Stay Informed

This week, read about:

Security Based Updates

Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:

We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!

OpenLogic AngularJS
Small miscellaneous update of angular-translate@2.19.3:

  • Removed bower-npm-resolver from dependencies
  • This resolves unwanted downloads of minimist and tough-cookie with many others

Non-Security Based Updates

Angular 18.2.1
CORE:

  • (fix - 9de30a7b1c) | Allow zoneless scheduler to run insidefakeAsync(#56932)
  • (fix - 286012fb89) | handle hydration of components that project content conditionally (#57383)

MIGRATIONS:

  • (fix - 0bb649b8fa) | account for members with doc strings and no modifiers (#57389)
  • (fix - 3b63082384) | avoid migrating route component in tests (#57317)
  • (fix - 6b4357fae4) | preserve type when using inject decorator (#57389)

Gitlab OSS
Gitlab 17.1.6
Security (1 change):

  • [Always build assets image when tagging](https://gitlab.com/gitlab-org/security/gitlab/-/commit/b10a04aa687e6fbdf6c26b5756dcbb3748728e9a) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4385))

Gitlab 17.2.4
Security (1 change):

  • [Always build assets image when tagging](https://gitlab.com/gitlab-org/security/gitlab/-/commit/d0e661baad53be4fb7eef3b530b544d05a609953) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4386))

Gitlab 17.3.1
Fixed (3 changes)
Changed (1 change)
Security (4 changes):

  • [Do not run pipelines when resolving vulnerability](https://gitlab.com/gitlab-org/security/gitlab/-/commit/ef9c251b19c1ad7aedb591870158fc0085ee5fd9) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4360))
  • [Add Octokit::ResponseValidation middleware](https://gitlab.com/gitlab-org/security/gitlab/-/commit/08d547262c574b00135fb71105e52f03dc3ca8c0) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4375))
  • [IP restriction to prevent all group permissions](https://gitlab.com/gitlab-org/security/gitlab/-/commit/e080f2d2c5a578df52f202505e993c560fec6cb2) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4368))
  • [Destroy associated releases when removing a tag via Git CLI](https://gitlab.com/gitlab-org/security/gitlab/-/commit/b79ada987b82fa756e6ae74f7527dcde8c30d08f) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4365))

Jenkins 2.473
1. Remove obsolete RekeySecretAdminMonitor. (issue 73597))
2. Use dropdown component for autocomplete fields (pull 9453))
3. Remove trailing backslash from 'Keep this build forever' hover text. (pull 9625))

Node.js 22.7.0

  • Experimental transform types support. With the new flag `--experimental-transform-types` it is possible to enable the transformation of TypeScript-only syntax into JavaScript code. This feature allows Node.js to support TypeScript syntax such as `Enum` and `namespace`.
  • Module syntax detection is now enabled by default. Module syntax detection (the `--experimental-detect-module` flag) is now enabled by default. Use `--no-experimental-detect-module` to disable it if needed. Syntax detection attempts to run ambiguous files as CommonJS, and if the module fails to parse as CommonJS due to ES module syntax, Node.js tries again and runs the file as an ES module. Ambiguous files are those with a `.js` or no extension, where the nearest parent `package.json` has no `"type"` field (either `"type": "module"` or `"type": "commonjs"`). Syntax detection should have no performance impact on CommonJS modules, but it incurs a slight performance penalty for ES modules; add `"type": "module"` to the nearest parent `package.json` file to eliminate the performance cost. A use case unlocked by this feature is the ability to use ES module syntax in extensionless scripts with no nearby `package.json`.

Performance Improvements to Buffer:

  • Performance of Node.js Buffers have been optimized through multiple PR's with significant improvements to the `Buffer.copy` and `Buffer.write` methods. These are used throughout the codebase and should give a nice boost across the board.

