Release 2018.1.18 is an off-schedule release to fix a vulnerability in ActiveMQ and the Minion. Thanks to Florian Hauser of Code White for catching this one.

The codename for 2018.1.18 is Wildfire.

Bug

  • Authenticated RCE vulnerability via ActiveMQ Minion payload deserialization (Issue NMS-12673)

Jump to section

About the Author: RangerRick

Principal Software Engineer. Manages the release process of OpenNMS Horizon and Meridian, and a bunch of other stuff.
Published On: April 29th, 2020Last Updated: May 4th, 20200 min readTags: , , , ,