Releases: exasol/udf-debugging-java
Release list
0.6.20 Code Coverage > 80%
In this release we fixed Sonar findings and raised the code coverage ot over 80%.
We added an integration test for PushDownTesting.
Features
- Fixed Sonar findings and raised test coverage. (PR #86)
0.6.19 Fixed vulnerabilities CVE-2017-7503, CVE-2017-10355, CVE-2026-9563
This release fixes the following 3 vulnerabilities:
CVE-2017-7503 (CWE-611) in dependency xerces:xercesImpl:jar:2.12.2:provided
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
References
- https://guide.sonatype.com/vulnerability/CVE-2017-7503?component-type=maven&component-name=xerces%2FxercesImpl&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7503
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7503
CVE-2017-10355 (CWE-833) in dependency xerces:xercesImpl:jar:2.12.2:provided
sonatype-2017-0348 - xerces:xercesImpl - Denial of Service (DoS)
References
- https://guide.sonatype.com/vulnerability/CVE-2017-10355?component-type=maven&component-name=xerces%2FxercesImpl&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10355
- https://blogs.securiteam.com/index.php/archives/3271
CVE-2026-9563 (CWE-400) in dependency org.eclipse.parsson:parsson:jar:1.1.7:runtime
In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of characters consumed while parsing a single JSON document. Applications that parse attacker-controlled JSON can be forced to consume excessive CPU and memory by processing very large documents, including large arrays, objects, strings, numbers, whitespace, or nested structures, resulting in a denial of service. Eclipse Parsson 1.1.8 introduces a configurable maximum parsing limit with a default limit of 15 million parser-consumed characters.
References
- https://guide.sonatype.com/vulnerability/CVE-2026-9563?component-type=maven&component-name=org.eclipse.parsson%2Fparsson&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2026-9563
- eclipse-ee4j/parsson#169
- https://gitlab.eclipse.org/security/vulnerability-reports/-/work_items/444
Security
- #81: Fixed vulnerability CVE-2017-7503 in dependency
xerces:xercesImpl:jar:2.12.2:provided - #82: Fixed vulnerability CVE-2017-10355 in dependency
xerces:xercesImpl:jar:2.12.2:provided - #83: Fixed vulnerability CVE-2026-9563 in dependency
org.eclipse.parsson:parsson:jar:1.1.7:runtime
Dependency Updates
Compile Dependency Updates
- Updated
org.jacoco:org.jacoco.core:0.8.14to0.8.15 - Updated
org.slf4j:slf4j-jdk14:2.0.17to2.0.18
Runtime Dependency Updates
- Updated
org.eclipse.parsson:parsson:1.1.7to1.1.9
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.2.0to7.3.0 - Updated
com.exasol:test-db-builder-java:3.6.4to4.0.1 - Updated
org.itsallcode:junit5-system-extensions:1.2.2to1.2.3 - Updated
org.jacoco:org.jacoco.agent:0.8.14to0.8.15 - Updated
org.junit.jupiter:junit-jupiter-params:5.13.4to5.14.4 - Updated
org.mockito:mockito-junit-jupiter:5.20.0to5.23.0 - Updated
org.testcontainers:testcontainers-junit-jupiter:2.0.1to2.0.5
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.5to2.1.0 - Updated
com.exasol:project-keeper-maven-plugin:5.4.3to5.7.3 - Removed
com.exasol:quality-summarizer-maven-plugin:0.2.1 - Updated
io.github.git-commit-id:git-commit-id-maven-plugin:9.0.2to10.0.0 - Updated
org.apache.maven.plugins:maven-compiler-plugin:3.14.1to3.15.0 - Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.6.2to3.6.3 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.5.4to3.5.6 - Updated
org.apache.maven.plugins:maven-resources-plugin:3.3.1to3.5.0 - Updated
org.apache.maven.plugins:maven-site-plugin:3.21.0to3.22.0 - Updated
org.apache.maven.plugins:maven-source-plugin:3.2.1to3.4.0 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.5.4to3.5.6 - Added
org.codehaus.mojo:build-helper-maven-plugin:3.6.1 - Updated
org.codehaus.mojo:versions-maven-plugin:2.19.1to2.21.0 - Updated
org.jacoco:jacoco-maven-plugin:0.8.14to0.8.15 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:5.2.0.4988to5.7.0.6970 - Updated
org.sonatype.central:central-publishing-maven-plugin:0.9.0to0.11.0 - Added
org.spdx:spdx-maven-plugin:1.0.4
0.6.18 Upgrade Project Keeper and Dependencies
This release upgrades Project Keeper and dependencies.
