What is new in this release of Liberty

This release introduces key enhancements to Liberty.

What's new

Open Liberty Many of the latest features for Liberty are now documented on the Open Liberty website. For more information about new Liberty features and capabilities, see the Open Liberty blog.

The Liberty features topic lists the features available in Liberty products and highlights recently introduced features with a fix pack icon. Recent fix packs provide the following key enhancements:

[24.0.0.5 and later]
WebSphere Liberty operator 1.3.2

Update to the new 1.3.2 release of WebSphere Liberty operator. Version 1.3.2 adds security fix updates for operating system packages and API libraries.

[24.0.0.4 and later]
Java SE 22 support for archive installations

Distributed: [AIX MacOS Linux Windows]Open Liberty The 24.0.0.4 release adds support for Java™ Platform, Standard Edition (Java SE) Version 22. You can use Java SE 22 with Liberty 24.0.0.4 or later. Java SE 22 is a non-Long-Term-Support (LTS) version of Java. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platformsThe IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 and Java SE 22 are not yet supported on IBM i.

[24.0.0.3 and later]
Debug performance issues with default verbose garbage collection

Open Liberty Enabling verbose garbage collection for your Java runtime can help you debug memory leaks and other performance bottlenecks. Starting in 24.0.0.3, verbose garbage collection is enabled by default when you use IBM Java or IBM Semeru Runtimes as your Java implementation.

Up to 10 verbosegc.XXX.log rolling log files are created in your log directory, with 1024 GC cycles per file, where XXX represents the sequence number of the log file. Previously, verbose garbage collection for Liberty was not enabled by default, regardless of the Java implementation. For more information, see the Open Liberty website.

Enhance security with back-channel logout for OpenID Connect clients and servers

Open Liberty Back-channel logout allows OpenID Connect servers to directly notify OpenID Connect clients of a user logout so each OpenID Connect client can also log the user out locally.

Previously, OpenID Connect servers could notify OpenID Connect clients that a user logged out only by using iframes that were embedded in the OpenID Connect client’s web page. If the web page wasn’t active, the OpenID Connect client wasn’t notified of the logout that occurred on the OpenID Connect server. Back-channel logout solves this problem through direct communication between the OpenID Connect server and clients. For more information, see the Open Liberty blog.

Java 21 Support for Installation Manager
Distributed: [AIX MacOS Linux Windows]Installation Manager supports Java 21 in Liberty environments. This update builds upon the existing Java 21 support for archive installations, which was introduced in version 23.0.0.11. For more information, see Installing, updating, and uninstalling the Java SDK.
WebSphere Liberty operator 1.3.1

Support for Red Hat OpenShift Container Platform 4.15 is added in 24.0.0.3.

[24.0.0.2 and later]
Configure Liberty InstantOn for applications that manage users and groups with SCIM
Liberty InstantOn, which improves startup times for containerized applications, now supports the System for Cross-domain Identity Management feature (scim-1.0). For more information, see Faster startup for containerized applications with Liberty InstantOn and Configuring SCIM for user and group member management.
Negatively acknowledge messages with MicroProfile Reactive Messaging 3.0 and MicroProfile Streams Operators 3.0
Open Liberty The MicroProfile Reactive Messaging 3.0 and MicroProfile Streams Operators 3.0 features introduce new functions, including negative acknowledgments, emitters, and backpressure support. Previously, MicroProfile Reactive Messaging could only positively acknowledge messages. If a problem existed with the payload or if exceptional behavior occurred, no mechanism was available to indicate or to handle the problem if it occurred within the stream. The updated feature and liberty-kafka connector can send or handle these events. For more information, see the Open Liberty blog and Optimizing asynchronous communication with MicroProfile Reactive Messaging on the Open Liberty website.
[24.0.0.1 and later]
Use InstantOn with more Liberty features
Open Liberty InstantOn supports a subset of Liberty features. InstantOn now supports features that enable Jakarta and Java XML Web Services and Jakarta and Java Mail functions, and more versions of previously supported features. For more information, see the Open Liberty website.
Verify the authenticity of the Liberty public key
WebSphere Liberty uses its private key to digitally sign each Liberty release. You can use the Liberty public key to check the signature, verify that the package was released by IBM, and that it was not modified since its release. Starting in version 24.0.0.1, you can also verify the authenticity of the Liberty public key by using a provided certificate (.cer) file. For more information, see Verifying Liberty release packages.
WebSphere Liberty operator 1.3.1

Update to the new 1.3.1 release of WebSphere Liberty operator. Version 1.3.1 adds security fix updates for operating system packages and API libraries.

