Stay Informed
This week, read about:
- Announcing HAProxy 3.0.
- Three-Year-Old Apache Flink Flaw Under Active Attack.
- CentOS End of Life Guide for Enterprise.
- OpenJDK Spring 2024 Release Downloads Are Now Available on OpenLogic.
- We Have the Latest Versions of OpenJDK Versions 8, 11, and 17 Now Available.
Security Based Updates
nginx 1.27.0
*) Security: when using HTTP/3, processing of a specially crafted QUIC session might cause a worker process crash, worker process memory disclosure on systems with MTU larger than 4096 bytes, or might have potential other impact (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161). Thanks to Nils Bars of CISPA.
*) Feature: variables support in the "proxy_limit_rate", "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate" directives.
*) Bugfix: reduced memory consumption for long-lived requests if "gzip", "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
*) Bugfix: nginx could not be built by gcc 14 if the --with-atomic option was used. Thanks to Edgar Bonet.
*) Bugfixes in HTTP/3.
Non-Security Based Updates
Angular 18.0.1
COMPILER:
(fix - 419ffa2026) | optimize track function that only passes $index (#55872)
COMPILER-CLI:
(fix - 4c7efc005a) | interpolatedSignalNotInvoked diagnostic for class, style, attribute and animation bindings (#55969)
CORE:
(fix - 4e6ea0e19c) | handle elements with local refs in event replay serialization logic (#56076)
(fix - d73a0175cb) | link errors to ADEV (#55554)
(fix - 985a215b10) | typo in zoneless warning (#55974)
MIGRATIONS:
(fix - ba85d08158) | handle empty ngSwitchCase (#56105)
- [ARTEMIS-1551] - Conversion of most of the properties is not working when crossing protocols.
- [ARTEMIS-1634] - Coverity: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) in QueueControlImpl.java
- [ARTEMIS-1691] - JMS Bridge: After the FailureHandler exits, a bridge cannot be started full functional anymore
- [ARTEMIS-1921] - Setting client ID on core JMS should be reflected in broker RemotingConnection
- [ARTEMIS-2492] - [Doc] Confusing/old paragraph in clusters.md
- [ARTEMIS-3622] - MQTT can deadlock on client connection / disconnection
- [ARTEMIS-4420] - User authentication leaks into non-Artemis servlets
- [ARTEMIS-4652] - Rollback of XAResource implementation should never return XA_RETRY
- [ARTEMIS-4666] - Federated queue consumers do not receive messages on classic clients
- [ARTEMIS-4694] - Servers should be resilient to large headers
- [ARTEMIS-4698] - MetricsManagers' remove method may cause a NullPointerException
- [ARTEMIS-4699] - properties config - implied factoryClassName on TransportConfiguration can be wrong, it needs to be provided via a property value
- [ARTEMIS-4705] - Remove unnecessary field from STOMP HeartBeater
- [ARTEMIS-4711] - XmlDataImporter now requires JMS code
- [ARTEMIS-4712] - Remove LDAP connection pooling
- [ARTEMIS-4713] - Mitigate NPE in LargeMessageControllerImpl
- [ARTEMIS-4714] - Mitigate NPE in FederatedQueueConsumerImpl MessageListener
- [ARTEMIS-4718] - Diverted messages are not properly routed on cluster remote bindings
- [ARTEMIS-4721] - Possible documentation error in wildcard syntax recommendation
- [ARTEMIS-4723] - org.apache.activemq.artemis.utils.actors.Handler$Counter left on the ThreadLocal
- [ARTEMIS-4725] - Mirror may send wrong headers
- [ARTEMIS-4726] - Removing scheduled message from queue via management can cause negative message count
- [ARTEMIS-4727] - Fix STOMP durable sub doc and property precedence
- [ARTEMIS-4731] - Openwire failure detection leak with Windows Clients / Server won't cleanup openwork clients with Exception
- [ARTEMIS-4733] - Mirror Infinite loops (mirror infinite Reflection) from Internal Queues
- [ARTEMIS-4734] - Null dereferencing in ReplicationManager.java
- [ARTEMIS-4744] - AMQP broker connections don't fully support multi host URIs
- [ARTEMIS-4746] - SIMILAR_BRANCHES.SWITCH Identical branches in switch node
- [ARTEMIS-4749] - SIMILAR_BRANCHES.SWITCH in ../activemq/artemis/utils/ThreadDumpUtil.java
- [ARTEMIS-4759] - Restore compatibility with LiveOnlyPolicyConfiguration
- [ARTEMIS-4762] - Queue Stat throw NPE if executed against old server
- [ARTEMIS-4765] - Target Mirror is setting wrong size on duplicate cache
- [ARTEMIS-4768] - Property _AMQ_SCHED_DELIVERY lost from Scheduled Persistent Message after broker restart
- [ARTEMIS-4771] - NPE between AMQPLargeMessageWriter::tryDelivering and resetClose
- [ARTEMIS-4774] - PageCounters get out of sync after AckManager
- [ARTEMIS-4776] - Replicated Paged Files may leak as open on replica target
- [ARTEMIS-4784] - Large messages are being kept on the ReplicationEndpoint after they are closed.