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:bucketfs-java:3.2.1to4.0.0 - Updated
com.exasol:error-reporting-java:1.0.1to1.0.2 - Updated
org.jacoco:org.jacoco.core:0.8.13to0.8.14
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.1.5to7.2.0 - Updated
com.exasol:test-db-builder-java:3.6.1to3.6.4 - Updated
org.jacoco:org.jacoco.agent:0.8.13to0.8.14 - Removed
org.junit.jupiter:junit-jupiter-engine:5.13.0 - Updated
org.junit.jupiter:junit-jupiter-params:5.13.0to5.13.4 - Updated
org.mockito:mockito-junit-jupiter:5.18.0to5.20.0 - Removed
org.testcontainers:junit-jupiter:1.21.1 - Added
org.testcontainers:testcontainers-junit-jupiter:2.0.1
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.4to2.0.5 - Updated
com.exasol:project-keeper-maven-plugin:5.2.3to5.4.3 - Updated
com.exasol:quality-summarizer-maven-plugin:0.2.0to0.2.1 - Updated
io.github.git-commit-id:git-commit-id-maven-plugin:9.0.1to9.0.2 - Updated
org.apache.maven.plugins:maven-artifact-plugin:3.6.0to3.6.1 - Updated
org.apache.maven.plugins:maven-clean-plugin:3.4.1to3.5.0 - Updated
org.apache.maven.plugins:maven-compiler-plugin:3.14.0to3.14.1 - Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.5.0to3.6.2 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.5.3to3.5.4 - Updated
org.apache.maven.plugins:maven-gpg-plugin:3.2.7to3.2.8 - Updated
org.apache.maven.plugins:maven-javadoc-plugin:3.11.2to3.12.0 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.5.3to3.5.4 - Updated
org.codehaus.mojo:flatten-maven-plugin:1.7.0to1.7.3 - Updated
org.codehaus.mojo:versions-maven-plugin:2.18.0to2.19.1 - Updated
org.jacoco:jacoco-maven-plugin:0.8.13to0.8.14 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:5.1.0.4751to5.2.0.4988 - Updated
org.sonatype.central:central-publishing-maven-plugin:0.7.0to0.9.0
0.6.17 Fix CVE-2025-48924 in `org.apache.commons:commons-lang3:jar:3.16.0:compile`
This release fixes the following vulnerabilities:
CVE-2025-48924 (CWE-674) in dependency org.apache.commons:commons-lang3:jar:3.16.0:compile
Uncontrolled Recursion vulnerability in Apache Commons Lang.
This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0.
The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a
StackOverflowError could cause an application to stop.
Users are recommended to upgrade to version 3.18.0, which fixes the issue.
CVE: CVE-2025-48924
CWE: CWE-674
References
- https://ossindex.sonatype.org/vulnerability/CVE-2025-48924?component-type=maven&component-name=org.apache.commons%2Fcommons-lang3&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-48924
- GHSA-j288-q9x7-2f5v
Security
- #77: Fixed vulnerability CVE-2025-48924 in dependency
org.apache.commons:commons-lang3:jar:3.16.0:compile
Dependency Updates
Compile Dependency Updates
- Updated
org.apache.commons:commons-compress:1.27.1to1.28.0
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.3to2.0.4 - Updated
com.exasol:project-keeper-maven-plugin:5.1.0to5.2.3 - Added
org.sonatype.central:central-publishing-maven-plugin:0.7.0 - Removed
org.sonatype.plugins:nexus-staging-maven-plugin:1.7.0
0.6.16 Security updates on top of 0.6.15
This release is a security update. We updated the dependencies of the project to fix transitive security issues.
