2.1.11

Security

• [APPS-1446], [APPS-1447] - Path Traversal in org.springframework:spring-webmvc.

Improvements

• [APPS-1461] - Update dependency versions.
• [APPS-1460] - Upgrade Gradle Wrapper to 8.12.

2.1.10

Security

• [APPS-1415], [APPS-1427] - Time-of-check Time-of-use (TOCTOU) Race Condition in org.apache.tomcat.embed:tomcat-embed-core.

2.1.9

Improvements

• [APPS-1391] Update dependency versions.

Security

• [APPS-1379] - Fix org.apache.tomcat.embed:tomcat-embed-core Uncaught Exception.
• [APPS-1380], [APPS-1381] - Fix org.springframework:spring-webmvc Path Traversal.

2.1.8

Security

• [APPS-1290] - Fix org.bouncycastle:bcprov-jdk18on Infinite loop vulnerability.
• [APPS-1291] - Fix org.apache.tomcat.embed:tomcat-embed-core Insufficient Session Expiration.

2.1.7

Security

• [APPS-1135] - (REST) Fix Denial of Service (DoS) - CVE-2023-1370
• [APPS-1168] - (REST) Fix Open Redirect - CVE-2024-22243
• [APPS-1170] - (REST) Fix Open Redirect - CVE-2024-22259
• [APPS-1171] - (REST) Fix Denial of Service (DoS) - CVE-2024-23672
• [APPS-1172] - (REST) Fix Denial of Service (DoS) - CVE-2024-24549

2.1.6

Security

• [APPS-1108] - Address various vulnerabilities.

2.1.5

Bug Fixes

• [APPS-886] - Swagger API documentation does not display acceptable values for model 'type' fields.
• [APPS-887] - Swagger API documentation does not correctly display the required fields for Operation models.
• [APPS-941] - Fix http2 rapid-reset vulnerability CVE-2023-44487.

2.1.4

Improvements

• [APPS-882] - Clarify how to provide GeoJSON bin types in the documentation.

Bug Fixes

• [APPS-884] - GeoJSON bins are inserted as Aerospike Maps.

2.1.3

Improvements

• [APPS-866] - Upgrade to aerospike-java-client version 7.1.0.

2.1.2

Bug Fixes

• [APPS-833] - Upgrade to aerospike-java-client version 7 (addresses CVE-2023-36480).