Possible component upgrades report - Wildfly Core
by thofman@redhat.com
Generated at 16:49:21 SGT 2019-11-17
Searched in following repositories:
* Central: https://repo1.maven.org/maven2/
* JBossPublic: https://repository.jboss.org/nexus/content/repositories/public/
Possible upgrades:
com.googlecode.javaewah:JavaEWAH:1.1.6 -> 1.1.7 (Central)
com.jcraft:jsch:0.1.54 -> 0.1.55 (Central)
com.jcraft:jzlib:1.1.1 -> 1.1.3 (Central)
io.undertow:undertow-core:2.0.27.Final -> 2.0.28.Final (Central)
org.apache.httpcomponents:httpclient:4.5.4 -> 4.5.10 (…
[View More]Central)
org.apache.httpcomponents:httpcore:4.4.5 -> 4.4.12 (Central)
org.eclipse.jgit:org.eclipse.jgit:5.0.2.201807311906-r -> 5.0.3.201809091024-r (Central)
org.jboss:jboss-vfs:3.2.14.Final -> 3.2.15.Final (Central)
org.jboss.modules:jboss-modules:1.9.1.Final -> 1.9.2.Final (Central)
org.jboss.slf4j:slf4j-jboss-logmanager:1.0.3.GA -> 1.0.4.GA (Central)
org.slf4j:jcl-over-slf4j:1.7.22.jbossorg-1 -> 1.7.29 (Central)
11 items
[View Less]
5 years, 4 months
Possible component upgrades report - Wildfly
by thofman@redhat.com
Generated at 01:48:15 SGT 2019-11-17
Searched in following repositories:
* Central: https://repo1.maven.org/maven2/
* JBossPublic: https://repository.jboss.org/nexus/content/repositories/public/
Possible upgrades:
com.google.code.gson:gson:2.8.2 -> 2.8.6 (Central)
com.squareup.okhttp3:okhttp:3.9.0 -> 3.9.1 (Central)
com.sun.faces:jsf-impl:2.3.9.SP04 -> 2.3.9.SP05 (JBossPublic)
com.sun.istack:istack-commons-runtime:3.0.7 -> 3.0.10 (Central)
com.sun.xml.bind.external:relaxng-…
[View More]datatype:2.3.1 -> 2.3.2 (Central)
com.sun.xml.fastinfoset:FastInfoset:1.2.13 -> 1.2.17 (Central)
io.netty:netty-all:4.1.42.Final -> 4.1.43.Final (Central)
io.opentracing.contrib:opentracing-interceptors:0.0.4 -> 0.0.5 (Central)
io.opentracing.contrib:opentracing-tracerresolver:0.1.5 -> 0.1.8 (Central)
io.reactivex.rxjava2:rxjava:2.2.2 -> 2.2.14 (Central)
io.smallrye:smallrye-config:1.3.6 -> 1.3.11 (Central)
io.smallrye:smallrye-opentracing:1.3.0 -> 1.3.2 (Central)
io.undertow.js:undertow-js:1.0.2.Final -> 1.0.3.Final (Central)
joda-time:joda-time:2.9.7 -> 2.9.9 (Central)
net.bytebuddy:byte-buddy:1.9.11 -> 1.9.16 (Central)
org.apache.activemq:activemq-artemis-native:1.0.0 -> 1.0.1 (Central)
org.apache.avro:avro:1.7.6 -> 1.7.7 (Central)
org.apache.cxf:cxf-core:3.3.3 -> 3.3.4 (Central)
org.apache.james:apache-mime4j:0.6 -> 0.6.1 (Central)
org.apache.myfaces.core:myfaces-api:2.3.1 -> 2.3.5 (Central)
org.apache.openjpa:openjpa-kernel:2.4.2 -> 2.4.3 (Central)
org.cryptacular:cryptacular:1.2.0 -> 1.2.3 (Central)
org.eclipse.microprofile.rest.client:microprofile-rest-client-api:1.3.2 -> 1.3.4 (Central)