We also added an exception for the OSSIndex for CVE-2024-55551, which is a false positive in Exasol's JDBC driver.
This issue has been fixed quite a while back now, but the OSSIndex unfortunately does not contain the fix version of 24.2.1 (2024-12-10) set.
Security
- #74: Fix CVE-2024-55551 in com.exasol:exasol-jdbc:jar:24.2.1
Dependency Updates
Compile Dependency Updates
- Updated
org.jacoco:org.jacoco.core:0.8.12to0.8.13 - Updated
org.slf4j:slf4j-jdk14:2.0.16to2.0.17
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.1.3to7.1.5 - Updated
com.exasol:test-db-builder-java:3.6.0to3.6.1 - Updated
org.jacoco:org.jacoco.agent:0.8.12to0.8.13 - Updated
org.junit.jupiter:junit-jupiter-engine:5.11.4to5.13.0 - Updated
org.junit.jupiter:junit-jupiter-params:5.11.4to5.13.0 - Updated
org.mockito:mockito-junit-jupiter:5.15.2to5.18.0 - Updated
org.testcontainers:junit-jupiter:1.20.4to1.21.1
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:4.5.0to5.1.0 - Added
io.github.git-commit-id:git-commit-id-maven-plugin:9.0.1 - Removed
io.github.zlika:reproducible-build-maven-plugin:0.17 - Added
org.apache.maven.plugins:maven-artifact-plugin:3.6.0 - Updated
org.apache.maven.plugins:maven-clean-plugin:3.4.0to3.4.1 - Updated
org.apache.maven.plugins:maven-compiler-plugin:3.13.0to3.14.0 - Updated
org.apache.maven.plugins:maven-deploy-plugin:3.1.3to3.1.4 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.5.2to3.5.3 - Updated
org.apache.maven.plugins:maven-install-plugin:3.1.3to3.1.4 - Updated
org.apache.maven.plugins:maven-javadoc-plugin:3.11.1to3.11.2 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.5.2to3.5.3 - Updated
org.codehaus.mojo:flatten-maven-plugin:1.6.0to1.7.0 - Updated
org.jacoco:jacoco-maven-plugin:0.8.12to0.8.13 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:5.0.0.4389to5.1.0.4751
0.6.15 Fix vulnerabilities CVE-2025-25193 and CVE-2025-24970 in test dependencies
This release fixes the following vulnerabilities in test dependencies:
io.netty:netty-common:jar:4.1.115.Final:test: CVE-2025-25193io.netty:netty-handler:jar:4.1.115.Final:test: CVE-2025-24970
Security
- #69: Fixed CVE-2025-25193 in
io.netty:netty-common:jar:4.1.115.Final:test - #70: Fixed CVE-2025-24970 in
io.netty:netty-handler:jar:4.1.115.Final:test
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:bucketfs-java:3.2.0to3.2.1
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.1.1to7.1.3 - Removed
org.hamcrest:hamcrest-all:1.3 - Added
org.hamcrest:hamcrest:3.0 - Updated
org.junit.jupiter:junit-jupiter-engine:5.11.3to5.11.4 - Updated
org.junit.jupiter:junit-jupiter-params:5.11.3to5.11.4 - Updated
org.mockito:mockito-junit-jupiter:5.14.2to5.15.2 - Updated
org.testcontainers:junit-jupiter:1.20.3to1.20.4
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:4.4.0to4.5.0 - Updated
org.apache.maven.plugins:maven-deploy-plugin:3.1.2to3.1.3 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.5.1to3.5.2 - Updated
org.apache.maven.plugins:maven-javadoc-plugin:3.10.1to3.11.1 - Updated
org.apache.maven.plugins:maven-site-plugin:3.9.1to3.21.0 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.5.1to3.5.2 - Updated
org.codehaus.mojo:versions-maven-plugin:2.17.1to2.18.0 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121to5.0.0.4389
0.6.14 Fix CVE-2024-47535: io.netty:netty-common:jar:4.1.108.Final:provided
This release fixes CVE-2024-47535 in transitive production dependency io.netty:netty-common:jar:4.1.108.Final:provided added by com.exasol:exasol-test-setup-abstraction-java.