[23.0.0.12 and later]
MicroProfile 6.1 support
Open Liberty The 23.0.0.12 release adds support for the MicroProfile programming model version 6.1, which aligns with Jakarta EE 10. MicroProfile 6.1 is a minor release. It includes new versions of the MicroProfile Config, MicroProfile Telemetry, and MicroProfile Metrics features.If you are updating your application from using MicroProfile 6.0 features to using MicroProfile 6.1 features, changes in API behavior might require you to update your application code. For more information, see Differences between MicroProfile 6.1 and 6.0 on the Open Liberty website and the Open Liberty blog.
Configure the MicroProfile OpenAPI endpoint path
Open Liberty MicroProfile OpenAPI generates and serves OpenAPI documentation for Restful Web Services (or JAX-RS) applications that are deployed to Liberty. OpenAPI documentation is served from the /openapi endpoint and a user interface for browsing this documentation is served from the /openapi/ui endpoint. With MicroProfile OpenAPI 3.1 in Liberty 23.0.0.12 and later, you can configure the paths for these endpoints by adding configuration to your server.xml file. For more information, see the Open Liberty website.
Support LTPA keys rotation without a planned outage
Open Liberty In 23.0.0.12 and later, Liberty can automatically generate new primary LTPA keys files while it continues to use validation keys files to validate LTPA tokens. With this update, you can rotate LTPA keys without any disruption to the application user experience. Previously, application users had to log in to their applications again after the Liberty server LTPA keys were rotated. For more information, see the Open Liberty website.
Send the resource parameter with an authorization request that uses the authorization code flow
Open Liberty Authorization requests can be made by using either the implicit flow or the authorization code flow. When requests use the implicit flow, all tokens are returned from the authorization endpoint and the token endpoint is not used. When requests use the authorization code flow, all tokens are returned from the token endpoint. Previously, Liberty sent the resource parameter only during an implicit flow request. If your request needed the resource parameter but could use only the authorization code flow, the request failed. This update enables the resource parameter to be sent with the authorization code flow. For more information, see the Open Liberty blog.
Obtain the role information from the OpenID Connect access token
Open Liberty ID tokens are JSON Web Tokens that conform to the OpenID Connect specification. Previously, Open ID Connect user role information could be obtained only from this ID token. If role information was not provided within the ID token, then the information was not found. This update provides checks to attempt to obtain role information from the Access Token if it is not found within the ID token. For more information, see the Open Liberty website.
Liberty Maven plug-in 3.10 and Liberty Gradle plug-in 3.8
New releases for Liberty Maven and Gradle plug-ins are now available. These releases include Java 21 support and the ability to deploy Spring Boot 3 applications. For more information, see the Liberty Maven plug-in 3.10 release notes and the Liberty Gradle plug-in 3.8 release notes.
Liberty Tools 23.0.12 for Eclipse IDE, IntelliJ IDEA, and Visual Studio Code
Liberty Tools support the latest available releases of Eclipse IDE, IntelliJ IDEA, and Visual Studio Code. This release also includes various enhancements and fixes. For more information, see the following release notes:
[23.0.0.11 and later]
Add computed vendor metrics to your dashboards with MicroProfile Metrics 3.0, 4.0, and 5.0

A set of computed vendor metrics is available when you enable the MicroProfile Metrics 3.0, 4.0, or 5.0 feature, without any additional configuration on your part. You can add these metrics directly to your dashboards in various monitoring tools.

Previously, you calculated these metrics from the Time and Total counts that were provided for various monitoring components. For example, to obtain a response time per request metric, you calculated it by using the array of time series data that is provided by the MicroProfile Metrics feature. However, not all monitoring tools support such complex time-series expressions. For more information, see the Open Liberty blog.

Bug fixes in version 23.0.0.11
Open Liberty The development team made several significant bug fixes in version 23.0.0.11. For more information, see the Open Liberty blog.
WebSphere Liberty operator 1.3.0

Update to the new 1.3.0 release of WebSphere Liberty operator. Version 1.3.0 adds security fix updates for operating system packages and API libraries.

