Stay Informed

This week, read about:

OWASP Kubernetes Top Ten.
Introducing HAR Sanitizer: Secure HAR Sharing.
Linux Kernel 6.6 Arrives With Numerous Refinements.
AlmaLinux vs. Rocky Linux: Exploring the Key Differences.
The Best Open Source Software of 2023.
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability.
The State of Open Source Survey Is Now Live.
Concerns Over the Future of Open Source? Much Ado About Nothing.
We Have the Latest Versions of OpenJDK Versions 8, 11, and 17 Now Available.

Key Security, Maintenance, and Features Releases

Security Based Updates

OpenLogic’s Enterprise Linux Team has recently published the following updates:

CVE-2021-4157
- CentOS 8
  - kernel-4.18.0-348.7.1_ol001.el8_5

We recommend that you update your CentOS 8 systems to protect against these vulnerabilities. As usual, please ensure that you test these updates before deploying to production.

If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!

Nginx 1.25.3
* Change: improved detection of misbehaving clients when using HTTP/2.
* Feature: startup speedup when using a large number of locations. Thanks to Yusuke Nojima.
* Bugfix: a segmentation fault might occur in a worker process when using HTTP/2 without SSL; the bug had appeared in 1.25.1.
* Bugfix: the "Status" backend response header line with an empty reason phrase was handled incorrectly.
* Bugfix: memory leak during reconfiguration when using the PCRE2 library.
* Bugfixes and improvements in HTTP/3.

TomEE 9.1.1
Dependency Upgrade:
TOMEE-4246 ActiveMQ 5.18.2
TOMEE-4230 Backport fix for CVE-2023-34981
TOMEE-4239 Backport fix for CVE-2023-41080
TOMEE-4235 Bouncy Castle 1.75
TOMEE-4243 Bouncy Castle 1.76
TOMEE-4139 CXF 4.0.3 (jakarta namespace)
TOMEE-4247 Hibernate 6.1.7
TOMEE-4227 Jackson 2.15.2
TOMEE-4228 Johnzon 1.2.21
TOMEE-4248 Mojarra 3.0.5
TOMEE-4254 Port fix for CVE-2023-42795
TOMEE-4255 Port fix for CVE-2023-44487
TOMEE-4256 Port fix for CVE-2023-45648
TOMEE-4249 SnakeYAML 2.2
TOMEE-4250 WSS4J 3.0.1
TOMEE-4232 bcprov-jdk15to18-1.74.jar
TOMEE-4251 xmlsec 3.0.2

Bug:
TOMEE-4222 @LoginToContinue JSR-375 (JavaEE Security API) causes IllegalArgumentException
TOMEE-4225 Remove commons-net from TomEE distribution
TOMEE-4226 DataSource definition fails when @DataSourceDefinition doesn’t define url property

Improvement:
TOMEE-4031 Improve TomEE Jmx Mbean Support for Parameter Names

Fixed Common Vulnerabilities and Exposures (CVEs):
TOMEE-4230 Backport fix for CVE-2023-34981
TOMEE-4254 Port fix for CVE-2023-42795
TOMEE-4227 Jackson 2.15.2

Security Based Updates

Jenkins 2.429

Prevent trimming HMAC codes (using HAMCConfidentialKey) when running in FIPS mode only. (pull 8612)
Restore printing output from println and similar methods for the groovy CLI command (regression in 2.427). (issue 72181)
Show the description of boolean build parameter values on the Parameters view (regression in 2.179). (issue 72179)

Angular v16.2.11
Core:
fix - emit provider configured event when a service is configured with providedIn (#52365)
fix - get root and platform injector providers in special cases (#52365)
fix - load global utils before creating platform injector in the standalone case (#52365)

Router:
fix - RouterTestingHarness should throw if a component is expected but navigation fails (#52357)

ActiveMQ 5.18.3
Bug:
[AMQ-9187] - Queue Advisory message not sent when new queue created via Message which has AMQ_SCHEDULED_DELAY Header
[AMQ-9255] - Messages submitted via http(s) transport don't dead letter after TTL is exceeded
[AMQ-9287] - activemq 5.18.1 with jdk 17

Improvement:
[AMQ-9301] - Add additional fields to o.a.activemq.broker.jmx.Connection
[AMQ-9315] - Add connectTimestamp to Connection and JMX view
[AMQ-9343] - Reduce inflight transaction memory footprint in KahaDB
[AMQ-9370] - Openwire marshaller should validate Throwable class type

Task:
[AMQ-8325] - Implement JMS 2.0 XA methods
[AMQ-9306] - Make the WebConsole accessible from outside the Docker container
[AMQ-9351] - Update Jenkinsfile to support specifying JDK version as a build option

Dependency Upgrade:
[AMQ-9293] - Upgrade to Spring 5.3.30
[AMQ-9313] - Upgrade to ASM 9.5
[AMQ-9317] - Upgrade to maven-enforcer-plugin 3.4.1
[AMQ-9318] - Upgrade to maven-javadoc-plugin 3.6.0
[AMQ-9319] - Upgrade to maven-war-plugin 3.4.0
[AMQ-9320] - Upgrade to dependency-check-maven 8.4.0
[AMQ-9321] - Upgrade to maven-shade-plugin 3.5.1
[AMQ-9322] - Upgrade to depends-maven-plugin 1.5.0
[AMQ-9329] - Upgrade to Jetty 9.4.53.v20231009
[AMQ-9331] - Upgrade to ASM 9.6
[AMQ-9332] - Upgrade to xbean 4.24
[AMQ-9352] - Upgrade to jackson 2.15.3
[AMQ-9355] - Upgrade to commons-io 2.14.0
[AMQ-9358] - Upgrade to shiro 1.12.0
[AMQ-9360] - Upgrade to ant 1.10.14
[AMQ-9361] - Upgrade to commons-dbcp2 2.10.0
[AMQ-9362] - Upgrade to commons-pool2 2.12.0
[AMQ-9364] - Upgrade to slf4j 2.0.9

ActiveMQ 5.15.16
Bug:
[AMQ-5388] - User Role Granted Full Privileges in jetty.xml
[AMQ-7344] - ActiveMQ WebConsole doesn't work on Karaf with Jackson 2.10.x
[AMQ-8117] - VirtualSelectorCacheBrokerPlugin throws false positive exception
[AMQ-8395] - NPE on Topic SlowConsumerAdvisory
[AMQ-8439] - Validate example camel.xml fails in the assembly

Improvement:
[AMQ-8468] - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser
[AMQ-9370] - Openwire marshaller should validate Throwable class type

Dependency Upgrade:
[AMQ-8358] - Upgrade xstream to 1.4.18
[AMQ-8359] - Upgrade slf4j to 1.7.32
[AMQ-8396] - Upgrade to jaxb-basics 0.12.0

ActiveMQ Artemis 2.31.2
[ARTEMIS-4477] - artemis-commons does not transform the META-INF/services/javax.json.spi.JsonProvider to the shaded package

