Liberica JDK 8u462+11: Release Notes
Published: July 16, 2025
1. Version information
This document provides information about Liberica JDK 8u462 release.
The full version string for this update release is 8u462+11. The version number is 8.
Liberica JDK 8 is distributed as .apk, .rpm, .zip, .deb, and .tar.gz packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Changes
This is the list of the notable issues fixed in this release.
| Issue ID | |
|---|---|
JDK-8303770 | Summary: Removed Baltimore CyberTrust Root Certificate After Expiry Date Description: The following expired root certificate has been removed from the |
JDK-8350498 | Summary: Removed Two Camerfirma Root Certificates Description: The following root certificates, which are terminated and no longer in use, have been removed from the |
JDK-8352716 | Summary: Update Timezone Data to 2025b Description: The 2025b release of the tz code and data contains the following changes: New zone for Aysén Region in Chile which moves from -04/-03 to -03. |
JDK-8359170 | Summary: Added 4 New Root Certificates from Sectigo Limited Description: The following Sectigo Limited root certificates have been added to the cacerts truststore: sectigocodesignroote46, DN: CN=Sectigo Public Code Signing Root E46, O=Sectigo Limited, C=GB; sectigocodesignrootr46, DN: CN=Sectigo Public Code Signing Root R46, O=Sectigo Limited, C=GB; sectigotlsroote46, DN: CN=Sectigo Public Server Authentication Root E46, O=Sectigo Limited, C=GB; sectigotlsrootr46, DN: CN=Sectigo Public Server Authentication Root R46, O=Sectigo Limited, C=GB. |
IANA TZ Data update
This release of Liberica JDK 8u462 upgrades the in-tree copy of the IANA timezone database to 2025b. The following are the key changes of this update:
Future Timestamps:
New Time Zone:
A new time zone, America/Coyhaique, is created for Chile’s Aysén Region, which will now observe UTC−03 year-round (no daylight saving time).
-
This diverges from America/Santiago starting March 20, 2025.
-
Aysén will not change clocks on April 5, 2025.
-
This aligns Aysén with Magallanes Region.
Past Timestamps:
Iran Time Change Correction:
Iran changed from UTC+04 to UTC+03:30 on November 10, 1978, not at the end of the year as previously recorded.
Code Fixes:
Improved behavior for the zic tool:
-
It no longer creates invalid symlinks when using -l with multiple arguments.
-
A buffer underflow issue is resolved.
For more information, see JDK-8352716.
3. Known Issues
This release does not contain any known issues.
4. Fixed CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-24855 | 7.5 | javafx | web | network | high | none | required | unchanged | high | high | high |
CVE-2025-27113 | 7.5 | javafx | web | network | high | none | required | unchanged | high | high | high |
CVE-2025-30749 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
CVE-2025-30754 | 4.8 | security-libs | javax.net.ssl | network | high | none | none | unchanged | low | low | none |
CVE-2025-30761 | 5.9 | core-libs | javax.script | network | high | none | none | unchanged | none | high | none |
CVE-2025-50106 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
5. Resolved Issues
JDK issues
This is the list of general JDK issues fixed in this release.
| Issue ID | Summary |
|---|---|
JDK-8026976 | ECParameters, Point does not match field size |
JDK-8028998 | [TEST_BUG] [macosx] java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java failed |
JDK-8046883 | com/sun/jdi/ProcessAttachTest.sh gets "java.io.IOException: Invalid process identifier" on windows |
JDK-8071996 | split_if accesses NULL region of ConstraintCast |
JDK-8159694 | HiDPI, Unity, java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java |
JDK-8186143 | keytool -ext option doesn’t accept wildcards for DNS subject alternative names |
JDK-8186787 | clang-4.0 SIGSEGV in Unsafe_PutByte |
JDK-8240235 | jdk.test.lib.util.JarUtils updates jar files incorrectly |
JDK-8248001 | javadoc generates invalid HTML pages whose ftp:// links are broken |
JDK-8274597 | Some of the dnd tests time out and fail intermittently |
JDK-8274606 | Fix jaxp/javax/xml/jaxp/unittest/transform/SurrogateTest.java test |
JDK-8278472 | Invalid value set to CANDIDATEFORM structure |
JDK-8293107 | GHA: Bump to Ubuntu 22.04 |
JDK-8296631 | NSS tests failing on OL9 linux-aarch64 hosts |
JDK-8303770 | Remove Baltimore root certificate expiring in May 2025 |
JDK-8309841 | Jarsigner should print a warning if an entry is removed |
JDK-8339810 | Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract |
JDK-8341946 | [8u] sun/security/pkcs11/ec/ tests fail on RHEL9 |
JDK-8345133 | Test sun/security/tools/jarsigner/TsacertOptionTest.java failed: Warning found in stdout |
JDK-8345625 | Better HTTP connections |
JDK-8346887 | DrawFocusRect() may cause an assertion failure |
JDK-8348989 | Better Glyph drawing |
JDK-8349111 | Enhance Swing supports |
JDK-8349594 | Enhance TLS protocol support |
JDK-8350498 | Remove two Camerfirma root CA certificates |
JDK-8351098 | Bump update version of OpenJDK: 8u462 |
JDK-8351422 | Improve scripting supports |
JDK-8351439 | [8u] test/java/util/TimeZone/tools/share/Makefile use wrong path to tzdb |
JDK-8352716 | (tz) Update Timezone Data to 2025b |
JDK-8353433 | XCG currency code not recognized in JDK 8u |
JDK-8356096 | ISO 4217 Amendment 179 Update |
JDK-8359170 | Add 2 TLS and 2 CS Sectigo roots |
JDK-8360147 | Better Glyph drawing redux |
JFX issues
This is the list of JFX issues fixed in this release.
| Issue ID | Summary |
|---|---|
JDK-8296590 | StraightLineTest fails always on Linux and sometimes on other platforms |
JDK-8352162 | Update libxml2 to 2.13.8 |
JDK-8352164 | Update libxslt to 1.1.43 |
JDK-8354876 | Update SQLite to 3.49.1 |
JDK-8354940 | Fail to sign in to Microsoft sites with WebView |
6. Updates to Third Party Libraries
This is the list of changes in the third party libraries.
| Library | Full name | New Version | Module | JBS number |
|---|---|---|---|---|
FreeType | FreeType | 2.13.3 | java.desktop | 8348596 |
libxml2 | libxml2 | 2.13.8 | javafx.web | 8352162 |
libxslt | libxslt | 1.1.43 | javafx.web | 8352164 |
SQLite | SQLite | 3.49.1 | javafx.web | 8354876 |
7. Upgrading to the New Version
To keep your Liberica JDK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica JDK Installation Guide.