Support for Red Hat OpenShift Container Platform 4.14 is added in 23.0.0.11.

[23.0.0.10 and later]
Verify feature signatures with the featureUtility command

In version 23.0.0.10 and later, the featureUtility command verifies feature signatures before it installs a feature into the Liberty runtime.

Previously, the featureUtility command verified only checksum data, which verified the integrity of the feature, but not the authenticity. Integrity verification ensures that the feature was not tampered with. Authenticity verification ensures the feature either originated from the Liberty development team or is a user-created feature. The featureUtility command checks both the authenticity and the integrity of features that are downloaded from the Maven Central repository. For more information, see the featureUtility documentation on the Open Liberty website.

Java SE 21 support for archive installations
Open Liberty The 23.0.0.10 release adds support for Java Platform, Standard Edition (Java SE) Version 21. You can use Java SE 21 with Liberty 23.0.0.10 or later. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platformsThe IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 is not yet supported on IBM i.

[23.0.0.9 and later]
Deploy Spring Boot 3.x applications to Liberty
Open Liberty The Spring Boot Support 3.0 feature (springBoot-3.0) provides complete support for running a Spring Boot 3.0 application on Liberty. It also provides the capability to thin the application when you create applications in containers. Prior releases of Liberty supported Spring Boot 1.5 and Spring Boot 2.0 applications. For more information, see the Open Liberty website.
Authenticate Open ID Connect clients with a private key JSON Web Token (JWT)
Open Liberty OpenID Connect clients are required to provide authentication data to the OpenID Connect provider when they invoke the provider’s token endpoint. Clients can authenticate by using several different methods, but most of those methods require a client secret. The private_key_jwt authentication method enables clients to use asymmetric keys to create signed JSON Web Tokens (JWTs) to authenticate instead of client secrets. OpenID Connect clients that use this authentication method are not required to have a client secret. For more information, see the Open Liberty website.
Use different LTPA or JWT cookies for different applications
Starting in version 23.0.0.9, you can set the path for Lightweight Third Party Authentication (LTPA) and JSON Web Token (JWT) cookie paths to the application context root. Set the useContextRootForSSOCookiePath attribute in the webAppSecurity element to true. With this configuration, you can use different LTPA or JWT tokens for different applications. In previous versions, the cookie path was set to a forward slash (/) so that any request made to any path on the domain included the cookie. For more information, see the webAppSecurity element.
WebSphere Liberty operator 1.2.2

Extended support has ended for Red Hat OpenShift Container Platform 4.10. For more information, see Red Hat OpenShift Container Platform Lifecycle Policy.

Java SE 11 end of support moved from 24.0.0.10 to 26.0.0.10
The Liberty end of support date for Java SE 11 is October 2026. The end of support date was October 2024. For more information, see Removal notices.
[23.0.0.8 and later]
Prevent authorization code interception attacks with PKCE support for OpenID Connect clients
Open Liberty OpenID Connect clients in Liberty now support Proof Key for Code Exchange (PKCE) (RFC 7636). PKCE is an extension of the OAuth 2.0 specification that protects OAuth 2.0 public clients against authorization code interception attacks. In specific scenarios, a malicious application can intercept a legitimate OAuth 2.0 public client authorization code and use it to obtain access and ID tokens on behalf of the client. PKCE introduces steps and request parameters to prevent such interception attacks. For more information, see the Open Liberty blog.
Ensure that sufficient features are installed when you use the featureUtility installFeature command
Open Liberty In this release, the featureUtility installFeature command is updated to better manage dependencies among the features that it installs. This command now installs all versions of any dependencies that the requested feature requires, which might install a larger number of features in some circumstances. However, the related featureUtility installServerFeatures is the recommended way to install features as it always installs exactly the minimum set of features that are needed for the server configuration. For more information, see the Open Liberty blog.
WebSphere Liberty operator 1.2.2

Update to the new 1.2.2 release of WebSphere Liberty operator. Version 1.2.2 adds security fix updates for operating system packages and API libraries.

