Skip to main content

4.0.1 Release Notes

4.0.1 Release Notes

Name: "Kraken brown apple" Release Date: April 4, 2022

Rundeck 4.0.1 Release Notes

This hotfix version includes updates related to vulnerabilities in Spring Framework announced hereopen in new window.

This fix brings the version of Grails up to 5.1.6 and Spring Framework up to 5.3.18 to address CVE-2022-22965open in new window

The specific Pull Requests can be reviewed using this linkopen in new window.

Warning

Warning: This release contains a bug that will cause issues in environments using a Load Balancer in front of Rundeck and running on https. If your environment leverages a load balancer (NGINX, ELB, etc) and the server.useForwardHeaders=true is set there may be a situation where this version reverts to using http instead of https.

Rundeck 4.1.0 fixes this bug. That version also includes the Spring4Shell fixes covered in 4.0.1.

Staff Contributors

  • Greg Schueler (gschueler)
  • Stephen Joyner (sjrd218)
  • Imad Jafir (imad6639)
  • Luis Toledo (ltamaster)
  • Rodrigo Navarro (ronaveva)
  • Carlos Eduardo (carlosrfranco)
  • Miguel Ramos (mishingo)
  • Christopher McCarroll-Gilbert (chrismcg14)
  • Jason Qualman (qualman)
  • Alexander Abarca (alexander-variacode)
  • Alberto Hormazabal Cespedes (ahormazabal)
  • Leonel Juarez (L2JE)
  • Eric He (ehe-pd)
  • Amir Jafarvand (ajafarvand)
  • Devlin Cashman (devlincashman)
  • Jeremy Olexa (jolexa)
  • Osmar Perez (perezo-pd)
  • Forrest Evans (fdevans)
  • Jake Cohen (jsboak)