v4.10.0
Fixes:
- OKAPI-1050 -Dlog4j2.formatMsgNoLookups=true for Debian/Ubuntu package (CVE-2021-44228)
- OKAPI-1047 Disable log4j JDNI by removing JdniLookup class (CVE-2021-44228)
- OKAPI-1048 Hazelcast 4.2.2, logging log4j2
- OKAPI-1046 Log4j 2.15.0 fixing remote execution (CVE-2021-44228)
- OKAPI-1041 Fix warnings about _tenantPermissions version 2.0
- OKAPI-1037 Missing permission check, token cache and pre/post filter
- OKAPI-1038 Disable X-Okapi-Trace header by default
- Upgrade to testcontainters 1.16.2 - makes Okapi pass tests on Apple M1
- Upgrade to nuprocess 2.0.2
- Upgrade to cron-utils 9.1.6
Other:
- OKAPI-1044 Upgrade to Vert.x 4.2.1
- OKAPI-1043 okapi reinstall