Skip to content

Releases: exasol/exasol-test-setup-abstraction-java

2.1.5 Fix `NullPointerException` with Docker DB >= 8.29.1

30 Sep 09:37
@github-actions github-actions
2.1.5
cc3f808
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.5 Fix `NullPointerException` with Docker DB >= 8.29.1 Latest
Latest

This release fixes a NullPointerException when launching Exasol Docker DB >= 8.29.1.

Features

  • #84: Fixed NullPointerException when launching Exasol Docker DB >= 8.29.1

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:bucketfs-java:3.1.2 to 3.2.0
  • Updated com.exasol:exasol-testcontainers:7.1.0 to 7.1.1
  • Updated com.github.mwiede:jsch:0.2.17 to 0.2.20
  • Updated software.amazon.awssdk:cloudformation:2.25.56 to 2.28.11
  • Updated software.amazon.awssdk:ec2:2.25.56 to 2.28.11

Runtime Dependency Updates

  • Updated org.eclipse.parsson:parsson:1.1.6 to 1.1.7

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.16.1 to 3.17
  • Updated org.hamcrest:hamcrest:2.2 to 3.0
  • Updated org.junit.jupiter:junit-jupiter-engine:5.10.2 to 5.11.1
  • Updated org.junit.jupiter:junit-jupiter-params:5.10.2 to 5.11.1
  • Updated org.slf4j:slf4j-jdk14:2.0.13 to 2.0.16

Plugin Dependency Updates

  • Updated com.exasol:project-keeper-maven-plugin:4.3.1 to 4.3.3
  • Updated org.apache.maven.plugins:maven-enforcer-plugin:3.4.1 to 3.5.0
  • Updated org.apache.maven.plugins:maven-javadoc-plugin:3.6.3 to 3.7.0
  • Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922 to 4.0.0.4121
  • Updated org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13 to 1.7.0
Assets 4
Loading

2.1.4 Fix for Exasol Docker-DB 8.27.0

22 May 14:46
@github-actions github-actions
2.1.4
bf8e818
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.4 Fix for Exasol Docker-DB 8.27.0

This release fixes exception JSchException: Algorithm negotiation fail when starting an Exasol Docker DB version 8.27.0 or later.

The release also updates the default Exasol version to 8.27.0.

Bugfixes

  • #82: Fixed SSH connection for Exasol Docker DB version 8.27.0

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:exasol-testcontainers:7.0.1 to 7.1.0
  • Updated software.amazon.awssdk:cloudformation:2.25.31 to 2.25.56
  • Updated software.amazon.awssdk:ec2:2.25.31 to 2.25.56

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:2.0.2 to 2.0.3
  • Updated com.exasol:project-keeper-maven-plugin:4.3.0 to 4.3.1
  • Updated org.apache.maven.plugins:maven-deploy-plugin:3.1.1 to 3.1.2
  • Updated org.apache.maven.plugins:maven-gpg-plugin:3.2.2 to 3.2.4
  • Updated org.apache.maven.plugins:maven-toolchains-plugin:3.1.0 to 3.2.0
Assets 4
Loading

2.1.3 Fix SSH connection to Exasol Docker container 8.25.0 and later

16 Apr 10:25
@github-actions github-actions
2.1.3
2ede402
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.3 Fix SSH connection to Exasol Docker container 8.25.0 and later

This release fixes error JSchException: Algorithm negotiation fail when starting an Exasol Docker container 8.25.0 and later.

Bugfixes

  • #75: Fixed SSH connection to Exasol Docker container 8.25.0 and later

Dependency Updates

Compile Dependency Updates

  • Added com.github.mwiede:jsch:0.2.17
  • Removed com.jcraft:jsch:0.1.55
  • Updated software.amazon.awssdk:cloudformation:2.25.26 to 2.25.31
  • Updated software.amazon.awssdk:ec2:2.25.26 to 2.25.31

Test Dependency Updates

  • Updated org.slf4j:slf4j-jdk14:2.0.12 to 2.0.13
Assets 4
Loading

2.1.2 Fixed vulnerability CVE-2024-29025 in io.netty:netty-codec-http:jar:4.1.107.Final:runtime

08 Apr 09:53
@github-actions github-actions
2.1.2
8797bad
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.2 Fixed vulnerability CVE-2024-29025 in io.netty:netty-codec-http:jar:4.1.107.Final:runtime

This release fixes the following vulnerability:

CVE-2024-29025 (CWE-770) in dependency io.netty:netty-codec-http:jar:4.1.107.Final:runtime

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The HttpPostRequestDecoder can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.

