Liberica Native Image Kit 24.2.2+1 (24.0.2+13): Release Notes
Published: July, 2025
1. Introduction
This document provides information about Liberica NIK release.
This particular version of Liberica NIK 24.2.2+1 is based on Liberica JDK 24.0.2+13.
|
Note:
| For more information about Liberica JDK release, see Liberica JDK Release Notes. |
Liberica Native Image Kit is a utility Based on GraalVM Open Source that is capable of converting your JVM-based application into a fully compiled native executable ahead-of-time under the closed-world assumption with an almost instant startup time.
Liberica NIK supports the following platforms:
-
Linux x86_64 (glibc)
-
Linux Alpine x86_64 (musl)
-
Linux AArch64 (glibc)
-
Linux Alpine AArch64 (musl)
-
Mac OS x86_64
-
Mac OS AArch64
-
Windows x86_64
Liberica NIK distribution
Liberica NIK is distributed as .apk, .deb, .dmg, .msi, .pkg, .rpm, .tar.gz, and .zip packages. Please select the most appropriate for your purposes.
2. What’s New
This release contains the following updates and new features.
Notable Issues
This release does not contain any notable issues. For the list of Liberica JDK notable issues, see Liberica JDK Release Notes
Language and framework versions
Liberica NIK 24.2.2 supports the following languages and frameworks:
| Component | Version |
|---|---|
LLVM | 18.1.3 (GraalVM CE Native 24.2.2) |
Python | 3.11.7 (GraalVM CE Native 24.2.2) |
Node.js | 22.15.1 |
Java | Liberica JDK 24.0.2+13 |
Java Script | GraalVM JavaScript (GraalVM CE Native 24.2.2) |
TruffleRuby | 24.2.2 (Ruby 3.3.7) |
Native Image | GraalVM version 24.2.2 (Liberica JDK 24.0.2+13) |
Wasm | WebAssembly (GraalVM CE Native 24.2.2) |
3. Known Issues
This release does not contain any known issues. For the list of Liberica JDK known issues, see Liberica JDK Release Notes.
4. CVEs
This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.
| CVE ID | CVSS score | Component | Module | Attack Vector | Complexity | Privileges | User Interaction | Scope | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-23165 | 3.7 | node.js | node | network | high | none | none | unchanged | none | none | low |
CVE-2025-23166 | 7.5 | node.js | node | network | low | none | none | unchanged | none | none | high |
CVE-2025-23167 | 6.5 | node.js | llhttp | network | low | none | none | unchanged | low | low | none |
CVE-2025-30749 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
CVE-2025-30754 | 4.8 | security-libs | javax.net.ssl | network | high | none | none | unchanged | low | low | none |
CVE-2025-50059 | 8.6 | core-libs | java.net | network | low | none | none | changed | high | none | none |
CVE-2025-50065 | 3.7 | native-image | http | network | high | none | none | unchanged | none | none | low |
CVE-2025-50106 | 8.1 | client-libs | 2d | network | high | none | none | unchanged | high | high | high |
5. Resolved Issues
Liberica NIK issues
This is the list of Liberica NIK issues fixed in this release.
