The following sections describe the changes for each release of Amazon Corretto 20.
Release Date: August 22, 2023
Target Platforms
- RPM-based Linux using glibc 2.12 or later, x86_64
- Debian-based Linux using glibc 2.12 or later, x86_64
- RPM-based Linux using glibc 2.17 or later, aarch64
- Debian-based Linux using glibc 2.17 or later, aarch64
- Alpine-based Linux, x86_64
- Alpine-based Linux, aarch64
- Windows 10 or later, x86_64
- macos 11.0 and later, x86_64
- macos 11.0 and later, aarch64
The following issues are addressed in 20.0.2.10.1:
| Issue Name | Platform | Description | Link |
|---|---|---|---|
| 8313765: Invalid CEN header (invalid zip64 extra data field size) | All | Fix ZipException that may be encountered when opening select APK, ZIP or JAR files | JDK-8313765 |
Release Date: July 18, 2023
Target Platforms
- RPM-based Linux using glibc 2.12 or later, x86_64
- Debian-based Linux using glibc 2.12 or later, x86_64
- RPM-based Linux using glibc 2.17 or later, aarch64
- Debian-based Linux using glibc 2.17 or later, aarch64
- Alpine-based Linux, x86_64
- Alpine-based Linux, aarch64
- Windows 10 or later, x86_64
- macos 11.0 and later, x86_64
- macos 11.0 and later, aarch64
The following issues are addressed in 20.0.2.9.1:
| Issue Name | Platform | Description | Link |
|---|---|---|---|
| Import jdk-20.0.2+9 | All | Updates Corretto baseline to OpenJDK 20.0.2+9 | jdk-20.0.2+9 |
| Dynamic linking zlib | All | Dynamic linking zlib | #11 |
| 8302483: Enhance ZIP performance | All | This release of OpenJDK includes stronger checks on the Zip64 fields of zip files. In the event that these checks cause failures on trusted zip files, the checks can be disabled by setting the new system property 'jdk.util.zip.disableZip64ExtraFieldValidation' to 'true'. | |
| 8300596: Enhance Jar Signature validation | All | A System property "jdk.jar.maxSignatureFileSize" is introduced to configure the maximum number of bytes allowed for the signature-related files in a JAR file during verification. The default value is 8000000 bytes (8 MB). |
The following CVEs are addressed in 20.0.2.9.1:
| CVE | CVSS | Component |
|---|---|---|
| CVE-2023-22041 | 5.1 | hotspot/compiler |
| CVE-2023-25193 | 3.7 | client-libs/2d |
| CVE-2023-22044 | 3.7 | hotspot/compiler |
| CVE-2023-22045 | 3.7 | hotspot/compiler |
| CVE-2023-22049 | 3.7 | core-libs/java.io |
| CVE-2023-22036 | 3.7 | core-libs/java.util |
| CVE-2023-22006 | 3.1 | core-libs/java.net |
Release Date: April 18, 2023
Target Platforms
- RPM-based Linux using glibc 2.12 or later, x86_64
- Debian-based Linux using glibc 2.12 or later, x86_64
- RPM-based Linux using glibc 2.17 or later, aarch64
- Debian-based Linux using glibc 2.17 or later, aarch64
- Alpine-based Linux, x86_64
- Alpine-based Linux, aarch64
- Windows 10 or later, x86_64
- macos 11.0 and later, x86_64
- macos 11.0 and later, aarch64
The following issues are addressed in 20.0.1.9.1:
| Issue Name | Platform | Description | Link |
|---|---|---|---|
| Import jdk-20.0.1+9 | All | Updates Corretto baseline to OpenJDK 20.0.1+9 | jdk-20.0.1.9+1 |
| 8305113: (tz) Update Timezone Data to 2023c | All | Update Timezone Data to 2023c | #6 |
| Update amazon cacerts | All | Update amazon cacerts file from amazonlinux | #5 #7 #8 |
The following CVEs are addressed in 20.0.1.9.1:
| CVE | CVSS | Component |
|---|---|---|
| CVE-2023-21930 | 7.4 | security-libs/javax.net.ssl |
| CVE-2023-21967 | 5.9 | security-libs/javax.net.ssl |
| CVE-2023-21939 | 5.3 | client-libs/javax.swing |
| CVE-2023-21938 | 3.7 | core-libs/java.lang |
| CVE-2023-21937 | 3.7 | core-libs/java.net |
| CVE-2023-21968 | 3.7 | core-libs/java.nio |
Release Date: February 23, 2023
Target Platforms
- RPM-based Linux using glibc 2.12 or later, x86_64
- Debian-based Linux using glibc 2.12 or later, x86_64
- RPM-based Linux using glibc 2.17 or later, aarch64
- Debian-based Linux using glibc 2.17 or later, aarch64
- Alpine-based Linux, x86_64
- Alpine-based Linux, aarch64
- Windows 10 or later, x86_64
- macos 11.0 and later, x86_64
- macos 11.0 and later, aarch64
The following issues are addressed in 20.0.0.36.1
| Issue Name | Platform | Description | Link |
|---|---|---|---|
| Import jdk-20+36 | All | Updates Corretto baseline to OpenJDK 20+36 | jdk-20+36 |
| Update amazon cacerts | All | Update amazon cacerts file from amazonlinux | #4 |
Release Date: February 10, 2023
Target Platforms
- RPM-based Linux using glibc 2.12 or later, x86_64
- Debian-based Linux using glibc 2.12 or later, x86_64
- RPM-based Linux using glibc 2.17 or later, aarch64
- Debian-based Linux using glibc 2.17 or later, aarch64
- Alpine-based Linux, x86_64
- Alpine-based Linux, aarch64
- Windows 11 or later, x86_64
- macos 11.0 and later, x86_64
- macos 11.0 and later, aarch64
The following issues are addressed in 20.0.0.33.1
| Issue Name | Platform | Description | Link |
|---|---|---|---|
| Import jdk-20+33 | All | Updates Corretto baseline to OpenJDK 20+33 | jdk-20+33 |