2024 Release Notes
This page contains a list of 2024 Sonatype Nexus Repository releases, links to each release's release notes, and a brief list of major changes per release.
Summary of Major Changes in 2024
The following table lists major changes in 2024 that should be considered when upgrading to a new version. Select a release for more information.
Release | Release Date | Major Changes |
---|---|---|
December 5, 2024 (3.75.1) December 3, 2024 (3.75.0) | 3.75.1
3.75.0
| |
November 5, 2024 |
| |
October 10, 2024 | Common Vulnerabilities and Exposures Fix Sonatype Nexus Repository 3.73.0 introduces a re-encryption feature to mitigate CVE-2024-5764. This feature allows administrators to change the encryption key used to protect passwords and other confidential information. Read more below Note For a limited set of users, upgrading to Sonatype Nexus Repository 3.73.0 may fail due to
| |
September 4, 2024 |
| |
August 8, 2024 | Note Release 3.71.0 includes multiple breaking changes; 3.71.0 and beyond do not support OrientDB, Java 8, or Java 11. Carefully read both the release notes as well as our help documentation on upgrading to 3.71.0 and beyond before upgrading to this release.
| |
October 10, 2024 (3.70.3) September 3, 2024 (3.70.2) July 10, 2024 (3.70.1) July 9, 2024 (3.70.0) | Important The Nexus Repository 3.70.x line is the last release line to support OrientDB. If you must remain on OrientDB, you will need to remain on our 3.70.x release line until you can migrate to H2 or PostgreSQL. This marks OrientDB's transition to Extended Maintenance as defined in our sunsetting documentation. There is no official sunset date for OrientDB at this time. 3.70.3
3.70.2 Sonatype Nexus Repository 3.70.2 fixes a Database Migrator issue that caused some customers to see duplicate key errors after migrating from OrientDB to H2. This release also upgrades axios back to 1.6.4. 3.70.1 Sonatype Nexus Repository 3.70.1 fixes an issue impacting deployments where the UI is not functional when using a custom context path for the instance. This issue is only in the UI and not when making requests for components. This release also downgrades axios to 0.27.2 to resolve the above issue. 3.70.0 Tip Required Action Before Upgrading If you are using an H2 database, you must use the Admin - Export SQL database to script task (released in 3.69.0) to create a SQL script export of your H2 database before upgrading to Nexus Repository 3.70.0. This means you must upgrade to 3.69.0 before upgrading to 3.70.0.
| |
June 4, 2024 |
| |
May 16, 2024 (3.68.1) May 7, 2024 (3.68.0) | 3.68.1 Critical Vulnerability Fix for All Sonatype Nexus Repository Deployments Sonatype Nexus Repository 3.68.1 fixes a critical vulnerability impacting all Sonatype Nexus Repository 3 deployments. This vulnerability can allow a specially crafted URL to return any file as a download, including system files outside of Nexus Repository application scope. See our CVE-2024-4956 KB article for full details. 3.68.0 Note Note that both H2 and PostgreSQL are currently only available to Pro customers. We expect to announce a new database option for OSS customers and will provide detailed migration paths in our August 2024 release.
| |
April 10, 2024 (3.67.1) April 2, 2024 (3.67.0) |
| |
March 5, 2024 |
| |
February 6, 2024 |
| |
January 9, 2024 | Note: Pre-release binaries for version 3.64.0 were inadvertently made available on some download links pulling the latest Sonatype Nexus Repository version. We then discovered a bug in the 3.64.0-03 binaries causing authentication errors for some SAML implementations. We fixed this bug and have released new binaries. Please ensure you are using the 3.64.0-04 binaries to get all fixes in this release
|