Download Java SE JDK and JRE 8.381 Download

Java SE is the standard version of Java, it includes libraries for desktop applications, networking, security, database access and more. If you need to run Java applications, you can download and install JRE is enough. If you develop Java applications, you will want to download JDKwhich also includes the JRE.

The JRE is Java Runtime Environment, it covers most users’ needs. Contains everything required to run Java applications on your system. It is a package of everything needed to run a compiled Java program, including the Java Virtual Machine (JVM), the Java Class Library, the Java command line, and other infrastructure. However, it cannot be used to create new programs.

The JDK is Java Development Kit, the full-featured SDK for Java. It has everything the JRE has, but also the compiler (javac) and tools (like javadoc and jdb). It is capable of creating and compiling programs.

The latest version of Java is Java 20 or JDK 20 released in March 2023. However, many versions of Java are actively maintained for compatibility purposes. Java 8, Java 11 and Java 17 are the three long-term support versions recommended by Oracle. You can download the version you need below:

Java 8 is the last free public software update for commercial use, which explains why it remains popular. Oracle plans to maintain it until at least 2030. You should also know that some programs may refer to Java 8 as version 1.8.0.

Sometimes, even if you don’t plan to do any Java development on a computer, you still need the JDK installed. For example, if you deploy a web application using JSP, you are technically only running Java programs inside the application server. Why do you need JDK then? Because the application server will convert JSP to Java servlets and needs to use JDK to compile the servlets.

What is new

client-libs/2d

Marlin Renderer in JDK 8u

Starting with version 8u311, the Marlin graphics rasterizer and its artifacts will be built and distributed as part of the JDK/JRE packages. It is not the default rendering engine, but there is an option to enable it by setting the following system property:

sun.java2d.renderer=sun.java2d.marlin.MarlinRenderingEngine

core-libs/java.io:serialization

Context-specific deserialization filter subset

Allow applications to configure context-specific and dynamically selected deserialization filters via a JVM-wide filter factory that is invoked to select a filter for each deserialization stream. The behavior is a strict subset of JEP 415: Context-Specific Deserialization Filters to allow a filter factory to be configured using a property configured on the command line or in the security properties file.

The behavior is opt-in based on the presence of the jdk.serialFilterFactory system property on the command line or the jdk.serialFilterFactory security property. If set, the JVM-wide filter factory selects the filter for each stream when the stream is constructed and when a stream-specific filter is set.

The JVM-wide filter factory is a java.util.function.BinaryOperator function called when each ObjectInputStream is constructed and when the stream-specific filter is set using sun.misc.ObjectInputFilter.Config.setObjectInputFilter(sun.misc.ObjectInputFilter). The parameters are the current filter and a requested filter, and the function returns the filter to use for the stream. When invoked from the ObjectInputStream constructors, the first parameter is null and the second parameter is the static JVM-wide filter. When invoked from sun.misc.ObjectInputFilter.Config.setObjectInputFilter(sun.misc.ObjectInputFilter), the first parameter is the filter currently set on the stream (which was set in the constructor), and the second parameter is the requested filter.

A typical filter factory should use or merge the static JVM-wide filter with other application- and context-specific filters and the stream-specific filter, if one is set on the stream. The filter factory implementation can also use whatever contextual information is available, such as obtained from the application thread context, or its call stack, to compose and combine a new filter. It is not limited to using only the two parameters.

Previous release notes

Allow SASL mechanisms to be restricted

• A security property called jdk.sasl.disabledMechanisms has been added that can be used to disable SASL mechanisms. Any disabled mechanism will be ignored if specified in the mechanisms argument to Sasl.createSaslClient or the mechanisms argument to Sasl.createSaslServer. The default value for this security property is empty, which means that no mechanisms are disabled out of the box.

SunPKCS11 provider upgraded with support for PKCS#11 v2.40

• The SunPKCS11 provider has been updated with support for PKCS#11 v2.40. This version adds support for additional algorithms such as AES/GCM/NoPadding ciphers, DSA signatures using the SHA-2 family of message digests, and RSASSA-PSS signatures when the corresponding PKCS11 mechanisms are supported by the underlying PKCS11 library.

New checks on trust anchor certificates

• New checks have been added to ensure that trust anchors are CA certificates and contain the correct extensions. Trust anchors are used to validate certificate chains used in TLS and signed code. Trust anchor certificates must include a Basic Constraints extension with the cA field set to true. Also, if they include a key usage extension, the keyCertSign bit must be set.
• A new system property called jdk.security.allowNonCaAnchor has been introduced to restore the previous behavior, if necessary. If the property is set to the empty string or “true” (case insensitive), trust anchor certificates can be used if they do not have the correct CA extensions.
• The default value for this property, if not set, is “false”.
• Note that the property does not apply to X.509 v1 certificates (since they do not support extensions).
• This property is currently used by the JDK implementation. It is not guaranteed to be supported by other Java SE implementations.

Exact match required for Trusted TLS Server Certificate

• A TLS server certificate must be an exact match to a trusted certificate on the client in order for it to be trusted when establishing a TLS connection.

Added LuxTrust Global Root 2 certificate

The following root certificate has been added to cacert’s truststore:

+ LuxTrust
+ luxtrustglobalroot2ca
DN: CN=LuxTrust Global Root 2, O=LuxTrust SA, C=LU

Bug Fixes:

Support for OpenType CFF fonts

• Previously, Oracle JDK 8 OpenType did not include CFF fonts (.otf fonts) in default logical fonts (such as “Dialog” and “SansSerif”). This resulted in missing glyphs when rendering text. In the most extreme cases where only CFF fonts were installed on the system, a Java exception may be thrown.
• Several Linux distributions were affected by this issue because they rely on CFF fonts to support some languages, which is common for CJK languages ​​(Chinese, Japanese, and Korean).
• Oracle JDK 8 now uses these CFF fonts and this issue is resolved.

Better handling of serial filters

• The jdk.serialFilter system property can only be set on the command line. If the filter is not set on the command line, it can be set with java.io.ObjectInputFilter.Config.setSerialFilter. Setting jdk.serialFilter with java.lang.System.setProperty has no effect.

Legacies:

If you are looking for previous Java versions here are the download links: