This week, read about:
- Consumer Behaviors Are The Root Of Open Source Risk.
- Google Unveils Open Source Project to Improve Software Supply Chain Security.
- Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware.
Key Security, Maintenance, and Features Releases
Non-security Based Updates
Apache Cassandra 4.0.7
The release of Apache Cassandra 4.1 continues to draw closer, and the focus is on the small number of tickets and test failures that block the beta release and release candidate (rc) for 4.1. The consensus on the release approach is "when a green run, go beta, when three green and no other tickets open, go GA."
In the interim, we continue to release new versions of Cassandra, and the latest is 4.0.6 (pgp, sha256, sha512), which went live on 28 August. This release fixes an issue that broke installations on CentOS Linux 7.
This version is a bug fix release on the 4.0 series, and, as always, please pay attention to the Release Notes and let us know if you encounter any problems.
The other supported releases remain Apache Cassandra 3.11 (3.11.13, pgp, sha256, sha512) and 3.0 series (3.0.27, pgp, sha256, sha512) and both are bug fixes.
Apache TomEE 8.0.13
TOMEE-4021 Unexpected ehcache 3.8.1 in tomee/lib
TOMEE-3850 HTTP(S) connections are not reused
TOMEE-4014 Unable to see TomEE version in Tomcat home page with Java 17
TOMEE-3979 service.bat issue when using JRE_HOME on Windows
Docker Compose 2.12.2
go.mod: docker/docker@5aac513617f072b15322b147052cbda0d451d389 / v22.06-dev by @thaJeztah in #9940
Addresses a crash experienced by users with AMD Zen 1 CPUs. (bug 1796126)
Clarify safe restart won't wait for Pipeline jobs. (pull 7091)
Allow form checker to check more than one thing at a time. (pull 6951)
Replace the old Jenkins table layout in the slow trigger administrative monitor with the new Jenkins table layout. (issue 69714)
Add documentation for the --paramsFromStdIn and --version command-line options. (pull 7246)
Fix list cost estimation in Priority and Fairness for list requests with metadata.name specified. (#112557, @marseel) [SIG API Machinery]
Fixes an issue in winkernel proxier that causes proxy rules to leak anytime service backends are modified. (#112840, @daschott) [SIG Network and Windows]
For raw block CSI volumes on Kubernetes, kubelet was incorrectly calling CSI NodeStageVolume for every single "map" (i.e. raw block "mount") operation for a volume already attached to the node. This PR ensures it is only called once per volume per node. (#112403, @akankshakumari393) [SIG Storage]
Kube-scheduler: add taints filtering logic consistent with TaintToleration plugin for PodTopologySpread plugin (#112357, @SataQiu) [SIG Scheduling and Testing]