Stay Informed

This week, read about:

Security Based Updates

Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:

We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!

OpenLogic AngularJS 1.6.15 and 1.8.8 released
Bug Fixes:

  • ng-srcset: Addresses a Content Spoofing vulnerability and failure to sanitise image URLs set by the $compileProvider.imgSrcSanitizationWhitelist(). 
    • This patch addresses the CVE-2024-8372 vulnerability, where users could bypass image source restrictions using ng-prop-srcset (1.8.8 only) and ng-attr-srcset Angular attributes. 
    • This patch addresses the CVE-2024-8373 vulnerability, where users could bypass image source restrictions in picture>source elements using the [srcset] attribute. 
      Notes: The <picture> HTML element and the srcset attribute are not supported by IE, unless polyfill  is used.

Non-Security Based Updates

Angular 18.2.9
compiler-cli:

  • [fix - b0ab653965] | report when NgModule imports or exports itself (#58231) |

Gitlab v17.3.6
Security (2 changes):

  • [Fixed HTML injection in Global Search bug](https://gitlab.com/gitlab-org/security/gitlab/-/commit/96159ab6cd9af8fc0ceadaf7568c8aaf079a8542) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4506))
  • [Limit max size of manifest file upload](https://gitlab.com/gitlab-org/security/gitlab/-/commit/85bf29446c0423ba04339bc95ba546948b91e12e) ([merge request](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4531))

Jenkins 2.482
New features and improvements:

  • Use standard dropdowns for combobox (#9462) @timja
  • Refine content and appearance of the project 'Configure' screen  (#9734) @janfaracik

Bug fixes:

  • [JENKINS-30101] - [JENKINS-30175] - Simplify persistence design for temporarily offline status (#9855) @Vlatombe

Keycloak 26.0.2
Upgrading:

  • Before upgrading refer to the migration guide for a complete list of changes. All resolved issues

Enhancements:

  • #32110 [Documentation] - Configuring trusted certificates - Fully specify truststore path dist/quarkus

Bugs:

  • #15635 oidc - JavaScript-Adapter LocalStorage#clearExpired does not clear all possible items adapter/javascript
  • #19101 Uncaught (in promise): QuotaExceededError adapter/javascript
  • #20287 When using `oidcProvider`  config url  (.well-known) it's not possible to use `silentCheckSsoRedirectUri` adapter/javascript
  • #28978 some GUI validation check missing admin/ui
  • #30832 Organization API not available from OpenAPI documentation admin/api
  • #31724 Logout not working after removing Identity Provider of user identity-brokering
  • #33072 Passkeys: Infinite (re-)loading loop on browsers with WebAuthn Conditional UI disabled authentication/webauthn
  • #33844 Wrong documentation link in keycloak-js readme docs
  • #33902 Not persisted config settings prevent server start dist/quarkus
  • #33948 [PERF] OpenTelemetry is initialized even when disabled
  • #33968 Not possible to close dialog boxes when clicking buttons or the close icon admin/ui
  • #33991 Doc CI - broken links error docs
  • #34009 grammatical error in "Managing Organizations" documentation docs
  • #34015 Home URL for security-admin-console is broken admin/ui
  • #34028 Custom keycloak login theme styles.css return error 404 login/ui
  • #34049 Org Invite: `linkExpiration` template variable represents 54 years in minutes organizations
  • #34063 Respect the locale set to a user when redering verify email pages user-profile
  • #34069 Do not show domain match message in the identity-first login when no login hint is provided organizations
  • #34075 Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled ci
  • #34095 Keycloak 26.0.0/26.0.1 Import Issue: Multiple Realms Not Imported, Duplicated Realm Imported Instead import-export
  • #34151 JS password validation doesn't work as intended with uppercase and lowercase minimum requirements login/ui
  • #34155 cli options starting or ending with ; or containing ;; mangle the cli handling dist/quarkus
  • #34224 Deleting a user leads to ISPN marshalling exception

Kubernetes v1.31.2
Changes by Kind
Feature:

  • Kubernetes is now built with go 1.22.7 (#127600, @haitch) [SIG Release and Testing]
  • Kubernetes is now built with go 1.22.8 (#128132, @haitch) [SIG Release and Testing]

Bug or Regression:

