Stay Informed

This week, read about:


Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Tomcat 8.5.79
Fix:  65736: Disable the forceString option for the JNDI BeanFactory and replace it with an automatic search for an alternative setter with the same name that accepts a String. This is a security hardening measure. (markt)
Code:  65853: Refactor the CsrfPreventionFilter to make it easier for sub-classes to modify the nonce generation and storage. Based on suggestions by Marvin Fröhlich. (markt)
Fix:  65991: Avoid NPE with SSLAuthenticator when boundOnInit is used on a connector, during the check for client certificate authentication availability. (remm)
Fix:  66009: Use getSubjectX500Principal().toString() rather than getSubjectX500Principal().getName(...) to retrieve a certificate DN, to match the output of the deprecated getSubjectDN().getName() that was used previously. (remm)
Kubernetes 1.24.1
Fix JobTrackingWithFinalizers that:
was declaring a job finished before counting all the created pods in the status
was leaving pods with finalizers, blocking pod and job deletions
JobTrackingWithFinalizers is still disabled by default. (#109486, @alculquicondor) [SIG Apps and Testing]

View all OpenUpdate editions >