Releases: signalfx/signalfx-java-tracing
0.48.0-sfx11
This is a minor maintenance release that contains a dependency update for jackson-databind
(#152) as remediation for CVE-2022-42004
Reminder: this project is reaching end of life (EOL) on Dec. 17th, 2022.
Users are STRONGLY ENCOURAGED TO MIGRATE to the Splunk Distribution of OpenTelemetry Java.
0.48.0-sfx10
This is a minor maintenance release only that fixes a versioning issue. 0.48.0-sfx9
was incorrectly reporting itself in logs as 0.48.0-sfx8
(see #148).
Reminder: this project is deprecated and users are STRONGLY ENCOURAGED TO MIGRATE to the Splunk Distribution of OpenTelemetry Java
0.48.0-sfx9
This is a patch release that only contains dependency updates to mitigate CVEs (#147).
- update snakeyaml 1.27 -> 1.32
- update commons-io 2.4 -> 2.11.0
Reminder: this project is deprecated and users are strongly encouraged migrate to the Splunk Distribution of OpenTelemetry Java
0.48.0-sfx8
This is a patch release that only contains a small mitigation fix for okhttp leaking header values into logs (#144).
The root cause is described in okhttp #6738.
This release incorporates changes from the upstream DataDog agent fix (#3682).
Reminder: this project is deprecated and users are strongly encouraged migrate to the Splunk Distribution of OpenTelemetry Java
0.48.0-sfx7
Security updates:
log4j
2.17.2jackson-databind
2.13.2.1
Reminder: this project is deprecated and users should migrate to the Splunk Distribution of OpenTelemetry Java
0.48.0-sfx6
- Expose service name and environment via MDC
Version 0.48.0-sfx5
- Update jackson in transitive dependency
0.48.0-sfx4
- Update jackson to 2.12.0
0.48.0-sfx3
- Marks deprecation of this library
- Updates snakeyaml version
0.48.0-sfx2
- Camel instrumentation
- Avoids doubly tracing MongoClientSettingsBuilder