Aerospike Connect for Elasticsearch Release Notes

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Bug Fixes

• [CONNECTOR-1219] - Changed default value of socket-receive-buffer-bytes to null from 32kb, so this is optional configuration validation only if configured.

Security

• [CONNECTOR-1220] - Aerospike Connectors - Security vulnerabilities introduced through libxml2.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• [CONNECTOR-1183] - Use sendTimeout as configured without doubling.
• [CONNECTOR-1184] - Converted transaction debug level messages to trace level.
• [CONNECTOR-1185] - Kotlin version upgraded to 2.x.

Security

• [CONNECTOR-1175] - Updated logback-core to 1.5.15 version to fix CVE-2024-12798, CVE-2024-12801.
• [CONNECTOR-1179] - Updated logback-core to 1.5.15 version to fix CVE-2024-12801.
• [CONNECTOR-1180] - Updated logback-classic to 1.5.15 version to fix CVE-2024-12798.
• [CONNECTOR-1181] - Updated logback-core to 1.5.15 version to fix CVE-2024-12798.
• [CONNECTOR-1188] - Updated io.netty:netty-handler to 4.1.118.Final to fix CVE-2025-24970, CVE-2025-25193, CVE-2024-29025, CVE-2024-47554, CVE-2023-46120 (rabbitmq), CVE-2024-51504 (zookeeper).

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-1160] - Fixed security vulnerability - Authentication Bypass in krb5-libs.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-1149] - Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3.
• [CONNECTOR-1149] - Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core.
• [CONNECTOR-1149] - Fixed Race Condition in io.undertow:undertow-core.
• [CONNECTOR-1149] - Fixed Uncontrolled Resource Consumption in commons-io:commons-io.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• [CONNECTOR-1127] - Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring.
• [CONNECTOR-1137] - Logging improvement - Outbound Await Metrics for all applicable connectors.

Security

• [CONNECTOR-1135] - Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel.
• Upgraded Pulsar version.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-1105] - Fix Race Condition.
• [CONNECTOR-1108] - Fix Uncontrolled Resource Consumption ('Resource Exhaustion').

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-969] - Fix Improper Input Validation.
• [CONNECTOR-970] - Fix Infinite loop.
• [CONNECTOR-971] - Fix Uncontrolled Resource Consumption.
• [CONNECTOR-1002] - Fix Out-of-bounds write vulnerabilities.
• [CONNECTOR-1003] - Fix Out-of-bounds write vulnerabilities.
• [CONNECTOR-1004] - Fix Out-of-bounds write vulnerabilities.
• [CONNECTOR-1005] - Fix Out-of-bounds write vulnerabilities.
• [CONNECTOR-1006] - Fix Out-of-bounds write vulnerabilities.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• [CONNECTOR-922] - Make batching of ack configurable as a toggle.

Security

• [CONNECTOR-928] - Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308
• [CONNECTOR-929] - Fix Infinite loop. CVE-2024-25710

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-825] - Upgrade netty and gRPC for CVE-2023-44487.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-775] - Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• [CONNECTOR-594] - JSON logging format.
• [CONNECTOR-705] - Bin include/exclude option in bin transformer.

Improvements

• [CONNECTOR-716] - Upgrade internal dependencies.

• This release has introduced breaking configuration changes.
• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Improvements

• [CONNECTOR-669] - Allow all types of routing in Elasticsearch outbound connector similar to other outbound connectors.
  • Passing OutboundRoute to Formatter and BatchFormatter.
  • Using routing for Elasticsearch's index instead of BulkRequestConfig.
  • Moved out bulk-request-config from the params section of format to the main config level and made it injectable.
  • Changed type of bulk-request-config's timeout parameter to String.

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Improvements

• [CONNECTOR-562] - Multi-arch container image supporting linux/arm64 and linux/amd64 platforms.
• [CONNECTOR-679] - Upgrade vulnerable dependencies.

• Initial General Availability release.