Liberica Native Image Kit 22.3.2 builds are released

We are happy to announce the general availability of Liberica Native Image Kit (NIK) version 22.3.2 for JDK 11.0.19 and 17.0.7 as part of Critical Patch Update (CPU) release cycle. The builds contain several security and bug fixes.

Note that Liberica NIK releases are aligned with GraalVM release schedule, which underwent drastic changes in 2023. Starting with JDK 20 release in March 2023, GraalVM CE conforms to the six-month JDK release cadence. CPU builds will see the light four times a year as before.

All Liberica NIK builds contain the latest version of Liberica JDK with fixes and eliminated security issues.

Summary of fixes and enhancements

List of security issues fixed

CVE ID	cvss score	component	module	Attack vector (network/local)	Complexity (low/high)	Privileges (none/low)	User interaction (none/required)	Scope (changed/unchanged)	Confidentiality (low/none/high)	Integrity (low/none/high)	Availability (low/none/high)
CVE-2023-21930	7.4	security-libs	javax.net.ssl	network	high	none	none	unchanged	high	high	none
CVE-2023-21954	5.9	hotspot	gc	network	high	none	none	unchanged	high	none	none
CVE-2023-21967	5.9	security-libs	javax.net.ssl	network	high	none	none	unchanged	none	none	high
CVE-2023-21939	5.3	client-libs	javax.swing	network	low	none	none	unchanged	none	low	none
CVE-2023-21938	3.7	core-libs	java.lang	network	high	none	none	unchanged	none	low	none
CVE-2023-21937	3.7	core-libs	java.net	network	high	none	none	unchanged	none	low	none
CVE-2023-21968	3.7	core-libs	java.nio	network	high	none	none	unchanged	none	low	None

Conclusion

BellSoft strives to provide Java developers with a full stack of secure and affordable technologies suitable for creating a wide range of applications. And thanks to the CPU release cycle, your applications will be secure at all times. Download the latest version of Liberica NIK now!

Download Liberica NIK