Geode releases can be downloaded from the project website.

Security Vulnerabilities

Latest

1.15.1

This patch release includes a few bug fixes:

  • Bumped jetty to 9.4.47.v20220610
  • Fixed data inconsistency in the replicated region with  3 or more servers, and one server is down
  • Fixed clearing the region related expired tombstones when the region is destroyed
  • Improve handling WAN events when interrupted

A full list of issues that were resolved can be found a https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351801

Previous Releases

1.15.0

This release contains a number of improvements and bug fixes, including:

  • Support for running on JDK17.
  • Support for authentication expiration and re-authorization.
  • The default value of conserve-sockets has been changed from true to false.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12349678

1.14.4

This patch release includes a few bug fixes:

  • Fixed an issue in the session state module.
  • Fixed a durable client socket leak.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351226

1.14.3

This patch release includes a security fix:

  • Bumped log4j to 2.17.1.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351078

1.14.2

This patch release includes a security fix:

  • Bumped log4j to 2.16.0.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350922

1.14.1

This patch release includes a few bug fixes:

  • Bumped log4j to 2.15.0.
  • Improved index maintenance and reliability.
  • Support for differing socket buffer sizes between locator and server.
  • Fixed an issue affecting some classes when serializable validation is enabled.
  • Fixed an issue where rebalancing a region with multiple redundancy zones could fail.
  • Improved gateway sender performance when not grouping transactions.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350572

1.14.0

This release includes a significant number of bug fixes, improvements in current behavior along with the addition of a few statistics to monitor the cluster health:

  • The creation of OQL indexes now works on sub-regions.
  • Proper exceptions are thrown when a region is destroyed during function execution.
  • Daemon threads are now used while rebalancing regions.
  • Gateway receivers can be configured with the same hostname-for-senders and port. The reason for such a setup is deploying a Geode cluster on a Kubernetes cluster where all GW receivers are reachable from the outside world on the same IP and port.
  • Disk stores are recovered in parallel during cluster restarts.
  • New option in GFSH command "start gateway sender" to control clearing of existing queues.
  • New member field added in OQL query GFSH command to point to the member on which the query will be executed.
  • No more ConcurrentModificationException when using JTA transaction.
  • Setting SNI server name is now not needed if endpoint verification is disabled.
  • A new REST interface for disk-store creation has been introduced.
  • GFSH command to create defined indexes now works if connected to a new locator which joined the cluster after indexes were defined.
  • Session state modules dependencies were cleaned up and made more efficient.
  • Limited retries while trying to create Lucene indexes to prevent stack overflow issues.
  • A new statistic was added to get the heap memory occupied by the gateway sender's queue.
  • maximum-time-between-pings set when creating a gateway receiver is now honored instead of being ignored.
  • Deadlocks are prevented when java garbage collection and tombstone collection occur simultaneously.
  • 'conserve-sockets' default value is now set to false when the members are started.
  • Slower receivers with async-distribution-timeout greater than 0 are now not allowed with cluster TLS/SSL.
  • Client trying to register interest in an older version server will now receive a ServerRefusedConnectionException.
  • The speed of registering interest during rolling upgrades has been improved.
  • A new feature was added to print out the tenured heap in the log files after garbage collection.
  • Bucket statistics were fixed.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12348214

1.13.8

This patch release includes a few bug fixes:

  • Fixed an issue in the session state module.
  • Fixed a durable client socket leak.
  • Note: Geode 1.13.8 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351225

1.13.7

This patch release includes a security fix:

  • Bumped log4j to 2.17.1.
  • Note: Geode 1.13.7 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351077

1.13.6

This patch release includes a security fix:

  • Bumped log4j to 2.16.0.
  • Note: Geode 1.13.6 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350921

1.13.5

This patch release includes a few bug fixes:

  • Bumped log4j to 2.15.0.
  • Improved index maintenance and reliability.
  • Support for differing socket buffer sizes between locator and server.
  • Fixed an issue affecting some classes when serializable validation is enabled.
  • Correctly limit max message chunk size.
  • Improved responsiveness of membership messaging.
  • Fixed an issue where rebalancing a region with multiple redundancy zones could fail.
  • Note: Geode 1.13.5 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350439

1.13.4

This patch release includes a few bug fixes:

