Stay Informed

This week, read about:

Key Security, Maintenance, and Features Releases

Security Based Updates

OpenLogic’s Enterprise Linux Team has recently published the following updates:

We recommend that you update your CentOS 8 systems to protect against these vulnerabilities. As usual, please ensure that you test these updates before deploying to production.

If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!

Nginx 1.25.3 
* Change: improved detection of misbehaving clients when using HTTP/2. 
* Feature: startup speedup when using a large number of locations. Thanks to Yusuke Nojima. 
* Bugfix: a segmentation fault might occur in a worker process when using HTTP/2 without SSL; the bug had appeared in 1.25.1. 
* Bugfix: the "Status" backend response header line with an empty reason phrase was handled incorrectly. 
* Bugfix: memory leak during reconfiguration when using the PCRE2 library. 
* Bugfixes and improvements in HTTP/3.

TomEE 9.1.1 
Dependency Upgrade: 
TOMEE-4246 ActiveMQ 5.18.2 
TOMEE-4230 Backport fix for CVE-2023-34981 
TOMEE-4239 Backport fix for CVE-2023-41080  
TOMEE-4235 Bouncy Castle 1.75 
TOMEE-4243 Bouncy Castle 1.76 
TOMEE-4139 CXF 4.0.3 (jakarta namespace) 
TOMEE-4247 Hibernate 6.1.7 
TOMEE-4227 Jackson 2.15.2 
TOMEE-4228 Johnzon 1.2.21 
TOMEE-4248 Mojarra 3.0.5 
TOMEE-4254 Port fix for CVE-2023-42795
TOMEE-4255 Port fix for CVE-2023-44487 
TOMEE-4256 Port fix for CVE-2023-45648 
TOMEE-4249 SnakeYAML 2.2 
TOMEE-4250 WSS4J 3.0.1 
TOMEE-4232 bcprov-jdk15to18-1.74.jar 
TOMEE-4251 xmlsec 3.0.2

Bug: 
TOMEE-4222 @LoginToContinue JSR-375 (JavaEE Security API) causes IllegalArgumentException 
TOMEE-4225 Remove commons-net from TomEE distribution 
TOMEE-4226 DataSource definition fails when @DataSourceDefinition doesn’t define url property

Improvement: 
TOMEE-4031 Improve TomEE Jmx Mbean Support for Parameter Names

Fixed Common Vulnerabilities and Exposures (CVEs): 
TOMEE-4230 Backport fix for CVE-2023-34981 
TOMEE-4254 Port fix for CVE-2023-42795 
TOMEE-4227 Jackson 2.15.2

Security Based Updates

Jenkins 2.429

  • Prevent trimming HMAC codes (using HAMCConfidentialKey) when running in FIPS mode only. (pull 8612)
  • Restore printing output from println and similar methods for the groovy CLI command (regression in 2.427). (issue 72181)
  • Show the description of boolean build parameter values on the Parameters view (regression in 2.179). (issue 72179)

Angular v16.2.11 
Core: 
fix - emit provider configured event when a service is configured with providedIn (#52365) 
fix - get root and platform injector providers in special cases (#52365) 
fix - load global utils before creating platform injector in the standalone case (#52365)

Router: 
fix - RouterTestingHarness should throw if a component is expected but navigation fails (#52357)

ActiveMQ 5.18.3 
Bug: 
[AMQ-9187] - Queue Advisory message not sent when new queue created via Message which has AMQ_SCHEDULED_DELAY Header 
[AMQ-9255] - Messages submitted via http(s) transport don't dead letter after TTL is exceeded 
[AMQ-9287] - activemq 5.18.1 with jdk 17

Improvement: 
[AMQ-9301] - Add additional fields to o.a.activemq.broker.jmx.Connection 
[AMQ-9315] - Add connectTimestamp to Connection and JMX view 
[AMQ-9343] - Reduce inflight transaction memory footprint in KahaDB 
[AMQ-9370] - Openwire marshaller should validate Throwable class type

Task: 
[AMQ-8325] - Implement JMS 2.0 XA methods 
[AMQ-9306] - Make the WebConsole accessible from outside the Docker container 
[AMQ-9351] - Update Jenkinsfile to support specifying JDK version as a build option

Dependency Upgrade: 
[AMQ-9293] - Upgrade to Spring 5.3.30 
[AMQ-9313] - Upgrade to ASM 9.5
[AMQ-9317] - Upgrade to maven-enforcer-plugin 3.4.1
[AMQ-9318] - Upgrade to maven-javadoc-plugin 3.6.0
[AMQ-9319] - Upgrade to maven-war-plugin 3.4.0
[AMQ-9320] - Upgrade to dependency-check-maven 8.4.0
[AMQ-9321] - Upgrade to maven-shade-plugin 3.5.1
[AMQ-9322] - Upgrade to depends-maven-plugin 1.5.0
[AMQ-9329] - Upgrade to Jetty 9.4.53.v20231009
[AMQ-9331] - Upgrade to ASM 9.6
[AMQ-9332] - Upgrade to xbean 4.24
[AMQ-9352] - Upgrade to jackson 2.15.3
[AMQ-9355] - Upgrade to commons-io 2.14.0
[AMQ-9358] - Upgrade to shiro 1.12.0
[AMQ-9360] - Upgrade to ant 1.10.14
[AMQ-9361] - Upgrade to commons-dbcp2 2.10.0
[AMQ-9362] - Upgrade to commons-pool2 2.12.0
[AMQ-9364] - Upgrade to slf4j 2.0.9

ActiveMQ 5.15.16
Bug:
[AMQ-5388] - User Role Granted Full Privileges in jetty.xml
[AMQ-7344] - ActiveMQ WebConsole doesn't work on Karaf with Jackson 2.10.x
[AMQ-8117] - VirtualSelectorCacheBrokerPlugin throws false positive exception
[AMQ-8395] - NPE on Topic SlowConsumerAdvisory
[AMQ-8439] - Validate example camel.xml fails in the assembly

Improvement: 
[AMQ-8468] - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser
[AMQ-9370] - Openwire marshaller should validate Throwable class type

Dependency Upgrade: 
[AMQ-8358] - Upgrade xstream to 1.4.18
[AMQ-8359] - Upgrade slf4j to 1.7.32
[AMQ-8396] - Upgrade to jaxb-basics 0.12.0

ActiveMQ Artemis 2.31.2 
[ARTEMIS-4477] - artemis-commons does not transform the META-INF/services/javax.json.spi.JsonProvider to the shaded package

ActiveMQ Artemis 2.31.1
Bug
[ARTEMIS-4141] - Message flow gets stuck
[ARTEMIS-4270] - Messages get lost when using multiple consumers with topic hierarchies
[ARTEMIS-4432] - openwire connection failure handling is bypassing the actor and ignoring the operation context leading to contention in error
[ARTEMIS-4435] - Some Artemis artifacts misses MANIFEST.MF content
[ARTEMIS-4442] - Message Redistributor is leaking LinkedListImpl$Iterator
[ARTEMIS-4450] - Auto-deleted clustered destinations can cause message loss
[ARTEMIS-4451] - non-SASL AMQP connection fails if resource audit logging enabled
[ARTEMIS-4453] - Bridge blocked by flow control, seemingly forever

