Visit Azul.com Support

Release Notes of Azul Zulu Prime Stream and Stable Builds of OpenJDK

Looking for Zing? The Azul Zing Virtual Machine is now Azul Zulu Prime Builds of OpenJDK and part of Azul Platform Prime. Learn more.

Note
This page contains release notes for versions 20.02.1.0 and newer.

Azul Zulu Prime Builds of OpenJDK are available in two versions:

  1. Stream Builds: Fast-moving monthly releases (end of the month) that include all of the latest features and changes that are part of PSU releases. Free for development and evaluation. Use in production requires an active subscription.

    Current latest: 22.10.0.0

  2. Stable Builds: Builds that incorporate only CPUs, PSUs, and Azul Platform Prime critical fixes and do not uptake new features and non-critical enhancements from Stream Builds. Stable Builds are our primary vehicle for delivering time-sensitive bug-fixes to customers and are only available to Azul customers.

    Current latest: 22.08.200.0 and 22.02.501.0



Latest Stream Build

22.10.0.0

Release Notes PDF

Release date: October 31, 2022

This CPU/PSU release is based on Azul Platform Prime 22.09.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u352-b08

11

11.0.17+8

13

13.0.13+5

15

15.0.9+5

17

17.0.5+8

What’s New

  • October 2022 CPU and PSU release security fixes

  • Compatibility with Cloud Native Compiler (CNC) version 1.5

  • Support for the GA release of Azul Vulnerability Detection (AVD).

  • Changes for containers regarding thread pool size calculation and number of available CPUs.

    With the October 2022 release of Java 11 and 17, the default calculation of available CPU cores will change, following JDK-8281181. Previously, the number of available CPU cores was in some situations calculated based on the lower bound defined in the environment. With the change in this release, the lower bound won’t be used anymore and the calculation will only be based on the upper limit of the environment. If in container-based systems no upper limit is defined, the total number of CPUs on the host machine is read as upper limit.

    A situation where a change will occur is, for example, a Kubernetes container where neither CPU requests nor CPU Limits are set, as previously the JVM would select only 1 CPU core as available in this situation while after the chance, it will select all available CPU cores of the environment which can lead to higher resource usage as thread pools of various open source frameworks are using this calculation for sizing. To verify if your systems are effect, check especially those where no upper limit is defined.

    In case you need to switch back to the previous calculation, add -XX:+UseContainerCpuShares to the Java command line.

    Other terms used in the context of CPU definitions are for lower bound "CPU Requests" or "cgroups cpu.shares", and for upper limit "CPU Limits" or "cgroups cpu.cfs_quota_us".

    When both quota and shares are specified for a cgroup and UseContainerCpuShares is true, the number of GC and compiler threads are derived based on a total processor count calculated as (quota+shares)/2. When UseContainerCpuShares is false the number is derived based on a total processor count calculated as (quota/2).

    To check the current setting, for example, to compare previous and current Java versions in your environment, use the following example to display the actual number of CPUs as seen by application code and run it inside your container environment:

    File AvailableCPUs.java:

     
    public class AvailableCPUs { public static void main(String[] args) { System.out.println("CPUs: " + Runtime.getRuntime().availableProcessors()); } }

    To run it:

     
    java -showversion AvailableCPUs.java

Known Issues

  • There are no new issues to report in this release.

Resolved Issues

  • ZVM-25268 - As a part of the PSU update, UseContainerCpuShares has been set to false (off) by default.

  • ZVM-22642 - The GC log now reports data from remote compilations which can be viewed in GC Log Analyzer.


Latest Stable Builds

22.08.200.0

Release Notes PDF

Release date: November 15, 2022

This release is based on Azul Platform Prime 22.08.101.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u352

11

11.0.17

13

13.0.13

15

15.0.9

17

17.0.5

What’s New

  • Internal bug fixes.

  • October 2022 PSU release security fixes

  • Important information regarding Java in containers (Docker, Kubernetes, and related) about automatic thread pool size calculation and number of CPUs available to the application:

    While in the general October 2022 release of Java 11 and 17, the default calculation of available CPU cores has changed in container environments following JDK-8281181, this change wasn’t made in the Azul Platform Prime stable release 22.08.200.0 to allow seamless transition from previous stable versions.

    That means, Azul Platform Prime 22.08 differs in this aspect from current OpenJDK. In practical use, this difference will only affect those situations where a new migration from OpenJDK to Prime 22.08 is started. If you notice your application performance being affected during such a transition from OpenJDK to Prime 22.08 add -XX:-UseContainerCpuShares to the Java command line to switch Azul Platform Prime to the same new calculation method as OpenJDK.

    To check your environment in general about this change, independent of whether it is running on OpenJDK or Azul Platform Prime, run the following command inside your container to display the actual result of the available CPU number calculation:

    Save the following code to file AvailableCPUs.java:

     
    public class AvailableCPUs { public static void main(String[] args) { System.out.println("CPUs: " + Runtime.getRuntime().availableProcessors()); } }

    Run it:

     
    java -showversion AvailableCPUs.java

Known Issues

  • There are no new issues to report in this release.

Resolved Issues

Issue ID Description

ZVM-25457

Backport issue JDK-8208172 which allows for NULL messages in class resolution errors.


22.02.501.0

Release Notes PDF

Release date: November 7, 2022

This release is based on Azul Platform Prime 22.02.500.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u351b01

11

11.0.16.1.101+3

13

13.0.12.0.101+2

17

15.0.8.0.101+2

17

17.0.4.1.101+2

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


Previous Stream Builds

22.09.0.0

Release Notes PDF

Release date: September 30, 2022

This release is based on Azul Platform Prime 22.08.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16.1+1

13

13.0.12+4

15

15.0.8+4

17

17.0.4.1+1

What’s New

  • Internal bug fixes.

  • Improved accuracy of RSS metric reported in GC log (C heap usage). With this improvement, the reported memory usage in GC log will give more accurate results.

  • The Allocation Pacing feature is turned on by default in non-ZST mode. This will help reduce peak allocation delays while introducing smaller delays into allocation paths as heap usage approaches the total Java heap committed. To turn off the feature use -XX:-GPGCUseAllocationPacing.

Known Issues

  • There are no new issues to report in this release.

Resolved Issues

  • There are no resolved issues associated with this release.

22.08.0.0

Release Notes PDF

Release date: August 30, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16.1+1

13

13.0.12+4

15

15.0.8+4

17

17.0.4.1+1

What’s New

  • Internal bug fixes.

  • ZVM-24576 - New feature, Allocation Pacing, to help protect against long allocation delays. When enabled, the virtual machine adds smooth delays to allocations as the heap usage approaches the maximum. This new feature helps prevent long allocation delays caused by memory exhaustion and helps the garbage collector keep up. To enable the feature, use -XX:+GPGCUseAllocationPacing, available in non-ZST mode only.

  • ZVM-24277 - Implemented StringUTF16.compress

Resolved Issues

Issue ID Description

ZVM-24429

Using Xlog:safepoint could cause long pauses under I/O contention

ZVM-24614

PrintCodeCacheMap could cause application crash at exit time.

ZVM-24455

LockOpt::eliminateNestedLock could sometimes add an invalid/stale value to the deopt bundle which could potentially lead to crashes.

Known Issues

  • There are no new issues to report in this release.


22.07.1.0

Release Notes PDF

Release date: August 9, 2022

This release is based on Azul Platform Prime 22.07.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16

13

13.0.12

15

15.0.8

17

17.0.4

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

JDK-8290832

It was no longer possible to change user.dir in JDK8 due to changes in the previous release of OpenJDK, causing compatibility issues. Those changes have been rolled back so that user.dir may be changed.

Known Issues

  • There are no new issues to report in this release.


22.07.0.0

Release Notes PDF

Release date: July 29, 2022

This PSU release is based on Azul Platform Prime 22.06.0.0 and 22.02.300.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u342

11

11.0.16

13

13.0.12

15

15.0.8

17

17.0.4

What’s New

  • July 2022 PSU release fixes.

  • ZVM-24301 - New command line option UseContainerCpuShares, default true, to consider CPU shares when computing available processors inside a cgroup. This option was backported from OpenJDK 17 and it is important to note that while OpenJDK has a default value of false, the default value in Azul Platform Prime is true.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2022-34169

JAXP (Xalan-J)

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21541

Hotspot

Multiple

Yes

5.9

Network

High

None

None

Unchanged

None

High

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21540

Hotspot

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21549

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17

Note 1

CVE-2022-25647 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Native Image (Gson)

None

No

6.2

Local

Low

None

None

Unchanged

None

None

High

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and relies on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

  • There are no resolved issues associated with this release.

Known Issues

Issue ID Description

ZVM-16112

Applications using munlockall() require -XX:-UseThreadStateNativeWrapperProtocol on the command line to avoid crash or inconsistency if the rare situation occurs that the application gets swapped out after the munlockall() invocation.


22.06.0.0

Release Notes PDF

Release date: June 30, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15+10

13

13.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-14341

NMT detailed mode allows user to track internal VM memory usage to the granularity of a single callsite. This feature is also very useful in case the user needs to find a memory leak.

ZVM-24010

Optimized layout of GC internal data structure, improving native memory consumption by the garbage collector (GC).

ZVM-23142

Improved virtual memory regions initialization to handle rare situations when there are existing mappings in preferred ranges. In such cases, the JVM previously failed to start with the error "Unable to setup virtual memory region for …​".

ZVM-24118

Fixed crashes caused by constantPoolOopDesc::tag_at(int)

ZVM-23983

async-profiler v2.7+ cpu profiling is now working with Prime.

Known Issues

Issue ID Description

-

Aarch64 support is limited to Graviton 2 and 3. Graviton 1 is not yet supported.

