Stay Informed
This week, read about:
- Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
- AMD Radeon Open-Source Workstation GPU Driver Gets 10 Percent Performance Bump.
- The Stars are Aligning for Federal IT Open Source Software Adoption.
Key Security, Maintenance, and Features Releases
Non-Security Updates
Apache Camel 3.11.2
https://camel.apache.org/releases/release-3.11.2/
CAMEL-16923
Specifying OpenAPI license & contact info causes a NullPointerException
CAMEL-16922
StringHelper.removeLeadingAndEndingQuotes() may cause IndexOutOfBoundsException
CAMEL-16921
KafkaSpanDecorator sometimes sets the wrong message_bus.destination tag value
CAMEL-16920
Dump routes does not show uri with endpointdsl
Apache Cassandra 4.1
https://github.com/apache/cassandra/blob/trunk/CHANGES.txt
* Fix missed wait latencies in the output of `nodetool tpstats -F` (CASSANDRA-16938)
* Reduce native transport max frame size to 16MB (CASSANDRA-16886)
* Add support for filtering using IN restrictions (CASSANDRA-14344)
* Provide a nodetool command to invalidate auth caches (CASSANDRA-16404)
Apache Tomcat 10.0.11
http://tomcat.apache.org/tomcat-10.0-doc/changelog.html#Tomcat_10.0.11_(markt)
Fix: Enable Tomcat to start if an (old) XML parser is configured that does not support allow-java-encodings. A warning will be logged if such an XML parser is detected. (markt)
Fix: Change the behaviour of custom error pages. If an error occurs after the response is committed, once the custom error page content has been added to the response the connection is now closed immediately rather than closed cleanly. i.e. the last chunk that marks the end of the response body is no longer sent. This acts as an additional signal to the client that the request experienced an error. (markt)
Fix: 65479: When handling requests using JASPIC authentication, ensure that PasswordValidationCallback.getResult() returns the result of the password validation rather than always returning false. Fixed via pull request #438 provided by Robert Rodewald. (markt)
Code: Refactor the authenticators to delegate the check for preemptive authentication to the individual authenticators where an authentication scheme specific check can be performed. Based on pull request #444 by Robert Rodewald. (markt)
Apache TomEE 8.0.8
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350177
[TOMEE-2125] - Datasource config: MaxWait, timeBetweenEvictionRunsMillis and MinEvictableIdleTimeMillis are ignored
[TOMEE-2420] - Incorrect "Wall of fame" page layout
[TOMEE-2968] - Postgres connection error when a password contains "}"
[TOMEE-2975] - Download page must provide sigs for all release artifacts
Jboss Drools 7.59.0.Final
https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12313021&version=12359678&_sscc=t
[DROOLS-6265] - Guided Rule Editor: Formula with contains does not reopen correctly
[DROOLS-6301] - FallbackableTypeFactory issue with jackson 2.12.1 (for master)
[DROOLS-6482] - NullSafeDereferencing without predicate misses null check in exec-model
[DROOLS-6511] - ConcurrentModificationException in legacy test scenarios