6 hours ago
rustfs

RustFS 1.0.0-beta.10-preview.4 (beta)

Release 1.0.0-beta.10-preview.4

7 hours ago
timescaledb

2.28.3 (2026-07-16)

This release contains performance improvements and bug fixes since the 2.28.2 release. We recommend that you upgrade at the next available opportunity.

Bugfixes

  • #10082 Wrong result when evaluating a function returning NULL in the columnar query execution pipeline
  • #10178 Fix incorrect usage of sort transformation for sort key expressions with negative constants
  • #10179 Allow enabling and disabling triggers on hypertables with columnstore enabled
  • #10182 Fix columnstore sort pushdown to check for different query sort key collation
  • #10209 Fix potentially wrong results for stddev(float4) and stddev(float8) when used with avg() in the columnar query execution pipeline
  • #10212 Fix race condition when enabling compression on a hypertable
  • #10230 Batch filtering for compressed DML should respect collation
  • #10254 Direct delete failed to handle array predicates with NULL values and deleted more rows than intended (#10129)
  • #10257 Reuse existing dimension_slice IDs when possible
  • #10265 Truncate constraint name before trying to rename

Thanks

  • @juantxorena for reporting that triggers could not be enabled or disabled on hypertables with columnstore enabled
10 hours ago
rustfs

1.0.0-beta.10-preview.3

What's Changed

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.10-preview.1...1.0.0-beta.10-preview.3

10 hours ago
rustfs

1.0.0-beta.10-preview.2

What's Changed

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.10-preview.1...1.0.0-beta.10-preview.2

12 hours ago
rustfs

1.0.0-beta.10-preview.1

What's Changed

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.9...1.0.0-beta.10-preview.1

1 days ago
nginx

release-1.30.4

nginx-1.30.4 stable version has been released, with fixes for buffer overflow vulnerability when using map with regex (CVE-2026-42533), memory disclosure vulnerability when using ngx_http_slice_module (CVE-2026-60005), and use-after-free vulnerability when using ngx_http_ssi_module (CVE-2026-56434).

See official CHANGES-1.30 on nginx.org.

Below is a release summary generated by GitHub.

What's Changed

Full Changelog: https://github.com/nginx/nginx/compare/release-1.30.3...release-1.30.4

1 days ago
nginx

release-1.31.3

nginx-1.31.3 mainline version has been released, with fixes for buffer overflow vulnerability when using map with regex (CVE-2026-42533), memory disclosure vulnerability when using ngx_http_slice_module (CVE-2026-60005), and use-after-free vulnerability when using ngx_http_ssi_module (CVE-2026-56434).

See official CHANGES on nginx.org.

Below is a release summary generated by GitHub.

What's Changed

New Contributors

Full Changelog: https://github.com/nginx/nginx/compare/release-1.31.2...release-1.31.3

1 days ago
rustfs

1.0.0-beta.9

What's Changed

RustFS 1.0.0-beta.9 focuses on hardening the storage engine, S3 compatibility, table catalog support, runtime observability, security posture, and CI/release reliability. This summary condenses the full beta.8...beta.9 change set while preserving the contributor credits below.

Storage, ECStore, and GET Path

  • Hardened ECStore object reads/writes, listings, metadata updates, delete rollback, heal cleanup, and crash-consistency boundaries across degraded, multipart, and directory-marker cases.
  • Improved large-object and GET-path behavior with codec-streaming rollout controls, bitrot path cleanup, short-body/truncation detection, pooled shard reuse, hedged slow shard reads, fewer setup fanouts, and safer legacy fallback handling.
  • Added and refined io_uring read support behind runtime probes/rollout gates, including per-disk probe cache, degradation latch, O_DIRECT preservation, fd cache invariants, page-cache reclaim, and rustfs-uring updates.
  • Tightened object data cache correctness: write-unique keys, invalidation/fill race fixes, bounded memory admission, clear/drain stability, admin visibility, benchmarks, and Grafana coverage.
  • Improved capacity accounting and filesystem probing, including symlinked scan roots, safe env defaults, Linux filesystem magic mapping, and drive stall budgets for walks.

