Release Notes - Payara Platform Community 5.2022.5

Supported APIs and Applications

Jakarta EE 8
Jakarta EE 8 Applications
Jakarta EE 9
MicroProfile 4.1

Notes

Payara 5.2022.5 is the final release of Payara 5 Community. Payara 5 Community will receive no more bug fixes, updates or improvements. Payara 5 Community is now replaced by Payara 6 Community, to be used with Jakarta EE 10. If you want to keep using earlier Java EE/Jakarta EE versions, we encourage you to move to Payara 5 Enterprise.

Improvements

[FISH-5809] Include jdk.internal.reflect packages in OSGi boot delegation configuration settings
[FISH-6495] Hazelcast File Configuration in Payara Embedded

Security Fixes

[FISH-6715] Upgrade Apache BCEL to 6.6.1
[FISH-6775] Authorization Constraints Ignored When Using Path Traversal Penetration Using Default Virtual Module.

Special thanks to Luc Créti and Jean-Michel Lenotte, working for Atos, for alerting us to the vulnerability fixed in FISH-6775.

Bug Fixes

[FISH-5778] The OpenApi @Schema "name" Property does not Rename Annotated Class Attribute
[FISH-5798] OpenAPI annotation @Parameter(… explode = Explode.TRUE) gives stacktrace
[FISH-5808] JAX-RS Subresources don’t Appear in OpenAPI Document
[FISH-6022] MicroProfile JWT Token verified on unauthorized endpoints
[FISH-6047] Single-Sign-On logout action not working correctly when used with Jakarta EE Security features
[FISH-6066] Invalid property 'default-web-xml' on instance start-up
[FISH-6299] Expired/Invalid JWT-Token and CORS-errors
[FISH-6499] NullPointerException When Deploying An Application
[FISH-6567] LDAP Realm Breaks with Java 11.0.15
[FISH-6598] Fix Authentication Mechanism Lookup for Per-Module Auth Configuration in EAR
[FISH-6606] Empty Zip File Error When Deploying via Admin Console

Component Upgrades

[FISH-6669] Upgrade JDK Versions in Docker Images to 8u352, 11.0.17, and 17.0.5
[FISH-6670] Upgrade Jersey to 2.37
[FISH-6671] Upgrade Servlet-API to 4.0.4
[FISH-6672] Upgrade Hibernate Validator to 6.2.5.Final
[FISH-6673] Upgrade Jakarta EL to 3.0.4
[FISH-6674] Upgrade Mail to 1.6.7
[FISH-6675] Upgrade Jackson to 2.13.4
[FISH-6676] Upgrade Snakeyaml to 1.33
[FISH-6677] Upgrade Hazelcast to 4.2.5
[FISH-6678] Upgrade JAXB-API to 2.3.3
[FISH-6679] Upgrade JAXB-OSGi to 2.3.7
[FISH-6681] Upgrade Tyrus to 1.20
[FISH-6682] Upgrade Yasson to 1.0.11
[FISH-6683] Upgrade EclipseLink to 2.7.11
[FISH-6684] Upgrade Jakarta Inject to 1.0.5
[FISH-6685] Upgrade Weld to 3.1.9.Final
[FISH-6686] Upgrade ASM to 9.4
[FISH-6687] Upgrade Concurrency to 1.1
[FISH-6688] Upgrade Istack Commons to 3.0.12
[FISH-6689] Upgrade Activation to 1.2.2
[FISH-6690] Upgrade JAX-WS to 2.3.3
[FISH-6691] Upgrade JMS to 2.0.3
[FISH-6692] Upgrade MicroProfile Config to 2.0.1
[FISH-6693] Upgrade MicroProfile JWT-Auth to 1.2.2
[FISH-6694] Upgrade MicroProfile Metrics to 3.0.1
[FISH-6695] Upgrade MicroProfile OpenAPI to 2.0.1
[FISH-6696] Upgrade OSGi DTO to 1.1.1
[FISH-6698] Upgrade Woodstox to 5.4.0
[FISH-6699] Upgrade HA API to 3.1.13
[FISH-6700] Upgrade JLine to 3.21.0
[FISH-6701] Upgrade Javassist to 3.29.2-GA
[FISH-6702] Upgrade metainf-services to 1.9
[FISH-6703] Upgrade Mimepull to 1.9.15
[FISH-6704] Upgrade Felix Config Admin to 1.9.24
[FISH-6705] Upgrade Felix Event Admin to 1.6.4
[FISH-6706] Upgrade Felix File Install to 3.7.4.payara-p1
[FISH-6707] Upgrade Felix Gogo Runtime to 1.1.6
[FISH-6708] Upgrade Felix to 7.0.5
[FISH-6709] Upgrade Felix SCR to 2.1.30
[FISH-6710] Upgrade Felix Web Console to 4.8.4
[FISH-6711] Upgrade OSGi Util Function to 1.2.0
[FISH-6712] Upgrade OSGi Util Promise to 1.2.0
[FISH-6714] Upgrade Management API to 3.2.3
[FISH-6717] Upgrade JBoss Logging to 3.4.3.Final
[FISH-6718] Upgrade Build and Test Plugins
[FISH-6726] Upgrade Eclipse Payara Transformer to 0.2.9