ZVM-20142

Async profiler activemq crashed with 'assert(false) failed: Should never reach here'

ZVM-17531

Wildfly app-server hangs when Async Java Profiler is attached.

ZVM-16393

Async profiler does not show object type in "-e alloc" mode on Zulu Prime


22.05.0.0

Release Notes PDF

Release date: May 31, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15+10

13

13.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-21804

In container systems with an elastic CPU definition (CPU min and max both set or cgroups cpu.shares and cpu.quota both defined) Runtime.availableProcessors() now returns the same value as on OpenJDK (the upper limit). Previously it returned the lower bound. That API method is often used to size application thread pools.

Known Issues

  • There are no new issues to report in this release.


22.04.1.0

Release Notes PDF

Release date: May 24, 2022

This release is based on Azul Platform Prime 22.04.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15+10

13

13.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

Resolved Issues

  • There are no resolved issues associated with this release.

Known Issues

  • There are no new issues to report in this release.


22.04.0.0

Release Notes PDF

Release date: May 6, 2022

This CPU and PSU release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15+10

13

13.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • April 2022 CPU and PSU security fixes.

  • Enable elimination of safepoint pauses for finding deadlocks operations by first attempting to complete them using a checkpoint using the option -XX:[+/ -]OptimizeFindDeadlocksWithCheckpoint. If a deadlock is detected in the checkpoint, it is then confirmed using a safepoint pause.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2018-25032

ZIP

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

17, 15, 13, 11, 8, 7, 6

CVE-2022-21449

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

18, 17, 15

Note 1

CVE-2022-21476

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

High

None

None

18, 17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21426

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21434

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21496

JNDI

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21443

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-0778 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (OpenSSL)

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

Issue ID Description

ZVM-21804

In container systems with an elastic CPU definition (CPU min and max both set or cgroups cpu.shares and cpu.quota both defined) Runtime.availableProcessors() now returns the same value as on OpenJDK (the upper limit). Previously it returned the lower bound. That API method is often used to size application thread pools.

ZVM-23002

Added support for cgroups v2.

ZVM-23091

Deadlock detection was being performed using safepoint pauses in prior releases. Starting 22.04 Prime attempts to detect deadlock using checkpoints which do not cause a global pause. If the checkpoint operation indicates the possibility of a deadlock, Prime will resort to a safepoint to confirm the same.

Known Issues

  • There are no new issues to report in this release.


22.03.0.0

Release Notes PDF

Release date: March 31, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-21804

In container systems with an elastic CPU definition (CPU min and max both set or cgroups cpu.shares and cpu.quota both defined) Runtime.availableProcessors() now returns the same value as on OpenJDK (the upper limit). Previously it returned the lower bound. That API method is often used to size application thread pools.

Known Issues

  • There are no new issues to report in this release.


22.02.0.0

Release Notes PDF

Release date: February 28, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Miscellaneous bug fixes and performance improvements.

Resolved Issues

  • There are no resolved issues to report in this release.

Known Issues

  • There are no new issues to report in this release.


22.01.2.0

Release Notes PDF

Release date: February 14, 2022

This PSU release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Missing fixes from the January 22 PSU release of OpenJDK.

  • January 2022 PSU release security fixes.

  • Various performance improvements.

Resolved Issues

  • There are no resolved issues to report in this release.

Known Issues

  • There are no new issues to report in this release.


22.01.1.0

Release Notes PDF

Release date: February 7, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Small critical bug fixes over Azul Platform Prime 22.01.0.0.

  • January 2022 PSU release security fixes.

  • Various performance improvements.

Resolved Issues

  • There are no resolved issues to report in this release.

Known Issues

  • There are no new issues to report in this release.


22.01.0.0

Release Notes PDF

Release date: January 31, 2022

This PSU release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • January 2022 PSU release security fixes.

  • Various performance improvements.

Resolved Issues

Issue ID Description

ZVM-21048

When -XX:+UseLargePages is used and the number of static huge pages reserved by nr_hugepages is insufficient for the total heap, Prime failed to start. Now it matches OpenJDK behavior and continues as expected.

ZVM-22049

OldGC is not triggered often enough during idle time when NewGCs are occurring.

ZVM-22063

Map OpenJDK command line option UseCountedLoopSafepoints onto KeepSafepointsInCountedLoops.

ZVM-19635

Avoid lock in ByteArrayInputStream.read if it is used as an input of ObjectInputStream.

ZVM-20678

Improved performance of string collation and iteration.

Known Issues

  • There are no new issues to report in this release.


21.12.0.0

Release Notes PDF

Release date: December 20, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13+8

13

13.0.9+3

15

15.0.5+3

17

17.0.1+12

What’s New

  • Photon OS is now supported.

  • Improved performance of string collation and character iteration. You can enable the use of the custom implementation of RuleBasedCollator using the option -XX:+UseModifiedRuleBasedCollator. This option is false by default.

  • Docker images for Prime are now available.

Resolved Issues

Issue ID Description

ZVM-21048

When -XX:+UseLargePages is used and the number of static huge pages reserved by nr_hugepages is insufficient for the total heap, Prime failed to start. Now it matches OpenJDK behavior and continues as expected.

ZVM-22049

OldGC is not triggered often enough during idle time when NewGCs are occurring.

ZVM-22063

Map OpenJDK command line option UseCountedLoopSafepoints onto KeepSafepointsInCountedLoops.

ZVM-19635

Avoid lock in ByteArrayInputStream.read if it is used as an input of ObjectInputStream.

ZVM-20678

Improved performance of string collation and iteration.

Known Issues

There are no new issues to report in this release.


21.10.1.0

Release Notes PDF

Release date: December 14, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13

13

13.0.9

15

15.0.5

What’s New

  • Azul Platform Prime 21.10.1.0 contains the same features as 21.10.0.0.

Resolved Issues

Issue ID Description

ZVM-21884

Failure during startup when the kernel does not have support for Transparent Huge Pages (THP) feature, or does not support making madvise(2) calls with MADV_NOHUGEPAGE.

ZVM-22052

Cassandra fails when ulimit -l unlimited is set to allow more mlock than the Linux default. This issue affected only Prime version 21.10.0.0.

Known Issues

There are no new issues to report in this release.


21.10.0.0

Release Notes PDF

Release date: October 29, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13

13

13.0.9

15

15.0.5

What’s New

  • Includes all October 2021 CVE fixes.

  • Azul Platform Prime 21.10.0.0 contains the October 2021 CPU release of OpenJDK. Azul Platform Prime 21.10.0.0 brings the associated JDK 7, JDK 8, JDK 11, JDK 13, and JDK 15 versions to October 2021 CPU security update levels.

  • The peak heap occupancy target, used by heuristics to decide when to trigger a garbage collection, is now managed dynamically by default. The dynamic changes can be disabled by setting GPGCTargetPeakHeapOccupancyPercent to a desired value.

  • Increased parallelism between collectors for the new generation and old generation. Helps reduce the peak duration for a new generation collection and reduce allocation delays during peak load.

  • The number of concurrent GC threads is now changed dynamically when -Xms is set to the same value as -Xmx, or when Azul Zulu Prime System Tools (ZST) is installed. At JVM start a low number of concurrent GC threads is employed. If later during application uptime the GC Time Percent metric increases beyond a threshold, more GC threads are added to reduce the number of GC cycles. The limit for the total number of GC threads is 3/4 of the process' available CPU threads. As of this Prime version, the number of threads will never shrink later.

    To disable the dynamic handling, use the following on the command line: -XX:-UseDynamicNumberOfGCThreads

    If one of the following flags is set on the command line, the dynamic handling will also be disabled:

    • -XX:GPGCThreads=N

    • -XX:GenPauselessNewThreads=N

    • -XX:GenPauselessOldThreads=N

  • General performance improvements.

  • More intrinsics from Java 17.

Resolved Issues

Issue ID Description

ZVM-xxxx

High CPU utilization by HeapCommit thread in some specific scenarios. This only applies when -Xms isn’t set or set to less than -Xmx.

ZVM-xxxx

Fixes crash on JVM start on Ubuntu 21.10 (Impish) and CentOS 9 Stream (beta).

Known Issues

There are no new issues to report in this release.


21.09.1.0

Release Notes PDF

Release date: October 14, 2021

This release is based on Azul Platform Prime 21.09.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • Initial support for Cloud Native Compiler. Cloud Native Compiler provides a server-side optimization solution that offloads JIT compilation to dedicated hardware, providing more processing power to JIT compilation while freeing your client JVMs from the load of doing JIT compilation.

  • General performance improvements.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.09.0.0

Release Notes PDF

Release date: September 29, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • General performance improvements.

  • GC log line has been expanded to include additional information for heap elasticity.

  • Introduces a new JFR event named "Deoptimization" which arises when previously compiled code gets discarded. The event is useful in troubleshooting performance issues including low throughput and high CPU utilization.

Resolved Issues

Issue ID Description

ZVM-21015

High pause time during OldGC due to unloading of a long chain of subclasses.

ZVM-19788

Installation packages are now signed.

ZVM-20927

Abort the VM if GC safepoint operation time exceeds a configurable threshold. See the new GC options: DieOnSafepointOperationTimeout and SafepointOperationTimeoutDelayMS

ZVM-17584

Introduces a new JFR event named "Deoptimization" which arises when previously compiled code gets discarded. The event is useful in troubleshooting performance issues including low throughput and high CPU utilization.

Installation Changes

A new directory is created during installation: /etc/connected-compiler.

Known Issues

There are no new issues to report in this release.


21.08.0.0

Release Notes PDF

Release date: August 31, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • Improved performance with large Java heaps on Intel Ice Lake systems with 5-level page tables.