S3, Replication, Lifecycle, and Admin

  • Improved S3 API compatibility with flexible multipart checksums, content disposition on GET, native additional checksum support, virtual-hosted-style 501 guidance, stronger SigV4 negative coverage, and AWS-aligned object-lock overwrite tests.
  • Hardened replication and site-replication flows: bidirectional sync/backfill, MRF persistence, target refresh after peer edits, multipart fanout integrity, loopback coverage, version deletion convergence, service account sync, custom TLS peers, and outbound checksum consistency.
  • Made lifecycle/tiering recovery safer with recoverable tier cleanup, persisted remote-tier delete journal tasks, expire/GET race coverage, lifecycle debug acceleration for tests, and gated s3-tests lifecycle lanes.
  • Strengthened admin behavior for auth, server info, metrics auth, account info quotas, datausage live refresh, heal runtime state, site-replication import notifications, and external OIDC redirects.

Security and Correctness

  • Added or reinforced authorization and input-safety fixes across remote target listing, FTP handlers, metrics, admin auth, service-account deletion, JSON ingress, signed headers, SSE-C nonce persistence, local SSE-S3 fallback, KMS local key storage, outbound egress guards, Docker credential handling, log cleaner symlink safety, and GHSA regression tests.
  • Fixed correctness issues around incomplete object streams, DARE truncation, peer-health counting, storage error mapping, CommonPrefix merging, metadata early-stop quorum, rollback warnings, and background task cancellation.
  • Added adversarial validation policy/playbooks and removed agent-generated planning docs from version control.

Table Catalog and Iceberg

  • Expanded S3 Tables/Iceberg support with REST commit compatibility, exists endpoints, scoped credentials, data-plane policy bridge, protected ref metadata, production surfaces, refs/views semantics, external catalog sync, backing migration contracts, vendor compatibility profiles, maintenance workers, reachability cleanup, row-level conflict hardening, PyIceberg live smoke coverage, and conformance evidence.

Runtime, Config, Extensions, and Observability

  • Continued the InstanceContext/AppContext migration across startup, storage, IAM, admin, ECStore, runtime services, bucket metadata, embedded servers, per-server contexts, and optional runtime boundaries.
  • Added runtime capability, workload admission, memory/allocator/metrics controller status, extension/ops-profiler schemas, plugin/sidecar policy gates, and embedded multi-server support.
  • Reduced logging and telemetry noise while improving request IDs, redaction, OTLP/local output consistency, dial9 opt-in telemetry, runtime event governance, API boundary events, retention/durability, and warning rate limits.
  • Added NATS JetStream publish support for notify/audit targets, SFTP macOS/Windows support and docs, Helm multi-pool capacity expansion, and Docker/cluster startup hardening.

Performance

  • Improved PUT, GET, EC decode, multipart sync, object cache, metrics, report collection, and large-object first-byte latency paths.
  • Removed avoidable hot-path work such as repeated env reads, unnecessary metric-handle lookup, per-emission allocations, percentile sorting on per-IO paths, extra shard zeroing/copying, and blocking filesystem work in async paths.

Testing, CI, and Release

  • Expanded e2e, property, fuzz, table-catalog, lifecycle, replication, admin-auth, cache, ECStore, filemeta, parser, erasure, path-validator, and MinIO/SSE interop coverage.
  • Stabilized nextest profiles, quarantine policy, migration-critical count guards, e2e smoke lanes, weekly s3tests, Mint and perf pipelines, scheduled CI alerts, cargo-deny supply-chain checks, SBOM/provenance assets, release image scans, secret-scanning exclusions, and stable Rust toolchain usage.
  • Updated docs for scanner/runtime controls, SFTP operations, object data cache boundaries, testing pyramid, e2e contributor workflow, security advisory lessons, Makefile/CONTRIBUTING verification gates, and Podman instructions.

Notable External Contributions

  • Site replication fixes and replication startup behavior by @abdullahnah92.
  • SFTP platform support and NATS JetStream target support by @simon-escapecode.
  • Table catalog/IAM/metadata compatibility work by @GatewayJ.
  • ECStore, lifecycle, logging, replication, and admin fixes by @cxymds, @reatang, @RamakrishnaChilaka, and @majinghe.
  • Docs, CLI, Helm, and observability fixes from @w4hf, @Tirka, @Rohmilchkaese, @Littlew0od, and others.