  • Fix a bug on the endpoints controller that does not reconcile the Endpoint object after this is truncated (it gets more than 1000 endpoints addresses) (#127417, @aojea) [SIG Apps, Network and Testing]
  • Fixes a 1.31 regression with API emulation versioning honors cohabitating resources (#127328, @xuzhenglun) [SIG API Machinery]
  • Fixes a kubelet and kube-apiserver memory leak in default 1.29 configurations related to tracing. (#126983, @dashpole) [SIG API Machinery and Node]
  • Fixes a regression introduced in 1.29 where conntrack entries for UDP connections to deleted pods did not get cleaned up correctly, which could (among other things) cause DNS problems when DNS pods were restarted. (#127806, @danwinship) [SIG Network]
  • Kubeadm: ensure that Pods from the upgrade preflight check `CreateJob` are properly terminated after a timeout. (#127347, @yuyabee) [SIG Cluster Lifecycle]
  • Kubeadm: fix wrong member list reported when removing an etcd member (#127960, @SataQiu) [SIG Cluster Lifecycle]
  • Kubeadm: when adding new control plane nodes with "kubeamd join", ensure that the etcd member addition is performed only if a given member URL does not already exist in the list of members. Similarly, on "kubeadm reset" only remove an etcd member if its ID exists. (#127619, @SataQiu) [SIG Cluster Lifecycle]

Other (Cleanup or Flake):

  • Kubeadm: removed `socat` and `ebtables` from kubeadm preflight checks (#127413, @saschagrunert) [SIG Cluster Lifecycle]

Kubernetes v1.30.6
Changes by Kind
Feature:

  • Kubernetes is now built with go 1.22.7 (#127603, @haitch) [SIG Release and Testing]
  • Kubernetes is now built with go 1.22.8 (#128131, @haitch) [SIG Release and Testing]

Bug or Regression:

  • Ensure daemonset controller to count old unhealthy pods towards max unavailable budget (#127774, @ncdc) [SIG Apps]
  • Fix a bug on the endpoints controller that does not reconcile the Endpoint object after this is truncated (it gets more than 1000 endpoints addresses) (#127417, @aojea) [SIG Apps, Network and Testing]
  • Fixes a kubelet and kube-apiserver memory leak in default 1.29 configurations related to tracing. (#126984, @dashpole) [SIG API Machinery and Node]
  • Fixes a regression introduced in 1.29 where conntrack entries for UDP connections to deleted pods did not get cleaned up correctly, which could (among other things) cause DNS problems when DNS pods were restarted. (#127807, @danwinship) [SIG Network]
  • Kubeadm: ensure that Pods from the upgrade preflight check `CreateJob` are properly terminated after a timeout. (#127346, @yuyabee) [SIG Cluster Lifecycle]
  • Kubeadm: fix wrong member list reported when removing an etcd member (#127961, @SataQiu) [SIG Cluster Lifecycle]
  • Kubeadm: when adding new control plane nodes with "kubeamd join", ensure that the etcd member addition is performed only if a given member URL does not already exist in the list of members. Similarly, on "kubeadm reset" only remove an etcd member if its ID exists. (#127620, @SataQiu) [SIG Cluster Lifecycle]

Nodejs v23.1.0
Notable Changes:

  •  `Buffer` now work with resizable `ArrayBuffer`
  • When a `Buffer` is created using a resizable `ArrayBuffer`, the `Buffer` length will now correctly change as the underlying `ArrayBuffer` size is changed.

```js

const ab = new ArrayBuffer(10, { maxByteLength: 20 });

const buffer = Buffer.from(ab);

console.log(buffer.byteLength); 10

ab.resize(15);

console.log(buffer.byteLength); 15

ab.resize(5);

console.log(buffer.byteLength); 5

```

Contributed by James M Snell in [#55377]

`MockTimers` test runner API is now stable

  • `MockTimers`, introduced in April 2023, has just reached **stable status**. This API provides comprehensive support for mocking `Date` and all major timers in Node.js, including `setTimeout`, `setInterval`, and `setImmediate`, both from the `node:timers`, `node:timers/promises` modules and global objects. After months of refinement, developers can now fully rely on `MockTimers` for testing time-based operations with confidence, ensuring better control over asynchronous behavior in their Node.js applications. Example usage with initial `Date` object as time set:

```mjs

import { mock } from 'node:test';

mock.timers.enable({ apis: ['Date'], now: new Date('1970-01-01') });

```

Contributed by Erick Wendel in [#55398]

  • JSON modules and import attributes are now stable
  • The two proposals reached stage 4 of the TC39 process, at the October 2024 meeting. The Node.js implementation already matches exactly the semantics required by the proposals.