Improvement:
[ARTEMIS-4433] - improve Reproducible Builds
[ARTEMIS-4443] - properties config - support broker plugin - logging broker plugin
[ARTEMIS-4444] - Allow broker classpath extension using custom paths
[ARTEMIS-4447] - Add paging prefetch parameters into address settings
[ARTEMIS-4449] - [DOC] Fix url parameter separator in acceptor configuration
[ARTEMIS-4456] - Register metrics plugin
[ARTEMIS-4459] - Broker should log when ignoring a duplicate MQTT QoS 2 message
[ARTEMIS-4467] - Core client code visibility change required

Task:
[ARTEMIS-4434] - Add extra logging.debug on Redistributor when redistribution is happening
[ARTEMIS-4441] - Add Docker chapter to User Manual
[ARTEMIS-4446] - Improve readability of code/config blocks in user manual
[ARTEMIS-4461] - Declare implicit dependencies for artemis-features
[ARTEMIS-4464] - Cleanup on Soak and Smoke Tests
[ARTEMIS-4466] - Disable Artemis-features verification on non test profiles
[ARTEMIS-4471] - Mark Artemis Maven Plugins as threadSafe=true

Dependency Upgrade:
[ARTEMIS-4437] - Upgrade OWASP to 8.4.0
[ARTEMIS-4438] - Upgrade JGroups to 5.3.0.Final
[ARTEMIS-4439] - Upgrade Netty to 4.1.100.Final
[ARTEMIS-4457] - Upgrade jetty version to 10.0.16
[ARTEMIS-4474] - Update to Zookeeper 3.8.3
[ARTEMIS-4475] - Upgrade ActiveMQ “Classic” to 5.17.6

Etcd v3.5.10
etcd server:

  • Fix --socket-reuse-port and --socket-reuse-address not able to be set in configuration file.
  • Fix corruption check may get a ErrCompacted error when server has just been compacted
  • Improve Lease put performance for the case that auth is disabled or the user is admin
  • Improve Skip getting authInfo from incoming context when auth is disabled
  • Fix Hash and HashKV have duplicated RESTful API

etcdutl v3:

  • Add optional --bump-revision and --mark-compacted flag to etcdutl snapshot restore operation.

etcdctl v3:

  • Add optional --bump-revision and --mark-compacted flag to etcdctl snapshot restore operation.

etcd grpc-proxy:

  • Fix Memberlist results not updated when proxy node down.

Package clientv3:

  • Fix Multiple endpoints with same prefix got mixed up
  • Fix Unexpected blocking when barrier waits on a nonexistent key
  • Fix Reset auth token when failing to authenticate due to auth being disabled
  • Fix panic in etcd validate secure endpoints 

Dependencies:

  • Compile binaries using go 1.20.10.
  • Upgrade gRPC to 1.58.3 in #16625, #16781 and #16790. Note that gRPC server will reject requests with connection header (refer to grpc/grpc-go#4803).
  • Upgrade bbolt to v1.3.8

Grafana 10.2.0 
Features and Enhancements:

  • Canvas: Promote Button to beta. #76582, @adela-almasan
  • BarChart: Improve data links UX in tooltip. #76514, @torkelo
  • PluginExtensions: Make sure to pass default timeZone in context. #76513, @mckn
  • PublicDashboards: Enable feature by default for GA and remove public preview text. #76484, @juanicabanas
  • Grafana UI: Add Avatar component. #76429, @Clarity-89
  • Alerting: Add support for msteams contact point in external Alertmanagers. #76392, @alexweav
  • Alerting: Enable Insights landing page. #76381, @VikaCep
  • Transformations: De-emphasize non-applicable transformations. #76373, @codeincarnate
  • Explore: Use short units in graphs. #76358, @Elfo404
  • Auth: Enable None role for 10.2. #76343, @eleijonmarck
  • Transformations: Add context to transformation editor. #76317, @mdvictor
  • Transformations: Add support for setting timezone in Format time and Convert field type transformations. #76316, @codeincarnate
  • Playlist: Add create+update timestamps to the database. #76295, @ryantxu
  • Live: Allow setting the engine password. #76289, @jcalisto
  • Auth: Add support for role mapping and allowed groups in Google OIDC. #76266, @Jguer
  • Alerting: Add provenance field to /api/v1/provisioning/alert-rules. #76252, @grobinson-grafana
  • Plugins: Add status_source label to plugin request metrics. #76236, @xnyo
  • PluginExtensions: Made it possible to control modal size from extension. #76232, @mckn
  • Loki: Change run query button text based on number of queries. #76196, @ivanahuckova
  • CloudWatch Logs: Add pattern command to syntax. #76152, @iwysiu
  • Caching: Add feature toggle for memory efficient cache payload serialization. #76145, @mmandrus
  • Flamegraph: Make color by package the default color mode. #76137, @aocenas
  • Service Accounts: Enable adding folder, dashboard and data source permissions to service accounts. #76133, @Jguer
  • SparklineCell: Display absolute value. #76125, @domasx2
  • FeatureToggle: Add awsDatasourcesNewFormStyling feature toggle. #76110, @idastambuk
  • CloudWatch: Add missing AWS/Transfer metrics. #76079, @jangaraj
  • Transformations: Add variable support to join by field. #76056, @oscarkilhed
  • Alerting: Add rules export on a folder level. #76016, @konrad147
  • PanelConfig: Add option to calculate min/max per field instead of using the global min/max in the data frame. #75952, @oscarkilhed
  • Transformations: Add unary operations to Add field from calculation. #75946, @mdvictor
  • Bar Gauge: Add field name placement option. #75932, @nmarrs
  • AzureMonitor: Azure Monitor Cheat sheet. #75931, @alyssabull
  • Chore: Bump grafana-plugin-sdk-go to v0.179.0. #75886, @leandro-deveikis
  • Dashboards: Add template variables to selectable options. #75870, @fabrizio-grafana
  • Docs: Update RBAC documentation. #75869, @mgyongyosi
  • Alerting: Export of contact points to HCL. #75849, @yuri-tceretian
  • BrowseDashboards: Enable new Browse Dashboards UI by default. #75822, @joshhunt
  • Alerting: Use new endpoints in the Modify Export. #75796, @soniaAguilarPeiron
  • Transformations: Rename "Transform" tab to "Transform data". #75757, @codeincarnate
  • Loki: Support X-ray as internal link in derived fields. #75756, @harshabaddam
  • Table: Make sparkline cell respect no value option. #75750, @oscarkilhed
  • Transformations: Extended support for variables in filter by name. #75734, @oscarkilhed
  • Tempo: TraceQL results as a spans list. #75660, @adrapereira
  • Transformations: Add naming mode to partition by value. #75650, @oscarkilhed
  • Transformations: Correct description of rename by regex. #75641, @oscarkilhed
  • Team: Support sort query param for teams search endpoint. #75622, @gamab
  • CloudWatch Logs: Make monaco query editor general availability. #75589, @iwysiu
  • Explore: Improve timeseries limit disclaimer. #75587, @Elfo404
  • Stat: Disable wide layout. #75556, @nmarrs
  • DataSourceAPI: Add adhoc filters to DataQueryRequest and make it not depend on global templateSrv. #75552, @torkelo
  • Playlist: Remove unused/deprecated api and unused wrapper. #75503, @ryantxu
  • Explore: Make Explore Toolbar sticky. #75500, @harisrozajac
  • Elasticsearch: Added support for calendar_interval in ES date histogram queries. #75459, @NikolayTsvetkov
  • Alerting: Manage remote Alertmanager silences. #75452, @santihernandezc
  • TimeSeries: Implement ad hoc y-zoom via Shift-drag. #75408, @leeoniya
  • Cloudwatch: Add missing AWS regions. #75392, @SijmenHuizenga
  • Transformations: Add support for dashboard variable in limit, sort by, filter by value, heatmap and histogram. #75372, @oscarkilhed
  • GrafanaUI: Smaller padding around Drawer's title, subtitle, and tabs. #75354, @polibb
  • InteractiveTable: Add controlled sort. #75289, @Clarity-89
  • Feature Toggles API: Trigger webhook call when updating. #75254, @jcalisto
  • Trace View: Span list visual update. #75238, @adrapereira
  • User: Support sort query param for user and org user, search endpoints. #75229, @gamab
  • Admin: Use backend sort. #75228, @Clarity-89
  • Breadcrumbs: Enable plugins to override breadcrumbs that are generated by pages defined in plugin.json. #75218, @torkelo
  • Cloudwatch: Add Documentation on Temporary Credentials. #75178, @sarahzinger
  • Tracing: Span filters reset show matches only. #75150, @joey-grafana
  • Toggle: Enable Recorded Queries Multi support by default. #75097, @kylebrandt
  • GrafanaUI: Support memoization of useStyles additional arguments. #75000, @joshhunt
  • NodeGraph: Allow to set node radius in dataframe. #74963, @piggito
  • AdhocFilters: Improve typing and signature of getTagKeys and getTagValues and behaviors. #74962, @torkelo
  • OpenSearch: Add timeRange to parameters passed to getTagValues. #74952, @iwysiu
  • PublicDashboards: Refresh ds plugin supported list. #74947, @juanicabanas
  • Chore: Update metrics for AWS/MediaConnect. #74946, @Deepali1211
  • Tempo: Added not regex operator. #74907, @adrapereira
  • MySQL: Update configuration page styling. #74902, @gwdawson
  • InteractiveTable: Add horizontal scroll. #74888, @Clarity-89
  • SSE: Reduce to apply Mode to instant vector (mathexp.Number). #74859, @yuri-tceretian
  • CloudWatch: Correctly add dimension values to labels. #74847, @iwysiu
  • Alerting: Add export drawer when exporting all Grafana managed alerts. #74846, @soniaAguilarPeiron
  • Feature: Allow to disable a plugin. #74840, @andresmgot
  • Alerting: Always show expression warnings and errors. #74839, @gillesdemey
  • Tempo: Added spss config - spans per span set. #74832, @adrapereira
  • Admin: Use InteractiveTable for user and team tables. #74821, @Clarity-89
  • Canvas: Button API Editor support template variables. #74779, @adela-almasan
  • PublicDashboards: Title logo and footer redesign. #74769, @juanicabanas
  • Tempo: Highlight errors in TraceQL query. #74697, @fabrizio-grafana
  • Folders: Do not allow modifying the folder UID via the API. #74684, @papagian
  • Pyroscope: Remove support for old pyroscope. #74683, @aocenas
  • AzureMonitor: Improve Log Analytics query efficiency. #74675, @aangelisc
  • Canvas: Button API Editor support setting parameters. #74637, @adela-almasan
  • Alerting: Support for single rule and multi-folder rule export. #74625, @yuri-tceretian
  • Loki: Added query editor and builder support for new Logfmt features. #74619, @matyax
  • Alerting: Add export drawer with yaml and json formats, in policies and contact points view. #74613, @soniaAguilarPeiron
  • Canvas: Button API - Add support for GET requests. #74566, @adela-almasan
  • Explore: Content Outline. #74536, @harisrozajac
  • Alerting: Add Grafana-managed groups and rules export. #74522, @konrad147
  • Plugins: Unset annotation editor variables. #74519, @oshirohugo
  • Internationalization: Set lang of HTML page to user language preference. #74513, @ypnos
  • Chore: Remove unused/deprecated method. #74485, @ryantxu
  • Logging: Add WithContextualAttributes to pass log params based on the given context. #74428, @svennergr
  • CloudWatch: Add AWS/S3 replication metrics (#74416). #74418, @jordanefillatre
  • Canvas: New circle/ellipse element. #74389, @Develer
  • Loki: Add backend healthcheck. #74330, @svennergr
  • Transformations: Show row index as percent in 'Add field from calculation'. #74322, @mdvictor
  • Geomap: Add Symbol Alignment Options. #74293, @drew08t