- [ARTEMIS-4789] - Page.destroy race with cleanup
New Feature:
- [ARTEMIS-4675] - Add replication status metrics
- [ARTEMIS-4709] - Add a plugin to provide periodic expiry of connections on a per acceptor basis
- [ARTEMIS-4763] - properties config - support metrics plugin, conversion of .class for non string attributes and empty init
Improvement:
- [ARTEMIS-1769] - Return JMS Session's ClientID via JMX
- [ARTEMIS-4306] - Add authn/z metrics
- [ARTEMIS-4498] - Enable management for internal addresses & queues
- [ARTEMIS-4510] - Add auto-create-destination logic to diverts
- [ARTEMIS-4582] - add view and edit permissions to extend security-settings rbac for management operations
- [ARTEMIS-4696] - Deprecate queue prefetch address setting
- [ARTEMIS-4697] - Auto reload SSL PEM config sources on change
- [ARTEMIS-4704] - Eliminate unnecessary variable in ReplicationManager
- [ARTEMIS-4710] - Keep pem-keystore dependencies as is; make it really optional
- [ARTEMIS-4740] - Reduce unnecessary boxing
- [ARTEMIS-4742] - Decoding PersistedSecuritySetting fails after upgrade
- [ARTEMIS-4743] - Improve CLI Queue Stat Output: Split lines and include internal queue attribute
- [ARTEMIS-4745] - Allow configuration of AMQP federation pull consumer batch size
- [ARTEMIS-4754] - Make configuring security for AMQP federation user accounts simpler
- [ARTEMIS-4758] - Hardening Mirroring
- [ARTEMIS-4766] - gate every newInstance call with a type check on the class to ensure we only call static initialisers of the expected type
- [ARTEMIS-4772] - Expose registered broker plugin class names in JMX
- [ARTEMIS-4773] - Performance improvement on page.sync
- [ARTEMIS-4783] - Touch up federation docs
Wish:
- [ARTEMIS-1729] - Automatically check for broken documentation links
Task:
- ARTEMIS-4703] - Add additional Queue federation example for AMQP federation
- [ARTEMIS-4715] - Using # wildcard from OpenWire JMS consumer stopped working with 2.33.0
- [ARTEMIS-4720] - Add additional example for AMQP federation showing TLS configuration
- [ARTEMIS-4722] - Exclude netty-tcnative-boringssl-static artifacts
- [ARTEMIS-4750] - AMQP Large Message flow control to use runAfter
- [ARTEMIS-4778] - misc test cleanup
Dependency upgrade:
- [ARTEMIS-4625] - Upgrade CheckStyle to 10.15.0
- [ARTEMIS-4701] - Update to Netty 4.1.108
- [ARTEMIS-4717] - Upgrade commons-configuration2 to 2.10.1
- [ARTEMIS-4724] - Upgrade karaf version to 4.4.6
- [ARTEMIS-4728] - Upgrade jgroups version to 5.3.4.Final
- [ARTEMIS-4729] - Upgrade slf4j version to 2.0.12
- [ARTEMIS-4751] - Upgrade to Apache parent 32
- [ARTEMIS-4752] - Upgrade ErrorProne to 2.27.0
- [ARTEMIS-4753] - Upgrade CheckStyle to 10.16.0
- [ARTEMIS-4755] - Upgrade Jackson to 2.17.0
- [ARTEMIS-4756] - Upgrade Commons IO to 2.16.1
- [ARTEMIS-4757] - Upgrade Netty to 4.1.109.Final
- [ARTEMIS-4769] - Update to pem-keystore 2.4.0
- [ARTEMIS-4770] - Update to bouncycastle 1.78
ETC-D 3.5.14
etcd server:
- Fix [LeaseTimeToLive returns error if leader changed](https://github.com/etcd-io/etcd/pull/17704).