PHP 8.3.13
Calendar:

  • Fixed GH-16240: jdtounix overflow on argument value.
  • Fixed GH-16241: easter_days/easter_date overflow on year argument.
  • Fixed GH-16263: jddayofweek overflow.
  • Fixed GH-16234: jewishtojd overflow.

CLI:

  • Fixed bug GH-16137: duplicate http headers when set several times by the client.

Core:

  • Fixed bug GH-16054 (Segmentation fault when resizing hash table iterator list while adding).
  • Fixed bug GH-15905 (Assertion failure for TRACK_VARS_SERVER).
  • Fixed bug GH-15907 (Failed assertion when promoting Serialize deprecation to exception).
  • Fixed bug GH-15851 (Segfault when printing backtrace during cleanup of nested generator frame).
  • Fixed bug GH-15866 (Core dumped in Zend/zend_generators.c).
  • Fixed bug GH-16188 (Assertion failure in Zend/zend_exceptions.c).
  • Fixed bug GH-16233 (Observer segfault when calling user function in internal function via trampoline).

DOM:

  • Fixed bug GH-16039 (Segmentation fault (access null pointer) in ext/dom/parentnode/tree.c).
  • Fixed bug GH-16149 (Null pointer dereference in DOMElement->getAttributeNames()).
  • Fixed bug GH-16151 (Assertion failure in ext/dom/parentnode/tree.c).
  • Fixed bug GH-16150 (Use after free in php_dom.c).
  • Fixed bug GH-16152 (Memory leak in DOMProcessingInstruction/DOMDocument).

JSON:

  • Fixed bug GH-15168 (stack overflow in json_encode()).

GD:

  • Fixed bug GH-16232 (bitshift overflow on wbmp file content reading / fix backport from upstream).
  • Fixed bug GH-12264 (overflow/underflow on imagerotate degrees value) (David Carlier)
  • Fixed bug GH-16274 (imagescale underflow on RBG channels / fix backport from upstream).

LDAP:

  • Fixed bug GH-16032 (Various NULL pointer dereferencements in ldap_modify_batch()).
  • Fixed bug GH-16101 (Segfault in ldap_list(), ldap_read(), and ldap_search() when LDAPs array is not a list).
  • Fix GH-16132 (php_ldap_do_modify() attempts to free pointer not allocated by ZMM.).
  • Fix GH-16136 (Memory leak in php_ldap_do_modify() when entry is not a proper dictionary).

MBString:

  • Fixed bug GH-16261 (Reference invariant broken in mb_convert_variables()).

OpenSSL:

  • Fixed stub for openssl_csr_new.

PCRE:

  • Fixed bug GH-16189 (underflow on offset argument).
  • Fixed bug GH-16184 (UBSan address overflowed in ext/pcre/php_pcre.c).

PHPDBG:

  • Fixed bug GH-15901 (phpdbg: Assertion failure on i funcs).
  • Fixed bug GH-16181 (phpdbg: exit in exception handler reports fatal error).

Reflection:

  • Fixed bug GH-16187 (Assertion failure in ext/reflection/php_reflection.c).

SAPI:

  • Fixed bug GH-15395 (php-fpm: zend_mm_heap corrupted with cgi-fcgi request).

SimpleXML:

  • Fixed bug GH-15837 (Segmentation fault in ext/simplexml/simplexml.c).

Sockets:

  • Fixed bug GH-16267 (socket_strerror overflow on errno argument).

SOAP:

  • Fixed bug #73182 (PHP SOAPClient does not support stream context HTTP headers in array form).
  • Fixed bug #62900 (Wrong namespace on xsd import error message).
  • Fixed bug GH-15711 (SoapClient can't convert BackedEnum to scalar value).
  • Fixed bug GH-16237 (Segmentation fault when cloning SoapServer).
  • Fix Soap leaking http_msg on error.
  • Fixed bug GH-16256 (Assertion failure in ext/soap/php_encoding.c:460).
  • Fixed bug GH-16259 (Soap segfault when classmap instantiation fails).

