Stay Informed

This week, read about:

• The latest releases of OpenJDK 8, 11, and 17 are now available on OpenLogic's website.
• GitLab 'Strongly Recommends' Patching Max Severity Flaw ASAP.
• Azure Linux Released at Build – Where Microsoft Revealed Why it Did Not Fork Fedora.
• Podman Desktop 1.0 Released: A Challenge to Docker Desktop.
• Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims.
• Patch the Cloud Native Development Talent Gap with Platform Engineering.
• Patching CentOS: What You Need to Know.
• PyTorch 2.0: Our Next Generation Release That Is Faster, More Pythonic and Dynamic As Ever.

OpenLogic Cloud Image Releases:           
Rocky Linux 9.2

• AWS
• Azure
• Google Cloud
• Vagrant

 AlmaLinux 9.2

• AWS
• Azure
• Google Cloud
• Vagrant

Key Security, Maintenance, and Features Releases

Security Based Updates

Gitlab 16.0.1          
Security:         
Fix arbitary file read via filename param (merge request)

Non-Security Based Updates

Angular 16.0.3       
Core:       
fix: adds missing symbols for animation standalone bundling test.       
fix: fix Self flag inside embedded views with custom injectors.       
fix - 199ff4fe7f host directives incorrectly validating aliased bindings.       
fix: create macrotask during request handling instead of load start (#50406)

Camel 3.20.5      
Bugs (11):      
CAMEL-19371     RedeliveryErrorHandler's suppressed exceptions cause memory leak and logging issue      
CAMEL-19345     KameletDiscoveryTest fails to find routeTemplate      
CAMEL-19342     Rest Inline Routes mixed with direct routes.      
CAMEL-19339     karaf - ConnectionFactory not found when use camel-activemq      
CAMEL-19314     camel-aws - Connection pool shutdown when aws health checks are used      
CAMEL-19298     Snmp: version 3 is not supported for several actions for the component      
CAMEL-19296     Unable to init camel file with JBang for multi dot file name suffix - eg 'foo.camel.xml'      
CAMEL-19293     camel-spring-ldap - base is set twice when using SB AutoConfiguration      
CAMEL-19281     Aws2- healthchecks not closing resources for awsClient      
CAMEL-19095     Camel Karaf using buggy Saxon bundle with wrong imports      
CAMEL-18985     camel-kafka: messages are getting lost with "breakOnFirstError"      
Dependency Upgrades (3):     
CAMEL-19372     camel-spring-boot - Upgrade to 2.7.12      
CAMEL-19351     camel-jackson - Upgrade to 2.14.3      
CAMEL-19301     camel-jbang - Upgrade to hawtio 2.17.2      
Improvements (14):     
CAMEL-19370     camel-jbang - Make it possible to show full url for very long endpoints      
CAMEL-19366     camel-core - Trigger reload via dev console make it async      
CAMEL-19361     camel-jbang - Parse trait.camel.apache.org/camel.properties from KameletBinding:     
CAMEL-19360     camel-jbang - Export a set of files      
CAMEL-19357     camel-jbang - Use a vertx task for tasks to avoid blocking io thread      
CAMEL-19352     Improve camel-mybatis documentation      
CAMEL-19333     ensure cxf springboot autoconfiguration works OOTB in camel-cxf Springboot Starters:     
CAMEL-19326     camel-jbang - Register reload services eager      
CAMEL-19324     Be able to convert all elements from CXF MessageContentsList.class to String.class if not in "CXF Context"      
CAMEL-19322     camel-jbang - Source Dir to support application.properties      
CAMEL-19313     camel-jbang - Provide a way to append Maven repository provided from command-line to the one provided in configuration      
CAMEL-19306     camel-jbang - Allow to load yaml files with beans only      
CAMEL-19302     Use filename to generate id of route when creating Camel file in XML DSL with Camel JBang      
CAMEL-17652     camel-minio - Auto create bucket should not be done in endpoint      
New Features (5):      
CAMEL-19344     camel-jbang - Reload to source dir via http      
CAMEL-19320     camel-jbang - Add command to reload      
CAMEL-19309     camel-jbang - Run with empty folder      
CAMEL-19299     camel-console - Add dev console for bean registry      
CAMEL-19099     Camel-Jbang Export: Add a flag to include secret refresh properties in application.properties

Elasticsearch 8.8.0     
Bug Fixes    
Aggregations:

• Merge two histograms using the higher number of digits among all histograms #93704 (issue: #92822)

 Allocation:

• Avoid copying during iteration of all shards in routing table #94417
• Avoid duplicate application of RoutingTable diff #94379
• Balance priorities during reconciliation #95454
• Fix RebalanceOnlyWhenActiveAllocationDecider #96025
• Streamline AsyncShardFetch#getNumberOfInFlightFetches #93632 (issue: #93631)

Application:

• Check if an analytics event data stream exists before installing pipeline #95621
• [Behavioral Analytics] Use a client with ent-search origin in the BulkProcessorFactory #95614