  • Dashboard: Auto-generate panel title and description using AI. #74284, @nmarrs
  • Alerting: Adds additional pagination to several views. #74268, @gillesdemey
  • CloudWatch: Add additional AWS/Firehose metrics for DynamicPartitioning support. #74237, @tristanburgess
  • Chore: Replace entity GRN with infra/grn GRN. #74198, @DanCech
  • Dashboard: Remove old panel code and leave only new panel design. #74196, @polibb
  • Tempo: Update default editor to TraceQL tab. #74153, @joey-grafana
  • Plugins: Move filter back to DataSourceWithBackend. #74147, @ryantxu
  • Axis: Add separate show axis option. #74117, @Develer
  • Alerting: Do not show grouping when grouplabels are empty in email template. #74090, @gillesdemey
  • Currency: Add Malaysian Ringgit (RM). #74073, @skangmy
  • Alerting: Paginate silences table(s). #74041, @gillesdemey
  • Chore: Update grafana-plugin-sdk-go version. #74039, @oshirohugo
  • Dashboards: Add "import dashboard" to empty dashboard landing page. #74018, @ivanortegaalba
  • Dashlist: Use new nested folder picker. #74011, @joshhunt
  • Plugins: Add dependency column in version table. #73991, @oshirohugo
  • Elasticsearch: Unify default value for geo hash grid precision across the code to 3. #73922, @ivanahuckova
  • Dashboard: Store original JSON in DashboardModel. #73881, @Clarity-89
  • Grafana/ui: Expose trigger method from useForm to children. #73831, @javiruiz01
  • RBAC: Enable permission validation by default. #73804, @mgyongyosi
  • Alerting: Update provisioning to validate user-defined UID on create. #73793, @yuri-tceretian
  • Plugins: Allow async panel migrations. #73782, @joshhunt
  • Correlations: Allow creating correlations for provisioned data sources. #73737, @ifrost
  • Alerting: Add contact point for Grafana OnCall. #73733, @grobinson-grafana
  • Tempo: Improve autocompletion and syntax highlighting for TraceQL tab. #73707, @fabrizio-grafana
  • Auth: Make sure that SAML responses with default namespaces are parsed correctly. #73701, @IevaVasiljeva
  • ArrayVector: Add vector field value warning. #73692, @Develer
  • Loki: Implement keep and drop operations. #73636, @ivanahuckova
  • Explore Logs: Update log filtering functions to only have effect in the source query. #73626, @matyax
  • Transforms: Add 'Format String' Transform. #73624, @sjd210
  • Explore: Improve handling time range keyboard shortcuts inside Explore. #73600, @ifrost
  • MSSQL: Add support for MI authentication to MSSQL. #73597, @oscarkilhed
  • Tracing: Support remote, rate-limited, and probabilistic sampling in tracing.opentelemetry config section. #73587, @hairyhenderson
  • Cloudwatch: Upgrade grafana-aws-sdk. #73580, @sarahzinger
  • Pyroscope: Template variable support. #73572, @aocenas
  • CloudWatch: Add missing region Middle East (UAE) me-central-1. #73560, @gelldur
  • Feat: Feature toggle admin page frontend write UI and InteractiveTable sorting. #73533, @IbrahimCSAE
  • Cloudwatch: Add back support for old Log Group picker. #73524, @sarahzinger
  • Google Cloud Monitor: Prom query editor. #73503, @bossinc
  • Plugins: Remove deprecated grafana-toolkit. #73489, @Ukochka
  • LibraryPanels: Add RBAC support. #73475, @kaydelaney
  • Chore: Remove DashboardPickerByID. #73466, @Clarity-89
  • Elastic: Add id field to Elastic responses to allow permalinking. #73382, @svennergr
  • Correlations: Add an editor in Explore. #73315, @gelicia
  • Tempo: Replace template variables in TraceQL tab when streaming is enabled. #73259, @fabrizio-grafana
  • CloudWatch Logs: Wrap sync error from executeGetQueryResults. #73252, @iwysiu
  • Elasticsearch: Enable running of queries trough data source backend. #73222, @ivanahuckova
  • Tempo: Metrics summary. #73201, @joey-grafana
  • Alerting: Export of alert rules in HCL format. #73166, @yuri-tceretian
  • SSE: Localize/Contain Errors within an Expression. #73163, @kylebrandt
  • Dashboards: PanelChrome - remove untitled placeholder and add border when panel is transparent. #73150, @axelavargas
  • CloudWatch: Add missing AppFlow metrics. #73149, @ciancullinan
  • Flamegraph: Move to package. #73113, @aocenas
  • Plugins: Forward feature toggles to plugins. #72995, @oshirohugo
  • SSE: Group data source node execution by data source. #72935, @kylebrandt
  • Dashboard: Support template variables in Search tab for Tempo. #72867, @fabrizio-grafana
  • Cloudwatch: Upgrade aws-sdk and display external ids for temporary credentials. #72821, @sarahzinger
  • Dashboards: Add megawatt hour (MWh) unit. #72779, @zuchka
  • Dashboard: Add support for Tempo query variables. #72745, @fabrizio-grafana
  • Auth: Add key_id config param to auth.jwt. #72711, @mgyongyosi
  • Alerting: Move legacy alert migration from sqlstore migration to service. #72702, @JacobsonMT
  • Loki: Introduce $__auto range variable for metric queries. #72690, @ivanahuckova
  • GLDS: Move Text component from the unstable package to grafana-ui. #72660, @eledobleefe
  • Datasource Plugins: Allow tracking for configuration usage. #72650, @sarahzinger
  • Cloudwatch Logs: Set Alerting timeout to datasource config's logsTimeout (#72611). #72611, @idastambuk
  • Flamegraph: Add nice empty state for dashboard panel. #72583, @aocenas
  • Explore: Unified Node Graph Container. #72558, @harisrozajac
  • Tracing: Split name column in search results. #72449, @joey-grafana
  • Tracing: Trace to metrics default range. #72433, @joey-grafana
  • Email: Light theme email templates. #72398, @gillesdemey
  • Correlations: Add organization id. #72258, @ifrost
  • Feat: Feature toggle admin page frontend interface. #72164, @IbrahimCSAE
  • Alerting: Show annotations markers in TimeSeries panel when using Loki as …. #72084, @soniaAguilarPeiron
  • Alerting: Custom contact point for OnCall in Grafana AM. #72021, @konrad147
  • Frontend: Allows PanelChrome to be collapsed. #71991, @harisrozajac
  • Elasticsearch: Implement modify query using a Lucene parser. #71954, @matyax
  • Table: Support display of multiple sub tables. #71953, @joey-grafana
  • A11y: Make Annotations and Template Variables list and edit pages responsive . #71791, @juanicabanas
  • Dashboard: Select the last used data source by default when adding a panel to a dashboard. #71777, @axelavargas
  • Trace to logs: Add service name and namespace to default tags. #71776, @connorlindsey
  • Alerting: Add new metrics and tracings to state manager and scheduler. #71398, @yuri-tceretian
  • Alerting: Add configuration options to migrate to an external Alertmanager. #71318, @santihernandezc
  • Annotations: Improve updating annotation tags queries. #71201, @sakjur
  • SSE: Support hysteresis threshold expression. #70998, @yuri-tceretian
  • Dashboards: Add alert and panel icon for dashboards that use Angular plugins. #70951, @xnyo
  • Chore: Update ubuntu image to 22.04. #70719, @orgads
  • Auth: Add support for OIDC RP-Initiated Logout. #70357, @venkatbvc
  • Dashboard: Field Config - Add CFP franc currency (XPF). #70036, @smortex
  • Auth: Check id token expiry date. #69829, @akselleirv
  • Alerting: Update Discord settings to treat 'url' as a secure setting. #69588, @yuri-tceretian
  • Prometheus: Add $__rate_interval_ms to go along with $__interval_ms. #69582, @ywwg
  • Alerting: Update state manager to change all current states in the case when Error\NoData is executed as Ok\Nomal. #68142, @yuri-tceretian
  • Tempo: Integrate context aware autocomplete API. #67845, @adrapereira
  • GrafanaUI: Add aria-label prop to RadioButtonGroup. #67019, @khushijain21
  • Search API: Search by folder UID. #65040, @joshhunt
  • Alerting: Migrate old alerting templates to Go templates. #62911, @grobinson-grafana
  • TeamGroupSync: Delete group sync entries on team delete. (Enterprise)
  • ServiceAccounts: Add SAs to managed permissions. (Enterprise)
  • PublicDashboards: Title logo config. (Enterprise)
  • Caching: Make cache payload serialization more resistant to out-of-memory crashes. (Enterprise)
  • Caching: Change error logs for cache items not found to debug logs. (Enterprise)
  • Chore: Add test console.warn catch. (Enterprise)
  • Emails: Light theme. (Enterprise)
  • Reporting: Switch to using dashboard UID. (Enterprise)
  • Recorded Queries: Use new DS picker. (Enterprise)
  • Reporting: Add ability to retry failed rendering requests (public preview). (Enterprise)

