Liberica Native Image Kit 23.1.3+1 (21.0.3+10): Release Notes
1. Introduction
This document provides the late-breaking information about Liberica NIK 23.1.3 release.
This particular version of Liberica NIK 23.1.3+1 is based on Liberica JDK 21.0.3+10. For more information about Liberica JDK release, see Liberica JDK Release Notes.
2. Liberica NIK 23.1.3+1
Liberica Native Image Kit is a utility Based on GraalVM Open Source that is capable of converting your JVM-based application into a fully compiled native executable ahead-of-time under the closed-world assumption with an almost instant startup time.
Liberica NIK supports the following platforms:
-
Linux x86_64 (glibc)
-
Linux Alpine x86_64 (musl)
-
Linux AArch64 (glibc)
-
Linux Alpine AArch64 (musl)
-
Mac OS x86_64
-
Mac OS AArch64
-
Windows x86_64
3. Liberica NIK distribution
Liberica NIK is distributed as .apk, .deb, .dmg, .msi, .pkg, .rpm, .tar.gz, and .zip packages. Please select the most appropriate for your purposes.
Liberica NIK 23.1.3 supports the following languages and frameworks:
-
LLVM - 16.0.1 (GraalVM CE Native 23.1.3)
-
Python - 3.10.8 (GraalVM CE Native 23.1.3)
-
Node.js - v18.18.2
-
Java - Liberica JDK 21.0.3+10
-
Java Script - GraalVM JavaScript (GraalVM CE Native 23.1.3)
-
R - 4.0.3 (FastR)
-
TruffleRuby - 23.1.3 (Ruby 3.0.3)
-
Native Image - GraalVM Version 23.1.3 (Liberica JDK 21.0.3+10, LTS)
-
Wasm - WebAssembly (GraalVM CE Native 23.1.3)
4. Known Issues
This release does not contain any known issues. For the list of Liberica JDK known issues, see Liberica JDK Release Notes
5. CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2023-46809 | 6.8 | node.js | crypto | network | high | low | none | unchanged | high | high | none |
CVE-2023-5678 | 5.3 | node.js | openssl | network | low | none | none | unchanged | none | none | low |
CVE-2023-6129 | 6.5 | node.js | openssl | network | high | none | none | unchanged | none | low | high |
CVE-2024-0727 | 5.5 | node.js | openssl | local | low | none | required | unchanged | none | none | high |
CVE-2024-21011 | 3.7 | hotspot | runtime | network | high | none | none | unchanged | none | none | low |
CVE-2024-21012 | 3.7 | core-libs | java.net | network | high | none | none | unchanged | none | low | none |
CVE-2024-21068 | 3.7 | hotspot | compiler | network | high | none | none | unchanged | none | low | none |
CVE-2024-21094 | 3.7 | hotspot | compiler | network | high | none | none | unchanged | none | low | none |
CVE-2024-21892 | 7.5 | node.js | credentials | local | high | low | none | changed | high | high | none |
CVE-2024-22019 | 7.5 | node.js | llhttp | network | low | none | none | unchanged | none | none | high |
CVE-2024-22025 | 6.5 | node.js | zlib | network | low | none | required | unchanged | none | none | high |
CVE-2024-24758 | 3.9 | node.js | undici | network | high | high | required | unchanged | low | low | low |
CVE-2024-24806 | 7.3 | node.js | libuv | network | low | none | none | unchanged | low | low | low |
6. Notable Issues
This release does not contain any notable issues. For the list of Liberica JDK notable issues, see Liberica JDK Release Notes
7. Resolved Issues
Liberica NIK issues
This is the list of Liberica NIK issues fixed in this release.
