Skip to content

Vitess 11.0.2
Compare
Choose a tag to compare
@frouioui frouioui released this 14 Dec 13:39
· 8422 commits to main since this release
v11.0.2
4f80587

Release of Vitess v11.0.2

Announcement

This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-44228) (#9364), along with a few bug fixes.

Known Issues

  • A critical vulnerability CVE-2021-44228 in the Apache Log4j logging library was disclosed on Dec 9 2021.
    The project provided release 2.15.0 with a patch that mitigates the impact of this CVE. It was quickly found that the initial patch was insufficient, and additional CVEs
    CVE-2021-45046 and CVE-2021-44832 followed.
    These have been fixed in release 2.17.1. This release of Vitess, v11.0.2, uses a version of Log4j below 2.17.1, for this reason, we encourage you to use version v11.0.4 instead, to benefit from the vulnerability patches.

  • An issue where the value of the -force flag is used instead of -keep_data flag's value in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.

Changelog

Bug fixes

VReplication

  • Fix how we identify MySQL generated columns #8796

CI/Build

Build/CI

  • CI: ubuntu-latest now has MySQL 8.0.26, let us override it with latest 8.0.x #9374

Internal Cleanup

Java

  • build(deps): bump log4j-api from 2.13.3 to 2.15.0 in /java #9364

The release includes 7 commits (excluding merges)

Thanks to all our contributors: @askdba, @deepthi, @systay, @tokikanno

Contributors

tokikanno, deepthi, and 2 other contributors
Assets 5
Loading