Trending Topics This Week
Here is what people are talking about this week in the world of free and open source software:
• Top 5 tips for leaders to keep in mind when implementing open source.
• Hackers target military and aerospace staff by posing as job offerings.
• How virtualization and open source are unending the telecom industry.
Key Security, Maintenance, and Features Releases
This release is mostly about robustness and bug fixes.
We have also continued the work to make Camel more modular and lighter. This time we removed the dependency on JAXB in the Swagger and OpenAPI modules. This helps Camel on GraalVM and native compilation as JAXB is a heavy piece of stack, allowing GraalVM to eliminate it more easily.
We continued to remove usage of reflection in Camel and found a few spots more where reflection was in use, when configuring nested options.
We also added back support for configuring duration values using the shorthand syntax, such as timeout=30000 can be specified as timeout=30s. We had to remove this in earlier versions of Camel 3 due to optimizations. But for Camel 3.4 we found a new way.
[HHH-14077] - CVE-2019-14900 SQL injection issue using JPA Criteria API.
[HHH-14081] - CompositeIdFkGeneratedValueIdentityTest and CompositeIdFkGeneratedValueTest failures on Oracle db.
[HHH-14075] - Changes to loaders and TwoPhaseLoad to allow "internal" loading to be reused by hibernate-reactive.
[HHH-14023] - H2: Adapt to sequence and column types changes in 1.4.201
[HHH-14083] - Gradle, add task to automate the CI release process.
Implement reliable invocation order for advice within an @Aspect #25186
Performance enhancement in execution of ResponseEntity.of() #25183
Support for shared GroovyClassLoader in GroovyScriptFactory #25177
Suggest making a Set.size() > 0 judgement for AbstractApplicationContext.earlyApplicationEvents #25161
Delay AuthenticationPrincipalArgumentResolver Lookup #8614
Fix typos in BCryptPasswordEncoder documentation #8601
Fixing typo in SAML 2.0 Sample README #8600
Mock request with non-standard HTTP method in test #8597
New OpenJDK Vulnerabilities Blog
Also, check out new OpenJDK Vulnerabilities blog from OpenLogic to ensure your software is secure!