Aerospike Connect for Pulsar Outbound release notes

Connect for Pulsar - Outbound 3.3.13

September 29, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Improvements

• Added support for Debian 13 “Trixie” [CONNECTOR-1215]

Security

• Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-58056, CVE-2025-58057, CVE-2025-58060, CVE-2025-58364 [CONNECTOR-1272]

---

Connect for Pulsar - Outbound 3.3.12

August 25, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-8916, CVE-2025-8058, CVE-2025-7425, CVE-2025-6965, CVE-2025-5914, CVE-2025-32415, CVE-2025-32414, CVE-2022-29458. [CONNECTOR-1262]

---

Connect for Pulsar - Outbound 3.3.11

July 28, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517, CVE-2025-6020, CVE-2025-6021, CVE-2025-30749, CVE-2025-47273, CVE-2025-48924, CVE-2025-49794, CVE-2025-49796, CVE-2025-50106. [CONNECTOR-1253]

---

Connect for Pulsar - Outbound 3.3.10

June 19, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-0395, CVE-2025-3576, CVE-2025-4802, CVE-2024-8176, CVE-2024-12133, CVE-2024-12243, CVE-2025-32414, CVE-2025-48734. [CONNECTOR-1236]

---

Connect for Pulsar - Outbound 3.3.9

April 11, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Bug Fixes

• Changed default value of socket-receive-buffer-bytes to null from 32kb, so this is optional configuration validation only if configured. [CONNECTOR-1219]

Security

• Aerospike Connectors - Security vulnerabilities introduced through libxml2. [CONNECTOR-1220]

---

Connect for Pulsar - Outbound 3.3.8

March 03, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• Use sendTimeout as configured without doubling. [CONNECTOR-1183]
• Converted transaction debug level messages to trace level. [CONNECTOR-1184]
• Kotlin version upgraded to 2.x. [CONNECTOR-1185]

Security

• Updated logback-core to 1.5.15 version to fix CVE-2024-12798, CVE-2024-12801. [CONNECTOR-1175]
• Updated logback-core to 1.5.15 version to fix CVE-2024-12801. [CONNECTOR-1179]
• Updated logback-classic to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1180]
• Updated logback-core to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1181]
• Updated io.netty:netty-handler to 4.1.118.Final to fix CVE-2025-24970, CVE-2025-25193, CVE-2024-29025, CVE-2024-47554, CVE-2023-46120 (rabbitmq), CVE-2024-51504 (zookeeper). [CONNECTOR-1188]

---

Connect for Pulsar - Outbound 3.3.7

January 07, 2025  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Updated async-http-client to 1.5.15 with dependency jar pulsar version to 4.0.1 - to fix CVE-2024-53990. [CONNECTOR-1175]

---

Connect for Pulsar - Outbound 3.3.6

December 03, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• [CONNECTOR-1166]
  • Fixed pulsar-client-factory to authenticate explicitly when authentication parameters are configured.
  • Added integration test case to handle Mutual TLS.
  • Added necessary certificates and PEM files.

---

Connect for Pulsar - Outbound 3.3.5

November 07, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fixed security vulnerability - Authentication Bypass in krb5-libs. [CONNECTOR-1160]

---

Connect for Pulsar - Outbound 3.3.4

October 24, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3. [CONNECTOR-1149]
• Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core. [CONNECTOR-1149]
• Fixed Race Condition in io.undertow:undertow-core. [CONNECTOR-1149]
• Fixed Uncontrolled Resource Consumption in commons-io:commons-io. [CONNECTOR-1149]

---

Connect for Pulsar - Outbound 3.3.3

September 20, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring. [CONNECTOR-1127]
• Logging improvement - Outbound Await Metrics for all applicable connectors. [CONNECTOR-1137]

Security

• Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel. [CONNECTOR-1135]
• Upgraded Pulsar version.
• Fixed com.google.protobuf:protobuf-java Stack-based Buffer Overflow.

---

Connect for Pulsar - Outbound 3.3.2

July 26, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fix Race Condition. [CONNECTOR-1105]
• Fix Uncontrolled Resource Consumption (‘Resource Exhaustion’). [CONNECTOR-1108]

---

Connect for Pulsar - Outbound 3.3.1

June 09, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Fix Improper Input Validation. [CONNECTOR-985]
• Fix Infinite loop. [CONNECTOR-986]
• Fix Uncontrolled Resource Consumption. [CONNECTOR-987]
• Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1030]
• Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1031]
• Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1032]
• Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1033]
• Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1034]

---

Connect for Pulsar - Outbound 3.3.0

March 26, 2024  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• Make batching of ack configurable as a toggle. [CONNECTOR-922]

Security

• Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308 [CONNECTOR-928]
• Fix Infinite loop. CVE-2024-25710 [CONNECTOR-929]

---

Connect for Pulsar - Outbound 3.2.2

November 07, 2023  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Upgrade netty and gRPC for CVE-2023-44487. [CONNECTOR-825]

---

Connect for Pulsar - Outbound 3.2.1

August 09, 2023  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Security

• Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0. [CONNECTOR-775]

---

Connect for Pulsar - Outbound 3.2.0

July 21, 2023  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

New Features

• Batching support. [CONNECTOR-373]
• Batching support for inbuilt formats. [CONNECTOR-431]
• JSON logging format. [CONNECTOR-584]
• Bin include/exclude option in bin transformer. [CONNECTOR-705]
• Configurable message key for Pulsar messages. [CONNECTOR-752]

Improvements

• Upgrade internal dependencies. [CONNECTOR-716]

---

Connect for Pulsar - Outbound 3.1.0

May 19, 2023  |  Download

• The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
• The connector is Java JVM based. Install the correct JVM for the desired architecture.
• This connector requires Java 11 or later.

Improvements

• Multi-arch container image supporting linux/arm64 and linux/amd64 platforms. [CONNECTOR-562]
• Upgrade vulnerable dependencies. [CONNECTOR-679]
• Formatting option stringify-map-keys now defaults to true. [CONNECTOR-680]

Bug Fixes

• Fixed handling of sorted map JSON conversion. [CONNECTOR-653]

---

Connect for Pulsar - Outbound 3.0.0

May 05, 2022  |  Download

Improvements

• Performance and stability improvements. [CONNECTOR-341]
• Vulnerability scanning and dependency upgrades. [CONNECTOR-342]
• Single installer for HTTP and XDR 5.0 wire protocol connector. [CONNECTOR-343]
• Add support for only metadata, no-bins schemas in AvroMap and AvroRecord formats. The no-bins bin policy was introduced in Aerospike server version 6.0.0.0. [CONNECTOR-348]

---

Connect for Pulsar - Outbound 2.2.0

February 04, 2022  |  Download

New Features

• Add support to plugin custom code through the Custom transformer API. [CONNECTOR-319]
• Add support for port-based configuration. [CONNECTOR-321]

Improvements

• Support Java 17 runtime. [CONNECTOR-320]
• Add a routing config to skip dispatching of records to the destination. [CONNECTOR-323]

---

Connect for Pulsar - Outbound 2.1.0

July 14, 2021  |  Download

Improvements

• Upgrade external dependencies.

---

Connect for Pulsar - Outbound 2.0.0

May 24, 2021  |  Download

• If you are using Aerospike Database Enterprise Edition version 5.6 or later, ensure that you use this version of the Pulsar outbound connector or a later one.
• ATTENTION: HTTP connectors renamed from aerospike-pulsar-outbound-legacy to aerospike-pulsar-outbound-http. Refer to documentation for installation and starting instructions.
• ATTENTION: Outbound format breaking changes.
  • For Aerospike Server versions <= 4.9 that do not ship generation, expiry, and lut (last update time)
    • these fields are omitted from the payload in Json, FlatJson, and Avro-Map format.
    • these fields are shipped as nil in MessagePack format.
    • these fields are shipped as null in Avro-Record format.
  • Last update time - lut has been upscaled to a Long from Int. Avro-Record schemas specified in the config should change lut type from int to long.

New Features

• Prometheus integration support.
• Pre-packaged Grafana dashboards.
• PEM file format support in TLS configuration.
• Support for Boolean particle type introduced in Aerospike Server version 5.6.
• Official container image available on Docker Hub.

Bug Fixes

• Handling of new particle types introduced by the Aerospike Server not recognized by the connector.
• Possible incorrect handling of byte array and extension types in lists and maps in rare cases.
• Multiple connector instances with the same producer name for a topic crashes the connector instances.

---

Connect for Pulsar - Outbound 1.0.0

December 14, 2020  |  Download

• ATTENTION Upgrade to aerospike-pulsar-outbound 2.0.0 or later when using Aerospike Server 5.6 or later.
• Initial General Availability release for Aerospike Server Enterprise Edition version 5.0 and above.
• Legacy support for versions of the Aerospike Server Enterprise Edition version 4.9 and below.
  • If using Aerospike Server version 4.9 or below the Legacy connector must be used.
  • WARNING: A serious flaw has been discovered for http v2 in the library used by Aerospike Server Enterprise < 5.0 change notification. http-version MUST be set to v1 to prevent XDR and Change Notification from being blocked.

Known Issues

• JDK-8 connector crashes when consuming records from Aerospike Server 5.6 or later.
• JDK-11 connector errors on every record consumed from Aerospike Server 5.6 or later.

---