Notes
Hazelcast 4.2 Upgrade
| With the upgrade of Hazelcast to version 4.2, support for rolling updates from previous versions of Payara Community Edition to 5.2021.3 will NOT be supported. |
Metro (JAX-WS implementation) remote code vulnerability
| We have fixed a remote code vulnerability in the Metro framework. If you have an application deployed on Payara Server that makes use of any JAX-WS features, please update your environment as soon as possible. |
New Feature
-
[FISH-1021] - Add Support for Setting the HSTS Header
Improvement
-
[FISH-1311] - (Community Contribution - AngelTG2) asadmin create-password-alias is very slow when there are many aliases created
-
[FISH-1304] - (Community Contribution - avpinchuk) Basic Auth support for the remote GAV retrieval during uber jar creation for Payara Micro
-
[FISH-1295] - Code cleanup in security-core module
-
[FISH-1287] - Admin console responds very slowly when remote instances are slow to respond
-
[FISH-1286] - Add missing JDK 11 packages to OSGI
-
[FISH-987] - Add option to disable evaluating Class references in EL in JSPs
Bug Fixes
-
[FISH-1297] - Payara fails to start in certain network configurations
-
[FISH-1293] - Disassociate ClusteredStore from tenants
-
[FISH-1289] - Race condition in Payara Micro initialization
-
[FISH-1214] - Fix ConfigParser Throws Exception when Parsing Domain.xml From CLICommand.
-
[FISH-84] - ELResolver cannot handle a null base Object with identifier in EAR
Component Upgrade
-
[FISH-858] - Upgrade Hazelcast 4.1 > 4.2 with Tenant Control
Security
-
[FISH-1274] - Vulnerability in Metro’s WSDL Code Importing/Parsing - Remote Code Execution