-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: Open Liberty 20.0.0.11 Runtime security update
Advisory ID:       RHSA-2020:4344-01
Product:           Open Liberty
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4344
Issue date:        2020-10-26
====================================================================
1. Summary:

Open Liberty 20.0.0.11 Runtime is now available from the Customer Portal.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

Open Liberty is a lightweight open framework for building fast and
efficient cloud-native Java microservices.

This release of Open Liberty 20.0.0.11 serves as a replacement for Open
Liberty 20.0.0.10 and includes enhancements. For specific information about
this release, see links in the References section.

Security Fix(es):

* Vulnerability in Hibernate Validator affects WebSphere Application Server
Liberty (CVE-2020-10693)

For more details about the security issue(s), see the IBM Security Bulletin
links for each CVE, listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link (you must
log in to download the update).

4. JIRA issues fixed (https://issues.redhat.com/plugins/servlet/samlsso

IBMRT-98 - Release Open Liberty 20.0.0.11

5. References:

https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=open.liberty&downloadType=distributions&version=20.0.0.11
https://www.ibm.com/support/pages/node/6348216
https://access.redhat.com/articles/4544981
https://access.redhat.com/products/open-liberty
https://access.redhat.com/documentation/en-us/open_liberty/

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX5bultzjgjWX9erEAQjACQ/+Nw+SAv/y7wpGk+mcGE2Pk604fMx3sOe8
hkwi04Op7YHhnF/gPysjhUrciXqtqPKWwYMJGgt5Q/7PnSFB5gExhprYHOERoF/H
KJO/qwEJ6OVOaw9UNSoIkXj3UnoFygsyq7CTFS+3Q6hWrtfoO0zN8o6F6EHf4Smi
Xo/tBWmr2ZVnri731oVX+TQ/rnFpU/Wm3VRu0MqAf8WpRP6TsolIojrkOG2ahRC7
rcThn/LD/bNt+ea36+4f8ma9Q2NGU4fyD6pduLtMQ9mh++qdz6VU6oMeABhijX7u
JTj3749KBS8k3VPG82dc66arPtuEsBBXFitd1ir3LaLsskZchii3xXpQRQkpbFkM
dOQ2mbY2+VAhjoYFcF7ER3/dHG4fYZIj2aUfqwJiumMNefu1smidpth8/AiXCCBj
Kc6viheq7HUITtPQnMovS706LBcxEgyGenDM1vQpfOLSzu9LxedPc3QpkRBmFtUV
kIJsuM8YKM/1dT/Jn5ClOz2uJRfOl17jhTYyq7VNOKPFSsodpUGxUIcQCGnkWRdY
kv6c+dAwweTOnURkSnGLi5mnTvhzPNp2QwzV7d0XS0XXQ1gbz3kT4kH1PtBdgg8k
GzDxAsNxdESpuHQurjKOPEWimbURtusmCLXoQqoRIjAizHe8GY82PboG3NXoTbc1
ZTJ+aeNDwNk=DGrp
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2020-4344:01 Moderate: Open Liberty 20.0.0.11 Runtime security

Open Liberty 20.0.0.11 Runtime is now available from the Customer Portal

Summary

Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices.
This release of Open Liberty 20.0.0.11 serves as a replacement for Open Liberty 20.0.0.10 and includes enhancements. For specific information about this release, see links in the References section.
Security Fix(es):
* Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693)
For more details about the security issue(s), see the IBM Security Bulletin links for each CVE, listed in the References section.



Summary


Solution

Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link (you must log in to download the update).
4. JIRA issues fixed (https://issues.redhat.com/plugins/servlet/samlsso
IBMRT-98 - Release Open Liberty 20.0.0.11

References

https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=open.liberty&downloadType=distributions&version=20.0.0.11 https://www.ibm.com/support/pages/node/6348216 https://access.redhat.com/articles/4544981 https://access.redhat.com/products/open-liberty https://access.redhat.com/documentation/en-us/open_liberty/

Package List


Severity
Advisory ID: RHSA-2020:4344-01
Product: Open Liberty
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4344
Issued Date: : 2020-10-26

Topic

Open Liberty 20.0.0.11 Runtime is now available from the Customer Portal.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures


Bugs Fixed


Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved