Vulnerable third-party sqlite3.dll component used.

The version of SQLite used with Apama has been updated to address the following security advisories: CVE-2019-19646, CVE-2020-11656 and CVE-2020-11655. None of these were directly exploitable within the Apama platform.

Correlator core dump if debug logging (but not EPL coverage) is enabled when injecting Analytics Builder EPL code.

A crash during injection has been fixed. The crash occurred with both application event logging and optimizations enabled when passing constants to static actions from another static action.

any.hasEntry(k) returned true for strings, primitives, for all k.

Calling hasEntry on an any containing a string now returns false for all entries other than “value”. This now matches both the documentation and the behavior of getEntry, which will throw on any entry other than “value”.

Object pool should use optimal allocator for all sizes if the allocator is jemalloc.

Some memory improvements when using the jemalloc allocator have been made.

Undocumented correlator parameter --qsize changed the logged “Output queue size” but had no other effect.

The --qsize option to the correlator has been removed. This was previously undocumented and had no effect.

Update jemalloc to v5.2.1 and also ship the unprefixed version of jemalloc libraries that users can load dynamically using LD_PRELOAD.

The version of jemalloc shipped with the installation has now been upgraded to 5.2.1.

Management plug-in’s async jobs not flushed in flushAllQueues.Using flushAllQueues from the Management plug-in, which is the underlying implementation for the Management interface, did not wait for the asyncRequests to complete.

The Management plug-in supports executing asyncRequests, and the flushAllQueues request did not wait for these. This issue is now resolved. flushAllQueues will wait for asyncRequests to complete, with the exception of requests executing from the Management interface (as that would deadlock).