  • Fixed a performance issue with client SSL handshake.
  • Fixed the source release to compile without reliance on bintray, which has now sunsetted.
  • Note: Geode 1.13.4 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350311

1.13.3

This patch release includes a number of bug fixes, including a fix for an issue with session state expiration:

  • Several fixes in the session state module.
  • Fix for server not stopping completely on shutdown.
  • Fix for incorrect CQ event being sent in some cases.
  • Improvements to disconnect handling, p2p connections, and idle expiration.
  • Dependency bumps for json-smart, spring, spring-security, and jetty.
  • Note: Geode 1.13.3 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12349841

1.13.2

This patch release includes a number of bug fixes, including some critical fixes if upgrading from an earlier version of Geode:

  • Fixed a race condition that could lead to Pdx corruption in rare cases.
  • Provide ability to configure Geode appenders in log4j2.xml.
  • Localize dates in Pulse queries.
  • Improvements to startup/shutdown.
  • Fix for tombstone never expiring in rare cases.
  • Fix rebalance to function properly during rolling upgrade.
  • Performance improvements.
  • Change apachegeode dockerhub image to be based on BellSoft's Liberica JDK.
  • Note: Geode 1.13.2 clients are not compatible with 1.13.0 or 1.13.1 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12349381

1.13.1

This patch release includes a number of bug fixes, including some critical fixes if using TLS communication:

  • Fixed an issue where rebalance operations could be stuck in "IN_PROGRESS" state forever.
  • SSL/TLS protocol and cipher suite configuration is now honored.
  • GarbageCollectionCount metric no longer shows negative values.
  • StackOverflow no longer occurs when Lucene IndexWriter is unable to be created.
  • Implemented CopyOnWriteHashSet.iterator().remove().
  • Fixed some shutdown-related edge cases in message transmission.
  • Fixed deadlock that could occur due to tombstone removal during GII.
  • Added REST API for creating diskstores.
  • Note: Geode 1.13.1 is not compatible with 1.13.2+ or 1.12.1+ clients.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12348785

1.13.0

This release contains some new gfsh commands and support for SNI as well as a number of improvements and bug fixes:

  • Indexes can now be created on subregions.
  • Experimental Cluster Management Service REST API to deploy versioned JAR files.
  • Apache Geode clients can utilize the Server Name Indication (SNI) extension to TLS.
  • Added options to the gfsh list gateways command to show only senders or receivers.
  • The gfsh list gateways command now reports the connection state of gateway senders.
  • New gfsh commands to report on or ensure the redundancy status of partitioned regions.
  • The gfsh connect command can now accept an OAuth token for authentication.
  • Gfsh can now connect to any Geode version 1.10 or newer.
  • Fixed an issue that caused a ConcurrentModificationException to be thrown when using JTA transactions.
  • Improved performance in highly concurrent environments.
  • Fixed an issue in which a customer could experience data corruption if doing puts with large objects.
  • Fixed a memory leak that occurred when a replicated region, configured with entry expiration, was cleared.
  • Fixed a problem with replaying subscription events following restart or failover.
  • Unused disk store backups (drf files) are now deleted to prevent possible startup failure.
  • When a client performs a single-hop getAll() operation and encounters a serialization error, the operation is now re-tried.
  • Corrected a case in which tombstones were being cleared when the region was not initialized.
  • Note: Geode 1.13.0 is not compatible with 1.13.2+ or 1.12.1+ clients.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12346917

1.12.9

This patch release includes a few bug fixes:

  • Fixed an issue in the session state module.
  • Fixed a durable client socket leak.
  • Note: 1.12.9 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.9 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351204

1.12.8

This patch release includes a security fix:

  • Bumped log4j to 2.17.1.
  • Note: 1.12.8 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.8 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12351076

1.12.7

This patch release includes a security fix:

  • Bumped log4j to 2.16.0.
  • Note: 1.12.7 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.7 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350901

Kakfa Connector 1.1.0

  • Upgraded Log4j to 2.16.0
  • Apache Geode upgraded to 1.12.6

1.12.6

This patch release includes a few bug fixes:

  • Bumped log4j to 2.15.0.
  • Improved index maintenance and reliability.
  • Support for differing socket buffer sizes between locator and server.
  • Fixed an issue affecting some classes when serializable validation is enabled.
  • Correctly limit max message chunk size.
  • Improved responsiveness of membership messaging.
  • Note: 1.12.6 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.6 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350702

