Trending Topics This Week
Here is what people are talking about this week in the world of free and open source software:
- Minnesota University Apologizes for Contributing Malicious Code to the Linux Project.
- Guru: A Simple Script That Capitalizes on IBM i’s Open Source Capabilities.
- SniperPhish: An All-in-One Open-Source Phishing Toolkit.
.
Key Security, Maintenance, and Features Releases
Non-Security Updates
Apache Camel K 1.4.0
Apache Camel K 1.4.0 has just been released!
This is a new major release of Camel K with an improved stability over previous versions, but also adding new features that simplify the overall user experience.
It is based on Camel 3.9.0 and Camel-Quarkus 1.8.1, providing all improvements that they bring, plus much more. In this blog post, we’re going to describe the most important changes.
MySQL 8.0.24
MySQL Enterprise Audit now supports audit log file pruning, for JSON-format log files. See Space Management of Audit Log Files.
GCC 10 is now a supported compiler for building MySQL on EL7 or EL8. This compiler is available in the devtoolset-10 (EL7) or gcc-toolset-10 (EL8) package. It is also recommended to use GCC 10 when building third-party applications that are based on the libmysqlclient C API library. (Bug #32381003)
Previously, if a client did not use the connection to the server within the period specified by the wait_timeout system variable and the server closed the connection, the client received no notification of the reason. Typically, the client would see Lost connection to MySQL server during query (CR_SERVER_LOST) or MySQL server has gone away (CR_SERVER_GONE_ERROR).
In such cases, the server now writes the reason to the connection before closing it, and client receives a more informative error message, The client was disconnected by the server because of inactivity. See wait_timeout and interactive_timeout for configuring this behavior. (ER_CLIENT_INTERACTION_TIMEOUT).
PostgreSQL JDBC Driver 42.2.20
The release notes for this driver can be found here; https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.20
GnuPG 2.3.1
The new configuration file common.conf is now used to enable the use of the key database daemon with "use-keyboxd". Using this option in gpg.conf and gpgsm.conf is supported for a transitional period. See doc/example/common.conf for more.
gpg: Force version 5 key creation for ed448 and cv448 algorithms.
gpg: By default do not use the self-sigs-only option when importing from an LDAP keyserver. [#5387]
gpg: Lookup a missing public key of the active card via LDAP. [d7e707170f]
Log4J 2.14.1
Fix Add log method with no parameters - i.e. it has an empty message. Fixes LOG4J2-3033. rgoers
Fix Document that LogBuilder default methods do nothing. Fixes LOG4J2-2947. rgoers
Fix Replace HashSet with IdentityHashMap in ParameterFormatter to detect cycles. Fixes LOG4J2-2948. vy
Fix OutputStreamManager.flushBuffer always resets the buffer, previously the buffer was not reset after an exception. Fixes LOG4J2-3028. Thanks to Jakub Kozlowski.
MyBatis 3.5.7
Prevent thread from being blocked by JDK-8 ConcurrentHashMap#computeIfAbsent() bug on dependency library
Fix doc typo documentation
Call to 'toArray()' with pre-sized array argument 'new String[map.key… polishing
Prevent errors when accessing the cache concurrently bug
SQLite 3.35.5
Added built-in SQL math functions(). (Requires the -DSQLITE_ENABLE_MATH_FUNCTIONS compile-time option.)
Added support for ALTER TABLE DROP COLUMN.
Generalize UPSERT:
Allow multiple ON CONFLICT clauses that are evaluated in order,
The final ON CONFLICT clause may omit the conflict target and yet still use DO UPDATE.
Get the Decision Maker's Guide to Enterprise Linux
Our new guide gives in-depth, expert analysis on 20 of the top Enterprise Linux distributions, with a detailed assessment of build stability, ecosystem maturity, and more.
New Forrester Study: Seizing Open Source Opportunity
See stats and analysis on how open source strategies directly impact business success in this Forrester Consulting study commissioned by OpenLogic.