Security
- #67: Fixed CVE-2024-47535 in
io.netty:netty-common:jar:4.1.108.Final:provided
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:bucketfs-java:3.1.2to3.2.0 - Updated
org.apache.commons:commons-compress:1.26.1to1.27.1 - Updated
org.slf4j:slf4j-jdk14:2.0.12to2.0.16
Runtime Dependency Updates
- Updated
org.eclipse.parsson:parsson:1.1.6to1.1.7
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.0.1to7.1.1 - Updated
com.exasol:test-db-builder-java:3.5.4to3.6.0 - Updated
org.itsallcode:junit5-system-extensions:1.2.0to1.2.2 - Updated
org.junit.jupiter:junit-jupiter-engine:5.10.2to5.11.3 - Updated
org.junit.jupiter:junit-jupiter-params:5.10.2to5.11.3 - Updated
org.mockito:mockito-junit-jupiter:5.11.0to5.14.2 - Updated
org.testcontainers:junit-jupiter:1.19.7to1.20.3
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.2to2.0.3 - Updated
com.exasol:project-keeper-maven-plugin:4.3.0to4.4.0 - Added
com.exasol:quality-summarizer-maven-plugin:0.2.0 - Updated
io.github.zlika:reproducible-build-maven-plugin:0.16to0.17 - Updated
org.apache.maven.plugins:maven-clean-plugin:2.5to3.4.0 - Updated
org.apache.maven.plugins:maven-deploy-plugin:3.1.1to3.1.2 - Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.4.1to3.5.0 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.2.5to3.5.1 - Updated
org.apache.maven.plugins:maven-gpg-plugin:3.2.2to3.2.7 - Updated
org.apache.maven.plugins:maven-install-plugin:2.4to3.1.3 - Updated
org.apache.maven.plugins:maven-javadoc-plugin:3.6.3to3.10.1 - Updated
org.apache.maven.plugins:maven-resources-plugin:2.6to3.3.1 - Updated
org.apache.maven.plugins:maven-site-plugin:3.3to3.9.1 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.2.5to3.5.1 - Updated
org.apache.maven.plugins:maven-toolchains-plugin:3.1.0to3.2.0 - Updated
org.codehaus.mojo:versions-maven-plugin:2.16.2to2.17.1 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922to4.0.0.4121 - Updated
org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13to1.7.0
0.6.13 Fixes CVE-2024-29025 in io.netty:netty-codec-http:jar:4.1.100.Final:provided
This release fixes vulnerability CVE-2024-29025 in io.netty:netty-codec-http:jar:4.1.100.Final:provided.
Excluded vulnerability This release contains vulnerability CVE-2017-10355 in fr.turri:aXMLRPC for connecting to ExaOperation during tests. We accept this vulnerability (CWE-833: Deadlock) as we assume that we only connect to the known endpoint ExaOperations.
Security
- #65: Fixed CVE-2024-29025 in
io.netty:netty-codec-http:jar:4.1.100.Final:provided
Dependency Updates
Compile Dependency Updates
- Updated
org.apache.commons:commons-compress:1.26.0to1.26.1 - Updated
org.jacoco:org.jacoco.core:0.8.11to0.8.12
Runtime Dependency Updates
- Updated
org.eclipse.parsson:parsson:1.1.5to1.1.6
Test Dependency Updates
- Updated
com.exasol:test-db-builder-java:3.5.3to3.5.4 - Updated
org.jacoco:org.jacoco.agent:0.8.11to0.8.12 - Updated
org.mockito:mockito-junit-jupiter:5.10.0to5.11.0 - Updated
org.testcontainers:junit-jupiter:1.19.6to1.19.7
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.0to2.0.2 - Updated
com.exasol:project-keeper-maven-plugin:4.1.0to4.3.0 - Updated
org.apache.maven.plugins:maven-compiler-plugin:3.12.1to3.13.0 - Updated
org.apache.maven.plugins:maven-gpg-plugin:3.1.0to3.2.2 - Updated
org.jacoco:jacoco-maven-plugin:0.8.11to0.8.12 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.10.0.2594to3.11.0.3922
0.6.12: Fix CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress`
Summary
This release fixes vulnerabilities CVE-2024-25710 and CVE-2024-26308 in compile dependency org.apache.commons:commons-compress.