Scale of This Release

  • 1,200+ merged PR entries condensed into this summary.
  • Largest areas: ECStore/storage, replication, table catalog, observability, runtime context migration, security hardening, and CI/test reliability.

New Contributors

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.8...1.0.0-beta.9

1 days ago
rustfs

1.0.0-beta.9

What's Changed

RustFS 1.0.0-beta.9 focuses on hardening the storage engine, S3 compatibility, table catalog support, runtime observability, security posture, and CI/release reliability. This summary condenses the full beta.8...beta.9 change set while preserving the contributor credits below.

Storage, ECStore, and GET Path

  • Hardened ECStore object reads/writes, listings, metadata updates, delete rollback, heal cleanup, and crash-consistency boundaries across degraded, multipart, and directory-marker cases.
  • Improved large-object and GET-path behavior with codec-streaming rollout controls, bitrot path cleanup, short-body/truncation detection, pooled shard reuse, hedged slow shard reads, fewer setup fanouts, and safer legacy fallback handling.
  • Added and refined io_uring read support behind runtime probes/rollout gates, including per-disk probe cache, degradation latch, O_DIRECT preservation, fd cache invariants, page-cache reclaim, and rustfs-uring updates.
  • Tightened object data cache correctness: write-unique keys, invalidation/fill race fixes, bounded memory admission, clear/drain stability, admin visibility, benchmarks, and Grafana coverage.
  • Improved capacity accounting and filesystem probing, including symlinked scan roots, safe env defaults, Linux filesystem magic mapping, and drive stall budgets for walks.

S3, Replication, Lifecycle, and Admin

  • Improved S3 API compatibility with flexible multipart checksums, content disposition on GET, native additional checksum support, virtual-hosted-style 501 guidance, stronger SigV4 negative coverage, and AWS-aligned object-lock overwrite tests.
  • Hardened replication and site-replication flows: bidirectional sync/backfill, MRF persistence, target refresh after peer edits, multipart fanout integrity, loopback coverage, version deletion convergence, service account sync, custom TLS peers, and outbound checksum consistency.
  • Made lifecycle/tiering recovery safer with recoverable tier cleanup, persisted remote-tier delete journal tasks, expire/GET race coverage, lifecycle debug acceleration for tests, and gated s3-tests lifecycle lanes.
  • Strengthened admin behavior for auth, server info, metrics auth, account info quotas, datausage live refresh, heal runtime state, site-replication import notifications, and external OIDC redirects.

Security and Correctness

  • Added or reinforced authorization and input-safety fixes across remote target listing, FTP handlers, metrics, admin auth, service-account deletion, JSON ingress, signed headers, SSE-C nonce persistence, local SSE-S3 fallback, KMS local key storage, outbound egress guards, Docker credential handling, log cleaner symlink safety, and GHSA regression tests.
  • Fixed correctness issues around incomplete object streams, DARE truncation, peer-health counting, storage error mapping, CommonPrefix merging, metadata early-stop quorum, rollback warnings, and background task cancellation.
  • Added adversarial validation policy/playbooks and removed agent-generated planning docs from version control.

Table Catalog and Iceberg

  • Expanded S3 Tables/Iceberg support with REST commit compatibility, exists endpoints, scoped credentials, data-plane policy bridge, protected ref metadata, production surfaces, refs/views semantics, external catalog sync, backing migration contracts, vendor compatibility profiles, maintenance workers, reachability cleanup, row-level conflict hardening, PyIceberg live smoke coverage, and conformance evidence.

