OpenNMS Meridian 2018.1.8 Released

Release 2018.1.8 is an update to Meridian 2018.1.7. It contains a few UI fixes and security updates, as well as a fix for memory leaks in Drools config reloading, WS-Man monitoring, and the JMX collector.

The codename for 2018.1.8 is Gale.

Bug
  • Memory Leak on Drools while reloading config (Issue NMS-10678)
  • Node detail page renders with no content when invalid node ID specified (Issue NMS-10679)
  • Apparent memory leak in JMX collector, possibly restricted to “weird” JMX transports (Issue NMS-10684)
  • CVE-2018-20433: XXE Vulnerability in c3p0 < 0.9.5.3 (Issue NMS-10694)
  • Memory leak in WS-Man (Issue NMS-10696)
  • Jetty HTTPS selectors can become unresponsive following CancelledKeyException (Issue NMS-10701)
  • Reflected XSS vulnerability in notification/detail.jsp and outage/detail.htm (Issue NMS-10707)
By |2019-05-23T20:11:07+00:00May 23rd, 2019|Categories: News|Tags: , , , , , , , |0 Comments

About the Author:

Technically CIO, practically a developer. Manages the release process of OpenNMS Horizon and Meridian, plus a bunch of other stuff.