Pivotal GemFire Release Notes

Pivotal GemFire 9.9 is based on Apache Geode version 1.10. Pivotal GemFire 9.9 and Apache Geode share a common set of documentation. Therefore, references to both GemFire and Apache Geode appear throughout this documentation; consider them equivalents.

What’s New in Pivotal GemFire 9.9.7

Pivotal GemFire 9.9.7 is a maintenance release that resolves an important security issue:

  • GEODE-9888, GEODE-9898, GEM-3478, GEM-3486: Upgraded log4j to v2.16.0 to address CVE-2021-44228 and CVE-2021-45046. For more information on these vulnerabilities and their impact on VMware products please see VMSA-2021-0028.

What’s New in Pivotal GemFire 9.9.6

Pivotal GemFire 9.9.6 is a maintenance release that resolves a variety of issues—see Issues Resolved in Pivotal GemFire 9.9.6 for more information.

What’s New in Pivotal GemFire 9.9

Warning: Pivotal GemFire 9.9.0 is no longer available for download due to an issue in which SSL buffer references were not collected by the Java garbage collector in situations where SSL was enabled, causing the cluster to run out of memory. Upgrade to the latest GemFire 9.9 release, which fixes the issue.

Pivotal GemFire 9.9 includes the following improvements:

  • Implemented many performance improvements including, but not limited to:
    • Added connection pooling that significantly improves performance while reducing the consumption of socket resources
    • Optimized lock usage and reduced lock contention
    • Optimized serialization performance and better targeted its usage
    • Optimized client/server messaging
  • Applied Java non-blocking I/O (NIO) to improve scalability of peer-to-peer SSL connections
  • Improved gateway senders and receivers to harden data recovery and reliability over WAN connections
  • Introduced the ability to replace Log4j with an alternative logging scheme. To use an alternative appender for writing to log files, exclude “log4j-core” from your classpath.
  • Added support on the public API for two-phase commit transactions
  • Added commands to pause and resume event processing in asynchronous event queues. For details, see create async-event-queue, alter async-event-queue, and resume async-event-queue-dispatcher.

Installing Pivotal GemFire 9.9

You can download Pivotal GemFire 9.9 from the Pivotal GemFire product download page.

For details on how to install Pivotal GemFire 9.9, see Installing Pivotal GemFire.

Upgrading to Pivotal GemFire 9.9

To upgrade from an earlier version of GemFire to the current version, see Upgrading Pivotal GemFire.

Reinstating Secure Messaging

When servers are upgraded to this GemFire version from a version prior to version 9.1.1, their authentication of client messages is disabled in order to facilitate rolling upgrades. If your clients are set up to send authenticated messages, the servers will honor those messages, but will not enforce authentication until you reinstate authentication on each of the upgraded servers.

To reinstate secure client/server messaging, restart each server with the geode.disallow-internal-messages-without-credentials system property set to true. For example:

gfsh>start server --name=server_name --dir=server_config_dir \

Creating MBeans

Note: The fix for issue GEODE-7628/GEM-2747 introduces a new requirement: To create MBeans, a Security Manager must be enabled. This may affect applications upgrading from earlier versions. See Enable Security with Property Definitions for more information.

Resolved Issues

The GemFire 9.9 release is based on the Apache Geode 1.10 release. This section describes issue resolutions that significantly affect GemFire applications. For a list of all issues resolved in Geode 1.10, see the Geode 1.10 Release Notes. Ticket numbers of the form GEODE‑NNNN can be inspected at the Apache Software Foundation site for Geode issues.

Issues Resolved in Pivotal GemFire 9.9.7

  • GEODE-9888, GEODE-9898, GEM-3478, GEM-3486: Upgraded log4j to v2.16.0 to address CVE-2021-44228 and CVE-2021-45046. For more information on these vulnerabilities and their impact on VMware products please see VMSA-2021-0028.

Issues Resolved in Pivotal GemFire 9.9.6

  • GEODE-2644, GEM-3138: Restored behavior that captures member names in logs.

  • GEODE-5922, GEM-3155: Fixed a performance issue in the event queues of WAN-connected clusters.

  • GEODE-8419, GEM-2975, GEM-3079: SSL/TLS protocol, cipher suite configurations and per-component TLS properties were being ignored; these settings are now respected.

  • GEODE-8447, GEM-3019: The output of localized dates in log timestamps and Pulse query results now always include seconds. A previous fix for GEODE-8447 revised Pulse to display dates using the local time zone.

  • GEODE-8686, GEM-1681: Dispensed with a rarely called tombstone removal optimization that could occasionally cause a deadlock that prevents the completion of region creation.

  • GEODE-8721, GEM-3110: Fixed a condition under which the losing side of a network partition failed to shut down.

  • GEODE-8734, GEM-3104: Implemented a more robust approach for generating Geode statistics that accommodates a variety of /proc/net/netstat formats produced by different versions of Linux.

  • GEODE-8895, GEM-3170: Handle an unexpected socket closure with more grace by implementing retries internally, such that the client no longer needs to deal with an InternalGemFireException.