  • Introduces support for Intel’s Ice Lake 5-level paging.

  • Support for dynamically varying garbage collector thread counts with the GPGCDynamicGCThreadCountPolicy option. See command line options for more details.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.07.0.0

Release Notes PDF

Release date: July 30, 2021

This CPU and PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • Incorporates all of the changes from the July 2021 CPU release and most of the changes from the July 2021 PSU release.

  • Various performance improvements including improved locking, stack-walking behavior for performance.

  • Loop unrolling improvements.

  • Java heap elasticity is turned on by default when not using the Prime System Tools (ZST). This means that -Xms is now recognized along with -Xmx. The default values also match OpenJDK. For latency sensitive applications it is advised to set -Xms equal to -Xmx to preserve the old behaviour. See Recommended Heap Size for more details.

Installation Directory Changes

The following file was added to the installation directory: crs-agent.jar.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.06.0.0

Release Notes PDF

Release date: June 30, 2021

This release is based on Azul Platform Prime 21.04.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • Additional improvements of the Heap Elasticity feature introduced in 21.05.0.0. Improved memory allocation handling in Heap Elasticity mode to avoid exceeding the container/cgroups memory limit.

  • Fixed many issues with Async Profiling.

  • Various performance improvements with Falcon compiler:

    • Fixed extra spills causing performance penalties by supporting live gc values on registers for calls which can throw exceptions

    • Improved performance of applications that frequently use Unsafe.allocateInstance.

    • Implemented nested locks elimination optimization for multiple nested locks on a given object under the condition that the nested lock state is not inspected.

Resolved Issues

Issue ID Description

ZVM-19710

Profiling with cpu/wall events yeilds unusable results

ZVM-20081

Startup failure when specifying Xms larger than 25% of RAM, when -XX:+GPGCNoZSTHeapElasticity is specified and Xmx is not specified.

ZVM-19972

JVM memory metrics like Runtime.getRuntime.totalMemory() and Runtime.getRuntime.maxMemory() and related like java.lang.management.MemoryMXBean now include JVM-internal memory usage and will show a few MBytes larger numbers now. Calculations and methods around free memory calculation are not affected and will return the same results as before. That means for example Runtime.getRuntime.freeMemory() or difference calculation between attributes like "used" and "total" memory will also result in the same as in previous releases. See Recommended Heap Size for details.

Known Issues

There are no new issues to report in this release.


21.05.1.0

Release Notes PDF

Release date: July 12, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • A fix for bug ZVM-20496 which turns opt-boxing-rewrite-loads off by default to avoid miscompiles in certain code patterns.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.05.0.0

Release Notes PDF

Release date: May 31, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • Non-ZST Heap Elasticity introduced. See Recommended Heap Size for details. When heap elasticity is enabled, the Garbage Collector tries to minimize the memory footprint, keeping it between the user- defined range of -Xms and -Xmx. At the same time, the CPU usage of the Garbage Collector is monitored and the memory minimizing goal relaxed in case the CPU usage increases too much. Heap Elasticity is not available when Azul Zulu System Tools (ZST) is installed.

  • Azul Platform Prime 21.05.0.0 makes the OpenJDK C1 OSR the default OSR for the Falcon compiler. The C1 OSR takes much less time and CPU resources to fully optimize your code to steady-state performance.

  • Stream Builds (previously known as Feature Releases) are now free for use in development and evaluation. As such, the builds no longer check for an evaluation license.

  • Latency improvement for applications with frequent Unsafe.get() and put() calls.

  • Fixed heap dump compatibility issue that prevented opening Azul Zulu Prime head dumps in IntelliJIdea.

  • Enabled jcmd ManagementAgent command option support.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.04.0.0

Release Notes PDF

Release date: April 30, 2021

This CPU and PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • April 2021 CPU and PSU fixes.

  • Quicker acquisition of transparent huge pages on Ubuntu, Amazon Linux or similar Linux systems with kernel 4.19.7 or newer in non-ZST mode. This can help get peak performance earlier as well as enable faster java process restart when THP is configured.

  • Default value of Xmx in cgroups is now the minimum of 25% of cgroup memory limit and 32 GB. Prior to 21.04.0.0, it was 25% of cgroup memory limit.

  • Reduced code cache usage for applications with high number of classes or interfaces and a large number of associated methods.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2021-2161

Libraries

Multiple

Yes

5.9

Network

High

None

None

Unchanged

None

High

None

16, 15, 13, 11, 8, 7, 6

Note 1

CVE-2021-2163

Libraries

Multiple

Yes

5.3

Network

High

None

Required

Unchanged

None

High

None

16, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-23841 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (OpenSSL)

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2021-3450 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

HTTPS

Yes

7.4

Network

High

None

None

Unchanged

High

High

None

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. It can also be exploited by supplying untrusted data to APIs in the specified Component.

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.03.0.0

Release Notes PDF

Release date: March 31, 2021

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

13

13.0.6+5

15

15.0.2+7

What’s New

  • Enhanced Compatibility With Data Management Platforms

    ZVM 21.03.0.0 improves compatibility between the MXBean memory pool names and names expected by in- memory data management systems (e.g., Pivotal GemFire 8.2).

  • JFR Event Streaming allows to asynchronously subscribe to select JFR events and avoid the overhead associated with creating a recording in JDK 15.

  • Various performance improvements, like enhancements to tracking of garbage-collection roots, compiler optimizations for aggressive lock coarsening, and an experimental ReadyNow! mode that enables the pre-initialization of a greater number of bootstrap classes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.0.0

Release Notes PDF

Release date: February 26, 2021

This release is based on Azul Platform Prime 21.01.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

13

13.0.6+5

15

15.0.2+7

What’s New

  • Introduces medium-term support (MTS) for Java Standard Edition 15. See Azul Product Support Lifecycle for more information.

  • Additional non-security changes associated with the January 2021 Patch Set Updates (PSU) OpenJDK 7u292, OpenJDK 8u282, OpenJDK 11.0.10, OpenJDK 13.0.6 and OpenJDK 15.0.2 release contents.

  • Load value barriers for reference equality checks are optimized within loops. Azul Zulu Prime JVM also optimizes more such checks aggressively by considering both operands of the equality check.

  • Improved object locking with better monitor inflation behavior.

  • The functionality of UseCodeCacheFlushing is offered under UseIncrementalCodeCacheFlushing in Azul Zulu Prime JVM 21.02.0.0. However, Azul Zulu Prime JVM has emergency code cache flushing turned on by default, see UseEmergencyCodeCacheFlushing in Using Azul Zulu Prime JVM Command-Line Options for details.

  • Early-access support for ReadyNow! Image, an experimental warm-up optimizer based on ReadyNow! and Linux Checkpoint/Restore In Userspace (CRIU).

    Azul Zulu Prime JVM 21.02.0.0 installation contains ReadyNow! Image files in the /etc/rni/ directory: ` `criu libnet.so.1 libnl-3.so.200 libprotobuf-c.so.1 restore-script wait-script

  • Azul Zulu Prime JVM 21.02.0.0 includes optional experimental support for interaction with connected runtime services through an emerging protocol in Azul Zulu Prime JVM 13. Note that for Azul Zulu Prime JVM 8 and Azul Zulu Prime JVM 11 this support was introduced in Azul Zulu Prime JVM 21.01.0.0.

    Azul Zulu Prime JVM 21.02.0.0 installation contains the following files related to the services:

    • jmods/azul.crs.jfr.access.jmod

    • legal/azul.crs.jfr.access/ADDITIONAL_LICENSE_INFO

    • legal/azul.crs.jfr.access/ASSEMBLY_EXCEPTION

    • legal/azul.crs.jfr.access/CLASSPATH_EXCEPTION_NOTE

    • legal/azul.crs.jfr.access/LICENSE

    • lib/crs-agent.jar

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.01.0.0

Release Notes PDF

Release date: January 29, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

13

13.0.6+5

What’s New

  • C2 Improvement

    The default JIT compiler on Azul Zulu Prime JVM JDK 8 and JDK 7 is changed from SeaOfNodesC2 to KestrelC2 when the Azul Zulu Prime JVM C2 mode is enabled with -XX:+UseC2.

    For Azul Zulu Prime JVM JDK 11, this improvement was made in Azul Zulu Prime JVM 20.04.0.0.

    KestrelC2 is a C2 implementation introduced to Azul Zulu Prime JVM in 2020. It is based on a lightweight use of the LLVM backend and typically produces faster code than UseSeaOfNodesC2 while keeping compilation effort at similar levels. UseKestrelC2 generally exhibits a significantly lower compilation-time CPU consumption compared to Falcon.

    See Using Azul Zulu Prime JVM Command-Line Options for -XX:[+/-]UseKestrelC2 and -XX:[+/-]UseSeaOfNodesC2 command-line options and details.

    The default JIT compiler in Azul Zulu Prime JVM is the high-performance Falcon introduced in 2017.

  • New Experimental Features

    Azul Zulu Prime JVM 21.01.0.0 includes optional experimental support for interaction with connected runtime services through an emerging protocol in Azul Zulu Prime JVM 11 and Azul Zulu Prime JVM 8.

    These experimental capabilities are enabled by the ‑XX:+UseCRS command-line option and turned off by default. Being an experimental Azul Zulu Prime JVM option, it must be unlocked by preceding ‑XX:+UnlockExperimentalVMOptions.

  • Performance Improvement

    Azul Zulu Prime JVM 21.01.0.0 introduces an improved escape analysis for arrays in the Falcon compiler.

    The improvement includes an optimization for array reallocation pattern (e.g., java.util.Arrays.copyOf) to avoid redundant copying. Notably, this optimization improves the performance of string concatenation using the StringBuilder class by the elimination of excessive reallocations of the underlying StringBuilder buffer.

