Liberica JDK 8u462+11: Release Notes$$$Published: July 16; 2025$$$$$$1. Version information$$$This document provides information about Liberica JDK 8u462 release.$$$$$$The full version string for this update release is 8u462+11. The version number is 8.$$$$$$Liberica JDK 8 is distributed as .apk; .rpm; .zip; .deb; and .tar.gz packages. Please select the most appropriate for your purposes.$$$$$$2. What’s New$$$This release contains the following updates and new features.$$$$$$Notable Changes$$$This is the list of the notable issues fixed in this release.$$$$$$Issue IDt$$$JDK-8303770$$$$$$Summary: Removed Baltimore CyberTrust Root Certificate After Expiry Date$$$$$$Description: The following expired root certificate has been removed from the cacerts keystore: alias name baltimorecybertrustca [jdk]; Distinguished Name: CN=Baltimore CyberTrust Root; OU=CyberTrust; O=Baltimore; C=IE.$$$$$$JDK-8350498$$$$$$Summary: Removed Two Camerfirma Root Certificates$$$$$$Description: The following root certificates; which are terminated and no longer in use; have been removed from the cacerts keystore: alias name camerfirmachamberscommerceca [jdk]; Distinguished Name: CN=Chambers of Commerce Root; OU=http://www.chambersign.org; O=AC Camerfirma SA CIF A82743287; C=EU; alias name camerfirmachambersignca [jdk]; Distinguished Name: CN=Global Chambersign Root - 2008; O=AC Camerfirma S.A.; SERIALNUMBER=A82743287; L=Madrid (see current address at www.camerfirma.com/address); C=EU.$$$$$$JDK-8352716$$$$$$Summary: Update Timezone Data to 2025b$$$$$$Description: The 2025b release of the tz code and data contains the following changes: New zone for Aysén Region in Chile which moves from -04/-03 to -03.$$$$$$JDK-8359170$$$$$$Summary: Added 4 New Root Certificates from Sectigo Limited$$$$$$Description: The following Sectigo Limited root certificates have been added to the cacerts truststore: sectigocodesignroote46; DN: CN=Sectigo Public Code Signing Root E46; O=Sectigo Limited; C=GB; sectigocodesignrootr46; DN: CN=Sectigo Public Code Signing Root R46; O=Sectigo Limited; C=GB; sectigotlsroote46; DN: CN=Sectigo Public Server Authentication Root E46; O=Sectigo Limited; C=GB; sectigotlsrootr46; DN: CN=Sectigo Public Server Authentication Root R46; O=Sectigo Limited; C=GB.$$$$$$IANA TZ Data update$$$This release of Liberica JDK 8u462 upgrades the in-tree copy of the IANA timezone database to 2025b. The following are the key changes of this update:$$$$$$Future Timestamps:$$$New Time Zone:$$$$$$A new time zone; America/Coyhaique; is created for Chile’s Aysén Region; which will now observe UTC-03 year-round (no daylight saving time).$$$$$$This diverges from America/Santiago starting March 20; 2025.$$$$$$Aysén will not change clocks on April 5; 2025.$$$$$$This aligns Aysén with Magallanes Region.$$$$$$Past Timestamps:$$$Iran Time Change Correction:$$$$$$Iran changed from UTC+04 to UTC+03:30 on November 10; 1978; not at the end of the year as previously recorded.$$$$$$Code Fixes:$$$Improved behavior for the zic tool:$$$$$$It no longer creates invalid symlinks when using -l with multiple arguments.$$$$$$A buffer underflow issue is resolved.$$$$$$For more information; see JDK-8352716.$$$$$$3. Known Issues$$$This release does not contain any known issues.$$$$$$4. Fixed CVEs$$$This is the list of the security issues fixed in this release. CVSS scores are provided using the CVSS version 3.1 scoring system.$$$$$$CVE IDtCVSS scoretComponenttModuletAttack VectortComplexitytPrivilegestUser InteractiontScopetConfidentialitytIntegritytAvailability$$$CVE-2025-24855$$$$$$7.5$$$$$$javafx$$$$$$web$$$$$$network$$$$$$high$$$$$$none$$$$$$required$$$$$$unchanged$$$$$$high$$$$$$high$$$$$$high$$$$$$CVE-2025-27113$$$$$$7.5$$$$$$javafx$$$$$$web$$$$$$network$$$$$$high$$$$$$none$$$$$$required$$$$$$unchanged$$$$$$high$$$$$$high$$$$$$high$$$$$$CVE-2025-30749$$$$$$8.1$$$$$$client-libs$$$$$$2d$$$$$$network$$$$$$high$$$$$$none$$$$$$none$$$$$$unchanged$$$$$$high$$$$$$high$$$$$$high$$$$$$CVE-2025-30754$$$$$$4.8$$$$$$security-libs$$$$$$javax.net.ssl$$$$$$network$$$$$$high$$$$$$none$$$$$$none$$$$$$unchanged$$$$$$low$$$$$$low$$$$$$none$$$$$$CVE-2025-30761$$$

JDK-8335912-Summary: Add an operation mode to the jar command when extracting to not overwriting existing files$$$$$$Description: The jar tool’s extract operation has been enhanced to allow the --keep-old-files and the -k options to be used in preventing the overwriting of existing files. Examples: jar xkf foo.jar or jar --extract --keep-old-files --file foo.jar. Either of these commands will extract the contents of foo.jar. If an entry with the same name already exists in the target directory; then the existing file will not be overwritten.$$$$$$Refer-https://docs.bell-sw.com/liberica-jdk/8u452b11/general/release-notes/

JDK-8335912-Summary: Add an operation mode to the jar command when extracting to not overwriting existing files$$$$$$Description: The jar tool’s extract operation has been enhanced to allow the --keep-old-files and the -k options to be used in preventing the overwriting of existing files. Examples: jar xkf foo.jar or jar --extract --keep-old-files --file foo.jar. Either of these commands will extract the contents of foo.jar. If an entry with the same name already exists in the target directory; then the existing file will not be overwritten.$$$$$$Refer-https://docs.bell-sw.com/liberica-jdk/8u452b11/general/release-notes/