The Liberty-for-Java Buildpack v3.52 Includes Liberty Runtime 20.0.0.12 as the Alternate and Default Runtime and an Updated IBM JRE 8.0.6.20
This release contains Oracle Security fixes and IBM fixes, including the following:
- Vulnerability in Java SE related to the Hotspot component (CVE-2020-14792)
- Vulnerability in Java SE related to the Libraries component (CVE-2020-14797)
- Vulnerability in Java SE related to the JNDI component (CVE-2020-14781)
- Vulnerability in Java SE related to the Serialization component (CVE-2020-14779)
- Vulnerability in Java SE related to the Libraries component (CVE-2020-14798)
- Vulnerability in Java SE related to the Libraries component (CVE-2020-14796)
This buildpack contains two production versions of Liberty — a default version that remains constant for approximately three months and the latest version, as an alternate.
An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run "as is" without any additional changes. New applications will automatically use the new buildpack.
