Stay Informed

This week, read about:

  • AiryxOS Wants to be an Open-Source MacOS, Complete with Support for Mac Apps.
  • Mobile Banking Trojan BRATA Gains New, Dangerous Capabilities.
  • NZ's Catalyst IT Delivers Open-Source System for Uni library.

Key Security, Maintenance, and Features Releases


Non-Security Updates

Apache Kafka 3.1.0
[KAFKA-4064] - Add support for infinite endpoints for range queries in Kafka Streams KV stores
[KAFKA-8522] - Tombstones can survive forever
[KAFKA-8613] - Make Grace Period Mandatory for Windowed Operations in Streams
[KAFKA-10712] - Update release scripts to Python3

Apache Struts 2.5.29
[WW-5117] - %{id} evaluates different for data-* and value attribute
[WW-5160] - Template not found for name "Empty{name='templateDir'}/simple/hidden.ftl"
[WW-5163] - Error executing FreeMarker template

Apache Tomcat 10.0.16, 9.0.58 and 8.5.75
Fix:  Correct a regression in the fix for 65785 that broke HTTP/2 server push. (markt)
Code:  Switch to building with Java 11 and using --release to target Java 8. Once back-ported to all currently supported branches this will reduce the number of Java versions developers need to juggle. (markt)
Fix:  Correct a regression in the fix for 65785 that broke HTTP/2 server push. (markt)
Fix:  Correct a regression in the fix for 65785 that broke HTTP/2 server push. (markt)

Drools 7.64.0.Final
[DROOLS-6729] - Exception happens randomly in specific rule after Constraint Jitting
[DROOLS-6484] - Create ConstraintParserTest
[DROOLS-6741] - Upgrade to mvel 2.4.14+

Firefox 96.0.2
Fixed an issue that caused tab height to display inconsistently on Linux when audio was played (bug 1714276)
Fixed an issue that caused Lastpass dropdowns to appear blank in Private Browsing mode (bug 1748158)
Fixed a crash encountered when resizing a Facebook app (bug 1746084)

Hibernate ORM 5.6.4
HHH-15032 Fix backwards incompatible SPI change that happened in 5.6.2 due to introducing SqlStringGenerationContext
HHH-15022 Bug After Upgrade Hibernate from 5.6.1.Final to 5.6.3.Final
HHH-15002 H2Dialect does not work properly with h2 2.0.202 and booleans types

Kubernetes 1.23.2
An inefficient lock in EndpointSlice controller metrics cache has been reworked. Network programming latency may be significantly reduced in certain scenarios, especially in clusters with a large number of Services. (#107167, @robscott) [SIG Apps and Network]
Client-go: fix that paged list calls with ResourceVersionMatch set would fail once paging kicked in. (#107334, @fasaxc) [SIG API Machinery]
Fix a panic when using invalid output format in kubectl create secret command (#107347, @rikatz) [SIG CLI]
Fix: azuredisk parameter lowercase translation issue (#107429, @andyzhangx) [SIG Cloud Provider and Storage]

MySQL 8.0.28
This release fixes the following two issues relating to date and time values:
Inserting a CHAR value such as '12:00:00' into a DATE, DATETIME, or TIMESTAMP column raised the wrong error. In the case of a DATE column, this error was similar to Data truncation: Incorrect date value: '2012-00-00' for column 'd' at row 1. This occurred for both the binary and text protocols.
Inserting a value with an offset into a DATE or TIME column using the binary protocol gave a wrong result. For example, when the connection time zone was set to GMT-5, inserting '2021-10-10 00:00:00.123+01:00' into a TIME column yielded '18:00:00'; that is, the value was converted to the connection time zone (this should be done only with respect to DATEIME columns).

Wildfly 26.0.1 
[WFLY-15932] - RemoteLocalCallProfileTestCase fails when the security manager is enabled
[WFLY-15933] - Failures in OidcWithDeploymentConfigTest on 26.x branch
[WFLY-15873] - Remove Elytron OIDC client dependencies from WildFly
[WFLY-15890] - Add documentation on multi-tenancy to the Elytron OpenID Connect Client subsystem documentation

ISC Bind 9.16.25
Overall memory use by named has been optimized and reduced, especially on systems with many CPU cores. The default memory allocator has been switched from internal to external. A new command-line option -M internal allows named to be started with the old internal memory allocator. [GL #2398]
On FreeBSD, TCP connections leaked a small amount of heap memory, leading to an eventual out-of-memory problem. This has been fixed. [GL #3051]
If signatures created by the ZSK were expired and the ZSK private key was offline, the signatures were not replaced. This behavior has been amended to replace the expired signatures with new signatures created using the KSK. [GL #3049]
Under certain circumstances, the signed version of an inline-signed zone could be dumped to disk without the serial number of the unsigned version of the zone. This prevented resynchronization of the zone contents after named restarted, if the unsigned zone file was modified while named was not running. This has been fixed. [GL #3071]

PHP 8.1.2 and 8.0.15
Fixed bug #81216 (Nullsafe operator leaks dynamic property name).
Fixed bug #81684 (Using null coalesce assignment with $GLOBALS["x"] produces opcode error).
Fixed bug #81656 (GCC-11 silently ignores -R).
Fixed bug #81683 (Misleading "access type ... must be public" error message on final or abstract interface methods).
Fixed bug #81656 (GCC-11 silently ignores -R).
Fixed bug #81585 (cached_chunks are not counted to real_size on shutdown).
Fixed bug #7759 (Incorrect return types for hash() and hash_hmac()).

View all OpenUpdate editions >