This week, read about:
- Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files.
- DARPA Makes Hardware Bug Bounty Platform Open Source.
- Open-Source Software Needs a Security Incentive Program.
Key Security, Maintenance, and Features Releases
Apache Camel 3.7.5
Conflict with Netty TCP + Resilience4J circuit breaker
camel-rabbitmq connection leak on error during 'declare'
HttpProducer skip request headers for query params on bridge endpoint broken for common types
LazyStartProducer can result in NullPointerException in a multithreaded context
Apache Tomcat 8.5.69
Code: Refactor the RemoteIpValve to use the common utility method for list to comma separated string conversion. (markt)
Fix: Fix serialization warnings in UserDatabasePrincipal reported by SpotBugs. (markt)
Fix: 65397: Calls to ServletContext.getResourcePaths() no longer include symbolic links in the results unless allowLinking has been set to true. If a resource is skipped because of this change, a warning will be logged as this typically indicates a configuration issue. (markt)
compose run and compose exec commands use separate streams for stdout and stderr. See docker/compose-cli#1873.
compose run and compose exec commands support detach keys. Fixes docker/compose-cli#1709.
Fixed --force and --volumes flags on compose rm command. See docker/compose-cli#1844.
Fixed network’s IPAM configuration. Service can define a fixed IP. Fixes for docker/compose-cli#1678 and docker/compose-cli#1816
The New Stack: Cassandra, Kafka, and Spark
This new white paper shows how this open source stack for streaming data is transforming sales, supply chain management, and overall business outcomes.