org.eclipse.persistence:eclipselink:2.7.3 -> 2.7.5 (Central)
org.glassfish.jaxb:codemodel:2.3.1 -> 2.3.2-1 (Central)
org.jasypt:jasypt:1.9.2 -> 1.9.3 (Central)
org.jboss:jboss-ejb-client:4.0.23.Final -> 4.0.26.Final (Central)
org.jboss.activemq.artemis.integration:artemis-wildfly-integration:1.0.2 -> 1.0.2-wildfly-1 (JBossPublic)
org.jboss.arquillian.container:arquillian-container-test-spi:1.4.0.Final -> 1.4.1.Final (Central)
org.jboss.resteasy:jose-jwt:3.9.0.Final -> 3.9.1.Final (Central)
org.jboss.security:jbossxacml:2.0.8.Final -> 2.0.9.Final (JBossPublic)
org.jboss.spec.javax.faces:jboss-jsf-api_2.3_spec:3.0.0.Final -> 3.0.0.SP1 (Central)
org.jgroups:jgroups:4.1.6.Final -> 4.1.8.Final (Central)
org.opensaml:opensaml-core:3.3.0 -> 3.3.1 (Central)
org.reactivestreams:reactive-streams:1.0.2 -> 1.0.3 (Central)
xalan:serializer:2.7.1.jbossorg-4 -> 2.7.2 (Central)
36 items
[View Less]
5 years, 4 months
WildFly 18.0.1 is released
by Brian Stansberry
We've released WildFly 18.0.1.Final! Get it at
https://wildfly.org/downloads/.
Here's what's in it:
Release Notes - WildFly - Version 18.0.1.Final
** Component Upgrade
* [WFLY-12621] - Upgrade Hibernate ORM from 5.3.12 to 5.3.13
* [WFLY-12691] - Upgrade WildFly Core to 10.0.2.Final (Resolves
CVE-2019-9515 and CVE-2019-14838)
* [WFLY-12714] - [18.0.x] Upgrade Hibernate Validator to 6.0.18
(Resolves CVE-2019-10219)
* [WFLY-12717] - Upgrade beanutils from 1.93 to 1.94 (Resolves
…
[View More]CVE-2019-10086)
* [WFLY-12719] - [18.0.x] Upgrade JSF based on Mojarra 2.3.9.SP04
* [WFLY-12721] - [18.0.x] Upgrade commons-codec from 1.11 to 1.13
* [WFLY-12726] - [18.0.x] Update jackson-databind to 2.9.10.1 (Resolves
CVE-2019-16942 / CVE-2019-16943)
* [WFLY-12727] - Upgrade Netty to 4.1.42 (Resolves CVE-2019-16869)
* [WFLY-12767] - Upgrade jberet-core from 1.3.4.Final to 1.3.5.Final
* [WFLY-12784] - Upgrade WildFly Core 10.0.3.Final
* [WFLY-12788] - [18.0.x] Upgrade RESTEasy to 3.9.1.Final
** Bug
* [WFLY-12692] - [18.0.x] Exception with web.xml url-pattern
* [WFLY-12729] - [18.0.x] Session passivation event can deadlock if it
attempts write operations on a session
** Task
* [WFLY-12746] - Bump clustering testsuite surefire execution timeout
to 5400
Thanks, everyone, for your support of WildFly!
Best regards,
--
Brian Stansberry
Manager, Senior Principal Software Engineer
Red Hat
[View Less]
5 years, 4 months
JDK 14 - Early Access build 22 is available
by Rory O'Donnell
Hi David & Richard,
*OpenJDK builds - JDK 14 *- Early Access build 22 is available at
http://jdk.java.net/14/
These early-access, open-source builds are provided under the GNU
General Public License, version 2, with the Classpath Exception
<http://openjdk.java.net/legal/gplv2+ce.html>.
