Dear Apache Geode Developer Community, Following the community’s collective decision to end support for version 1.14 and all earlier versions, we have been pleased to dedicate our efforts toward 1.15 and 2.0 with razor-focused attention. This strategic shift has allowed us to prioritize critical security remediations and essential dependency updates while further strengthening the project’s overall security and stability.
As we prepare for the upcoming Apache Geode 1.15.3 maintenance release, we would like to ensure the release notes accurately reflect the significant progress made by the community. We are profoundly grateful for the expertise and dedication you continue to invest in this project; it is your consistent effort that maintains the integrity of Apache Geode. To ensure our documentation is as comprehensive as possible, we would be honored to receive your guidance on which specific improvements deserve executive visibility. We are particularly interested in highlighting: -High-Impact Resolutions: Fixes addressing long-standing or complex technical challenges. -Stability Enhancements: Contributions that have measurably improved system reliability. -Community Milestones: Significant features or refinements driven by our contributors. If there is a Jira ticket or Pull Request you believe is essential for the "Highlights" section, please share it in this thread. Your insight is vital to ensuring we communicate the full value of this release to our stakeholders. Thank you again for your tireless commitment and for the invaluable role you play in the success of this community. ================ BEGIN OF RELEASE NOTE ============== Upcoming Release 1.15.3 This maintenance release is dedicated to critical security remediations and essential dependency updates, ensuring the continued security and integrity of the Apache Geode platform. Highlights -Security Vulnerability Remediation: Resolved Allocation of Resources Without Limits or Throttling (GEODE-10567 #7991) -Vulnerability Remediation: Addressed CVE-2025-68161 to protect against a man-in-the-middle attack (GEODE-10544 #7978) -Security Remediation: Addressed CVE-2025-48924 in Apache Commons Lang3 (GEODE-10546 #7976) -Dependency Update: Upgraded commons-io from 2.15.1 to 2.18.0 (GEODE-10549 #7979) -Dependency Update: Upgraded slf4j-api from 1.7.32 to 1.7.36 (GEODE-10548 #7977) ================== END OF RELEASE NOTE ============== Best regards, Jinwoo Hwang (he/him/his) SAS® Research and Development http://JinwooHwang.com<http://jinwoohwang.com/>
