23.0.2.Final

Component Upgrade

• [WFCORE-6695] - CVE-2023-4639 Upgrade Undertow to 2.3.11.Final

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12420021
Full Changelog: 23.0.1.Final...23.0.2.Final

24.0.0.Beta1

Feature Request

• [WFCORE-6411] - Make it possible to use JaasSecurityRealm via a custom-realm resource

Bug

• [WFCORE-5169] - Migrate all tests to use version AM26 of Apache DS
• [WFCORE-6465] - Layers test Scanner treats circularly referenced modules as referenced
• [WFCORE-6485] - Do not hardcode Elytron test only dependency versions in Elytron maven module
• [WFCORE-6498] - LayersTest doesn't properly track the unreferenced status of alias modules
• [WFCORE-6680] - YamlExtensionTestCase assertions are too fragile

Task

• [WFCORE-6459] - Update LayersTestCase
• [WFCORE-6481] - Split LayersTest.testDeployedModules in two
• [WFCORE-6645] - Review DomainTestSuite.createSupport uses
• [WFCORE-6666] - Remove deprecated methods and unused fields from DomainTestSupport
• [WFCORE-6668] - read-feature-description operation needs to include stability per feature for use by WildFly Glow
• [WFCORE-6677] - Bump the kernel management API version to 25.0.0
• [WFCORE-6687] - Upgrade licenses-plugin to 2.4.1.Final

Component Upgrade

• [WFCORE-5255] - Migrate all tests to use org.apache.directory.api version 2.0.0
• [WFCORE-6676] - CVE-2023-48795 Upgrade SSHD from 2.11.0 to 2.12.0
• [WFCORE-6688] - Upgrade the WildFly Maven Plugin to 4.2.2
• [WFCORE-6692] - Upgrade WildFly Elytron to 2.3.0.Final
• [WFCORE-6695] - CVE-2023-4639 Upgrade Undertow to 2.3.11.Final

Enhancement

• [WFCORE-6456] - LayersTest.test should validate the unreferenced and unused params

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12420012
Full Changelog: 23.0.0.Final...24.0.0.Beta1

23.0.1.Final

What's Changed

Component Upgrade

• [WFCORE-6676] - CVE-2023-48795 Upgrade SSHD from 2.11.0 to 2.12.0

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12420013
Full Changelog: 23.0.0.Final...23.0.1.Final

23.0.0.Final

What's Changed

Bug

• [WFCORE-6531] - standalone.sh and possibly other scripts usage of eval
• [WFCORE-6538] - KerberosNativeMgmtSaslTestCase.testGs2Krb5OverSsl intermittently fails
• [WFCORE-6656] - CLI, shaded jar can't start embedded when logging json formater configured
• [WFCORE-6665] - Missing http-upgrade-service when running Domain Mode test suite
• [WFCORE-6669] - Various tests fail when env specifies JDK_JAVA_OPTIONS or JAVA_TOOL_OPTIONS

Task

• [WFCORE-5775] - Remove the org.wildfly.management.expression-resolver-extension-registry
• [WFCORE-6627] - Make use of the SetRequestInformationCallbackServerMechanismFactory to set the request information during HTTP authentication
• [WFCORE-6658] - Convert ControlledProcessStateService to the current MSC API

Component Upgrade

• [WFCORE-6664] - Upgrade SLF4J from 2.0.9 to 2.0.11
• [WFCORE-6667] - Upgrade WildFly Elytron to 2.2.3.Final

Enhancement

• [WFCORE-6176] - Replace AbstractAddStepHandler.Parameters.addRuntimeCapability with a fit to purpose API
• [WFCORE-6347] - Port subsystem development enhancements from wildfly-clustering-common to wildfly-core

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12418897
Full Changelog: 23.0.0.Beta5...23.0.0.Final

23.0.0.Beta5

What's Changed

Bug

• [WFCORE-6646] - Can't undefine "use-identity-roles" of /core-service=management/access=authorization
• [WFCORE-6651] - Extension implementation in wildfly-subsystem should only register parsers enabled by the current stability level
• [WFCORE-6653] - Missing maven-repo-files description on the help of management CLI installer command

Component Upgrade

• [WFCORE-6654] - Upgrade WildFly Galleon plugins to 6.5.4.Final
• [WFCORE-6660] - Upgrade log4j2 from 2.22.0 to 2.22.1

Enhancement

• [WFCORE-6347] - Port subsystem development enhancements from wildfly-clustering-common to wildfly-core
• [WFCORE-6635] - Make org.wildfly.core.launcher.* more extensible
• [WFCORE-6648] - Mark "read-config-as-xml" as deprecated on Community stream
• [WFCORE-6649] - Should --no-resolve-local-cache be the default

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12418355
Full Changelog: 23.0.0.Beta4...23.0.0.Beta5

23.0.0.Beta4

What's Changed

Feature Request

• [WFCORE-4758] - Community - Simple config export for a domain server

Task

• [WFCORE-6642] - Remove obsolete eap-repo profile in test

Component Upgrade

• [WFCORE-6643] - Upgrade JGit from 6.7.0.202309050840-r to 6.8.0.202311291450-r
• [WFCORE-6644] - Upgrade log4j2 from 2.19.0 to 2.22.0

Enhancement

• [WFCORE-6579] - Use Process Controller log file to capture Host Controller and Managed Servers standard error

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12417860
Full Changelog: 23.0.0.Beta3...23.0.0.Beta4

23.0.0.Beta3

What's Changed

Feature Request

• [WFCORE-6221] - Add formal preview/experimental mode to management model
• [WFCORE-6311] - Port JBoss MSC constructs from wildfly-clustering-service to wildfly-core
• [WFCORE-6347] - Port subsystem development enhancements from wildfly-clustering-common to wildfly-core

Bug

• [WFCORE-6624] - Missing Locale parameter while calling toUpperCase and toLowerCase methods
• [WFCORE-6638] - Local variables referenced from a lambda expression must be final or effectively final

Task

• [WFCORE-6634] - Upgrade io.smallrye:jandex from 3.1.5 to 3.1.6

Component Upgrade

• [WFCORE-6636] - Upgrade log4j2-jboss-logmanager from 1.1.1.Final to 1.1.2.Final

Enhancement

• [WFCORE-6612] - Convert testsuite provisioning from galleon-maven-plugin to wildfly-maven-plugin
• [WFCORE-6613] - Create channel and manifest artifacts for the core feature pack
• [WFCORE-6614] - External configuration of channels to use when testing
• [WFCORE-6615] - Dynamic configuration of channels to use when testing

Release notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12417081
Full Changelog: 23.0.0.Beta2...23.0.0.Beta3

22.0.2.Final

What's Changed

Bug

• [WFCORE-6578] - [CVE-2023-3171] WildFly heap exhaustion via deserialization
• [WFCORE-6592] - NPE in ThreadFactoryService

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12415177
Full Changelog: 22.0.1.Final...22.0.2.Final

23.0.0.Beta2

What's Changed

Bug

• [WFCORE-6578] - [CVE-2023-3171] WildFly heap exhaustion via deserialization
• [WFCORE-6591] - Core modules still have dependencies on org.jboss.as.security
• [WFCORE-6592] - NPE in ThreadFactoryService
• [WFCORE-6597] - WFCORE-4296 - Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions when started by ps1 script
• [WFCORE-6601] - ModuleSpecification.setSystemDependency does not reset the allDependencies list
• [WFCORE-6604] - JMX can't set default value for an attribute of ModelType.LIST
• [WFCORE-6607] - ModuleSpecification.addSystemDependency treats a duplicate add as an excluded dependency
• [WFCORE-6608] - Inconsistent user dependency views in ModuleSpecification

Task

• [WFCORE-6332] - Better handling of licenses
• [WFCORE-6599] - Control the maven repos used by dependabot
• [WFCORE-6606] - WildFly main is failing some of Jakarta EE 10 Platform TCK Connector tests that depend on appclient deploying an ear with resource archive deployment dependencies
• [WFCORE-6609] - Remove obsolete JMockit from Elytron tests
• [WFCORE-6617] - Clean out ts.elytron profile cruft
• [WFCORE-6620] - Bump the kernel management API version to 24.0.0
• [WFCORE-6625] - Remove org.glassfish:jakarta.json license info

Component Upgrade

• [WFCORE-6577] - Upgrade Galleon to 5.2.2.Final and Galleon plugins to 6.5.2.Final
• [WFCORE-6582] - Upgrade WildFly Galleon plugins to 6.5.3.Final
• [WFCORE-6584] - Upgrade wildfly-common to 1.7.0.Final
• [WFCORE-6585] - Upgrade snakeyaml to 2.2
• [WFCORE-6586] - Upgrade SSHD from 2.10.0 to 2.11.0
• [WFCORE-6587] - Upgrade Apache Commons CLI from 1.5.0 to 1.6.0
• [WFCORE-6590] - Upgrade commons-lang3 from 3.12.0 to 3.13.0
• [WFCORE-6618] - Upgrade BouncyCastle from 1.76 to 1.77
• [WFCORE-6621] - Upgrade Byteman to 4.0.22

Enhancement

• [WFCORE-6255] - Deployment scanner does not undeploy failed archives
• [WFCORE-6600] - Limit logging level of com.networknt.schema

Release Notes: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12416052
Full Changelog: 23.0.0.Beta1...23.0.0.Beta2

23.0.0.Beta1

What's Changed

Bug

• [WFCORE-6538] - KerberosNativeMgmtSaslTestCase.testGs2Krb5OverSsl intermittently fails
• [WFCORE-6541] - Patch high level command should be completely disabled in standalone mode
• [WFCORE-6548] - Unify test logging in elytron module
• [WFCORE-6552] - Windows: WARNING: package com.sun.net.internal.ssl not in java.base
• [WFCORE-6559] - Installation manager could be unable to delete the candidate server when running in PowerShell
• [WFCORE-6568] - Modify description in elytron of subsystem to its correct sentence

Task

• [WFCORE-6445] - Update ModuleSpecification.getMutableUserDependencies to resolve pending TODOs
• [WFCORE-6532] - Add security manager testing to scripts tests
• [WFCORE-6563] - Remove org.wildfly.build plugins from the poms

Component Upgrade

• [WFCORE-6527] - Upgrade JGit from 6.6.1.202309021850-r to 6.7.0.202309050840-r
• [WFCORE-6542] - Upgrade the Windows service tools
• [WFCORE-6547] - Upgrade JBoss Marshalling to 2.1.3.SP1
• [WFCORE-6551] - Upgrade XNIO to 3.8.11.Final
• [WFCORE-6555] - CVE-2023-3223 Upgrade Undertow to 2.3.9.Final
• [WFCORE-6557] - CVE-2023-44487 Upgrade Netty to 4.1.100.Final
• [WFCORE-6562] - Upgrade Galleon to 5.2.1.Final and Galleon plugins to 6.5.0.Final
• [WFCORE-6564] - CVE-2023-44487 Upgrade Undertow to 2.3.10.Final
• [WFCORE-6567] - Upgrade Installation Manager API to 1.0.2.Final
• [WFCORE-6572] - Upgrade XNIO to 3.8.12.Final
• [WFCORE-6573] - Upgrade Eclipse Parsson from 1.1.4 to 1.1.5
• [WFCORE-6574] - Upgrade JBoss Parent to 40
• [WFCORE-6575] - Upgrade Jakarta JSON from 2.1.2 to 2.1.3

Enhancement

• [WFCORE-6476] - Reducing logging level for failed internal read-only operation steps
• [WFCORE-6556] - IllegalAccessWarnings on JDK11 in Elytron Subsystem

New Contributors

• @gabrielpadilh4 made their first contribution in #5729

Full Changelog: https://issues.redhat.com/secure/ReleaseNote.jspa?projectId=12315422&version=12414615