Database ( latest 8.1.0 )

/Manage/XDR/XDR proxy/Release notes

Aerospike XDR proxy release notes

XDR proxy 3.2.12

September 29, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Improvements

Added support for Debian 13 “Trixie” [CONNECTOR-1215]

Security

Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-58056, CVE-2025-58057, CVE-2025-58060, CVE-2025-58364 [CONNECTOR-1272]

XDR proxy 3.2.11

August 25, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-8916, CVE-2025-8058, CVE-2025-7425, CVE-2025-6965, CVE-2025-5914, CVE-2025-32415, CVE-2025-32414, CVE-2022-29458. [CONNECTOR-1262]

XDR proxy 3.2.10

July 28, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517, CVE-2025-6020, CVE-2025-6021, CVE-2025-30749, CVE-2025-47273, CVE-2025-48924, CVE-2025-49794, CVE-2025-49796, CVE-2025-50106. [CONNECTOR-1253]

XDR proxy 3.2.9

June 19, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fixed - Aerospike Connectors - Security vulnerabilities - CVE-2025-0395, CVE-2025-3576, CVE-2025-4802, CVE-2024-8176, CVE-2024-12133, CVE-2024-12243, CVE-2025-32414, CVE-2025-48734. [CONNECTOR-1236]

XDR proxy 3.2.8

May 28, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

Enhanced XDR-Proxy connector to reload TLS context on changes to any configured TLS files to connect to destination Aerospike Server. [CONNECTOR-1237]

XDR proxy 3.2.7

April 11, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Bug Fixes

Changed default value of socket-receive-buffer-bytes to null from 32kb, so this is optional configuration validation only if configured. [CONNECTOR-1219]

Security

Aerospike Connectors - Security vulnerabilities introduced through libxml2. [CONNECTOR-1220]

XDR proxy 3.2.6

March 03, 2025 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

Use sendTimeout as configured without doubling. [CONNECTOR-1183]
Converted transaction debug level messages to trace level. [CONNECTOR-1184]
Kotlin version upgraded to 2.x. [CONNECTOR-1185]

Security

Updated logback-core to 1.5.15 version to fix CVE-2024-12798, CVE-2024-12801. [CONNECTOR-1175]
Updated logback-core to 1.5.15 version to fix CVE-2024-12801. [CONNECTOR-1179]
Updated logback-classic to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1180]
Updated logback-core to 1.5.15 version to fix CVE-2024-12798. [CONNECTOR-1181]
Updated io.netty:netty-handler to 4.1.118.Final to fix CVE-2025-24970, CVE-2025-25193, CVE-2024-29025, CVE-2024-47554, CVE-2023-46120 (rabbitmq), CVE-2024-51504 (zookeeper). [CONNECTOR-1188]

XDR proxy 3.2.5

November 07, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fixed security vulnerability - Authentication Bypass in krb5-libs. [CONNECTOR-1160]

XDR proxy 3.2.4

October 23, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

Fix Arbitrary Code Injection affecting platform-python-setuptools & python3-setuptools-wheel. [CONNECTOR-1135]
Netty buffer customization changes in connectors and Kafka Outbound Await Metrics for better monitoring. [CONNECTOR-1127]

Security

Fixed Deserialization of Untrusted Data in org.apache.avro:avro:1.11.3 [CONNECTOR-1149]
Fixed Denial of Service (DoS) in com.fasterxml.jackson.core:jackson-core. [CONNECTOR-1149]
Fixed Race Condition in io.undertow:undertow-core. [CONNECTOR-1149]
Fixed Uncontrolled Resource Consumption in commons-io:commons-io. [CONNECTOR-1149]

XDR proxy 3.2.3

September 20, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

Logging improvement - Outbound Await Metrics for all applicable connectors. [CONNECTOR-1137]

XDR proxy 3.2.2

July 31, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fix Race Condition. [CONNECTOR-1105]
Fix Uncontrolled Resource Consumption (‘Resource Exhaustion’). [CONNECTOR-1108]

XDR proxy 3.2.1

June 10, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Fix Improper Input Validation. [CONNECTOR-988]
Fix Infinite loop. [CONNECTOR-989]
Fix Uncontrolled Resource Consumption. [CONNECTOR-990]
Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1035]
Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1036]
Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1037]
Fix Out-of-bounds write vulnerabilities. [CONNECTOR-1038]

XDR proxy 3.2.0

March 25, 2024 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

Make batching of ack configurable as a toggle. [CONNECTOR-922]

Security

Fix Allocation of Resources Without Limits or Throttling. CVE-2024-26308 [CONNECTOR-928]
Fix Infinite loop. CVE-2024-25710 [CONNECTOR-929]

XDR proxy 3.1.0

November 07, 2023 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Improvements

Return all destination Aerospike server error codes to XDR source cluster. [CONNECTOR-805]

Security

Upgrade netty and gRPC for CVE-2023-44487. [CONNECTOR-825]

XDR proxy 3.0.0

August 09, 2023 | Download

Breaking change - Custom transformers will not be able to write Java runtime serialized objects as bins to target Aerospike cluster.
The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Security

Address CVE-2023-36480 - upgrade to aerospike-java-client version 7.0.0. [CONNECTOR-775]

XDR proxy 2.3.0

July 21, 2023 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

New Features

JSON logging format. [CONNECTOR-584]

Improvements

Upgrade internal dependencies. [CONNECTOR-716]

XDR proxy 2.2.1

May 17, 2023 | Download

The *.deb and *.rpm files support multiple architectures (ARM64 & AMD64).
The connector is Java JVM based. Install the correct JVM for the desired architecture.
This connector requires Java 11 or later.

Improvements

Multi-arch container image supporting linux/arm64 and linux/amd64 platforms. [CONNECTOR-562]
Upgrade vulnerable dependencies. [CONNECTOR-679]

XDR proxy 2.2.0

January 12, 2023 | Download

Bug Fixes

Upgrade dependencies to fix XDR Proxy Vulnerabilities. [CONNECTOR-561]

XDR proxy 2.1.0

July 14, 2022 | Download

New Features

Add support for Inbound SDK custom transformer in XDR Proxy. [CONNECTOR-365]

XDR proxy 2.0.0

April 04, 2022 | Download

New Features

Provide an option for in-order delivery of different versions of the same record. [CONNECTOR-340]

Improvements

Performance and stability improvements. [CONNECTOR-341]
Vulnerability scanning and dependency upgrades. [CONNECTOR-342]
Single installer for HTTP and XDR 5.0 wire protocol connector. [CONNECTOR-343]

XDR proxy 1.2.0

February 04, 2022 | Download

Improvements

Support Java 17 runtime. [CONNECTOR-320]
Support all XDR wire format options and flags. This feature enables support for bin deletions. [CONNECTOR-326]

XDR proxy 1.1.1

July 14, 2021 | Download

Improvements

Upgrade external dependencies.

XDR proxy 1.1.0

May 24, 2021 | Download

ATTENTION: HTTP connectors renamed from aerospike-xdr-proxy-legacy to aerospike-xdr-proxy-http. Refer to documentation for installation and starting instructions.

New Features

Prometheus integration support.
Pre-packaged Grafana dashboards.
PEM file format support in TLS configuration.
Official container image available on Docker Hub.

Bug Fixes

Handling of new particle types introduced by the Aerospike Server not recognized by the connector.

XDR proxy 1.0.0

August 10, 2020 | Download

ATTENTION Upgrade to aerospike-xdr-proxy 1.1.0 or later when using Aerospike 5.6 Server or later.
Initial General Availability release for Aerospike Server Enterprise Edition version 5.0 and above.
Legacy support for versions of the Aerospike Server Enterprise Edition version 4.9 and below.
- If using Aerospike Server version 4.9 or below the Legacy connector must be used.
- WARNING: A serious flaw has been discovered for http v2 in the library used by Aerospike Server Enterprise < 5.0 change notification. http-version MUST be set to v1 to prevent xdr and change notification from being blocked.

Known Issues

JDK-8 XDR proxy crashes when consuming records from Aerospike Server 5.6 or later.
JDK-11 XDR proxy errors on every record consumed from Aerospike Server 5.6 or later.)