check session status...
Bug Fix Report
Generate a Fixed Bugs Report for a single version, or for all bugs fixed between any two versions (inclusive).
| Found 18 bugs fixed in 10.0-9.5 |
| Bug ID | Component | Platform | Status |
| MLCP getting XCC ServerConnectionException with AWS ALB | |||
| MLCP continuously encountering XCC ServerConnectionException: Premature EOF Exception when using ALB in AWS | |||
| BUG-57063 | XCC/Java | all | Fixed in 10.0-9.5 |
| MLCP 3rd party library security vulnerabilities | |||
| There are security vulnerabilities in some of the 3rd party libraries used by MLCP. Refer to the Release notes for a complete list of Security vulnerabilities resolved by this update. | |||
| BUG-57271 | mlcp | all | Fixed in 10.0-9.5 |
| Backup with Journal Archiving to Microsoft Azure Blob Storage Failures | |||
| Backup with Journal Archiving to Microsoft Azure Blob Storage may cause primary forest corruption. When this occurs, MarkLogic Server may fail to start. During a MarkLogic process restart, forests may remain in a mounted state and are unable to come back up. If this happens in a critical environment, contact the MarkLogic Technical support team immediately for steps to recover the forest safely and to get the MarkLogic cluster back online. | |||
| BUG-55184 | Backup/Restore | Azure | Fixed in 10.0-9.5 |
| XCC doesn't handle "Connection:close" header issued by the Azure AG | |||
| mlcp run against Azure Application Gateway with -batch_size > 100 exceeds the limit of requests per connection of the AG. The AG will issue "Connection:close" but XCC doesn't repect this. | |||
| BUG-55607 | XCC/Java | all | Fixed in 10.0-9.5 |
| MLCP : Jackson-databind jar security vulnerabilities | |||
| Upgraded the Jackson-databind jar used by MLCP to resolve security vulnerabilities. | |||
| BUG-57272 | mlcp | all | Fixed in 10.0-9.5 |
| XML SVM Classifier segmentation fault on extremely large training set | |||
| When cts:classify () is run on a training dataset that is extremely large, the SVM classifier may result in a segmentation fault. | |||
| BUG-57404 | all | Fixed in 10.0-9.5 | |
| Query Console : CodeMirror package security vulnerability | |||
| Upgraded the CodeMirror package used by Query Console from version 5.11.0 to 5.65.8 to address CVE-2020-7760. | |||
| BUG-57736 | all | Fixed in 10.0-9.5 | |
| MLCP : Httpclient jar security vulnerabilities | |||
| upgraded the Httpclient jar used by MLCP to resolve known security vulnerabilities | |||
| BUG-57278 | mlcp | all | Fixed in 10.0-9.5 |
| [10.0-9.2 Regression] Detected Huge page size capped; | |||
| In 10.0-9.2, 10.0-9.3, & 10.0-9.4, MarkLogic only detects huge pages up to at 3/8 * MemTotal / hugepagesize; (MemTotal is the total usable RAM, hugepagesize is the size of a single unit of huge page. These are available in /proc/meminfo); Resolution is to restore the behavior prior to 10.0-9.2 (MarkLogic will detect all configured huge pages). | |||
| BUG-57695 | xdmp | all | Fixed in 10.0-9.5 |
| Jetty library security vulnerability | |||
| MLCP uses the Jetty libraries as interdependency with the hadoop libraries. Prior version is no longer supported and had known security vulnerabilities. Upgraded the Jetty library to 9.4.20 | |||
| BUG-55114 | mlcp | all | Fixed in 10.0-9.5 |
| Improved logging for stand deletion failures | |||
| When merges complete, old stands are removed. We added new error logging (XDMP-RECURSIVEREMOVEFAILED & XDMP-OBSOLETESTANDNOTDELETED) in the situation where old stands fail to delete to give more detail regarding the cause and to highlight that there might be system level issues that will need to be corrected. | |||
| BUG-56970 | xdmp | all | Fixed in 10.0-9.5 |
| MLCP import fails on Windows with OpenJDK 11 | |||
| In MLCP, an incompatibility between an old Hadoop library and Java 11 resulted in ava.lang.ExceptionInInitializerError. The Hadoop libraries have been upgraded. | |||
| BUG-55795 | mlcp | windows(64-bit) | Fixed in 10.0-9.5 |
| Database assignment policy does not default to "bucket" when a database is created via the management APIs | |||
| As of 10.0-9, the default assignment policy for databases created via the admin UI was set to "bucket". The default assignment policy for databases created via the management API is still "segment" though. | |||
| BUG-57635 | XQuery | all | Fixed in 10.0-9.5 |
| logback-classic jar security vulnerabilities | |||
| Upgraded the the logback-classic jar used by MLCP to resolve known security vulnerabilities | |||
| BUG-57275 | mlcp | all | Fixed in 10.0-9.5 |
| BUG-57586 | all | Fixed in 10.0-9.5 | |
| Xstream jar security vulnerabilities | |||
| Upgraded the XStream jar used by MLCP to resolve security vulnerabilities | |||
| BUG-57274 | mlcp | all | Fixed in 10.0-9.5 |
| MLCP has Hadoop libraries which had security vulnerabilities | |||
| Hadoop libraries have security vulnerabilities, so they needed to be upgraded | |||
| BUG-56955 | mlcp | all | Fixed in 10.0-9.5 |
| MLCP Security vulnerabilities in Hadoop libraries | |||
| Older Hadoop libraries included security vulnerabilities in the mlcp project. These are upgraded to resolve these vulnerabilities CVE-2017-3162 and CVE-2012-4449. | |||
| BUG-56394 | mlcp | all | Fixed in 10.0-9.5 |