Release 2018.1.8 is an update to Meridian 2018.1.7. It contains a few UI fixes and security updates, as well as a fix for memory leaks in Drools config reloading, WS-Man monitoring, and the JMX collector.

The codename for 2018.1.8 is Gale.

  • Memory Leak on Drools while reloading config (Issue NMS-10678)
  • Node detail page renders with no content when invalid node ID specified (Issue NMS-10679)
  • Apparent memory leak in JMX collector, possibly restricted to "weird" JMX transports (Issue NMS-10684)
  • CVE-2018-20433: XXE Vulnerability in c3p0 < (Issue NMS-10694)
  • Memory leak in WS-Man (Issue NMS-10696)
  • Jetty HTTPS selectors can become unresponsive following CancelledKeyException (Issue NMS-10701)
  • Reflected XSS vulnerability in notification/detail.jsp and outage/detail.htm (Issue NMS-10707)

Jump to section

About the Author: RangerRick

Principal Software Engineer. Manages the release process of OpenNMS Horizon and Meridian, and a bunch of other stuff.
Published On: May 23rd, 2019Last Updated: May 23rd, 20191 min readTags: , , , , , , ,