August Payara 5 Community Release Out Today!

Uncategorized

Payara Community Version 5.2022.3 is out today, bringing concurrency enhancements previously seen in Enterprise and a key security fix, solving the recently discovered CVE-2022-37422. You must update your environments to the latest version to be safe.

 

Please note: This is not the final Payara 5 Community release, but that final release is coming up in September – so get prepared to move to Jakarta EE 10 or choose Enterprise.

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix.

You can download Payara Community Version 5.2022.3here.

You Must Update – CVE-2022-37422

There is a recently detected a 0-day vulnerability in all distributions of the Payara Platform that affects web applications that are deployed in the default context root(/). To this effect, we have prepared a fix. 

All Payara users must update their environment as soon as possible to remain safe. The safe versions are:

  • Payara Enterprise 5.42.0
  • Payara Community 5.2022.3
  • Payara Enterprise 4.1.2.191.36

Not out yet, but coming soon: 

  • Payara Community 6.2022.1.Alpha4

We would like to credit and give thanks to Marcin Dudek (@dudekmar) who originally reported the issue.

Payara Community Receives Concurrency Enhancements 

Payara 5 Community users can now enjoy concurrency enhancements previously brought to Payara Enterprise.

Payara-resources.xml already allowed several different types of resources to be defined within it. Now, ManagedExecutorServices is one of them.This allows you to create concurrent ManagedExecutor resources automatically when the .ear or .jar that needs them is deployed. 

You can also now use ForkJoinPool for Managed Executor Services.

However, please note, that Payara 5 Community will soon be discontinued and the only safe way to use these enhancements will be with Payara 6 Community or Payara 5 Enterprise – find out more here.

Enterprise Users: Payara 4.x Extended Maintenance 

Today also sees the release of Payara 4.1.2.191.36. This is the last release before it enters its Extended Support phase. You have been emailed about this but monthly patches will stop being released for the current minor version, and we’ll stop implementing hotfixes and backport fixes for releases older than 4.1.2.191. Please upgrade your environments and contact our support team via the usual channels with any questions.

Webinar – Move Your GlassFish Upstream: What You Need to Know About Migration

If you are reading this, it is likely you are already using Payara Platform – but if you still have applications or projects in GlassFish, or know people who do, it’s time to make the change. 

Previously scheduled for July, the webinar has now been rearranged for August 24, 3.00 PM BST.

Make sure you re-sign up:

Release Notes

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix. 

See a more detailed overview in the Release Notes:

Comments (2)

Post a comment

Your email address will not be published. Required fields are marked *

Payara needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Legal & Privacy Policy.

  1. Eduardo Lozano

    The CVE-2022-37422 vulnerability only affects version 5.2022.2?

    1. Jadon Ortlepp

      Unfortunately it seems very likely it will affect some older versions as well.

Related Posts

Blue background with coral and fish. Left text: 'MONTHLY CATCH'. Right: laptop screen with tech tabs and Payara Community logo. 3 minutes
Community

The Payara Monthly Catch -September 2025

Welcome aboard the September issue of The Monthly Catch! With summer holidays wrapping up, the Java world is back […]

4 minutes
Uncategorized

Leading the Way: Payara Platform Community 7 Beta Now Fully Jakarta EE 11 Certified

We’re excited to announce that Payara Platform Community 7 Beta application server is now fully certified as Jakarta EE 11 […]

Understanding the Security Issues of Aging Middleware 8 minutes
Security

Understanding the Security Issues of Aging Middleware

Middleware runs quietly in the background of most applications, which makes it easy to overlook its lifecycle. In effect, […]