References

Security

  • #79: Fixed vulnerability CVE-2024-29025 in dependency io.netty:netty-codec-http:jar:4.1.107.Final:runtime

Dependency Updates

Compile Dependency Updates

  • Updated software.amazon.awssdk:cloudformation:2.25.6 to 2.25.26
  • Updated software.amazon.awssdk:ec2:2.25.6 to 2.25.26

Runtime Dependency Updates

  • Updated org.eclipse.parsson:parsson:1.1.5 to 1.1.6

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.15.8 to 3.16.1

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:2.0.0 to 2.0.2
  • Updated com.exasol:project-keeper-maven-plugin:4.1.0 to 4.3.0
  • Updated org.apache.maven.plugins:maven-compiler-plugin:3.12.1 to 3.13.0
  • Updated org.apache.maven.plugins:maven-gpg-plugin:3.1.0 to 3.2.2
  • Updated org.jacoco:jacoco-maven-plugin:0.8.11 to 0.8.12
  • Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.10.0.2594 to 3.11.0.3922
Assets 4
Loading

2.1.1: Fix CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress`

12 Mar 05:19
@kaklakariada kaklakariada
2.1.1
6209ee6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.1: Fix CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress`

Summary

This release fixes vulnerabilities CVE-2024-25710 and CVE-2024-26308 in compile dependency org.apache.commons:commons-compress.

Excluded Vulnerability We accept vulnerability CVE-2017-10355 (CWE-833: Deadlock) in compile dependency xerces:xercesImpl:jar:2.12.2 as we assume that we only connect to the known endpoint ExaOperations.

Security

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:bucketfs-java:3.1.1 to 3.1.2
  • Updated com.exasol:database-cleaner:1.1.1 to 1.1.3
  • Updated com.exasol:exasol-testcontainers:6.6.3 to 7.0.1
  • Updated fr.turri:aXMLRPC:1.13.0 to 1.14.0
  • Updated software.amazon.awssdk:cloudformation:2.21.20 to 2.25.6
  • Updated software.amazon.awssdk:ec2:2.21.20 to 2.25.6

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.15.3 to 3.15.8
  • Updated org.junit.jupiter:junit-jupiter-engine:5.10.1 to 5.10.2
  • Updated org.junit.jupiter:junit-jupiter-params:5.10.1 to 5.10.2
  • Updated org.slf4j:slf4j-jdk14:2.0.9 to 2.0.12

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:1.3.1 to 2.0.0
  • Updated com.exasol:project-keeper-maven-plugin:2.9.15 to 4.1.0
  • Updated org.apache.maven.plugins:maven-compiler-plugin:3.11.0 to 3.12.1
  • Updated org.apache.maven.plugins:maven-failsafe-plugin:3.1.2 to 3.2.5
  • Updated org.apache.maven.plugins:maven-javadoc-plugin:3.6.0 to 3.6.3
  • Updated org.apache.maven.plugins:maven-surefire-plugin:3.1.2 to 3.2.5
  • Added org.apache.maven.plugins:maven-toolchains-plugin:3.1.0
  • Updated org.codehaus.mojo:flatten-maven-plugin:1.5.0 to 1.6.0
  • Updated org.codehaus.mojo:versions-maven-plugin:2.16.1 to 2.16.2
Assets 9
Loading

2.1.0: Default database version bump

10 Nov 10:54
@pj-spoelders pj-spoelders
2.1.0
e93e37a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.0: Default database version bump

Summary

Updated default database being used to v8.23.1

Features

  • #71: Updated default database being used to v8.23.1

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:bucketfs-java:3.1.0 to 3.1.1
  • Updated com.exasol:database-cleaner:1.1.0 to 1.1.1
  • Updated com.exasol:exasol-testcontainers:6.6.2 to 6.6.3
  • Updated jakarta.json:jakarta.json-api:2.1.2 to 2.1.3
  • Updated software.amazon.awssdk:cloudformation:2.20.153 to 2.21.20
  • Updated software.amazon.awssdk:ec2:2.20.153 to 2.21.20

