Quarkus 1.0.1.Final released - Important security fix
We just released 1.0.1.Final to fix an important security issue introduced in CR2 and still present in 1.0.0.Final.
Please upgrade to this version as soon as possible if you are using our security layer.
What’s new?
Security issue fix
If you are using our security annotations (e.g. @RolesAllowed) and also other annotations (such as Bean Validation annotations) on the parameters of your secured methods, the security checks would entirely be bypassed.
This issue was originally reported here: https://github.com/quarkusio/quarkus/issues/5763 .
1.0.1.Final fixes this issue and upgrade is highly recommended.
Registro completo de cambios
You can get the full changelog of 1.0.1.Final on GitHub.
Únete a nosotros
Valoramos mucho tus comentarios, así que por favor reporta errores, solicita mejoras… ¡Construyamos algo grandioso juntos!
Si eres un usuario de Quarkus o simplemente tienes curiosidad, no seas tímido y únete a nuestra acogedora comunidad:
-
proporcionar retroalimentación en GitHub;
-
escribir algo de código y enviar push a PR;
-
comentar con nosotros en Zulip y en nuestra lista de correo;
-
hacer tus preguntas en Stack Overflow.