  • Support for EdDSA Signature Algorithm

    Azul Zulu Prime JVM 21.01.0.0 introduces the OpenEdDSA provider which can be used for cryptographic signatures using the Edwards-Curve Digital Signature Algorithm (EdDSA) in Azul Zulu Prime JVM 8 with no application or code changes. See JEP 339: Edwards-Curve Digital Signature Algorithm (EdDSA) for details.

    The OpenEdDSA public API is provided in the org.openeddsa.java.security.interfaces and org.openeddsa.java.security.spec packages.

    To enable the OpenEdDSA provider, do either of the following:

    • configure the Java Runtime Environment for the OpenEdDSA provider by adding the entry below to the $JAVA_HOME/jre/lib/security/java.security file

       
      security.provider.10=org.openeddsa.security.OpenEdDSA
    • add the OpenEdDSA provider directly to your code

       
      // Add OpenEdDSA provider java.security.Security.addProvider(new org.openeddsa.security.OpenEdDSA());

Resolved Issues

Issue ID Description

ZVM-18362

A compiler crash due to incorrect transformation of Compare And Swap on an unescaped object.

ZVM-18233

21.01.0.0 20.08.201.0

Known Issues

There are no new issues to report in this release.


20.12.0.0

Release Notes PDF

Release date: December 18, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u285

8

8u275

11

11.0.9.1+1

13

13.0.5.1+1

What’s New

  • Azul Zulu Prime JVM 20.12.0.0 incorporates additional non-security changes associated with the October Patch Set Updates (PSU) 2020 OpenJDK 7u285, OpenJDK 8u275, OpenJDK 11.0.9.1, and OpenJDK 13.0.5.1 release contents.

  • Azul Zulu Prime JVM 20.12.0.0 introduces an enhanced induction variable analysis and range checks removal mechanism. Particularly, improved range check elimination capabilities for decrementing loops of the following type:

     
    for (int i = array.length - 1; i >= 0; i--) { array[i] = ... }

Resolved Issues

Issue ID Description

ZVM-18035

Backport of JDK-8202837 and JDK-8214513 to Zing 8.

ZVM-17938

Setting InitalHeapSize and MaxHeapSize the same fails in non-ZST mode. This affects applications such as ElasticSearch which insists that Initial Heap Size be equal to Maximum Heap Size.

ZVM-17430

JarFile constructor exception in JDK 11.0.8.

ZVM-17346

System data collected for GC logging could cause oom-killer invocation and kernel panic when java is launched under the root user.

ZVM-16051

Provide FalconTrustInterfaceTypesForArrayStore to move interface type conformance check from the VM to the application. This can improve throughput variability for some applications. ‑XX:+UnlockExperimentalVMOptions is required to use ‑XX:+FalconTrustInterfaceTypesForArrayStore.

Known Issues

There are no new issues to report in this release.


20.10.0.0

Release Notes PDF

Release date: October 30, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u281

8

8u271

11

11.0.8.0.101+5

What’s New

  • Azul Zulu Prime JVM 20.10.0.0 brings the associated JDK 7, JDK 8, JDK 11 and JDK 13 versions to October 2020 Critical Patch Update (CPU) security update levels and incorporates changes related to OpenJDK 7u281, OpenJDK 8u271, OpenJDK 11.0.8.0.101, and OpenJDK 13.0.4.0.101 release contents.

  • Azul Zulu Prime JVM 20.10.0.0 includes loop form fixes to increase performance of loops by simplified triggering of enabled vectorization methods. The optimization is enabled by default.

  • Azul Zulu Prime JVM 20.10.0.0 contains an improved allocation mechanism which has a positive impact on the Azul Zulu Prime JVM's performance. The optimization is enabled by default.

  • Azul Zulu Prime JVM 20.10.0.0 introduces method counters across JVM runs, which enables ReadyNow! to build a profile over multiple short runs when the number of orders is low.

Resolved Issues

Issue ID Description

ZVM-17662

Fix confusing error message when calling Zing MXBeans APIs without specifying -XX:+UseZingMXBeans.

ZVM-17168

Checkpoint timeout crash while running async-profiler along with Zing.

ZVM-16971

Compiler crash with signature polymorphic invokedynamic calls.

Known Issues

There are no new issues to report in this release.


20.09.1.0

Release Notes PDF

Release date: October 19, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

13

13.0.4+8

What’s New

Resolved Issues

Issue ID Description

ZVM-17453

Final field optimizations can miscompile in code compiled with Javac11 and above.

Known Issues

There are no new issues to report in this release.


20.09.0.0

Release Notes PDF

Release date: September 30, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

13

13.0.4+8

What’s New

  • Azul Zulu Prime JVM 20.09.0.0 introduces Medium Term Support for Java SE 13. See Azul Product Support Lifecycle for more information.

  • Azul Zulu Prime JVM 20.09.0.0 includes accelerated copying of large array chunks. The optimization is enabled by default. See UseArrayCopyChunkingIntrinsics in Using Azul Zulu Prime JVM Command-Line Options for details.

  • Azul Zulu Prime JVM 20.09.0.0 provides a performance improvement for org.apache.logging.log4j.util.StackLocator.getCallerClass(), which maximizes logging performance when using log4j versions 2.13.1 - 2.13.3 on Azul Zulu Prime JVM 8 and log4j versions 2.9.0 - 2.13.3 on Azul Zulu Prime JVM 11+. The improvement is disabled by default. See UseLog4jGetCallerClassIntrinsic in Using Azul Zulu Prime JVM Command-Line Options for details.

  • Azul Zulu Prime JVM 20.09.0.0 introduces unified Garbage Collection (GC) logging that utilizes unified JVM logging framework (JEP 271: Unified GC Logging). See Unified GC Logging Recommendations to learn more.

Resolved Issues

Issue ID Description

ZVM-16945

Core bundler: pid extraction can select more than one line.

ZVM-16239

Racy initialization logic in GraphBuilder::initialize(): under rare circumstances another thread can observe the _is_initialized flag set before the static fields _can_trap and _is_async are actually initialized.

Known Issues

There are no new issues to report in this release.


20.08.0.0

Release Notes PDF

Release date: August 31, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u262

11

11.0.8+10

What’s New

  • Azul Zulu Prime JVM 20.08.0.0 incorporates additional non-security changes associated with the July Patch Set Updates (PSU) 2020 OpenJDK 7u272, OpenJDK 8u265, and OpenJDK 11.0.8 release contents.

  • NONEwithDSAinP1363Format is included in signature algorithms enabled in Azul Zulu Prime JVM 20.08.0.0 by default. NONEwithDSAinP1363Format is scheduled for removal in the following release of the Azul Zulu Prime JVM Virtual Machine. Since the algorithm is not supported in other JDK 8 virtual machines, it is recommended to migrate to Digital Signature Algorithms with ASN.1 encoded signature bytes.

  • Azul Zulu Prime JVM 20.08.0.0 introduces multiple optimizations that significantly increase performance on a set of Java Stream API scenarios.

  • Azul Zulu Prime JVM 20.08.0.0 introduces a new version string format that includes a matching OpenJDK release number.

  • Version 1 of the GC Log Analyser has reached its end-of-life and is removed from Azul Zulu Prime JVM 20.08.0.0. Version 2 of the GC Log Analyzer is available for download at https://cdn.azul.com/gcla/GCLogAnalyzer2.jar.

Resolved Issues

Issue ID Description

ZVM-16504

Crash in guarantee(_deopt_list_len < sizeof(_deopt_list)/sizeof(_deopt_list[0])) failed: make deopt_list bigger.

Known Issues

There are no new issues to report in this release.


20.07.0.0

Release Notes PDF

Release date:

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u262

11

11.0.8+10

What’s New

  • Azul Zulu Prime JVM 20.07.0.0 brings the associated JDK 7, JDK 8, and JDK 11 versions to July 2020 Critical Patch Update (CPU) security update levels and incorporates changes related to OpenJDK 7u271, OpenJDK 8u261, and OpenJDK 11.0.7.0.101 release contents.

  • The lock-less Java Native Interface (JNI) protocol is enabled by default in Azul Zulu Prime JVM 20.07.0.0. See Using Azul Zulu Prime JVM Command-Line Options for the UseThreadStateNativeWrapperProtocol option and details.

  • Azul Zulu Prime JVM 20.07.0.0 introduces optimization in object allocation (internal new_stub() function) for improved performance in TLAB allocation intensive applications. The optimization is enabled by default.

  • Starting with Azul Zulu Prime JVM 20.07.0.0, Azul Zulu Prime JVM 8 supports TLS 1.3 by default and follows the application programming interface (API) changes introduced by Maintenance Release 3 to the Java SE 8 specification.

Resolved Issues

Issue ID Description

ZVM-15833

Add additional logging of padding sizes.

Known Issues

Issue ID Description

20.06.0.0

Release Notes PDF

Release date:

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u262

8

8u252

11

11.0.7+10

What’s New

  • The release of Azul Zulu Prime JVM 20.06.0.0 includes ReadyNow! improvements for faster warmup and smaller footprint.

  • Azul Zulu Prime JVM 20.06.0.0 introduces a JNI exception checking optimization. See Using Azul Zulu Prime JVM Command-Line Options for the UseFastJNIExceptionCheck option and details.

  • Azul Zulu Prime JVM 20.06.0.0 provides full elasticity support for code cache. See Using Azul Zulu Prime JVM Command-Line Options for the InitialCodeCacheSize, ReservedCodeCacheSize, and CodeCacheOopTableSize options and details.

