The Apache Directory Project has released Apache DS 2.0.0.AM27, which is a preview of their upcoming 2.0.0 release. Changes in this release appear to include:

• Upgraded the server’s log4j library version to one that includes fixes for critical vulnerabilities
• Fixed encryption support that relied on a hard-coded initialization vector
• Fixed issues in which the server did not attempt to validate certificates
• Fixed an issue that could prevent the server from starting on Windows
• Fixed an issue that could prevent the server from running on the IBM JVM
• Fixed an issue in which the server could leak threads
• Fixed an issue with encryption support in the DIGEST-MD5 SASL mechanism
• Fixed an issue in which a modify DN operation could be used to overwrite an existing entry
• Fixed an issue with the way that password modify extended responses were encoding
• Fixed case-sensitivity issues when processing LDIF records
• Fixed an issue in which an AND filter containing (objectClass=top) would not return any results
• Improved performance for certain types of searches with large result sets
• Fixed issues with the server when using Java versions newer than Java 8
• Fixed an issue with the order in which interceptors were being processed
• Fixed an issue that could cause the server to encounter an internal error when attempting to process a search with an unsupported type of matching
• Fixed an issue that could cause the server to encounter an internal error when an unsupported control was requested
• Added support for the subtree delete request control
• Removed support for acting as a Kerberos server