Liberica JDK 24.0.1+11: Release Notes
Published: April 15, 2025
1. Version information
This document provides information about Liberica JDK 24.0.1 release.
The full version string for this update release is 24.0.1+11. The version number is 24.
Liberica JDK 24 is distributed as .apk, .rpm, .zip, .deb, and .tar.gz packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Changes
This is the list of the notable issues fixed in this release.
| Issue ID | |
|---|---|
JDK-8346587 | Summary: Distrust TLS server certificates anchored by Camerfirma Root CAs Description: The JDK will stop trusting TLS server certificates issued after April 15, 2025 and anchored by Camerfirma root certificates, in line with similar plans announced by Google, Mozilla, Apple, and Microsoft. TLS server certificates issued on or before April 15, 2025 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected. The restrictions are enforced in the JDK implementation (the |
JDK-8347506 | Summary: Compatible OCSP readtimeout Property with OCSP Timeout Description: In JDK 21, an enhanced syntax for various timeout properties was released through JDK-8179502. This included a new system property, |
JDK-8347965 | Summary: Update Timezone Data to 2025a Description: Update Timezone Data to 2025a in which Paraguay adopts permanent -03 starting spring 2024; Improve pre-1991 data for the Philippines; Etc/Unknown is now reserved. |
Discontinued OS support
Note that Liberica JDK 24.0.1 is not available for and cannot be run on the following operating systems:
-
Windows x86 (32-bit)
-
macOS 10.x
IANA TZ Data update
This release of Liberica JDK 24.0.1 upgrades the in-tree copy of the IANA timezone database to 2025a. This timezone update is primarily concerned with the following:
-
Paraguay adopts permanent -03 starting spring 2024.
-
Improve pre-1991 data for the Philippines.
-
Etc/Unknown is now reserved.
For more information, see JDK-8347965.
3. Known Issues
This release does not contain any known issues.
4. Fixed CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2024-47606 | 7.5 | javafx | media | network | high | none | required | unchanged | high | high | high |
CVE-2024-54534 | 7.5 | javafx | web | network | high | none | required | unchanged | high | high | high |
CVE-2025-21587 | 7.4 | security-libs | javax.net.ssl | network | high | none | none | unchanged | high | high | none |
CVE-2025-30691 | 4.8 | hotspot | compiler | network | high | none | none | unchanged | low | low | none |
CVE-2025-30698 | 5.6 | client-libs | 2d | network | high | none | none | unchanged | low | low | low |
5. Resolved Issues
JDK issues
This is the list of general JDK issues fixed in this release.
| Issue ID | Summary |
|---|---|
JDK-8211851 | (ch) java/nio/channels/AsynchronousSocketChannel/StressLoopback.java times out (aix) |
JDK-8290043 | serviceability/attach/ConcAttachTest.java failed "guarantee(!CheckJNICalls) failed: Attached JNI thread exited without being detached" |
JDK-8337494 | Clarify JarInputStream behavior |
JDK-8337692 | Better TLS connection support |
JDK-8338430 | Improve compiler transformations |
JDK-8339356 | Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine |
JDK-8342562 | Enhance Deflater operations |
JDK-8343007 | Enhance Buffered Image handling |
JDK-8344361 | Restore null return for invalid services from legacy providers |
JDK-8345614 | Improve AnnotationFormatError message for duplicate annotation interfaces |
JDK-8345684 | OperatingSystemMXBean.getSystemCpuLoad() throws NPE |
JDK-8345959 | Make JVM_IsStaticallyLinked JVM_LEAF |
JDK-8346014 | Bump version numbers for 24.0.1 |
JDK-8346082 | Output JVMTI agent information in hserr files |
JDK-8346239 | Improve memory efficiency of JimageDiffGenerator |
JDK-8346324 | javax/swing/JScrollBar/4865918/bug4865918.java fails in CI |
JDK-8346587 | Distrust TLS server certificates anchored by Camerfirma Root CAs |
JDK-8346688 | GenShen: Missing metadata trigger log message |
JDK-8346690 | Shenandoah: Fix log message for end of GC usage report |
JDK-8346712 | Remove com/sun/net/httpserver/TcpNoDelayNotRequired.java test |
JDK-8346713 | [testsuite] NeverActAsServerClassMachine breaks TestPLABAdaptToMinTLABSize.java TestPinnedHumongousFragmentation.java TestPinnedObjectContents.java |
JDK-8346868 | RISC-V: compiler/sharedstubs tests fail after JDK-8332689 |
JDK-8346887 | DrawFocusRect() may cause an assertion failure |
JDK-8347124 | Clean tests with --enable-linkable-runtime |
JDK-8347129 | cpuset cgroups controller is required for no good reason |
JDK-8347256 | Epsilon: Demote heap size and AlwaysPreTouch warnings to info level |
JDK-8347299 | Add annotations to test cases in LicenseTest |
JDK-8347334 | JimageDiffGenerator code clean-ups |
JDK-8347424 | Fix and rewrite sun/security/x509/DNSName/LeadingPeriod.java test |
JDK-8347496 | Test jdk/jfr/jvm/TestModularImage.java fails after JDK-8347124: No javac |
JDK-8347506 | Compatible OCSP readtimeout property with OCSP timeout |
JDK-8347564 | ZGC: Crash in DependencyContext::clean_unloading_dependents |
JDK-8347847 | Enhance jar file support |
JDK-8347911 | Limit the length of inflated text chunks |
JDK-8347965 | (tz) Update Timezone Data to 2025a |
JDK-8348562 | ZGC: segmentation fault due to missing node type check in barrier elision analysis |
JDK-8348600 | Update PipeWire to 1.3.81 |
JDK-8349058 | 'internal proprietary API' warnings make javac warnings unusable |
JDK-8349084 | Update vectors used in several PQC benchmarks |
JDK-8349183 | [BACKOUT] Optimization for StringBuilder append boolean & null |
JDK-8349239 | [BACKOUT] Reuse StringLatin1::putCharsAt and StringUTF16::putCharsAt |
JDK-8349828 | Redo - Change milestone to fcs for newly created jdk24.0.1 branch |
JDK-8350820 | OperatingSystemMXBean CpuLoad() methods return -1.0 on Windows |
JFX issues
This is the list of JFX issues fixed in this release.
| Issue ID | Summary |
|---|---|
JDK-8304008 | Update README.md and CONTRIBUTING.md for jfx update repos |
JDK-8340322 | Update WebKit to 620.1 |
JDK-8344367 | Fix mistakes in FX API docs |
JDK-8347600 | Change JavaFX release version to 24.0.1 in jfx24u |
JDK-8349256 | Update PipeWire to 1.3.81 |
JDK-8349472 | Update copyright header for files modified in 2025 |
JDK-8349891 | Not implemented function should have printf |
JDK-8349924 | Additional WebKit 620.1 fixes from WebKitGTK 2.46.6 |
JDK-8350136 | Create release notes for JavaFX 24 |
JDK-8350437 | [GHA] Update gradle wrapper-validation action to v3 |
JDK-8350561 | Update copyright header for files modified in 2024 |
JDK-8351368 | RichTextArea: exception pasting from Word |
6. Updates to Third Party Libraries
This release does not contain any changes in the third party libraries.
7. Upgrading to the New Version
To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.