  • Azul Zulu Prime JVM 20.06.0.0 includes a further improvement of JDK 11 java.lang.StackWalker which is frequently used by log4j2 and other logging implementations. See also https://openjdk.java.net/jeps/259 and java.lang.StackStreamFactory$AbstractStackWalker.

  • Azul Zulu Prime JVM 20.06.0.0 introduces new diagnostic Java Flight Recorder (JFR) events to simplify error handling.

  • The lock-less Java Native Interface (JNI) protocol is disabled by default. See Using Azul Zulu Prime JVM Command-Line Options for the UseThreadStateNativeWrapperProtocol option and details.

Resolved Issues

Issue ID Description

ZVM-15687

Make -XX:+TraceImplicitNullChecks manageable.

ZVM-12535

JVM flags, ParGCCardsPerStrideChunk and UseCompressedClassPointers, give error.

Known Issues

Issue ID Description

20.05.0.0

Release Notes PDF

Release date: May 29, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u262

8

8u252

11

11.0.7+10

What’s New

  • In Azul Zulu Prime JVM 20.05.0.0, the Java Flight Recorder Tick Profiler becomes enabled by default.

  • In Azul Zulu Prime JVM 20.05.0.0, Java monitors are moved from CodeCache to a new dedicated MonitorCache storage.

  • The release of Azul Zulu Prime JVM 20.05.0.0 includes optimizations targeted at accelerating compilation and warmup.

  • Azul Zulu Prime JVM 20.05.0.0 introduces better JDK 11 java.lang.StackWalker which is frequently used by log4j2 and other logging implementations. See also https://openjdk.java.net/jeps/259 and java.lang.StackStreamFactory$AbstractStackWalker.

  • Azul Zulu Prime JVM 20.05.0.0 provides a reduction of application exit times in the non-ZST mode when a process uses mlockall().

  • Azul Zulu Prime JVM 20.05.0.0 improves the mitigation strategy used by the Falcon compiler to minimize performance impacts due to Intel's microcode updates in response to Jump Conditional Code (JCC) Erratum SKX102. Previous versions inserted nop instructions for padding; the new version can optionally increase the size of existing instructions in some cases. As before, the mitigation is enabled only on affected processors, and no user action is needed.

  • Azul Zulu Prime JVM 20.05.0.0 introduces a testing grace period mode, under which the Azul Zulu Prime JVM JVM can run for up to 60 minutes (3600 seconds) without requiring a valid license. The testing grace period can be enabled by setting the ZING_TESTING_GRACE_PERIOD_SEC environment variable to a number of grace period seconds (up to 3600), or by using the -XX:ZVMTestingGracePeriodSec=N flag with a similar value. See Azul Zulu Prime JVM Testing Grace Period Mode for details.

Resolved Issues

Issue ID Description

ZVM-15452

Crash with problematic frame vframe::next()+0x9e

ZVM-15426

Crash in guarantee(false) failed: derived_oop_slots.contains(dst)!!

ZVM-15024

Crash in guarantee(FMP.getNumFunctions() == 1) failed: exactly one function expected!.

Known Issues

Issue ID Description

20.04.0.0

Release Notes PDF

Release date: April 30, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u262

8

8u252

11

11.0.7+10

What’s New

  • The release of Azul Zulu Prime JVM 20.04.0.0 contains April 2020 critical patch update (CPU) security and critical bug fixes and brings the associated JDK 7, JDK 8, and JDK 11 versions to April 2020 CPU security update levels.

  • Azul Zulu Prime JVM 20.04.0.0 incorporates additional non-security changes associated with the April PSU 2020 OpenJDK 8u252 and OpenJDK 11.0.7 release contents.

  • Starting with Azul Zulu Prime JVM 20.04.0.0, the -XX:+UseC2 option can use one of two separate implementations of C2 JIT compilation: a traditional UseSeaOfNodesC2 mode and a new UseKestrelC2 mode.

  • The new mode is selected with +UseKestrelC2 which is on by default for Azul Zulu Prime JVM 11 and off by default for Azul Zulu Prime JVM 8 and Azul Zulu Prime JVM 7. This mode enables a C2 implementation introduced to Azul Zulu Prime JVM in 2020. It is based on a lightweight use of the LLVM backend and typically produces faster code than UseSeaOfNodesC2 while keeping compilation effort at similar levels. UseKestrelC2 generally exhibits a significantly lower compilation-time CPU consumption compared to Falcon.

    The old mode is selected with +UseSeaOfNodesC2 which is off by default in Azul Zulu Prime JVM 11 and on by default for Azul Zulu Prime JVM 8 and Azul Zulu Prime JVM 7.

    See Using Azul Zulu Prime JVM Command-Line Options for UseKestrelC2 and UseSeaOfNodesC2 command-line options and details.

  • Azul Zulu Prime JVM 20.04.0.0 introduces a compilation time improvement.

  • The release of Azul Zulu Prime JVM 20.04.0.0 introduces an increased maximum Java heap size from 1 TB to 2.5 TB in the default non-ZST mode.

    The maximum Java heap size for the Azul Zulu Prime JVM Virtual Machine with ZST is 20 TB.

  • In Azul Zulu Prime JVM 20.04.0.0, a new Java Flight Recorder functionality allows you to collect profiling data about applications that use JNI invocations.

  • The release of Azul Zulu Prime JVM 20.04.0.0 includes optimizations targeted at reducing JNI transition costs. The cost of a native call from Java was reduced, and the implementation of the accessor functions used to retrieve fields of Java objects from native code was also improved. Most applications will not be affected, but applications with many native transitions (such as a socket or file IO) may see the marked improvement.

    See Using Azul Zulu Prime JVM Command-Line Options for UseFastJNIAccessors, UseMembar, and UseThreadStateNativeWrapperProtocol command-line options and details.

  • Azul Zulu Prime JVM 20.04.0.0 excludes debug symbols embedded in libjvm.so, which reduces the filesystem footprint of a Azul Zulu Prime JVM installation by 280 MB.

    Contact [email protected] if you need to install debug symbols for the Azul Zulu Prime JVM.

Resolved Issues

Issue ID Description

ZVM-15020

Illegal memcpy generated through the optimizer.

ZVM-14815

getPercentJavaHeapOccupiedAfterCollection() returns 0.

ZVM-10128

Runtime.getRuntime().availableProcessors() returns an incorrect value when affinity is set.

Known Issues

Issue ID Description

ZVM-14636

Heap dumps and JVMTI object tagging are not supported with UseEpsilonGC.


20.03.1.0

Release Notes PDF

Release date:

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u252

8

8u242

11

11.0.6+10

What’s New

Resolved Issues

Issue ID Description

Known Issues

Issue ID Description

20.03.0.0

Release Notes PDF

Release date:

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u252

8

8u242

11

11.0.6+10

What’s New

  • The release of Azul Zulu Prime JVM 20.03.0.0 introduces the elimination of redundant boxing conversions and the optimized copying of HashSets.

Resolved Issues

Issue ID Description

Known Issues

Issue ID Description

20.02.1.0

Release Notes PDF

Release date: April 8, 2020

This release is based on Azul Platform Prime 20.02.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u252

8

8u242

11

11.0.6+10

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


20.02.0.0

Release Notes PDF

Release date: February 28, 2020

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u252

8

8u242

11

11.0.6+10

What’s New

  • January 2020 PSU Release.

    This version incorporates additional non-security changes associated with the PSU 2020 OpenJDK 8u242 and OpenJDK 11.0.6 release contents.

  • Deprecation of FalconUseLegacyInliner

    The FalconUseLegacyInliner command-line option is deprecated in Zing 8 and 11 with no replacemen.

Resolved Issues

Issue ID Description

ZVM-14463

Occasionally seen segmentation faults during startup of the servers, which causes the server to fail to start.

ZVM-12506

In Java 11 testing, a rare ZVM 18.12.0.0 crash was observed when returning from the invocation of a MethodHandle routine.

Known Issues

There are no new issues to report in this release.


20.01.0.0

Release Notes PDF

Release date: January 30, 2020

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u251

8

8u241

11

11.0.5.0.101+11

What’s New

  • January 2020 CPU Release.

  • InZVM20.01.0.0, -XX:+FalconCompensateForIntelMCUForErratumSKX102 is an off-by-default option and introduces a nop padding based mitigation for performance regressions seen on some systems following Intel’s microcode updates in response to errata SKX102. This option is expected to become the default in a future Zing release. If enabled, nop padding will be used to align affected branches on systems with the microcode update applied.

    For testing purposes, the flag -XX:+ForceFalconCompensateForIntelMCUForErratumSKX102 is also provided. This can be used to force the generation of nop padded code on unaffected systems for performance validation.

Resolved Issues

Issue ID Description

ZVM-7678

Backport of JDK-8162795 to fix JNI weak handle native memory leak which can occur in some use cases since ZVM 19.02.102.0.

Known Issues

There are no new issues to report in this release.


Previous Stable Builds

22.08.101.0

Release Notes PDF

Release date: October 27, 2022

This release is based on Azul Platform Prime 22.08.100.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u352b01

11

11.0.16.1.101+3

13

13.0.12.0.101+2

15

15.0.8.0.101+2

17

17.0.4.1.101+2

What’s New

  • Internal bug fixes.

Known Issues

  • There are no new issues to report in this release.

Resolved Issues

  • There are no resolved issues associated with this release.