| Issue ID | Summary |
|---|---|
GR-49428 | JVM standalones do not include any library config of the main component (). |
GR-49431 | Backport to 23.1: exclusion of library configs of the main component from JVM standalones. |
GR-50673 | Backport to 23.1: Make lambda class names format consistent with the JDK name format. |
GR-50682 | Quarkus fails even if class loader disabled. |
GR-50802 | Backport to 23.1: Minor fixes and cleanups. |
GR-50823 | Backport to 23.1: Fix stamp inversion for ZeroExtend and SignExtend operations. |
GR-50823 | Fix stamp inversion for ZeroExtend and SignExtend operations. |
GR-50823 | Incorporate the bounds of stampToInvert when calculating the bounds of the inverted stamp. |
GR-50823 | Infer input msb during stamp inversion for integer SignExtend. |
GR-50823 | Unittests for stamp inversion during conditional elimination. |
GR-50878 | Backport 23.1 : Use unsigned monitor and identity hash offsets and guarantee (not assert) that they are valid. |
GR-50881 | Backport to 23.1: Correctly handle printing certain JSON values in agent trace files. |
GR-50916 | Backport to 23.1: Calling getStackTrace on recently started platform thread can crash. |
GR-50968 | Backport to 23.1: Change lifecycle of JIT-compiled code. |
GR-50971 | Backport to 23.1 : Make segfault handler more robust. |
GR-50979 | Backport to 23.1: Quarkus fails even if class loader disabled. |
GR-51028 | Backport to 23.1: Constant fold reflection lookups in sun.nio.ch.Reflect. |
GR-51070 | Backport to 23.1: Create additional artifacts only on successful build. |
GR-51075 | Backport to 23.1: JFR cleanups |
GR-51088 | Backport to 23.1: Preprocess |
GR-51092 | Backport to 23.1: Fix debug section alignment which can lead to corrupt debug info |
GR-51175 | Backport to 23.1: Remove Heap.allowPageSizeMismatch() and provide a method to set the physical memory size. |
GR-51218 | Backport to 23.1: Introduce ReportFatalErrorOnOutOfMemoryError. |
GR-51229 | Backport to 23.1: Build GraalVM on Big Sur. |
GR-51275 | Backport 23.1 : Mark all killed XMM registers as @Temp in AMD64SHA256AVX2Op. |
GR-51295 | Update JVMCI to 23.1-b31. |
GR-51311 | Backport to 23.1: Crash log improvements. |
GR-51319 | Backport to 23.1: Improve intrinsification of method handles. |
GR-51331 | Backport to 23.1 : Fix failure when no resource bundle nullary constructor is present |
GR-51377 | Backport to 23.1: Fix Cpuid1Ecx feature parsing for AMD CPUs. |
GR-51386 | Backport to 23.1: Consolidate application module name detection. |
GR-51392 | Backport to 23.1: Aarch: Add means for post-processing code after emitting from LIR. |
GR-51425 | Backport to 23.1: Only use -H:Path validation in non-bundle mode. |
GR-51438 | Backport to 23.1: Don’t rethrow internal parser errors as SyntaxError. |
GR-51478 | Backport to 23.1: Execute LogManager shutdown hook after all other shutdown hooks. |
GR-51483 | Backport to 23.1: Fix a bug in the IsolateArgumentParser. |
GR-51582 | Backport to 23.1: IV: only non overflowing constant properties should be constant. |
GR-51610 | Update JVMCI to 23.1-b32. |
GR-51612 | Assertion error when internal resource cache is overriden by the polyglot.engine.resourcePath system property. |
GR-51612 | Backport to 23.1: Assertion error when internal resource cache is overriden by the polyglot.engine.resourcePath system property. |
GR-51641 | Always apply JVMTI-related substitutions. |
GR-51689 | Avoid deadlocks when the VM is out-of-memory and other threading-related fixes. |
GR-51744 | Backport to 23.1: Fix possible infinite recursion in AbstractJSObjectArray.setElementImpl. |