ActiveMQ Artemis 2.31.1
Bug
[ARTEMIS-4141] - Message flow gets stuck
[ARTEMIS-4270] - Messages get lost when using multiple consumers with topic hierarchies
[ARTEMIS-4432] - openwire connection failure handling is bypassing the actor and ignoring the operation context leading to contention in error
[ARTEMIS-4435] - Some Artemis artifacts misses MANIFEST.MF content
[ARTEMIS-4442] - Message Redistributor is leaking LinkedListImpl$Iterator
[ARTEMIS-4450] - Auto-deleted clustered destinations can cause message loss
[ARTEMIS-4451] - non-SASL AMQP connection fails if resource audit logging enabled
[ARTEMIS-4453] - Bridge blocked by flow control, seemingly forever

Improvement:
[ARTEMIS-4433] - improve Reproducible Builds
[ARTEMIS-4443] - properties config - support broker plugin - logging broker plugin
[ARTEMIS-4444] - Allow broker classpath extension using custom paths
[ARTEMIS-4447] - Add paging prefetch parameters into address settings
[ARTEMIS-4449] - [DOC] Fix url parameter separator in acceptor configuration
[ARTEMIS-4456] - Register metrics plugin
[ARTEMIS-4459] - Broker should log when ignoring a duplicate MQTT QoS 2 message
[ARTEMIS-4467] - Core client code visibility change required

Task:
[ARTEMIS-4434] - Add extra logging.debug on Redistributor when redistribution is happening
[ARTEMIS-4441] - Add Docker chapter to User Manual
[ARTEMIS-4446] - Improve readability of code/config blocks in user manual
[ARTEMIS-4461] - Declare implicit dependencies for artemis-features
[ARTEMIS-4464] - Cleanup on Soak and Smoke Tests
[ARTEMIS-4466] - Disable Artemis-features verification on non test profiles
[ARTEMIS-4471] - Mark Artemis Maven Plugins as threadSafe=true

Dependency Upgrade:
[ARTEMIS-4437] - Upgrade OWASP to 8.4.0
[ARTEMIS-4438] - Upgrade JGroups to 5.3.0.Final
[ARTEMIS-4439] - Upgrade Netty to 4.1.100.Final
[ARTEMIS-4457] - Upgrade jetty version to 10.0.16
[ARTEMIS-4474] - Update to Zookeeper 3.8.3
[ARTEMIS-4475] - Upgrade ActiveMQ “Classic” to 5.17.6

Etcd v3.5.10
etcd server:

Fix --socket-reuse-port and --socket-reuse-address not able to be set in configuration file.
Fix corruption check may get a ErrCompacted error when server has just been compacted
Improve Lease put performance for the case that auth is disabled or the user is admin
Improve Skip getting authInfo from incoming context when auth is disabled
Fix Hash and HashKV have duplicated RESTful API

etcdutl v3:

Add optional --bump-revision and --mark-compacted flag to etcdutl snapshot restore operation.

etcdctl v3:

Add optional --bump-revision and --mark-compacted flag to etcdctl snapshot restore operation.

etcd grpc-proxy:

Fix Memberlist results not updated when proxy node down.

Package clientv3:

Fix Multiple endpoints with same prefix got mixed up
Fix Unexpected blocking when barrier waits on a nonexistent key
Fix Reset auth token when failing to authenticate due to auth being disabled
Fix panic in etcd validate secure endpoints

Dependencies:

Compile binaries using go 1.20.10.
Upgrade gRPC to 1.58.3 in #16625, #16781 and #16790. Note that gRPC server will reject requests with connection header (refer to grpc/grpc-go#4803).
Upgrade bbolt to v1.3.8

Grafana 10.2.0
Features and Enhancements:

Canvas: Promote Button to beta. #76582, @adela-almasan
BarChart: Improve data links UX in tooltip. #76514, @torkelo
PluginExtensions: Make sure to pass default timeZone in context. #76513, @mckn
PublicDashboards: Enable feature by default for GA and remove public preview text. #76484, @juanicabanas
Grafana UI: Add Avatar component. #76429, @Clarity-89
Alerting: Add support for msteams contact point in external Alertmanagers. #76392, @alexweav
Alerting: Enable Insights landing page. #76381, @VikaCep
Transformations: De-emphasize non-applicable transformations. #76373, @codeincarnate
Explore: Use short units in graphs. #76358, @Elfo404
Auth: Enable None role for 10.2. #76343, @eleijonmarck
Transformations: Add context to transformation editor. #76317, @mdvictor
Transformations: Add support for setting timezone in Format time and Convert field type transformations. #76316, @codeincarnate
Playlist: Add create+update timestamps to the database. #76295, @ryantxu
Live: Allow setting the engine password. #76289, @jcalisto
Auth: Add support for role mapping and allowed groups in Google OIDC. #76266, @Jguer
Alerting: Add provenance field to /api/v1/provisioning/alert-rules. #76252, @grobinson-grafana
Plugins: Add status_source label to plugin request metrics. #76236, @xnyo
PluginExtensions: Made it possible to control modal size from extension. #76232, @mckn
Loki: Change run query button text based on number of queries. #76196, @ivanahuckova
CloudWatch Logs: Add pattern command to syntax. #76152, @iwysiu
Caching: Add feature toggle for memory efficient cache payload serialization. #76145, @mmandrus
Flamegraph: Make color by package the default color mode. #76137, @aocenas
Service Accounts: Enable adding folder, dashboard and data source permissions to service accounts. #76133, @Jguer
SparklineCell: Display absolute value. #76125, @domasx2
FeatureToggle: Add awsDatasourcesNewFormStyling feature toggle. #76110, @idastambuk
CloudWatch: Add missing AWS/Transfer metrics. #76079, @jangaraj
Transformations: Add variable support to join by field. #76056, @oscarkilhed
Alerting: Add rules export on a folder level. #76016, @konrad147
PanelConfig: Add option to calculate min/max per field instead of using the global min/max in the data frame. #75952, @oscarkilhed
Transformations: Add unary operations to Add field from calculation. #75946, @mdvictor
Bar Gauge: Add field name placement option. #75932, @nmarrs
AzureMonitor: Azure Monitor Cheat sheet. #75931, @alyssabull
Chore: Bump grafana-plugin-sdk-go to v0.179.0. #75886, @leandro-deveikis
Dashboards: Add template variables to selectable options. #75870, @fabrizio-grafana
Docs: Update RBAC documentation. #75869, @mgyongyosi
Alerting: Export of contact points to HCL. #75849, @yuri-tceretian
BrowseDashboards: Enable new Browse Dashboards UI by default. #75822, @joshhunt
Alerting: Use new endpoints in the Modify Export. #75796, @soniaAguilarPeiron
Transformations: Rename "Transform" tab to "Transform data". #75757, @codeincarnate
Loki: Support X-ray as internal link in derived fields. #75756, @harshabaddam
Table: Make sparkline cell respect no value option. #75750, @oscarkilhed
Transformations: Extended support for variables in filter by name. #75734, @oscarkilhed
Tempo: TraceQL results as a spans list. #75660, @adrapereira
Transformations: Add naming mode to partition by value. #75650, @oscarkilhed
Transformations: Correct description of rename by regex. #75641, @oscarkilhed
Team: Support sort query param for teams search endpoint. #75622, @gamab
CloudWatch Logs: Make monaco query editor general availability. #75589, @iwysiu
Explore: Improve timeseries limit disclaimer. #75587, @Elfo404
Stat: Disable wide layout. #75556, @nmarrs
DataSourceAPI: Add adhoc filters to DataQueryRequest and make it not depend on global templateSrv. #75552, @torkelo
Playlist: Remove unused/deprecated api and unused wrapper. #75503, @ryantxu
Explore: Make Explore Toolbar sticky. #75500, @harisrozajac
Elasticsearch: Added support for calendar_interval in ES date histogram queries. #75459, @NikolayTsvetkov
Alerting: Manage remote Alertmanager silences. #75452, @santihernandezc
TimeSeries: Implement ad hoc y-zoom via Shift-drag. #75408, @leeoniya
Cloudwatch: Add missing AWS regions. #75392, @SijmenHuizenga
Transformations: Add support for dashboard variable in limit, sort by, filter by value, heatmap and histogram. #75372, @oscarkilhed
GrafanaUI: Smaller padding around Drawer's title, subtitle, and tabs. #75354, @polibb
InteractiveTable: Add controlled sort. #75289, @Clarity-89
Feature Toggles API: Trigger webhook call when updating. #75254, @jcalisto
Trace View: Span list visual update. #75238, @adrapereira
User: Support sort query param for user and org user, search endpoints. #75229, @gamab
Admin: Use backend sort. #75228, @Clarity-89
Breadcrumbs: Enable plugins to override breadcrumbs that are generated by pages defined in plugin.json. #75218, @torkelo
Cloudwatch: Add Documentation on Temporary Credentials. #75178, @sarahzinger
Tracing: Span filters reset show matches only. #75150, @joey-grafana
Toggle: Enable Recorded Queries Multi support by default. #75097, @kylebrandt
GrafanaUI: Support memoization of useStyles additional arguments. #75000, @joshhunt
NodeGraph: Allow to set node radius in dataframe. #74963, @piggito
AdhocFilters: Improve typing and signature of getTagKeys and getTagValues and behaviors. #74962, @torkelo
OpenSearch: Add timeRange to parameters passed to getTagValues. #74952, @iwysiu
PublicDashboards: Refresh ds plugin supported list. #74947, @juanicabanas
Chore: Update metrics for AWS/MediaConnect. #74946, @Deepali1211
Tempo: Added not regex operator. #74907, @adrapereira
MySQL: Update configuration page styling. #74902, @gwdawson
InteractiveTable: Add horizontal scroll. #74888, @Clarity-89
SSE: Reduce to apply Mode to instant vector (mathexp.Number). #74859, @yuri-tceretian
CloudWatch: Correctly add dimension values to labels. #74847, @iwysiu
Alerting: Add export drawer when exporting all Grafana managed alerts. #74846, @soniaAguilarPeiron
Feature: Allow to disable a plugin. #74840, @andresmgot
Alerting: Always show expression warnings and errors. #74839, @gillesdemey
Tempo: Added spss config - spans per span set. #74832, @adrapereira
Admin: Use InteractiveTable for user and team tables. #74821, @Clarity-89
Canvas: Button API Editor support template variables. #74779, @adela-almasan
PublicDashboards: Title logo and footer redesign. #74769, @juanicabanas
Tempo: Highlight errors in TraceQL query. #74697, @fabrizio-grafana
Folders: Do not allow modifying the folder UID via the API. #74684, @papagian
Pyroscope: Remove support for old pyroscope. #74683, @aocenas
AzureMonitor: Improve Log Analytics query efficiency. #74675, @aangelisc
Canvas: Button API Editor support setting parameters. #74637, @adela-almasan
Alerting: Support for single rule and multi-folder rule export. #74625, @yuri-tceretian
Loki: Added query editor and builder support for new Logfmt features. #74619, @matyax
Alerting: Add export drawer with yaml and json formats, in policies and contact points view. #74613, @soniaAguilarPeiron
Canvas: Button API - Add support for GET requests. #74566, @adela-almasan
Explore: Content Outline. #74536, @harisrozajac
Alerting: Add Grafana-managed groups and rules export. #74522, @konrad147
Plugins: Unset annotation editor variables. #74519, @oshirohugo
Internationalization: Set lang of HTML page to user language preference. #74513, @ypnos
Chore: Remove unused/deprecated method. #74485, @ryantxu
Logging: Add WithContextualAttributes to pass log params based on the given context. #74428, @svennergr
CloudWatch: Add AWS/S3 replication metrics (#74416). #74418, @jordanefillatre
Canvas: New circle/ellipse element. #74389, @Develer
Loki: Add backend healthcheck. #74330, @svennergr
Transformations: Show row index as percent in 'Add field from calculation'. #74322, @mdvictor
Geomap: Add Symbol Alignment Options. #74293, @drew08t