Runtime Dependency Updates

  • Updated org.eclipse.parsson:parsson:1.1.4 to 1.1.5

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.15.2 to 3.15.3
  • Updated org.junit.jupiter:junit-jupiter-engine:5.10.0 to 5.10.1
  • Updated org.junit.jupiter:junit-jupiter-params:5.10.0 to 5.10.1

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:1.3.0 to 1.3.1
  • Updated com.exasol:project-keeper-maven-plugin:2.9.12 to 2.9.15
  • Updated org.apache.maven.plugins:maven-enforcer-plugin:3.4.0 to 3.4.1
  • Updated org.apache.maven.plugins:maven-javadoc-plugin:3.5.0 to 3.6.0
  • Updated org.codehaus.mojo:versions-maven-plugin:2.16.0 to 2.16.1
  • Updated org.jacoco:jacoco-maven-plugin:0.8.10 to 0.8.11
  • Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184 to 3.10.0.2594
Assets 9
Loading

2.0.4: Fix CVE-2023-42503

26 Sep 08:17
@kaklakariada kaklakariada
2.0.4
2d68641
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.4: Fix CVE-2023-42503

Summary

This release fixes CVE-2023-42503 in org.apache.commons:commons-compress.

The release also updates the default Exasol DB version to 7.1.23.

Known issue: Transitive dependency io.netty:netty-handler (via software.amazon.awssdk:cloudformation) still contains CVE-2023-4586. See issue #65 for details.

Security

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:exasol-testcontainers:6.6.1 to 6.6.2
  • Updated software.amazon.awssdk:cloudformation:2.20.137 to 2.20.153
  • Updated software.amazon.awssdk:ec2:2.20.137 to 2.20.153

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.15.1 to 3.15.2
  • Updated org.slf4j:slf4j-jdk14:2.0.7 to 2.0.9

Plugin Dependency Updates

  • Updated com.exasol:project-keeper-maven-plugin:2.9.11 to 2.9.12
  • Updated org.basepom.maven:duplicate-finder-maven-plugin:1.5.1 to 2.0.1
Assets 9
Loading

2.0.3: Update Dependencies on top of 2.0.2

30 Aug 15:14
@kaklakariada kaklakariada
2.0.3
03ea85c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.3: Update Dependencies on top of 2.0.2

Summary

This excludes vulnerability CVE-2023-4586 in transitive dependency io.netty:netty-handler as we assume that the AWS SDK's usage of netty is not affected.

Security

  • #63: Exclude vulnerability

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:exasol-testcontainers:6.6.0 to 6.6.1
  • Removed io.netty:netty-handler:4.1.94.Final
  • Updated software.amazon.awssdk:cloudformation:2.20.93 to 2.20.137
  • Updated software.amazon.awssdk:ec2:2.20.93 to 2.20.137

Runtime Dependency Updates

  • Updated org.eclipse.parsson:parsson:1.1.2 to 1.1.4

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.14.3 to 3.15.1
  • Updated org.junit.jupiter:junit-jupiter-engine:5.9.3 to 5.10.0
  • Updated org.junit.jupiter:junit-jupiter-params:5.9.3 to 5.10.0

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:1.2.3 to 1.3.0
  • Updated com.exasol:project-keeper-maven-plugin:2.9.7 to 2.9.11
  • Updated org.apache.maven.plugins:maven-enforcer-plugin:3.3.0 to 3.4.0
  • Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0 to 3.1.2
  • Updated org.apache.maven.plugins:maven-gpg-plugin:3.0.1 to 3.1.0
  • Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0 to 3.1.2
  • Updated org.codehaus.mojo:flatten-maven-plugin:1.4.1 to 1.5.0
  • Updated org.codehaus.mojo:versions-maven-plugin:2.15.0 to 2.16.0
  • Updated org.jacoco:jacoco-maven-plugin:0.8.9 to 0.8.10
Assets 9
Loading

2.0.2: Upgrade dependencies on top of 2.0.1

28 Jun 10:49
@kaklakariada kaklakariada
2.0.2
5e985bb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.2: Upgrade dependencies on top of 2.0.1

Summary

This release fixes vulnerabilities CVE-2023-34462 (Uncontrolled Resource Consumption) in transitive dependency io.netty:netty-handler by upgrading it to the latest version.

