ONgDB Releases

ONgDB 1.0.5 is a maintenance release that improves quality of life and fixes medium security vulnerabilities

• [ONGDB-288] – Upgrade netty to 4.1.75.Final to fix security vulnerabilities
• [ONGDB-317] – Upgrade com.hazelcast:hazelcast-all to 3.12.12
• [ONGDB-399] – Bump shiro-core from 1.9.1 to 1.10.0
• [ONGDB-400] – Bump jackson-databind from 2.13.3 to 2.13.4.2
• [ONGDB-401] – Bump jetty-server from 9.4.46.v20220331 to 9.4.51.v20230217

ONgDB 1.0.4 is a maintenance release that improves quality of life and fixes medium security vulnerabilities

• [ONGDB-304] – Fixes KeyStores with multiple certificates are not supported
• [ONGDB-311] – Bump shiro-core to 1.9.1
• [ONGDB-312] – Fixes metric output with incorrect names
• [ONGDB-313] – Fixes usage data keys to be consistent

ONgDB 1.0.3 is a maintenance release that fixes many high and medium security vulnerabilities

• [ONGDB-294] – Upgrade to Jackson 2.13.3
• [ONGDB-299] – Upgrade io.netty:netty-all to 4.1.44.Final to fix high security vulnerability
• [ONGDB-301] – Upgrade com.hazelcast:hazelcast-all to 3.10.1 to fix high security vulnerability
• [ONGDB-300] – Upgrade org.mozilla:rhino to 1.7.12 to fix high security vulnerability

ONgDB 1.0.2 is a maintenance release that fixes many high and medium security vulnerabilities

• [ONGDB-284] – Upgrade org.eclipse.jetty version to 9.4.46
• [ONGDB-289] – Upgrade httpclient to 4.5.13 to fix security vulnerabilities
• [ONGDB-291] – Upgrade bcprov-jdk15on to 1.70
• [ONGDB-292] – Upgrade gson from 2.8.2 to 2.8.9
• [ONGDB-293] – Upgrade netty to 4.1.42.Final to fix security vulnerability

ONgDB 1.0.1 is a maintenance release with many important security fixes

• [ONGDB-274] – TLSv1 and TLSv1.1 are no longer supported and expected to fail
• [ONGDB-276] – Upgrade Shiro to 1.9.0
• [ONGDB-280] – Remove log4j 1.2.17 to fix critical vulnerability
• [ONGDB-281] – Upgrade commons-compress to 1.21 to fix high vulnerabilities
• [ONGDB-283] – Upgrade org.eclipse.jetty version to 9.4.12.v20180830

ONgDB 1.0.0 is the GA 1.0 release of ONgDB, a fully open source, native graph database attributable to the Graph Foundation

• [ONGDB-249] – Bump httpclient from 4.5.2 to 4.5.13
• [ONGDB-250] – Bump shiro-core from 1.5.3 to 1.6.0
• [ONGDB-253] – Bump ONgDB Browser to 1.0.0

ONgDB 1.0.0-beta01 is the 1.0 Beta release of ONgDB, a fully open source, native graph database attributable to the Graph Foundation

• [ONGDB-111] – Apache Shiro is outdated and needs latest security patches
• [ONGDB-210] – ONgDB should have proper authentication realm
• [ONGDB-220] – Support Java Driver 1.7.5
• [ONGDB-241] – Metrics should be output with ongdb group
• [ONGDB-243] – Windows packaging needs updated properly for ONgDB
• [ONGDB-245] – Improve packaged ongdb.config with better defaults
• [ONGDB-248] – ONgDB service fails to start on Windows with service ‘ongdb’ not
  found

ONgDB 1.0.0-alpha01 is the 1.0 Alpha release of ONgDB, a fully open source database attributable to the Graph Foundation

• [ONGDB-11] – Dependency version must be valid version for cypher compatibility
• [ONGDB-12] – Execution list-all-licenses fails because dependencies could not be resolved
• [ONGDB-13] – Missing license requirements files
• [ONGDB-14] – Restart version to 1.0.0
• [ONGDB-15] – Generated NOTICE.txt should not differ from existing but contains Objenesis
• [ONGDB-16] – Generated NOTICE.txt should not differ for asm in neo4j-codegen