This week, read about:
- Samsung Workers Made a Major Error By Using ChatGPT.
- Are Source Code Leaks the New Threat Software Vendors Should Care About?
- Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online.
- Mullvas VPN and Tor Project Unite to Create a New Browser That Puts Privacy First.
Key Security, Maintenance, and Features Releases
Security Based Updates
GitLab Security Release: 15.10.1, 15.9.4, and 15.8.5
Multiple CVEs and security defects for Nextcloud.
Non-Security Based Updates
*Sign war file and Windows installer with new code signing certificate.
Sonatype Nexus Repository 3.51.0
NEXUS-31948: Improved error messaging for when someone attempts to create an Azure blob store with a name that already exists.
NEXUS-34077: Resolved an issue that was causing some scheduled tasks to lose their existing schedule when migrating to a new database.
NEXUS-35229: The Repair - Reconcile component database from blob store task correctly honors the user-selected option to only look at assets created within a select number of days.
NEXUS-35728: kubectl cp and oc cp commands work as expected.
NEXUS-36296: The Audit & Quarantine capability is not enabled/disabled when a proxy repository's "online" state changes.
NEXUS-36416: Resolved an issue that was preventing an instance from starting due to a MissingBlobException for a Nuget asset.
NEXUS-36817: Increased the default file size limit for Helm yaml files to 25MB to prevent users from hitting yaml size limits in Helm repositories.
NEXUS-37005: A blob store being in an invalid state does not prevent the blob sture UI from loading.
NEXUS-37639: The "Docker-Content-Digest" HTTP response header is included as expected for all Sonatype Nexus Repository instances.
Ansible AWX 22.0.0
*Allow soft deletion of HostMetrics and add usage collection utility.
*Allow for using Ansible's constructed inventory plugin to dynamically group hosts from AWX inventories.
*Allow TLS 1.2 for Receptor connections.
*Fix a bug in clean languages.
*Add host_metrics page to the awxkit.
*Allow web and task containers to be deployed in separate deployments on Kubernetes.
*Fix docker-clean target, accounting for slashes.
*Update mail gem to v2.8.1
*Add sync_name check to Gitlab::Auth::Ldap::Access
*Backport Admin role fix to 15.10
*Fix openapi viewer for relative url instances
*Migrate RedisHLL keys to default slot