22.08.100.0

Release Notes PDF

Release date: October 18, 2022

This CPU release is based on Azul Platform Prime 22.08.1.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u351b01

11

11.0.16.1.101+3

13

13.0.12.0.101+2

15

15.0.8.0.101+2

17

17.0.4.1.101+2

What’s New

  • October 2022 CPU release security fixes.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2022-21618

JGSS

Kerberos

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11

Note 2

CVE-2022-21626

Security

HTTPS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

15, 13, 11, 8

Note 2

CVE-2022-21628

Lightweight HTTP Server

HTTP

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21619

Security

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8

Note 2

CVE-2022-21624

JNDI

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8

Note 2

CVE-2022-39399

Networking

HTTP

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11

Note 1

CVE-2022-32215 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

HTTPS

Yes

9.1

Network

Low

None

None

Unchanged

High

High

None

None

CVE-2022-21634 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: LLVM Interpreter

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2022-21597 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: JavaScript

HTTP

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

  • There are no resolved issues associated with this release.

Known Issues

  • There are no new issues to report in this release.


22.08.1.0

Release Notes PDF

Release date: September 30, 2022

This release is based on Azul Platform Prime 22.08.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16.1+1

13

13.0.12+4

15

15.0.8+4

17

17.0.4.1+1

What’s New

  • Internal bug fixes.

  • Improved accuracy of RSS metric reported in GC log (C heap usage). With this improvement, the reported memory usage in GC log will give more accurate results.

Resolved Issues

  • There are no resolved issues associated with this release.

Known Issues

  • There are no new issues to report in this release.


22.02.500.0

Release Notes PDF

Release date: October 18, 2022

This CPU release is based on Azul Platform Prime 22.02.401.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u351b01

11

11.0.16.1.101+3

13

13.0.12.0.101+2

17

15.0.8.0.101+2

17

17.0.4.1.101+2

What’s New

  • October 2022 CPU release security fixes

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2022-21618

JGSS

Kerberos

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11

Note 2

CVE-2022-21626

Security

HTTPS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

15, 13, 11, 8

Note 2

CVE-2022-21628

Lightweight HTTP Server

HTTP

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21619

Security

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8

Note 2

CVE-2022-21624

JNDI

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8

Note 2

CVE-2022-39399

Networking

HTTP

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11

Note 1

CVE-2022-32215 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

HTTPS

Yes

9.1

Network

Low

None

None

Unchanged

High

High

None

None

CVE-2022-21634 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: LLVM Interpreter

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2022-21597 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: JavaScript

HTTP

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


22.02.401.0

Release Notes PDF

Release date: September 30, 2022

This release is based on Azul Platform Prime 22.02.400.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16.1+1

13

13.0.12+4

15

15.0.8+4

17

17.0.4.1+1

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


22.02.400.0

Release Notes PDF

Release date: August 17, 2022

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

8u345

11

11.0.16.1+1

13

13.0.12+4

15

15.0.8+4

17

17.0.4.1+1

What’s New

  • July 2022 PSU release security fixes.

Resolved Issues

Issue ID Description

ZVM-24486

Ported issue JDK-8290832 - It was no longer possible to change user.dir in JDK8 due to changes in the previous release of OpenJDK, causing compatibility issues. Those changes have been rolled back so that user.dir may be changed.

ZVM-24429

Using Xlog:safepoint was causing long pauses under I/O contention. The fix reduces gc.log file size for the standard log setting -Xlog:gc:gc,safepoint:gc.log

ZVM-23590

Fixed corruption of Falcon-compiled code in code cache.

ZVM-24455

LockOpt::eliminateNestedLock could sometimes add an invalid/stale value to the deopt bundle which could potentially lead to crashes.

Known Issues

There are no new issues to report in this release.


22.02.300.0

Release Notes PDF

Release date: July 19, 2022

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

8

8u341

11

11.0.15.0.101+3

13

13.0.11.0.101+2

15

15.0.7.0.101+2

17

17.0.3.0.101+2

What’s New

  • July 2022 CPU release security fixes.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2022-34169

JAXP (Xalan-J)

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21541

Hotspot

Multiple

Yes

5.9

Network

High

None

None

Unchanged

None

High

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21540

Hotspot

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8

Note 1

CVE-2022-21549

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17

Note 1

CVE-2022-25647 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Native Image (Gson)

None

No

6.2

Local

Low

None

None

Unchanged

None

None

High

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and relies on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Known Issues

There are no new issues to report in this release.

Resolved Issues

There are no resolved issues to report in this release.


22.02.202.0

Release Notes PDF

Release date: July 12, 2022

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15.+10

13

3.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • Internal bug fixes.

  • ZVM-24010 - Optimized layout of GC internal data structure, improving native memory consumption by the garbage collector(GC).

  • ZVM-22820 - Put size limit on heap ref buffers during card mark scanning.

Resolved Issues

Issue ID Description

ZVM-24118

Fixed crashes caused by constantPoolOopDesc::tag_at(int)

ZVM-23983

async-profiler v2.7+ cpu profiling is now working with Prime.

Known Issues

There are no new issues to report in this release.


22.02.201.0

Release Notes PDF

Release date: June 13, 2022

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15.+10

13

3.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-23618

Missing date and timestamp on multiple GC log lines when PrintGCDateStamps is specified.

ZVM-23575

High GC time percentage when thread CPU usage information is not correctly read from /proc.

Known Issues

There are no new issues to report in this release.


22.02.200.0

Release Notes PDF

Release date: May 4, 2022

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

8

8u332

11

11.0.15.+10

13

3.0.11+4

15

15.0.7+4

17

17.0.3+7

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


22.02.100.0

Release Notes PDF

Release date: April 19, 2022

This CPU release is based on Azul Platform Prime 22.02.3.0 and corresponds the following OpenJDK versions:

Major Version OpenJDK Version

7

7u341

8

8u331

11

11.0.14.1.101+3

13

13.0.10.0.101+2

15

15.0.6.0.101+2

17

17.0.2.0.101+2

What’s New

  • April 2022 CPU release security fixes.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2018-25032

ZIP

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

17, 15, 13, 11, 8, 7, 6

CVE-2022-21449

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

18, 17, 15

Note 1

CVE-2022-21476

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

High

None

None

18, 17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21426

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21434

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21496

JNDI

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21443

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-0778 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (OpenSSL)

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


22.02.3.0

Release Notes PDF

Release date: April 12, 2022

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-10114

When -XX:ActiveProcessorCount=N is added to the command line, the number of compiler threads is now adjusted accordingly.

Known Issues

  • There are no new issues to report in this release.


22.02.2.0

Release Notes PDF

Release date: April 4, 2022

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-23089

Two additional openjdk 8 symlinks, /usr/lib/jvm/jre and /usr/alternatives/jre have been added to Azul Platform Prime

Known Issues

  • There are no new issues to report in this release.


22.02.1.0

Release Notes PDF

Release date: March 28, 2022

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+9

13

13.0.10+5

15

15.0.6+5

17

17.0.2+8

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-21804

In container systems with an elastic CPU definition (CPU min and max both set or cgroups cpu.shares and cpu.quota both defined) Runtime.availableProcessors() now returns the same value as on OpenJDK (the upper limit). Previously it returned the lower bound. That API method is often used to size application thread pools.

Known Issues

  • There are no new issues to report in this release.


21.08.502.0

Release Notes PDF

Release date: July 4, 2022

This release is based on Azul Platform Prime 21.08.500.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u341

8

8u331

11

11.0.14.1.101+3

13

13.0.10.0.101+2

15

15.0.6.0.101+2

What’s New

  • Internal bug fixes.

  • ZVM-24010 - Optimized layout of GC internal data structure, improving native memory consumption by the garbage collector (GC).

Resolved Issues

Issue ID Description

ZVM-21414

Made loop unrolling optimization more robust.

Known Issues

There are no new issues to report in this release.


21.08.501.0

Release Notes PDF

Release date: July 4, 2022

This release is based on Azul Platform Prime 21.08.500.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u341

8

8u331

11

11.0.14.1.101+3

13

13.0.10.0.101+2

15

15.0.6.0.101+2

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-23590

Fix corruption of Falcon-compiled code in compressed::DebugMap::clean_inline_caches_concurrent (and its stw counterpart).

Note
This patch affects only Falcon-compiled code.

Known Issues

There are no new issues to report in this release.


21.08.500.0

Release Notes PDF

Release date: April 19, 2022

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u341

8

8u331

11

11.0.14.1.101+3

13

13.0.10.0.101+2

15

15.0.6.0.101+2

What’s New

  • Internal bug fixes.

  • April 2022 CPU release security fixes.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2018-25032

ZIP

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

17, 15, 13, 11, 8, 7, 6

CVE-2022-21449

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

18, 17, 15

Note 1

CVE-2022-21476

Libraries

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

High

None

None

18, 17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21426

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21434

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21496

JNDI

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21443

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

18, 17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-0778 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (OpenSSL)

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.402.0

Release Notes PDF

Release date: April 5, 2022

This release is based on Azul Platform Prime 21.08.400.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+1

13

13.0.10+5

15

15.0.6+5

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-23164

Constant pool indexes related to the EnclosingMethod class file attribute were not handled correctly at JVMTI redefinition operation. This could in rare cases result in a crash on an attempt to use certain java.lang.Class helpers such as 'getSimpleName' or 'getEnclosingMethod' against the redefined class due to the invalid access to the constant pool using stale indexes.

ZVM-23089

Two additional openjdk 8 symlinks, /usr/lib/jvm/jre and /usr/alternatives/jre have been added to Azul Platform Prime.

Known Issues

There are no new issues to report in this release.


21.08.401.0

Release Notes PDF

Release date: March 7, 2022

This release is based on Azul Platform Prime 21.08.400.0.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+1

13

13.0.10+5

15

15.0.6+5

What’s New

  • Internal bug fixes.

Resolved Issues

Issue ID Description

ZVM-22555

Crash in codegen exposed by -XX:-FalconSpeculateNoThrowCalls using compilation recorded by RN.

Known Issues

There are no new issues to report in this release.


