Java Full-Stack Report April 2022: New & Noteworthy
See Current Version
Here are the most important news for Java developers from last month - in my opinion, at least.
|March 2022||February 2022||January 2022|
Table Of Contents
- What’s This?
- New & Noteworthy
New & Noteworthy
I didn’t have much time to collect news this month. But the
Java 18 Is Here
The new version of Java dropped on March 22. It doesn’t change how we write Java code. Well, unless you count the new
@snippet Javadoc tag. And maybe the deprecation of
Apart from that, UTF-8 is now the “default charset of the standard Java APIs”. And there’s a whole bunch of under-the-hood changes and updates to incubating features and features in preview. And for reasons, Java now has a web server that only serves HEAD and GET requests and doesn’t have authentication or HTTPS.
Zero-Day Exploit Hits Spring Boot
That’s the kind of announcement you hope you’ll never have to make: A zero-day exploit hit Spring Boot. Worse: The details of the exploit leaked in full before a fix was ready.
At the time of writing, the Spring team says that only applications running as WAR files in a standalone Tomcat instance on JDK 9+ are vulnerable. Please upgrade to Spring Boot 2.6.6 or 2.5.12 to fix this vulnerability.
Please see the announcement for details.
Java Heap Deep Dive, Part 2
Last month, I had a news item about “Java Garbage Collection Deep Dive, Part 1”. Well, turns out I suck at reading: The article was “Java Heap Deep Dive, Part 1” and discussed garbage collection. So the heap discussion continues with memory leaks.