5.3.5 Release Notes

5.5-SNAPSHOT 5.4 5.3 5.2 5.1 5.0
Due to an error in the tooling, we have had to skip the Platform releases of 5.3.3 and 5.3.4 and move directly to 5.3.5.

Enhancements

  • Improved the permission checks by fixing the CVE-2023-45859 and CVE-2023-45860 vulnerabilities. #25661

  • Added permission checks to the client message types (MessageTasks) which were missing it. #25539

  • Changed the exception type from CancellationException to CancellationByUserException in case the user cancels a job before it is initialized. #25452

  • Updated the versions of following dependencies

    • gRPC to 1.57.0

    • Netty to 4.1.100

    • Avro to 1.1.13

    • Snappy Java to 1.1.10.5

    • Elasticsearch to 7.17.13

      #25430, #25670, #25659, 25999

  • Renamed the service port for Hazelcast clusters deployed in Kubernetes environments as hazelcast. Previously, the name was hazelcast-service-port causing the member auto-discovery (for embedded deployments) to fail. #24834

Fixes

  • Fixed an issue where the map entries' metadata, such as time-to-live and expiration, was not replicated correctly over WAN after updating existing entries. #25505

  • Fixed an issue where the member list was not updated after a cluster failover scenario. #25504

  • Fixed a memory leak issue that happened while destroying fenced locks, when Hazelcast is used in the embedded mode. #25421

Known Issues

  • When using maps with WAN replication enabled, and BINARY or NATIVE in-memory formats for the entries, it is possible for WAN replication to fail when an entry is updated with the same key/value pair. This issue will be fixed starting with the next Platform release (5.3.6). See #25899 for the fix details.

Removed/Deprecated Features

  • Removed the evaluation tool (for trying out Platform 5.x features for IMDG 3.x users) and the relevant IMDG 3.x JAR libraries from Hazelcast Platform distributions. #25663