Liberica JDK 26.0.1+10: Release Notes

Published: April 21, 2026

1. Version information

This document provides information about Liberica JDK 26.0.1 release. The full version string for this update release is 26.0.1+10. The version number is 26.

Liberica JDK 26 is distributed as .apk, .rpm, .zip, .deb, .pkg, and .tar.gz packages. Please select the most appropriate for your purposes.

2. What’s New

This release contains the following updates and new features.

Notable Changes

This is the list of the notable issues fixed in this release.

Issue ID
JDK-8369282	Summary: Distrust TLS server certificates anchored by Chunghwa ePKI Root CA Description: TLS server certificates anchored by the Chunghwa root CAs are distrusted or distrusted after a specific date by Google and Mozilla. The restrictions will be enforced in the SunJSSE Provider of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server’s certificate chain is anchored by any of the mentioned Certificate Authorities and the certificate’s notBefore date is after March 17, 2026. An application will receive an Exception with a message indicating the trust anchor (root) is not trusted.
JDK-8373476	Summary: Update Timezone Data to 2025c Description: The 2025c release of the tz code and data is available. This release mostly changes code and commentary. The only changed data are leap second table expiration and pre-1976 time in Baja California. This release contains several code changes for compatibility with FreeBSD.

Issue ID

JDK-8369282

Summary: Distrust TLS server certificates anchored by Chunghwa ePKI Root CA

Description: TLS server certificates anchored by the Chunghwa root CAs are distrusted or distrusted after a specific date by Google and Mozilla. The restrictions will be enforced in the SunJSSE Provider of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server’s certificate chain is anchored by any of the mentioned Certificate Authorities and the certificate’s notBefore date is after March 17, 2026. An application will receive an Exception with a message indicating the trust anchor (root) is not trusted.

JDK-8373476

Summary: Update Timezone Data to 2025c

Description: The 2025c release of the tz code and data is available. This release mostly changes code and commentary. The only changed data are leap second table expiration and pre-1976 time in Baja California. This release contains several code changes for compatibility with FreeBSD.

Discontinued OS support

Note that Liberica JDK 26.0.1 is not available for and cannot be run on the following operating systems:

Windows x86 (32-bit)
macOS 10.x

IANA TZ Data version

This release of Liberica JDK 26.0.1 comes with the 2025c version of the in-tree copy of the IANA timezone database. The following are the key features of this version.

This release mostly changes code and commentary. The only changed data are leap second table expiration and pre-1976 time in Baja California.

Briefly

Several code changes for compatibility with FreeBSD.

Changes to past timestamps

Baja California agreed with California’s DST rules in 1953 and in 1961 through 1975, instead of observing standard time all year.

Changes to build procedure

Files in distributed tarballs now have correct commit times. Formerly, the committer’s time zone was incorrectly ignored.

Changes to code

An unset TZ is no longer invalid when /etc/localtime is missing, and is abbreviated "UTC" not "-00". This reverts to 2024b behavior.

New function offtime_r, short for fixed-offset localtime_rz. It is defined if STD_INSPIRED is defined.

Changes to commentary

The leapseconds file contains commentary about the IERS and NIST last-modified and expiration timestamps for leap second data.

For more information, see JDK-8373476.

3. Known Issues

This is the list of known issues in this release.

Issue ID
JDK-8382470	Summary: Media Playback Does Not Work on Ubuntu 26.04 Description: Media playback does not work on Ubuntu 26.04. This affects most media formats such as MP4 with H.264/H.265, MP3, AAC, and HTTP Live Streaming. This is because JavaFX Media does not support libavcodec version 62. Support for libavcodec version 62 will be added with JDK-8378510. Workaround: As a workaround, install libavcodec version 61 compiled with support for at least the following: decoder - aac, mp3, mp3float, h264, hevc; parser - aac, h264, hevc; demuxer - aac, h264, hevc, mpegts, mpegtsraw.

Issue ID

JDK-8382470

Summary: Media Playback Does Not Work on Ubuntu 26.04

Description: Media playback does not work on Ubuntu 26.04. This affects most media formats such as MP4 with H.264/H.265, MP3, AAC, and HTTP Live Streaming. This is because JavaFX Media does not support libavcodec version 62. Support for libavcodec version 62 will be added with JDK-8378510.

Workaround: As a workaround, install libavcodec version 61 compiled with support for at least the following: decoder - aac, mp3, mp3float, h264, hevc; parser - aac, h264, hevc; demuxer - aac, h264, hevc, mpegts, mpegtsraw.

4. Fixed CVEs

This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.

