Liberica JDK 8u452+11: Release Notes

Published: April 15, 2025

1. Version information

This document provides information about Liberica JDK 8u452 release.

The full version string for this update release is 8u452+11. The version number is 8.

Liberica JDK 8 is distributed as .apk, .rpm, .zip, .deb, and .tar.gz packages. Please select the most appropriate for your purposes.

2. What’s New

This release contains the following updates and new features.

Notable Changes

This is the list of the notable issues fixed in this release.

Issue ID

JDK-8335912

Summary: Add an operation mode to the jar command when extracting to not overwriting existing files

Description: The jar tool’s extract operation has been enhanced to allow the --keep-old-files and the -k options to be used in preventing the overwriting of existing files. Examples: jar xkf foo.jar or jar --extract --keep-old-files --file foo.jar. Either of these commands will extract the contents of foo.jar. If an entry with the same name already exists in the target directory, then the existing file will not be overwritten.

JDK-8339637

Summary: Update Timezone Data to 2024b

Description: IANA Time Zone Database has been upgraded to 2024b. This version mainly includes changes to improve historical data for Mexico, Mongolia, and Portugal. It also changes one timestamp abbreviation, for the time zone 'MET'. Also Asia/Choibalsan is now an alias for Asia/Ulaanbaatar. The new tzdata changes also impact some legacy zone IDs. Mapping of EST/MST/HST in java.time.ZoneId.SHORT_IDS have changed from fixed offset zones to links to other existing time zones with 2024b. EST now links to America/Panama, HST links to Pacific/Honolulu and MST links to America/Phoenix. Parsing of the short zone names EST, MST, and HST is not affected by this change. Further details are available at JDK-8340138.

JDK-8346140

Summary: tools/jar/ExtractFilesTest.java and tools/jar/MultipleManifestTest.java fails with jtreg5.1

Description: The following tests are fixed to be compatible with jtreg 5.1: tools/jar/ExtractFilesTest.java, tools/jar/MultipleManifestTest.java.

JDK-8346587

Summary: Distrust TLS server certificates anchored by Camerfirma Root CAs

Description: The JDK will stop trusting TLS server certificates issued after April 15, 2025 and anchored by Camerfirma root certificates, in line with similar plans announced by Google, Mozilla, Apple, and Microsoft. TLS server certificates issued on or before April 15, 2025 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected. The restrictions are enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server’s certificate chain is anchored by any of the Certificate Authorities in the table below and the certificate has been issued after April 15, 2025.

JDK-8347965

Summary: Update Timezone Data to 2025a

Description: Update Timezone Data to 2025a in which Paraguay adopts permanent -03 starting spring 2024; Improve pre-1991 data for the Philippines; Etc/Unknown is now reserved.

IANA TZ Data update

This release of Liberica JDK 8u452 upgrades the in-tree copy of the IANA timezone database to 2025a. This timezone update is primarily concerned with the following:

  • Paraguay adopts permanent -03 starting spring 2024.

  • Improve pre-1991 data for the Philippines.

  • Etc/Unknown is now reserved.

For more information, see JDK-8347965.

3. Known Issues

This release does not contain any known issues.

4. Fixed CVEs

This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.

CVE IDCVSS scoreComponentModuleAttack VectorComplexityPrivilegesUser InteractionScopeConfidentialityIntegrityAvailability

CVE-2024-47606

7.5

javafx

media

network

high

none

required

unchanged

high

high

high

CVE-2024-54534

7.5

javafx

web

network

high

none

required

unchanged

high

high

high

CVE-2025-21587

7.4

security-libs

javax.net.ssl

network

high

none

none

unchanged

high

high

none

CVE-2025-30691

4.8

hotspot

compiler

network

high

none

none

unchanged

low

low

none

CVE-2025-30698

5.6

client-libs

2d

network

high

none

none

unchanged

low

low

low

5. Resolved Issues

JDK issues

This is the list of general JDK issues fixed in this release.

Issue IDSummary

JDK-8037013

[TESTBUG] Fix test/java/lang/ClassLoader/Assert.sh on AIX

JDK-8048215

[TESTBUG] java/lang/management/ManagementFactory/ThreadMXBeanProxy.java Expected non-null LockInfo

JDK-8068305

[TEST_BUG] Test java/awt/Mixing/HWDisappear.java fails with GTKL&F

JDK-8212096

javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch

JDK-8227651

Tests fail with SSLProtocolException: Input record too big

JDK-8240235

jdk.test.lib.util.JarUtils updates jar files incorrectly

JDK-8244966

Add .vscode to .hgignore and .gitignore

JDK-8250825

C2 crashes with assert(field != __null) failed: missing field

JDK-8255466

C2 crashes at ciObject::get_oop() const+0x0

JDK-8261020

Wrong format parameter in create_emergency_chunk_path

JDK-8265019

Update tests for additional TestNG test permissions

JDK-8266881

Enable debug log for SSLEngineExplorerMatchedSNI.java

JDK-8268457

XML Transformer outputs Unicode supplementary character incorrectly to HTML

JDK-8285756

clean up use of bad arguments for @clean in langtools tests

JDK-8309841

Jarsigner should print a warning if an entry is removed

JDK-8316193

jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak

JDK-8326110

[8u] The Marlin tests should be updated after JDK-8241307

JDK-8335912

Add an operation mode to the jar command when extracting to not overwriting existing files

JDK-8337494

Clarify JarInputStream behavior

JDK-8337692

Better TLS connection support

JDK-8338430

Improve compiler transformations

JDK-8339560

Unaddressed comments during code review of JDK-8337664

JDK-8339637

(tz) Update Timezone Data to 2024b

JDK-8339644

Improve parsing of Day/Month in tzdata rules

JDK-8339810

Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract

JDK-8340552

Harden TzdbZoneRulesCompiler against missing zone names

JDK-8340660

[8u] Test com/sun/jdi/PrivateTransportTest.sh fails on MacOS

JDK-8342562

Enhance Deflater operations

JDK-8343007

Enhance Buffered Image handling

JDK-8345504

Bump update version of OpenJDK: 8u452

JDK-8346140

[8u] tools/jar/ExtractFilesTest.java and tools/jar/MultipleManifestTest.java fails with jtreg5.1

JDK-8346587

Distrust TLS server certificates anchored by Camerfirma Root CAs

JDK-8347847

Enhance jar file support

JDK-8347965

(tz) Update Timezone Data to 2025a

JDK-8348211

[8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708

JDK-8349166

Bad indentation in backport of JDK-8250825

JDK-8350816

[8u] Update TzdbZoneRulesCompiler to ignore HST/EST/MST links

JDK-8352097

(tz) zone.tab update missed in 2025a backport

JFX issues

This is the list of JFX issues fixed in this release.

Issue IDSummary

JDK-8340322

Update WebKit to 620.1

JDK-8346228

Update GStreamer to 1.24.10

JDK-8346229

Update Glib to 2.82.4

JDK-8349891

Not implemented function should have printf

JDK-8349924

Additional WebKit 620.1 fixes from WebKitGTK 2.46.6

JDK-8350284

WebKit 620.1 crashes on startup on Windows x86 32-bit

6. Updates to Third Party Libraries

This release does not contain any changes in the third party libraries.

7. Upgrading to the New Version

To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.

ON THIS PAGE