID | Summary |
|---|---|
JDK-8361893 | Update libxml2 to 2.14.5 |
JDK-8368691 | Update libxml2 to 2.14.6 |
JDK-8370632 | Additional libxslt 1.1.43 fixes |
6. Updates to Third Party Libraries
This release does not contain any changes in the third party libraries.
7. Upgrading to the New Version
To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.