OpenUpdate Premium Edition sample

OpenUpdate newsletters are delivered to your inbox with information from the free and open source software (FOSS) world: current news, a summary of the latest security updates for the top mission-critical packages used by enterprises, support stories, and expert interviews.

Here’s an example of a recent newsletter.

Around FOSS

Security, maintenance, and features releases

Security based updates

ICS BIND 9.10.4-P3 and 9.9.9-P3

9.10.4-P3

It was possible to trigger a assertion when rendering a message using a specially crafted request. This flaw is disclosed in CVE-2016-2776. [RT #43139]

getrrsetbyname with a non absolute name could trigger an infinite recursion bug in lwresd and named with lwres configured if when combined with a search list entry the resulting name is too long. This flaw is disclosed in CVE-2016-2775. [RT #42694]

ECS clients with the option set to 0.0.0.0/0/0 or ::/0/0 where incorrectly getting a FORMERR response.

Windows installs were failing due to triggering UAC without the installation binary being signed.

 

9.9.9-P3

It was possible to trigger a assertion when rendering a message using a specially crafted request. This flaw is disclosed in CVE-2016-2776. [RT #43139]

getrrsetbyname with a non absolute name could trigger an infinite recursion bug in lwresd and named with lwres configured if when combined with a search list entry the resulting name is too long. This flaw is disclosed in CVE-2016-2775. [RT #42694]

Windows installs were failing due to triggering UAC without the installation binary being signed.

A race condition in rbt/rbtdb was leading to INSISTs being triggered.

Non-security based updates

ActiveMQ 5.14.1

[AMQ-6067] - OutOfMemoryError when expiring big amount of topic messages

[AMQ-6387] - Messages delivered to durable subscriber are kept in broker

[AMQ-6400] - OriginalDestinationPropagateStrategy fails if original JMSmessage is not from ActiveMQ

[AMQ-6402] - activemq-camel - Potential NPE in OriginalDestinationPropagateStrategy

 

Apache Cassandra 3.9

Fix value skipping with counter columns (CASSANDRA-11726)

Fix nodetool tablestats miss SSTable count (CASSANDRA-12205)

Fixed flacky SSTablesIteratedTest (CASSANDRA-12282)

Fixed flacky SSTableRewriterTest: check file counts before calling validateCFS (CASSANDRA-12348)

 

Jenkins 2.24

Show notification with popup on most pages when administrative monitors are active. (issue 38391)

Allow disabling/enabling administrative monitors on Configure Jenkins form. (issue 38301)

Ensure exception stacktrace is shown when there's a FormException. (pull 2555)

Add new jenkins.model.Jenkins.slaveAgentPortEnforce system property, which prevents slave agent port modification via Jenkins Web UI and form submissions. (PR #2545)

 

PostgreSQL 9.6

Parallel execution of sequential scans, joins and aggregates

Avoid scanning pages unnecessarily during vacuum freeze operations

Synchronous replication now allows multiple standby servers for increased reliability

Full-text search can now search for phrases (multiple adjacent words)

Support story: ActiveMQ and Amazon’s new EFS

This week, a customer in the managed services vertical reached out to us with an interesting problem with ActiveMQ on Amazon’s new EFS file sharing platform. EFS is effectively a NFSv4.1 client strapped in front of Amazon’s existing storage.

The much sought-after feature, however, lists an obscenely high number as the free disk space on the image, several exabytes in size. This number is too large for a lot of Java applications, including ActiveMQ, to adequately interpret. The number overflows and shows itself as a large negative number. In the case of ActiveMQ, this results in a warning message on boot that the free disk space is too low for ActiveMQ to persist messages.

Unfortunately, this is an error that goes all the way to the JDK, so the ActiveMQ community will be challenged to try and fix it. It is, however, benign and should not interrupt ActiveMQ’s broker operations.

Technical support

If you have questions about these updates and you have an active technical support contract, please call 1-866-399-6736 or email us at support@openlogic.com.

OSS support

Get support for MySQL, Subversion, Apache, Ruby, and hundreds of other open source packages. Request a quote.