Release 2018.1.8 is an update to Meridian 2018.1.7. It contains a few UI fixes and security updates, as well as a fix for memory leaks in Drools config reloading, WS-Man monitoring, and the JMX collector.
The codename for 2018.1.8 is Gale.
Bug
- Memory Leak on Drools while reloading config (Issue NMS-10678)
- Node detail page renders with no content when invalid node ID specified (Issue NMS-10679)
- Apparent memory leak in JMX collector, possibly restricted to "weird" JMX transports (Issue NMS-10684)
- CVE-2018-20433: XXE Vulnerability in c3p0 < 0.9.5.3 (Issue NMS-10694)
- Memory leak in WS-Man (Issue NMS-10696)
- Jetty HTTPS selectors can become unresponsive following CancelledKeyException (Issue NMS-10701)
- Reflected XSS vulnerability in notification/detail.jsp and outage/detail.htm (Issue NMS-10707)
Jump to section
About the Author: RangerRick
Principal Software Engineer. Manages the release process of OpenNMS Horizon and Meridian, and a bunch of other stuff.
