What's new and changed in Common core services
Common core services updates can include new features, bug fixes, and security updates. Updates are listed in reverse chronological order so that the latest release is at the beginning of the topic.
You can see a list of the new features for the platform and all of the services at What's new in IBM Cloud Pak® for Data.
Cloud Pak for Data Version 4.6.5
A new version of Common core services was released in April 2023 with Cloud Pak for Data 4.6.5.
Operand version: 6.5.0
This release includes the following changes:
- Security fixes
-
CVE-2023-23916, CVE-2023-0767, CVE-2023-0215
CVE-2022-48285, CVE-2022-41717, CVE-2022-41716, CVE-2022-36087, CVE-2022-23491, CVE-2022-4450, CVE-2022-4304, CVE-2022-1471
CVE-2015-3627
CVE-2014-6393
Cloud Pak for Data Version 4.6.4
A new version of Common core services was released in March 2023 with Cloud Pak for Data 4.6.4.
Operand version: 6.4.0
This release includes the following changes:
- New features
-
The 6.4.0 release of the common core services includes changes to support features and updates in Watson™ Studio and Watson Knowledge Catalog.Version 6.4.0 of the common core services includes the following features and updates:
- Access more data with the new Presto connection
- You can now work with data from Presto data sources.
- Use a proxy server for Microsoft Azure Data Lake Store connections
- You can now select a proxy server for a new or existing Microsoft Azure Data Lake Store connection. A proxy server can provide load balancing, increased security, and privacy for the connection. For details, see Microsoft Azure Data Lake Store connection.
- Security fixes
-
This release includes fixes for the following security issues:
CVE-2023-22809, CVE-2023-21843, CVE-2023-21835, CVE-2023-21830
CVE-2022-48303, CVE-2022-47629, CVE-2022-45061, CVE-2022-4415, CVE-2022-40897, CVE-2022-40304, CVE-2022-40303, CVE-2022-27664, CVE-2022-25860
CVE-2021-43138, CVE-2021-28861
CVE-2020-10735
Cloud Pak for Data Version 4.6.3
A new version of Common core services was released in February 2023 with Cloud Pak for Data 4.6.3.
Operand version: 6.3.0
This release includes the following changes:
- New features
-
The 6.3.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.Version 6.3.0 of the common core services includes the following features and updates:
- Use a proxy server for Amazon S3 connections
- You can now select a proxy server for an Amazon S3 connection. A proxy server can provide load balancing, increased security, and privacy for the connection. For details, see Amazon S3 connection.
- High availability option for the Apache Hive connection
- Select the new option, Use ZooKeeper discovery, to enter a ZooKeeper namespace and a list of alternative servers to ensure continued access to the connection. See Apache Hive connection.
- New name for the setting to prevent users from retrieving unmasked sensitive credentials
- The setting Prevent users from retrieving decrypted credentials has been
renamed Mask sensitive credentials retrieved through API calls. This setting
is in the Create connection form.
Any setting that you previously enabled remains in effect. For information on creating a connection, see Connecting to data sources.
- Customer-reported issues fixed in this release
- DT189214: Resource Specification Injection(RSI) certification will expired in 20 days
- Security fixes
-
This release includes fixes for the following security issues:
CVE-2023-22467
CVE-2022-46175, CVE-2022-45146, CVE-2022-43680, CVE-2022-43548, CVE-2022-42898, CVE-2022-42012, CVE-2022-42011, CVE-2022-42010, CVE-2022-42004, CVE-2022-42003, CVE-2022-41715, CVE-2022-40897, CVE-2022-39353, CVE-2022-38900, CVE-2022-3821, CVE-2022-37616, CVE-2022-37603, CVE-2022-37601, CVE-2022-37599, CVE-2022-37434, CVE-2022-36313, CVE-2022-35737, CVE-2022-3517, CVE-2022-3515, CVE-2022-32190, CVE-2022-2953, CVE-2022-2880, CVE-2022-2879, CVE-2022-2869, CVE-2022-2868, CVE-2022-2867, CVE-2022-27664, CVE-2022-27406, CVE-2022-27405, CVE-2022-27404, CVE-2022-25927, CVE-2022-25901, CVE-2022-2521, CVE-2022-2520, CVE-2022-2519, CVE-2022-2509, CVE-2022-24439, CVE-2022-23541, CVE-2022-23540, CVE-2022-23539, CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619, CVE-2022-2058, CVE-2022-2057, CVE-2022-2056, CVE-2022-1304
CVE-2021-46848, CVE-2021-44906, CVE-2021-32796
CVE-2020-35527, CVE-2020-35525, CVE-2020-15522
CVE-2016-3709, CVE-2016-1000027
Cloud Pak for Data Version 4.6.1
A new version of Common core services was released in December 2022 with Cloud Pak for Data 4.6.1.
