Release 2017.1.17 is a small update to 2017.1.16 that has a few UI fixes and security updates, as well as a fix for memory leaks in WS-Man monitoring and the JMX collector.

The codename for 2017.1.17 is Old Naval Observatory meridian.

Bug
  • Node detail page renders with no content when invalid node ID specified (Issue NMS-10679)
  • Apparent memory leak in JMX collector, possibly restricted to "weird" JMX transports (Issue NMS-10684)
  • CVE-2018-20433: XXE Vulnerability in c3p0 < 0.9.5.3 (Issue NMS-10694)
  • Memory leak in WS-Man (Issue NMS-10696)
  • Reflected XSS vulnerability in notification/detail.jsp and outage/detail.htm (Issue NMS-10707)

Jump to section

About the Author: RangerRick

Principal Software Engineer. Manages the release process of OpenNMS Horizon and Meridian, and a bunch of other stuff.
Published On: May 23rd, 2019Last Updated: May 23rd, 20190 min readTags: , , , , , ,