Bug Fixes:

  • Snapshots: Fix breakage of some panel types due to missing structureRev. #76586, @leeoniya
  • Loki: Fix Autocomplete in stream selector overwriting existing label names, or inserting autocomplete result within label value. #76485, @gtk-grafana
  • Alerting: Prevent cleanup of non-empty folders on migration revert. #76439, @JacobsonMT
  • Flamegraph: Fix inefficient regex generating error on some function names. #76377, @aocenas
  • Authn: Prevent empty username and email during sync. #76330, @kalleep
  • RBAC: Fix plugins pages access-control. #76321, @gamab
  • Tabs: Fixes focus style. #76246, @torkelo
  • Rendering: Fix Windows plugin signature check. #76123, @AgnesToulet
  • Dashboards: It always detect changes when saving an existing dashboard . #76116, @ivanortegaalba
  • Flamegraph: Fix theme propagation. #76064, @aocenas
  • Pyroscope: Fix backend panic when querying out of bounds. #76053, @aocenas
  • DataSourcePicker: Disable autocomplete for the search input . #75898, @ivanortegaalba
  • Loki: Cache extracted labels. #75842, @gtk-grafana
  • Tempo: Fix service graph menu item links. #75748, @adrapereira
  • Flamegraph: Fix bug where package colors would be altered after focusin on a node. #75695, @aocenas
  • Legend: Fix desc sort so NaNs are not display first. #75685, @nmarrs
  • Transformations: Fix bug with calculate field when using reduce and the all values calculation. #75684, @oscarkilhed
  • Plugins: Fix sorting issue with expandable rows. #75553, @fabrizio-grafana
  • Alerting: Show panels within collapsed rows in dashboard picker. #75490, @VikaCep
  • Tempo: Use timezone of selected range for timestamps. #75438, @fabrizio-grafana
  • Flamegraph: Fix css issues when embedded outside of Grafana. #75369, @aocenas
  • Alerting: Make shareable alert rule link work if rule name contains forward slashes. #75362, @domasx2
  • SQLStore: Fix race condition in RecursiveQueriesAreSupported. #75274, @grobinson-grafana
  • Connections: Make the "Add new Connection" page work without internet access. #75272, @leventebalogh
  • TimeSeries: Apply selected line style to custom pathBuilders. #75261, @leeoniya
  • Alerting: Fix non-applicable error checks for cloud and recording rules. #75233, @gillesdemey
  • TabsBar: Fix height so that it aligns with grid, and alignItems center . #75230, @torkelo
  • Prometheus: Fix creation of invalid dataframes with exemplars. #75187, @kylebrandt
  • Loki: Fix filters not being added with multiple expressions and parsers. #75152, @svennergr
  • Pyroscope: Fix error when no profile types are returned. #75143, @aocenas
  • BarChart: Axes centered zero, borders, and colors. #75136, @leeoniya
  • Plugins: Refresh plugin info after installation. #75074, @oshirohugo
  • LDAP: FIX Enable users on successfull login . #75073, @gamab
  • XYChart: Fix numerous axis options. #75044, @leeoniya
  • Trace View: Remove "deployment.environment" default traces 2 logs tag. #74986, @domasx2
  • Snapshots: Use appUrl on snapshot list page. #74944, @evictorero
  • Canvas: Fix inconsistent element placement when changing element type. #74942, @linghaoSu
  • Connections: Display the type of the datasource. #74808, @leventebalogh
  • Alerting: Indicate panels without identifier. #74746, @gillesdemey
  • Notifications: Don't show toasts after refreshing. #74712, @joshhunt
  • Alerting: Fix default policy timing summary. #74549, @gillesdemey
  • Alerting: Handle custom dashboard permissions in migration service. #74504, @JacobsonMT
  • CloudWatch Logs: Fix log query display name when used with expressions. #74497, @iwysiu
  • Dashboards: Escape tags. #74437, @fabrizio-grafana
  • Cloudwatch: Fix Unexpected error. #74420, @sarahzinger
  • Transformations: Fix group by field transformation field name text-overflow. #74173, @oscarkilhed
  • LDAP: Disable removed users on login. #74016, @gamab
  • Time Range: Using relative time takes timezone into account. #74013, @ashharrison90
  • Loki: Fix filtering with structured metadata. #73955, @svennergr
  • Dashboard embed: Use port instead of callbackUrl. #73883, @Clarity-89
  • Alerting: Fix data source copy when switching alert rule types. #73854, @gillesdemey
  • Alerting: Fix delete cloud rule from detail page. #73850, @gillesdemey
  • LDAP: Fix active sync with large quantities of users. #73834, @gamab
  • PublicDashboards: Data discrepancy fix. Use real datasource plugin when it is a public dashboard. . #73708, @juanicabanas
  • A11y: Fix exemplar marker accessibility. #73493, @Develer
  • A11y: Fix resource picker accessibility. #73488, @Develer
  • A11y: Fix resource cards accessibility. #73487, @Develer
  • Template Variables: Fix conversion from non standard data to dataFrame. #73486, @aocenas
  • A11y: Fix canvas element accessibility. #73483, @Develer
  • Tempo: Fix [object Object] shown as an Event message in Trace view. #73473, @aocenas
  • A11y: Fix canvas setting button accessibility. #73413, @Develer
  • PublicDashboards: Query order bug fixed. #73293, @juanicabanas
  • DatePicker: Fix calendar not showing correct selected range when changing time zones. #73273, @ashharrison90
  • Cloud Monitoring: Support AliasBy property in MQL mode. #73116, @alyssabull
  • Alerting: Fix cloud rules editing. #72927, @konrad147
  • Dashboard: Fixes dashboard setting Links overflow. #72428, @chauchausoup
  • A11y: Fix toggletip predictable focus for keyboard users. #72100, @ckbedwell
  • Gauge: Add overflow scrolling support for vertical and horizontal orientations. #71690, @nmarrs
  • Export: Remove DS input when dashboard is imported with a lib panel that already exists. #69412, @juanicabanas
  • Auditing and UsageInsights: FIX Loki configuration to use proxy env variables. (Enterprise)
  • PDF: Fix parenthesis in dashboard title. (Enterprise)
  • Reporting: Handle commas in variables. (Enterprise)
  • Caching: Fix caching metrics being doubled. (Enterprise)

Keycloak 22.05 
Enhancements:

  • #14820 Calling getTopLevelGroups is slow inside GroupLDAPStorageMapper#getLDAPGroupMappingsConverted keycloak storage
  • #19348 Sort subgroups keycloak storage
  • #22109 Add non-blocking liveness and readiness checks to Keycloak keycloak dist/quarkus
  • #22200 External Link check for documentation logs warning and exception: WARN FilenoUtil: Native subprocess control requires open access keycloak docs
  • #23581 Code certain topics as upstream only keycloak
  • #23711 Remove recommendation to file a GitHub issue keycloak docs
  • #23800 Add a disclaimer about refererences to Kubernetes keycloak
  • #23856 Allow documentation to be build referencing only Linux, not Windows keycloak
  • #23910 Removing the default cache metadata keycloak
  • #23946 Limit Keycloak 22 Windows support to the Admin CLI to upstream keycloak
  • #23951 Update Keycloak 22 Getting Started keycloak

Bugs:

