Coherence CE v14.1.1.0.9

This is patch 9 of the Coherence CE v14.1.1 release.

Bugs fixed since Coherence CE 14.1.1.0.8

• Fixed an issue where a StackOverflowError could occur when skipping null String references of a uniform collection during POF deserialization.
• Fixed an issue where XmlHelper.overrideElement() may not maintain the order of elements in the resulting XML configuration.
• Added CacheEvent.isExpired(). On ENTRY_DELETED, isExpired() will return true if the entry was evicted due to expiry.
• Added ServiceMBean attribute StatusHACode for metrics support.
• Added the ability to specify a domain name suffix for Coherence MBeans by setting the coherence.management-config.domain-name-suffix in the operational override configuration.
• Fixed an issue where the Coherence Reporter proxy reports do not account for members joining and leaving the cluster.
• Removed the shaded MVEL2 library from coherence-rest.jar and switched to using built in Coherence classes for Coherence REST query processing. MVEL can still be used for query processing if desired by adding the library (mvel2.jar) to the classpath.
• Fixed an issue where Management over REST queries could fail if non-Coherence MBeans exist with the same type field in the ObjectName, for example "type=Service".
• Added support for using a password provider for the keystore password in AccessController.
• Fixed an issue with AccessController where keystores which support read access without a password could no longer be used without a password.
• Corrected the operationId in the Management over REST Swagger documentation for the service stop operation.
• Fixed an issue where NotSerializableException may be thrown when using invokeAll() on a partitioned cache with persistence configured in active mode.
• Corrected the default value returned by the ClusterNodeMBean's tracingSamplingRatio when tracing dependencies aren't present on the class path.
• Removed the optional Log4j and SLF4J dependences from the Coherence pom file.
• Fixed an issue where a SEGV core dump could occur in nio.DirectByteBuffer operations when releasing an AsyncBinaryStore backed by an external file.
• Updated the Management over REST Swagger documentation to call out certain features that are only available in Grid Edition.
• Updated the Netty dependency version to 4.1.73.
• Enhanced Coherence REST server logging to assist development time debugging by logging handled exceptions for a REST HTTP Response of BAD_REQUEST (status 400) at log level 6 or higher.
• Removed identity token deserialization in NameService TcpAcceptor processing.
• Added JEP 290 support for ExternalizableLite.

Coherence CE v21.12.3

This is Patch 3 of the Coherence CE v21.12 release.

Bugs fixed since Coherence CE 21.12.2:

• Fixed an issue where NotSerializableException may be thrown when using invokeAll() on a partitioned cache with persistence configured in active mode.
• Fixed an issue where XmlHelper.overrideElement() may not maintain the order of elements in the resulting XML configuration.
• Fixed an issue in the NamedTopic subscriber where a LockContentionException could be thrown when many subscribers are being created and polling for messages at the same time.
• Fixed an issue in topics where seeking to the tail for a subscriber did not actually move the subscriber’s position.
• Added ability to specify a descriptive MBean domain name suffix to replace the generated domain name Coherence@NNN when a domain name conflict is detected due to multiple clusters running in same JVM. Configure managment-config.domain-name-suffix to replace the generated number component suffix, NNN.
• Fixed an issue where the Coherence JsonSerializer could not serialize a String made up of a single backslash.
• Fixed an issue where the Coherence Reporter’s proxy reports do not account for members joining and leaving the cluster.
• Updated the Netty dependency version to 4.1.73.

Coherence CE v21.12.2

This is Patch 2 of the Coherence CE v21.12 release.

Bugs fixed since Coherence CE 21.12.1:

• Enhanced Coherence REST server logging to assist development time debugging, log handled exceptions for REST HTTP Response of BAD_REQUEST (status 400) at log level 6 or higher.
• Added ServiceMBean attribute StatusHACode for metrics support.
• Fixed an issue where the XmlHelper.overrideElement() may not maintain the order of elements in the result XML configuration.
• Fixed an issue where closing a topic subscriber caused a NotSerializableException on the storage enabled cluster members.

Coherence CE v21.12.1

This is Patch 1 of the Coherence CE v21.12 release.

New Features in 21.12.1:

• Added support for using a password provider for the keystore password in the AccessController.
• Added API methods to determine the number of unreceived elements for a NamedTopic subscriber or subscriber group.

