What's New
Security Patch Release
Fix Log4j2 Security Vulnerabilities
CVE-2021-45105, CVE-2021-45046
Agent : log4j 2.12.3
Server module : log4j 2.17.0
Release Notes
[#8510] Backport: Bump Log4j 2.17.0 by @emeroad in https://github.com/pinpoint-apm/pinpoint/pull/8531
[#8521] Backport: Bump log4j 2.12.3 for JDK7 by @emeroad in https://github.com/pinpoint-apm/pinpoint/pull/8537
[#8507] Fix malformed logging configuration for agent by @kjkmadness in https://github.com/pinpoint-apm/pinpoint/pull/8508
[#8313] Add null check to kafka header values to prevent NPE by @ga-ram in https://github.com/pinpoint-apm/pinpoint/pull/8529
[#8515] Backport: Fix https in jdk-http-plugin by @jaehong-kim in https://github.com/pinpoint-apm/pinpoint/commit/a7f50bed3fd569c07e534d3fe4737e47411fa7c2
[#8501] Disable unnecessary JNDI by @emeroad in https://github.com/pinpoint-apm/pinpoint/pull/8506
[#8547] Backport fix app proxy header by @jaehong-kim in https://github.com/pinpoint-apm/pinpoint/pull/8548
[#8541] Backport: Enhanced Pinpoint header validation by @emeroad in https://github.com/pinpoint-apm/pinpoint/pull/8546
Thank You
Thank you all. If there is someone who was inadvertently excluded, please let me know. @kjkmadness
Upgrade consideration
HBase compatibility table:
1.8.x
not tested
yes
yes
no
Agent compatibility to Collector table:
1.8.x
yes
yes
yes
yes
yes
yes
2.0.x
no
yes
yes
yes
yes
yes
2.1.x
no
no
yes
yes
yes
yes
2.2.x
no
no
no
yes
yes
yes
2.3.x
no
no
no
no
yes
yes
2.4.x
no
no
no
no
no
yes
Additionally, the required Java version to run each Pinpoint component is given below:
1.8.0
6-10
8
8
8
1.8.1+
6-11
8
8
8
2.0.x
6-13
8
8
8
2.1.x
6-14
8
8
8
2.2.x
7-14
8
8
8
2.3.x
7-17
8
8
8
2.4.x
7-18
11
11
11
Supported Modules
JDK 6+
Supported versions of the * indicated library may differ from the actual version.
Jasper
Java Async Thread
OpenWhisk
whisk.core
SpringMVC Framework
spring-webmvc
3.0.7
5.3.6
Spring Web
spring-web
4.1.2
4.3.30
Spring RabbitMQ
spring-rabbit
1.3.3
2.2.16
Spring IBatis
spring-ibatis
2.0.7
2.0.8
Spring MyBatis
mybatis-spring
1.1.0
1.3.3
MyBatis
mybatis
3.0.3
3.3.1
JDKHTTP
Httpclient3
commons-httpclient
3.0
3.1
Httpclient4
httpclient
4.0
4.5.4
Thrift
libthrift
0.9.1
0.14.1
Google HTTP Client
google-http-client
1.19.0
1.39.2
AsyncHttpClient
async-http-client
1.7.24
1.8.17
OkHttp
okhttp
2.0.0
3.3.1
Apache HttpAsyncClient
httpasyncclient
4.0
4.1.3
*Akka HTTP
akka-http_2.12
10.1.0
10.1.x
GRPC
grpc-stub
1.8.0
1.37.0
Log4j
log4j
1.2.16
1.2.17
Logback
logback-classic
1.0.13
1.2.3
Log4j2
log4j-core
2.0
2.12.1
*Arcus
arcus-java-client
1.7.0
1.11.4
*MsSQL (jTDS)
jtds
1.2.8
*MsSQL
mssql-jdbc
HikariCP
HikariCP-java6
2.3.0
2.3.13
Jackson-mapper-asl
jackson-mapper-asl
1.0.1
1.8.11
Jackson Databind
jackson-databind
2.0.6
2.12.3
MariaDB Connector/J
mariadb-java-client
1.3.0
2.7.2
MongoDB Java Driver
mongodb-driver
3.0.0
3.12.8
Elasticsearch
elasticsearch-rest-high-level-client
6.0.0
6.8.15
Datastax Java Driver
cassandra-driver-core
2.0.10
3.11.0
Druid
druid
1.0.0
1.2.6
*Cubrid
cubrid-jdbc-driver
8.4.1
10.0.0
*Commons DBCP
commons-dbcp
1.0
1.4
*Commons DBCP2
commons-dbcp2
2.0
2.5.0
*HBase
hbase-client
1.2.6.1
1.2.6.1
*MySQL
mysql-connector-java
5.0
8.x
*Oracle JDBC Driver
ojdbc
*PostgreSQL JDBC Driver
postgresql
Apache CXF
cxf-rt-rs-client
3.0.0
3.4.3
Netty
netty-all
4.1.0
4.1.63
ActiveMQ
activemq-all
5.1.0
5.16.1
Gson
gson
1.1
2.8.3
Json
json-lib
1.0
2.2.2
FastJson
fastjson
1.2.10
1.2.76
Dubbo
dubbo
2.5.1
2.6.9
kafka-clients
kafka-clients
0.11.0.0
2.6.1
postgresql
postgresql
9.4.1208
42.2.19
ojdbc8
ojdbc8
12.2.0.1
21.1.0.0
ojdbc10
ojdbc10
19.3.0.0
19.10.0.0
Last updated