1.12.5

This patch release includes a few bug fixes:

  • Fixed an issue when validate-serializable-objects is enabled.
  • Fixed an issue where rebalancing a region with multiple redundancy zones could fail.
  • Note: 1.12.5 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.5 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350427

1.12.4

This patch release includes a few bug fixes:

  • Fixed a performance issue with client SSL handshake.
  • Fixed the source release to compile without reliance on bintray, which has now sunsetted.
  • Note: 1.12.4 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.4 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350282

1.12.3

This patch release includes a few bug fixes and dependency updates:

  • Improved compatibility during upgrade from earlier versions of Geode.
  • Improvements to disconnect handling, p2p connections, and idle expiration.
  • Dependency bumps for json-smart and spring.
  • Note: 1.12.3 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.3 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350086

1.12.2

This patch release includes a number of bug fixes and dependency updates:

  • Several fixes in the session state module.
  • Fix for server not stopping completely on shutdown.
  • Fix for incorrect CQ event being sent in some cases.
  • Fixed rebalance compatibility issue during rolling upgrade.
  • Dependency bumps for spring-security, apache-httpclient, and jetty.
  • Note: 1.12.2 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.2 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12349701

1.12.1

This patch release includes a large number of bug fixes, including some critical fixes if using TLS communication:

  • Fixed an issue where rebalance operations could be stuck in "IN_PROGRESS" state forever.
  • SSL/TLS protocol and cipher suite configuration is now honored.
  • GarbageCollectionCount metric no longer shows negative values.
  • StackOverflow no longer occurs when Lucene IndexWriter is unable to be created.
  • Implemented CopyOnWriteHashSet.iterator().remove().
  • Fixed some shutdown-related edge cases in message transmission.
  • Fixed deadlock that could occur due to tombstone removal during GII.
  • Restored member name to log entries.
  • Fixed a memory leak that occurred when a replicated region configured with entry expiration was cleared.
  • Improved WAN retry logic.
  • Note: 1.12.1 cannot be upgraded to versions of Geode 1.13 prior to 1.13.2.  Geode 1.12.1 clients are not compatible with 1.12.0 servers.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12347855

1.12.0

This release contains a new OQL security framework as well as a number of improvements and bug fixes:

  • Introduced a pluggable OQL security framework to restrict which classes and methods that can be called from OQL.  The system administrator can change the security posture at runtime.  Provided implementations include RestrictedMethodAuthorizer, UnrestrictedMethodAuthorizer, RegExMethodAuthorizer, and JavaBeanAccessorMethodAuthorizer.
  • Introduced new endpoints in REST API for Management, including create and delete index, list deployed jars, show PDX configuration, and show supported REST API versions.

  • Migrated from Spring 4 to Spring 5.

  • Updated 3rd party libraries to latest security patches.

  • Fixed an issue where the locator could fail to shutdown completely.

  • Fixed an issue where the locator could fail to start up completely.

  • Fixed an exception thrown when executing an equi-join query and both fields are indexed.

  • Fixed an issue where a backup was not properly aborted if a member of the distributed system was lost during the backup.

  • Note: Geode 1.12.0 is not compatible with 1.12.1+ clients.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12346481

1.11.0

This release contains a number of improvements and bug fixes:

  • Improved documentation on logging

  • Removed TcpServer's dependency on geode-core

  • Deprecated SystemFailure class

  • The user guide now has documentation for the Cluster Management Service REST API

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12345980

1.10.0

This release contains a number of improvements and bug fixes:

  • Significantly improves the performance of connection pooling while reducing the number of socket resources.
  • Additional statistics now available through micrometer
  • Use NIO to improve scalability of peer-to-peer SSL connections
  • Enabled experimental cluster management API
  • Tab completion works now with gfsh help
  • Introduced the ability to replace Log4j with an alternative logging scheme. To use an alternative appender for writing to log files, exclude "log4j-core" from your classpath.
  • Added the ability to specify that when an asynchronous event queue (AEQ) first starts, event processing should be paused. A `resume` command is provided to start event processing at the desired time. Three gfsh commands were added or modified to support this capability: "create async-event-queue --pause-event-processing", "alter async-event-queue --pause-event-processing", and "resume async-event-queue-dispatcher". See the gfsh command reference in the Geode User Guide for details.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12344994

1.9.2

This patch release contains functionality for improved management of AEQs as well as improving support for integration with Spring Data Geode:

  • Added the ability to specify that when an asynchronous event queue (AEQ) first starts, event processing should be paused. A `resume` command is provided to start event processing at the desired time. Three gfsh commands were added or modified to support this capability: "create async-event-queue --pause-event-processing", "alter async-event-queue --pause-event-processing", and "resume async-event-queue-dispatcher". See the gfsh command reference in the Geode User Guide for details.
  • Publish war artifacts for geode-web , geode-web-api and geode-web-management to Maven Central.
  • Fix compatibility with launching geode-web (admin REST API) when Spring 5.x jars are on the classpath.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12346371

1.9.1

This patch release resolves compatibility issues with Spring Data Geode:

  • Revert SSL over NIO
  • Make log4j dependency optional 

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12346041

1.9.0

This release contains a number of improvements and bug fixesAn initiative to significantly reduce the overhead of internal statistics collection has yielded near linear scaling of updates. As a result, most apps should notice increased throughput of local get operations:

  • Improvements to recovery following unexpected network disconnections
  • Improvements to jndi-binding commands
  • Java and Native clients can no longer access internal regions inappropriately
  • Implement SSL over NIO
  • Provide ability to configure Geode appenders in log4j2.xml
  • Initialize the PDX registry before attempting an auto-reconnect
  • offline disk store gfsh commands now create the given disk store directory if it doesn't exist
  • Removed usage org.json and replaced with Jackson
  • Fixed a bug that a cache creation failure after a successful auto-reconnect causes subsequent NPE
  • Fixed a bug on configure pdx command not to fail when using all default values

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12344425

1.8.0

This is the first Apache Geode release to include Geode Native. Geode Native enables client applications that are written in C++ or C# to talk to Apache Geode servers:

  • Geode client supports Trust and Keystore rotation.
  • Enable endpoint validation during SSL handshake.
  • Improve how SerialGatewaySenderQueue implements concurrency which improves latency.
  • Function security is dynamically determined by function arguments.
  • Add support for Tomcat 9.
  • Make GFSH hints case independent.
  • Fix possible hang in DLockService.clearGrantor.
  • Fix bug where a removeAll/putAll operation could remove lockObject held by another thread if region is closing.
  • Fix a race conditions during JMX registration and cleanup
  • Fix a Race in management adapter that could fail to create MXBeans.
  • Fix failure that could lead to wrong region size when an error occurred during GII.
  • Fix bug where race condition could lead to RejectedExecutionException being thrown from QueryMonitor.
  • Fix bug where server shutdown delays election of new primary bucket owners.
  • Fix bug where a replicate did not apply transaction commit even if another replicate applied commit after tx host departed.
  • Fix bug where AbstractConfig.setAttribute contained duplicate condition with different behaviors.
  • Fix bug where gateway sender could shut down in response to a network problem.
  • Fix bug where getAll() did not trigger client metadata refresh when primary bucket is not known.
  • ClearRegion write lock to avoid race condition with concurrent cache operation when GII fails and needs to cleanup.
  • Remove not functioning ConfigurationProperties.ssl-enabled-components option of `none`.
  • Fix notify/wait bugs in QueryMonitor and improve its performance.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12343352

1.7.0 

Changes since the last release:

  • Optimized the performance of OQL order-by, distinct queries in client/server when security is enabled.
  • Lowered the memory footprint of servers involved in update operations with asynchronous listeners.
  • Added 'get/set cluster-config' GFSH command.
  • Added GFSH command to destroy gateway receiver.
  • Added new option --member for describe and list JDBC connector GFSH commands.
  • Added post processor to new client protocol.
  • Upgraded to Apache Log4j 2.9.1.
  • Updated Log4j dependency to better integrate with Spring.
  • Upgraded to Gradle 4.9 for build operations.
  • Pulse now supports legacy SSL options.
  • Pulse now shows all data queries including failed ones, as Pulse Data Browser queries are saved in history before they are executed.
  • LowMemoryException now always mentions the member running on low memory.
  • Configuration options set a part of start server GFSH command now takes precedence over those mentioned in cache.xml.
  • While starting a locator in GFSH, load-cluster-configuration-from-dir is no longer required when setting --cluster-config-dir.
  • Relaxed GFSH version checking on connect, allow GFSH client to connect to members with different patch versions.
  • Disk store commands are now allowed to use custom log4j2 config.
  • Added Docker Gradle plugin to execute all tests in parallel.
  • Auto-reconnecting members do not reuse old addresses and old membership IDs.
  • Duplicate / member specific receivers are removed from cluster config during rolling.
  • Client statistics are now published on clusters when security is enabled.
  • Fixed a bug which caused OQL indexes to be incorrectly updated during GII involving stale persistent data.
  • Fixed a bug where disk recovery freezes, where no member is recognized as having the most recent data.
  • Fixed a bug which resulted in a rare data inconsistency in clients during recycling of servers or during client initialization.
  • Fixed a bug that caused the lowRedundancyBucketCount statistic not to be maintained properly when multiple members are stopped and restarted.
  • Fixed a bug that sometimes caused ClientHealthStats not be propagated when system has a hostname.
  • Fixed a bug that caused function execution using FunctionService.onServer() and FunctionService.onRegion() to fail when multiuser-authentication is enabled.
  • Improved documentation for transactions, security permissions for JNDI binding commands.

    A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12343041.

1.6.0

Changes since the last release:

  • Region entries are now serialized before putting in local cache
  • Entry expiration now updates last accessed time on NORMAL and PRE LOADED regions
  • Improved JDBC Connector connection pooling
  • Improved JDBC Connector attribute type conversion including MySQL and PostgreSQL databases
  • Fixed a bug in CacheLoader when loading PdxInstance requiring class to be on classpath if pdx-read-serialized is false
  • Fixed a bug where EvictionAttributesMutator.setMaximum does not work
  • Fixed race condition in concurrent create on region when the key used in a putIfAbsent call that returns null may not be the one in the RegionEntry
  • Added new MBeans to monitor size and overflow stats for the Gateway sender queue; specifically 1. MemLRUStatistics lruEvictions stat for the sender queue and 2. DiskRegionStatistics entriesOnlyOnDisk and bytesOnlyOnDisk stats for the sender queue
  • Fixed bug to ensure MAX_QUERY_EXECUTION_TIME is honored during long queries and before hitting out of memory exception
  • Prevent tombstones from being added to an index during region initialization that caused initialization to last more than an hour
  • Fixed a bug where cluster configuration does not respond after locator reconnects to the distributed system
  • Apply ArgumentRedactor to JVM arguments
  • Fixed jar deploy on Windows
  • Fixed being able to set specific ciphers for REST interface
  • Fixed link in help tab in Pulse
  • Fixed gfsh output when window size is 80 columns wide
  • Fixed configuring gfsh Configure PDX option 'auto-serializable-classes' to set 'check-portability' as 'false'
  • Fixed pulse application to work correctly in locales other than US
  • Created gfsh command to list jndi binding
  • Created gfsh command to destroy jndi binding
  • Created gfsh command to describe jndi binding
  • Gfsh command list jndi-binding will display active and configured JNDI bindings
  • Add a feature flag to be able to turn off new gfsh commands until all gfsh CRUD commands are available
  • Fixed bug where an extra Null node for a cluster was showing up in Pulse
  • Fixed the problem where the server shutdown on import of cluster configuration even though import was successful (no error on server shutdown appeared in logs)
  • Fixed Jar deployment via gfsh when SSL is enabled
  • Log marker logging is now getting displayed in the logs
  • Deprecated option load-cluster-configuration-from-dir on gfsh start locator command


A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12342867.

1.5.0

Changes since the last release:

  • Added support for arithmetic operators ('mod', '%', '+', '-', '/', '*') in the WHERE clause of OQL queries
  • Added new API to destroy a gateway receiver
  • Added support for java.util.Map#get in OQL when security is enabled
  • Fixed compile error when using ALL_KEYS or List in the registerInterest APIs if the region keys are typed. Deprecated ALL_KEYS and List parameters and added new APIs specifically for all keys and a list of keys
  • Changed mapIndexKeys hash set to handle concurrent access to prevent index update threads from hanging and causing high CPU usage
  • Attempting to connect an older version gfsh to a newer version locator should fail
  • Client security example uses SSL
  • Provide ability to supply arguments over gfsh while initializing Declarable
  • Provide ability to set custom expiry for create and alter region gfsh command
  • Gfsh connect command should infer the correct connection mechanism (http(s))
  • Gfsh put command: change option --skip-if-exists to --if-not-exists
  • Deprecating create region using --template-region option ingfsh
  • Gfsh command describe region now list custom expiry setting
  • New gfsh command to create jndi binding
  • Re-instate Management REST API endpoints for 'create index' and 'create region'
  • Documented risk of deadlock when invoking getAnyInstance() from within any CacheCallback. Instead use EntryEvent.getRegion().getCache(), RegionEvent.getRegion().getCache(), LoaderHelper.getRegion().getCache(), or TransactionEvent.getCache()
  • Transactions no longer start unexpectedly if the first operation is a query in JTA
  • Entries on a region with eviction will now be available for garbage collection when they are destroyed in a transaction
  • Removed singleton calls from code in org.apache.geode.cache.util package
  • EventSeqNum and VersionVector are now prevented from being accessed before initialization
  • Backup code is now more modular and extendable for future plugins
  • JDBC Connector now throws a JdbcConnectorException rather than a SQLException
  • New client property 'subscription-timeout-multiplier' enables the timeout of a subscription feed with failover to another server
  • Improved client load balancing logic by introducing variability in the quantity of time clients delay until checking again
  • Fixed a race condition when finding a PDX type during a get operation by adding a distributed lock and retrying

  • Setting a client/server Diffie-Hellman algorithm no longer breaks client/server subscriptions

  • Removed the automatic creation of client default pool, instantiating one only when it is required

  • Prevented a possible deadlock by disallowing adding a connection to the ConnectionMap when it is being closed

  • Improved member view handling when a new member coordinator is selected – public encryption keys are now transferred from the old membership view to the new one


A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12342395.

1.4.0

Changes since the last release:

  • This release is backwards compatible with prior v1.x releases.
  • Adds a JDBC connector (experimental)
  • Lucene indexing/searching for nested objects
  • Introduced new eviction algorithm for large regions (experimental)
  • Hash Index and Hash Index APIs are now deprecated
  • New geode-examples 
  • Provide whitelist/blacklist capability for java serialization
  • Allow query parameters within the to_date preset query function
  • Add a --if-exists flag to all destroy commands in gfsh
  • Idle expiration will happen even if the entry has been accessed on a replicate
  • "describe region" command & RegionMBean now includes asyncEventQueueIds and gatewaySenderIds
  • Ability to configure eviction through gfsh "create region" command
  • Adds a new alter async event queue command
  • Ability to deploy large jar files without running out of memory on locator
  • Integrate new client protocol into existing connection logic
  • Fixed: Member may fail to receive cluster configuration from locator
  • Fixed: 2 restarts of Locator results in split brain
  • Fixed: Pulse login fails after second login
  • Fixed: Pulse throws NPE when SecurityManager is enabled
  • Fixed: Deployed jars may not be correct when multiple locators are in use

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12341842

1.3.0

Changes since the last release:

  • CVE-2017-9795: Apache Geode OQL method invocation vulnerability
  • CVE-2017-9796: Apache Geode OQL bind parameter vulnerability
  • CVE-2017-12622: Apache Geode gfsh authorization vulnerability
  • This release is backwards compatible with prior v1.1 and v1.2 releases.

  • Provides finer grained security

  • Adds ability to snapshot more than one region at a time

  • Improves FunctionContext to now provide a reference to Cache

  • Adds GfshRule for integration testing Geode Applications

  • Adds soundex analyzer to lucene search

  • Adds a Gfsh Connect option --skip-ssl-validation

  • Enables function author to determine what permissions the function execution requires

  • Adds jmx-manager-hostname-for-clients as a gfsh option for starting a locator

  • Fixes performance hit when security is not turned on

  • Deprecates option for manual restart of Gateway senders

  • Fixes required permission for lucene query

  • Gfsh works over HTTP with SSL enabled

  • Fixes potential locator split brain when two locators are started within 1s of each other

  • Fixes possibleDuplicate boolean to be set to true in previously processed AEQ events

  • Fixes erroneous CommitConflictException on client

  • Remove a number of API's that had been deprecated prior to the last major version (v1.0.0-incubating):

    • Remove deprecated AttributesMutator.setCacheListener

    • Remove deprecated methods on TransactionEvent

    • Remove BridgeServer system properties

    • Remove deprecated APIs from Locator/Server Launcher classes

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12340669

1.2.1

Changes since the last release:

  • This release is backwards compatible with prior v1.1 and v1.2 releases.  See GEODE-3249 for details regarding rolling upgrades when security is enabled.
  • gfsh queries are no longer paginated.
  • gfsh jar deployment handles functions which extend FunctionAdapter.
  • CVE-2017-9794: Apache Geode gfsh query vulnerability.
  • CVE-2017-9797: Apache Geode client/server authentication vulnerability.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12341124

1.2.0

Changes since the last release:

  • This release is backwards compatible with prior v1.1.x releases:
    • Applications developed with v1.1 should be compatible with v1.2.
    • v1.1 clients should be able to connect to a 1.2 cluster.
    • Rolling upgrades from a running v1.1 cluster to v1.2 are supported.
  • Improve Lucene API and removed the @Experimental status.  This capability provides full-text indexing of data stored in Geode backed by redundant, highly available in-memory storage.
  • Provide a PartitionResolver implementation that allows colocating related data on compound keys without code deployment.
  • Resolve several data consistency issues affecting AsyncEventQueues.
  • Improve the Function API with appropriate generic type parameters.
  • Remove optional usage of the Attach API within gfsh.
  • Bundle geode examples along with the release distributions.  The examples demonstrate simple scenarios for replicated regions, partitioned regions, and CacheLoader.
  • Provide option to invoke callbacks (such as CacheListeners) when importing a region snapshot file.
  • Improve resiliency of server during SSL handshake.
  • Resolve several issues with concurrent Locator startup.
  • Many improvements to hot deployment of Functions including optimized classpath scanning of jars.
  • Close over 300 tickets to add features, implement improvements and fix bugs.
  • Remove a number of API's that had been deprecated prior to the last major version (v1.0.0-incubating):
    • CacheEvent.isDistributed, CacheEvent.isExpiration
    • DataSerializer.register
    • EntryEvent.isBridgeEvent, EntryEvent.isLoad, EntryEvent.isLocalLoad, EntryEvent.isNetLoad, EntryEvent.isNetSearch
    • EntryNotFoundInRegion
    • Execution.execute (various overloads)
    • FunctionService.onMembers (various overloads)
    • LicenseException
    • ObjectSizerImpl
    • RemoteTransactionException
    • Region.entries(boolean), Region.keys

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12339257

1.1.1

Changes since the last release:

  • CVE-2017-5649: Apache Geode information disclosure vulnerability.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12340271

1.1.0

Changes since the last release:

  • Upon graduation to a top-level Apache project, removed incubating project references.
  • Resolved 252 tickets to fix bugs, enhance the state of continuous integration testing, and improve the integrated security implementation.
  • Improved the JSONFormatter and the PdxSerialization frameworks to reduce the number of PDX types generated.
  • Added a backwards compatibility testing framework for validating that Geode v1.0.0-incubating applications can connect to a v1.1.0 server.
  • Made cluster configuration service more cloud friendly by storing the configuration in a Geode Region instead of requiring that they are stored in the file-system.
  • Made cluster configuration service easier to use so that you can deploy/undeploy code even before any cache servers are running.
  • Made gfsh more cloud friendly by enabling developer to describe foreign-key relationships for co-located regions by setting a PartitionResolver during “create region” command.
  • Added Tomcat 8.0 and 8.5 and tcServer 3.2 for HTTP Session Management module.
  • Added docs for Apache Lucene integration.
  • Improved Apache Lucene statistics collection and display.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12338352

1.0.0-incubating

Changes since the last release:

  • Renaming Packages From com.gemstone.gemfire to org.apache.geode
  • Bundling Documentation With The Source Distribution
  • Securing the REST API

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12332343

1.0.0-incubating.M3

Changes since the last release:

  • Improvements To Role-Based Access Control
  • Enhanced Apache Lucene Integration
  • Support For Apache Tomcat 8 Session Caching

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12335358

1.0.0-incubating.M2

Changes since the last release:

  • Incorporating Site-To-Site WAN Connectivity
  • Continuous Querying
  • Http Session Replication
  • Hibernate L2 cache provider
  • Pulse Monitoring Tool

 A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12334709

1.0.0-incubating.M1

The first ASF release:

  • Support For Off-Heap Regions
  • Updated Group Membership Service.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12334248

  • No labels