Bugs fixed since Coherence CE 21.12:

• Fixed an issue with AccessController where keystores which support read access without a password could no longer be used without a password.
• Removed the optional Log4J and SLF4J dependencies from the Coherence POM file.
• Fixed an issue where topic subscribers failed to be cleaned up causing channels to fail to be reallocated to remaining subscribers.
• Fixed an issue where deadlock occurs if a topic and one or more of its publishers are closed by different threads at the same time.
• Fixed an issue where a NullPointerException may be thrown when a topic attempts to clean up subscriber notifications for a non-existent page.
• Updated the management Swagger to call out certain features that are available when using Grid Edition only.
• Fixed an issue in topic Subscriber where the CompletableFuture returned from calls to Subscriber.receieve() could fail to complete on an empty topic when the Subscriber was created with the CompleteOnEmpty option enabled.
• Fixed an issue where the operationId in the management Swagger document was incorrect for the stop service operation.

Coherence CE v14.1.1.0.8

This is patch 8 of the Coherence CE v14.1.1 release.

Bugs fixed since Coherence CE 14.1.1.0.7:

• Fixed an issue in Management over REST swagger documentation where the operationId was incorrect for the start federation operation.
• Fixed an issue where a service could be terminated during partition recovery due to guardian timeout.
• Improved versioning logic to handle future commercial product versioning schemes.
• Fixed an issue where service names and other path elements were not being validated in Management over REST endpoints.
• Fixed an issue where a client side memory leak may occur when many TopicPublishers are created and closed with option FailOnFull.enabled().
• Fixed an issue where setting discovery-address in multicast mode did not have any effect. The specified address will now be used as the discovery endpoint. If a discovery-address is not specified, by default the discovery endpoint will bind to all interfaces on a multi-homed machine.
• Fixed an issue where a null was returned in a JFR status message instead of the actual member id.
• Added the ability to register lifecycle listeners with DefaultCacheServer instances, either via the DefaultCacheServer API, or via discovery using the Java ServiceLoader.
• Fixed a regression in PortableException when Java serialisation introduced in 12.2.1.4.5 and 14.1.1.0.1 that made it incompatible with earlier Coherence versions. Applications using POF are not affected by this change or this bug.
• Fixed an issue where requests could hang indefinitely due to a failed partition recovery.
• Fixed an issue where UnitsBytes could be negative when unit factor was greater than one.
• Updated MVEL version to 2.4.12.Final.
• Bumped the version for JLine dependencies and included JLine jar files.
• Fixed an issue where a distributed service could release an unowned partition leading to IllegalStateException.
• Fixed an issue where a service could hang indefinitely on updateIndex waiting for pending storage version to commit.
• Fixed an issue where CohQL could return incorrect results when compound conditions are used with parenthesis on the first part of the query statement.
• Improved startup times in OSs that exhibit slow times in deriving the network interface associated to an IP address.

Coherence CE v21.12

This is the official Coherence CE v21.12 release including the following new features.

New Features in 21.12:

• Distributed Concurrent Data Structures
  • Distributed implementations of java.util.concurrent primitives, such as atomics, locks, latches and semaphores.
  • An ExecutorService implementation allowing guaranteed remote task execution.
• Backup Improvements
  • Allow the redundant copies to be used for reads (get/getAll) with the option of choosing primary, closest, a random backup up, or provide your own implementation.
  • Reduce the cost of asynchronous backups, thus improving write throughput, by scheduling the changes to be sent to redundant copies periodically.

Bugs fixed since Coherence CE 21.06:

• Fixed an issue where a service could be terminated during partition recovery due to guardian timeout.
• Fixed an issue where service names and other path elements were not being validated in Management over REST endpoints
• Fixed an issue where a client side memory leak may occur when many TopicPublishers are created and closed with option FailOnFull.enabled().
• Fixed an issue where setting discovery-address in multicast mode did not have any effect. The specified address will now be used as the discovery endpoint. If a discovery-address is not specified, by default the discovery endpoint will bind to all interfaces on a multi-homed machine.
• Fixed an issue where a null was returned in a JFR status message instead of the actual member ID.
• Fixed a regression in PortableException when Java serialization introduced in 12.2.1.4.5 and 14.1.1.0.1 that made it incompatible with earlier Coherence versions. Applications using POF are not affected by this change or this bug.
• Improved the removal of topic group subscribers created by departed cluster members, by making it more aggressive and hence speeding up reallocation of channels to the remaining subscribers.
• Fixed an issue where topic subscribers could cause a deadlock when processing non-empty channel notifications.
• Fixed an issue where member departure caused all topic subscribers on storage disabled members to be disconnected instead of just cleaning up departed subscribers.
• Fixed an issue where topic subscribers could create a deadlock when reconnecting after loss of storage members, causing the service guardian to terminate the service .
• Fixed an issue where requests could hang indefinitely due to a failed partition recovery.
• Fixed an issue where UnitsBytes could be negative when unit factor was greater than one.
• Bumped the version for JLine dependencies and included JLine jar files.
• Fixed an issue where a distributed service could release an unowned partition leading to IllegalStateException.
• Enhanced the Coherence.start() method, released as part of the Bootstrap API in CE version 20.12, to return a CompletableFuture<Coherence> instead of a CompletableFuture<Void>. This allows a more fluent API when using static factory methods to create and start a Coherence instance. This is a breaking change in applications that specifically assign the result of calls to Coherence.start() to a CompletableFuture<Void> variable.
• Fixed an issue where a service could hang indefinitely on updateIndex waiting for pending storage version to commit.
• Fixed an issue where CohQL could return incorrect results when compound conditions are used with parenthesis on the first part of the query statement.
• Fixed an issue where stream collect on NamedCache collections (keySet, values, entrySet) throws UnsupportedOperationException.
• Fixed a NullPointerException that occurred when generating a log message after failing to start management over REST, which resulted in the misleading, and non-helpful, error log message: "Failure to initialize JMX remote management caused by: NullPointerException".
• Fixed an issue where expired entries are not evicted for ReadWriteBackingMap.
• Fixed an issue that class ConverterComparator is serializable, which is not required.
• Fixed a memory leak that occurred when creating and releasing Topic Publishers and Subscribers
• Fixed an issue in management over REST where the services list returns an HTTP 500 error when the cluster has no services.
• Fixed an issue where NullPointerException could occur in the index rebuild thread during failover, and lead to worker threads hanging waiting for index ready.
• Added cache configuration element cache-values which allows a view-scheme to be configured to cache both keys and values (the default), or only keys.
• Fixed an issue where a topic subscriber with only a single channel allocated will not stop polling even when the channel is empty.
• Added example showing how to monitor StatusHA for rolling redeploys
• Fixed an issue where the Java gRPC client will hang when getting caches if no connection to the server can be made.
• Fixed an issue with cluster start up when a unicast-listener/discovery-address is specified in multicast mode.
• Fixed an issue where if an initial event is not received for a partition DurableEvents will miss events that occurred while being disconnected.
• Fixed an issue in persistence to ensure errors are caught in a rare and unexpected part of the recovery protocol.
• Fixed an issue where the partitioned cache service thread could hit the guardian timeout while processing deferred events during partition recovery or failover.
• Fixed an issue where CohQL persistence commands may throw an IllegalArgumentException.
• Improved startup times in OSs that exhibit slow times in deriving the network interface associated to an IP address.
• Improved the partition transfer process to work more efficiently while the service is under heavy load.
• CVE-2021-2344 Fixed an issue where Java array deserialization may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.
• CVE-2021-2371 Fixed an issue where Java array deserialization using ExternalizableHelper may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.
• Fixed an issue where cluster join may automatically fallback to multicast if all of the configured WKA addresses are unresolvable.
• Added ILIKE operator to CohQL; the case-insensitive equivalent of LIKE
• CVE-2021-2428 Fixed Java serialization of the Coherence JCache CoherenceEntryProcessorResult class to prevent unintended usage of this class.
• Fixed an issue with serializing classes annotated with PortableType that have not specified an ID.
• Enhanced Coherence metrics to allow metric names to be published without a vendor: prefix. Removing the vendor: prefix is controlled by setting the system property coherence.metrics.legacy.names=false
• Moved Coherence metrics functionality into coherence.jar, removing the requirement to use coherence-metrics.jar and removing the requirement for additional third-party dependencies when enabling Coherence metrics. 
• Enhanced CohQL to handle the case where value() is used in where clauses.
• Fixed a thread safety issue that can disrupt a joining member from joining the service in very rare cases.
• Fixed an issue when there are multiple cache factories in a JVM, the cache factory created the proxy service may not be the one used by it, resulting in error finding the caches.
• Fixed an issue where CacheStore.eraseAll() had no path to be called on NamedCache bulk operations such as invokeAll(). With this fix, CacheStore.eraseAll() is called when NamedCache.invokeAll() is invoked with a "remove" processor or when NamedCache.keySet().removeAll() or NamedCache.entrySet().removeAll() are called.
• Reduced CPU utilization in sending backup messages
• Bumped the version of Jetty dependency to 9.4.43.v20210629.
• Fixed an issue where changing the Coherence log level using the Node Mbean had no effect.

Coherence CE v14.1.1.0.7

This is patch 7 of the Coherence CE v14.1.1 release.

