Releases: aerospike-community/aerospike-rest-gateway
Releases · aerospike-community/aerospike-rest-gateway
2.1.13
Release Date: August 02, 2025
Improvements
- Update dependency versions. [APPS-1817]
Security
- Allocation of Resources Without Limits or Throttling in tomcat-embed-core. [APPS-1784, APPS-1785]
Full Changelog: 2.1.12...2.1.13
2.1.12
Release Date: June 15, 2025
Improvements
- Update dependency versions. [APPS-1752]
Security
- Authentication Bypass by Primary Weakness in spring-security-crypto. [APPS-1732]
Full Changelog: 2.1.11...2.1.12
2.1.11
Release Date: January 15, 2025
Improvements
- Update dependency versions. [APPS-1461]
- Upgrade Gradle Wrapper to 8.12. [APPS-1460]
Security
- Path Traversal in org.springframework:spring-webmvc. [APPS-1446] [APPS-1447]
Full Changelog: 2.1.10...2.1.11
2.1.10
Release Date: December 26, 2024
Security
- Time-of-check Time-of-use (TOCTOU) Race Condition in org.apache.tomcat.embed:tomcat-embed-core. [APPS-1415] [APPS-1427]
Full Changelog: 2.1.9...2.1.10
2.1.9
Release Date: December 09, 2024
Improvements
- Update dependency versions. [APPS-1391]
Security
- Fix org.apache.tomcat.embed:tomcat-embed-core Uncaught Exception. [APPS-1379]
- Fix org.springframework:spring-webmvc Path Traversal. [APPS-1380] [APPS-1381]
Full Changelog: 2.1.8...2.1.9
2.1.8
Release Date: August 30, 2024
Security
- Fix org.bouncycastle:bcprov-jdk18on Infinite loop vulnerability. [APPS-1290]
- Fix org.apache.tomcat.embed:tomcat-embed-core Insufficient Session Expiration. [APPS-1291]
Full Changelog: 2.1.7...2.1.8
2.1.7
Release Date: April 05, 2024
Security
- (REST) Fix Denial of Service (DoS) - CVE-2023-1370 [APPS-1135]
- (REST) Fix Open Redirect - CVE-2024-22243 [APPS-1168]
- (REST) Fix Open Redirect - CVE-2024-22259 [APPS-1170]
- (REST) Fix Denial of Service (DoS) - CVE-2024-23672 [APPS-1171]
- (REST) Fix Denial of Service (DoS) - CVE-2024-24549 [APPS-1172]
Full Changelog: 2.1.6...2.1.7
2.1.6
Release Date: January 23, 2024
Security
- Address various vulnerabilities. [APPS-1108]
Full Changelog: 2.1.5...2.1.6
2.1.5
Release Date: October 25, 2023
Bug Fixes
- Swagger API documentation does not display acceptable values for model 'type' fields. [APPS-886]
- Swagger API documentation does not correctly display the required fields for Operation models. [APPS-887]
- Fix http2 rapid-reset vulnerability CVE-2023-44487. [APPS-941]
Full Changelog: 2.1.4...2.1.5
2.1.4
Release Date: September 06, 2023
Improvements
- Clarify how to provide GeoJSON bin types in the documentation. [APPS-882]
Bug Fixes
- GeoJSON bins are inserted as Aerospike Maps. [APPS-884]
Full Changelog: 2.1.3...2.1.4