LTS for public releases

Simon Ritter sritter at
Sat Nov 11 14:55:41 UTC 2017

I feel compelled to join this discussion...
> Date: Fri, 10 Nov 2017 20:16:52 +0000
> From: Stephen Colebourne<scolebourne at>
> To:jdk-dev at
> Subject: Re: LTS for public releases
> Message-ID:
> 	<CACzrW9Ad0PNkq-gzhunbjVE734pjXw=avT=FCGwA5gLe6N3TZg at>
> Content-Type: text/plain; charset="UTF-8"
> On 9 November 2017 at 16:34, Andrew Haley<aph at>  wrote:
>> I'm finding it very hard to understand what you're complaining about.
>> Look at the history: JDK 6 support has been extended by the community,
>> led first by me and then by Andrew Byrgin at Azul.  This was long
>> beyond Oracle's EOL five years ago.  This shows that the OpenJDK
>> community has a solid track record of supporting old releases.  Why
>> would the LTS releases be any different?  As long as people need the
>> JDKs (and perhaps for longer!)  they are available.
> As far as I can tell, I can't get a pre-built binary of JDK 6 or JDK 7
> from Red Hat without paying. I imagine the same will apply for JDK 8
> when that ends public updates.  And OpenJDK hasn't been doing binaries
> until very recently so that isn't helpful for judging what will happen
> going forward.
Herein lies the crux of the problem.  Sun and subsequently Oracle have 
always provided the latest release of the JDK and JRE without charge for 
"general purpose computing" i.e., desktops and servers. Sun introduced 
the field-of-use restriction to protect the only area of Java that they 
ever made any money from: embedded and mobile. With the recent 
announcement of GPLv2 binaries, even that has, in effect, gone away.

What I can't understand is why you would think that Oracle has a duty to 
provide free public updates for older versions of the platform 
indefinitely?  You can't get a pre-built binary of JDK 6 with the latest 
patches, sure.  However, JDK 6 is very nearly eleven years old and three 
full versions behind the current release.  It just doesn't make 
commercial sense to have engineers building binaries like this and doing 
it for free.  If you want support for an ancient version like this, I'm 
sorry, you have to pay for it. Otherwise, build the binary yourself 
(Azul backport the security fixes and upstream them to the OpenJDK6 
project).  That way you only have to pay with your time.

OpenJDK is free and open source, but that's free-as-in-speech, not 
> Up until today there have been 28 public update releases of Oracle JDK 8:
> These are simple upgrades that generally require no developer work to
> upgrade to. Any serious company should use these to ensure they are
> security-patch safe. They have all been made available for $free.
> Looking to the future, and based on promises to date, the world looks
> very different. LTS from Oracle is almost certainly paid for. The
> equivalent from Red Hat or Azul is also likely to be paid for. Thus
> there appears to be no future official LTS release, with binaries,
> publicly available, for $free.
> The impact, based on current published dates, is that every
> security-conscious user of Java who does not pay, would have to join
> the ongoing train of releases. They would have to change feature
> version every 6 months, because those will be the only official
> security-safe binaries. For the less security-conscious, they'll just
> stick on 8 or 9 and get far fewer security updates than before -
> surely a step backward for Java as a platform.
> Ultimately, these are the criteria I believe are needed for a successful LTS:
> - a $free pre-built downloadable binary
> - pre-built for multi-platforms
> - from a single official location (eg. OpenJDK or Oracle)
> - $free security-patch updates every 3 months or so until at least one
> year after the GA of the next LTS
> I've yet to see Oracle or anyone else commit to these LTS criteria.
> But I'm happy to be proved wrong.
> Stephen

More information about the jdk-dev mailing list