Dashboard: Auto-generate panel title and description using AI. #74284, @nmarrs
Alerting: Adds additional pagination to several views. #74268, @gillesdemey
CloudWatch: Add additional AWS/Firehose metrics for DynamicPartitioning support. #74237, @tristanburgess
Chore: Replace entity GRN with infra/grn GRN. #74198, @DanCech
Dashboard: Remove old panel code and leave only new panel design. #74196, @polibb
Tempo: Update default editor to TraceQL tab. #74153, @joey-grafana
Plugins: Move filter back to DataSourceWithBackend. #74147, @ryantxu
Axis: Add separate show axis option. #74117, @Develer
Alerting: Do not show grouping when grouplabels are empty in email template. #74090, @gillesdemey
Currency: Add Malaysian Ringgit (RM). #74073, @skangmy
Alerting: Paginate silences table(s). #74041, @gillesdemey
Chore: Update grafana-plugin-sdk-go version. #74039, @oshirohugo
Dashboards: Add "import dashboard" to empty dashboard landing page. #74018, @ivanortegaalba
Dashlist: Use new nested folder picker. #74011, @joshhunt
Plugins: Add dependency column in version table. #73991, @oshirohugo
Elasticsearch: Unify default value for geo hash grid precision across the code to 3. #73922, @ivanahuckova
Dashboard: Store original JSON in DashboardModel. #73881, @Clarity-89
Grafana/ui: Expose trigger method from useForm to children. #73831, @javiruiz01
RBAC: Enable permission validation by default. #73804, @mgyongyosi
Alerting: Update provisioning to validate user-defined UID on create. #73793, @yuri-tceretian
Plugins: Allow async panel migrations. #73782, @joshhunt
Correlations: Allow creating correlations for provisioned data sources. #73737, @ifrost
Alerting: Add contact point for Grafana OnCall. #73733, @grobinson-grafana
Tempo: Improve autocompletion and syntax highlighting for TraceQL tab. #73707, @fabrizio-grafana
Auth: Make sure that SAML responses with default namespaces are parsed correctly. #73701, @IevaVasiljeva
ArrayVector: Add vector field value warning. #73692, @Develer
Loki: Implement keep and drop operations. #73636, @ivanahuckova
Explore Logs: Update log filtering functions to only have effect in the source query. #73626, @matyax
Transforms: Add 'Format String' Transform. #73624, @sjd210
Explore: Improve handling time range keyboard shortcuts inside Explore. #73600, @ifrost
MSSQL: Add support for MI authentication to MSSQL. #73597, @oscarkilhed
Tracing: Support remote, rate-limited, and probabilistic sampling in tracing.opentelemetry config section. #73587, @hairyhenderson
Cloudwatch: Upgrade grafana-aws-sdk. #73580, @sarahzinger
Pyroscope: Template variable support. #73572, @aocenas
CloudWatch: Add missing region Middle East (UAE) me-central-1. #73560, @gelldur
Feat: Feature toggle admin page frontend write UI and InteractiveTable sorting. #73533, @IbrahimCSAE
Cloudwatch: Add back support for old Log Group picker. #73524, @sarahzinger
Google Cloud Monitor: Prom query editor. #73503, @bossinc
Plugins: Remove deprecated grafana-toolkit. #73489, @Ukochka
LibraryPanels: Add RBAC support. #73475, @kaydelaney
Chore: Remove DashboardPickerByID. #73466, @Clarity-89
Elastic: Add id field to Elastic responses to allow permalinking. #73382, @svennergr
Correlations: Add an editor in Explore. #73315, @gelicia
Tempo: Replace template variables in TraceQL tab when streaming is enabled. #73259, @fabrizio-grafana
CloudWatch Logs: Wrap sync error from executeGetQueryResults. #73252, @iwysiu
Elasticsearch: Enable running of queries trough data source backend. #73222, @ivanahuckova
Tempo: Metrics summary. #73201, @joey-grafana
Alerting: Export of alert rules in HCL format. #73166, @yuri-tceretian
SSE: Localize/Contain Errors within an Expression. #73163, @kylebrandt
Dashboards: PanelChrome - remove untitled placeholder and add border when panel is transparent. #73150, @axelavargas
CloudWatch: Add missing AppFlow metrics. #73149, @ciancullinan
Flamegraph: Move to package. #73113, @aocenas
Plugins: Forward feature toggles to plugins. #72995, @oshirohugo
SSE: Group data source node execution by data source. #72935, @kylebrandt
Dashboard: Support template variables in Search tab for Tempo. #72867, @fabrizio-grafana
Cloudwatch: Upgrade aws-sdk and display external ids for temporary credentials. #72821, @sarahzinger
Dashboards: Add megawatt hour (MWh) unit. #72779, @zuchka
Dashboard: Add support for Tempo query variables. #72745, @fabrizio-grafana
Auth: Add key_id config param to auth.jwt. #72711, @mgyongyosi
Alerting: Move legacy alert migration from sqlstore migration to service. #72702, @JacobsonMT
Loki: Introduce $__auto range variable for metric queries. #72690, @ivanahuckova
GLDS: Move Text component from the unstable package to grafana-ui. #72660, @eledobleefe
Datasource Plugins: Allow tracking for configuration usage. #72650, @sarahzinger
Cloudwatch Logs: Set Alerting timeout to datasource config's logsTimeout (#72611). #72611, @idastambuk
Flamegraph: Add nice empty state for dashboard panel. #72583, @aocenas
Explore: Unified Node Graph Container. #72558, @harisrozajac
Tracing: Split name column in search results. #72449, @joey-grafana
Tracing: Trace to metrics default range. #72433, @joey-grafana
Email: Light theme email templates. #72398, @gillesdemey
Correlations: Add organization id. #72258, @ifrost
Feat: Feature toggle admin page frontend interface. #72164, @IbrahimCSAE
Alerting: Show annotations markers in TimeSeries panel when using Loki as …. #72084, @soniaAguilarPeiron
Alerting: Custom contact point for OnCall in Grafana AM. #72021, @konrad147
Frontend: Allows PanelChrome to be collapsed. #71991, @harisrozajac
Elasticsearch: Implement modify query using a Lucene parser. #71954, @matyax
Table: Support display of multiple sub tables. #71953, @joey-grafana
A11y: Make Annotations and Template Variables list and edit pages responsive . #71791, @juanicabanas
Dashboard: Select the last used data source by default when adding a panel to a dashboard. #71777, @axelavargas
Trace to logs: Add service name and namespace to default tags. #71776, @connorlindsey
Alerting: Add new metrics and tracings to state manager and scheduler. #71398, @yuri-tceretian
Alerting: Add configuration options to migrate to an external Alertmanager. #71318, @santihernandezc
Annotations: Improve updating annotation tags queries. #71201, @sakjur
SSE: Support hysteresis threshold expression. #70998, @yuri-tceretian
Dashboards: Add alert and panel icon for dashboards that use Angular plugins. #70951, @xnyo
Chore: Update ubuntu image to 22.04. #70719, @orgads
Auth: Add support for OIDC RP-Initiated Logout. #70357, @venkatbvc
Dashboard: Field Config - Add CFP franc currency (XPF). #70036, @smortex
Auth: Check id token expiry date. #69829, @akselleirv
Alerting: Update Discord settings to treat 'url' as a secure setting. #69588, @yuri-tceretian
Prometheus: Add $__rate_interval_ms to go along with $__interval_ms. #69582, @ywwg
Alerting: Update state manager to change all current states in the case when Error\NoData is executed as Ok\Nomal. #68142, @yuri-tceretian
Tempo: Integrate context aware autocomplete API. #67845, @adrapereira
GrafanaUI: Add aria-label prop to RadioButtonGroup. #67019, @khushijain21
Search API: Search by folder UID. #65040, @joshhunt
Alerting: Migrate old alerting templates to Go templates. #62911, @grobinson-grafana
TeamGroupSync: Delete group sync entries on team delete. (Enterprise)
ServiceAccounts: Add SAs to managed permissions. (Enterprise)
PublicDashboards: Title logo config. (Enterprise)
Caching: Make cache payload serialization more resistant to out-of-memory crashes. (Enterprise)
Caching: Change error logs for cache items not found to debug logs. (Enterprise)
Chore: Add test console.warn catch. (Enterprise)
Emails: Light theme. (Enterprise)
Reporting: Switch to using dashboard UID. (Enterprise)
Recorded Queries: Use new DS picker. (Enterprise)
Reporting: Add ability to retry failed rendering requests (public preview). (Enterprise)