[23.0.0.7 and later]
Bug fixes in version 23.0.0.7
Open Liberty The development team made several significant bug fixes in version 23.0.0.7. For more information, see the Open Liberty blog.
WebSphere Liberty container images

The symlink of /liberty in WebSphere® Application Server Liberty official images has changed from /opt/ibm to /opt/ibm/wlp.

[23.0.0.6 and later]
WebSphere Liberty operator 1.2.1

Update to the new 1.2.1 release of WebSphere Liberty operator. Version 1.2.1 adds security fix updates for operating system packages and API libraries.

Faster startup with Liberty InstantOn
Open Liberty Liberty InstantOn uses the Checkpoint/Restore In Userspace (CRIU) feature of the Linux kernel to provide faster startup times for MicroProfile and Jakarta EE applications. Starting with version 23.0.0.6, all X86-64/AMD64 UBI Liberty container images are enabled for InstantOn. For more information, see Faster startup for containerized applications with Open Liberty InstantOn on the Open Liberty website.
[23.0.0.5 and later]
Bug fixes in version 23.0.0.5
Open Liberty The development team made a number of significant bug fixes in version 23.0.0.5. For more information, see the Open Liberty blog.
[23.0.0.4 and later]
WebSphere Liberty operator 1.2.0

Update to the new 1.2.0 release of WebSphere Liberty operator. Version 1.2.0 adds support for Linux on Power® (ppc64le) or Linux on IBM Z (s390x) platform.

The template used to build application container images was updated in version 23.0.0.4. For more information, see Creating container application images.

Bug fixes in version 23.0.0.4
Open Liberty The development team made a number of significant bug fixes in version 23.0.0.4. For more information, see the Open Liberty blog.
[23.0.0.3 and later]
Java SE 20 support
Open Liberty The 23.0.0.3 release adds support for Java Platform, Standard Edition (Java SE) Version 20. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. Java SE 20 is not a long-term supported release. Standard support is scheduled to end in September 2023. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.
Jakarta EE 10 support
Open Liberty The 23.0.0.3 release adds support for the Jakarta EE platform, version 10.0. You can run Jakarta EE 10 applications by using Java SE 8, 11, or 17. Jakarta EE 10 support on Open Liberty includes new feature versions for many Liberty features that support Jakarta EE APIs. If you are updating your application from using Jakarta EE 9.1 features to using Jakarta EE 10 features, changes in API behavior might require you to update your application code. For more information, see Differences between Jakarta EE 10 and 9.1 on the Open Liberty website and the Open Liberty blog.
MicroProfile 6.0 support
Open Liberty The 23.0.0.3 release adds support for the MicroProfile programming model version 6.0, which aligns with Jakarta EE 10. MicroProfile 6.0 is a major release. It includes Jakarta EE 10 Core Profile and replaces MicroProfile OpenTracing with MicroProfile Telemetry. Therefore, MicroProfile OpenTracing moves out of the umbrella release and becomes a stand-alone specification. This release also introduces the new versions of the MicroProfile OpenAPI, MicroProfile JSON Web Token, and MicroProfile Metrics features.

If you are updating your application from using MicroProfile 5.0 features to using MicroProfile 6.0 features, changes in API behavior might require you to update your application code. For more information, see Differences between MicroProfile 6.0 and 5.0 on the Open Liberty website and the Open Liberty blog.

[23.0.0.2 and later]
Set a timeout for the server stop command
Open Liberty The server stop command includes a default 30 second waiting period for confirmation that the server is stopped. Starting in version 23.0.0.2, a --timeout option is available for this command to increase the duration of the waiting period. For more information, see the server stop command documentation on the Open Liberty website.
Test server connections with the Admin Center Server Config tool
Open Liberty Starting in 23.0.0.2, you can test the connection to server resources from Admin Center by using the Server Config tool. For more information, see the Admin Center documentation on the Open Liberty website.
[23.0.0.1 and later]
WebSphere Liberty operator 1.1.0

Support for Red Hat OpenShift Container Platform 4.12 is added in 23.0.0.1.

Bug fixes in version 23.0.0.1
Open Liberty The development team made a number of significant bug fixes in version 23.0.0.1. For more information, see the Open Liberty blog.
[22.0.0.13 and later]
WebSphere Liberty operator 1.1.0
Distributed: [AIX MacOS Linux Windows]

Update to the new 1.1.0 release of WebSphere Liberty operator. Version 1.1.0 adds support for Semeru Cloud Compiler and updated instructions for installing in an air gap environment.

