github payara/Payara payara-server-5.2021.7
Payara Server Community Edition 5.2021.7

Release Notes - Payara Platform Community 5.2021.7

Supported APIs and Applications

  • Jakarta EE 8
  • Java EE 8 Applications
  • Jakarta EE 9
  • MicroProfile 4.1


Security Vulnerability

IMPORTANT: We recently discovered and fixed an important security vulnerability within the Payara Server and Payara Micro products. A path Traversal security issue was found when the application is deployed under the root context which allowed a hacker to read from the file system of the server running the application. We highly recommend that you upgrade to this version to avoid the security issue.

New Features

  • [FISH-5646] Add Client Certificate Validation API

Bug Fixes

  • [FISH-5711] Fix Could Not Load Formatter Class Error in Payara Micro
  • [FISH-5701] Application Does not Deploy Anymore on Payara Server Docker Image
  • FISH-5695) ArrayIndexOutOfBoundsException When the ConfigProperty Value Ends in a Dollar Sign
  • [FISH-5693] Delimiter for Configuring Multiple KeyStores and TrustStores Must use JVM Platform Delimiter
  • [FISH-5691] Do not Propagate Non-Transactional EM to Managed Tasks
  • [FISH-5690] Remove Duplicate postInvoke Handler Invocation on Failure
  • [FISH-5660] Deployment Failure on Payara Micro
  • [FISH-1058] Payara Micro - Wrong ClassLoader with Multiple Apps
  • [FISH-966] Fix Asadmin stop-domain Help Text
  • [FISH-81] Fix Incorrect Error "No valid EE environment for injection" for CDI Reported for Events

Component Upgrades

  • [FISH-5655] Update Jersey to 2.34.payara-p1

Security Fixes

  • [FISH-5702] Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') When Context Root is /
9 days ago