* Release notes
o https://jdk.java.net/14/release-notes
* JEPs targeted to JDK 14, so far:
* JEP 345: NUMA-Aware Memory Allocation for G1
<http://openjdk.…
[View More]java.net/jeps/345> was Targeted to JDK 14.
* JEP 349: JFR Event Streaming
<http://openjdk.java.net/jeps/349> was Integrated.
* JEP 361: Switch Expressions (Standard)
<http://openjdk.java.net/jeps/361> was Targeted to JDK 14.
* JEP 363: Remove the Concurrent Mark Sweep (CMS) Garbage
Collector <http://openjdk.java.net/jeps/363> was Targeted to JDK 14.
* JEP 364: ZGC on macOS <http://openjdk.java.net/jeps/364> was
Targeted to JDK 14.
* JEP 365: ZGC on Windows <http://openjdk.java.net/jeps/365> moved
to Candidate.
* JEP 366: Deprecate the ParallelScavenge + SerialOld GC
Combination <http://openjdk.java.net/jeps/366> was Proposed to
target JDK 14.
* JEP 367: Remove the Pack200 Tools and API
<http://openjdk.java.net/jeps/367> was Targeted to JDK 14.
* JEP 368: Text Blocks (Second Preview)
<http://openjdk.java.net/jeps/368> moved to Candidate.
* Changes in this build
<http://hg.openjdk.java.net/jdk/jdk/log?rev=reverse%28%22jdk-14%2B21%22%3A...>
*jpackage EA -* Build 14-jpackage+1-67 (2019/11/4)
* This is an early access build of JEP 343: Packaging Tool
<https://openjdk.java.net/jeps/343>, aimed at testing a prototype
implementation of jpackage, which is a new tool for packaging
self-contained Java applications along with a Java Runtime Environment.
* These early-access builds are provided under the GNU General Public
License, version 2, with the Classpath Exception
<http://openjdk.java.net/legal/gplv2+ce.html>
* Build 14 is now available http://jdk.java.net/jpackage/
* Please send feedback via e-mail to core-libs-dev(a)openjdk.java.net
<mailto:core-libs-dev@openjdk.java.net>
--
Rgds, Rory O'Donnell
Quality Engineering Manager
Oracle EMEA, Dublin, Ireland
[View Less]
5 years, 4 months
Fixes for WildFly 18.0.1.Final
by Brian Stansberry
Hi everyone,
If any or the component leads for the components in the WFLY and WFCORE
JIRA projects[1] have ready-to-go fixes that they want to see in a WildFly
18.0.1 that aren't already merged, please reply with details, preferably
including a JIRA link.
Recently for each WildFly major we've been doing a micro release in the
first few weeks to a month or so after the major release. We released
WildFly 18 in early October so now I'd like to do an 18.0.1 next week.
Over the last month as …
[View More]critical bug fixes have come into master I've made
an effort to ping the relevant component leads to see if the fix is also a
good fit for 18.0.1. From that we've got a pretty good payload[2], enough
to justify the release. But if there are things I've missed I'd like to
hear from the leads.
Some guidelines:
* We want things that are very SAFE. The point of a micro is to fix
problems so we don't want to introduce problems.
* We want things already in master or that can be ready by late Monday.
* Generally we only want things that resolve problems of Critical or
Blocker JIRA priority. (Other fixes that come in via a component upgrade to
fix the Critical/Blocker are ok.)
* If we upgraded a component and that upgrade fixes a CVE that was in the
old version, that's ok, even if it wasn't Critical/Blocker priority. So
long as the upgrade is SAFE.
[1]
https://issues.jboss.org/projects/WFLY?selectedItem=com.atlassian.jira.ji...
and
https://issues.jboss.org/projects/WFCORE?selectedItem=com.atlassian.jira....
