Red Hat has taken the leadership role of managing Java 8 and Java 11, under the guidance of technical lead, Andrew Haley. This role appears alongside Oracle's focus on future Java releases moving in the six-month release schedule.
Andrew Haley is one of five members of the OpenJDK Governing Board, and discussed this transition back in September 2018 in a blog post, "The future of Java and OpenJDK updates without Oracle support." The change is expected to be nondisruptive, but may require some users to change where they obtain Java releases. This may affect users of Java 8 who previously obtained updates directly from Oracle, and would now need to locate another distribution. This change will likely not impact users of Java 11 who seek updates without cost, as Oracle previously clarified the policy of what is free (OpenJDK) and what is not free (Oracle’s Java distribution). Users with any questions on cost can consult a write-up by the Java Champions entitled "Java is Still Free" or review a previous speaker panel "Java is Still Free?" which raises a question and answers it with yes.
Red Hat is committed to supporting Java 8 and 11 as long-term support releases. This includes commercial support for Windows. Java 9 and 10 are absent, as they are short-lived releases. When questioned about support for those releases, Haley replied, "Probably not, no. I don't expect that we'll have any interest in keeping non-LTS releases going beyond their natural lifespan."
One major feature in Red Hat’s distribution is the presence of Shenandoah, a low-pause garbage collector. Shenandoah project lead Roman Kennke and performance expert Aleksey Shipilev provided details of Shenandoah in a talk, "Shenandoah GC: The Next Generation."
Aleksey Shipilev is also the largest individual contributor to this Java release, providing 62 of 83 commits by Red Hat. Other community contributions include 58 commits from SAP, 23 from Oracle, 7 from individuals, 7 from Google, and 5 from Amazon who manages their Corretto branch.
Security is a significant driver in the need for maintenance and patching. The recent set of April releases include fixes for five remote unauthenticated security issues. The three highest issues impact Java Web Start and Applets, a technology that was deprecated in Java 9. One attack, CVE-2019-2684, impact Java RMI services, uses techniques similar to those in Mogwai Labs’ write-up, "Attacking Java RMI services after JEP 290."
Other changes in this release include the addition of the new Japanese era, named Reiwa. This new era exits the previous Heisei era as Japan transitions to a new emperor. The change for Java developers will come from the JavaTime packages, specifically java.time.chrono.JapaneseEra.