apache > db
Apache DB Project
Font size:      

Apache Derby Release


Use the links below to download a distribution of Apache Derby. You should always verify the integrity of distribution files downloaded from a mirror.

There are four different distributions:

  • bin distribution - contains the documentation, javadoc, and jar files for Derby.
  • lib distribution - contains only the jar files for Derby.
  • lib-debug distribution - contains jar files for Derby with source line numbers.
  • src distribution - contains the Derby source tree at the point which the binaries were built.

db-derby- [PGP] [MD5]
db-derby- [PGP] [MD5]

db-derby- [PGP] [MD5]
db-derby- [PGP] [MD5]

db-derby- [PGP] [MD5]
db-derby- [PGP] [MD5]

db-derby- [PGP] [MD5]
db-derby- [PGP] [MD5] (Note that, due to long filenames, you will need gnu tar to unravel this tarball.)

Release Notes for Apache Derby

These notes describe the difference between Apache Derby release and the preceding release


The most up to date information about Derby releases can be found on the Derby download page.

Apache Derby is a pure Java relational database engine using standard SQL and JDBC as its APIs. More information about Derby can be found on the Apache web site. Derby functionality includes:

  • Embedded engine with JDBC drivers
  • Network Server
  • Network client JDBC drivers
  • Command line tools: ij (SQL scripting), dblook (schema dump) and sysinfo (system info)

Support for Java SE 8 is being sunsetted and will not be supported by the next (10.15) release family. The 10.14 release family supports the following Java and JDBC versions:

  • Java SE 8 and higher with JDBC 4.2.
  • Java SE 8 compact profile 2.

New Features

This is a patch release. No new features have been added.

Bug Fixes

The following issues are addressed by Derby release These issues are not addressed in the preceding release.

Issue Id
DERBY-6987The default Network Server security policy file could be trimmed down somewhat.
DERBY-6986Network Server COMMAND_TESTCONNECTION need not try to open a database


Compared with the previous release (, Derby release introduces the following new features and incompatibilities. These merit your special attention.

Note for DERBY-6987

Summary of Change

The default Network Server security policy has been simplified.

Symptoms Seen by Applications Affected by Change

If you start the Network Server without specifying a security manager, the Network Server will install a default Java security manager that enforces a basic policy. This security policy is now simpler than it was in previous releases.

Incompatibilities with Previous Release

If your Network Server deployment has particular security requirements, the default security policy is not right for you. You should instead deploy the Network Server with a customized security policy file, as described in the Security guide.

Rationale for Change

A simpler default security policy file is preferable, as it is easier to understand.

Application Changes Required

Please review the "Configuring Java security" topic in the Security guide for a detailed description of how to configure the Network Server security policy.

Note for DERBY-6986

Summary of Change

COMMAND_TESTCONNECTION no longer has database open support.

Symptoms Seen by Applications Affected by Change

The Network Server's COMMAND_TESTCONNECTION operation, which is used by the Network Server 'ping' feature, contained code which could attempt to open a database specified as part of the 'ping' request. This code has been removed.

Rationale for Change

It is not necessary to attempt to open a database in order to ping the Network Server.

Build Environment

Derby release was built using the following environment:

  • Branch - Source code came from the 10.14 branch.
  • Machine - Fedora 27
  • Ant - Apache Ant(TM) version 1.9.5 compiled on May 31 2015
  • Compiler - All classes were compiled by the javac from the 1.8.0_151 JDK, OpenJDK 64-Bit Server VM (build 25.151-b12, mixed mode)

Verifying Releases

It is essential that you verify the integrity of the downloaded files using the PGP and MD5 signatures. MD5 verification ensures the file was not corrupted during the download process. PGP verification ensures that the file came from a certain person.

The PGP signatures can be verified using PGP or GPG. First download the Apache Derby KEYS as well as the asc signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ...

% pgpk -a KEYS
% pgpv db-derby-X.Y.tar.gz.asc


% pgp -ka KEYS
% pgp db-derby-X.Y.tar.gz.asc


% gpg --import KEYS
% gpg --verify db-derby-X.Y.tar.gz.asc

To verify the MD5 signature on the files, you need to use a program called md5 or md5sum, which is included in many unix distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from here, here, or here.

We strongly recommend that you verify your downloads with both PGP and MD5.