 Authorization:

• Fix role transformation to include missing properties #94714
• [Fleet] Add read privileges to profiling-* for symbolization support #95596

CRUD:

• Avoid null Location in post write refresh #95229

Cluster Coordination:

• Read register current term asynchronously in StoreHeartbeatService #95351

DLM:

• Remove rollover cluster setting validator #94447
• [DLM] Fix the new endpoint rest-api specification #95665

Data streams:

• Allow deletion of component templates that are specified in the ignore_missing_component_templates array #95527
• Fix searching a filtered and unfiltered data stream alias #95865 (issue: #95786)

 Distributed:

• Check shard availability before including in stats #96015 (issues: #96000, #87001)
• Fix GetPipelineResponse equality #93695

Engine:

• Ensure refresh to return the latest commit generation #94249

Geo:

• Adjust BoundedGeoHexGridTiler#FACTOR to prevent missing hits #96088 (issue: #96057)
• Fix bug where geo_line does not respect sort_order #94734 (issue: #94733)

 ILM+SLM:

• Retry downsample ILM action using a new target index #94965 (issue: #93580)
• Strip disallowed chars from generated snapshot name #95767 (issue: #95593)
• [ILM] Fix the migrate to tiers service and migrate action tiers configuration #95934 

Infra/Core:

• Fix race condition in NodeEnvironment.close() #94677 (issue: #94672)
• Use double wildcards for filtered excludes properly #94195 (issue: #92632)

Infra/REST API:

• Add level parameter validation in REST layer #94136 (issue: #93981)

 Infra/Scripting:

• Allow low level paging in LeafDocLookup #93711
• Revert usage of SafeMustacheFactory in CustomMustacheFactory #95557

 Ingest Node:

• Fix Grok.match() with offset and suffix pattern #95003 (issue: #95002)
• Fix bug in verbose simulations of the ingest pipeline API #95232

 Machine Learning:

• Avoid expensive source parsing by using doc values when querying model definition meta fields #95590

Mapping:

• Longer timeout for mapping update during resize #95221

 Network:

• Fix RecyclerBytesStreamOutput corrupting when ending write on page boundary #95114
• Fix maximum seek limit RecyclerBytesStreamOutput #95133

 Ranking:

• Fix versioning for tests cases using a randomly generated rank builder #95514

Search:

• Fix _terms_enum display values #94080 (issue: #94041)
• Support ignore malformed in boolean fields #93239 (issue: #89542)
• Support search template api explain query string argument #94832 (issue: #83363)

Snapshot/Restore:

• Cancel cold cache prewarming tasks if store is closing #95891 (issue: #95504)
• Fix 0 default value for repo snapshot speed #95854 (issue: #95561)
• Fix Azure InputStream#read method #96034
• Stop sorting indices in get-snapshots API #94890

Transform:

• Call listener in order to prevent the request from hanging #96221
• Do not fail upon ResourceAlreadyExistsException during destination index creation #96274 (issue: #95310)
• Fix privileges check failures by adding allow_restricted_indices flag #95187
• Secondary credentials used with transforms should only require source and destination index privileges, not transform privileges #94420
• Use monotonic time in TransformScheduler #95456 (issue: #95445)

Kibana 8.8.0     
Alerting:

• Fixes Delete Schedule button padding issue #154503
• Fixes error message flash and throttle value reset #154497
• Fixes broken custom snooze recurrences with monthly frequency #154251
• Fixes an issue where you were unable to use retry on updateAPIKey conflict #151802

APM:

•  Fixes an issue where you were uneable to enable framework alerts as data by default #154076
• Upgraded EUI to v76.0.0 #152506
• Fixes an issue where the OpenTelemetry process and system metrics were unsupported #151826

Canvas:

• Fixes createElement callback #154398

Cases:

• Fixes the Lens visualization in the comment and description markdown on the New Case page #155897

Dashboard:

• Fixes unsaved changes bug on empty dashboard #155648
• Removed Reload on Clone and Replace Panel #155561
• Fixes z index of toolbar items #154501
• Fixes inherited input race condition #154293
• Fixes Changing label of a geospatial filter causes filter disappear from map #154087

 Discover:

• Adds a "Temporary" badge for temporary data views in the Alerts flyout #155717
• Adds the ability to exclude counter fields from Breakdown options #155532
• Adds the ability to skip requests for the time series metric counter field #154319
• Fixes KQL autocomplete suggestions, which now support IP-type fields when the `autocomplete:valueSuggestionMethod advanced setting is set to terms_enum #154111
• Fixes an issue where saved search "Manage searches" button was unable to apply the "search" type filter #152565

Elastic Security:

• For the Elastic Security 8.8.0 release information, refer to Elastic Security Solution Release Notes.

Enterprise Search:

• For the Elastic Enterprise Search 8.8.0 release information, refer to Elastic Enterprise Search Documentation Release notes.

