The release notes of the Trillo platform main releases are described below.
4.0.258
Security vulnerabilities in the Apache Log4j2 version 2.15 (or below) are fixed as described in CVE-2021-44228 and CVE-2021-45046. The library version is upgraded to 2.17.1
Other Miscellaneous Bugfixes
GCP Marketplace Installs: if you have installed workbench from GCP Marketplace then update the following deployments
Update trillo-rt deployment and update its container version with gcr.io/project-trillort/trillo-rt:4.0.258
Update trillo-data-service deployment and update its container version with gcr.io/project-trillort/trillo-rt/trillo-data-service:4.0.258
4.0.204
Security vulnerabilities in the Apache Log4j2 version 2.15 (or below) are fixed as described in CVE-2021-44228 and CVE-2021-45046. These vulnerabilities have been mitigated by adding -Dlog4j2.formatMsgNoLookups=true to the JVM args.
Other Bugfixes
GCP Marketplace Installs: if you have installed workbench from GCP Marketplace then update the following deployments
Update trillo-rt deployment and update its container version with gcr.io/project-trillort/trillo-rt:4.0.204
Update trillo-data-service deployment and update its container version with gcr.io/project-trillort/trillo-rt/trillo-data-service:4.0.204