Other Notable Changes:

  • [911de7dd6d] - **(SEMVER-MINOR)** **inspector**: support `Network.loadingFailed` event (Kohei Ueno) [#54246](https://github.com/nodejs/node/pull/54246)
  • [9ee4b16bd8] - **(SEMVER-MINOR)** **lib**: rewrite AsyncLocalStorage without async_hooks (Stephen Belanger) [#48528](https://github.com/nodejs/node/pull/48528)

RabbitMQ 3.13.7
Core Broker - Bug Fixes:

  • Streams recover better from certain node process failures that may leave behind orphaned segment files (that is, segment files that do not have a corresponding index file) or index files without a corresponding
    segment file. GitHub issue: #12073
  • Config file peer discovery now logs warnings for certain common user mistakes. GitHub issues: #11586, #11898
  • Queue declaration operations now return more useful errors when Khepri is enabled and there's only a minority of nodes online. GitHub issues: #12020, #11991
  • Logging is now more defensive around exception handling. Previously a (very rare) logger exception could
    lead to the amq.rabbitmq.log handler and exchange to be removed. GitHub issue: #12107
  • rabbitmq-upgrade revive unintentionally tried to perform operations on replicas that are not local to the node. This could result in an exceptions some of which were not handled and the command failed. Re-running the command usually helped. GitHub issue: #12038

Strimzi Operator 0.43.0

  • Add support for Apache Kafka 3.8.0. Remove support for Apache Kafka 3.6.0, 3.6.1, and 3.6.2.
  • Added alerts for Connectors/Tasks in failed state.
  • Support for specifying additional volumes and volume mounts in Strimzi custom resources
  • Strimzi Drain Cleaner updated to 1.2.0 (included in the Strimzi installation files)
  • Additional OAuth configuration options have been added for 'oauth' authentication on the listener and the client. On the listener `serverBearerTokenLocation` and `userNamePrefix` have been added.  On the client `accessTokenLocation`, `clientAssertion`, `clientAssertionLocation`, `clientAssertionType`, and `saslExtensions` have been added.
  • Add support for custom Cruise Control API users
  • Update HTTP bridge to latest 0.30.0 release
  • Unregistration of KRaft nodes after scale-down
  • Update Kafka Exporter to [1.8.0 (https://github.com/danielqsj/kafka_exporter/releases/tag/v1.8.0) and update the Grafana dashboard to work with it

Changes, Deprecations and Removals:

  • The storage overrides for configuring per-broker storage class are deprecated and will be removed in the future. If you are using the storage overrides, you should migrate to KafkaNodePool resources and use multiple node pools with a different storage class each.
  • Strimzi 0.43.0 (and any of its patch releases) is the last Strimzi version with support for Kubernetes 1.23 and 1.24. From Strimzi 0.44.0 on, we will support only Kubernetes 1.25 and newer.

Wildfly 33.0.1
BUG:
[WFLY-19549] - OIDCSecurityContext deserialization issue
[WFLY-19577] - Undertow ServerAdd could not detect referenced capabilities
[WFLY-19583] - Deployment-related undertow metrics are not exported
[WFLY-19610] - @PostConstruct on Servlet may be called twice
[WFLY-19613] - Performance regression with HttpSession.getAttribute

TASK:
[WFLY-19576] - Upgrade CXF to 4.0.5
[WFLY-19611] - Upgrade OpenSAML to 4.3.0

COMPONENT UPGRADE:
[WFLY-19572] - Upgrade Arquillian 1.9.1.Final, Arquillian Jakarta to 10.0.0.Final and WildFly Arquillian to 5.1.0.Beta4
[WFLY-19574] - Arquillian version specified in user BOMs fails with JUnit 5
[WFLY-19600] - Upgrade RESTEasy to 6.2.10.Final
[WFLY-19637] - Upgrade WildFly Core to 25.0.1.Final
[WFLY-19652] - Upgrade jboss-ejb-client to 5.0.7.Final
[WFLY-19654] - Upgrade RESTEasy to 7.0.0.Alpha3

View all OpenUpdate editions >