Bug Fixes:

Snapshots: Fix breakage of some panel types due to missing structureRev. #76586, @leeoniya
Loki: Fix Autocomplete in stream selector overwriting existing label names, or inserting autocomplete result within label value. #76485, @gtk-grafana
Alerting: Prevent cleanup of non-empty folders on migration revert. #76439, @JacobsonMT
Flamegraph: Fix inefficient regex generating error on some function names. #76377, @aocenas
Authn: Prevent empty username and email during sync. #76330, @kalleep
RBAC: Fix plugins pages access-control. #76321, @gamab
Tabs: Fixes focus style. #76246, @torkelo
Rendering: Fix Windows plugin signature check. #76123, @AgnesToulet
Dashboards: It always detect changes when saving an existing dashboard . #76116, @ivanortegaalba
Flamegraph: Fix theme propagation. #76064, @aocenas
Pyroscope: Fix backend panic when querying out of bounds. #76053, @aocenas
DataSourcePicker: Disable autocomplete for the search input . #75898, @ivanortegaalba
Loki: Cache extracted labels. #75842, @gtk-grafana
Tempo: Fix service graph menu item links. #75748, @adrapereira
Flamegraph: Fix bug where package colors would be altered after focusin on a node. #75695, @aocenas
Legend: Fix desc sort so NaNs are not display first. #75685, @nmarrs
Transformations: Fix bug with calculate field when using reduce and the all values calculation. #75684, @oscarkilhed
Plugins: Fix sorting issue with expandable rows. #75553, @fabrizio-grafana
Alerting: Show panels within collapsed rows in dashboard picker. #75490, @VikaCep
Tempo: Use timezone of selected range for timestamps. #75438, @fabrizio-grafana
Flamegraph: Fix css issues when embedded outside of Grafana. #75369, @aocenas
Alerting: Make shareable alert rule link work if rule name contains forward slashes. #75362, @domasx2
SQLStore: Fix race condition in RecursiveQueriesAreSupported. #75274, @grobinson-grafana
Connections: Make the "Add new Connection" page work without internet access. #75272, @leventebalogh
TimeSeries: Apply selected line style to custom pathBuilders. #75261, @leeoniya
Alerting: Fix non-applicable error checks for cloud and recording rules. #75233, @gillesdemey
TabsBar: Fix height so that it aligns with grid, and alignItems center . #75230, @torkelo
Prometheus: Fix creation of invalid dataframes with exemplars. #75187, @kylebrandt
Loki: Fix filters not being added with multiple expressions and parsers. #75152, @svennergr
Pyroscope: Fix error when no profile types are returned. #75143, @aocenas
BarChart: Axes centered zero, borders, and colors. #75136, @leeoniya
Plugins: Refresh plugin info after installation. #75074, @oshirohugo
LDAP: FIX Enable users on successfull login . #75073, @gamab
XYChart: Fix numerous axis options. #75044, @leeoniya
Trace View: Remove "deployment.environment" default traces 2 logs tag. #74986, @domasx2
Snapshots: Use appUrl on snapshot list page. #74944, @evictorero
Canvas: Fix inconsistent element placement when changing element type. #74942, @linghaoSu
Connections: Display the type of the datasource. #74808, @leventebalogh
Alerting: Indicate panels without identifier. #74746, @gillesdemey
Notifications: Don't show toasts after refreshing. #74712, @joshhunt
Alerting: Fix default policy timing summary. #74549, @gillesdemey
Alerting: Handle custom dashboard permissions in migration service. #74504, @JacobsonMT
CloudWatch Logs: Fix log query display name when used with expressions. #74497, @iwysiu
Dashboards: Escape tags. #74437, @fabrizio-grafana
Cloudwatch: Fix Unexpected error. #74420, @sarahzinger
Transformations: Fix group by field transformation field name text-overflow. #74173, @oscarkilhed
LDAP: Disable removed users on login. #74016, @gamab
Time Range: Using relative time takes timezone into account. #74013, @ashharrison90
Loki: Fix filtering with structured metadata. #73955, @svennergr
Dashboard embed: Use port instead of callbackUrl. #73883, @Clarity-89
Alerting: Fix data source copy when switching alert rule types. #73854, @gillesdemey
Alerting: Fix delete cloud rule from detail page. #73850, @gillesdemey
LDAP: Fix active sync with large quantities of users. #73834, @gamab
PublicDashboards: Data discrepancy fix. Use real datasource plugin when it is a public dashboard. . #73708, @juanicabanas
A11y: Fix exemplar marker accessibility. #73493, @Develer
A11y: Fix resource picker accessibility. #73488, @Develer
A11y: Fix resource cards accessibility. #73487, @Develer
Template Variables: Fix conversion from non standard data to dataFrame. #73486, @aocenas
A11y: Fix canvas element accessibility. #73483, @Develer
Tempo: Fix [object Object] shown as an Event message in Trace view. #73473, @aocenas
A11y: Fix canvas setting button accessibility. #73413, @Develer
PublicDashboards: Query order bug fixed. #73293, @juanicabanas
DatePicker: Fix calendar not showing correct selected range when changing time zones. #73273, @ashharrison90
Cloud Monitoring: Support AliasBy property in MQL mode. #73116, @alyssabull
Alerting: Fix cloud rules editing. #72927, @konrad147
Dashboard: Fixes dashboard setting Links overflow. #72428, @chauchausoup
A11y: Fix toggletip predictable focus for keyboard users. #72100, @ckbedwell
Gauge: Add overflow scrolling support for vertical and horizontal orientations. #71690, @nmarrs
Export: Remove DS input when dashboard is imported with a lib panel that already exists. #69412, @juanicabanas
Auditing and UsageInsights: FIX Loki configuration to use proxy env variables. (Enterprise)
PDF: Fix parenthesis in dashboard title. (Enterprise)
Reporting: Handle commas in variables. (Enterprise)
Caching: Fix caching metrics being doubled. (Enterprise)

Keycloak 22.05
Enhancements:

#14820 Calling getTopLevelGroups is slow inside GroupLDAPStorageMapper#getLDAPGroupMappingsConverted keycloak storage
#19348 Sort subgroups keycloak storage
#22109 Add non-blocking liveness and readiness checks to Keycloak keycloak dist/quarkus
#22200 External Link check for documentation logs warning and exception: WARN FilenoUtil: Native subprocess control requires open access keycloak docs
#23581 Code certain topics as upstream only keycloak
#23711 Remove recommendation to file a GitHub issue keycloak docs
#23800 Add a disclaimer about refererences to Kubernetes keycloak
#23856 Allow documentation to be build referencing only Linux, not Windows keycloak
#23910 Removing the default cache metadata keycloak
#23946 Limit Keycloak 22 Windows support to the Admin CLI to upstream keycloak
#23951 Update Keycloak 22 Getting Started keycloak

Bugs:

#22170 Operator secrets sequencing keycloak operator
#22600 Keycloak admin v2 theme js mapper adding issue keycloak admin/ui
#22960 Do not store empty attributes when updating user profile keycloak user-profile
#22982 User attributes can't be saved when user profile is enabled keycloak admin/ui
#23220 Update to Keycloak 22.0.3 fails: Migration failed for change set META-INF/jpa-changelog-13.0.0.xml::default-roles::keycloak keycloak storage
#23294 admin-fine-grained-authz + client authorization settings requires more realm-management roles keycloak admin/ui
#23345 Broken link https://stackapps.com/apps/oauth/register keycloak docs
#23397 The "invalid_grant" error occurs again when loading the offline client session with an early creation time. keycloak infinispan
#23434 Can not view or update user profile attribute in user details keycloak admin/ui
#23507 User cannot be created via Admin UI if custom user attribute is required keycloak admin/ui
#23584 Return attribute group metadata from Admin and Account APIs keycloak user-profile
#23654 Attributes tab fields are not changing when a different group is selected keycloak admin/ui
#23713 Weak hashing algorithm usage in SSSD User federation keycloak identity-brokering
#23740 Admin Console doesn't show user when user attribute has annotation inputType keycloak admin/ui
#23743 Keycloak 22.0.4 crashes on file step1.html on old safari versions keycloak authentication
#23774 User can't be updated in admin console when user profile is used keycloak admin/ui
#23783 'Show version information' is not working keycloak dist/quarkus
#23790 The `Enabled When` setting should be set to `Always` by default keycloak user-profile
#23911 User profile attribute default render should be ordinary input keycloak admin/ui
#23930 Admin console does not allow several special characters for realm name anymore keycloak admin/ui
#23954 FederatedUserLink errors when user does not have view-realm role keycloak admin/ui
#24017 Operator operand env var does not conform to OSBS naming requirements keycloak operator
#24031 Missing migration step for Keycloak 22 during import keycloak storage
#24081 Scopes still persisted when required attribute is set to `Always` keycloak user-profile
#24143 Operator docs link is broken keycloak operator

MongoDB 7.0.2 and 7.0.3
7.0.2 Changelog
Sharding:
SERVER-44422: Allow findAndModify and delete one to target by query instead of extracted shard key
SERVER-75634: The logic in attachCursorSourceToPipelineForLocalRead performs shard versioning by UUID
SERVER-78657: Get rid of getSplitCandidatesForSessionsCollection and minNumChunksForSessionsCollection
SERVER-79086: Deletion of ReshardingCoordinatorService state document is not idempotent
SERVER-796821: ShardsvrReshardCollection Can Hang If Stepdown Occurs Shortly After Stepping Up
SERVER-79771: Make Resharding Operation Resilient to NetworkInterfaceExceededTimeLimit
SERVER-80236: Race in migration source registration and capturing writes for xferMods for deletes
SERVER-80246: Fsync test is not correctly checking for concurrent ddl operations
SERVER-80463: MigrationChunkClonerSourceOpObserver::onInserts() written to look like it skips checking some documents for whether their chunk has moved
SERVER-80712: Avoid leaving the replica set shard partitioned at the end of linearizable_read_concern.js

Operations:
SERVER-58534: Collect FCV in FTDC
SERVER-77610: Log session id associated with the backup cursor

Build and Packaging:
WT-11302: failed: format-failure-configs-test on ubuntu2004-arm64 with OOM [wiredtiger @ e298381e]