  • #22170 Operator secrets sequencing keycloak operator
  • #22600 Keycloak admin v2 theme js mapper adding issue keycloak admin/ui
  • #22960 Do not store empty attributes when updating user profile keycloak user-profile
  • #22982 User attributes can't be saved when user profile is enabled keycloak admin/ui
  • #23220 Update to Keycloak 22.0.3 fails: Migration failed for change set META-INF/jpa-changelog-13.0.0.xml::default-roles::keycloak keycloak storage
  • #23294 admin-fine-grained-authz + client authorization settings requires more realm-management roles keycloak admin/ui
  • #23345 Broken link https://stackapps.com/apps/oauth/register keycloak docs
  • #23397 The "invalid_grant" error occurs again when loading the offline client session with an early creation time. keycloak infinispan
  • #23434 Can not view or update user profile attribute in user details keycloak admin/ui
  • #23507 User cannot be created via Admin UI if custom user attribute is required keycloak admin/ui
  • #23584 Return attribute group metadata from Admin and Account APIs keycloak user-profile
  • #23654 Attributes tab fields are not changing when a different group is selected keycloak admin/ui
  • #23713 Weak hashing algorithm usage in SSSD User federation keycloak identity-brokering
  • #23740 Admin Console doesn't show user when user attribute has annotation inputType keycloak admin/ui
  • #23743 Keycloak 22.0.4 crashes on file step1.html on old safari versions keycloak authentication
  • #23774 User can't be updated in admin console when user profile is used keycloak admin/ui
  • #23783 'Show version information' is not working keycloak dist/quarkus
  • #23790 The `Enabled When` setting should be set to `Always` by default keycloak user-profile
  • #23911 User profile attribute default render should be ordinary input keycloak admin/ui
  • #23930 Admin console does not allow several special characters for realm name anymore keycloak admin/ui
  • #23954 FederatedUserLink errors when user does not have view-realm role keycloak admin/ui
  • #24017 Operator operand env var does not conform to OSBS naming requirements keycloak operator
  • #24031 Missing migration step for Keycloak 22 during import keycloak storage
  • #24081 Scopes still persisted when required attribute is set to `Always` keycloak user-profile
  • #24143 Operator docs link is broken keycloak operator

MongoDB 7.0.2 and 7.0.3
7.0.2 Changelog
Sharding:
SERVER-44422: Allow findAndModify and delete one to target by query instead of extracted shard key
SERVER-75634: The logic in attachCursorSourceToPipelineForLocalRead performs shard versioning by UUID
SERVER-78657: Get rid of getSplitCandidatesForSessionsCollection and minNumChunksForSessionsCollection
SERVER-79086: Deletion of ReshardingCoordinatorService state document is not idempotent
SERVER-796821: ShardsvrReshardCollection Can Hang If Stepdown Occurs Shortly After Stepping Up
SERVER-79771: Make Resharding Operation Resilient to NetworkInterfaceExceededTimeLimit
SERVER-80236: Race in migration source registration and capturing writes for xferMods for deletes
SERVER-80246: Fsync test is not correctly checking for concurrent ddl operations
SERVER-80463: MigrationChunkClonerSourceOpObserver::onInserts() written to look like it skips checking some documents for whether their chunk has moved
SERVER-80712: Avoid leaving the replica set shard partitioned at the end of linearizable_read_concern.js 

Operations:
SERVER-58534: Collect FCV in FTDC
SERVER-77610: Log session id associated with the backup cursor

Build and Packaging:
WT-11302: failed: format-failure-configs-test on ubuntu2004-arm64 with OOM [wiredtiger @ e298381e]

