Trending Topics This Week
Here is what people are talking about this week in the world of free and open source software:
- New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data.
- Chef Cofounder on CentOS: It's Time to Open Source Everything.
- 5 Reasons Open Source Needs To Be A Key Part Of Your 2021 Analytics Strategy.
Key Security, Maintenance, and Features Releases
Non-Security Updates
Apache Camel 3.7.0
CAMEL-15931
Camel 3.6 fails to resolve #bean:name notation for camel.component.pulsar.pulsar-client
CAMEL-15920
Cannot parse CSV if the last (not required) field is empty when using a tab separator
CAMEL-15919
Response message definition does not correctly handle java.io.File as response model
CAMEL-15902
Camel-Opentelemetry-starter: Spring Boot starter is broken
Firefox 84
Native support for macOS devices built with Apple Silicon CPUs brings dramatic performance improvements over the non-native build that was shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a new Apple device, follow these steps to upgrade to the latest Firefox.
WebRender rolls out to MacOS Big Sur, Windows devices with Intel Gen 6 GPUs, and Intel laptops running Windows 7 and 8. Additionally we'll ship an accelerated rendering pipeline for Linux/GNOME/X11 users for the first time, ever!
Firefox now uses more modern techniques for allocating shared memory on Linux, improving performance and increasing compatibility with Docker.
Firefox 84 is the final release to support Adobe Flash.
Jenkins 2.271
Stop bundling CVS plugin. Jenkins will no longer automatically install CVS plugin on startup if a plugin depending on Jenkins (then Hudson) 1.340 or earlier is discovered. If you use a plugin that relies on the functionality provided by CVS plugin and manage plugins outside the Jenkins plugin manager, you will now need to ensure yourself that a recent release of CVS plugin is installed. Jenkins will attempt to load such plugins but may fail at any time during startup or afterwards with ClassNotFoundException or similar. (pull 5102)
Don't tell users to signup if they can't. (issue 64426)
Correct Freestyle font-size for descriptions. (issue 64332)
FieldUtils now silently fails to set public final fields again. (issue 64390)
ISC Bind 9.16.10
Handling of missing DNS COOKIE responses over UDP was tightened by falling back to TCP. [GL #2275]
The CNAME synthesized from a DNAME was incorrectly followed when the QTYPE was CNAME or ANY. [GL #2280]
Building with native PKCS#11 support for AEP Keyper has been broken since BIND 9.16.6. This has been fixed. [GL #2315]
Spring Framework 5.3.2
Refine ConfigurationClassPostProcessor behavior in native images #26236
Ability to correlate ByteBuf leak records to log messages for a specific request #26230
Avoid CGLIB proxies in websocket/messaging configuration #26227
ContentCachingResponseWrapper should not add “Content-Length” when “Transfer-Encoding” is present #26182
Understanding the PLEASE_READ_ME MySQL Database Ransomware
MySQL is again making headlines, this time due to a new MySQL database ransomware attack that has compromised 250,000 databases. For those affected by the attack, the ransomers are demanding a ransom of 0.08 BTC, or around 1435.17 USD. This blog discuss how the attack works, who it affects, and how to minimize exposure for internet facing databases.