Liberica Native Image Kit 23.1.9-1 (21.0.9+12): Release Notes
Published: October, 2025
1. Introduction
This document provides information about Liberica NIK release.
This particular version of Liberica NIK 23.1.9-1 is based on Liberica JDK 21.0.9+12.
|
Note:
| For more information about Liberica JDK release, see Liberica JDK Release Notes. |
Liberica Native Image Kit is a utility Based on GraalVM Open Source that is capable of converting your JVM-based application into a fully compiled native executable ahead-of-time under the closed-world assumption with an almost instant startup time.
Liberica NIK supports the following platforms:
-
Linux x86_64 (glibc)
-
Linux Alpine x86_64 (musl)
-
Linux AArch64 (glibc)
-
Linux Alpine AArch64 (musl)
-
Mac OS x86_64
-
Mac OS AArch64
-
Windows x86_64
Liberica NIK distribution
Liberica NIK is distributed as .apk, .deb, .dmg, .msi, .pkg, .rpm, .tar.gz, and .zip packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Issues
This release does not contain any notable issues. For the list of Liberica JDK notable issues, see Liberica JDK Release Notes
Language and framework versions
Liberica NIK 23.1.9 supports the following languages and frameworks:
| Component | Version |
|---|---|
LLVM | 16.0.1 (GraalVM CE Native 23.1.9) |
Python | 3.10.8 (GraalVM CE Native 23.1.9) |
Node.js | 18.20.6 |
Java | Liberica JDK 21.0.9+12 |
Java Script | GraalVM JavaScript (GraalVM CE Native 23.1.9) |
R | 4.0.3 (FastR) |
TruffleRuby | 23.1.9 (Ruby 3.2.2) |
Native Image | GraalVM version 23.1.9 (Liberica JDK 21.0.9+12, LTS) |
Wasm | WebAssembly (GraalVM CE Native 23.1.9) |
3. Known Issues
This release does not contain any known issues. For the list of Liberica JDK known issues, see Liberica JDK Release Notes.
4. CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-53057 | 5.9 | security-libs | java.security | network | high | none | none | unchanged | none | high | none |
CVE-2025-53066 | 4.8 | xml | jaxp | network | high | none | none | unchanged | low | none | low |
CVE-2025-61748 | 3.7 | core-libc | network | high | none | none | unchanged | none | low | none |
5. Resolved Issues
Liberica NIK issues
This is the list of Liberica NIK issues fixed in this release.
| Issue ID | Summary |
|---|---|
GR-45020 | Do not permit FixedGuardNode and ConditionAnchorNode to go away if there are PiNodes attached |
GR-49845 | Add system modules implicitly required by the application to the image builder module graph |
GR-52557 | Pi node: guard against deletion in recursion. |
GR-53634 | Handle static frame slots in BytecodeOSRMetadata#restoreParentFrame. |
GR-53902 | Fix DynamicObjectLibrary.setPropertyFlags. |
GR-54313 | TruffleString: fix TruffleStringBuilder and RepeatNode breaking string compaction invariants |
GR-54673 | Add MaximumCompilations option. |
GR-56094 | Remove constant memory buffer assumption and simplify ByteArrayWasmMemory. |
GR-57835 | Remove dead threads from PolyglotContextImpl#threads during new thread initialization. |
GR-58070 | Update VisualVM documentation and add more validation for the option '--enable-monitoring'. |
GR-58542 | Process --version, --help or --help-extra like java does. |
GR-58571 | Preserve local symbols if post-link stripping follows. |
GR-58670 | Clear polyglot source cache more aggressively. |
GR-59408 | Infinite recursion in AArch64MacroAssembler.add/sub with immediate = Integer.MIN_VALUE |
GR-59497 | TRegex: fix OracleDB flavor incorrectly parsing escaped surrogate pairs. |
GR-59582 | Better messages for OutOfMemoryErrors and small cleanups/bugfixes. |
GR-59688 | Allow compiler newer than Truffle runtime in a minor version. |
GR-59858 | Mark type of hidden field reachable. |
GR-59897 | Fix documentation for the sandbox.MaxHeapMemory resource limit. |
GR-60578 | Upgrade ASM dependency from 9.5 to 9.7.1. |
GR-60694 | Fix int overflow in ObjectSizeCalculator#increaseByArraySize. |
GR-61452 | unrolling track created main loops |
GR-61452 | unrolling track created main loops |
GR-61882 | Upgrading the underlying Node.js to version 18.20.6. |
GR-61888 | Fix @Uninterruptible |
GR-62678 | Backport to 23.1 : System.out/err usage in PolyglotLoggers. |
GR-63266 | Backport to 23.1: Prevent absent hashcode computation split across safepoint checks. |
GR-63479 | Backport to 23.1: Emit additional reinterpret when generating float CAS from node matching rules. |
GR-63795 | Backport to 23.1: Verify that recurring callbacks are allocation free. |
GR-63795 | restore |
GR-65664 | Backport to 23.1: Rethrow OutOfMemoryErrors that happen during performance data initialization. |
GR-65730 | Backport to 23.1: Copy MultiOptionValues in HostedOptionCustomizer. |
GR-65754 | Backport to 23.1: TRegex: update pre-defined character classes in OracleDBFlavor. |
GR-65853 | Backport to 23.1: Return correct name for libgraal-specific collection policy. |
GR-66054 | Backport to 23.1: Partial escape analysis: materialize for too many fixpoint iterations. |
GR-66190 | Backport to 23.1: UnsupportedSpecializationException caused by null from PropertyGetNode. |
GR-66289 | Backport to 23.1: TruffleLogger.getLevelNum() causes deopt loops. |
GR-66325 | Backport to 23.1: Handle getSystemResource method properly in the Native Image agent. |
GR-67264 | Backport to 23.1: Fix JFR GC events. |
GR-67895 | Backport to 23.1: Print stack trace of UserException causes. |
GR-67898 | Backport to 23.1: Avoid recursive printing of exception causes. |
GR-67962 | Backport to 23.1: SubstrateDiagnostics and OutOfMemoryError bugfixes. |
GR-68032 | Backport to 23.1: Improve -XX:FlightRecorderLogging error message for unknown tag set. |
GR-68111 | Backport to 23.1: Remove HostedOptionCustomizer. |
GR-68114 | Backport to 23.1: Fix memory leak in SourceManager.verifiedPaths. |
GR-68324 | Backport to 23.1: TRegex: treat nested quantifiers as a bailout instead of a syntax error in OracleDBFlavor. |
GR-68356 | Backport to 23.1: Make EventBinding a context heap boundary. |
GR-68722 | Backport to 23.1: Cross-isolate exception dispatch for isolated compilation. |
GR-69141 | Backport to 23.1: Bump double-conversion version number. |
6. Upgrading to the New Version
To keep your Liberica NIK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica NIK Installation Guide.