Internals:
SERVER-50606: NetworkInterfaceTest needs to be more permissive with async op timeout
SERVER-52149: Create feature flag for Make taking self-managed backups in 4.4+ as safe as possible
SERVER-52452: Enable feature flag for Make taking self-managed backups in 4.4+ as safe as possible
SERVER-68132: Remove Feature Flag for PM-2076
SERVER-71520: Dump all thread stacks on RSTL acquisition timeout
SERVER-73253: Better path tracking when renaming nested/compound grouping fields
SERVER-73348: Aggregation bug in DocumentSourceSequentialDocumentCache
SERVER-74893: Change default enumeration strategy for planning $or queries
SERVER-74954: Incorrect result when contained $or rewrites $elemMatch extra condition
SERVER-75255: Remove all outdated entries from backports_required_for_multiversion_tests.yml
SERVER-75693: $vectorSearch Documentation Updates
SERVER-76780: Robustify sparse_index_internal_expr.js and compound_wildcard_index_hiding.js test
SERVER-76840: Filter oplog for query_oplogreplay collection
SERVER-76932: Add a way for a thread to know when the SignalHandler thread is done with printAllThreadStacks
SERVER-77134: Search queries hold storage tickets while waiting for response from network
SERVER-77232: Platform Support: Remove support for Debian 10
SERVER-77233: Platform Support: Remove support for Ubuntu 18.04
SERVER-77542: Internal operations should handle TemporarilyUnavailable and TransactionTooLargeForCache exceptions
SERVER-77638: Add logging on completion of resharding
SERVER-77677:Test or_to_in.js should run only in 7.0 and above.
SERVER-77732: Create LTO variant
SERVER-77862: Exclude compact.js from running in macos variants
SERVER-77991: $$USER_ROLES not available within aggregation sub-pipeline
SERVER-78149: Implement the mongos fsync (lock : true) command
SERVER-78150: Implement the mongos fsyncUnlock command
SERVER-78151: Add fsyncLock status to the mongos currentOp command
SERVER-78153: Unlock the config server primary via the mongos fsyncUnlock command
SERVER-78154: Detect on-going DDL operations in fsync with lock command
SERVER-78156: Test the mongos fsync with lock command with distributed transactions
SERVER-78159: Merge DocumentSourceInternalSearchMongotRemote and DocumentSourceInternalIdLookup into DocumentSourceSearch
SERVER-78164: Make SBE eligible for DocumentSource with requiresInputDocSource = false
SERVER-78217: Renaming view return wrong error on sharded cluster (2nd attempt)
SERVER-78252: Block chunk migrations for hashed shard keys if you don’t have the shard key index
SERVER-78253: Allow folks with hashed shard keys to drop the hashed index
SERVER-78505: Database cache does not use the 'allowLocks' option correctly
SERVER-78529: Create feature flag
SERVER-78530: Enable feature flag
SERVER-78650: Change stream oplog rewrite of $nor hits empty-array validation if no children are eligible for rewrite
SERVER-78721: Remove multiversion compatibility for rename view test
SERVER-78746: Enable feature flag in 7.0
SERVER-78793: Add a timeout to the mongos FSync Lock Command
SERVER-78831: Make $listSearchIndexes throw an Exception when used outside of Atlas
SERVER-78848: $listSearchIndexes behavior should be consistent with other aggregations when the collection does not exist
SERVER-78917: Relax condition in a router loop in shard_version_retry
SERVER-78987: Remove the free monitoring code from mongodb/mongo repo
SERVER-79025: Mongos Fsync with lock command should use mongos fsyncUnlock command
SERVER-79045: Update yaml-cpp entry in README.third_party.md to 0.6.3
SERVER-79046 The PreWriteFilter should be disabled if the mongod process is started with --shardsvr and in queryable backup mode
SERVER-79054 Modify service_executor_bm to run an empty benchmark on ASAN
SERVER-79236 Server cannot start in standalone if there are cluster parameters
SERVER-79336 [Security] Audit v7.0 feature flag
SERVER-79360 Avoid accessing OpDebug from other threads
SERVER-79497 Backport $vectorSearch to 7.0
SERVER-79552 $group rewrite for timeseries returns incorrect result if referencing the metaField in an object
SERVER-79599 Geospatial Query Error on MongoDB Version 6.3.2
SERVER-79780 ScopedCollectionDescription shouldn't hold a RangePreserver
SERVER-79912 CheckReplDBHash reports failure with system.buckets collections due to invalid BSON
SERVER-79958 Schedule the high-value workloads to run more regularly
SERVER-79974 Time-series bucket change stream shardCollection events translate shardKey fields
SERVER-79982 Batched catalog writers can run concurrently with HistoricalCatalogIdTracker::cleanup() and lead to incorrect PIT find results.
SERVER-80100 Fix typo in excluding compound_wildcard_index_hiding.js and sparse_index_internal_expr.js
SERVER-80140 Use the $currentOp to verify that fsyncLockWorker threads are waiting for the lock
SERVER-80234 Catalog cache unit tests of allowLocks should block the refresh
SERVER-80302 capped_large_docs.js is not resilient to replication rollback
SERVER-80465 Make numCandidates optional on mongod for $vectorSearch
SERVER-80488 Avoid traversing routing table in balancer split chunk policy
SERVER-80491 Expose more granular metrics around balancing round
SERVER-80544 Fix incorrect wait in runSearchCommandWithRetries
SERVER-80655 Reduce logging in release tasks
SERVER-80678 Remove an outdated test case
SERVER-80696 Fix How limit is calculated in $_internalSearchMongotRemote
SERVER-80708 Increase the sys-perf 'Compile for Atlas-like' task size
SERVER-80740 [7.0,7.1] Remove stream testing
SERVER-80772 Stage builders generate invalid plan for simple project after sort query
SERVER-80786 [7.0] Sharded time-series buckets should allow deleteOne against _id
SERVER-80828 Disable configure_query_analyzer_persistence.js from the sharding_csrs_continuous_config_stepdown suite
SERVER-80912 Enterprise RHEL 7.1 ppc64le failures on 6.0 waterfall
SERVER-80975 shardCollection(timeseriesNss) may accessed unititialised request parameters when invoked on a multiversion suite
SERVER-81013 Fix resolveCollator to return 'kNo' when query has collator and collection does not
SERVER-81031 Remove unowned RecordStore reference in WT RandomCursor class
SERVER-81036 Fix the test entry in the backports_required_for_multiversion_tests.yml
SERVER-81372 Collection defragmentation phases sporadically jump backward
WT-10108 Add a data structure encapsulating user level truncate context
WT-10786 Block checksum mismatch in bench-tiered-push-pull-s3
WT-10873 failed: Unable to locate update associated with a prepared operation [wiredtiger @ 57bcfe46]
WT-10927 Re enable HS verification
WT-10987 Always log a truncate even if no work to do
WT-10992 Implement testutil functions for directory copy and remove
WT-11060 format failure: unable to locate update associated with a prepared operation
WT-11168 Remove the page image reuse logic
WT-11222 Fix run_format_configs to execute failed configs in parallel
WT-11223 Prepare resolution diagnostic check reads freed update
WT-11247 Reduce long-test format rows to limit disk usage
WT-11280 Generation tracking might not be properly synchronized
WT-11299 Fix run_format_configs.sh script to grep exact process id
WT-11423 Unable to locate update associated with a prepared operation
WT-11424 WT_CURSOR.search: timed out with prepare-conflict
WT-11636 Disable Google SDK tiered test
WT-11638 Fix prepared update resolution assertion
WT-11684 Revert "WT-10927 Re-enable HS verification in mongodb-v7.0

MySQL 8.2.0
Changes in MySQL 8.2.0 (2023-10-25, Innovation Release):

Node.js 21.1.0
Notable Changes
Automatically detect and run ESM syntax:

The new flag --experimental-detect-module can be used to automatically run ES modules when their syntax can be detected. For “ambiguous” files, which are .js or extensionless files with no package.json with a type field, Node.js will parse the file to detect ES module syntax; if found, it will run the file as an ES module, otherwise it will run the file as a CommonJS module. The same applies to string input via --eval or STDIN. We hope to make detection enabled by default in a future version of Node.js. Detection increases startup time, so we encourage everyone — especially package authors — to add a type field to package.json, even for the default "type": "commonjs". The presence of a type field, or explicit extensions such as .mjs or .cjs, will opt out of detection. Contributed by Geoffrey Booth in #50096.

Other Notable Changes:
[3729e33358] - doc: add H4ad to collaborators (Vinícius Lourenço) #50217
[18862e4d5d] - (SEMVER-MINOR) fs: add flush option to appendFile() functions (Colin Ihrig) #50095
[5a52c518ef] - (SEMVER-MINOR) lib: add navigator.userAgent (Yagiz Nizipli) #50200
[789372a072] - (SEMVER-MINOR) stream: allow pass stream class to stream.compose (Alex Yang) #50187
[f3a9ea0bc4] - stream: improve performance of readable stream reads (Raz Luvaton) #50173
[dda33c2bf1] - vm: reject in importModuleDynamically without --experimental-vm-modules (Joyee Cheung) #50137
[3999362c59] - vm: use internal versions of compileFunction and Script (Joyee Cheung) #50137
[a54179f0e0] - vm: unify host-defined option generation in vm.compileFunction (Joyee Cheung) #50137

PHP 8.2.12
Core:

Fixed bug GH-12207 (memory leak when class using trait with doc block).
Fixed bug GH-12215 (Module entry being overwritten causes type errors in ext/dom).
Fixed bug GH-12273 (__builtin_cpu_init check).
Fixed bug #80092 (ZTS + preload = segfault on shutdown).

CLI:

Ensure a single Date header is present.

CType:

Fixed bug GH-11997 (ctype_alnum 5 times slower in PHP 8.1 or greater).

DOM:

Restore old namespace reconciliation behaviour.
Fixed bug GH-8996 (DOMNode serialization on PHP ^8.1).

Fileinfo:

Fixed bug GH-11891 (fileinfo returns text/xml for some svg files).

Filter:

Fix explicit FILTER_REQUIRE_SCALAR with FILTER_CALLBACK (ilutov)

Hash:

Fixed bug GH-12186 (segfault copying/cloning a finalized HashContext).

Intl:

Fixed bug GH-12243 (segfault on IntlDateFormatter::construct).
Fixed bug GH-12282 (IntlDateFormatter::construct should throw an exception on an invalid locale).

MySQLnd:

Fixed bug GH-12297 (PHP Startup: Invalid library (maybe not a PHP library) 'mysqlnd.so' in Unknown on line).

Opcache:

Fixed opcache_invalidate() on deleted file.
Fixed bug GH-12380 (JIT+private array property access inside closure accesses private property in child class).

PCRE:

Fixed bug GH-11956 (Backport upstream fix, PCRE regular expressions with JIT enabled gives different result).

SimpleXML:

Fixed bug GH-12170 (Can't use xpath with comments in SimpleXML).
Fixed bug GH-12223 (Entity reference produces infinite loop in var_dump/print_r).
Fixed bug GH-12167 (Unable to get processing instruction contents in SimpleXML).
Fixed bug GH-12169 (Unable to get comment contents in SimpleXML).

Streams:

Fixed bug GH-12190 (binding ipv4 address with both address and port at 0).

XML:

Fix return type of stub of xml_parse_into_struct().
Fix memory leak when calling xml_parse_into_struct() twice.

XSL:

Fix type error on XSLTProcessor::transformToDoc return value with SimpleXML.

Ceph 17.2.7
Notable Changes:

ceph mgr dump command now displays the name of the Manager module that registered a RADOS client in the name field added to elements of the active_clients array. Previously, only the address of a module’s RADOS client was shown in the active_clients array.
mClock Scheduler: The mClock scheduler (default scheduler in Quincy) has undergone significant usability and design improvements to address the slow backfill issue. Some important changes are:
The ‘balanced’ profile is set as the default mClock profile because it represents a compromise between prioritizing client IO or recovery IO. Users can then choose either the ‘high_client_ops’ profile to prioritize client IO or the ‘high_recovery_ops’ profile to prioritize recovery IO.
QoS parameters including reservation and limit are now specified in terms of a fraction (range: 0.0 to 1.0) of the OSD’s IOPS capacity.
The cost parameters (osd_mclock_cost_per_io_usec_* and osd_mclock_cost_per_byte_usec_*) have been removed. The cost of an operation is now determined using the random IOPS and maximum sequential bandwidth capability of the OSD’s underlying device.
Degraded object recovery is given higher priority when compared to misplaced object recovery because degraded objects present a data safety issue not present with objects that are merely misplaced. Therefore, backfilling operations with the ‘balanced’ and ‘high_client_ops’ mClock profiles may progress slower than what was seen with the ‘WeightedPriorityQueue’ (WPQ) scheduler.
The QoS allocations in all mClock profiles are optimized based on the above fixes and enhancements.
For more detailed information see: https://docs.ceph.com/en/quincy/rados/configuration/mclock-config-ref/
RGW: S3 multipart uploads using Server-Side Encryption now replicate correctly in multi-site. Previously, the replicas of such objects were corrupted on decryption. A new tool, radosgw-admin bucket resync encrypted multipart, can be used to identify these original multipart uploads. The LastModified timestamp of any identified object is incremented by 1 nanosecond to cause peer zones to replicate it again. For multi-site deployments that make any use of Server-Side Encryption, we recommended running this command against every bucket in every zone after all zones have upgraded.
CephFS: MDS evicts clients which are not advancing their request tids which causes a large buildup of session metadata resulting in the MDS going read-only due to the RADOS operation exceeding the size threshold. mds_session_metadata_threshold config controls the maximum size that a (encoded) session metadata can grow.
CephFS: After recovering a Ceph File System post following the disaster recovery procedure, the recovered files under lost+found directory can now be deleted.
Dashboard: There is a new Dashboard page with an improved layout. Active alerts and some important charts are now displayed inside cards. This new dashboard can be disabled and the older layout brought back by setting ceph dashboard feature disable dashboard.

Ansible AWX 23.3.1
Replaced the Execution Environment Setup Reference section of the Execution Environments chapter of the AWX User Guide with a link to the Builder's definition docs instead of duplicating its content (@Andersson007 #14562)

Removed requirement from image parameter as it is not always needed (e.g., when state is absent or updating an existing Execution Environment) (@willthames #14488)
Cleaned up SOS report passwords (@sscheib-rh #14557)
Upgraded client library for dsv since tss already landed (@AlanCoding #14362)
Added customizable batch_size for cleanup_activitystream and cleanup_jobs (@dangoncalves #14412)
Updated Django dependencies to resolve CVE-2023-43665 (@TheRealHaoLiu #14561)
Added alt-text codeblock to images for the Organizations chapter of the AWX User Guide (@coderSuren #14556)
Added alt-text codeblock to images for the Notifications chapter of the AWX User Guide (@coderSuren #14555)
Removed retry attempts for waiting for DB migrations to complete (@TheRealHaoLiu #14566)
Removed mailing list from Get Involved sections of the AWX README (@TheRealHaoLiu #14580)
Deleted unpartitioned tables in a separate transaction (@AlanCoding #14572)
Added alt-text codeblock to images for the Project Signing and Verification chapter of the AWX User Guide (@C0DE-SLAYER #14545)
Corrected Auditor roles in RBAC table of the Security chapter of the AWX User Guide (@ro4i7 #14540)
Added alt-text codeblock to images for the Users chapter of the AWX User Guide (@ro4i7 #14538)
Added alt-text codeblock to images for the Teams chapter of the AWX User Guide (@ro4i7 #14539)
Added alt-text codeblock to images for the Job Branching chapter of the AWX User Guide (@Deepshaded #14541)
Added link to the Getting Started with Execution Environments guide from the Execution Environments chapter of the AWX User Guide (@Andersson007 #14587)
Corrected missing text replacement directives in the Users chapter of the AWX User Guide (@tvo318 #14592)
Added alt-text codeblock to images for the Projects chapter of the AWX User Guide (@C0DE-SLAYER #14544)
Added alt-text codeblock to images for the Job Templates chapter of the AWX User Guide (@kishan3 #14548)
Removed specific version for receptorctl dependencies in the requirements files (@TheRealHaoLiu #14593)
Added alt-text codeblock to images for the Job Capacity and Job Slices sections of the AWX User Guide (@kishan3 #14549)
Added alt-text codeblock to images for the Credentials chapter of the AWX User Guide (@kishan3 #14550)
Fixed invalid YAML in constructed inventory "Hosts by processor type" copy/paste example (@marshmalien #14568)
Added alt-text codeblock to images for the Credential Types chapter of the AWX User Guide (@kishan3 #14551)
Added alt-text codeblock to images for the Instance Groups chapter of the AWX User Guide (@123MwanjeMike #14571)
Added alt-text codeblock to images for the Execution Environments chapter of the AWX User Guide (@Bhanuteja01 #14576)
Introduced requirements.in and constraints.in to pip compile the full dependency tree for docsite build requirements; and updated the tox configuration (@oraNod #14449)
Fixed swagger docs generation on RHEL (@obaranov #14589)
Fixed "upgrade in progress" status page not showing up while migration is in progress (@TheRealHaoLiu #14579)

View all OpenUpdate editions >

November 2, 2023

Stay Informed

Key Security, Maintenance, and Features Releases

Security Based Updates

Security Based Updates