Hacker News new | ask | show | jobs
by Ironlink 1706 days ago
According to their user guide, the only patch they have is the branding change: https://docs.aws.amazon.com/corretto/latest/corretto-17-ug/p...

I'll keep using the OpenJDK Docker images.
2 comments
vips7L 1705 days ago
You probably shouldn’t. Last I checked the OpenJdk docker images use the Debian builds of OpenJdk and there’s been multiple times where they’ve shipped vulnerable builds. [0] You should probably just use the Zulu builds.

https://news.ycombinator.com/item?id=19955958

link
iou 1706 days ago
They do list the additional patches they do here (for example) https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/pa...
link
iou 1706 days ago
I guess v11 is a better link to share there https://docs.aws.amazon.com/corretto/latest/corretto-11-ug/p...
link
geofft 1706 days ago
Wow, that's awesome - 8 had a handful of custom patches and some backports, 11 had only backports, and 17 has nothing. This is kind of the best possible story for a distribution fork!
link
hueho 1705 days ago
In fairness, Java 17 has just been released; it's possible new custom patches will be introduced in future Corretto patch releases.

Still, the fact that Corretto 11 had so few backports is encouraging.

link