March 22, 2021 By Raymond Xu < 1 min read

The Liberty-for-Java Buildpack v3.55 adds Liberty runtime 21.0.0.3 as the default and alternate runtime and an updated IBM JRE 8.0.6.26.

The AdoptOpenJDK Open J9 alternate JRE remains the same 11.0.10_9_openj9-0.24.0. The updated 8.0.6.26 addresses the following PSIRT security vulnerabilities: 

  1. Vulnerability in Java SE related to the Libraries component (CVE-2020-14782)
  2. Vulnerability in Java SE related to JNDI component (CVE-2020-14781)
  3. Unspecified vulnerability in Java SE (CVE-2020-14803)
  4. Eclipse OpenJ9 vulnerable to stack-based buffer overflow (CVE-2020-27221)
  5. Vulnerability in Java SE related to Java SE Security component (CVE-2020-2773)

This buildpack contains two production versions of Liberty — a default version that remains constant for approximately three months and the latest version, as an alternate. 

An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run “as is” without any additional changes. New applications will automatically use the new buildpack.

Learn more

More from

Enhancing triparty repo transactions with IBM MQ for efficiency, security and scalability

3 min read - The exchange of securities between parties is a critical aspect of the financial industry that demands high levels of security and efficiency. Triparty repo dealing systems, central to these exchanges, require seamless and secure communication across different platforms. The Clearing Corporation of India Limited (CCIL) recently recommended (link resides outside ibm.com) IBM® MQ as the messaging software requirement for all its members to manage the triparty repo dealing system. Read on to learn more about the impact of IBM MQ…

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters