This week, read about:
- “As Nasty as Dirty Pipe” – 8 Year Old Linux Kernel Vulnerability Uncovered.
- OpenSSF Announces 13 New Members Committed to Strengthening the Security of the Open Source Software Supply Chain.
- Dreamworks & Autodesk Open-Source Software, Amazon makes AWS Thinkbox Tools Free.
Key Security, Maintenance, and Features Releases
Non-security Based Updates
Apache Camel 3.14.5
camel-http - HttpSendDynamicAware not optimizing for url without slashes
camel-mail: attachments with empty fileName
camel-spring-xml - <endpoint> bean added via beans.xml are parsed twice
camel-core - Exception during preparing exchange task can block thread
Docker Compose 2.10.0
Give environment variables precedence back to OS over .env by @ulyssessouza in #9761
Update usage strings for consistency by @thaJeztah in #9706
Resolve environment variables case-insensitively on Windows by @ikedam in #9438
Do not stop dependency containers by @milas in #9701
Spring Framework 5.3.22
Improve regex "." matching for URL paths #28815
Spring JDBC does not recognize LocalDate and LocalDateTime in javaType to sqlType Mapping #28778
ResolvableType.forInstance should return NONE for null instance #28776
Correctly identify MaxUploadSizeExceededException through keywords in message from Jetty 9.4.x #28759
Spring Security 5.7.3
Add Deprecated annotation to WebSecurity#securityInterceptor #11637
Check saganCreateRelease saganDeleteRelease Required Permissions #11425
org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #11605
RequestAttributeSecurityContextRepository.loadContext(HttpServletRequest) should never return null SecurityContext #11606
Add (long overdue) support for RIGHT and FULL OUTER JOIN.
Add new binary comparison operators IS NOT DISTINCT FROM and IS DISTINCT FROM that are equivalent to IS and IS NOT, respective, for compatibility with PostgreSQL and SQL standards.
Add a new return code (value "3") from the sqlite3_vtab_distinct() interface that indicates a query that has both DISTINCT and ORDER BY clauses.
Added the sqlite3_db_name() interface.
Planning a CentOS to Rocky Linux Migration?
In this blog, we look at why teams are migrating from CentOS to Rocky Linux, potential migration paths, and other considerations for teams deciding to migrate to Rocky Linux.
With CentOS 6 and CentOS 8 now end of life, and CentOS 7 EOL set to arrive in early 2024, teams around the world are undergoing or preparing their migrations off CentOS. One popular CentOS migration path? Migrating CentOS to Rocky Linux.