Skip to content

DSE 6.8.65 Release Notes#284

Open
janmast1o wants to merge 1 commit into
masterfrom
dse-6.8.65-release
Open

DSE 6.8.65 Release Notes#284
janmast1o wants to merge 1 commit into
masterfrom
dse-6.8.65-release

Conversation

@janmast1o

Copy link
Copy Markdown
Contributor

Release Notes Automation

If you name your pull-request as "Product x.y.z Release ...", after merging the
PR, a GitHub Action will automatically create a product version tag "product-x.y.z".

Supported product names are:

  • DSE
  • OpsCenter
  • Studio
  • Luna Streaming

Version supports 3 sets or 4 sets of digits.

Comment thread DSE_6.8_Release_Notes.md
* Changed uploaded parts metadata validation logic during multipart upload to always sort the parts in ascending order during validation. (DSP-25205)

## 6.8.65 DSE Security
* Updates package signatures to use IBM official package signature keys. (DSP-25017)

@annieden annieden Jul 14, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Updates package signatures to use IBM official package signature keys. (DSP-25017)
* Updated package signatures to use IBM official package signature keys. (DSP-25017)

Comment thread DSE_6.8_Release_Notes.md
* Changed backup store creation/alteration logic to raise a warning instead of an error when passing a settings map with unknown flags. Changed backup store creation/alteration to save all passed flags in the database instead of only the familiar ones. (DSP-25181)

## 6.8.65 DSE Node/DseTool
* Added ability to dynamically reload certificates for inter-node connections, it eliminates the need for restarts. The reload can be triggered manually via `nodetool reloadssl`. (DSP-25085)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Added ability to dynamically reload certificates for inter-node connections, it eliminates the need for restarts. The reload can be triggered manually via `nodetool reloadssl`. (DSP-25085)
* Added the ability to dynamically reload certificates for inter-node connections to eliminate the need for restarts. The reload can be triggered manually with `nodetool reloadssl`. (DSP-25085)

Comment thread DSE_6.8_Release_Notes.md
* Added a configurable minimum interval between password changes per role (default: 5 seconds) to prevent authenticated denial-of-service attacks through rapid password changes. (DSP-25098, [CVE-2026-32588](https://nvd.nist.gov/vuln/detail/CVE-2026-32588))
* Upgraded Mina to version 2.0.29. (DSP-25180, [CVE-2026-47065](https://nvd.nist.gov/vuln/detail/CVE-2026-47065), [CVE-2026-47321](https://nvd.nist.gov/vuln/detail/CVE-2026-47321))
* Upgraded Netty to version 4.1.135.1.dse, which is based on version 4.1.135.Final. (DSP-25065, [CVE-2025-67735](https://nvd.nist.gov/vuln/detail/CVE-2025-67735), [CVE-2026-46340](https://nvd.nist.gov/vuln/detail/CVE-2026-46340), [CVE-2026-45536](https://nvd.nist.gov/vuln/detail/CVE-2026-45536), [CVE-2026-45673](https://nvd.nist.gov/vuln/detail/CVE-2026-45673), [CVE-2026-45674](https://nvd.nist.gov/vuln/detail/CVE-2026-45674), [CVE-2026-47691](https://nvd.nist.gov/vuln/detail/CVE-2026-47691), [CVE-2026-44249](https://nvd.nist.gov/vuln/detail/CVE-2026-44249), [CVE-2026-45416](https://nvd.nist.gov/vuln/detail/CVE-2026-45416), [CVE-2026-48006](https://nvd.nist.gov/vuln/detail/CVE-2026-48006), [CVE-2026-44893](https://nvd.nist.gov/vuln/detail/CVE-2026-44893), [CVE-2026-48059](https://nvd.nist.gov/vuln/detail/CVE-2026-48059), [CVE-2026-44249](https://nvd.nist.gov/vuln/detail/CVE-2026-44249))
* Upgraded opentelemetry to version 1.62.0. (DSP-25162, [CVE-2026-45292](https://nvd.nist.gov/vuln/detail/CVE-2026-45292))

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Upgraded opentelemetry to version 1.62.0. (DSP-25162, [CVE-2026-45292](https://nvd.nist.gov/vuln/detail/CVE-2026-45292))
* Upgraded OpenTelemetry to version 1.62.0. (DSP-25162, [CVE-2026-45292](https://nvd.nist.gov/vuln/detail/CVE-2026-45292))

Comment thread DSE_6.8_Release_Notes.md
* Upgraded Mina to version 2.0.29. (DSP-25180, [CVE-2026-47065](https://nvd.nist.gov/vuln/detail/CVE-2026-47065), [CVE-2026-47321](https://nvd.nist.gov/vuln/detail/CVE-2026-47321))
* Upgraded Netty to version 4.1.135.1.dse, which is based on version 4.1.135.Final. (DSP-25065, [CVE-2025-67735](https://nvd.nist.gov/vuln/detail/CVE-2025-67735), [CVE-2026-46340](https://nvd.nist.gov/vuln/detail/CVE-2026-46340), [CVE-2026-45536](https://nvd.nist.gov/vuln/detail/CVE-2026-45536), [CVE-2026-45673](https://nvd.nist.gov/vuln/detail/CVE-2026-45673), [CVE-2026-45674](https://nvd.nist.gov/vuln/detail/CVE-2026-45674), [CVE-2026-47691](https://nvd.nist.gov/vuln/detail/CVE-2026-47691), [CVE-2026-44249](https://nvd.nist.gov/vuln/detail/CVE-2026-44249), [CVE-2026-45416](https://nvd.nist.gov/vuln/detail/CVE-2026-45416), [CVE-2026-48006](https://nvd.nist.gov/vuln/detail/CVE-2026-48006), [CVE-2026-44893](https://nvd.nist.gov/vuln/detail/CVE-2026-44893), [CVE-2026-48059](https://nvd.nist.gov/vuln/detail/CVE-2026-48059), [CVE-2026-44249](https://nvd.nist.gov/vuln/detail/CVE-2026-44249))
* Upgraded opentelemetry to version 1.62.0. (DSP-25162, [CVE-2026-45292](https://nvd.nist.gov/vuln/detail/CVE-2026-45292))
* Upgraded tomcat version to 9.0.119. (DSP-25210, [CVE-2026-55276](https://nvd.nist.gov/vuln/detail/CVE-2026-55276))

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Upgraded tomcat version to 9.0.119. (DSP-25210, [CVE-2026-55276](https://nvd.nist.gov/vuln/detail/CVE-2026-55276))
* Upgraded Tomcat version to 9.0.119. (DSP-25210, [CVE-2026-55276](https://nvd.nist.gov/vuln/detail/CVE-2026-55276))

@annieden annieden left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving, as long as you merge the several edits I made - which, btw, match the edits done in 6.9.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants