3.45.0 - 3.45.1 | January 17, 2023 (3.45.1) December 28, 2022 (3.45.0) | 3.45.1 3.45.0 Nexus Repository 3 instances using PostgreSQL databases now use the pg_trgm (trigram) module. This module may not be installed with PostgreSQL by default on all Linux distributions, which will result in an exception when attempting to upgrade. If you find yourself in this situation, you will need to install the postgresql-contrib package available from your Linux distribution. In order to install it, the PostgreSQL user must have CREATE privileges on the current database. See our knowledge base article for further information. Due to multiple known issues that can lead to data loss, we have disabled the Admin - Change repository blob store task for your protection. All pre-existing tasks of this type will no longer run, and you will not be able to create new ones through either the user interface or API. We highly discourage you from using this task in earlier Nexus Repository releases where it is not disabled.
|
3.44.0 | November 14, 2022 | Nexus Repository 3 instances using PostgreSQL databases now use the pg_trgm (trigram) module. This module may not be installed with PostgreSQL by default on all Linux distributions, which will result in an exception when attempting to upgrade. If you find yourself in this situation, you will need to install the postgresql-contrib package available from your Linux distribution. In order to install it, the PostgreSQL user must have CREATE privileges on the current database. See our knowledge base article for further information. Multiple bug fixes
|
3.43.0 | November 7, 2022 | Nexus Repository versions up to 3.42.0 (inclusive) included a vulnerable version of Apache Shiro. While we do not know of a reported exploit, we’ve upgraded Apache Shiro from 1.9.1 to 1.10.0 out of an abundance of caution. To ensure your safety, you should update to the latest version of Nexus Repository. NuGet V2 Support for H2 and PostgreSQL Database Users Nexus Repository Now Mirrors PyPI Yank Attribute Upgraded Jackson Databind from version 2.13.2.1 to 2.13.4.2. Upgraded SnakeYAML from version 1.28 to version 1.32.
|
3.42.0 | September 26, 2022 | Upgraded Eclipse Jetty from version 9.4.43.v2021062 to version 9.4.48.v20220622 Component search will not perform a search query until you have specified search criteria Any metadata file changes made by using the Remove Quarantined Versions feature are now logged in $data-dir/log/nexus.log and $data-dir/log/audit.log
|
3.41.0 - 3.41.1 | August 19, 2022 (3.41.1) July 27, 2022 (3.41.0) | Warning Critical Nexus Repository Pro Cleanup Policy Bug Fix (3.41.1) This release fixes a critical cleanup policy bug impacting some Nexus Repository Pro deployments. See the official advisory for full details on who is impacted and how to remediate this issue. 3.41.0 New Admin - delete blobstore temporary files Task Upgraded the embedded JDK version from Java 8u252 to 8u332; this only affects Windows and MacOS installers New Optional Database Migrator Parameters As recommended in PEP 503, hosted PyPI repositories now provide SHA256 hashes instead of MD5 in the /simple web interface's href attributes that link to package files being served
|
3.40.0 - 3.40.1 | June 22, 2022 (3.40.0) June 24, 2022 (3.40.1) | 3.40.1 3.40.0 Docker Subdomain Connector Maven Metadata Rebuild Optimizations for SQL Databases Upgrade Database Migrator to Spring 5.3.18
|
3.39.0 | May 23, 2022 | Improved Resiliency/Disaster Recovery for File Blob Stores Prevent Blob Store Reconcile Task Interruption View Audit, Cluster, and Task Logs in User Interface
|
3.38.0 - 3.38.1 | March 2, 2022 (3.38.0) March 29, 2022 (3.38.1)
| 3.38.1 New chart in Log4J Visualizer Improvements to Policy-Compliant Component Selection for npm Upgraded the PostgreSQL driver from version 42.2.25 to version 42.3.3
3.38.0 This release includes a fix for a server-side request forgery (See the CVE-2022-27907 advisory for more information) This release includes a fix for an HTML injection vulnerability (See the CVE-2021-43961 advisory for full details) Repository Health Check for NuGet Versions Added GET Method to Repository Management API Expanded Assets API Asset Name Matcher Criteria Available for Yum Cleanup Policies Apple M1 Chip Support
|