Run Liberty on Amazon EKS on AWS
For IBM i platformsDistributed: [AIX MacOS Linux Windows]You can run WebSphere Liberty on Amazon Web Services (AWS) by using an AWS Partner Solution that is called IBM WebSphere Liberty for Amazon EKS. This AWS Partner Solution installs a WebSphere Liberty operator in an Amazon Elastic Kubernetes Service (EKS) cluster. For more information, see Running WebSphere Liberty on Amazon EKS on AWS.
Configure a maximum age for FFDC files
You can configure Liberty to automatically purge FFDC log files after they reach a configured age by setting the maxFfdcAge logging configuration attribute. Previously, Liberty automatically purged FFDC files only in excess of 500 and the value was not configurable. For more information, see the maxFfdcAge attribute for the logging configuration element.
[22.0.0.12 and later]
Bug fixes in version 22.0.0.12
Open Liberty The development team made a number of significant bug fixes in version 22.0.0.12. For more information, see the Open Liberty blog.
[22.0.0.11 and later]
Secure applications with distributed security caches
Open Liberty In version 22.0.0.11 and later, multiple Liberty servers can share distributed caches by using a JCache provider. Before this release, the authentication and logged-out cookie caches were restricted to be local and in-memory. As part of this update, both caches can be stored in a distributed JCache provider. This update can improve performance and failure recovery, reduce the load on backend user registries, and improve the security posture of the server. For more information, see Distributed caching with JCache on the Open Liberty website.
Expose SPI interfaces as BELL services and inject properties into BELL services
Open Liberty The Basic extensions using Liberty libraries (BELL) 1.0 feature enables shared libraries to provide implementations of Liberty API interfaces by using Java ServiceLoader configuration files. The 22.0.0.11 release introduces two capabilities for BELL services: SPI visibility and properties configuration and injection. Previously, these capabilities were available only to user feature extensions. User features offer more capabilities than BELL services, but come with a more complex development model. These capabilities allow extension developers greater opportunity to use the simplicity of BELL services. For more information, see Basic Extensions using Liberty Libraries on the Open Liberty website.
[22.0.0.10 and later]
Java SE 19 support
Open Liberty The 22.0.0.10 release adds support for Java Platform, Standard Edition (Java SE) Version 19. You can use Java SE 19 with Liberty 22.0.0.10 or later. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. Java SE 19 is not a long-term supported release. Standard support is scheduled to end in March 2023. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.
Distributed: [AIX MacOS Linux Windows] WebSphere Liberty operator 1.0.2

Update to the new 1.0.2 release of WebSphere Liberty operator.

Use issuer claim to select which Open ID Connect client configuration to use for a JWT inbound propagation request
Open Liberty In version 22.0.0.10 and later, Open Liberty can use the issuer claim from a JWT or JWS access token to select which openidConnectClient configuration to use for a JWT inbound propagation request. Before this release, complicated authentication filters were required if more than one issuer was used for the same resource. For more information, see Configure JSON Web Token (JWT) authentication for OpenID Connect on the Open Liberty website.
[22.0.0.9 and later]
Use the Password Utilities feature without forcefully federating user registries
A new version of the Password Utilities feature, passwordUtilities-1.1, is available. This version of the feature does not start the Federated User Registry feature or the Jakarta Connectors feature. When you use this version of the feature, stand-alone user registries are not forcefully federated, which sometimes results in slightly different behavior than the previous version. The previous feature version, passwordUtilities-1.0, starts the Federated User Registry and Jakarta Connectors features by default. For more information, see Password Utilities-1.1.
[22.0.0.8 and later]
View the stack trace separately from logged messages in logging records
Open Liberty The stack trace is now separated from logged messages in logging records so that log analysis tools can present them more clearly. Previously, any logging record from a Java Logger object that used any of the methods that accept a Throwable parameter appended the stack trace to the existing message field. For more information, see the Open Liberty blog.
Configure time-based log rollover
Open Liberty You can enable time-based periodic rollover of Liberty message.log, trace.log, and http_access.log log files at their own specified time of day by using two new optional logging configuration attributes: rolloverInterval and rolloverStartTime. For more information, see Time-based log rollover and Time-based HTTP access log rollover on the Open Liberty website.
Distributed: [AIX MacOS Linux Windows] WebSphere Liberty operator 1.0.1

Update to the new 1.0.1 release of WebSphere Liberty operator.