Internals:
SERVER-50606: NetworkInterfaceTest needs to be more permissive with async op timeout
SERVER-52149: Create feature flag for Make taking self-managed backups in 4.4+ as safe as possible
SERVER-52452: Enable feature flag for Make taking self-managed backups in 4.4+ as safe as possible
SERVER-68132: Remove Feature Flag for PM-2076
SERVER-71520: Dump all thread stacks on RSTL acquisition timeout
SERVER-73253: Better path tracking when renaming nested/compound grouping fields
SERVER-73348: Aggregation bug in DocumentSourceSequentialDocumentCache
SERVER-74893: Change default enumeration strategy for planning $or queries
SERVER-74954: Incorrect result when contained $or rewrites $elemMatch extra condition
SERVER-75255: Remove all outdated entries from backports_required_for_multiversion_tests.yml
SERVER-75693: $vectorSearch Documentation Updates
SERVER-76780: Robustify sparse_index_internal_expr.js and compound_wildcard_index_hiding.js test
SERVER-76840: Filter oplog for query_oplogreplay collection
SERVER-76932: Add a way for a thread to know when the SignalHandler thread is done with printAllThreadStacks
SERVER-77134: Search queries hold storage tickets while waiting for response from network
SERVER-77232: Platform Support: Remove support for Debian 10
SERVER-77233: Platform Support: Remove support for Ubuntu 18.04
SERVER-77542: Internal operations should handle TemporarilyUnavailable and TransactionTooLargeForCache exceptions
SERVER-77638: Add logging on completion of resharding
SERVER-77677:Test or_to_in.js should run only in 7.0 and above.
SERVER-77732: Create LTO variant
SERVER-77862: Exclude compact.js from running in macos variants
SERVER-77991: $$USER_ROLES not available within aggregation sub-pipeline
SERVER-78149: Implement the mongos fsync (lock : true) command
SERVER-78150: Implement the mongos fsyncUnlock command
SERVER-78151: Add fsyncLock status to the mongos currentOp command
SERVER-78153: Unlock the config server primary via the mongos fsyncUnlock command
SERVER-78154: Detect on-going DDL operations in fsync with lock command
SERVER-78156: Test the mongos fsync with lock command with distributed transactions
SERVER-78159: Merge DocumentSourceInternalSearchMongotRemote and DocumentSourceInternalIdLookup into DocumentSourceSearch
SERVER-78164: Make SBE eligible for DocumentSource with requiresInputDocSource = false
SERVER-78217: Renaming view return wrong error on sharded cluster (2nd attempt)
SERVER-78252: Block chunk migrations for hashed shard keys if you don’t have the shard key index
SERVER-78253: Allow folks with hashed shard keys to drop the hashed index
SERVER-78505: Database cache does not use the 'allowLocks' option correctly
SERVER-78529: Create feature flag
SERVER-78530: Enable feature flag
SERVER-78650: Change stream oplog rewrite of $nor hits empty-array validation if no children are eligible for rewrite
SERVER-78721: Remove multiversion compatibility for rename view test
SERVER-78746: Enable feature flag in 7.0
SERVER-78793: Add a timeout to the mongos FSync Lock Command
SERVER-78831: Make $listSearchIndexes throw an Exception when used outside of Atlas
SERVER-78848: $listSearchIndexes behavior should be consistent with other aggregations when the collection does not exist
SERVER-78917: Relax condition in a router loop in shard_version_retry
SERVER-78987: Remove the free monitoring code from mongodb/mongo repo
SERVER-79025: Mongos Fsync with lock command should use mongos fsyncUnlock command
SERVER-79045: Update yaml-cpp entry in README.third_party.md to 0.6.3
SERVER-79046 The PreWriteFilter should be disabled if the mongod process is started with --shardsvr and in queryable backup mode
SERVER-79054 Modify service_executor_bm to run an empty benchmark on ASAN
SERVER-79236 Server cannot start in standalone if there are cluster parameters
SERVER-79336 [Security] Audit v7.0 feature flag
SERVER-79360 Avoid accessing OpDebug from other threads
SERVER-79497 Backport $vectorSearch to 7.0
SERVER-79552 $group rewrite for timeseries returns incorrect result if referencing the metaField in an object
SERVER-79599 Geospatial Query Error on MongoDB Version 6.3.2
SERVER-79780 ScopedCollectionDescription shouldn't hold a RangePreserver
SERVER-79912 CheckReplDBHash reports failure with system.buckets collections due to invalid BSON
SERVER-79958 Schedule the high-value workloads to run more regularly
SERVER-79974 Time-series bucket change stream shardCollection events translate shardKey fields
SERVER-79982 Batched catalog writers can run concurrently with HistoricalCatalogIdTracker::cleanup() and lead to incorrect PIT find results.
SERVER-80100 Fix typo in excluding compound_wildcard_index_hiding.js and sparse_index_internal_expr.js
SERVER-80140 Use the $currentOp to verify that fsyncLockWorker threads are waiting for the lock
SERVER-80234 Catalog cache unit tests of allowLocks should block the refresh
SERVER-80302 capped_large_docs.js is not resilient to replication rollback
SERVER-80465 Make numCandidates optional on mongod for $vectorSearch
SERVER-80488 Avoid traversing routing table in balancer split chunk policy
SERVER-80491 Expose more granular metrics around balancing round
SERVER-80544 Fix incorrect wait in runSearchCommandWithRetries
SERVER-80655 Reduce logging in release tasks
SERVER-80678 Remove an outdated test case
SERVER-80696 Fix How limit is calculated in $_internalSearchMongotRemote
SERVER-80708 Increase the sys-perf 'Compile for Atlas-like' task size
SERVER-80740 [7.0,7.1] Remove stream testing
SERVER-80772 Stage builders generate invalid plan for simple project after sort query
SERVER-80786 [7.0] Sharded time-series buckets should allow deleteOne against _id
SERVER-80828 Disable configure_query_analyzer_persistence.js from the sharding_csrs_continuous_config_stepdown suite
SERVER-80912 Enterprise RHEL 7.1 ppc64le failures on 6.0 waterfall
SERVER-80975 shardCollection(timeseriesNss) may accessed unititialised request parameters when invoked on a multiversion suite
SERVER-81013 Fix resolveCollator to return 'kNo' when query has collator and collection does not
SERVER-81031 Remove unowned RecordStore reference in WT RandomCursor class
SERVER-81036 Fix the test entry in the backports_required_for_multiversion_tests.yml
SERVER-81372 Collection defragmentation phases sporadically jump backward
WT-10108 Add a data structure encapsulating user level truncate context
WT-10786 Block checksum mismatch in bench-tiered-push-pull-s3
WT-10873 failed: Unable to locate update associated with a prepared operation [wiredtiger @ 57bcfe46]
WT-10927 Re enable HS verification
WT-10987 Always log a truncate even if no work to do
WT-10992 Implement testutil functions for directory copy and remove
WT-11060 format failure: unable to locate update associated with a prepared operation
WT-11168 Remove the page image reuse logic
WT-11222 Fix run_format_configs to execute failed configs in parallel
WT-11223 Prepare resolution diagnostic check reads freed update
WT-11247 Reduce long-test format rows to limit disk usage
WT-11280 Generation tracking might not be properly synchronized
WT-11299 Fix run_format_configs.sh script to grep exact process id
WT-11423 Unable to locate update associated with a prepared operation
WT-11424 WT_CURSOR.search: timed out with prepare-conflict
WT-11636 Disable Google SDK tiered test
WT-11638 Fix prepared update resolution assertion
WT-11684 Revert "WT-10927 Re-enable HS verification in mongodb-v7.0

MySQL 8.2.0
Changes in MySQL 8.2.0 (2023-10-25, Innovation Release):

Node.js 21.1.0
Notable Changes
Automatically detect and run ESM syntax:

The new flag --experimental-detect-module can be used to automatically run ES modules when their syntax can be detected. For “ambiguous” files, which are .js or extensionless files with no package.json with a type field, Node.js will parse the file to detect ES module syntax; if found, it will run the file as an ES module, otherwise it will run the file as a CommonJS module. The same applies to string input via --eval or STDIN. We hope to make detection enabled by default in a future version of Node.js. Detection increases startup time, so we encourage everyone — especially package authors — to add a type field to package.json, even for the default "type": "commonjs". The presence of a type field, or explicit extensions such as .mjs or .cjs, will opt out of detection. Contributed by Geoffrey Booth in #50096.

Other Notable Changes:
[3729e33358] - doc: add H4ad to collaborators (Vinícius Lourenço) #50217
[18862e4d5d] - (SEMVER-MINOR) fs: add flush option to appendFile() functions (Colin Ihrig) #50095
[5a52c518ef] - (SEMVER-MINOR) lib: add navigator.userAgent (Yagiz Nizipli) #50200
[789372a072] - (SEMVER-MINOR) stream: allow pass stream class to stream.compose (Alex Yang) #50187
[f3a9ea0bc4] - stream: improve performance of readable stream reads (Raz Luvaton) #50173
[dda33c2bf1] - vm: reject in importModuleDynamically without --experimental-vm-modules (Joyee Cheung) #50137
[3999362c59] - vm: use internal versions of compileFunction and Script (Joyee Cheung) #50137
[a54179f0e0] - vm: unify host-defined option generation in vm.compileFunction (Joyee Cheung) #50137

PHP 8.2.12
Core:

  • Fixed bug GH-12207 (memory leak when class using trait with doc block).
  • Fixed bug GH-12215 (Module entry being overwritten causes type errors in ext/dom).
  • Fixed bug GH-12273 (__builtin_cpu_init check).
  • Fixed bug #80092 (ZTS + preload = segfault on shutdown).

CLI:

  • Ensure a single Date header is present.

CType:

  • Fixed bug GH-11997 (ctype_alnum 5 times slower in PHP 8.1 or greater).

DOM:

  • Restore old namespace reconciliation behaviour.
  • Fixed bug GH-8996 (DOMNode serialization on PHP ^8.1).

Fileinfo:

  • Fixed bug GH-11891 (fileinfo returns text/xml for some svg files).

Filter:

  • Fix explicit FILTER_REQUIRE_SCALAR with FILTER_CALLBACK (ilutov)

Hash:

  • Fixed bug GH-12186 (segfault copying/cloning a finalized HashContext).

Intl:

  • Fixed bug GH-12243 (segfault on IntlDateFormatter::construct).
  • Fixed bug GH-12282 (IntlDateFormatter::construct should throw an exception on an invalid locale).

MySQLnd:

  • Fixed bug GH-12297 (PHP Startup: Invalid library (maybe not a PHP library) 'mysqlnd.so' in Unknown on line).

