Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [openj9-dev] Security Update Policy



Thanks a lot for what you have information wise J


Of course for a company most interesting is the question: „If I put this thing into production in version X, how long will there be security/critical updates available (in a sufficiently short timeframe).“ This is something that needs an answer before making decisions. I understand that this is a little behind the horizon for you right now J


(From a management point of view, ) even an answer like: “it’s open source, go fix it yourself and we will happily accept security patches” would be kind of acceptable. Maybe not driving decision towards OpenJ9, but still acceptable :D





From: openj9-dev-bounces@xxxxxxxxxxx [mailto:openj9-dev-bounces@xxxxxxxxxxx] On Behalf Of Mark Stoodley
Sent: Tuesday, April 24, 2018 7:02 PM
To: openj9 developer discussions <openj9-dev@xxxxxxxxxxx>
Subject: Re: [openj9-dev] Security Update Policy


Hi Markus,

> Lately there has been a little re-shuffling in release cycles/security update policies on Java VMs JTrying to figure out a way forward and a VM to choose for the future, is there any information regarding OpenJ9’s security update policy, release cycles, etc.?

Short answer is that we're still putting together the full answer to your question, but there is some useful information presented as part of this discussion on our proposed support statements:

You'll see there is a proposed release cadence for Eclipse OpenJ9 in a table in that issue that I'll summarize as "basically quarterly" and also aligning as much as we think possible with the expected activities at OpenJDK. Our nightly and release binaries are built at AdoptOpenJDK and you can read their statements here:

I know it's not exactly what you're asking for but I tried to provide as many details as we currently have. If you have specific follow-on questions, feel free to ask here or on our slack channels and we can try to work through the gaps together as a group.


SSI Schäfer IT Solutions GmbH | Friesachstrasse 15 | 8114 Friesach | Austria
Registered Office: Friesach | Commercial Register: 49324 K | VAT no. ATU28654300
Commercial Court: Landesgericht für Zivilrechtssachen Graz

Back to the top