eXist-db 4.8.0 Release Notes
This is mainly a security hot-fix for eXist-db 4.7.1 and addresses and closes CVE-2021-44228 by updating log4j to version 2.15.0. Other small enhancements and bug fixes include:
Enhancements
- Include stack detail in XPathExceptions from fn:doc and fn:collection
Bug Fixes
- Improve security when opening a Collection by checking that the calling user has Permission.EXECUTE all the way from the root of the Collection hierarchy
- Fix a memory-leak that can occir during shutdown
- Fix a concurrent modification issue during shutdown
- Made JMX Agent Factory Thread Safe
- Small fixes to YAJSW service scripts
- Avoid a NPE when reporting an error
- Fix build scripts for DMG to work on latest macOS
- Fix dist-war build to use HTTPS instead of HTTP for downloads