GR-51752 | Backport to 23.1: Invocation profiles are not needed for JIT compilation |
GR-51763 | Backport to 23.1: Incompatible NFI library change to the latest LTS release. |
GR-51782 | Backport to 23.1: Handle recently started threads without Thread object and NPE during VMOperation. |
GR-51799 | Cleanup CPU 23.1 : remove unsupported deploy jobs and gate jobs. |
GR-51803 | Backport to 23.1: Prevent macronodes in deoptimization targets. |
GR-51828 | Backport to 23.0: Add CompilationIsolateOptions. |
GR-51829 | Backport to 23.1: Properly catch exceptions during shutdown. |
GR-51869 | Backport to 23.1: Fixed read nodes must only be removed if they are not used as null checks. |
GR-51883 | Backport to 23.1: Fix annotation processor for Espresso interop nodes. |
GR-51893 | Backport to 23.1: Don’t try to incorrectly move virtual state inputs out of loops |
GR-51926 | Backport to 23.1: Ensure CompilationResult.methods does not contain duplicates. |
GR-51957 | Backport to 23.1: Fix a deadlock in IsolateAwareTruffleCompiler.tearDownIsolateOnShutdown. |
GR-52019 | Backport to 23.1: Improve uncaught exception handler and error handling in CEntryPointSnippets.initializeIsolate(). |
GR-52063 | Backport to 23.1: Workaround for a build-time crash. |
GR-52104 | Backport to 23.1: Don’t optimize away Narrow in comparisons with mixed signedness |
GR-52111 | Update JVMCI to 23.1-b34. |
GR-52114 | Backport to 23.1: Do not inline ThrowableTracer#traceError. |
GR-52139 | Backport to 23.1: Introduce PolyglotInstrument#readyForContextEvents to fix context listener race |
GR-52178 | Backport to 23.1: Fix FrameStates for unresolved deopts with incorrect stack size. |
GR-52225 | Backport to 23.1: Loop fragment: ensure we are not killing control flow when we have nodes in head position not in counted position. |
GR-52231 | Update JVMCI to 23.1-b35 |
GR-52237 | Backport to 23.1: Make options engine.CompilerThreads and engine.CompilationFailureAction available under UNTRUSTED sandbox policy. |
GR-52302 | NPE while diagnosing compilation failure when using compilation in isolate. |
GR-52310 | Backport to 23.1: switch aarch64registerconfig to check for darwin instead of not darwin. |
GR-52311 | Backport to 23.1: Fix failing JFR tests. |
GR-52316 | Make ContextPolicyTest#testOptionDescriptorContextReuse more robust. |
GR-52324 | Add InsertGuardFencesPhase into runtime compilation phases. |
GR-52325 | Backport to 23.1: Deopt loops in NetSuite JS code. |
GR-52367 | Update JVMCI to 23.1-b36 |
GR-52396 | Backport to 23.1: Fix wasm.jar not being included in nodejs jvm standalone. |
GR-52425 | Add documentation for recent changes in NFATraversalRegexASTVisitor |
GR-52425 | Backport to 23.1: TRegex: fixes for bugs uncovered during fuzzing. |
GR-52429 | Fix references to checkEmptyMatch in comments |
GR-52430 | TRegex: fix various parser bugs |
GR-52435 | Backport to 23.1: Small fixes and improvements. |
GR-52435 | ExitOnOutOfMemoryError must wait until HeapDumpOnOutOfMemoryError finishes. |
GR-52449 | Backport to 23.1: Add InsertGuardFencesPhase into runtime compilation phases |
GR-52465 | Backport to 23.1: Upgrading the underlying Node.js to version 18.19.1. |
GR-52503 | Backport to 23.1: MoveGuardsUpwards: respect dom tree. |
GR-52614 | Improve a code installation error message. |
GR-52617 | Limit Log.exception() output. |
GR-52617 | Prevent register writes from floating. |
GR-52645 | Backport to 23.1: NPE while diagnosing compilation failure when using compilation in isolate. |
GR-52670 | Update labsjdk to 23.1-b37 |
GR-52697 | Backport to 23.1: Avoid unnecessary NodeSourcePosition for runtime compilation. |