CVE ID	CVSS score	Component	Module	Attack Vector	Complexity	Privileges	User Interaction	Scope	Confidentiality	Integrity	Availability
CVE-2026-20652	7.5	javafx	web	network	low	none	none	unchanged	none	none	high
CVE-2026-22007	2.9	security-libs	java.security	local	high	none	none	unchanged	low	none	none
CVE-2026-22008	3.7	core-libs	java.lang	network	high	none	none	unchanged	none	low	none
CVE-2026-22013	5.3	security-libs	org.ietf.jgss	network	high	none	required	unchanged	high	none	none
CVE-2026-22016	7.5	xml	jaxp	network	low	none	none	unchanged	high	none	none
CVE-2026-22018	3.7	core-libs	java.util	network	high	none	none	unchanged	none	none	low
CVE-2026-22021	5.3	security-libs	java.security	network	low	none	none	unchanged	none	none	low
CVE-2026-23865	5.3	client-libs	2d	local	low	none	required	unchanged	low	low	low
CVE-2026-34268	2.9	security-libs	java.security	local	high	none	none	unchanged	low	none	none
CVE-2026-34282	7.5	core-libs	java.net	network	low	none	none	unchanged	none	none	high

CVE ID

CVSS score

Component

Module

Attack Vector

Complexity

Privileges

User Interaction

Scope

Confidentiality

Integrity

Availability

CVE-2026-20652

7.5

javafx

web

network

low

none

unchanged

none

high

CVE-2026-22007

2.9

security-libs

java.security

local

high

none

unchanged

low

none

CVE-2026-22008

3.7

core-libs

java.lang

network

high

none

unchanged

none

low

none

CVE-2026-22013

5.3

security-libs

org.ietf.jgss

network

high

none

required

unchanged

high

none

CVE-2026-22016

7.5

xml

jaxp

network

low

none

unchanged

high

none

CVE-2026-22018

3.7

core-libs

java.util

network

high

none

unchanged

none

low

CVE-2026-22021

5.3

security-libs

java.security

network

low

none

unchanged

none

low

CVE-2026-23865

5.3

client-libs

local

low

none

required

unchanged

low

CVE-2026-34268

2.9

security-libs

java.security

local

high

none

unchanged

low

none

CVE-2026-34282

7.5

core-libs

java.net

network

low

none

unchanged

none

high

5. Resolved Issues

JDK issues

This is the list of general JDK issues fixed in this release.

Issue ID	Summary
JDK-8348014	Enhance certificate processing
JDK-8364373	Transform Affine transformations
JDK-8364465	Enhance behavior of some intrinsics
JDK-8367463	Improved Arena allocations
JDK-8369575	Enhance crypto algorithm support
JDK-8370489	Some compiler tests miss the @key randomness
JDK-8370529	Enhance Path Factories Redux
JDK-8370615	Improve Kerberos credentialing
JDK-8370986	Enhance Zip file reading
JDK-8370995	Enhance ZipFile usage
JDK-8371830	Enhance certificate chain validation
JDK-8371935	Enhance key generation
JDK-8372589	VM crashes on init when NonNMethodCodeHeapSize is set too small and UseTransparentHugePages is enabled
JDK-8372592	Adjust logger usage in java2d tests
JDK-8372661	Add a null-safe static factory method to "jdk.test.lib.net.SimpleSSLContext"
JDK-8373290	Update FreeType to 2.14.1
JDK-8373476	(tz) Update Timezone Data to 2025c
JDK-8373520	Bump update version for OpenJDK: jdk26u to 26.0.1
JDK-8373625	CPUTimeCounters creates a total counter for unsupported GCs
JDK-8373632	Some sound tests failing in CI due to lack of sound key
JDK-8373793	TestDynamicStore.java '/manual' disables use of '/timeout'
JDK-8374434	Several JShell tests report JUnit discovery warnings
JDK-8374557	Enhance TLS connection handling
JDK-8374644	Regression in GZIPInputStream performance after JDK-7036144
JDK-8375063	Update Libpng to 1.6.54
JDK-8375094	RISC-V: Fix client builds after JDK-8368732
JDK-8375530	PPC64: incorrect quick verify_method_data_pointer check causes poor performance in debug build
JDK-8375657	RISC-V: Need to check size in SharedRuntime::is_wide_vector
JDK-8375994	Change milestone to fcs for all releases
JDK-8377905	gcc.md included with every build8379661
JDK-8378623	Use unique font names in FormatCharAdvanceTest
JDK-8379035	(tz) Update Timezone Data to 2026a
JDK-8379158	Update FreeType to 2.14.2

Issue ID

Summary

JDK-8348014

Enhance certificate processing

JDK-8364373

Transform Affine transformations

JDK-8364465

Enhance behavior of some intrinsics

JDK-8367463

Improved Arena allocations

JDK-8369575

Enhance crypto algorithm support

JDK-8370489

Some compiler tests miss the @key randomness

JDK-8370529

Enhance Path Factories Redux

JDK-8370615

Improve Kerberos credentialing

JDK-8370986

Enhance Zip file reading

JDK-8370995

Enhance ZipFile usage

JDK-8371830

Enhance certificate chain validation

JDK-8371935

Enhance key generation

JDK-8372589

VM crashes on init when NonNMethodCodeHeapSize is set too small and UseTransparentHugePages is enabled

