Quarkus 3.2.11.Final released - Maintenance LTS release
Quarkus 3.2.11.Final, the eleventh maintenance release of the 3.2 LTS release train has been released.
This release includes the following security-related fixes:
-
CVE-2024-25710 Denial of service caused by an infinite loop for a corrupted DUMP file
-
CVE-2024-1597 PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
-
CVE-2024-1023 memory leak due to the use of Netty FastThreadLocal data structures in Vertx
-
CVE-2024-1300 memory leak when a TCP server is configured with TLS and SNI support
-
CVE-2024-1726 security checks for some inherited endpoints performed after serialization in RESTEasy Reactive may trigger a denial of service
And the following component upgrades:
-
Apache Commons Compress 1.25.0 → 1.26.0
-
PostgeSQL JDBC Driver 42.6.0 → 42.6.1
-
SmallRye JWT 4.3.0 → 4.4.0
-
Vert.X 4.4.6 → 4.4.8
If you are not already using a 3.2 release, please refer to our migration guide.
Registro completo de cambios
You can get the full changelog of 3.2.11.Final on GitHub.
Únete a nosotros
Valoramos mucho tus comentarios, así que por favor reporta errores, solicita mejoras… ¡Construyamos algo grandioso juntos!
Si eres un usuario de Quarkus o simplemente tienes curiosidad, no seas tímido y únete a nuestra acogedora comunidad:
-
proporcionar retroalimentación en GitHub;
-
escribir algo de código y enviar push a PR;
-
comentar con nosotros en Zulip y en nuestra lista de correo;
-
hacer tus preguntas en Stack Overflow.
