OpenDJ 5.0.4 Released

Download

What’s new

• Addressed security vulnerabilities:
  • CVE-2025-24970 - Netty SslHandler does not correctly validate packets, which can lead to a native crash when using the native SSLEngine
  • CVE-2025-12194 - JVM garbage collector overrun related to the use of the disposal daemon under Java 17 and Java 21
• Added fallback to $HOME/tmp as a temporary directory when the instance root is mounted as noexec
• Migrated cache library from Guava to Caffeine 3
• Updated commons dependency from version 3.0.2 to 3.0.4
• Fixed short version number in the upgrade guide documentation

Full changeset (more details)

Thanks for the contributions

1. Valery Kharseko
2. Maxim Thomas
3. prthakre