Trending Topics This Week

Here is what people are talking about this week in the world of free and open source software: 

  • Microsoft Windows XP Source Code Reportedly Leaked Online.
  • Five years after creating Traefik application proxy, open-source project hits 2B downloads.
  • Open source: Why governments need to go further.

Key Security, Maintenance, and Features Releases

Non-Security Updates

 

Apache Tomcat 7.0.106, 9.0.38 and 8.5.58
7.0.106
Fix: 64582: Pre-load the CoyoteOutputStream class to prevent a potential exception when running under a security manager. Patch provided by Johnathan Gilday. (markt)
Add: Refactor the Default servlet to provide a single method that can be overridden (generateETag()) should a custom entity tag format be required. (markt)
Fix: Improve the validation of entity tags provided with conditional requests. Requests with headers that contain invalid entity tags will be rejected with a 400 response code. Improve the matching algorithm used to compare entity tags in conditional requests with the entity tag for the requested resource. Based on a pull request by Sergey Ponomarev. (markt)
Update: Deprecate the JDBCRealm. (markt)

9.0.38
Fix: 64582: Pre-load the CoyoteOutputStream class to prevent a potential exception when running under a security manager. Patch provided by Johnathan Gilday. (markt)
Fix: 64593: If a request is not matched to a Context, delay issuing the 404 response to give the rewrite valve, if configured, an opportunity to rewrite the request. (remm/markt)
Fix: Change top package name for generated emebedded classes to avoid conflict with default host name on case insensitive filesystems. (remm)
Fix: Add missing code generation for remaining digester rules. (remm)

8.5.58
Fix: 53411: Improve the handling of HTTP requests that do not explicitly specify a host name when no default host is configured. Also improve the tracking of changes to the default host as hosts are added and removed while Tomcat is running. (markt)
Fix: 64582: Pre-load the CoyoteOutputStream class to prevent a potential exception when running under a security manager. Patch provided by Johnathan Gilday. (markt)
Fix: 64593: If a request is not matched to a Context, delay issuing the 404 response to give the rewrite valve, if configured, an opportunity to rewrite the request. (remm/markt)
Add: Refactor the Default servlet to provide a single method that can be overridden (generateETag()) should a custom entity tag format be required. (markt)

Firefox 81
Browser native HTML5 audio/video controls received several important accessibility fixes:
Audio/video controls remain accessible to screen readers even when they are temporarily hidden visually.
Audio/video elapsed and total time are now accessible to screen readers where they weren't previously.
Various unlabelled controls are now labelled making them identifiable to screen readers.
Screen readers no longer intrusively report progress information unless the user requests it.

PostgreSQL 13
PostgreSQL 13 contains many new features and enhancements, including:
Space savings and performance gains from de-duplication of B-tree index entries
Improved performance for queries that use aggregates or partitioned tables
Better query planning when using extended statistics
Parallelized vacuuming of indexes
Incremental sorting

View all OpenUpdate editions >