Chapter 8. Issues Resolved in Fuse 7.1
The following sections list the issues that have been resolved in Fuse 7.1:
8.1. Enhancements in Fuse 7.1
The following table lists the enhancements in Fuse 7.1.
| Issue | Description |
|---|---|
| Need a flag using which Master component status can be known standby or active. | |
| event-driven salesforce updates | |
| camel-blueprint quickstart dependency can be set to provided scope | |
| Enhance the Fuse / KeyCloak integration for CXF / Camel | |
| New API for authentication needed on Pax-Web | |
| Hawtio should be aware of "blacklisted" and "overriden" properties of Karaf features and bundles | |
| Support for higher version of PostgreSQL | |
| Add favicon to Fuse console | |
| Use TLS re-encryt instead of edge termination in Fuse console route | |
| Set browser tab title from branding app name in Fuse console | |
| Please add camel-salesforce-maven-plugin to product BOM | |
| hawtio: problem with current Framework Start Level value under 70 | |
| Add wildfly-camel-testenricher to wildfly-camel BOM | |
| Add SAP Quickstart demonstrating failover and load balancing | |
| Support 100-Continue in Undertow transport out-of-the-box | |
| Fuse console templates should have distinct names | |
| Hawtio v2: Review Connect Remote instructions text | |
| Use 4.0.0.Final instead of 4.0.0.Final-SNAPSHOT | |
| Quickstart tests should fail when it’s not properly configured | |
| Provide README.md for each security quickstart | |
| Change hard coded secrets to defaults |
8.2. Feature requests in Fuse 7.1
The following table lists the features requests in Fuse 7.1.
| Issue | Description |
|---|---|
| CRUD operations for CouchDB | |
| Update sap-quickstarts after Fuse 7.0.0 GA | |
| Add support for fuse-components camel-sap component on Karaf | |
| Add some report about progress after bundle:restart |
8.3. Bugs resolved in Fuse 7.1
The following table lists the resolved bugs in Fuse 7.1.
| Issue | Description |
|---|---|
| JPAMessageIdRepository Not Releasing Connections | |
| Feature repository with drools7-dependencies feature is missing | |
| Unable to install camel-linkedin | |
| Solaris11 sparc: stop,client,status,karaf print awk: can’t open /version/ {print $2} | |
| CVE-2018-1000130 jolokia-core: jolokia: JMX proxy mode vulnerable to remote code execution [fuse-6.3.0] | |
| CVE-2018-1000129 jolokia-core: jolokia: Cross site scripting in the HTTP servlet [fuse-6] | |
| Unable to connect pooled connectionFactory with camel-sjms and camel-sjms2 | |
| CVE-2018-1272 spring-web: spring-framework: Multipart content pollution [fuse-7.0.0] | |
| Support securing Fuse CXF endpoints with Elytron | |
| Hawtio: direct url passes to the hawtio page without authentication | |
| HAWTIO:OSGI:FEATURES Can press many install buttons at the same time, but not every features will be installed | |
| Hawtio: unfiltered bundles table in OSGi tab after the bundle operation is processed | |
| Rest DSL with Jetty9 components returns 404 instead of 405, when http method is not supported | |
| Hawtio: bundles are selected in a random way in a filtered table | |
| Hawtio: wrong states and wrong buttons enabled in OSGi tab | |
| Rest DSL with Netty4-http components returns 404 instead of 405, when http method is not supported | |
| echo "\"string" ends up with Error executing command: unexpected EOT looking for matching quote: " and shutdown of karaf | |
| Hawtio: unable to view a chart of all attributes in endpoints in log-example-context | |
| Hawtio: checkbox does not work properly after actions in Camel Contexts table in Camel tab | |
| CVE-2018-1271 spring: spring-framework: Directory traversal vulnerability with static resources on Windows filesystems [fuse-7.0.0] | |
| CVE-2018-1339 camel-tika: tika: Infinite loop in ChmParser can allow remote attacker to cause a denial of service [fuse-7.0.0] | |
