[N.B. These releases were made by Omair Majid on the 14th of January. There are known bootstrap issues with these releases. New releases will take place within the next week or so. This version has been updated from the original, notably with the NEWS listing for 2.3.13 being fixed to include all changes.]

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK.

These releases update our OpenJDK 7 support in the 2.3.x and 2.4.x series with a number of security fixes.

Existing users of the 2.3.x series are strongly advised to upgrade to the 2.4.x series. Although there is a 2.3.x update, two security issues (CVE-2013-5838, CVE-2013-5893) are resolved by JSR292 fixes (S7023639 & S8029507 respectively) which are currently present in the 2.4.x series, but not 2.3.x. We have not been able to backport these, as S7023639 includes a substantial reimplementation of JSR292 rather than just a simple security fix. Patches and suggestions are welcome. The safest solution is to use 2.4.x where possible.

If you find an issue with the release, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What’s New?

New in release 2.4.4 (2014-01-14)

New in release 2.3.13 (2014-01-14)

  • Security fixes
  • Backports
    • S6614237: missing codepage Cp290 at java runtime
    • S7149012: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp
    • S7167593: Changed get_source.sh to allow for getting full oracle jdk repo forest
    • S7167976: Fix broken get_source.sh script
    • S7170091: Fix missing wait between repo cloning in hgforest.sh
    • S7173959: Jvm crashed during coherence exabus (tmb) testing
    • S7182152: Instrumentation hot swap test incorrect monitor count
    • S7184406: Adjust get_source/hgforest script to allow for trailing // characters
    • S7192449: fix up tests to accommodate jtreg spec change
    • S7192744: fix up tests to accommodate jtreg spec change
    • S7196533: TimeZone.getDefault() slow due to synchronization bottleneck
    • S8000450: Restrict access to com/sun/corba/se/impl package
    • S8003992: File and other classes in java.io do not handle embedded nulls properly
    • S8004391: Bug fix in jtreg causes test failures in pre jdk 8 langtools tests
    • S8005194: [parfait] #353 sun/awt/image/jpeg/imageioJPEG.c Memory leak of pointer ‘scale’ allocated with calloc()
    • S8009399: Bump the hsx build number for APRIL CPU
    • S8011806: 7u25-b05 hotspot fastdebug build failure
    • S8013827: File.createTempFile hangs with temp file starting with ‘com1.4′
    • S8014312: Fork hs23.25 hsx from hs23.21 for jdk7u25 and reinitialize build number
    • S8014469: (tz) Support tzdata2013c
    • S8014925: Disable sun.reflect.Reflection.getCallerClass(int) with a temporary switch to re-enable it
    • S8015144: Performance regression in ICU OpenType Layout library
    • S8015614: Update build settings
    • S8015965: (process) Typo in name of property to allow ambiguous commands
    • S8015978: Incorrect transformation of XPath expression “string(-0)”
    • S8015998: Additional improvement in Javadoc framing
    • S8016256: Make finalization final
    • S8016357: Update hotspot diagnostic class
    • S8016814: sun.reflect.Reflection.getCallerClass returns the frame off by 1
    • S8017566: Backout 8000450 – Cannot access to com.sun.corba.se.impl.orb.ORBImpl
    • S8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null
    • S8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes
    • S8019979: Replace CheckPackageAccess test with better one from closed repo
    • S8020054: (tz) Support tzdata2013d
    • S8020085: Linux ARM build failure for 7u45
    • S8020943: Memory leak when GCNotifier uses create_from_platform_dependent_str()
    • S8020983: OutOfMemoryError caused by non garbage collected JPEGImageWriter Instances
    • S8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris
    • S8021360: object not exported” on start of JMXConnectorServer for RMI-IIOP protocol with security manager
    • S8021366: java_util/Properties/PropertiesWithOtherEncodings fails during 7u45 nightly testing
    • S8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01
    • S8021933: Add extra check for fix # JDK-8014530
    • S8021946: Disabling sun.reflect.Reflection.getCallerCaller(int) by default breaks several frameworks and libraries
    • S8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log.
    • S8022086: Fixing licence of newly added files
    • S8022661: InetAddress.writeObject() performs flush() on object output stream
    • S8022682: Supporting XOM
    • S8022856: 7u45 l10n resource file translation update
    • S8023457: Event based tracing framework needs a mutex for thread groups
    • S8023478: Test fails with HS crash in GCNotifier.
    • S8023771: when USER_RELEASE_SUFFIX is set in order to add a string to java -version, build number in the bundles names should not be changed to b00
    • S8023964: java/io/IOException/LastErrorString.java should be @ignore-d
    • S8024668: api/java_nio/charset/Charset/index.html#Methods JCK-runtime test fails with 7u45 b11
    • S8024697: Fix for 8020983 causes Xcheck:jni warnings
    • S8024863: X11: Support GNOME Shell as mutter
    • S8023683: Enhance class file parsing
    • S8024914: Swapped usage of idx_t and bm_word_t types in bitMap.inline.hpp
    • S8025128: File.createTempFile fails if prefix is absolute path
    • S8025170: jdk7u51 7u-1-prebuild is failing since 9/19
    • S8026826: JDK 7 fix for 8010935 broke the build
  • Bug fixes
    • Enable Zero when there is no HotSpot JIT and an alternate VM has not been explictly enabled.
    • Add casts to fix build on S390
    • Add -D_LITTLE_ENDIAN for AArch64.
    • Add tests missing from 8014618 backport
    • Cast should use same type as GCDrainStackTargetSize (uintx).
    • Cleanup file resources properly in TimeZone_md.
    • RH991170: Handle alternative Kerberos credential cache locations
    • Fix Kerberos cache support to check for null, fallback on old path support and not hardcode the krb5 library.
    • Only define _GNU_SOURCE if not already defined.
    • Include defs.make in vm.make so VM_LITTLE_ENDIAN is defined on Zero builds
    • Fix merge issues caused by faulty AOT 8010118 patch.
    • PR1400: Menu of maximized AWT window not working in Mate
    • PR1551: Add build support for Zero AArch64
    • PR1553: Add Debian AArch64 support
    • PR1554: Fix build on Mac OS X
    • RH661505: JPEGs with sRGB IEC61966-2.1 color profiles have wrong colors
    • RH995488: Java thinks that the default timezone is Busingen instead of Zurich
    • Set ZERO_BUILD in flags.make so it is set on rebuilds

The tarballs can be downloaded from:


The tarballs are accompanied by digital signatures available at:

These are produced using my public key. See details below.

  • PGP Key: 66484681 (http://pgp.mit.edu/)
  • Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681

SHA256 checksums:

  • 490935de1762fb1a02e858701cbfdb5a8df45560b56c528131b51ff444c7a454 icedtea-2.3.13.tar.gz
  • ddce5dadaca4a24e8ecd632d5299fefd76f3bdcd7040bfbded3de3b1dffd56b3 icedtea-2.4.4.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.3.13.tar.gz


$ tar xzf icedtea-2.4.4.tar.xz


$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.3.13/configure
$ make


$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.4.4/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!