Released January 14, 2020
CA, NV, and SA Zulu Distributions
SA are tested, certified, and commercially supported builds of Zulu whereby Azul ensures that software that uses the Accessible APIs of the product is not required to carry a specific license, and that such use does not contaminate the code or intellectual property of such software with any license requirements.
NV are tested, certified, and commercially supported builds of Zulu.
CA are unsupported community builds of Zulu.
CPU Releases - January 2020
Security-only updates that bring the associated Zulu releases to January 2020 CPU security update level.
CPU releases are available in SA and NV distributions.
CPU releases are generally based on prior-cycle PSU releases, with only security fixes applied. They provide a low-risk vehicle for potentially urgent deployment of security fixes when issues of sufficient severity arise.
Zulu 11.36 (184.108.40.206.101): based on Zulu 11.35 (11.0.5) with only security fixes applied.
Zulu 8.43 (8u241): based on Zulu 8.42 (8u232) with only security fixes applied.
Zulu 7.35 (7u251): based on Zulu 7.34 (7u242) with only security fixes applied.
PSU Releases - January 2020
PSU releases are generally scheduled, quarterly Patch Set Update releases that incorporate both security fixes and other accumulated changes that align the release contents with the associated OpenJDK project October 2019 quarterly release.
PSU releases are available in SA, NV, and CA distributions.
Zulu 13.29 (13.0.2): based on Zulu 13.28 (13.0.1) and incorporates the changes associated with the January 2020 OpenJDK 13.0.2 release contents.
Zulu 11.37 (11.0.6): based on 11.36 (220.127.116.11.101) and incorporates additional non-security changes associated with the January 2020 OpenJDK 11.0.6 release contents.
Zulu 8.44 (8u242): based on Zulu 8.43 (8u241) and incorporates additional non-security changes associated with the January 2020 OpenJDK 8u242 release contents. This release includes a new external zlibs feature.
Zulu 7.36 (7u252): based on Zulu 7.35 (7u251) and incorporates additional non-security changes associated with the January 2020 OpenJDK 7u252 release contents.
On Linux, Zulu 8.44 allows using an external zlib provided by the operating system or any custom zlib. To use an external zlib, set the environment variable
JDK_ZLIB_PATH to the zlib library name or full path to the dynamic library before starting the Zulu java command. The default for Zulu 8 is the same as before 8.44, to use the static zlib included in Zulu. Since Zulu 11 zlib is always loaded dynamically from the system path.
High Compression Level for MSI Packages
This release of Zulu features a new high compression level for MSI packages.
IANA Data 2019c
This release of Zulu contains IANA time zone data version 2019c.
Optional OpenJDK features
SA distribution packages of Zulu 13.29, 11.37, and 11.36 do not include some optional OpenJDK features: the Graal compiler, the Hotspot Serviceability Agent, the AOT, and JVMCI modules. Please note that these features are not part of Java SE 13 or Java SE 11. They are additional items included in some specific packaging distributions, and mostly provide early access to experimental functionality.
The following table displays bugs fixed in the January 2020 release of Zulu.
Zulu Versions Affected
|Synopsis||Java Update Type|
|ZULU-6501||11.37, 11.36||Update release file with IMPLEMENTOR info||CPU|
|ZULU-1901||8.44||jdk.tls.namedGroups not being picked up when specified in java.security||PSU|
|ZULU-4765||8.44||Add timestamp to biased locking logfile||PSU|
|ZULU-5037||8.44||TLS 1.2 and 1.3 fail when key on HSM with some ciphers||PSU|
|ZULU-5050||11.37, 8.44||Memory leak in crypto provider verification introduced in October 2019 PSU releases||PSU|
|ZULU-5065||8.44||Apache Santuario 2.1.4 ignores several restrictions of jdk.xmldsig.secureValidation property||PSU|
|ZULU-5107||13.29, 11.37, 8.44||Integrate musl changes to default zulu branch||PSU|
|ZULU-5720||8.44||conscrypt tests failed with JCE exception: SHA-512/224 cannot be found||PSU|
|ZULU-6192||13.29||timezone data synchronization with vanguard format||PSU|
|ZULU-6319||8.44||javax.xml.crypto.URIReferenceException seen when running Zulu 8.42||PSU|
|ZULU-6325||13.29, 11.37, 11.36, 8.44, 8.43, 7.36, 7.35, 6.30||Show OpenJDK version in the rpm bundle info string||PSU|
|ZULU-6437||8.44||Fix handling of XMLDsig in zulu8||PSU|
|ZULU-6514||8.44||Allow to select alternative zlib implementation via an environment variable||PSU|
|ZULU-6528||13.29, 11.37||Use of custom SecurityProvider with custom PrivateKey fails to identify signature schemes||PSU|
|ZULU-6542||13.29, 11.37, 11.36, 8.44, 8.43, 7.36, 7.35, 6.30||Request to expose OpenJDK version in Windows MSI||PSU|
|ZULU-6543||13.29, 11.37, 11.36, 8.44, 8.43, 7.36, 7.35, 6.30||Decrease MSI package size||PSU|
|ZULU-6713||6.30||update bootclasspath to include rhino.jar||PSU|