v6.0.11 LTS Release Notes¶
Important
Minimum v6.x required to upgrade to v6.0.7+ for environments using embedded RabbitMQ. Environments running 5.5.x or earlier using embedded RabbitMQ must upgrade to v6.0.0 - v6.0.6 prior to upgrading to v6.0.7+
Important
v6.0.7+ contains embedded MySQL v8 upgrade. BACKUP YOUR DATABASE PRIOR TO UPGRADE when using embedded MySQL (all-in-one appliances) and upgrading from v6.0.0 - v6.0.6.
Warning
Rolling upgrades for HA environments using embedded RabbitMQ and/or embedded Elasticsearch services are not supported when upgrading from v6.0.0 - v6.0.6.
Compatible Plugin API version: 0.14.8
Compatible Morpheus Worker version: 5.4.8
Minimum upgrade version: v6.0.0
Note
Items appended with x.x.x are also included in that version
Release Dates
v6.0.11 Jan 11 2024
New Features¶
- Security
Upgraded
gradle.propertiesto 9.0.83 to mitigate multiple CVEs 6.2.6 6.3.3Upgraded
nettyto version 4.1.100.final to mitigate CVE-2023-44487 and CVE-2023-41881 6.2.6 6.3.3Upgraded
spring-boot-actuator-autoconfigureto 2.7.11 to mitigate CVE-2023-20873 6.2.6 6.3.3Upgraded
spring-boot-autoconfigureto 2.7.12 to mitigate CVE-2023-20883 6.2.6 6.3.3Upgraded
spring-bootto version 2.7.18 to mitigate CVE-2023-34055 6.2.6 6.3.3Upgraded
spring-expressionto version 5.3.17 to mitigate CVE-2022-22950 6.2.6 6.3.3Upgraded
spring-expressionto version 5.3.27 to mitigate CVE-2023-20863 and CVE-2023-20861 6.3.3 6.2.6Upgraded
spring-security-webto 5.7.8 to mitigate CVE-2023-20862 6.2.6 6.3.3Upgraded
spring-webmvcto version 5.3.30 to mitigate CVE-2023-20860 6.2.6 6.3.3Upgraded
jknack/handlebars.javato version 4.3.1 to mitigate CVE-2022-42889 6.2.6 6.3.3
Appliance & Agent Updates¶
- Appliance
Upgraded embedded
erlangto version 26.1.2 6.2.6 6.3.3
- Agent
Morpheus Linux Agent updated to v2.5.2 to prevent automation failures when run under specific conditions 6.2.6 6.3.3
- Node Packages
Morpheus node and vm-node packages updated to v 3.2.0 with Morpheus Linux Agent v2.5.2 6.2.6 6.3.3