JDK-8372592

Adjust logger usage in java2d tests

JDK-8372661

Add a null-safe static factory method to "jdk.test.lib.net.SimpleSSLContext"

JDK-8373290

Update FreeType to 2.14.1

JDK-8373476

(tz) Update Timezone Data to 2025c

JDK-8373520

Bump update version for OpenJDK: jdk26u to 26.0.1

JDK-8373625

CPUTimeCounters creates a total counter for unsupported GCs

JDK-8373632

Some sound tests failing in CI due to lack of sound key

JDK-8373793

TestDynamicStore.java '/manual' disables use of '/timeout'

JDK-8374434

Several JShell tests report JUnit discovery warnings

JDK-8374557

Enhance TLS connection handling

JDK-8374644

Regression in GZIPInputStream performance after JDK-7036144

JDK-8375063

Update Libpng to 1.6.54

JDK-8375094

RISC-V: Fix client builds after JDK-8368732

JDK-8375530

PPC64: incorrect quick verify_method_data_pointer check causes poor performance in debug build

JDK-8375657

RISC-V: Need to check size in SharedRuntime::is_wide_vector

JDK-8375994

Change milestone to fcs for all releases

JDK-8377905

gcc.md included with every build8379661

JDK-8378623

Use unique font names in FormatCharAdvanceTest

JDK-8379035

(tz) Update Timezone Data to 2026a

JDK-8379158

Update FreeType to 2.14.2

JFX issues

This is the list of JFX issues fixed in this release.

Issue ID	Summary
JDK-8154847	Rendering is incorrect or not visible with StageStyle.UNIFIED on some graphics cards
JDK-8304008	Update README.md and CONTRIBUTING.md for jfx update repos
JDK-8368572	Update WebKit to 623.1
JDK-8373936	RichEditorDemoApp enhancements
JDK-8375225	WebIObserverTest fails with WebKit 623.1
JDK-8375466	Metal rendering pipeline crashes on virtualized OS
JDK-8376022	Change JavaFX release version to 26.0.1 in jfx26u
JDK-8376138	RichTextArea: getModelStyleAttrs might return wrong attributes
JDK-8376282	[linux, macos] JavaFX fails to build WebKit in DebugNative
JDK-8377099	Additional WebKit 623.1 fixes from WebKitGTK 2.50.4
JDK-8377153	JavaFX FlowPane layout causing improper wrapping of TextFlow nodes with max-width styling
JDK-8377393	RichTextArea: failed to export null color attribute value
JDK-8377930	Additional WebKit 623.1 fixes from WebKitGTK 2.50.5
JDK-8378034	Add licenses for gcc 14.2.0
JDK-8378366	Accessibility issues in CSS Reference Guide and Introduction to FXML
JDK-8378383	Create release notes for JavaFX 26
JDK-8378507	JavaFX CSS Reference skips heading levels: <h2> followed by <h4>
JDK-8380557	Additional WebKit 623.1 fixes from WebKitGTK 2.50.6

Issue ID

Summary

JDK-8154847

Rendering is incorrect or not visible with StageStyle.UNIFIED on some graphics cards

JDK-8304008

Update README.md and CONTRIBUTING.md for jfx update repos

JDK-8368572

Update WebKit to 623.1

JDK-8373936

RichEditorDemoApp enhancements

JDK-8375225

WebIObserverTest fails with WebKit 623.1

JDK-8375466

Metal rendering pipeline crashes on virtualized OS

JDK-8376022

Change JavaFX release version to 26.0.1 in jfx26u

JDK-8376138

RichTextArea: getModelStyleAttrs might return wrong attributes

JDK-8376282

[linux, macos] JavaFX fails to build WebKit in DebugNative

JDK-8377099

Additional WebKit 623.1 fixes from WebKitGTK 2.50.4

JDK-8377153

JavaFX FlowPane layout causing improper wrapping of TextFlow nodes with max-width styling

JDK-8377393

RichTextArea: failed to export null color attribute value

JDK-8377930

Additional WebKit 623.1 fixes from WebKitGTK 2.50.5

JDK-8378034

Add licenses for gcc 14.2.0

JDK-8378366

Accessibility issues in CSS Reference Guide and Introduction to FXML

JDK-8378383

Create release notes for JavaFX 26

JDK-8378507

JavaFX CSS Reference skips heading levels: <h2> followed by <h4>

JDK-8380557

Additional WebKit 623.1 fixes from WebKitGTK 2.50.6

6. Updates to Third Party Libraries

This is the list of changes in the third party libraries.

Library	Full name	New Version	Module	JBS number
FreeType	FreeType	2.14.2	java.desktop	JDK-8379158
Libpng	Libpng	1.6.54	java.awt	JDK-8375063

Library

Full name

New Version

Module

JBS number

FreeType

2.14.2

java.desktop

JDK-8379158

Libpng

1.6.54

java.awt

JDK-8375063

7. Upgrading to the New Version

To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.