| CVE-2018-1338 camel-tika: tika: Infinite loop in BPGParser can allow remote attacker to cause a denial of service [fuse-7.0.0] | |
| CVE-2018-1114 undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service [fuse-7.0.0] | |
| HAWTIO:CONNECT:DISCOVER page shows only "No agents discovered". | |
| Unable to install camel-spring-redis | |
| Hawtio: wrong tab name after navigation to OSGi from the Configuration detail page | |
| Fuse 7 can’t be started on HP-UX | |
| Hawtio: wrong URL of feature dependencies in OSGi Features | |
| Hawtio: no success message after operations with bundles in OSGi | |
| Hawtio: empty Profile in OSGi Configuration | |
| HAWTIO:OSGI: Bundles when you refresh Jackson-annotations bundle, some of Jackson bundles will change status to resolved. | |
| Hawtio: strange behavior of Attributes in Camel | |
| CVE-2016-5397 camel: thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands [fuse-7.0.0] | |
| Problem while using WSS4JOutInterceptor | |
| EAP:HAWTIO:Login In case you will go to some path without login you will get hawtio with only Connect tab. | |
| Hawtio: Camel Contexts - no success message after the action is done | |
| Hawtio: refresh the Bundle detail page leads to lose the data | |
| Hawtio: undefined property in Camel route debugging | |
| HAWTIO:CAMEL: In cbr-example-context there is confusing charts visibility of Mbeans folders.. | |
| HAWTIO:HELP: JMX link redirects you to hawtio. | |
| HAWTIO:PREFERENCES:CAMEL tab will disappear after restart preferences. | |
| HAWTIO:CAMEL Delete button on contexts and routes seems like do nothing. | |
| HAWTIO:OSGI:FEATURES cxf-xjc-runtime/3.1.11.fuse-000243-redhat-1 feature cannot be uninstalled. | |
| HAWTIO:OSGI:FEATURES Cannot install application-without-isolation/1.0.0 | |
| HAWTIO:OSGI:FEATURES: If you add existed repository you will get succes message. | |
| HAWTIO:CAMEL You can see start/stop and start/suspend buttons as a viewer. | |
| Wrong uninstall instructions in camel-jms quickstart | |
| NullPointerException in Æsh | |
| Hawtio-related errors in log when running Fuse on Aix 7.2 | |
| Typo in camel-azure-starter spring.factories | |
| Swapped parameters in HttpServiceProxy.registerConstraintMapping | |
| HAWTIO:OSGI:Bundles: When you try to stop some bundle using filter, you will stop another bundle on the same position on table without filter. | |
| camel:run failed to run in 6.3 | |
| Unify jetty version on Karaf and spring-boot | |
| Hawtio - Deleting all camel contexts leaves the UI in an unclean state | |
| Backport CAMEL-12514 | |
| Æsh keys broken with bin/client | |
| iPaaS - Support Page - source is not added to the export operation | |
| iPaaS - Support Page - risk of name clashes | |
| Some quickstarts are again using http instead of https for osgi xsd location | |
| Karaf feature 'connector' fails to install | |
| [camel-weather] Use geolocator with longer support | |
| NullPointerException in camel-cmis when using wrong credentials | |
| [camel-jt400] java.lang.NoClassDefFoundError: javax/crypto/SecretKey | |
| [camel-twilio] java.lang.ClassNotFoundException: org.apache.http.ProtocolVersion | |
| maven-bundle-plugin fails to parse meta-persistence | |
| Unresolved TODOs in README.md files | |
| NullPointerException in Æsh - with "]" | |
| Console unusable in docker | |
| spring-boot-cxf-jaxrs - workaround for OSFUSE-836 doesn’t work | |
| [OSO] FIS karaf templates memory limit unnecessarily big (2 GiB) | |
| Repackaged Fuse spring-boot-maven-plugin is not recognized by fabric8-maven-plugin | |
| karaf-camel-amq-template has wrong description | |
| Karaf image is using wrong version for KARAF_FRAMEWORK_VERSION | |
| karaf-camel-amq - wrong service amqp name | |
| Quickstart spring-boot-camel-rest-sql is missing | |
| spring-boot-cxf (jaxrs, jaxws) - ClassNotFoundException | |
| CVE-2018-8088 slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution [fis-2.0] | |
| Align documented repositories with quickstart’s repositories | |