| Issue ID | Summary |
|---|---|
GR-62084 | Backport to 24.2: Only duplicate MonitorIdNode for closed lock regions |
GR-62110 | Backport to 24.2: Fix missing synchronization in statistics listener. Fix transient safepoint poll failure. |
GR-63092 | use dword comparisons in AMD64ArrayIndexOfOp because search values are definitely int |
GR-63226 | Backport to 24.2: Instruction counter jobs (polybench and gate perf checks) require special gating hardware. |
GR-63227 | Update SBOM BuildOutput.md, describe unassociated types |
GR-63329 | Backport to 24.2: Use dword comparisons in AMD64ArrayIndexOfOp because search values are definitely int |
GR-63438 | Backport to 24.2: Restore public access from inherited classes when public access is enabled. |
GR-63454 | Backport to 24.2: Remove pointless parallel stream processing for classpath entries. |
GR-63474 | Backport to 24.2: Update JCodings to 1.0.63. |
GR-63474 | Backport to 24.2: Update to latest graal to test JCodings update |
GR-63513 | Backport to 24.2: Improve JS exception message. |
GR-63566 | Backport to 24.2: Fix bug in JFR type repository. |
GR-63570 | Backport to 24.2: Fix class names in heap dumps. |
GR-63602 | Update labsjdk to 24.0.2+11-jvmci-b01 (GAC re-spin) |
GR-63610 | Backport to 24.2: Fix JDWP frames command when thread has no frames. |
GR-63614 | Backport to 24.2: Fix perf regression in Polyglot.castWithGenerics. |
GR-63675 | Backport to 24.2: SBOM: Aggregate warnings for missing classes. |
GR-63769 | Backport to 24.2: Missing Truffle Safepoint poll in bytecode interpreter loop. |
GR-63789 | Upgrade Joni version |
GR-63790 | Backport to 24.2: Upgrade Joni version |
GR-64176 | Backport to 24.2: Fixes for windows issues in cibuildwheels. |
GR-64210 | Backport to 24.2: Storing NO_VALUE in attribute removes the Key Value pair |
GR-64254 | Backport to 24.2: Allow non-file URLs in |
GR-64272 | Backport to 24.2:: Add default excludes for generating filelists.txt |
GR-64295 | Backport to 24.2: WasmCallStubNode cannot be cast to WasmDirectCallNode. |
GR-64302 | Backport to 24.2: Validate reachable object before propagating it. |
GR-64315 | Backport to 24.2: Fix Truffle inInterpreter methods must be marked as opaque to avoid analysis strengthening which modifies the dominator tree needed during host inlining. |
GR-64327 | Backport to 24.2: Add support for ormsgpack and prepare upstreaming some changes |
GR-64346 | Backport to 24.2: TRegex: fix GenerateDFAImmediately option not freeing nfa matcher. |
GR-64423 | Use initial system properties for jvmstat performance counters. |
GR-64428 | Backport to 24.2: Various fixes for system properties and locales. |
GR-64428 | Various fixes for SystemProperties. |
GR-64519 | Backport to 24.2: Remove NEGATIVE_QUERY from registeredResources in Build Report data when it was replaced with an actual resource |
GR-64577 | Parse system properties before options. |
GR-64656 | Backport to 24.2: Fix UnixFileSystemAccessors.reinitialize(…). |
GR-64696 | Backport to 24.2: Correction of Array.prototype.flat() producing a foreign array. |
GR-64708 | Backport to 24.2: ExportValueNode.doTruffleObject() should exclude SafeIntegers. |
GR-64748 | Backport to 24.2: Fix no unwrapping in interop read array element. |
GR-64773 | Backport to 24.2: Don’t use a base pointer for JIT compiled code and deopt targets. |
GR-64925 | Backport to 24.2: Do not include Python library pdb by default in gdb-debughelpers. |
GR-64961 | Backport to 24.2: Escape stars in matching text when fetching hosted only content |
GR-65032 | Backport to 24.2: Upgrading the underlying Node.js to version 22.15.1. |
GR-65163 | Backport to 24.2.2: Native image build with Truffle enterprise fails on GraalVM CE |
GR-65227 | Ensure writing same value for all keys in a HashingStorage handles storage generalization |
GR-65237 | Backport to 24.2: Implement AttributeError builtins |
GR-65261 | Backport to 24.2: Prevent new substitutions for bundle apply without create. |
GR-65309 | Backport to 24.2: Dates with missing UTC offset should be interpreted (in nashorn-compat mode) as UTC time when they are "strict" only. |
GR-65325 | Backport to 24.2: We have |
GR-65326 | Backport to 24.2: Fix transient error in tee builtins. |
GR-65330 | Revert breaking ABI in graalpy242 wheels |
GR-65335 | Backport to 24.2: Revert breaking ABI in graalpy242 wheels. |
GR-65343 | Backport to 24.2: Upgrade org.json to version 20250517. |
GR-65354 | Backport to 24.2: Fix JFR-related UnsatisfiedLinkErrors. |
GR-65363 | Backport to 24.2: Fix java.specification.maintenance.version. |
GR-65408 | Update musl building information. |
6. Upgrading to the New Version
To keep your Liberica NIK up-to-date and secure, always upgrade to the newest available version once it is released. To upgrade, install the new version over the previous one. For the installation instructions, see Liberica NIK Installation Guide.