Aerospike Connect for Pulsar - Outbound Release Notes

  • 3.3.5
    Release Date: November 7, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

    • [CONNECTOR-1160] - Fixed security vulnerability - Authentication Bypass in krb5-libs.

  • 3.3.4
    Release Date: October 24, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

    • [CONNECTOR-1149] - Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3.
    • [CONNECTOR-1149] - Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core.
    • [CONNECTOR-1149] - Fixed Race Condition in io.undertow:undertow-core.
    • [CONNECTOR-1149] - Fixed Uncontrolled Resource Consumption in commons-io:commons-io.

  • 3.3.3
    Release Date: September 20, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    New Features

    • [CONNECTOR-1127] - Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring.
    • [CONNECTOR-1137] - Logging improvement - Outbound Await Metrics for all applicable connectors.

    Security

    • [CONNECTOR-1135] - Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel.
    • Upgraded Pulsar version.
    • Fixed com.google.protobuf:protobuf-java Stack-based Buffer Overflow.

  • 3.3.2
    Release Date: July 26, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

    • [CONNECTOR-1105] - Fix Race Condition.
    • [CONNECTOR-1108] - Fix Uncontrolled Resource Consumption ('Resource Exhaustion').

  • 3.3.1
    Release Date: June 9, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

    • [CONNECTOR-985] - Fix Improper Input Validation.
    • [CONNECTOR-986] - Fix Infinite loop.
    • [CONNECTOR-987] - Fix Uncontrolled Resource Consumption.
    • [CONNECTOR-1030] - Fix Out-of-bounds write vulnerabilities.
    • [CONNECTOR-1031] - Fix Out-of-bounds write vulnerabilities.
    • [CONNECTOR-1032] - Fix Out-of-bounds write vulnerabilities.
    • [CONNECTOR-1033] - Fix Out-of-bounds write vulnerabilities.
    • [CONNECTOR-1034] - Fix Out-of-bounds write vulnerabilities.

  • 3.3.0
    Release Date: March 26, 2024
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    New Features

    • [CONNECTOR-922] - Make batching of ack configurable as a toggle.

    Security

    • [CONNECTOR-928] - Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308
    • [CONNECTOR-929] - Fix Infinite loop. CVE-2024-25710

  • 3.2.2
    Release Date: November 7, 2023
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

  • 3.2.1
    Release Date: August 9, 2023
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Security

    • [CONNECTOR-775] - Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0.

  • 3.2.0
    Release Date: July 21, 2023
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    New Features

    • [CONNECTOR-373] - Batching support.
    • [CONNECTOR-431] - Batching support for inbuilt formats.
    • [CONNECTOR-584] - JSON logging format.
    • [CONNECTOR-705] - Bin include/exclude option in bin transformer.
    • [CONNECTOR-752] - Configurable message key for Pulsar messages.

    Improvements

    • [CONNECTOR-716] - Upgrade internal dependencies.

  • 3.1.0
    Release Date: May 19, 2023
    • The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
    • The connector is Java JVM based. Install the correct JVM for the desired architecture.
    • This connector requires Java 11 or later.

    Improvements

    • [CONNECTOR-562] - Multi-arch container image supporting linux/arm64 and linux/amd64 platforms.
    • [CONNECTOR-679] - Upgrade vulnerable dependencies.
    • [CONNECTOR-680] - Formatting option stringify-map-keys now defaults to true.

    Bug Fixes

    • [CONNECTOR-653] - Fixed handling of sorted map JSON conversion.

  • 3.0.0
    Release Date: May 5, 2022

    Improvements

    • [CONNECTOR-341] - Performance and stability improvements.
    • [CONNECTOR-342] - Vulnerability scanning and dependency upgrades.
    • [CONNECTOR-343] - Single installer for HTTP and XDR 5.0 wire protocol connector.
    • [CONNECTOR-348] - Add support for only metadata, no-bins schemas in AvroMap and AvroRecord formats. The no-bins bin policy was introduced in Aerospike server version 6.0.0.0.

  • 2.2.0
    Release Date: February 4, 2022

    New Features

    • [CONNECTOR-319] - Add support to plugin custom code through the Custom transformer API.
    • [CONNECTOR-321] - Add support for port-based configuration.

    Improvements

    • [CONNECTOR-320] - Support Java 17 runtime.
    • [CONNECTOR-323] - Add a routing config to skip dispatching of records to the destination.

  • 2.1.0
    Release Date: July 14, 2021

    Improvements

    • Upgrade external dependencies.

  • 2.0.0
    Release Date: May 24, 2021
    • If you are using Aerospike Database Enterprise Edition version 5.6 or later, ensure that you use this version of the Pulsar outbound connector or a later one.
    • ATTENTION: HTTP connectors renamed from aerospike-pulsar-outbound-legacy to aerospike-pulsar-outbound-http. Refer to documentation for installation and starting instructions.
    • ATTENTION: Outbound format breaking changes.
      • For Aerospike Server versions <= 4.9 that do not ship generation, expiry, and lut (last update time)
        • these fields are omitted from the payload in Json, FlatJson, and Avro-Map format.
        • these fields are shipped as nil in MessagePack format.
        • these fields are shipped as null in Avro-Record format.
      • Last update time - lut has been upscaled to a Long from Int. Avro-Record schemas specified in the config should change lut type from int to long.

    New Features

    • Prometheus integration support.
    • Pre-packaged Grafana dashboards.
    • PEM file format support in TLS configuration.
    • Support for Boolean particle type introduced in Aerospike Server version 5.6.
    • Official container image available on Docker Hub.

    Bug Fixes

    • Handling of new particle types introduced by the Aerospike Server not recognized by the connector.
    • Possible incorrect handling of byte array and extension types in lists and maps in rare cases.
    • Multiple connector instances with the same producer name for a topic crashes the connector instances.

  • 1.0.0
    Release Date: December 14, 2020
    • ATTENTION Upgrade to aerospike-pulsar-outbound 2.0.0 or later when using Aerospike Server 5.6 or later.
    • Initial General Availability release for Aerospike Server Enterprise Edition version 5.0 and above.
    • Legacy support for versions of the Aerospike Server Enterprise Edition version 4.9 and below.
      • If using Aerospike Server version 4.9 or below the Legacy connector must be used.
      • WARNING: A serious flaw has been discovered for http v2 in the library used by Aerospike Server Enterprise < 5.0 change notification. http-version MUST be set to v1 to prevent XDR and Change Notification from being blocked.

    Known Issues

    • JDK-8 connector crashes when consuming records from Aerospike Server 5.6 or later.
    • JDK-11 connector errors on every record consumed from Aerospike Server 5.6 or later.