This week, read about:
- Wormable DarkRadiation Ransomware Targets Linux and Docker Instances.
- Open Source Constants | InfoWorld.
- Google Extends Open Source Vulnerabilities Database to Python, Rust, Go, and DWF.
Key Security, Maintenance, and Features Releases
Apache Camel 3.11.0
camel-yaml-dsl - Yaml schema validation error for rest endpoints
Recipient list does not wait for processing an exchange by recipients and ignores aggregation strategy when route is transacted.
camel-mock - In predicate should be one predicate
Conflict with Netty TCP + Resilience4J circuit breaker
Fix occasional hangs with Software WebRender on Linux (bug 1708224)
Hibernate ORM 5.5.3
HHH-14654 geolatte-geom Geometry types no longer works with geography column types
HHH-14597 Regression bug: could not resolve property: null of:
HHH-13788 Schema update try to recreate existing tables
HHH-4808 SessionImpl.initializeCollection() does not release JDBC connection (if outside of a transaction)
Update stapler from 1539.v2f05ce93882d to 1563.v3da2d02f9572. (pull 5549, Stapler 1539.v2f05ce93882d changelog, Stapler 1563.v3da2d02f9572 changelog)
Developer: InterceptingExecutorService and its subclasses no longer extend com.google.common.util.concurrent.ForwardingExecutorService or com.google.common.collect.ForwardingObject. (pull 5565)
Remove jna-posix dependency from Jenkins core. Plugins that use jna-posix functionality must be migrated from jna-posix to jnr-posix. (pull 5560, Maven Repository Scheduled Cleanup plugin, SICCI for Xcode plugin, java.io.tmpdir cleaner plugin)
PostgreSQL JDBC Driver 42.2.22
Regression caused by https://github.com/pgjdbc/pgjdbc/commit/4fa2d5bc1ed8c0086a3a197fc1c28f7173d53cac. Unfortunately due to the blocking nature of the driver and issues with seeing if there is a byte available on a blocking stream when it is encrypted this introduces unacceptable delays in returning from peek(). At this time there is no simple solution to this.
[WFLY-13625] - Security Realms should support specifying the charset and encoding for credentials.
[WFLY-13916] - Elytron server-ssl-context allowed protocols
[WFLY-14007] - Certificate Revocation Lists
[WFLY-14563] - As a developer, I can use a quickstart to showcase WildFly connecting to a DB on OpenShift
Dev Environments Preview: Dev Environments enable you to seamlessly collaborate with your team members without moving between Git branches to get your code onto your team members’ machines. When using Dev Environments, you can share your in-progress work with your team members in just one click, and without having to deal with any merge conflicts. For more information and for instructions on how to use Dev Environments, see Development Environments Preview.
Compose V2 beta: Docker Desktop now includes the beta version of Compose V2, which supports the docker compose command as part of the Docker CLI. For more information, see Compose V2 beta. While docker-compose is still supported and maintained, Compose V2 implementation relies directly on the compose-go bindings which are maintained as part of the specification. The compose command in the Docker CLI supports most of the docker-compose commands and flags. It is expected to be a drop-in replacement for docker-compose. There are a few remaining flags that have yet to be implemented, see the docker-compose compatibility list for more information about the flags that are supported in the new compose command. If you run into any problems with Compose V2, you can easily switch back to Compose v1 by either by making changes in Docker Desktop Experimental Settings, or by running the command docker-compose disable-v2. Let us know your feedback on the new ‘compose’ command by creating an issue in the Compose-CLI GitHub repository.
[JBPM-9714] - Include sort column to queries processes by variables and tasks API
[JBPM-9735] - Improve jbpm Engine Message 1:1 (Adding correlation keys and collaboration compliant spec subscription) / engine
[JBPM-9777] - Enrich information of jbpmHumanTasksWithAdmin default query
[JBPM-9780] - Accept all possible properties for Kafka Consumer/Producer
Improvement to the EXPLAIN QUERY PLAN output to make it easier to understand.
Byte-order marks at the start of a token are skipped as if they were whitespace.
An error is raised on any attempt to access the rowid of a VIEW or subquery. Formerly, the rowid of a VIEW would be indeterminate and often would be NULL. The -DSQLITE_ALLOW_ROWID_IN_VIEW compile-time option is available to restore the legacy behavior for applications that need it.
The sqlite3_deserialize() and sqlite3_serialize() interfaces are now enabled by default. The -DSQLITE_ENABLE_DESERIALIZE compile-time option is no longer required. Instead, there is is a new -DSQLITE_OMIT_DESERIALIZE compile-time option to omit those interfaces.
ICYMI: OpenLogic Adds Support Offerings for Rocky Linux and AlmaLinux
Last week, OpenLogic announced SLA-backed support for both Rocky Linux and AlmaLinux distributions.