By Raymond Xu < 1 min read
March 22, 2021

The Liberty-for-Java Buildpack v3.55 adds Liberty runtime 21.0.0.3 as the default and alternate runtime and an updated IBM JRE 8.0.6.26.

The AdoptOpenJDK Open J9 alternate JRE remains the same 11.0.10_9_openj9-0.24.0. The updated 8.0.6.26 addresses the following PSIRT security vulnerabilities: 

  1. Vulnerability in Java SE related to the Libraries component (CVE-2020-14782)
  2. Vulnerability in Java SE related to JNDI component (CVE-2020-14781)
  3. Unspecified vulnerability in Java SE (CVE-2020-14803)
  4. Eclipse OpenJ9 vulnerable to stack-based buffer overflow (CVE-2020-27221)
  5. Vulnerability in Java SE related to Java SE Security component (CVE-2020-2773)

This buildpack contains two production versions of Liberty — a default version that remains constant for approximately three months and the latest version, as an alternate. 

An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run “as is” without any additional changes. New applications will automatically use the new buildpack.

Learn more

Categories

compute
Raymond Xu
Software Engineer

More from compute
May 3, 2023

Mainframe Application Modernization Beyond Banking

4 min read - Looking at mainframe modernization in industries like insurance, automotive and retail. This is part one in a five-part series on mainframe modernization. When you think of the world’s biggest modernization challenges, you immediately think of banking, and for good reason. Banks were among the first to roll out advanced mobile apps some 15 years ago, and they had already started offering online services in the mid-1990s. Well before that, banks were interacting through massive electronic payment gateways and operating mainframe…

April 17, 2023

IBM Tech Now: April 17, 2023

< 1 min read - Envizi + Turbonomic, IBM Power Updates and the IBM CIS Standard Next Plan  Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 74 Watch the video This week, we're focusing on the following topics: IBM Envizi + IBM Turbonomic IBM Power Updates IBM…

April 11, 2023

Focusing on Increasing Our Clients’ Profitability and Performance When They Need It Most

4 min read - Exciting updates from IBM Power. As we noted last quarter when we announced this year’s strategic direction for IBM Power, one of the most common questions we hear from our clients is how they can trim their IT spending without compromising performance and data protection. A short time later, these concerns are even more prevalent as the global economic market continues to fluctuate and perpetuate uncertainty amidst rising interest rates and inflation. As the demand on IT services continues to…

February 16, 2023

Securing the Boot Process for IBM Cloud Bare Metal Servers for VPC

4 min read - IBM Cloud Bare Metal Servers for VPC have been available for almost a year, and we continue the steady rollout of additional features to ensure bare metal servers meet our customers’ requirements. The latest IBM Cloud Bare Metal Servers for VPC features are focused squarely on security by providing customers with the ability to enable Secure Boot and to use a Trusted Platform Module (TPM 2.0). Secure Boot and TPM are software- and hardware-based mechanisms used to validate and enforce…