Red Hat SummitChapter 5. Fixed issues
The following sections list the issues fixed in AMQ Streams 1.6.x. Red Hat recommends that you upgrade to the latest patch release if you are using AMQ Streams 1.6.x with OpenShift Container Platform 3.11
For details of the issues fixed in:
- Kafka 2.6.3, refer to the Kafka 2.6.3 Release Notes
- Kafka 2.6.2, refer to the Kafka 2.6.2 Release Notes
- Kafka 2.6.1, refer to the Kafka 2.6.1 Release Notes
- Kafka 2.6.0, refer to the Kafka 2.6.0 Release Notes
5.1. Fixed issues for AMQ Streams 1.6.7
The AMQ Streams 1.6.7 patch release (Long Term Support) is now available.
AMQ Streams 1.6.7 is the latest Long Term Support release for use with OpenShift Container Platform 3.11 only, and is supported only for as long as OpenShift Container Platform 3.11 is supported.
Note that AMQ Streams 1.6.7 is supported on OCP 3.11 only.
The AMQ Streams product images have been upgraded to version 1.6.7.
For additional details about the issues resolved in AMQ Streams 1.6.7, see AMQ Streams 1.6.x Resolved Issues.
Log4j vulnerabilities
AMQ Streams includes log4j 1.2.17. The release fixes a number of log4j vulnerabilities.
For more information on the vulnerabilities addressed in this release, see the following CVE articles:
5.2. Fixed issues for AMQ Streams 1.6.6
For additional details about the issues resolved in AMQ Streams 1.6.6, see AMQ Streams 1.6.x Resolved Issues.
Log4j2 vulnerabilities
AMQ Streams includes log4j2 2.17.1. The release fixes a number of log4j2 vulnerabilities.
For more information on the vulnerabilities addressed in this release, see the following CVE articles:
5.3. Fixed issues for AMQ Streams 1.6.5
For additional details about the issues resolved in AMQ Streams 1.6.5, see AMQ Streams 1.6.x Resolved Issues.
Log4j2 vulnerability
The 1.6.5 release fixes a remote code execution vulnerability for AMQ Streams components that use log4j2. The vulnerability could allow a remote code execution on the server if the system logs a string value from an unauthorized source. This affects log4j versions between 2.0 and 2.14.1.
For more information, see CVE-2021-44228.
5.4. Fixed issues for AMQ Streams 1.6.4
For additional details about the issues resolved in AMQ Streams 1.6.4, see AMQ Streams 1.6.x Resolved Issues.
5.5. Fixed issues for AMQ Streams 1.6.2
The AMQ Streams 1.6.2 patch release is now available. The release includes a number fixes related to Kafka Connect.
The AMQ Streams product images have not changed and remain at version 1.6.
For additional details about the issues resolved in AMQ Streams 1.6.2, see AMQ Streams 1.6.2 Resolved Issues.
Following a CVE update, the version of AMQ Streams managed by the Operator Lifecycle Manager (OLM) was changed to 1.6.1. To avoid confusion, the patch release for AMQ Streams 1.6 was given a version number of 1.6.2.
5.6. Fixed issues for AMQ Streams 1.6.0
| Issue Number | Description |
|---|---|
| Kafka Bridge: Kafka consumer should be tracked with group-consumerid key | |
| Allow downgrade with message version older than the downgrade version | |
| Diff PodDisruptionBudgets before patching them to not recreate them on every reconciliation | |
| MirrorMaker 2 on OCP doesn’t properly mirror messages with headers | |
| MirrorMaker 2 doesn’t properly configure Jaeger tracing in the connectors | |
| When set to blank value for toleration Kafka cluster keeps rolling updates repeatedly | |
| Zookeeper version on the docs doesn’t match with the version in AMQ Streams 1.5 | |
| Connection Leak in Operator when Using KafkaConnect API | |
| Fix Secrets or ConfigMaps with dots mounted into Connect | |
| OLM install - yaml contains typo for 'authentication' |
| Issue Number | Description |
|---|---|
| CVE-2020-13956 httpclient: apache-httpclient: incorrect handling of malformed authority component in request URIs [amq-st-1] |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}