New Liberty-for-Java Buildpack v3.55 Is Available on IBM Cloud

1 min read

The Liberty-for-Java Buildpack v3.55 adds Liberty runtime 21.0.0.3 as the default and alternate runtime and an updated IBM JRE 8.0.6.26.

The AdoptOpenJDK Open J9 alternate JRE remains the same 11.0.10_9_openj9-0.24.0. The updated 8.0.6.26 addresses the following PSIRT security vulnerabilities: 

  1. Vulnerability in Java SE related to the Libraries component (CVE-2020-14782)
  2. Vulnerability in Java SE related to JNDI component (CVE-2020-14781)
  3. Unspecified vulnerability in Java SE (CVE-2020-14803)
  4. Eclipse OpenJ9 vulnerable to stack-based buffer overflow (CVE-2020-27221)
  5. Vulnerability in Java SE related to Java SE Security component (CVE-2020-2773)

This buildpack contains two production versions of Liberty — a default version that remains constant for approximately three months and the latest version, as an alternate. 

An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run "as is" without any additional changes. New applications will automatically use the new buildpack.

Learn more

Be the first to hear about news, product updates, and innovation from IBM Cloud