Opcache:

  • Fixed opcache_invalidate() on deleted file.
  • Fixed bug GH-12380 (JIT+private array property access inside closure accesses private property in child class).

PCRE:

  • Fixed bug GH-11956 (Backport upstream fix, PCRE regular expressions with JIT enabled gives different result).

SimpleXML:

  • Fixed bug GH-12170 (Can't use xpath with comments in SimpleXML).
  • Fixed bug GH-12223 (Entity reference produces infinite loop in var_dump/print_r).
  • Fixed bug GH-12167 (Unable to get processing instruction contents in SimpleXML).
  • Fixed bug GH-12169 (Unable to get comment contents in SimpleXML).

Streams:

  • Fixed bug GH-12190 (binding ipv4 address with both address and port at 0).

XML:

  • Fix return type of stub of xml_parse_into_struct().
  • Fix memory leak when calling xml_parse_into_struct() twice.

XSL:

  • Fix type error on XSLTProcessor::transformToDoc return value with SimpleXML.

Ceph 17.2.7
Notable Changes:

  • ceph mgr dump command now displays the name of the Manager module that registered a RADOS client in the name field added to elements of the active_clients array. Previously, only the address of a module’s RADOS client was shown in the active_clients array.
  • mClock Scheduler: The mClock scheduler (default scheduler in Quincy) has undergone significant usability and design improvements to address the slow backfill issue. Some important changes are:
  • The ‘balanced’ profile is set as the default mClock profile because it represents a compromise between prioritizing client IO or recovery IO. Users can then choose either the ‘high_client_ops’ profile to prioritize client IO or the ‘high_recovery_ops’ profile to prioritize recovery IO.
  • QoS parameters including reservation and limit are now specified in terms of a fraction (range: 0.0 to 1.0) of the OSD’s IOPS capacity.
  • The cost parameters (osd_mclock_cost_per_io_usec_* and osd_mclock_cost_per_byte_usec_*) have been removed. The cost of an operation is now determined using the random IOPS and maximum sequential bandwidth capability of the OSD’s underlying device.
  • Degraded object recovery is given higher priority when compared to misplaced object recovery because degraded objects present a data safety issue not present with objects that are merely misplaced. Therefore, backfilling operations with the ‘balanced’ and ‘high_client_ops’ mClock profiles may progress slower than what was seen with the ‘WeightedPriorityQueue’ (WPQ) scheduler.
  • The QoS allocations in all mClock profiles are optimized based on the above fixes and enhancements.
  • For more detailed information see: https://docs.ceph.com/en/quincy/rados/configuration/mclock-config-ref/
  • RGW: S3 multipart uploads using Server-Side Encryption now replicate correctly in multi-site. Previously, the replicas of such objects were corrupted on decryption. A new tool, radosgw-admin bucket resync encrypted multipart, can be used to identify these original multipart uploads. The LastModified timestamp of any identified object is incremented by 1 nanosecond to cause peer zones to replicate it again. For multi-site deployments that make any use of Server-Side Encryption, we recommended running this command against every bucket in every zone after all zones have upgraded.
  • CephFS: MDS evicts clients which are not advancing their request tids which causes a large buildup of session metadata resulting in the MDS going read-only due to the RADOS operation exceeding the size threshold. mds_session_metadata_threshold config controls the maximum size that a (encoded) session metadata can grow.
  • CephFS: After recovering a Ceph File System post following the disaster recovery procedure, the recovered files under lost+found directory can now be deleted.
  • Dashboard: There is a new Dashboard page with an improved layout. Active alerts and some important charts are now displayed inside cards. This new dashboard can be disabled and the older layout brought back by setting ceph dashboard feature disable dashboard.

Ansible AWX 23.3.1
Replaced the Execution Environment Setup Reference section of the Execution Environments chapter of the AWX User Guide with a link to the Builder's definition docs instead of duplicating its content (@Andersson007 #14562)

  • Removed requirement from image parameter as it is not always needed (e.g., when state is absent or updating an existing Execution Environment) (@willthames #14488)
  • Cleaned up SOS report passwords (@sscheib-rh #14557)
  • Upgraded client library for dsv since tss already landed (@AlanCoding #14362)
  • Added customizable batch_size for cleanup_activitystream and cleanup_jobs (@dangoncalves #14412)
  • Updated Django dependencies to resolve CVE-2023-43665 (@TheRealHaoLiu #14561)
  • Added alt-text codeblock to images for the Organizations chapter of the AWX User Guide (@coderSuren #14556)
  • Added alt-text codeblock to images for the Notifications chapter of the AWX User Guide (@coderSuren #14555)
  • Removed retry attempts for waiting for DB migrations to complete (@TheRealHaoLiu #14566)
  • Removed mailing list from Get Involved sections of the AWX README (@TheRealHaoLiu #14580)
  • Deleted unpartitioned tables in a separate transaction (@AlanCoding #14572)
  • Added alt-text codeblock to images for the Project Signing and Verification chapter of the AWX User Guide (@C0DE-SLAYER #14545)
  • Corrected Auditor roles in RBAC table of the Security chapter of the AWX User Guide (@ro4i7 #14540)
  • Added alt-text codeblock to images for the Users chapter of the AWX User Guide (@ro4i7 #14538)
  • Added alt-text codeblock to images for the Teams chapter of the AWX User Guide (@ro4i7 #14539)
  • Added alt-text codeblock to images for the Job Branching chapter of the AWX User Guide (@Deepshaded #14541)
  • Added link to the Getting Started with Execution Environments guide from the Execution Environments chapter of the AWX User Guide (@Andersson007 #14587)
  • Corrected missing text replacement directives in the Users chapter of the AWX User Guide (@tvo318 #14592)
  • Added alt-text codeblock to images for the Projects chapter of the AWX User Guide (@C0DE-SLAYER #14544)
  • Added alt-text codeblock to images for the Job Templates chapter of the AWX User Guide (@kishan3 #14548)
  • Removed specific version for receptorctl dependencies in the requirements files (@TheRealHaoLiu #14593)
  • Added alt-text codeblock to images for the Job Capacity and Job Slices sections of the AWX User Guide (@kishan3 #14549)
  • Added alt-text codeblock to images for the Credentials chapter of the AWX User Guide (@kishan3 #14550)
  • Fixed invalid YAML in constructed inventory "Hosts by processor type" copy/paste example (@marshmalien #14568)
  • Added alt-text codeblock to images for the Credential Types chapter of the AWX User Guide (@kishan3 #14551)
  • Added alt-text codeblock to images for the Instance Groups chapter of the AWX User Guide (@123MwanjeMike #14571)
  • Added alt-text codeblock to images for the Execution Environments chapter of the AWX User Guide (@Bhanuteja01 #14576)
  • Introduced requirements.in and constraints.in to pip compile the full dependency tree for docsite build requirements; and updated the tox configuration (@oraNod #14449)
  • Fixed swagger docs generation on RHEL (@obaranov #14589)
  • Fixed "upgrade in progress" status page not showing up while migration is in progress (@TheRealHaoLiu #14579)

View all OpenUpdate editions >