- Add [metrics `etcd_disk_wal_write_duration_seconds`](https://github.com/etcd-io/etcd/pull/17616).
- Fix [ignore raft messages if member id mismatch](https://github.com/etcd-io/etcd/pull/17813).
- Update [the compaction log when bootstrap](https://github.com/etcd-io/etcd/pull/17830).
- Fix [Revision decreasing after panic during compaction](https://github.com/etcd-io/etcd/pull/17865)
- Add [`etcd --experimental-stop-grpc-service-on-defrag`](https://github.com/etcd-io/etcd/pull/17914) to enable client failover on defrag.
- Add [support for `AllowedCN` and `AllowedHostname` through config file](https://github.com/etcd-io/etcd/pull/18063)
etcdutl v3:
- Add [`--initial-memory-map-size` to `snapshot restore` to avoid memory allocation issues](https://github.com/etcd-io/etcd/pull/17977)
Package `clientv3`:
- Add [requests retry when receiving ErrGPRCNotSupportedForLearner and endpoints > 1](https://github.com/etcd-io/etcd/pull/17641).
- Fix [initialization for mu in client context](https://github.com/etcd-io/etcd/pull/17699).
Dependencies:
- Compile binaries using [go 1.21.10](https://github.com/etcd-io/etcd/pull/17980).
- Upgrade [bbolt to v1.3.10](https://github.com/etcd-io/etcd/pull/17943).
HAProxy 3.0
- MINOR: sample: implement the uptime sample fetch
- CI: scripts: fix build of vtest regarding option -C
- CI: scripts: build vtest using multiple CPUs
- MINOR: log: rename 'log-format tag' to 'log-format alias'
- DOC: config: document logformat item naming and typecasting features
- BUILD: makefile: yearly reordering of objects by build time
- BUILD: fd: errno is also needed without poll()
- DOC: config: fix two typos "RST_STEAM" vs "RST_STREAM"
- DOC: config: refer to the non-deprecated keywords in ocsp-update on/off
- DOC: streamline http-reuse and connection naming definition
- REGTESTS: complete http-reuse test with pool-conn-name
- DOC: config: add %ID logformat alias alternative
- CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp
- BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
- CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat
- BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
- CI: github: upgrade the WolfSSL job to 5.7.0
- DOC: install: update quick build reminders with some missing options
- DOC: install: update the range of tested openssl version to cover 3.3
- DEV: patchbot: prepare for new version 3.1-dev
- MINOR: version: mention that it's 3.0 LTS now.
jenkins-2.460
1. Remove Disable project button from project view. (pull 9287))
2. Display how many users there are on the Users page. (pull 9221))
3. Warn Java 11 users of the new end of life (pull 9314))
4. Improve the performance of file compression and decompression. (pull 9312))
5. Improve startup performance when jobs have been created via REST API or command line interface. (issue 64356))
6. Add download option to Console output, move View as plain text and Copy buttons to app bar. (pull 9169))
7. Consistently notify job listeners when the job definition is updated from the REST API or command line interface. (issue 64553))
Node.js v20.14.0
Notable Changes:
* [28d2baa17c] - **src,permission**: throw async errors on async APIs (Rafael Gonzaga) [#52730](https://github.com/nodejs/node/pull/52730)
* [77e2bf029a] - **(SEMVER-MINOR)** **test_runner**: support forced exit (Colin Ihrig) [#52038](https://github.com/nodejs/node/pull/52038)
- RabbitMQ `3.13.3` is a maintenance release in the `3.13.x` [release series]. Starting June 1st, 2024, community support for this series will only be provided to [regularly contributing users] and those. who hold a valid [commercial support license]. Please refer to the upgrade section from the [3.13.0 release notes] if upgrading from a version prior to 3.13.0. This release requires Erlang 26 and supports Erlang versions up to `26.2.x`.
- [RabbitMQ and Erlang/OTP Compatibility Matrix] has more details on Erlang version requirements for RabbitMQ.
Minimum Supported Erlang Version:
- As of 3.13.0, RabbitMQ requires Erlang 26. Nodes **will fail to start** on older Erlang releases. Users upgrading from 3.12.x (or older releases) on Erlang 25 to 3.13.x on Erlang 26 (both RabbitMQ *and* Erlang are upgraded at the same time) **must** consult the [v3.12.0 release notes] and [v3.13.0 release notes] first.
