Download Java SE JDK Download | TechSpot

Java is a programming language and software platform. Examples of applications that use Java are many and widespread, but include web browsers, office applications, and even games such as Minecraft are based on Java.

The full version string for this update release is 23.0.1+11 (where “+” means “build”). The version number is 23.0.1. Complete release notes for Java 23.0.1 can be found here.

If you need to run Java applications, it is enough to download and install the JRE (Java Runtime Environment). If you’re developing Java applications, you’ll want to download the JDK, which also includes the JRE.

For complete information and terms, see the OTN License Agreement for Java SE. The Java SE OTN license agreement for current Oracle Java SE releases allows them to be used at no charge:

• (i) For personal use on a desktop or laptop computer, such as playing games or running other personal applications.
• (ii) For the development, testing, prototyping and demonstration of applications, including for the use of/with profiles, debuggers and integrated development environment tools.
• (iii) For use with certain Qualified Products, such as Oracle SQL Developer, or as an end user of a software application created by a Qualified Product. (referred to as “Schedule A” and “Schedule B” products in the OTN License Agreement for Java SE)
• (iv) With identified Oracle Cloud Infrastructure products.

The latest version of Java is Java 23 or JDK 23 released in March 2024. However, many versions of Java are actively maintained for compatibility purposes. Java 8, Java 11 and Java 17 are the three long-term support versions recommended by Oracle. You can download the version

Java 8 is the last free public software update for commercial use, which explains why it remains popular. Oracle plans to maintain it until at least 2030. You should also know that some programs may refer to Java 8 as version 1.8.0.

What is Java JDK?

The Java Development Kit (JDK) is the full-featured software development kit for Java developers. It has everything the JRE has, but adds the compiler (javac) and tools (like javadoc and jdb). The JDK allows you to create and compile Java programs.

Is Java free to use?

Yes, Java is free to use under the jdk.java.net license. This means that anyone can download it for personal or development use at no cost. Oracle charges for long-term support, but this is optional.

Security basis

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 11.0.22 are specified in the following table:

JRE Family Version = JRE Security Baseline (full version string)

Keeping the JDK up to date

Oracle recommends that the JDK be updated with each critical update. To determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security issues, are announced one year in advance on Critical Patch Updates, Security Alerts, and Bulletins. It is not recommended that this JDK (version 23.0.1) be used after the next critical patch update scheduled for January 21, 2025.

The Java Management Service, available to all users, can help you find vulnerable Java versions in your systems. Java SE subscribers and customers running in Oracle Cloud can use the Java Management Service to update Java Runtimes and to perform additional security assessments such as identifying potentially vulnerable third-party libraries used by your Java applications. Existing Java Management Service users click here to login to the dashboard. The Java Management Service Documentation provides a list of features available to everyone and those available only to customers. Learn more about using the Java Management Service to monitor and secure your Java installations.

What’s new

Important issues resolved
tools/jpackage
➜ jpackage may produce an inaccurate list of required packages on Debian Linux Distros (JDK-8295111)
Fixed an issue on Debian Linux distros where jpackage could not always build an accurate list of required packages from shared libraries with symlinks in the paths, causing installations to fail due to missing shared libraries.

Removed features and options
install/install
➜ Remove deprecated desktop integration from Linux installers (JDK-8322234 (non-public))
Remove non-functional desktop integration functionality from Linux installers. The installers will stop inserting files into the /usr/share/icons, /usr/share/mime and /usr/share/applications subtrees.

Other notes
security-libs/java.security
➜ Added GlobalSign R46 and E46 root CA certificates (JDK-8316138)
The following root certificates have been added to cacert’s truststore:

+ GlobalSign: globalsignr46 – DN: CN=GlobalSign R46, O=GlobalSign nv-sa, C=BE
+ GlobalSign: globalsigne46 – DN: CN=GlobalSign Root E46, O=GlobalSign nv-sa, C=BE
infrastructure/building
➜ Native executables and libraries on Linux Use RPATH instead of RUNPATH (JDK-8326891)
Native executables and libraries on Linux have switched to use RPATH instead of RUNPATH in this release.

JDK native executables and libraries use built-in runtime search paths to find other internal JDK native libraries. On Linux these can be defined as either RPATH or RUNPATH. The main difference is that the dynamic linker evaluates RPATH before the LD_LIBRARY_PATH environment variable, while RUNPATH is evaluated only after LD_LIBRARY_PATH.

By making the change to use RPATH, it is no longer possible to replace JDK internal native libraries using LD_LIBRARY_PATH.

install/install
➜ Install DEB and RPM Java packages in the release directory (JDK-8325265 (non-public))
The installation directory name of the Oracle JDK in the RPM and DEB packages has been changed from /usr/lib/jvm/jdk-${FEATURE}-oracle-${ARCH} to /usr/lib/jvm/jdk-${VERSION} -oracle -${ARCH}.

Each update release will be installed in a separate directory on the Linux platform.

Installers will create a /usr/java/jdk-${FEATURE}-oracle-${ARCH} link pointing to the installation directory to allow applications to find the latest JDK version in the ${FEATURE} release train.

security-libs/javax.security
➜ Fallback option for POST-only OCSP requests (JDK-8328638)
JDK 17 introduced a performance improvement that made OCSP clients unconditionally use GET requests for small requests, while making POST requests for everything else. This is explicitly allowed and recommended by RFC 5019 and RFC 6960. However, we have seen OCSP responders that, despite RFC requirements, do not work well with GET requests.

This release introduces a new JDK system property to allow clients to fall back to POST-only behavior. This unblocks interactions with these OCSP responders using -Dcom.sun.security.ocsp.useget={false,true}. This modifies the original change that introduced GET OCSP requests (JDK-8179503). The default behavior has not changed; option defaults to true. Set the option to false to disable GET OCSP requests. All values ​​other than false (case insensitive) default to true.

This option is non-default and may disappear when problematic OCSP responders are upgraded.