Liberica Native Image Kit 23.1.8+1 (21.0.8+13): Release Notes
Published: July, 2025
1. Introduction
This document provides information about Liberica NIK release.
This particular version of Liberica NIK 23.1.8+1 is based on Liberica JDK 21.0.8+13.
|
Note:
| For more information about Liberica JDK release, see Liberica JDK Release Notes. |
Liberica Native Image Kit is a utility Based on GraalVM Open Source that is capable of converting your JVM-based application into a fully compiled native executable ahead-of-time under the closed-world assumption with an almost instant startup time.
Liberica NIK supports the following platforms:
-
Linux x86_64 (glibc)
-
Linux Alpine x86_64 (musl)
-
Linux AArch64 (glibc)
-
Linux Alpine AArch64 (musl)
-
Mac OS x86_64
-
Mac OS AArch64
-
Windows x86_64
Liberica NIK distribution
Liberica NIK is distributed as .apk, .deb, .dmg, .msi, .pkg, .rpm, .tar.gz, and .zip packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Issues
This release does not contain any notable issues. For the list of Liberica JDK notable issues, see Liberica JDK Release Notes
Language and framework versions
Liberica NIK 23.1.8 supports the following languages and frameworks:
| Component | Version |
|---|---|
LLVM | 16.0.1 (GraalVM CE Native 23.1.8) |
Python | 3.10.8 (GraalVM CE Native 23.1.8) |
Node.js | 18.20.6 |
Java | Liberica JDK 21.0.8+13 |
Java Script | GraalVM JavaScript (GraalVM CE Native 23.1.8) |
R | 4.0.3 (FastR) |
TruffleRuby | 23.1.8 (Ruby 3.2.2) |
Native Image | GraalVM version 23.1.8 (Liberica JDK 21.0.8+13, LTS) |
Wasm | WebAssembly (GraalVM CE Native 23.1.8) |
3. Known Issues
This release does not contain any known issues. For the list of Liberica JDK known issues, see Liberica JDK Release Notes.
4. CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-23165 | 3.7 | node.js | node | network | high | none | none | unchanged | none | none | low |
CVE-2025-23166 | 7.5 | node.js | node | network | low | none | none | unchanged | none | none | high |
CVE-2025-23167 | 6.5 | node.js | llhttp | network | low | none | none | unchanged | low | low | none |
CVE-2025-30749 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
CVE-2025-30754 | 4.8 | security-libs | javax.net.ssl | network | high | none | none | unchanged | low | low | none |
CVE-2025-50059 | 8.6 | core-libs | java.net | network | low | none | none | changed | high | none | none |
CVE-2025-50065 | 3.7 | native-image | http | network | high | none | none | unchanged | none | none | low |
CVE-2025-50106 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
5. Resolved Issues
Liberica NIK issues
This is the list of Liberica NIK issues fixed in this release.
| Issue ID | Summary |
|---|---|
GR-52980 | Map.prototype.forEach needs to import key and value of foreign hash entries. |
GR-59499 | Fix System.getProperties() when called from virtual thread. |
GR-60402 | Add vzeroupper upon the entrance of AMD64 sha1 and sha256 stubs. |
GR-61481 | Fix tier_count values in CPU sampler JSON output. |
GR-62340 | Use correct acquisition count in acquireOnOOME. |
GR-62597 | Fall back to non-containerized bundle build for --static. |
GR-63059 | Backport to 23.1: Map.prototype.forEach needs to import key and value of foreign hash entries. |
GR-63092 | use dword comparisons in AMD64ArrayIndexOfOp because search values are definitely int |
GR-63188 | Backport to 23.1: Verify that DynamicHubs are addressable. |
GR-63246 | Backport to 23.1: Fix ClassCastException in super property access. |
GR-63303 | Backport to 23.1: Fix js benchmarks. |
GR-64187 | Backport to 23.1: Using latest double-conversion version 3.3.0. |
GR-64697 | Backport to 23.1: Correction of Array.prototype.flat() producing a foreign array. |
GR-64709 | Backport to 23.1: ExportValueNode.doTruffleObject() should exclude SafeIntegers. |
GR-64957 | Backport to 23.1: Transient fetch test failure on darwin-amd64. |
GR-65310 | Backport to 23.1: Dates with missing UTC offset should be interpreted (in nashorn-compat mode) as UTC time when they are "strict" only. |
6. Upgrading to the New Version
To keep your Liberica NIK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica NIK Installation Guide.