Refactoring

  • #58: Migrated CI isolation to AWS CDK v2

Security

  • #60: Upgrade dependencies to fix vulnerabilities

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:exasol-testcontainers:6.5.2 to 6.6.0
  • Removed commons-codec:commons-codec:1.15
  • Added io.netty:netty-handler:4.1.94.Final
  • Updated jakarta.json:jakarta.json-api:2.1.1 to 2.1.2
  • Updated software.amazon.awssdk:cloudformation:2.20.44 to 2.20.93
  • Updated software.amazon.awssdk:ec2:2.20.44 to 2.20.93

Runtime Dependency Updates

  • Updated org.eclipse.parsson:parsson:1.1.1 to 1.1.2

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.14.1 to 3.14.3
  • Updated org.junit.jupiter:junit-jupiter-engine:5.9.2 to 5.9.3
  • Updated org.junit.jupiter:junit-jupiter-params:5.9.2 to 5.9.3

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:1.2.2 to 1.2.3
  • Updated com.exasol:project-keeper-maven-plugin:2.9.6 to 2.9.7
  • Updated org.apache.maven.plugins:maven-compiler-plugin:3.10.1 to 3.11.0
  • Updated org.apache.maven.plugins:maven-deploy-plugin:3.1.0 to 3.1.1
  • Updated org.apache.maven.plugins:maven-enforcer-plugin:3.2.1 to 3.3.0
  • Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M8 to 3.0.0
  • Updated org.apache.maven.plugins:maven-javadoc-plugin:3.4.1 to 3.5.0
  • Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M8 to 3.0.0
  • Updated org.codehaus.mojo:flatten-maven-plugin:1.3.0 to 1.4.1
  • Updated org.codehaus.mojo:versions-maven-plugin:2.14.2 to 2.15.0
  • Updated org.jacoco:jacoco-maven-plugin:0.8.8 to 0.8.9
Assets 9
Loading

2.0.1: Fix container reuse

13 Apr 07:54
@kaklakariada kaklakariada
2.0.1
f6cd38d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.1: Fix container reuse

Summary

This release fixes an issue with reusing containers caused by exasol-testcontainers #220. It also removes duplicate classes from dependencies by replacing JSON library org.glassfish:jakarta.json with org.eclipse.parsson:parsson.

Bugfixes

  • #55: Fixed reusing containers with SSH credentials

Dependency Updates

Compile Dependency Updates

  • Updated com.exasol:bucketfs-java:2.6.0 to 3.1.0
  • Updated com.exasol:error-reporting-java:1.0.0 to 1.0.1
  • Updated com.exasol:exasol-testcontainers:6.5.0 to 6.5.2
  • Updated software.amazon.awssdk:cloudformation:2.19.18 to 2.20.44
  • Updated software.amazon.awssdk:ec2:2.19.18 to 2.20.44

Runtime Dependency Updates

  • Added org.eclipse.parsson:parsson:1.1.1
  • Removed org.glassfish:jakarta.json:2.0.1

Test Dependency Updates

  • Updated nl.jqno.equalsverifier:equalsverifier:3.12.3 to 3.14.1
  • Added org.slf4j:slf4j-jdk14:2.0.7

Plugin Dependency Updates

  • Updated com.exasol:error-code-crawler-maven-plugin:1.2.1 to 1.2.2
  • Updated com.exasol:project-keeper-maven-plugin:2.9.1 to 2.9.6
  • Updated org.apache.maven.plugins:maven-deploy-plugin:3.0.0 to 3.1.0
  • Updated org.apache.maven.plugins:maven-enforcer-plugin:3.1.0 to 3.2.1
  • Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M7 to 3.0.0-M8
  • Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M7 to 3.0.0-M8
  • Added org.basepom.maven:duplicate-finder-maven-plugin:1.5.1
  • Updated org.codehaus.mojo:versions-maven-plugin:2.13.0 to 2.14.2
Assets 9
Loading