Issues Resolved in Pivotal GemFire 9.9.5

  • GEODE-7884, GEM-1535: Fixed a cache close hang caused by an attempt to complete an already-completed task.

  • GEODE-8238, GEM-2901: Improved connection close behavior to ensure final delivery of cluster messages during shutdown and avoid potential hangs.

  • GEODE-8432, GEM-2778, GEM-3026, GEM-3029: Fixed a hang that occurred with asynchronous event queues during rebalance operations.

  • GEODE-8475, GEM-1589: Resolved a deadlock in ParallelGatewaySenderQueue.

  • GEODE-8483, GEM-3004: Introduced a correction to JCA transaction logic that restores the ability of the system to detect commit conflict exceptions in concurrent access situations.

  • GEODE-8520, GEM-3056: GarbageCollectionCount metric no longer shows negative values. GCStatsMonitor now sums up all the GC stats to get the total GC count and GC time.

  • GEODE-8557, GEM-3066, GEM-3067: Reclassified “java.lang.IllegalStateException: NioSslEngine has been closed” to IOException, which allows retries of server connection failures.

  • GEODE-8564, GEM-3081: Fixed an exception thrown by an attempt to remove a managed connection that has already been invalidated. Corrected functionality to avoid unnecessary intermediary collection creations.

  • GEODE-8584, GEM-3092: Corrected a peer-to-peer messaging failure with TLS when attempting to replicate data while a connection is being closed.

  • GEODE-8651, GEM-3109: Corrected a problem that caused TLS-encrypted messaging to hang when conserve-sockets is set to false.

  • GEODE-8652, GEM-3099: Corrected a synchronization issue that caused TLS-encrypted message transmission to hang during shutdown.

Issues Resolved in Pivotal GemFire 9.9.4

  • GEODE-8394, GEM-2989: Fixed an issue in which putAll operations or put operations with large objects could result in data corruption if invoked without having a sufficiently large read-timeout. Subsequent get operations or queries could experience failures due to this corruption.

  • GEODE-8447, GEM-3019: Pulse displays dates using the local time zone.

  • GEODE-8463, GEODE-8506, GEM-3020, GEM-3071: Refined the behavior of BufferPool to always return a buffer that has exactly the requested capacity. In the past, BufferPool could return a buffer larger than the size requested, which could lead to decryption errors and lost messages when using TLS(SSL) protocol TLSv1.3. Under some circumstances, serializing large objects between peers could cause the creation of buffers larger than 16MB. These large buffers can cause communication errors and cluster instability.

  • GEODE-8478, GEM-3069: Fixed an issue that caused a gateway sender to shut down if (1) its alert-threshold was configured, (2) an event was on the queue longer than that specified threshold, (3) the logger was attempting to record an alert for that message, and (4) a field in the event object threw an exception while undergoing toString conversion.

Issues Resolved in Pivotal GemFire 9.9.3

  • GEODE-6564, GEM-3001: Fixed a memory leak that occurred when a replicated region, configured with entry expiration, was cleared.

  • GEODE-8029, GEM-2919: Unused disk store backups (.drf files) are now deleted to prevent the proliferation of unused records and files, which could cause members to fail during startup while recovering disk stores.

  • GEODE-8055, GEM-2890: Indexes can now be created on subregions.

  • GEODE-8071, GEM-2896: Fixed the gfsh rebalance command to prevent locators from hanging during shutdown.

  • GEODE-8131, GEM-2938: Eliminated a point of contention in the alert logging system that could occasionally block cache operations.

  • GEODE-8174, GEM-2884: Fixed an issue that caused an incorrect ConcurrentModificationException to be thrown when using JTA transactions.

  • GEODE-8259, GEM-2943: When a client performs a single-hop getAll() operation and encounters a serialization error, the operation is now re-tried.

  • GEODE-8287, GEM-2897, GEM-2950: Ironed out a recently-introduced problem that caused a degradation in performance for join queries or queries that use multiple indexes.

  • GEODE-8331: Gfsh can now connect to any Geode version 1.10 (GemFire 9.9.0) or newer. Unsupported commands will fail with a detailed error message.

  • GEM-2849: GemFire uses jackson-databind version

Issues Resolved in Pivotal GemFire 9.9.2

  • GEODE-7628, GEM-2747: Block JMX MBean creation when no SecurityManager interface is implemented.
  • GEODE-7728, GEM-2819: Fixed an exception thrown when executing an equi-join query and both fields are indexed.
  • GEODE-7750, GEODE-7760, GEODE-7796, GEM-2821, GEM-2823: Fixed an issue which could cause a locator to fail to restart properly, and also corrupted the cluster configuration.
  • GEODE-7763: Reduced the performance degradation caused when a client has multiple threads, and each client thread does operations on the same region key.