[2] https://issues.jboss.org/projects/WFLY/versions/12343077 and
https://issues.jboss.org/projects/WFCORE/versions/12343078
Best regards,
Brian
[View Less]
5 years, 4 months
Possible component upgrades report - Wildfly
by thofman@redhat.com
Generated at 01:48:23 SGT 2019-11-10
Searched in following repositories:
* Central: https://repo1.maven.org/maven2/
* JBossPublic: https://repository.jboss.org/nexus/content/repositories/public/
Possible upgrades:
com.google.code.gson:gson:2.8.2 -> 2.8.6 (Central)
com.squareup.okhttp3:okhttp:3.9.0 -> 3.9.1 (Central)
com.sun.istack:istack-commons-runtime:3.0.7 -> 3.0.10 (Central)
com.sun.xml.bind.external:relaxng-datatype:2.3.1 -> 2.3.2 (Central)
com.sun.xml.fastinfoset:…
[View More]FastInfoset:1.2.13 -> 1.2.17 (Central)
io.netty:netty-all:4.1.42.Final -> 4.1.43.Final (Central)
io.opentracing.contrib:opentracing-interceptors:0.0.4 -> 0.0.5 (Central)
io.opentracing.contrib:opentracing-tracerresolver:0.1.5 -> 0.1.8 (Central)
io.reactivex.rxjava2:rxjava:2.2.2 -> 2.2.14 (Central)
io.smallrye:smallrye-config:1.3.6 -> 1.3.11 (Central)
io.smallrye:smallrye-opentracing:1.3.0 -> 1.3.2 (Central)
io.undertow.js:undertow-js:1.0.2.Final -> 1.0.3.Final (Central)
joda-time:joda-time:2.9.7 -> 2.9.9 (Central)
net.bytebuddy:byte-buddy:1.9.11 -> 1.9.16 (Central)
org.apache.activemq:activemq-artemis-native:1.0.0 -> 1.0.1 (Central)
org.apache.avro:avro:1.7.6 -> 1.7.7 (Central)
org.apache.cxf:cxf-core:3.3.3 -> 3.3.4 (Central)
org.apache.james:apache-mime4j:0.6 -> 0.6.1 (Central)
org.apache.myfaces.core:myfaces-api:2.3.1 -> 2.3.5 (Central)
org.apache.openjpa:openjpa-kernel:2.4.2 -> 2.4.3 (Central)
org.cryptacular:cryptacular:1.2.0 -> 1.2.3 (Central)
org.eclipse.microprofile.rest.client:microprofile-rest-client-api:1.3.2 -> 1.3.4 (Central)
org.eclipse.persistence:eclipselink:2.7.3 -> 2.7.5 (Central)
org.glassfish.jaxb:codemodel:2.3.1 -> 2.3.2-1 (Central)
org.hibernate:hibernate-core:5.3.13.Final -> 5.3.14.Final (Central)
org.jasypt:jasypt:1.9.2 -> 1.9.3 (Central)
org.jboss:jboss-ejb-client:4.0.23.Final -> 4.0.25.Final (Central)
org.jboss.activemq.artemis.integration:artemis-wildfly-integration:1.0.2 -> 1.0.2-wildfly-1 (JBossPublic)
org.jboss.arquillian.container:arquillian-container-test-spi:1.4.0.Final -> 1.4.1.Final (Central)
org.jboss.ironjacamar:ironjacamar-common-api:1.4.18.Final -> 1.4.19.Final (Central)
org.jboss.security:jbossxacml:2.0.8.Final -> 2.0.9.Final (JBossPublic)
org.jgroups:jgroups:4.1.6.Final -> 4.1.7.Final (Central)
org.opensaml:opensaml-core:3.3.0 -> 3.3.1 (Central)
org.reactivestreams:reactive-streams:1.0.2 -> 1.0.3 (Central)
xalan:serializer:2.7.1.jbossorg-4 -> 2.7.2 (Central)
35 items
[View Less]
5 years, 4 months