Runtime, Config, Extensions, and Observability

  • Continued the InstanceContext/AppContext migration across startup, storage, IAM, admin, ECStore, runtime services, bucket metadata, embedded servers, per-server contexts, and optional runtime boundaries.
  • Added runtime capability, workload admission, memory/allocator/metrics controller status, extension/ops-profiler schemas, plugin/sidecar policy gates, and embedded multi-server support.
  • Reduced logging and telemetry noise while improving request IDs, redaction, OTLP/local output consistency, dial9 opt-in telemetry, runtime event governance, API boundary events, retention/durability, and warning rate limits.
  • Added NATS JetStream publish support for notify/audit targets, SFTP macOS/Windows support and docs, Helm multi-pool capacity expansion, and Docker/cluster startup hardening.

Performance

  • Improved PUT, GET, EC decode, multipart sync, object cache, metrics, report collection, and large-object first-byte latency paths.
  • Removed avoidable hot-path work such as repeated env reads, unnecessary metric-handle lookup, per-emission allocations, percentile sorting on per-IO paths, extra shard zeroing/copying, and blocking filesystem work in async paths.

Testing, CI, and Release

  • Expanded e2e, property, fuzz, table-catalog, lifecycle, replication, admin-auth, cache, ECStore, filemeta, parser, erasure, path-validator, and MinIO/SSE interop coverage.
  • Stabilized nextest profiles, quarantine policy, migration-critical count guards, e2e smoke lanes, weekly s3tests, Mint and perf pipelines, scheduled CI alerts, cargo-deny supply-chain checks, SBOM/provenance assets, release image scans, secret-scanning exclusions, and stable Rust toolchain usage.
  • Updated docs for scanner/runtime controls, SFTP operations, object data cache boundaries, testing pyramid, e2e contributor workflow, security advisory lessons, Makefile/CONTRIBUTING verification gates, and Podman instructions.

Notable External Contributions

  • Site replication fixes and replication startup behavior by @abdullahnah92.
  • SFTP platform support and NATS JetStream target support by @simon-escapecode.
  • Table catalog/IAM/metadata compatibility work by @GatewayJ.
  • ECStore, lifecycle, logging, replication, and admin fixes by @cxymds, @reatang, @RamakrishnaChilaka, and @majinghe.
  • Docs, CLI, Helm, and observability fixes from @w4hf, @Tirka, @Rohmilchkaese, @Littlew0od, and others.

Scale of This Release

  • 1,200+ merged PR entries condensed into this summary.
  • Largest areas: ECStore/storage, replication, table catalog, observability, runtime context migration, security hardening, and CI/test reliability.

New Contributors

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.8...1.0.0-beta.9

2 days ago
nacos

2.5.3 (Jul 14th, 2026)

Nacos 2.5.3 is mainly a bugfix, security, and experience-improvement release for the 2.x series.

This release focuses on:

  • Compatible security dependency upgrades for the v2.x JDK 8 baseline.
  • Client stability and logging improvements.
  • Config namespace isolation fixes.
  • Server-side request validation improvements.

It also keeps incompatible major dependency lines out of v2.x, such as Spring Boot 3, Spring Framework 6, and other JDK 17+ only upgrades.


Detailed changes in this release:

Feature

No major feature changes.

Enhancement/Refactor

[#12323] Improve Logback packagingData behavior by making it configurable through nacos.logback.packagingData with default false, and upgrade the external Logback adapter to 1.1.5.

BugFix

[#13940] Fix continuous class unloading during Nacos Client Log4j2 configuration reload by using safe Log4j2 initialization.

[#14423] Fix missing exceptions when form parameters exceed the configured Tomcat request size limit.

[#15437] Fix client shutdown thread leaks and executor creation race conditions in ConfigRpcTransportClient and related client components.

[#15497] Fix Config namespace isolation for ID-based export, batch delete, and clone operations, and enforce source namespace read permission for clone requests.

Dependencies

[#13998][#14859] Upgrade embedded Tomcat to 9.0.118 to address known Tomcat CVEs.

[#15025][#15451] Upgrade compatible v2.x dependencies, including Jackson to 2.18.9, gRPC Java to 1.75.0, and Spring Security to 5.8.16, while preserving the JDK 8 baseline.


Java Version Requirements

Module Java Required
Nacos-Server / Nacos-Console Java 8
Nacos-Client Java 8

New Contributors

Full Changelog: https://github.com/alibaba/nacos/compare/2.5.2...2.5.3