Chapter 3. Updates and Enhancements in 7.3.9
3.1. Log4j version 1.x removed
Data Grid 7.3.9 removes Log4j version 1.x components to address a critical security vulnerability as well as other CVEs of moderate severity. You must upgrade any Data Grid 7.3 deployments to version 7.3.9 as soon as possible.
Any custom components that rely on Log4j version 1.x capabilities, such as a cache loader or a server task implementation, no longer work because Data Grid 7.3.9 does not ship with Log4j version 1.x.
Red Hat recommends you upgrade any deployments from 7.3.x to the latest Data Grid 8 version as soon as possible. The Data Grid team regularly patch security vulnerabilities and actively fix issues on the latest version of the software.
Find the latest Data Grid documentation at: Data Grid product documentation
For more information about Data Grid version lifecycle and support details, see Data Grid Product Update and Support Policy
3.2. Data Grid Server upgraded to JBoss Enterprise Application Platform (EAP) 7.3.10
Data Grid Server is upgraded to EAP 7.3.10, which provides performance improvements and includes several CVE fixes to enhance security.
When patching Data Grid server installations to upgrade to 7.3.9, an issue with the patch results in an error at startup. You must manually edit the configuration after you apply the patch.
See Resolving Errors with the 7.3.8 and 7.3.9 Patch for instructions.
3.3. JBoss marshalling upgraded
Data Grid 7.3.9 upgrades JBoss marshalling to version 2.0.12.Final.
