Aerospike XDR proxy release notes
XDR proxy 3.2.11
August 25, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-8916, CVE-2025-8058, CVE-2025-7425, CVE-2025-6965, CVE-2025-5914, CVE-2025-32415, CVE-2025-32414, CVE-2022-29458. [CONNECTOR-1262]
XDR proxy 3.2.10
July 28, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517, CVE-2025-6020, CVE-2025-6021, CVE-2025-30749, CVE-2025-47273, CVE-2025-48924, CVE-2025-49794, CVE-2025-49796, CVE-2025-50106. [CONNECTOR-1253]
XDR proxy 3.2.9
June 19, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-0395, CVE-2025-3576, CVE-2025-4802, CVE-2024-8176, CVE-2024-12133, CVE-2024-12243, CVE-2025-32414, CVE-2025-48734. [CONNECTOR-1236]
XDR proxy 3.2.8
May 28, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- Enhanced XDR-Proxy connector to reload TLS context on changes to any configured TLS files to connect to destination Aerospike Server. [CONNECTOR-1237]
XDR proxy 3.2.7
April 11, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Bug Fixes
- Changed default value of socket-receive-buffer-bytes to null from 32kb, so this is optional configuration validation only if configured. [CONNECTOR-1219]
Security
- Aerospike Connectors - Security vulnerabilities introduced through libxml2. [CONNECTOR-1220]
XDR proxy 3.2.6
March 03, 2025 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- Use sendTimeout as configured without doubling. [CONNECTOR-1183]
- Converted transaction debug level messages to trace level. [CONNECTOR-1184]
- Kotlin version upgraded to 2.x. [CONNECTOR-1185]
Security
- Updated logback-core to 1.5.15 version to fix CVE-2024-12798, CVE-2024-12801. [CONNECTOR-1175]
- Updated logback-core to 1.5.15 version to fix CVE-2024-12801. [CONNECTOR-1179]
- Updated logback-classic to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1180]
- Updated logback-core to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1181]
- Updated io.netty:netty-handler to 4.1.118.Final to fix CVE-2025-24970, CVE-2025-25193, CVE-2024-29025, CVE-2024-47554, CVE-2023-46120 (rabbitmq), CVE-2024-51504 (zookeeper). [CONNECTOR-1188]
XDR proxy 3.2.5
November 07, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fixed security vulnerability - Authentication Bypass in krb5-libs. [CONNECTOR-1160]
XDR proxy 3.2.4
October 23, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel. [CONNECTOR-1135]
- Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring. [CONNECTOR-1127]
Security
- Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3 [CONNECTOR-1149]
- Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core. [CONNECTOR-1149]
- Fixed Race Condition in io.undertow:undertow-core. [CONNECTOR-1149]
- Fixed Uncontrolled Resource Consumption in commons-io:commons-io. [CONNECTOR-1149]
XDR proxy 3.2.3
September 20, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- Logging improvement - Outbound Await Metrics for all applicable connectors. [CONNECTOR-1137]
XDR proxy 3.2.2
July 31, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fix Race Condition. [CONNECTOR-1105]
- Fix Uncontrolled Resource Consumption (‘Resource Exhaustion’). [CONNECTOR-1108]
XDR proxy 3.2.1
June 10, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Fix Improper Input Validation. [CONNECTOR-988]
- Fix Infinite loop. [CONNECTOR-989]
- Fix Uncontrolled Resource Consumption. [CONNECTOR-990]
- Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1035]
- Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1036]
- Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1037]
- Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1038]
XDR proxy 3.2.0
March 25, 2024 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- Make batching of ack configurable as a toggle. [CONNECTOR-922]
Security
- Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308 [CONNECTOR-928]
- Fix Infinite loop. CVE-2024-25710 [CONNECTOR-929]
XDR proxy 3.1.0
November 07, 2023 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Improvements
- Return all destination Aerospike server error codes to XDR source cluster. [CONNECTOR-805]
Security
- Upgrade netty and gRPC for CVE-2023-44487. [CONNECTOR-825]
XDR proxy 3.0.0
August 09, 2023 | Download
- Breaking change - Custom transformers will not be able to write Java runtime serialized objects as bins to target Aerospike cluster.
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Security
- Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0. [CONNECTOR-775]
XDR proxy 2.3.0
July 21, 2023 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
New Features
- JSON logging format. [CONNECTOR-584]
Improvements
- Upgrade internal dependencies. [CONNECTOR-716]
XDR proxy 2.2.1
May 17, 2023 | Download
- The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
- The connector is Java JVM based. Install the correct JVM for the desired architecture.
- This connector requires Java 11 or later.
Improvements
- Multi-arch container image supporting linux/arm64 and linux/amd64 platforms. [CONNECTOR-562]
- Upgrade vulnerable dependencies. [CONNECTOR-679]
XDR proxy 2.2.0
January 12, 2023 | Download
Bug Fixes
- Upgrade dependencies to fix XDR Proxy Vulnerabilities. [CONNECTOR-561]
XDR proxy 2.1.0
July 14, 2022 | Download
New Features
- Add support for Inbound SDK custom transformer in XDR Proxy. [CONNECTOR-365]
XDR proxy 2.0.0
April 04, 2022 | Download
New Features
- Provide an option for in-order delivery of different versions of the same record. [CONNECTOR-340]
Improvements
- Performance and stability improvements. [CONNECTOR-341]
- Vulnerability scanning and dependency upgrades. [CONNECTOR-342]
- Single installer for HTTP and XDR 5.0 wire protocol connector. [CONNECTOR-343]
XDR proxy 1.2.0
February 04, 2022 | Download
Improvements
- Support Java 17 runtime. [CONNECTOR-320]
- Support all XDR wire format options and flags. This feature enables support for bin deletions. [CONNECTOR-326]
XDR proxy 1.1.1
July 14, 2021 | Download
Improvements
- Upgrade external dependencies.
XDR proxy 1.1.0
May 24, 2021 | Download
- ATTENTION: HTTP connectors renamed from
aerospike-xdr-proxy-legacy
toaerospike-xdr-proxy-http
. Refer to documentation for installation and starting instructions.
New Features
- Prometheus integration support.
- Pre-packaged Grafana dashboards.
- PEM file format support in TLS configuration.
- Official container image available on Docker Hub.
Bug Fixes
- Handling of new particle types introduced by the Aerospike Server not recognized by the connector.
XDR proxy 1.0.0
August 10, 2020 | Download
- ATTENTION Upgrade to aerospike-xdr-proxy 1.1.0 or later when using Aerospike 5.6 Server or later.
- Initial General Availability release for Aerospike Server Enterprise Edition version 5.0 and above.
- Legacy support for versions of the Aerospike Server Enterprise Edition version 4.9 and below.
- If using Aerospike Server version 4.9 or below the Legacy connector must be used.
- WARNING: A serious flaw has been discovered for http v2 in the library used by Aerospike Server Enterprise < 5.0 change notification.
http-version
MUST be set tov1
to prevent xdr and change notification from being blocked.
Known Issues
- JDK-8 XDR proxy crashes when consuming records from Aerospike Server 5.6 or later.
- JDK-11 XDR proxy errors on every record consumed from Aerospike Server 5.6 or later.)