This week, read about:
- Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions.
- Twitter Encrypted DMs Will Adopt Open-Source Signal Protocol, Suggest iOS Code.
- The US Securing Open Source Software Act of 2022 is a Step In The Right Direction.
Key Security, Maintenance, and Features Releases
Non-security Based Updates
Alma Linux 9.1
Added a new remote machine attestation tool:
SELinux user-space packages to version 3.4
Added SHA-256 support in the semodule tool
libsepol-utils package has new policy utilities
Apache Struts 6.1.1
[WW-3529] - NamedVariablePatternMatcher does not properly escape characters
[WW-3737] - Parsing of excludePattern breaks regex
[WW-4514] - DefaultUrlHelper.buildParametersString appends just ? if collection is empty
[WW-5145] - Checkbox with multiple values do not default correctly
Apache Tomcat 8.5.84
Fix: 66330: Correct a regression introduced when fixing 62897 that meant any value configured for skipMemoryLeakChecksOnJvmShutdown on the Context was ignored and the default was always used. (markt)
Fix: 66331: Fix a regression in refactoring for Stack on the SystemLogHandler which caught incorrect exception. (lihan)
Fix: 66338: Fix a regression that caused a nuance in refactoring for ErrorReportValve. (lihan)
Fix: Escape values used to construct output for the JsonErrorReportValve to ensure that it always outputs valid JSON. (markt)
Docker Compose 2.13.0
Add --no-consistency flag to convert command by @glours in #9976
Add --build to compose run by @laurazard in #10007
Display creation warnings from the engine by @glours in #9998
Map deploy.restart_policy.condition to engine values by @glours in #9944
Rocky Linux 9.1
We are pleased to announce the general availability of Rocky Linux 9.1. This release is currently available for the x86-64, aarch64, ppc64le, and s390x architectures. Please review the release notes in the Rocky Linux Documentation - These notes contain important information including known bugs and more comprehensive details about changes in this version.