Operand version: 6.1.0
This release includes the following changes:
- New features
-
The 6.1.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.Version 6.1.0 of the common core services includes the following features and updates:
- Prevent users from retrieving decrypted credentials from connection properties
- As an extra security measure when you create or edit a connection, you can enable a setting that
prevents users, including the owner of the connection, from accessing the credentials through API
calls.
- For the list of services and tools that support the setting that prevents users from retrieving decrypted credentials from connection properties, see Flight service for access to data sources.
- For information on creating a connection, see Connecting to data sources.
This setting is independent of vaults.
- Security fixes
-
This release includes fixes for the following security issues:
CVE-2022-42919, CVE-2022-40674, CVE-2022-40153, CVE-2022-40152, CVE-2022-39353, CVE-2022-37616, CVE-2022-36087, CVE-2022-32189, CVE-2022-3171, CVE-2022-30699, CVE-2022-30698, CVE-2022-25310, CVE-2022-25309, CVE-2022-25308, CVE-2022-22844, CVE-2022-1355, CVE-2022-0924, CVE-2022-0909, CVE-2022-0908, CVE-2022-0891, CVE-2022-0865, CVE-2022-0562, CVE-2022-0561
CVE-2015-20107
Cloud Pak for Data Version 4.6.0
A new version of Common core services was released in November 2022 with Cloud Pak for Data 4.6.0.
Operand version: 6.0.0
This release includes the following changes:
- New features
-
The 6.0.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.Version 6.0.0 of the common core services includes the following features and updates:
- Access more data with new connection types
- You can now work with data from these data sources:
- New name for the IBM Data Virtualization connection
- The IBM Data Virtualization connector is renamed to IBM Watson Query. The associated platform connection name also changed. Your settings for the connection remain the same. Only the connection name has changed.
- Customer-reported issues fixed in this release
- DT160867: Cloud Pak for Data restrict instance restore posthooks failed timeout waiting for cpdbr-aux sts to be ready
- Bug fixes
-
This release includes the following fixes:
- Security fixes
-
This release includes fixes for the following security issues:
CVE-2022-42889, CVE-2022-39399, CVE-2022-39286, CVE-2022-38752, CVE-2022-38751, CVE-2022-38750, CVE-2022-38749, CVE-2022-3517, CVE-2022-34903, CVE-2022-34169, CVE-2022-33987, CVE-2022-32215, CVE-2022-32214, CVE-2022-32212, CVE-2022-32208, CVE-2022-32206, CVE-2022-3172, CVE-2022-29901, CVE-2022-29900, CVE-2022-29824, CVE-2022-29244, CVE-2022-27782, CVE-2022-27776, CVE-2022-27774, CVE-2022-26691, CVE-2022-25896, CVE-2022-25887, CVE-2022-2588, CVE-2022-25857, CVE-2022-25851, CVE-2022-25314, CVE-2022-25313, CVE-2022-2526, CVE-2022-25168, CVE-2022-23825, CVE-2022-23816, CVE-2022-22576, CVE-2022-21803, CVE-2022-21681, CVE-2022-21680, CVE-2022-21618, CVE-2022-21541, CVE-2022-21540, CVE-2022-21166, CVE-2022-21125, CVE-2022-21123, CVE-2022-2053, CVE-2022-1996, CVE-2022-1586, CVE-2022-1353, CVE-2022-1319, CVE-2022-0654, CVE-2022-0494, CVE-2022-0391
CVE-2021-40528, CVE-2021-3807, CVE-2021-23413, CVE-2021-21306
CVE-2020-15366, CVE-2020-12723, CVE-2020-10878, CVE-2020-10543
CVE-2015-20107