Since January 2019, Java Critical Patch Updates for business, commercial or production use have required a commercial licence and subscription. Due to the popularity of Java 8, Oracle continued to provide free access to patches all the way up to (and including) update 201. The free public updates ended on 16 April when 211 was rolled out.
Java 7 is also widely deployed and in this case, the last free public update was 80, released April 2015. If you haven’t updated since, you will be compliant from a licensing perspective provided you aren’t using any of the commercial features which have always required a licence. Java is a secure platform when patched and there have been numerous vulnerability fixes since April 2015 for which a licence will have been required. If you haven’t updated beyond 80, you will need to assess whether this presents a risk to the business in terms of GDPR compliance.
I’ve recorded a number of conversations with Java licensing expert Simon Wickenden about the changes to the way Java is licensed. The videos can be found on Grey Matter’s YouTube channel. One looks at Java licensing changes in general while the others discuss OpenJDK and the often misunderstood matter of Java licensing in a virtualised environment.
Understanding the rules and options surrounding Java licensing is one thing. Applying these to arrive at the most economic, flexible and compliant model is unique to each customer’s use of Java. Please use the form below to request assistance with this.