21.08.400.0

Release Notes PDF

Release date: February 18, 2022

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u332

8

8u322

11

11.0.14.1+1

13

13.0.10+5

15

15.0.6+5

What’s New

  • Remaining fixes from the January 2022 PSU release.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.301.0

Release Notes PDF

Release date: January 18, 2022

This release is based on Azul Platform Prime 21.08.300.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u331

8

8u321

11

11.0.13.0.101+2

13

13.0.9.0.101+1

15

15.0.5.0.101+2

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.300.0

Release Notes PDF

Release date: January 18, 2022

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u331

8

8u321

11

11.0.13.0.101+2

13

13.0.9.0.101+1

15

15.0.5.0.101+2

What’s New

  • Common Vulnerabilities and Exposure (CVE) fixes for January 2022 OpenJDK.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2022-21277

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11

Note 1

CVE-2022-21282

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21283

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21291

Hotspot

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11

Note 1

CVE-2022-21293

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21294

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21296

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8, 7

Note 1

CVE-2022-21299

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21305

Hotspot

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21340

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21341

Serialization

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21349

2D

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

8, 7

Note 1

CVE-2022-21360

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21365

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2022-21366

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11

Note 1

CVE-2022-21248

Serialization

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2021-22959 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

HTTP

Yes

6.5

Network

Low

None

None

Unchanged

Low

Low

None

None

CVE-2022-21271 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

None

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments, typically in clients running sandboxed Java applications, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.202.0

Release Notes PDF

Release date: January 4, 2022

This release is based on Azul Platform Prime 21.08.200.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13+8

13

13.0.9+3

15

15.0.5+3

What’s New

  • General stability improvements.

Resolved Issues

Issue ID Description

ZVM-21048

When -XX:+UseLargePages is used and the number of static huge pages reserved by nr_hugepages is insufficient for the total heap, Prime failed to start. Now it matches OpenJDK behavior and continues as expected.

ZVM-22049

OldGC is not triggered often enough during idle time when NewGCs are occurring.

Known Issues

There are no new issues to report in this release.


21.08.201.0

Release Notes PDF

Release date: December 27, 2021

This release is based on Azul Platform Prime 21.08.200.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13+8

13

13.0.9+3

15

15.0.5+3

What’s New

  • General stability improvements.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.200.0

Release Notes PDF

Release date: November 15, 2021

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u322

8

8u312

11

11.0.13+8

13

13.0.9+3

15

15.0.5+3

What’s New

  • October 2021 PSU fixes

  • New JIT flag for setting the compiler thread count as a percentage of the core count. See Command Line Options for more about the CIMaxCompilerThreadsPercent flag.

  • General stability improvements.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.100.0

Release Notes PDF

Release date: October 19, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u321

8

8u311

11

11.0.12.0.101+2

13

13.0.8.0.101+1

15

15.0.4.101+1

What’s New

  • October 2021 Critical Vulnerability and Exposures (CVE) fixes.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2021-3517

JavaFX (libxml)

Multiple

Yes

8.6

Network

Low

None

None

Unchanged

Low

Low

High

17, 15, 13, 11, 8

Note 1

CVE-2021-35567

Libraries

Kerberos

No

6.8

Network

Low

Low

Required

Changed

High

None

None

17, 15, 13, 11, 8

Note 2

CVE-2021-35550

JSSE

TLS

Yes

5.9

Network

High

None

None

Unchanged

High

None

None

11, 8, 7, 6

Note 2

CVE-2021-3522

JavaFX (GStreamer)

None

No

5.5

Local

Low

None

Required

Unchanged

None

None

High

17, 15, 13, 11, 8

Note 1

CVE-2021-35556

Swing

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2021-35559

Swing

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35561

Utility

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35564

Keytool

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35565

JSSE

TLS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

15, 13, 11, 8, 7, 6

Note 3

CVE-2021-35578

JSSE

TLS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8

Note 3

CVE-2021-35586

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35603

JSSE

TLS

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35588

Hotspot

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

None

None

Low

8, 7, 6

Note 2

CVE-2021-27290 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2021-35560 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Deployment

Multiple

Yes

7.5

Network

High

None

Required

Unchanged

High

High

High

None

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

3

This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted applications, such as through a web service.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.08.1.0

Release Notes PDF

Release date: October 5, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

There are no new features.

Resolved Issues

Issue ID Description

High CPU utilization exists in HeapCommit thread in some specific scenarios.

High pause time during OldGC due to unloading of a long chain of subclasses.

Abort the VM if GC safepoint operation time exceeds a configurable threshold.

Installation packages are now signed.

Known Issues

There are no new issues to report in this release.


21.02.500.0

Release Notes PDF

Release date: October 19, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u321

8

8u311

11

11.0.12.0.101+2

13

13.0.8.0.101+1

15

15.0.4.101+1

What’s New

  • October 2021 PSU fixes and stability improvements.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2021-3517

JavaFX (libxml)

Multiple

Yes

8.6

Network

Low

None

None

Unchanged

Low

Low

High

17, 15, 13, 11, 8

Note 1

CVE-2021-35567

Libraries

Kerberos

No

6.8

Network

Low

Low

Required

Changed

High

None

None

17, 15, 13, 11, 8

Note 2

CVE-2021-35550

JSSE

TLS

Yes

5.9

Network

High

None

None

Unchanged

High

None

None

11, 8, 7, 6

Note 2

CVE-2021-3522

JavaFX (GStreamer)

None

No

5.5

Local

Low

None

Required

Unchanged

None

None

High

17, 15, 13, 11, 8

Note 1

CVE-2021-35556

Swing

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 1

CVE-2021-35559

Swing

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35561

Utility

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35564

Keytool

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35565

JSSE

TLS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

15, 13, 11, 8, 7, 6

Note 3

CVE-2021-35578

JSSE

TLS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8

Note 3

CVE-2021-35586

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35603

JSSE

TLS

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

17, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-35588

Hotspot

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

None

None

Low

8, 7, 6

Note 2

CVE-2021-27290 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

Multiple

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2021-35560 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Deployment

Multiple

Yes

7.5

Network

High

None

Required

Unchanged

High

High

High

None

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

3

This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted applications, such as through a web service.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.401.0

Release Notes PDF

Release date: September 24, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • July 2021 PSU fixes and stability improvements.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.400.0

Release Notes PDF

Release date: August 18, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u312

8

8u302

11

11.0.12+7

13

13.0.8+5

15

15.0.4+5

What’s New

  • July 2021 PSU Release.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.300.0

Release Notes PDF

Release date: July 20, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u311

8

8u301

11

11.0.11.0.101+2

13

13.0.7.0.101+1

15

15.0.3.0.101+1

What’s New

  • July 2021 CPU Release.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.201.0

Release Notes PDF

Release date: July 5, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.200.0

Release Notes PDF

Release date: May 21, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u302

8

8u292

11

11.0.11+9

13

13.0.7+5

15

15.0.3+3

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.100.0

Release Notes PDF

Release date: April 20, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u301

8

8u291

11

11.0.10.0.101+1

13

13.0.6.0.101+2

15

15.0.2.0.101+2

What’s New

  • April 2021 CPU Release.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.2.0

Release Notes PDF

Release date: April 9, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

13

13.0.6+5

15

15.0.2+7

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues associated with this release.

Known Issues

There are no new issues to report in this release.


21.02.1.0

Release Notes PDF

Release date: March 17, 2021

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

13

13.0.6+5

15

15.0.2+7

What’s New

  • Improved compatibility between the MXBean memory pool names and names expected by in-memory data management systems (e.g., Pivotal GemFire 8.2).

    See GPGCReportJavaHeapPoolMXBean, GPGCHeapJavaPoolMXBeanName, GPGCNewGenPoolMXBeanName, GPGCOldGenPoolMXBeanName, GPGCPermGenPoolMXBeanName in Using Azul Zulu Prime JVM Command-Line Options for details.

  • New Java Flight Recorder feature that allows to asynchronously subscribe to select JFR events and avoid overhead associated with creating a recording in Azul Zulu Prime JVM JDK 15.

    See JEP 349: JFR Event Streaming for details.

  • Experimental ReadyNow! mode that enables the pre-initialization of a greater number of bootstrap classes.

Resolved Issues

Issue ID Description

ZVM-19089

Provide -XX:+OverrideVMProperties to enable setting the java.home system property by -modifiedJavaHome=<java-home>.

ZVM-19058

Possible segmentation fault during materialization of a lazy object with a symbolic state.

Known Issues

There are no new issues to report in this release.


20.08.501.0

Release Notes PDF

Release date: May 21, 2021

This release is based on Azul Platform Prime 20.08.500.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u301

8

8u291

11

11.0.10.0.101+1

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

Issue ID Description

ZVM-19857

Setting the JVM options GenPauselessNewThreads or GenPauselessOldThreads via means other than the command-line induces a JVM crash at start-up. Environment flags such as _JAVA_OPTIONS and JAVA_TOOL_OPTIONS are examples of such affected alternatives. Can impact upgrades from 19.07 or prior releases to this release.

Known Issues

There are no new issues to report in this release.


20.08.500.0

Release Notes PDF

Release date: April 20, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u301

8

8u291

11

11.0.10.0.101+1

What’s New

  • April 2021 CPU update.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2021-2161

Libraries

Multiple

Yes

5.9

Network

High

None

None

Unchanged

None

High

None

16, 15, 13, 11, 8, 7, 6

Note 1

CVE-2021-2163

Libraries

Multiple

Yes

5.3

Network

High

None

Required

Unchanged

None

High

None

16, 15, 13, 11, 8, 7, 6

Note 2

CVE-2021-23841 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (OpenSSL)

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

None

High

None

CVE-2021-3450 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Oracle GraalVM Enterprise Edition: Node (Node.js)

HTTPS

Yes

7.4

Network

High

None

None

Unchanged

High

High

None

None

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. It can also be exploited by supplying untrusted data to APIs in the specified Component.

