Hello Apache Geode Developer Community, We are excited to prepare the 2.0.1 maintenance release. Much of our recent work has been focused on remediating critical security vulnerabilities. Alongside that effort, we want to ensure the release notes clearly reflect the improvements that matter most to the community.
Beyond the security updates, we would welcome your input on: -Key fixes that resolved impactful or long-standing issues -Stability improvements you have noticed in recent pull requests -Community contributions, including features or fixes that deserve recognition If there is a specific ticket or pull request you believe should be included in the Highlights section, please reply to this thread. Our goal is to ensure the release notes accurately reflect our collective progress. Thank you, as always, for your continued support and contributions. ================ BEGIN OF RELEASE NOTE ============== Upcoming Release 2.0.1 This maintenance release focuses on critical security vulnerability remediations and dependency updates to ensure the ongoing stability and security of the platform. Highlights -Critical Security Patches: Remediated CVE-2024-12798, CVE-2024-12801, CVE-2025-11226, and CVE-2026-1225 (GEODE-10555 #7982) -Vulnerability Remediation: Addressed CVE-2025-68161 to protect against a man-in-the-middle attack (GEODE-10543 #7975) -Security Remediation: Resolved CVE-2026-23903 to remediate Authentication Bypass (GEODE-10559 #7986) -Denial of Service Remediation: Fixed Allocation of Resources Without Limits or Throttling (GEODE-10565 #7990) -Security by-pass and DoS Remediation: Resolved CVE-2026-1605 and CVE-2025-11143 (GEODE-10568 #7992) ================== END OF RELEASE NOTE ============== Best regards, Jinwoo Hwang (he/him/his) SASĀ® Research and Development http://JinwooHwang.com<http://jinwoohwang.com/>
