Stay Informed

This week, read about:

• Samsung Workers Made a Major Error By Using ChatGPT.
• Are Source Code Leaks the New Threat Software Vendors Should Care About? 
• Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online. 
• Mullvas VPN and Tor Project Unite to Create a New Browser That Puts Privacy First. 

Key Security, Maintenance, and Features Releases

Security Based Updates

GitLab Security Release: 15.10.1, 15.9.4, and 15.8.5       
Multiple CVEs and security defects for Nextcloud.

Non-Security Based Updates

ActiveMQ 5.18.1      
*Schema updates.

Jenkins 2.399     
*Sign war file and Windows installer with new code signing certificate.

Sonatype Nexus Repository 3.51.0    
NEXUS-31948: Improved error messaging for when someone attempts to create an Azure blob store with a name that already exists.    
NEXUS-34077: Resolved an issue that was causing some scheduled tasks to lose their existing schedule when migrating to a new database.    
NEXUS-35229:   The Repair - Reconcile component database from blob store task correctly honors the user-selected option to only look at assets created within a select number of days.    
NEXUS-35728:   kubectl cp and oc cp commands work as expected.    
NEXUS-36296: The Audit & Quarantine capability is not enabled/disabled when a proxy repository's "online" state changes.    
NEXUS-36416:   Resolved an issue that was preventing an instance from starting due to a MissingBlobException for a Nuget asset.    
NEXUS-36817:   Increased the default file size limit for Helm yaml files to 25MB to prevent users from hitting yaml size limits in Helm repositories.    
NEXUS-37005: A blob store being in an invalid state does not prevent the blob sture UI from loading.    
NEXUS-37639: The "Docker-Content-Digest" HTTP response header is included as expected for all Sonatype Nexus Repository instances.

Ceph 17.2.6   
*1343 commits

Ansible AWX 22.0.0  
*Allow soft deletion of HostMetrics and add usage collection utility.  
*Allow for using Ansible's constructed inventory plugin to dynamically group hosts from AWX inventories.  
*Allow TLS 1.2 for Receptor connections.  
*Fix a bug in clean languages.  
*Add host_metrics page to the awxkit.  
*Allow web and task containers to be deployed in separate deployments on Kubernetes.  
*Fix docker-clean target, accounting for slashes.

Gitlab 15.10.2 
*Update mail gem to v2.8.1 
*Add sync_name check to Gitlab::Auth::Ldap::Access 
*Backport Admin role fix to 15.10 
*Fix openapi viewer for relative url instances 
*Migrate RedisHLL keys to default slot