The Liberty-for-Java Buildpack v3.49 now includes Liberty runtime 184.108.40.206 as the alternate runtime.
This buildpack contains two production versions of Liberty—a default version that remains constant for approximately three months and the latest version, as an alternate.
An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run "as is" without any additional changes. New applications will automatically use the new buildpack.
The buildpack contains fixes for the following security vulnerabilities:
- Denial of service vulnerability in Websphere Application Server Liberty (CVE-2020-4590)