Fleet:

• Fixes package license check to use new conditions.elastic.subscription field #154831
• Fixes the OpenAPI spec from /agent/upload to /agent/uploads for Agent uploads API #151722

 Infrastructure:

• Adds a 404 page for metrics and logs #153005

Integrations:

• Fixes the slow process event for queries + xterm.js #155326

Kibana Home & Add Data:

• Fixes the guided onboarding API prefix to indicate that it’s intended for internal use #155643

Lens & Visualizations:

• Adds a default label on field changes for counter rate in Lens #155509
• Panel titles and descriptions are now transferred to the converted Lens panels in TSVB #154713
• Adds the ability to use the empty label for / terms in TSVB #154647
• Fixes the formatting for the legend actions title #153747
• Adds support for negative filter ratios in TSVB #152053
• Adds the ability to always retain source order for multi-metric partition chart layers in Lens #151949

Machine Learning:

• Data Frame Analytics/Anomaly Detection: Custom URLs - entity dropdown reflects Data View update #155096
• AIOps: Fix race condition where stale url state would reset search bar #154885
• Fixes anomalies table drilldown time range for longer bucket spans #153678
• Do not match time series counter fields with aggs in wizards #153021
• Anomaly Detection datafeed chart: ensure chart y axis minimum set correctly #152051

Management:

• Improves the display when there are many columns #155119
• Fixes stale submit handler ref update #154242
• Fixes terms aggregation support in wizard for Transforms #151879
• Fixes an issue where you were unable to accept additional dynamic field values for an index template #150543

Maps:

• Fixes raster layer is missing in pdf/png exports #154686
• Fixes RegionMap chart type does not work with reporting #153492
• Fixes layers are not displayed in offline environment and map.includeElasticMapsService not set to false #152396

Monitoring:

• Removes usage for the stats endpoint #151082

Observability:

• Adds space-specific feature privileges #154734
• Adds the ability to properly handle NO DATA with multiple conditions with a mix of aggregations and document count thresholds #154690
• Adds additional types to the fields to be use with cardinality aggregation for Metric Threshold Rule #154197
• Adds persistent normalization mode #153116
• Fixes refresh every in the alert search bar #152246

Platform:

• Fixes badge counter for global settings #150869

Querying & Filtering:

• Adds the ability to unload a selected query when it is deleted #154644
• Removes failures in wrong custom timerange #154643

Reporting:

• Fixes report generation when image panel is in the end of the layout #153846
• Updates Chromium to 111.0.5555.0 (r1095492) and Puppeteer to 19.7.2 #153033

Uptime:

• Fixes default date range on errors page #155661
• Removes the "Beta" labels in Synthetics #155589
• Fixes ML job/rule edit error #155212

Logstash 8.8.0    
Notable Issues Fixed:

• Fix a race condition that prevents Logstash from updating a pipeline’s configuration with in-flight events experiencing connection errors. #14739 This issue primarily manifests following the update of Elasticsearch credentials through Central Management, after credentials expired while events were in-flight. It causes the Elasticsearch Output to get stuck attempting to send events with the expired credentials instead of using the updated ones. To address this problem, Logstash has improved the pipeline shutdown phase functionality to allow an output plugin to request the termination of the in-flight batch of events; hence preventing the need for administrators to manually restart Logstash. Furthermore, when used in combination with a persistent queue to prevent data loss, the batch is eligible for reprocessing on pipeline restart. Plugin developers can now decide whether to make use of such functionality on output plugins. #14940

Jenkins 2.406   
*Replace disconnect and system info symbols for agents. (pull 8015)   
*Prefix the name of input elements of ListView to prevent form submission issues when an Item (job) is named elements. (issue 71200)   
*Developer: Expose UserSeedChangeListener extension point. (pull 7997)   
*Developer: do not call SaveableListener.fireOnChange anymore when reloading an AbstractItem. (pull 7984)   
*Developer: Support searches for matching form elements without the use of the Prototype JavaScript framework. (pull 8008)   
*Developer: Added a utility HttpServletFilter to the API. (pull 7892)

Nginx 1.25  
*Feature: experimental HTTP/3 support.

Sonartype Nexus 3.54.1 
The following bug fix is included in the 3.54.1 release: 
*Added recently provided patch fixing the GroovyCastException that was occurring when installing the nexus gem. 
The following bug fixes are included in the 3.54.0 release: 
*Fixed the known issue from 3.53.0 for those using community or custom plugins. These plugins now load as expected. 
*Added validation so that users can only add valid content selector privileges. 
*NEXUS-37518 - Fixed an issue that was causing errors when running the Docker - Delete unused manifests and images task. 
*NEXUS-38740 - Fixed an issue that was preventing NuGet v3 search from returning components with ".<numeral>" in the component name under some search conditions. 
*Plugins bundled as .kar files that are installed via $install-dir/deploy now start as expected. 
*Updated documentation to better explain how metadata is impacted during repository import.