New Liberty-for-Java Buildpack v3.62 Is Available on IBM Cloud

1 min read

The Liberty-for-Java Buildpack v3.62 adds Liberty runtime 21.0.0.10 as the alternate runtime and keeps 21.0.0.9 as the default runtime.

The IBM JRE Version is updated to 8 SR6 FP36. The Liberty buildpack is now including the IBM Semeru Runtime Open Edition for Java 11 (11.0.12_7_openj9-0.27.0) and is replacing the runtime from Eclipse. The default and alternate runtimes 21.0.0.9 and 21.0.0.10 address the following PSIRT security vulnerabilities: 

  1. Vulnerability in Apache Commons Compress library that is used by Websphere Application Server Liberty (CVE-2021-36090, CVE-2021-35517).
  2. Vulnerability in WebSphere Application Server to information disclosure (CVE-2021-29842).

This buildpack contains two production versions of Liberty — a default version that remains constant for approximately three months and the latest version, as an alternate. 

An existing application will not be affected by the new buildpack until you redeploy or restage it. After redeployment, existing applications should continue to run "as is" without any additional changes. New applications will automatically use the new buildpack.

Learn more

Be the first to hear about news, product updates, and innovation from IBM Cloud