...

• CVE-2017-5649: Apache Geode information disclosure vulnerability
• CVE-2017-9794: Apache Geode gfsh query vulnerability
• CVE-2017-9797: Apache Geode client/server authentication vulnerability
• CVE-2017-9795: Apache Geode OQL method invocation vulnerability
  
• CVE-2017-9796: Apache Geode OQL bind parameter vulnerability
  
• CVE-2017-12622: Apache Geode gfsh authorization vulnerability
  
• CVE-2017-15696 Apache Geode configuration request authorization vulnerability
• CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer
• CVE-2017-15693 Apache Geode unsafe deserialization of application objects
• CVE-2017-15695 Apache Geode remote code execution vulnerability
  
• CVE-2017-15694 Apache Geode metadata modification vulnerability
• CVE-2019-10091 Apache Geode SSL endpoint verification vulnerability

Latest

1.14.

...

1

This patch release includes a significant number of bug fixes, improvements in current behavior along with the addition of a few statistics to monitor the cluster health:few bug fixes:

• Improved index maintenance and reliability.
• Support for differing socket buffer sizes between locator and server.
• Fixed an issue affecting some classes when serializable validation is enabled.
• Fixed an issue where rebalancing a region with multiple redundancy zones could fail.
• Improved gateway sender performance when not grouping transactions.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12350572

1.14.0

This release includes a significant number of bug fixes, improvements in current behavior along with the addition of a few statistics to monitor the cluster health:

• The creation of OQL indexes now works on sub-regions.
• Proper exceptions are thrown when a region is destroyed during function execution.
• Daemon threads are now used while rebalancing regions.
• Gateway receivers can be configured with the same hostname-for-senders and port. The reason for such a setup is deploying a Geode cluster on a Kubernetes cluster where all GW receivers are reachable from the outside world on the same IP and port.
• Disk stores are recovered in parallel during cluster restarts.
• New option in GFSH command "start gateway sender" to control clearing of existing queues.
• New member field added in OQL query GFSH command to point to the member on which the query will be executed.
• No more ConcurrentModificationException when using JTA transaction.
• Setting SNI server name is now not needed if endpoint verification is disabled.
• A new REST interface for disk-store creation has been introduced.
• GFSH command to create defined indexes now works if connected to a new locator which joined the cluster after indexes were defined.
• Session state modules dependencies were cleaned up and made more efficient.
• Limited retries while trying to create Lucene indexes to prevent stack overflow issues.
• A new statistic was added to get the heap memory occupied by the gateway sender's queue.
• maximum-time-between-pings set when creating a gateway receiver is now honored instead of being ignored.
• Deadlocks are prevented when java garbage collection and tombstone collection occur simultaneously.
• 'conserve-sockets' default value is now set to false when the members are started.
• Slower receivers with async-distribution-timeout greater than 0 are now not allowed with cluster TLS/SSL.
• Client trying to register interest in an older version server will now receive a ServerRefusedConnectionException.
• The speed of registering interest during rolling upgrades has been improved.
• A new feature was added to print out the tenured heap in the log files after garbage collection.
• Bucket statistics were fixed.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12348214

N-1

1.13.5

This patch release includes a few bug fixes:

• Improved index maintenance and reliability.
• Support for differing socket buffer sizes between locator and server.
• Fixed an issue affecting some classes when serializable validation is enabled.
• Correctly limit max message chunk size.
• Improved responsiveness of membership messaging.
• Fixed an issue where rebalancing a region with multiple redundancy zones could fail.
• Note: Geode 1.13.5 clients are not compatible with 1.13.0 or 1.13.1 servers
• The creation of OQL indexes now works on sub-regions.
• Proper exceptions are thrown when a region is destroyed during function execution.
• Daemon threads are now used while rebalancing regions.
• Gateway receivers can be configured with the same hostname-for-senders and port. The reason for such a setup is deploying a Geode cluster on a Kubernetes cluster where all GW receivers are reachable from the outside world on the same IP and port.
• Disk stores are recovered in parallel during cluster restarts.
• New option in GFSH command "start gateway sender" to control clearing of existing queues.
• New member field added in OQL query GFSH command to point to the member on which the query will be executed.
• No more ConcurrentModificationException when using JTA transaction.
• Setting SNI server name is now not needed if endpoint verification is disabled.
• A new REST interface for disk-store creation has been introduced.
• GFSH command to create defined indexes now works if connected to a new locator which joined the cluster after indexes were defined.
• Session state modules dependencies were cleaned up and made more efficient.
• Limited retries while trying to create Lucene indexes to prevent stack overflow issues.
• A new statistic was added to get the heap memory occupied by the gateway sender's queue.
• maximum-time-between-pings set when creating a gateway receiver is now honored instead of being ignored.
• Deadlocks are prevented when java garbage collection and tombstone collection occur simultaneously.
• 'conserve-sockets' default value is now set to false when the members are started.
• Slower receivers with async-distribution-timeout greater than 0 are now not allowed with cluster TLS/SSL.
• Client trying to register interest in an older version server will now receive a ServerRefusedConnectionException.
• The speed of registering interest during rolling upgrades has been improved.
• A new feature was added to print out the tenured heap in the log files after garbage collection.
• Bucket statistics were fixed.

A full list of issues that were resolved can be found at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318420&version=12348214

...

12350439

1.13.4

This patch release includes a few bug fixes:

...