SPL:

  • Fixed bug GH-15918 (Assertion failure in ext/spl/spl_fixedarray.c).
  • Standard::
  • Fixed bug GH-16053 (Assertion failure in Zend/zend_hash.c).
  • Fixed bug GH-15169 (stack overflow when var serialization in ext/standard/var).

Streams:

  • Fixed bugs GH-15908 and GH-15026 (leak / assertion failure in streams.c).
  • Fixed bug GH-15980 (Signed integer overflow in main/streams/streams.c).

TSRM:

  • Prevent closing of unrelated handles.

Windows:

  • Fixed minimal Windows version.

PHP 8.2.25
Calendar:

  • Fixed GH-16240: jdtounix overflow on argument value.
  • Fixed GH-16241: easter_days/easter_date overflow on year argument.
  • Fixed GH-16263: jddayofweek overflow.
  • Fixed GH-16234: jewishtojd overflow.

CLI:

  • Fixed bug GH-16137: duplicate http headers when set several times by the client.

Core:

  • Fixed bug GH-15712: zend_strtod overflow with precision INI set on large value.
  • Fixed bug GH-15905 (Assertion failure for TRACK_VARS_SERVER).
  • Fixed bug GH-15907 (Failed assertion when promoting Serialize deprecation to exception).
  • Fixed bug GH-15851 (Segfault when printing backtrace during cleanup of nested generator frame).
  • Fixed bug GH-15866 (Core dumped in Zend/zend_generators.c).
  • Fixed bug GH-16188 (Assertion failure in Zend/zend_exceptions.c).
  • Fixed bug GH-16233 (Observer segfault when calling user function in internal function via trampoline).

Date:

  • Fixed bug GH-15582: Crash when not calling parent constructor of DateTimeZone.
  • Fixed regression where signs after the first one were ignored while parsing a signed integer, with the DateTimeInterface::modify() function.

DOM:

  • Fixed bug GH-16039 (Segmentation fault (access null pointer) in ext/dom/parentnode/tree.c).
  • Fixed bug GH-16151 (Assertion failure in ext/dom/parentnode/tree.c).

GD:

  • Fixed bug GH-16232 (bitshift overflow on wbmp file content reading / fix backport from upstream).
  • Fixed bug GH-12264 (overflow/underflow on imagerotate degrees value) (David Carlier)
  • Fixed bug GH-16274 (imagescale underflow on RBG channels / fix backport from upstream).

LDAP:

  • Fixed bug GH-16032 (Various NULL pointer dereferencements in ldap_modify_batch()).
  • Fixed bug GH-16101 (Segfault in ldap_list(), ldap_read(), and ldap_search() when LDAPs array is not a list).
  • Fix GH-16132 (php_ldap_do_modify() attempts to free pointer not allocated by ZMM.).
  • Fix GH-16136 (Memory leak in php_ldap_do_modify() when entry is not a proper dictionary).

MBString:

  • Fixed bug GH-16261 (Reference invariant broken in mb_convert_variables()).

OpenSSL:

  • Fixed stub for openssl_csr_new.

PCRE:

  • Fixed bug GH-16189 (underflow on offset argument).
  • Fixed bug GH-16184 (UBSan address overflowed in ext/pcre/php_pcre.c).

PHPDBG:

  • Fixed bug GH-15901 (phpdbg: Assertion failure on i funcs).
  • Fixed bug GH-16181 (phpdbg: exit in exception handler reports fatal error).

Reflection:

  • Fixed bug GH-16187 (Assertion failure in ext/reflection/php_reflection.c).

SAPI:

  • Fixed bug GH-15395 (php-fpm: zend_mm_heap corrupted with cgi-fcgi request).

SimpleXML:

  • Fixed bug GH-15837 (Segmentation fault in ext/simplexml/simplexml.c).

Sockets:

  • Fixed bug GH-16267 (socket_strerror overflow on errno argument).

SOAP:

  • Fixed bug #62900 (Wrong namespace on xsd import error message).
  • Fixed bug GH-16237 (Segmentation fault when cloning SoapServer).
  • Fix Soap leaking http_msg on error.
  • Fixed bug GH-16256 (Assertion failure in ext/soap/php_encoding.c:460).
  • Fixed bug GH-16259 (Soap segfault when classmap instantiation fails).