Use kustomize to install WebSphere Liberty operator.

Verify code-signed images for WebSphere Liberty operator.

[22.0.0.7 and later]
Filter JSON logs on the application name
Open Liberty When application log messages are logged and the application name is known, the application name is now added to the LogRecordContext extension. The key is appName and the value is the application name that the message was logged from. When JSON logging is enabled, a new default JSON field that is called ext_appName is added to the JSON application logs, which specifies the application name that the log message was logged from. Previously, if you used a log analysis tool, you couldn’t filter out application logs, since the JSON fields did not have a field for the application name. For more information, see the JSON log events reference list on the Open Liberty website.
Merge stack traces into a single log event
Open Liberty When a stack trace is logged in Liberty, you can now output the emitted stack trace as a single log event. This update is helpful if you forward your logs downstream to third-party log analysis technologies, such as the Elastic Logstash Kibana (ELK) stack. You can enable this function by configuring either a bootstrap property, an environment variable, or through the server.xml file. Before this update, each line of the stack trace was printed as a separate event. For more information, see the entry for stackTraceSingleEntry in Configuration settings by source on the Open Liberty website.
[22.0.0.6 and later]
WebSphere Liberty operator
Use the WebSphere Liberty operator to deploy and manage applications on Kubernetes-based clusters. Operators are extensions to Kubernetes that provide customized, automated tasks.
Develop GraphQL applications by using Jakarta EE 9.1 components with MicroProfile GraphQL 2.0
Open Liberty The MicroProfile GraphQL-2.0 feature incorporates Jakarta EE 9.1 dependencies. With this version, you can continue to use the same functions that are provided by MicroProfile GraphQL 1.0 with updated Jakarta components, such as CDI 3.0, Jakarta REST 3.0, and JSON-B 2.0. For more information about working with GraphQL on Liberty, see Build GraphQL applications with MicroProfile GraphQL on the Open Liberty website.
[22.0.0.5 and later]
Configure specific TLS protocols
Open Liberty You can configure specific TLS protocols instead of configuring them by default. For more information, see the section in the transport security topic on configuring specific TLS protocols.
Generate the schema for a Liberty installation
Open Liberty You can use the schemaGen command to generate the schema for an entire Liberty installation. Before 22.0.0.5, this function was only available by running the java -jar command against the bin/tools/ws-schemagen.jar file. For more information, see the schemaGen command on the Open Liberty website.

Continuous fix pack delivery

WebSphere Application Server Liberty follows a continuous delivery process. Instead of delivering a large amount of content in a new version, new content is delivered gradually as optional installable features in of each fix pack. Because of the Liberty zero-migration policy, you can update to the latest fix pack and then continue to use your existing configuration and applications, with no unexpected change in behavior.

In contrast to WebSphere Application Server traditional, which has different fix packs for each version, Liberty has a single service stream. A Liberty fix pack contains the same content regardless of which product version you purchased. Fix pack 16.0.0.2 is the next Liberty fix pack after 8.5.5.9.

A diagram that shows a single line of fix packs that apply to both V8.5.5 and V9.0

For installation information, see Installing Liberty.

Multimedia Watch: The Liberty single-stream fix pack delivery video shows how Liberty fix packs are continuously delivered into a single service stream that applies to all product versions. [Transcript]

Fix pack numbering

Beginning with fix pack 16.0.0.2, WebSphere Application Server Liberty fix packs use the following numbering scheme:
Y.R.M.F
where:
  • Y = year, last 2 digits
  • R = release
  • M = modification
  • F = fix pack release during the year

For example, fix pack 16.0.0.2 refers to year 2016, release 0, modification 0, and the second fix pack of the year. For the third fix pack of 2018, the fix name would be 18.0.0.3.

This numbering change applies only to Liberty. WebSphere Application Server traditional fix packs continue to follow the V.R.M.F numbering scheme, where the letters stand for version, release, modification, and fix pack.