Liberica JDK 8u452+11: Release Notes
Published: April 15, 2025
1. Version information
This document provides information about Liberica JDK 8u452 release.
The full version string for this update release is 8u452+11. The version number is 8.
Liberica JDK 8 is distributed as .apk
, .rpm
, .zip
, .deb
, and .tar.gz
packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Changes
This is the list of the notable issues fixed in this release.
Issue ID | |
---|---|
JDK-8335912 | Summary: Add an operation mode to the jar command when extracting to not overwriting existing files Description: The |
JDK-8339637 | Summary: Update Timezone Data to 2024b Description: IANA Time Zone Database has been upgraded to 2024b. This version mainly includes changes to improve historical data for Mexico, Mongolia, and Portugal. It also changes one timestamp abbreviation, for the time zone 'MET'. Also Asia/Choibalsan is now an alias for Asia/Ulaanbaatar. The new tzdata changes also impact some legacy zone IDs. Mapping of EST/MST/HST in java.time.ZoneId.SHORT_IDS have changed from fixed offset zones to links to other existing time zones with 2024b. EST now links to America/Panama, HST links to Pacific/Honolulu and MST links to America/Phoenix. Parsing of the short zone names EST, MST, and HST is not affected by this change. Further details are available at JDK-8340138. |
JDK-8346140 | Summary: tools/jar/ExtractFilesTest.java and tools/jar/MultipleManifestTest.java fails with jtreg5.1 Description: The following tests are fixed to be compatible with jtreg 5.1: tools/jar/ExtractFilesTest.java, tools/jar/MultipleManifestTest.java. |
JDK-8346587 | Summary: Distrust TLS server certificates anchored by Camerfirma Root CAs Description: The JDK will stop trusting TLS server certificates issued after April 15, 2025 and anchored by Camerfirma root certificates, in line with similar plans announced by Google, Mozilla, Apple, and Microsoft. TLS server certificates issued on or before April 15, 2025 will continue to be trusted until they expire. Certificates issued after that date, and anchored by any of the Certificate Authorities in the table below, will be rejected. The restrictions are enforced in the JDK implementation (the |
JDK-8347965 | Summary: Update Timezone Data to 2025a Description: Update Timezone Data to 2025a in which Paraguay adopts permanent -03 starting spring 2024; Improve pre-1991 data for the Philippines; Etc/Unknown is now reserved. |
IANA TZ Data update
This release of Liberica JDK 8u452 upgrades the in-tree copy of the IANA timezone database to 2025a. This timezone update is primarily concerned with the following:
-
Paraguay adopts permanent -03 starting spring 2024.
-
Improve pre-1991 data for the Philippines.
-
Etc/Unknown is now reserved.
For more information, see JDK-8347965.
3. Known Issues
This release does not contain any known issues.
4. Fixed CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2024-47606 | 7.5 | javafx | media | network | high | none | required | unchanged | high | high | high |
CVE-2024-54534 | 7.5 | javafx | web | network | high | none | required | unchanged | high | high | high |
CVE-2025-21587 | 7.4 | security-libs | javax.net.ssl | network | high | none | none | unchanged | high | high | none |
CVE-2025-30691 | 4.8 | hotspot | compiler | network | high | none | none | unchanged | low | low | none |
CVE-2025-30698 | 5.6 | client-libs | 2d | network | high | none | none | unchanged | low | low | low |
5. Resolved Issues
JDK issues
This is the list of general JDK issues fixed in this release.
Issue ID | Summary |
---|---|
JDK-8037013 | [TESTBUG] Fix test/java/lang/ClassLoader/Assert.sh on AIX |
JDK-8048215 | [TESTBUG] java/lang/management/ManagementFactory/ThreadMXBeanProxy.java Expected non-null LockInfo |
JDK-8068305 | [TEST_BUG] Test java/awt/Mixing/HWDisappear.java fails with GTKL&F |
JDK-8212096 | javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch |
JDK-8227651 | Tests fail with SSLProtocolException: Input record too big |
JDK-8240235 | jdk.test.lib.util.JarUtils updates jar files incorrectly |
JDK-8244966 | Add .vscode to .hgignore and .gitignore |
JDK-8250825 | C2 crashes with assert(field != __null) failed: missing field |
JDK-8255466 | C2 crashes at ciObject::get_oop() const+0x0 |
JDK-8261020 | Wrong format parameter in create_emergency_chunk_path |
JDK-8265019 | Update tests for additional TestNG test permissions |
JDK-8266881 | Enable debug log for SSLEngineExplorerMatchedSNI.java |
JDK-8268457 | XML Transformer outputs Unicode supplementary character incorrectly to HTML |
JDK-8285756 | clean up use of bad arguments for |
JDK-8309841 | Jarsigner should print a warning if an entry is removed |
JDK-8316193 | jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak |
JDK-8326110 | [8u] The Marlin tests should be updated after JDK-8241307 |
JDK-8335912 | Add an operation mode to the jar command when extracting to not overwriting existing files |
JDK-8337494 | Clarify JarInputStream behavior |
JDK-8337692 | Better TLS connection support |
JDK-8338430 | Improve compiler transformations |
JDK-8339560 | Unaddressed comments during code review of JDK-8337664 |
JDK-8339637 | (tz) Update Timezone Data to 2024b |
JDK-8339644 | Improve parsing of Day/Month in tzdata rules |
JDK-8339810 | Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract |
JDK-8340552 | Harden TzdbZoneRulesCompiler against missing zone names |
JDK-8340660 | [8u] Test com/sun/jdi/PrivateTransportTest.sh fails on MacOS |
JDK-8342562 | Enhance Deflater operations |
JDK-8343007 | Enhance Buffered Image handling |
JDK-8345504 | Bump update version of OpenJDK: 8u452 |
JDK-8346140 | [8u] tools/jar/ExtractFilesTest.java and tools/jar/MultipleManifestTest.java fails with jtreg5.1 |
JDK-8346587 | Distrust TLS server certificates anchored by Camerfirma Root CAs |
JDK-8347847 | Enhance jar file support |
JDK-8347965 | (tz) Update Timezone Data to 2025a |
JDK-8348211 | [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708 |
JDK-8349166 | Bad indentation in backport of JDK-8250825 |
JDK-8350816 | [8u] Update TzdbZoneRulesCompiler to ignore HST/EST/MST links |
JDK-8352097 | (tz) zone.tab update missed in 2025a backport |
JFX issues
This is the list of JFX issues fixed in this release.
Issue ID | Summary |
---|---|
JDK-8340322 | Update WebKit to 620.1 |
JDK-8346228 | Update GStreamer to 1.24.10 |
JDK-8346229 | Update Glib to 2.82.4 |
JDK-8349891 | Not implemented function should have printf |
JDK-8349924 | Additional WebKit 620.1 fixes from WebKitGTK 2.46.6 |
JDK-8350284 | WebKit 620.1 crashes on startup on Windows x86 32-bit |
6. Updates to Third Party Libraries
This release does not contain any changes in the third party libraries.
7. Upgrading to the New Version
To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.