Standard:

  • Fixed bug GH-15613 (overflow on unpack call hex string repeater).
  • Fixed bug GH-15937 (overflow on stream timeout option value).
  • Fixed bug GH-16053 (Assertion failure in Zend/zend_hash.c).

Streams:

  • Fixed bugs GH-15908 and GH-15026 (leak / assertion failure in streams.c).
  • Fixed bug GH-15980 (Signed integer overflow in main/streams/streams.c).

TSRM:

  • Prevent closing of unrelated handles.

XML:

  • Fixed bug GH-15868 (Assertion failure in xml_parse_into_struct after exception).

Prometheus v2.55.0

  • [FEATURE] PromQL: Add experimental `info` function. #14495
  • [FEATURE] Support UTF-8 characters in label names - feature flag `utf8-names`. #14482, #14880, #14736, #14727
  • [FEATURE] Scraping: Add the ability to set custom `http_headers` in config. #14817
  • [FEATURE] Scraping: Support feature flag `created-timestamp-zero-ingestion` in OpenMetrics. #14356, #14815
  • [FEATURE] Scraping: `scrape_failure_log_file` option to log failures to a file. #14734
  • [FEATURE] OTLP receiver: Optional promotion of resource attributes to series labels. #14200
  • [FEATURE] Remote-Write: Support Google Cloud Monitoring authorization. #14346
  • [FEATURE] Promtool: `tsdb create-blocks` new option to add labels. #14403
  • [FEATURE] Promtool: `promtool test` adds `--junit` flag to format results. #14506
  • [FEATURE] TSDB: Add `delayed-compaction` feature flag, for people running many Prometheus to randomize timing. #12532
  • [ENHANCEMENT] OTLP receiver: Warn on exponential histograms with zero count and non-zero sum. #14706
  • [ENHANCEMENT] OTLP receiver: Interrupt translation on context cancellation/timeout. #14612
  • [ENHANCEMENT] Remote Read client: Enable streaming remote read if the server supports it. #11379
  • [ENHANCEMENT] Remote-Write: Don't reshard if we haven't successfully sent a sample since last update. #14450
  • [ENHANCEMENT] PromQL: Delay deletion of `__name__` label to the end of the query evaluation. This is **experimental** and enabled under the feature-flag `promql-delayed-name-removal`. #14477
  • [ENHANCEMENT] PromQL: Experimental `sort_by_label` and `sort_by_label_desc` sort by all labels when label is equal. #14655, #14985
  • [ENHANCEMENT] PromQL: Clarify error message logged when Go runtime panic occurs during query evaluation. #14621
  • [ENHANCEMENT] PromQL: Use Kahan summation for better accuracy in `avg` and `avg_over_time`. #14413
  • [ENHANCEMENT] Tracing: Improve PromQL tracing, including showing the operation performed for aggregates, operators, and calls. #14816
  • [ENHANCEMENT] API: Support multiple listening addresses. #14665
  • [ENHANCEMENT] TSDB: Backward compatibility with upcoming index v3. #14934
  • [PERF] TSDB: Query in-order and out-of-order series together. #14354, #14693, #14714, #14831, #14874, #14948, #15120
  • [PERF] TSDB: Streamline reading of overlapping out-of-order head chunks. #14729
  • [BUGFIX] PromQL: make sort_by_label stable. #14985
  • [BUGFIX] SD: Fix dropping targets (with feature flag `new-service-discovery-manager`). #13147
  • [BUGFIX] SD: Stop storing stale targets (with feature flag `new-service-discovery-manager`). #13622
  • [BUGFIX] Scraping: exemplars could be dropped in protobuf scraping. #14810
  • [BUGFIX] Remote-Write: fix metadata sending for experimental Remote-Write V2. #14766
  • [BUGFIX] Remote-Write: Return 4xx not 5xx when timeseries has duplicate label. #14716

[BUGFIX] Experimental Native Histograms: many fixes for incorrect results, panics, warnings. #14513, #14575, #14598, #14609, #14611, #14771, #14821

[BUGFIX] TSDB: Only count unknown record types in `record_decode_failures_total` metric. #14042

Spring-boot v3.3.5
Bug Fixes:

