Release date: April 16, 2024
The full version string for this update release is 22.0.1+8 (where "+" means "build"). The version number is 22.0.1.
JDK 22.0.1 contains IANA time zone data 2024a which contains the following changes:
For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java Runtime at the time of the release of JDK 22.0.1 are specified in the following table:
Java Family Version | Security Baseline (Full Version String) |
---|---|
22 | 22.0.1+8 |
21 | 21.0.3+7 |
17 | 17.0.11+7 |
11 | 11.0.23+7 |
8 | 8u411-b09 |
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 22.0.1) be used after the next critical patch update scheduled for July 16, 2024.
Java Management Service, available to all users, can help you find vulnerable Java versions in your systems. Java SE Subscribers and customers running in Oracle Cloud can use Java Management Service to update Java Runtimes and to do further security reviews like identifying potentially vulnerable third party libraries used by your Java programs. Existing Java Management Service user click here to log in to your dashboard. The Java Management Service Documentation provides a list of features available to everyone and those available only to customers. Learn more about using Java Management Service to monitor and secure your Java Installations.
jpackage
Apps May Fail to Build on Debian Linux Distros Due to Missing Shared Libraries
(JDK-8295111)
There is an issue on Debian Linux distros where jpackage
could not always build an accurate list of required packages from shared libraries with symbolic links in their paths, causing installations to fail due to missing shared libraries.
The following root certificates have been added to the cacerts truststore:
+ Certainly
+ certainlyrootr1
DN: CN=Certainly Root R1, O=Certainly, C=US
+ Certainly
+ certainlyroote1
DN: CN=Certainly Root E1, O=Certainly, C=US
TrimNativeHeapInterval
a Product Switch
(JDK-8325496)
TrimNativeHeapInterval
has been made an official product switch. It allows the JVM to trim the native heap at periodic intervals.
This option is only available on Linux with glibc.
Library | New Version | Module | JBS |
---|---|---|---|
LCMS | 2.16 | java.desktop | JDK-8321489 |
This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update.
➜ Issues fixed in 22.0.1:# | JBS | Component/Subcomponent | Summary |
---|---|---|---|
1 | JDK-8325590 | core-libs/java.lang | Regression in round-tripping UTF-16 strings after JDK-8311906 |
2 | JDK-8323065 | hotspot/compiler | Unneccesary CodeBlob lookup in CompiledIC::internal_set_ic_destination |
3 | JDK-8317299 | hotspot/compiler | safepoint scalarization doesn't keep track of the depth of the JVM state |
4 | JDK-8325672 | hotspot/compiler | C2: allocate PhaseIdealLoop::_loop_or_ctrl from C->comp_arena() |
5 | JDK-8326638 | hotspot/compiler | Crash in PhaseIdealLoop::remix_address_expressions due to unexpected Region instead of Loop |
6 | JDK-8324050 | hotspot/compiler | Issue store-store barrier after re-materializing objects during deoptimization |
7 | JDK-8322783 | hotspot/runtime | prioritize /etc/os-release over /etc/SuSE-release in hs_err/info output |
8 | JDK-8323657 | tools/javac | Compilation of snippet results in VerifyError at runtime with --release 9 (and above) |
9 | JDK-8314275 | tools/javac | Incorrect stepping in switch |
10 | JDK-8322159 | tools/javac | ThisEscapeAnalyzer crashes for erroneous code |
11 | JDK-8325203 | tools/jpackage | System.exit(0) kills the launched 3rd party application |