Trending Topics This Week

Here is what people are talking about this week in the world of free and open source software: 

  • Why Human Error is #1 Cyber Security Threat to Businesses in 2021.
  • CHIPS Alliance Hires New Director to Push Open-Source Chips Ecosystem Into Next Gear.
  • Open Source "Vaccine Passports:" Linux Foundation Public Health Talks Development, Security, and Digitally Restoring Trust.

 

Key Security, Maintenance, and Features Releases

 

Security Updates

PHP 8.0.2, 7.4.15 and 7.3.27
8.0.2
Fixed bug #80523 (bogus parse error on >4GB source code).
Fixed bug #80384 (filter buffers entire read until file closed).
Fixed bug #80596 (Invalid union type TypeError in anonymous classes).
Fixed bug #80617 (GCC throws warning about type narrowing in ZEND_TYPE_INIT_CODE).
7.4.15
Fixed bug #80523 (bogus parse error on >4GB source code).
Fixed bug #80384 (filter buffers entire read until file closed).
7.3.27
Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702)
 

Non-Security Updates

Apache Camel 3.7.2
CAMEL-16135
Exception on routeinitialization when using split in onException-Block
CAMEL-16114
DataFormat UnmarshalType defined as an Array Class Fails in Java DSL
CAMEL-16112
Camel REST deserializes response to wrong type
CAMEL-16111
camel-spring-boot - Bean reference by name in properties not working when there are custom property converters

Apache Tomcat 7.0.108
fix           56181: Update the RemoteIpValve and RemoteIpFilter so that calls to ServletRequest.getRemoteHost() are consistent with the return value of ServletRequest.getRemoteAddr() rather than always returning a value for the proxy. (markt)
fix           Ensure that values are not duplicated when manipulating the vary header. Based on a pull request by Fredrik Fall. (markt)
fix           Avoid uncaught InaccessibleObjectException on Java 16 trying to clear references threads. (remm)
fix           65047: If the AccessLogValve is unable to open the access log file, include information on the current user in the associated log message (markt)

JBoss Drools 7.49.0.Final
[DROOLS-5122] - SceSim is not clearing alert after update, successful Save and re Run
[DROOLS-5512] - Unsaved changes dialog for a Test Scenario executed right after creation
[DROOLS-5848] - CallMethod with ActionFieldFunctions does not compile
[DROOLS-5874] - Guided Rule Editor: Call method on XYZ with literal value containing quotes does not re-open correctly

Squid 4.14
- Regression Fix: support for non-lowercase Transfer-Encoding value
- Regression Fix: cachemgr.cgi wrong 403 response to authenticated menu URIs
- Bug 5076: WCCP Security Info incorrect
- Bug 5073: Compile error: index was not declared in this scope
 

Planning a Service Mesh: Key Focus Areas  

Executing an open source software service mesh can seem insurmountable, especially when dealing with large legacy systems. However, having well-structured transformation plan can make that process much more achievable.

In this blog, we discuss some of the key focus areas used in planning a service mesh transformation, including sections on determining business capabilities, establishing governance models, operational and security considerations, and the milestones used to track your progress.
 

View all OpenUpdate editions >