XDR-Proxy Release Note | Download

3.2.6

Release Date: March 3, 2025

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

[CONNECTOR-1183] - Use sendTimeout as configured without doubling.
[CONNECTOR-1184] - Converted transaction debug level messages to trace level.
[CONNECTOR-1185] - Kotlin version upgraded to 2.x.

Security

[CONNECTOR-1175] - Updated logback-core to 1.5.15 version to fix CVE-2024-12798, CVE-2024-12801.
[CONNECTOR-1179] - Updated logback-core to 1.5.15 version to fix CVE-2024-12801.
[CONNECTOR-1180] - Updated logback-classic to 1.5.15 version to fix CVE-2024-12798.
[CONNECTOR-1181] - Updated logback-core to 1.5.15 version to fix CVE-2024-12798.
[CONNECTOR-1188] - Updated io.netty:netty-handler to 4.1.118.Final to fix CVE-2025-24970, CVE-2025-25193, CVE-2024-29025, CVE-2024-47554, CVE-2023-46120 (rabbitmq), CVE-2024-51504 (zookeeper).

Download

3.2.5

Release Date: November 7, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

[CONNECTOR-1160] - Fixed security vulnerability - Authentication Bypass in krb5-libs.

Download

3.2.4

Release Date: October 23, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

[CONNECTOR-1149] - Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3
[CONNECTOR-1149] - Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core.
[CONNECTOR-1149] - Fixed Race Condition in io.undertow:undertow-core.
[CONNECTOR-1149] - Fixed Uncontrolled Resource Consumption in commons-io:commons-io.

Download

3.2.3

Release Date: September 20, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

[CONNECTOR-1127] - Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring.
[CONNECTOR-1137] - Logging improvement - Outbound Await Metrics for all applicable connectors.

Security

[CONNECTOR-1135] - Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel.

Download

3.2.2

Release Date: July 31, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

[CONNECTOR-1105] - Fix Race Condition.
[CONNECTOR-1108] - Fix Uncontrolled Resource Consumption ('Resource Exhaustion').

Download

3.2.1

Release Date: June 10, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

[CONNECTOR-988] - Fix Improper Input Validation.
[CONNECTOR-989] - Fix Infinite loop.
[CONNECTOR-990] - Fix Uncontrolled Resource Consumption.
[CONNECTOR-1035] - Fix Out-of-bounds write vulnerabilities.
[CONNECTOR-1036] - Fix Out-of-bounds write vulnerabilities.
[CONNECTOR-1037] - Fix Out-of-bounds write vulnerabilities.
[CONNECTOR-1038] - Fix Out-of-bounds write vulnerabilities.

Download

3.2.0

Release Date: March 25, 2024

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

[CONNECTOR-922] - Make batching of ack configurable as a toggle.

Security

[CONNECTOR-928] - Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308
[CONNECTOR-929] - Fix Infinite loop. CVE-2024-25710

Download

3.1.0

Release Date: November 7, 2023

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Improvements

[CONNECTOR-805] - Return all destination Aerospike server error codes to XDR source cluster.

Security

[CONNECTOR-825] - Upgrade netty and gRPC for CVE-2023-44487.

Download

3.0.0

Release Date: August 9, 2023

Breaking change - Custom transformers will not be able to write Java runtime serialized objects as bins to target Aerospike cluster.
The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

[CONNECTOR-775] - Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0.

Download

2.3.0

Release Date: July 21, 2023

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

[CONNECTOR-584] - JSON logging format.

Improvements

[CONNECTOR-716] - Upgrade internal dependencies.

Download

2.2.1

Release Date: May 17, 2023

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Improvements

[CONNECTOR-562] - Multi-arch container image supporting linux/arm64 and linux/amd64 platforms.
[CONNECTOR-679] - Upgrade vulnerable dependencies.

Download

2.2.0

Release Date: January 12, 2023

Bug Fixes

[CONNECTOR-561] - Upgrade dependencies to fix XDR Proxy Vulnerabilities.

Download

2.1.0

Release Date: July 14, 2022

New Features

[CONNECTOR-365] - Add support for Inbound SDK custom transformer in XDR Proxy.

Download

2.0.0

Release Date: April 4, 2022

New Features

[CONNECTOR-340] - Provide an option for in-order delivery of different versions of the same record.

Improvements

[CONNECTOR-341] - Performance and stability improvements.
[CONNECTOR-342] - Vulnerability scanning and dependency upgrades.
[CONNECTOR-343] - Single installer for HTTP and XDR 5.0 wire protocol connector.

Download

1.2.0

Release Date: February 4, 2022

Improvements

[CONNECTOR-320] - Support Java 17 runtime.
[CONNECTOR-326] - Support all XDR wire format options and flags. This feature enables support for bin deletions.

Download

1.1.1

Release Date: July 14, 2021

Improvements

Upgrade external dependencies.

Download

1.1.0

Release Date: May 24, 2021

ATTENTION: HTTP connectors renamed from aerospike-xdr-proxy-legacy to aerospike-xdr-proxy-http. Refer to documentation for installation and starting instructions.

New Features

Prometheus integration support.
Pre-packaged Grafana dashboards.
PEM file format support in TLS configuration.
Official container image available on Docker Hub.

Bug Fixes

Handling of new particle types introduced by the Aerospike Server not recognized by the connector.

Download

1.0.0

Release Date: August 10, 2020

ATTENTION Upgrade to aerospike-xdr-proxy 1.1.0 or later when using Aerospike 5.6 Server or later.
Initial General Availability release for Aerospike Server Enterprise Edition version 5.0 and above.
Legacy support for versions of the Aerospike Server Enterprise Edition version 4.9 and below.
- If using Aerospike Server version 4.9 or below the Legacy connector must be used.
- WARNING: A serious flaw has been discovered for http v2 in the library used by Aerospike Server Enterprise < 5.0 change notification. http-version MUST be set to v1 to prevent xdr and change notification from being blocked.

Known Issues

JDK-8 XDR proxy crashes when consuming records from Aerospike Server 5.6 or later.
JDK-11 XDR proxy errors on every record consumed from Aerospike Server 5.6 or later.

Download