Stay Informed
This week, read about:
- NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation.
- Synopsys Study Highlights Core Challenges with Managing Open Source Risk in Software Supply Chains.
- OpenMetal Joins the Open Infrastructure Foundation.
Key Security, Maintenance, and Features Releases
Security Updates
Jenkins 2.342
Change formatting in the "Configure Security" screen. f:dropdownDescriptorSelector now honors help.html for the selected descriptor. (pull 5417)
Upgrade Spring Framework from 5.3.16 to 5.3.18 (released on March 31, 2022). This release of Spring Framework addresses the security vulnerability CVE-2022-22965. (pull 6422, Spring Framework, Spring project spring-framework 5.3.17 release notes, Spring project spring-framework 5.3.18 release notes, CVE-2022-22965, Spring vulnerability CVE-2022-22965 does not affect Jenkins core)
Miscellaneous polishing of various components. (pull 6411)
Non-Security Updates
Firefox 99
You can now toggle Narrate in ReaderMode with the keyboard shortcut "n."
You can find added support for search—with or without diacritics—in the PDF viewer.
The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11).
Firefox now supports credit card autofill and capture in Germany and France.
Hibernate ORM 6.0
It has been years in the making, but ORM 6.0 Final has finally been released!
This announcement will discuss the major changes, as well as give insight into why certain choices were made.
We will also be following up with a series of more focused posts targeting specific improvements or cool new features. Stay tuned!