March 2021 Releases – Horizon 27.1.0, Meridians 2018.1.26, 2019.1.17, and 2020.1.6
For March we released point updates to all OpenNMS versions under active support.
OpenNMS On the Horizon – Newts, Kafka, BMP, Configuration, Docs, Events, Nephron, UI/UX, ReST, User Validation
In the last week we worked on Newts, Kafka queues, transitioning from OpenBMP, a configuration API, documentation, event definitions, Nephron benchmarking, UI/UX cleanups, ReST improvements, and user validation. Github Project Updates Internals, APIs, and Documentation Dustin fixed an issue with TTL handling in Newts. Dustin's fix for cache priming in [...]
OpenNMS On the Horizon – JDK11, Configuration, BMP, UI/UX, Documentation
In the last week we did more bugfixing, continued to work on JDK11-based builds, a new config API, in-core BMP support, build infrastructure updates, UI/UX cleanups, and tons of documentation tweaks.
CVE-2021-3396: Full Security Disclosure
OpenNMS Security Issue Requires Immediate Upgrade The OpenNMS Group recently learned about and fixed a security vulnerability that allowed local and remote code execution as an authenticated user via a custom, targeted JEXL expression. Thank you to Artem Smotrakov for notifying us of this issue. CVE-2021-3396 applies to the following: [...]
OpenNMS On the Horizon – CVE-2021-3396 JEXL Vulnerability, Nephron, Flows, Config API, JDK11, Docs, CDP/LLDP Search, QoS/ToS in Helm, BMP
In the last week we disclosed a JEXL vulnerability, did more bug fixing, updated Nephron and flow handling, worked on a new configuration API, did more JDK 11 updates, more documentation fixups, CDP/LLDP searching, QoS/ToS improvements, OpenBMP migration, and more.
CVE-2021-3396: OpenNMS Security Vulnerability (Please Update)
We recently learned about a security issue with OpenNMS. Please refer to CVE-2021-3396 for more information. To protect everyone using OpenNMS from an exploitation of this vulnerability, the CVE will not provide full details of the vulnerability until Tuesday, February 16, 2021. This should provide time to upgrade your system [...]
OpenNMS On the Horizon – Flows, QoS/ToS, JMX, Telemetryd, Vacuumd, Minion, Confd, OpenBMP, Prometheus, Metadata, UI
In the last week we worked on flow improvements including QoS/ToS aggregation, the JMX monitor, Telemetryd and Vacuumd bugs, Minion confd, OpenBMP, JMX Prometheus publishing, JEXL, config managment, node metadata import, and UI fixes.
February 2021 Releases – Horizon 27.0.4, Meridians 2018.1.25, 2019.1.16, and 2020.1.5
For February we released point updates to all OpenNMS versions under active support.
OpenNMS On the Horizon – Flows, ToS/QoS, OpenBMP, JDK 11, Minion, Prometheus
In the last week we did more work on flow aggregation (including ToS and QoS), continued to work on the OpenBMP migration, JDK 11 builds, JEXL cleanups, time zone handling, Minion metrics in Prometheus, and more.
OpenNMS On the Horizon – JDK11, OpenBMP, ToS/QoS, Flows, Documentation
In the last week we continued our work on JDK11 migration, moving OpenBMP functionality into OpenNMS, ToS/QoS flow aggregation, Antora documentation, a new configuration API/implementation, and plenty of bug fixes.