Fixed Issues

• Fixed an issue where stream collect on NamedCache collections (keySet, values, entrySet) throws UnsupportedOperationException.
• Fixed a NullPointerException that occurred when generating a log message after failing to start management over REST, which resulted in the misleading, and non-helpful, error log message: "Failure to initialize JMX remote management caused by: NullPointerException".
• Fixed an issue where expired entries are not evicted for ReadWriteBackingMap.
• Fixed an issue that class ConverterComparator is serializable, which is not required.
• Added additional logging when metrics registration fails.
• Fixed an issue in management over REST where the services list returns an HTTP 500 error when the cluster has no services.
• Fixed an issue where NullPointerException could occur in the index rebuild thread during failover, and lead to worker threads hanging waiting for index ready.
• Added cache configuration element cache-values which allows a view-scheme to be configured to cache both keys and values (the default), or only keys.
• Fixed an issue with cluster start up when a unicast-listener/discovery-address is specified in multicast mode.
• Fixed an issue in persistence to ensure errors are caught in a rare and unexpected part of the recovery protocol.
• Fixed an issue where session invalidation might lead to "no usable session model error" and stuck threads.
• Fixed an issue where CohQL persistence commands may throw an IllegalArgumentException.
• Improved the partition transfer process to work more efficiently while the service is under heavy load.

Coherence CE v21.06.2

This is Patch 2 of the Coherence CE v21.06 release.

Fixed Issues

• Improved the Coherence.start() method, released as part of the Bootstrap API in CE version 20.12, to return a CompletableFuture<Coherence> instead of a CompletableFuture<Void>. This allows a more fluent API when using static factory methods to create and start a Coherence instance. This is a breaking change in applications that specifically assign the result of calls to Coherence.start() to a CompletableFuture<Void> variable.
• Fixed a NullPointerException that occurred when generating a log message after failing to start management over REST, which resulted in the misleading, and non-helpful, error log message: "Failure to initialize JMX remote management caused by:NullPointerException".
• Fixed an issue where expired entries are not evicted for ReadWriteBackingMap.
• Fixed an issue that class ConverterComparator is serializable, which is not required.
• Fixed issue where the management over REST Endpoint to list services in a cluster returns a HTTP 500 error when the cluster has no services
• Fixed an issue where NullPointerException could occur in the index rebuild thread during failover, and lead to worker threads hanging waiting for index ready.
• Fixed an issue with cluster start up when a unicast-listener/discovery-address is specified in multicast mode.
• Fixed an issue where CohQL Persistence commands may throw a IllegalArgumentException.
• Fixed a memory leak that occurred when creating and releasing topic publishers and subscribers
• Added example showing how to monitor StatusHA for rolling redeploys
• Fixed an issue where if an initial event is not received for a partition DurableEvents will miss events that occurred while being disconnected.
• Improved Coherence metrics by removing external dependencies and relocating the code into the core coherence.jar, thereby removing the need for projects to depend on coherence-metrics, which is now an empty jar.
• Improved the reallocation of topic subscriber channels by triggering this immediately on member departure instead of waiting for departed subscribers to timeout.
• Improved and hardened topic subscriber channel allocation notification.
• Improved the algorithm used to distribute channels to subscribers in a topic subscriber group to produce a more even distribution.
• Enhanced Coherence metrics to allow metric names to be published without a vendor: prefix which is controlled by setting the system property coherence.metrics.legacy.names=false.

Coherence CE v21.06.1

This is Patch 1 of the Coherence CE v21.06 release.

Fixed Issues

• Fixed an issue with serializing classes annotated with PortableType that have not specified an ID.
• Fixed an issue where an ArrayIndexOutOfBoundsException could be thrown when using the PortableType annotation.
• Fixed an issue in persistence to ensure errors are caught in a rare and unexpected part of the recovery protocol.
• Fixed an issue where a topic subscriber with only a single channel allocated will not stop polling even when the channel is empty.
• Fixed an issue where the Java gRPC client will hang when getting caches if no connection to the server can be made.
• CVE-2021-2428 Fixed Java serialization of the Coherence JCache CoherenceEntryProcessorResult class to prevent unintended usage of this class.
• CVE-2021-2344 Fixed an issue where Java array deserialization may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.
• CVE-2021-2371 Fixed an issue where Java array deserialization using ExternalizableHelper may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.

Coherence CE v14.1.1.0.6

This is patch 6 of the Coherence CE v14.1.1 release.

Fixed Issues

• Fixed an issue where the partitioned cache service thread could hit the guardian timeout while processing deferred events during partition recovery or failover.
• Fixed an issue where incremental cache eviction could temporarily hold references to evicted cache keys.
• Fixed an issue where the recovery of a split-brain condition could be delayed after network connectivity is restored.
• CVE-2021-2428 Fixed Java serialization of the Coherence JCache CoherenceEntryProcessorResult class to prevent unintended usage of this class.
• Enhanced CohQL to print out the Exception call stack when trace is turned on.
• CVE-2021-2344 Fixed an issue where Java array deserialization may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.
• CVE-2021-2371 Fixed an issue where Java array deserialization using ExternalizableHelper may be used for a denial of service attack using malicious bytecode sent via WLS T3 and IIOP protocols.
• Fixed an issue where cluster join may automatically fallback to multicast if all of the configured WKA addresses are unresolvable.