It's that time again: there are new JVM updates released today (Jan 16, 2024) for the current long-term support (LTS) releases of Oracle Java, 8, 11, 17, and 21.
TLDR: The new updates are 1.8.0_401 (aka 8u401), 11.0.22, 17.0.10, and 21.0.2 respectively). For more on each of them, including what changed and the security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so that "critical" nomenclature may sometimes be a bit overstated. Again, more details below. And as is generally the case with these Java updates, most of them have the same changes and fixes across the four JVM versions, though not always.
For some folks, that's all they need to hear. For others, read on.
[....Continue Reading....]