-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Open Liberty 21.0.0.6 Runtime security update
Advisory ID:       RHSA-2021:2439-01
Product:           Open Liberty
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:2439
Issue date:        2021-06-15
=====================================================================

1. Summary:

Open Liberty 21.0.0.6 Runtime is now available from the Customer Portal.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Open Liberty is a lightweight open framework for building fast and
efficient cloud-native Java microservices.

This release of Open Liberty 21.0.0.6 serves as a replacement for Open
Liberty 21.0.0.3, and includes a security fix and enhancements. For
specific information about this release, see links in the References
section.

Security Fix(es):

* myfaces: Cross-site request forgery vulnerability in Apache MyFaces
(CVE-2021-26296)

For more details about the security issue(s), see the IBM Security Bulletin
links for each CVE, listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link (you must
log in to download the update).

4. JIRA issues fixed (https://issues.jboss.org/):

IBMRT-133 - Create Errata (RHSA) for Open Liberty

5. References:

https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=open.liberty&downloadType=distributions&version=21.0.0.6
https://www.ibm.com/support/pages/node/6441433
https://access.redhat.com/articles/4544981
https://access.redhat.com/products/open-liberty
https://access.redhat.com/documentation/en-us/open_liberty/

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYMimftzjgjWX9erEAQhrsA//Y0ojMf2eAgzAzR8wlmNm8WmzB57R2j4d
6NWTmOLcgxOtqah3YHlJwpNmd3TCnLewNZPvYWFHYtu/OlQThItno89xN6ttadQt
xOVX+lI5f9Ks3xo0EyO/8RhmSHTs6goGVK3spjkgjNMh+Gb2BuReFxx+LKAySiyS
QMMV90A46/HPfFlPYtlQTpVmISe1efeG2aCbvCFZDTUbm4luSxTThL1CsNpeE+1A
/5d8RG64269/1VLN/z9SnkpOO/0mMPmNXroC3+Y9XBfVt1rdDlzKskvlQkdoifix
7mpyEu66Q1wL3K9qTuzf939Avd4Eha1V/gHQAcrBuwPVofm9OZ3Vkgog9Q1bXWmp
UACXXfY+obV3eNveLqVpDdwt/DlUQKwWb1nbi8S43uYgXnaM03W1POgFoFTJ2QPT
QKs2f1ZeAWVN1CuORY/Q8OTo79EDEeNgjia874uk87pdbHtoxe8VwUiTVIeL+049
kHlJbqwhk5Fp2G7qfaDrQT+J/Lo8KxRcSI+akhQGknPdK9OFNiUM1TcgINk3qsTQ
znUfcqoHnsYFoEfcG3sWc7UWMp7WK6q83lNn8jf87xb4JTlr8qzjenNn55oTaCoe
DqEn/kMPTbb3hqZ6i0Jjej4/RdiA/oM6IWAD7gZ5HZoUSU1GbwyGVPoYSb0brT1J
W1Q0HnRVJlU=
=mOIE
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce