Stay Informed

We are pleased to announce that our customers with AngularJS Long Term support received another patch that fixes CVE-2022-25869 a cross-site scripting (XSS) vulnerability due to insecure page catching in the Internet Explorer (IE) browser. You can find more details about that here.

This week, read about:

Key Security, Maintenance, and Features Releases


Non-security Based Updates

Apache Camel 3.14.6
CAMEL-18544
camel-http - ToD optimized context-path with spaces problem
CAMEL-18530
Camel box cannot authorize
CAMEL-18490
camel-jbang - Reset statistics can cause JMX inflight counter to be negative
CAMEL-18432
DockerConfiguration malformerd UriPath for variable operation
 
Firefox 106.0.5
Addresses a crash experienced by users with Intel Gemini Lake CPUs.
 
Hibernate ORM 5.6.13
Bugfix: HHH-15634 Lazy basic property does not get updated on change
An important issue was identified: when enabling bytecode enhancement and applying this to lazy loaded properties, the Hibernate ORM engine would fail to recognize dirtyness properly.
We would recommend everyone who is using bytecode enhancement to update to prevent failing to write the correct state back to the database.
Bugfix: HHH-15554 Merge of an Entity with an immutable composite user type throws Exception
Far less critical as anyone affected would have seen an exception, still this was annoying and several users reporting it.
A regression was introduced in 5.6.11.Final that was causing exceptions on attempting a merge on entities having immutable composite user types; this has now been fixed.
 
Jenkins 2.376
Avoid unnecessary configuration save when reloading configuration from disk. (pull 7305)
Update ANTLR2 grammars and code to ANTLR4. (issue 68652)
Update submit buttons to use .jenkins-button classes. (pull 7203)
Use inbound as the preferred symbol rather than jnlp for inbound agents in JCasC. (pull 7171)
 

View all OpenUpdate editions >