github OpenNMS/opennms opennms-27.1.1-1
OpenNMS Horizon 27.1.1 (Infinite Improbability Drive)

latest releases: opennms-29.0.10-1, meridian-foundation-2022.1.3-1, meridian-foundation-2021.1.15-1...
13 months ago

Release 27.1.1 contains a few enhancements, as well as a number of bug fixes including some XSS and CSRF cleanups and a Jetty DoS CVE.

For a high-level overview of what has changed in Horizon 27, see What’s New in OpenNMS Horizon 27.

The codename for 27.1.1 is Infinite Improbability Drive.

Bug

  • Change Jetty default settings to eliminate TLS 1.0 and TLS 1.1 support (Issue NMS-10256)
  • Can’t edit reductionKey in BSM (Issue NMS-12697)
  • Topology Map: Application: Color of app wrong for aknowledged alarm (Issue NMS-12969)
  • Topology Application Map: Outage Table: Clicking on a service should show the outages of the service (Issue NMS-12970)
  • Wrong UEI is picked when threshold alarms are generated (Issue NMS-13120)
  • Document the Event Translator (Issue NMS-13121)
  • XSS in notification wizard (Issue NMS-13123)
  • CSRF in user management (Issue NMS-13124)
  • XSS in requisition UI (Issue NMS-13126)
  • Data collection failure due to IllegalStateException when using Cortex (Issue NMS-13133)
  • Generate Data collection throws error message "There is a group with same name, please pick another one" under MIB browser (Issue NMS-13143)
  • Links on interface table was missing for interface under node list (Issue NMS-13145)
  • Regular Expression field textbox greyed out for other Events except REGEX_FIELD under Event notifications (Issue NMS-13149)
  • Query Regarding saving a filter URL with more than 255 characters in events ILP (Issue NMS-13152)
  • Response time query with ICMP fails for IPv6 interface (Issue NMS-13157)
  • Kafka Producer drops samples when the sending operation timeout. (Issue NMS-13167)
  • vmwarereqtool does not retain metadata (Issue NMS-13171)
  • Opennms Ui is not accessible when logged in from a read-only user (Issue NMS-13178)
  • Password in collectd.log file (Issue NMS-13183)
  • Kafka producer uses resource name instead of ifIndex as the instance for InterfaceLevelResource (Issue NMS-13185)
  • CVE-2020-27223: Jetty DoS vulnerability (Issue NMS-13201)
  • Poor PasswordEncryptor performance with large number of Minions (Issue NMS-13207)
  • Minion: Kafka related WARN log messages (AdminClientConfig The configuration X isn’t a known config) (Issue NMS-13208)
  • Minion SNMPv3 trap configuration query is done every 60 seconds (Issue NMS-13217)

Enhancement

  • Add enhancement infrastructure for BMP updates (Issue NMS-12962)
  • Add WebDetector documentation (Issue NMS-13028)
  • Enhancement to Topology ReST Endpoint (Issue NMS-13091)
  • Improve Event forwarding performance for Kafka producer (Issue NMS-13211)
  • Add InMemoryTicketPlugin that can be accessed from Karaf shell (Issue NMS-13218)

Don't miss a new opennms release

NewReleases is sending notifications on new releases.