# v5.0.11

## Enhancements

- Security enhancement for retained messages [#9326](https://github.com/emqx/emqx/pull/9326).
  The retained messages will not be published if the publisher client is banned.

- Security enhancement for the `subscribe` API [#9355](https://github.com/emqx/emqx/pull/9355).

- Enhance the `banned` feature [#9367](https://github.com/emqx/emqx/pull/9367).
  Now the corresponding session will be kicked when client is banned by `clientid`.

- Redesign `/gateways` API [9364](https://github.com/emqx/emqx/pull/9364).
  Use `PUT /gateways/{name}` instead of `POST /gateways`, gateway gets 'loaded'
  automatically if needed. Use `PUT /gateways/{name}/enable/{true|false}` to
  enable or disable gateway. No more `DELETE /gateways/{name}`.

- Support `statsd {tags: {"user-defined-tag" = "tag-value"}` configure and improve stability of `emqx_statsd` [#9363](http://github.com/emqx/emqx/pull/9363).

- Improve node name generation rules to avoid potential atom table overflow risk [#9387](https://github.com/emqx/emqx/pull/9387).

- Keep MQTT v5 User-Properties from bridge ingested MQTT messsages to bridge target [#9240](https://github.com/emqx/emqx/pull/9240).

## Bug fixes

- Fix create trace sometime failed by end_at time has already passed. [#9303](https://github.com/emqx/emqx/pull/9303)

- Return 404 for status of unknown authenticator in `/authenticator/{id}/status` [#9328](https://github.com/emqx/emqx/pull/9328).

- Fix that JWT ACL rules are only applied if an `exp` claim is set [#9368](https://github.com/emqx/emqx/pull/9368).

- Fix that `/configs/global_zone` API cannot get the default value of the configuration [#9392](https://github.com/emqx/emqx/pull/9392).