  • Running mvn spring-boot:run with classpaths that exceeds Windows' length limits leaves temporary files [#42841]
  • Report produced by ConditionReportApplicationContextFailureProcessor is always empty in a failed test [#42785]
  • Case-insensitive comparisons may be adversely affected by the user's locale [#42735]
  • DataSourceProperties#driverClassIsLoadable should not print a stacktrace to the error stream when it fails [#42683]
  • Some `@ControllerEndpoint` and `@RestControllerEndpoint` infrastructure remains undeprecated [#42498]
  • Auto-configuration for Rabbit Streams doesn't consider RabbitConnectionDetails [#42490]
  • ClassNotFoundException is thrown when loading protocol resolvers from ForkJoinPool task [#42468]
  • ActiveMQ Artemis Connection Factory creation fails in native image [#42421]
  • Duplicate meter binding when context contains multiple registries, none are primary, and one or more is a composite [#42397]

Documentation:

  • Document that embedded Tomcat must be at least 10.1.25 [#42849]
  • Fix systemd example configuration [#42805]
  • Document that the exact behavior of the maximum HTTP request header size property is server-specific [#42789]
  • Clarify why `@Primary` is recommended when defining your own ObjectMapper that replaces JacksonAutoConfiguration's [#42787]
  • Polish javadoc for Binder#bindOrCreate(String, Class) [#42778]
  • Document that Tomcat's maxQueueCapacity need to be greater than 0 [#42726]
  • Remove stale link to jar-to-war getting started guide [#42723]
  • Fix typos and formatting errors in documentation [#42718]
  • Fix case used for examples in "Sanitize Sensitive Values" [#42702]
  • Fix Regex javadoc links [#42685]
  • Document how Map properties are bound from environment variables [#42672]
  • Improve classpath index documentation for reproducible builds [#42643]
  • Remove links to Spring Data GemFire [#42596]
  • Order alphabetically the sections in Common Application Properties [#42520]
  • Improve the javadoc describing when `@ConditionalOn`(Missing)Bean will infer the type to match [#42505]
  • Document how to handle MANIFEST.MF in native image with Maven [#42476]
  • Fix links to Micrometer reference doc [#42467]
  • Polish documentation [#42454]
  • Add Javadoc since for PrometheusScrapeEndpoint(PrometheusRegistry, Properties) [#42406]
  • Remove note about graceful shutdown with Tomcat requiring 9.0.33 or later as we now require 10.1.x [#42382]
  • Document support for Java 23 [#42380]
  • Improve documentation for CycloneDX integration [#41506]

Spring-boot v3.2.11
Bug Fixes:

  • Case-insensitive comparisons may be adversely affected by the user's locale [#42719]
  • DataSourceProperties#driverClassIsLoadable should not print a stacktrace to the error stream when it fails [#42681]
  • Auto-configuration for Rabbit Streams doesn't consider RabbitConnectionDetails [#42489]
  • ActiveMQ Artemis Connection Factory creation fails in native image [#42414]
  • Duplicate meter binding when context contains multiple registries, none are primary, and one or more is a composite [#42396]
  • Report produced by ConditionReportApplicationContextFailureProcessor is always empty in a failed test [#42185]

Documentation:

  • Fix systemd example configuration [#42795]
  • Polish javadoc for Binder#bindOrCreate(String, Class) [#42777]
  • Remove stale link to jar-to-war getting started guide [#42691]
  • Fix Regex javadoc links [#42645]
  • Clarify why `@Primary` is recommended when defining your own ObjectMapper that replaces JacksonAutoConfiguration's [#42598]
  • Remove links to Spring Data GemFire [#42575]
  • Improve the javadoc describing when `@ConditionalOn`(Missing)Bean will infer the type to match [#42504]
  • Polish documentation [#42445]
  • Document how to handle MANIFEST.MF in native image with Maven [#42412]
  • Document support for Java 23 [#42374]
  • Remove note about graceful shutdown with Tomcat requiring 9.0.33 or later as we now require 10.1.x [#42373]
  • Improve classpath index documentation for reproducible builds [#41265]
  • Document how Map properties are bound from environment variables [#40936]
  • Document that the exact behavior of the maximum HTTP request header size property is server-specific [#40798]

View all OpenUpdate editions >