Issues Resolved in Pivotal GemFire 9.9.1

  • GEODE-6661, GEM2836: Fixed an issue in which SSL buffer references were not collected by the Java garbage collector in situations where SSL was enabled, causing the cluster to run out of memory.
  • GEODE-7261, GEODE-7334, GEM-2705: Corrected CLASSPATH issues that prevented the developers REST API from starting. Changes included adding the spring-core JAR file, and removing JodaModule JAR and Spring 5.x JARs.
  • GEODE-7268, GEM-2692: Fixed a problem in which use of the gfsh alter region command to add gateway senders could cause server restart and recovery of persistent data to hang, citing problems with offline colocated regions.
  • GEODE-7465, GEM-2773: Fixed a problem in which an asynchronous event queue could fail to restart with a RegionDestroyedException due to incomplete cleanup of the queue at the time it was stopped.
  • GEODE-7373, GEM-2746: Corrected a JMX deserialization vulnerability by restricting the types of credentials considered acceptable.
  • GEODE-7473, GEM-2774: Fixed a memory leak in WAN gateway senders caused by accumulation of entry event objects.
  • GEODE-7593, GEM-2795: Fixed a memory leak in which indexes could retain references to serialized values when eviction should have released that memory.

Issues Resolved in Pivotal GemFire 9.9.0

  • GEM-2277, GEODE-6152: Removed use of optimized gets (futures) for proxy regions, due to thread-safety issues.
  • GEM-2366, GEODE-7022: Added SSL alias support for JMX Clients.
  • GEM-2382, GEODE-6719: An application server module can now successfully restart using a DEFAULT diskstore in a user-defined directory location.
  • GEM-2387, GEODE-6665: Fixed an issue with session module attempting to create regions on locators.
  • GEM-2430, GEODE-6526: Fixed a possible deadlock in tombstone garbage collection thread.
  • GEM-2471, GEODE-6759: Implemented a safeguard to prevent a connection pool from being unregistered when still in use.
  • GEM-2472, GEODE-6709: Implemented an interlock to prevent locators from starting when the ClusterManagement and JMX Manager settings are mutually incompatible.
  • GEM-2477, GEODE-4958: Reduced the log level of AuthenticationRequiredException from Error to Warning.
  • GEM-2478: AEQ event processing before region initialization causes deadlock while starting servers
  • GEM-2502, GEODE-6746: Streamlined logfiles by printing the notifier “hostname validation disabled due to SSL configuration” just once.
  • GEM-2506, GEODE-6721: Fixed an issue with the gfsh start locator command in which a secondary IP address specified using the –bind-address option would be overridden by the host’s default IP address.
  • GEM-2511, GEODE-6767: Fixed an issue in which loss of metadata on a partitioned region affected rebalancing and bucket creation.
  • GEM-2545, GEODE-6806: Fixed an issue with query JOIN which could result in incorrect results.
  • GEM-2548, GEODE-6821: Fixed a WAN issue where multiple primary serial gateway senders in different members could cause a deadlock.
  • GEM-2550, GEODE-6922: To improve performance, region size inquiries are now distributed among multiple servers.
  • GEM-2551, GEODE-6851: Fixed issues that prevented the Pulse data browser from showing query results.
  • GEM-2565, GEODE-6833: Allow peer-to-peer SSL authentication to be selectively disabled.
  • GEM-2579, GEODE-6904: Fixed an issue in which one member of a cluster could fail to receive the cluster configuration during an auto-connect following a network partition.
  • GEM-2588, GEODE-6928: Fixed an issue causing repeated TCP reconnections when SSL was used with conserve-sockets=false.
  • GEM-2621, GEODE-6999: Fixed issue with parsing of the attribute disk-usage-warning-percentage which caused an NPE and startup failure.
  • GEM-2623, GEODE-7079: Fixed a restart timing issue that could occur when Asynchronous Event Distribution and Conflation are in effect.
  • GEM-2647, GEODE-7085: Allow extremely large region version values (greater than Integer.MAX_VALUE) when recovering from disk.
  • GEM-2648, GEODE-7080: Fixed a bug in which export of an offline snapshot could fail if a deleted entry was detected in the region.
  • GEODE-7208, GEM-2698: Improved serialization to better support Lucene indexing on inherited fields.
  • GEODE-6930: Explicitly specified DATA_READ permissions for Lucene user functions, as their default permissions were so broad they were prevented from running on secure systems when called from client applications.
  • GEODE-7178: Restored the server’s compatibility with Native Client version 9.2+ ‘destroy’ operations, which had been inadvertently disabled in earlier versions.
  • GEODE-7261: Add spring-core to the geode-web war artifact.
  • GEODE-7284: A durable client’s CacheClientProxy was sometimes not being kept on the server when it should have been, causing a RejectedExecutionException for other CacheClientProxies on the same host closing at the same time.


General support includes security vulnerability resolutions and critical bug fixes in all supported minor versions, while other maintenance is applied only to the latest supported minor release.

Obtaining and Installing Security Updates

New versions of Pivotal GemFire often include important security fixes, so Pivotal recommends you keep up to date with the latest releases.

For details about any security fixes in a particular release, see the Pivotal security page.