Security
- #63: Fixed CVE-2024-25710 and CVE-2024-26308 in compile dependency
org.apache.commons:commons-compress
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:bucketfs-java:3.1.0to3.1.2 - Updated
jakarta.json:jakarta.json-api:2.1.2to2.1.3 - Updated
org.apache.commons:commons-compress:1.24.0to1.26.0 - Updated
org.jacoco:org.jacoco.core:0.8.10to0.8.11 - Updated
org.slf4j:slf4j-jdk14:2.0.9to2.0.12
Runtime Dependency Updates
- Updated
org.eclipse.parsson:parsson:1.1.4to1.1.5
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.2to7.0.1 - Updated
com.exasol:test-db-builder-java:3.5.0to3.5.3 - Updated
org.jacoco:org.jacoco.agent:0.8.10to0.8.11 - Updated
org.junit.jupiter:junit-jupiter-engine:5.10.0to5.10.2 - Updated
org.junit.jupiter:junit-jupiter-params:5.10.0to5.10.2 - Updated
org.mockito:mockito-junit-jupiter:5.5.0to5.10.0 - Updated
org.testcontainers:junit-jupiter:1.19.0to1.19.6
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.3.0to2.0.0 - Updated
com.exasol:project-keeper-maven-plugin:2.9.12to4.1.0 - Updated
org.apache.maven.plugins:maven-compiler-plugin:3.11.0to3.12.1 - Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.4.0to3.4.1 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.1.2to3.2.5 - Updated
org.apache.maven.plugins:maven-javadoc-plugin:3.5.0to3.6.3 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.1.2to3.2.5 - Added
org.apache.maven.plugins:maven-toolchains-plugin:3.1.0 - Updated
org.codehaus.mojo:flatten-maven-plugin:1.5.0to1.6.0 - Updated
org.codehaus.mojo:versions-maven-plugin:2.16.0to2.16.2 - Updated
org.jacoco:jacoco-maven-plugin:0.8.10to0.8.11 - Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184to3.10.0.2594
0.6.11: Fix CVE-2023-42503
Summary
This release fixes CVE-2023-42503 in org.apache.commons:commons-compress by upgrading dependencies.
Known issue: Transitive dependency io.netty:netty-handler used by software.amazon.awssdk:cloudformation in scope provided contains vulnerability CVE-2023-4586. We assume that the AWS SDK's usage of netty is not affected.
Security
- #61: Fixed CVE-2023-42503 in
org.apache.commons:commons-compress
Dependency Updates
Compile Dependency Updates
- Updated
org.apache.commons:commons-compress:1.23.0to1.24.0 - Updated
org.slf4j:slf4j-jdk14:2.0.7to2.0.9
Runtime Dependency Updates
- Updated
org.eclipse.parsson:parsson:1.1.2to1.1.4
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.0to6.6.2 - Updated
com.exasol:test-db-builder-java:3.4.2to3.5.0 - Updated
org.junit.jupiter:junit-jupiter-engine:5.9.3to5.10.0 - Updated
org.junit.jupiter:junit-jupiter-params:5.9.3to5.10.0 - Updated
org.mockito:mockito-junit-jupiter:5.4.0to5.5.0 - Updated
org.testcontainers:junit-jupiter:1.18.3to1.19.0
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.2.3to1.3.0 - Updated
com.exasol:project-keeper-maven-plugin:2.9.7to2.9.12 - Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.3.0to3.4.0 - Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0to3.1.2 - Updated
org.apache.maven.plugins:maven-gpg-plugin:3.0.1to3.1.0 - Updated
org.apache.maven.plugins:maven-surefire-plugin:3.0.0to3.1.2 - Updated
org.basepom.maven:duplicate-finder-maven-plugin:1.5.1to2.0.1 - Updated
org.codehaus.mojo:flatten-maven-plugin:1.4.1to1.5.0 - Updated
org.codehaus.mojo:versions-maven-plugin:2.15.0to2.16.0 - Updated
org.jacoco:jacoco-maven-plugin:0.8.9to0.8.10