Changes Worth Mentioning:
- Release notes can be found on GitHub at [rabbitmq-server/release-notes]
Core Broker
Bug Fixes:
- * Fixes an exception in classic queue message store that produced large scary looking log entries. No data was lost as a result of the exception but clients could run into a channel error. GitHub issue: [#11292]
- * Corrected several 3.13-specific issues related to how the `x-death` headers are populated during [dead lettering]. GitHub issues: [#11160] [#11159] [#11174] [#11339] [#10709] [#11331]
- * Per-virtual host queue (and stream) limit is now enforced for AMQP 1.0, MQTT, RabbitMQ Stream Protocol and STOMP as well as AMQP 0-9-1. Contributed by @SimonUnge. GitHub issue: [#11293]
- * Periodic replica reconciliation of quorum queues now reacts to node shutdown in cluster where Khepri is enabled. Contributed by @SimonUnge. GitHub issue: [#11134]
- * Declaration of an exchange of a non-existent type will now report a more suitable "precondition failed" error to the client. Contributed by @carlhoerberg. GitHub issue: [#11215]
- * Avoids a scary looking log message during node shutdown in certain plugin configurations. GitHub issue: [#11323]
Enhancements:
- * `x-death` headers used to provide metadata about [dead-lettering] are now included for messages consumed from a stream. GitHub issue: [#11173]
- * Classic queue message store recovery was optimized (peak memory footprint-wise) for cases where large (multiple MiB in size) messages were routed to multiple queues. Contributed by @gomoripeti. GitHub issue: [#11072]
- * Besides the previously existing option of configuring default queue type per virtual host,there is now a "global" per node default that can be set via `rabbitmq.conf`:
``` ini
- # Changes default queue type for all clients connected to the configured node
- # to quorum queues.
- # This is just an example, not all queues should be quorum queues.
- # See https://www.rabbitmq.com/docs/quorum-queues to learn more.
default_queue_type = quorum
```
- Contributed by @SimonUnge. GitHub issue: [#11163]
- * When a virtual host process stops, fails or is restarted, a clear message will now be logged. GitHub issue: [#11276]
CLI Tools
Bug Fixes:
- * `rabbitmq-plugins list` incorrectly marked disabled plugins as "pending an upgrade". Partially contributed by @gomoripeti. GitHub issue: [#11198]
- * `rabbitmqctl check_if_any_deprecated_features_are_used` could run into an exception. Partially contributed by @metron2. GitHub issue: [#11194]
Prometheus Plugin
Enhancements:
- * A new Prometheus-exposed metric, `rabbit_stream_segments`, indicates how many stream segment files there are on the target node. Contributed by @markus812498. GitHub issue: [#11325]
Management Plugin
Bug Fixes:
- * After signing out of management UI, the page was not refreshed to reflect updated login (session) status. GitHub issue: [#11224]
Shovel Management Plugin
Bug Fixes:
- * `rabbitmqctl delete_shovel` is now more effective at deleting Shovels that cannot start (for example, because they cannot connect using the configured URIs) and repeatedly fail, get restarted, fail again, get restarted, and so on. GitHub issue: [#11324]
- * `fail_if_no_peer_cert`, a server-side TLS setting, was removed from Shovel URI examples. Erlang 26's TLS implementation will refuse to accept it as a client-side setting whereas previously it was quietly ignored. Contributed by @womblep.
GitHub issue: [#11318]
- Dependency Changes:
None in this release.
Source Code Archives:
- To obtain source code of the entire distribution, please download the archive named `rabbitmq-server-3.13.3.tar.xz` instead of the source tarball produced by GitHub.
Wildfly 32.0.1
BUG:
[WFLY-19305] - ClassCastException when running live-only HA policy in messaging-activemq subsystem
[WFLY-19326] - LinkageError: loader constraint violation for class io.netty.*
[WFLY-19355] - Deploying multiple OpenAPI endpoints can result in a NoSuchElementException
[WFLY-19366] - OpenTelemetryDependencyProcessor should add io.smallrye.opentelemetry to deployment classpath
TASK:
[WFLY-18217] - Add LICENSE and other community documents to widfly-archetypes
[WFLY-19341] - Make the testsuite/galleon tests appropriately scoped
COMPONENT UPGRADE:
[WFLY-19278] - Upgrade Infinispan to 14.0.28.Final
[WFLY-19279] - Upgrade JGroups to 5.2.25.Final
[WFLY-19353] - Upgrade RESTEasy to 6.2.9.Final
[WFLY-19364] - Upgrade WildFly Core to 24.0.1.Final