2

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.400.0

Release Notes PDF

Release date: February 22, 2021

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u292

8

8u282

11

11.0.10+9

What’s New

  • January 2021 PSU updates.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.300.0

Release Notes PDF

Release date: January 19, 2021

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u291

8

8u281

11

11.0.9.1.101+5

What’s New

  • January 2021 CPU security update.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2020-14803

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

15, 13, 11, 8, 7, 6

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.202.0

Release Notes PDF

Release date: January 8, 2021

This release is based on Azul Platform Prime 20.08.201.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u285

8

8u275

11

11.0.9.1+1

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.201.0

Release Notes PDF

Release date: December 20, 2020

This release is based on Azul Platform Prime 20.08.200.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u285

8

8u275

11

11.0.9.1+1

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.200.0

Release Notes PDF

Release date: November 20, 2020

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u285

8

8u275

11

11.0.9.1+1

What’s New

  • October 2020 PSU updates.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.101.0

Release Notes PDF

Release date: November 3, 2020

This release is based on Azul Platform Prime 20.08.100.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u281

8

8u271

11

11.0.8.0.101+5

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

Issue ID Description

ZVM-17168

Checkpoint timeout crash while running async-profiler along with Zing.

Known Issues

There are no new issues to report in this release.


20.08.100.0

Release Notes PDF

Release date: October 20, 2020

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u281

8

8u271

11

11.0.8.0.101+5

What’s New

  • October 2020 Critical Patch Update (CPU) security update.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2020-14803

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

15, 13, 11, 8, 7, 6

Note 1

CVE-2020-14792

Hotspot

Multiple

Yes

4.2

Network

High

None

Required

Unchanged

Low

Low

None

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14779

Serialization

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14781

JNDI

Multiple

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14782

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 2

CVE-2020-14797

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 2

CVE-2020-14796

Libraries

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

Low

None

None

15, 13, 11, 8, 7

Note 1

CVE-2020-14798

Libraries

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.08.2.0

Release Notes PDF

Release date: October 8, 2020

This release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

What’s New

  • SHA1withDSAinP1363Format, NONEwithDSAinP1363Format, SHA224withDSAinP1363Format, and SHA256withDSAinP1363Format are removed from signature algorithms enabled by default in Azul Zulu Prime JVM 20.08.1.0. The algorithms are not supported in other JDK 8 virtual machines.

Resolved Issues

Issue ID Description

ZVM-16971

Compiler crash with signature polymorphic invokedynamic calls.

Known Issues

There are no new issues to report in this release.


20.08.1.0

Release Notes PDF

Release date: September 14, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u262

11

11.0.8+10

What’s New

  • Internal bug fixes.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.501.0

Release Notes PDF

Release date: December 1, 2020

This release is based on Azul Platform Prime 20.02.500.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u281

8

8u271

11

11.0.8.0.101+5

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.500.0

Release Notes PDF

Release date: October 20, 2020

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u281

8

8u271

11

11.0.8.0.101+5

What’s New

  • October 2020 Critical Patch Update (CPU).

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2020-14803

Libraries

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

Low

None

None

15, 13, 11, 8, 7, 6

Note 1

CVE-2020-14792

Hotspot

Multiple

Yes

4.2

Network

High

None

Required

Unchanged

Low

Low

None

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14779

Serialization

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14781

JNDI

Multiple

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

15, 13, 11, 8, 7, 6

Note 2

CVE-2020-14782

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 2

CVE-2020-14797

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 2

CVE-2020-14796

Libraries

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

Low

None

None

15, 13, 11, 8, 7

Note 1

CVE-2020-14798

Libraries

Multiple

Yes

3.1

Network

High

None

Required

Unchanged

None

Low

None

15, 13, 11, 8, 7

Note 1

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.402.0

Release Notes PDF

Release date: October 5, 2020

This release is based on Azul Platform Prime 20.02.401.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.401.0

Release Notes PDF

Release date: September 21, 2020

This release is based on Azul Platform Prime 20.02.400.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

What’s New

  • Cryptographic Algorithms Removal

    SHA1withDSAinP1363Format, NONEwithDSAinP1363Format, SHA224withDSAinP1363Format, and SHA256withDSAinP1363Format are removed from signature algorithms enabled by default in ZVM 20.08.1.0.

    The algorithms are not supported in other JDK 8 virtual machines.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.400.0

Release Notes PDF

Release date: August 14, 2020

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u272

8

8u265

11

11.0.8+10

What’s New

  • July PSU 2020.

  • Transport Layer Security Protocol Version 1.3 in Zing 8

    Zing 8 supports TLS 1.3 by default and follows the application programming interface (API) changes introduced by Maintenance Release 3 to the Java SE 8 specification.

    See Using Version 1.3 of Transport Layer Security (TLS) Protocol for more information.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.300.0

Release Notes PDF

Release date: July 14, 2020

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u271

8

8u262

11

11.0.7.0.101+5

What’s New

  • July 2020 CPU security updates.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2020-14583

Libraries

Multiple

Yes

8.3

Network

High

None

Required

Changed

High

High

High

14, 13, 11, 8, 7, 6

Note 1

CVE-2020-14664

JavaFX

Multiple

Yes

8.3

Network

High

None

Required

Changed

High

High

High

14, 13, 11, 8

Note 1

CVE-2020-14593

2D

Multiple

Yes

7.4

Network

Low

None

Required

Changed

None

High

None

14, 13, 11, 8, 7, 6

Note 1

CVE-2020-14562

ImageIO

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

14, 13, 11

Note 1

CVE-2020-14621

JAXP

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

Low

None

14, 13, 11, 8, 7, 6

Note 2

CVE-2020-14556

Libraries

Multiple

Yes

4.8

Network

High

None

None

Unchanged

Low

Low

None

14, 13, 11, 8

Note 3

CVE-2020-14577

JSSE

TLS

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-14578

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

8, 7, 6

Note 3

CVE-2020-14579

Libraries

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

8, 7, 6

Note 3

CVE-2020-14581

2D

Multiple

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

14, 13, 11

Note 3

CVE-2020-14573 This CVE is not applicable to Azul Zulu. It is listed here for comparison with other Java implementations which may contain this CVE.

Hotspot

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

Low

None

None

Note 3

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

3

This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.201.0

Release Notes PDF

Release date: June 8, 2020

This release is based on Azul Platform Prime 20.02.200.0 and corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u262

8

8u252

11

11.0.7+10

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.200.0

Release Notes PDF

Release date: May 13, 2020

This PSU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u262

8

8u252

11

11.0.7+10

What’s New

  • April PSU 2020.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.101.0

Release Notes PDF

Release date: April 28, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

7

7u261

8

8u251

11

11.0.6.0.101+11

What’s New

  • Internal bug fixes and stability improvements.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.100.0

Release Notes PDF

Release date: April 14, 2020

This CPU release is based on the following OpenJDK versions:

Major Version OpenJDK Version

7

7u261

8

8u251

11

11.0.6.0.101+11

What’s New

  • April 2020 CPU security update.

CVE fixes

CVE # Component Protocol Remote Exploit w/o Auth. Base Score Attack Vector Attack Complex Privileges Req’d User Interact Scope Confiden-tiality Integrity Availability Versions Affected Notes

CVE-2020-2803

Libraries

Multiple

Yes

8.3

Network

High

None

Required

Changed

High

High

High

14, 13, 11, 8, 7

Note 1

CVE-2020-2805

Libraries

Multiple

Yes

8.3

Network

High

None

Required

Changed

High

High

High

14, 13, 11, 8, 7

Note 1

CVE-2019-18197

JavaFX(libxslt)

Multiple

Yes

8.1

Network

High

None

None

Unchanged

High

High

High

13, 11, 8

Note 1

CVE-2020-2816

JSSE

HTTPS

Yes

7.5

Network

Low

None

None

Unchanged

None

High

None

14, 13, 11, 8

Note 2

CVE-2020-2781

JSSE

HTTPS

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-2830

Concurrency

Multiple

Yes

5.3

Network

Low

None

None

Unchanged

None

None

Low

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-2767

JSSE

HTTPS

Yes

4.8

Network

High

None

None

Unchanged

Low

Low

None

14, 13, 11, 8

Note 3

CVE-2020-2800

Lightweight HTTP Server

Multiple

Yes

4.8

Network

High

None

None

Unchanged

Low

Low

None

14, 13, 11, 8, 7, 6

Note 2

CVE-2020-2754

Scripting

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

14, 13, 11, 8

Note 3

CVE-2020-2755

Scripting

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

14, 13, 11, 8

Note 3

CVE-2020-2756

Serialization

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-2757

Serialization

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-2773

Security

Multiple

Yes

3.7

Network

High

None

None

Unchanged

None

None

Low

14, 13, 11, 8, 7, 6

Note 3

CVE-2020-2778

JSSE

HTTPS

Yes

3.7

Network

High

None

None

Unchanged

Low

None

None

14, 13, 11, 8

Note 3

Notes:

ID Notes

1

This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

2

This vulnerability can only be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

3

This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through untrusted code executed under Java sandbox restrictions. It can also be exploited by supplying data to APIs in the specified Component without using untrusted code executed under Java sandbox restrictions, such as through a web service.

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.


20.02.1.0

Release Notes PDF

Release date: April 8, 2020

This release corresponds to the following OpenJDK versions:

Major Version OpenJDK Version

8

11

13

15

17

What’s New

  • Internal bug fixes and stability improvements

Resolved Issues

There are no resolved issues to report in this release.

Known Issues

There are no new issues to report in this release.