| spring-boot-camel-{config,drools,teiid}-template contains non-existing url | |
| CVE-2018-1114 undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service [fis-2.0] | |
| karaf-camel-amq - missing log output in Openshift log | |
| Reflect changes in installation of EnMasse in karaf-camel-amq quickstart | |
| FMP: Imagestream creation doesn’t work for java project | |
| Add ImageStreamTag triggers to StatefulSets in fabric8-maven-plugin | |
| Migrate FIS quickstarts from F8 Arquillian plugin to Arquillian Cube | |
| [templates] k8s resource limits (same as archetypes) | |
| Backport changes from f-m-p 3.5.39 into product branch | |
| Spring-Boot - Narayana: check that resource managers have no pending transactions before scaling down | |
| Camel-CXF POJO dataformat with WS-Security does not work if operation has Holder type in parameter list | |
| camel-box - Camel Context XML contains an error | |
| JLine may be used instead of AEsh when reinstalling features | |
| [Fuse 7] Undertow unable to externalize strings containing password | |
| Weird behavior when ending a command with ", { or \ and hitting enter | |
| CVE-2018-1000180 bouncycastle: flaw in the low-level interface to RSA key pair generator [fuse-7.0.0] | |
| CVE-2016-1000338 bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data [fuse-7.0.0] | |
| CVE-2016-1000344 bouncycastle: DHIES implementation allowed the use of ECB mode [fuse-7.0.0] | |
| CVE-2016-1000345 bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack [fuse-7.0.0] | |
| CVE-2016-1000346 bouncycastle: Other party DH public keys are not fully validated [fuse-7.0.0] | |
| CVE-2016-1000352 bouncycastle: ECIES implementation allowed the use of ECB mode [fuse-7.0.0] | |
| CVE-2016-1000340 bouncycastle: Carry propagation bug in math.raw.Nat??? class [fuse-7.0.0] | |
| CVE-2016-1000339 bouncycastle: Information leak in AESFastEngine class [fuse-7.0.0] | |
| CVE-2016-1000341 bouncycastle: Information exposure in DSA signature generation via timing attack [fuse-7.0.0] | |
| CVE-2016-1000342 bouncycastle: ECDSA improper validation of ASN.1 encoding of signature [fuse-7.0.0] | |
| CVE-2016-1000343 bouncycastle: DSA key pair generator generates a weak private key by default [fuse-7.0.0] | |
| Wrong env variables in karaf-camel-amq template | |
| Hawtio: Diagnostics pages are visible when access is forbidden | |
| Karaf addRepository JMX operation allows blacklisted feature repo to be installed | |
| Hawtio: Camel trace page does not unregister Jolokia requests | |
| Please remove artifacts that shouldn’t be in Fuse BOM | |
| [cxf] JMS transport does not clean up resources properly in case of an JMSException | |
| Hawtio:logs: IllegalArgumentException when you refresh logs page | |
| Hawtio:Runtime: Waited and Blocked time are empty in Threads tab | |
| Camel-SAP endpoint not recovering from a data exception | |
| Hawtio:Runtime: non-functional sorting in Native column of Threads tab | |
| Hawtio:OSGi:Framework: no error message while setting empty Bundle Start Level | |
| [came-twilio] password/username/accountSid endpoint parameters does not work | |
| Camel file endpoint loses modification date with preMove attribute | |
| Last build of Fuse has version Hawtio Integration 3.2.30, but bugs are resolved in Hawtio Integration 3.2.31 | |
| Unable to add feature repository | |
| Hawtio:Bundles: start button seems like do nothing | |
| Hawtio:Features: After Uninstall operation of aries-blueprint/4.2.0.fuse-000271 feature button is still enable. | |
| Upgrade Xerces from 2.11 to 2.12 | |
| Hawtio: Installation of some features disconnects the Hawtio console | |
| Hawtio:OSGi:Bundles: undetermined state of bundles after refreshing | |
| Hawtio:osgi:features: When I install or uninstall application-without-isolation/1.0.0, the button that was clicked doesn’t get disabled | |
| Hawtio: wrong states and wrong buttons enabled in OSGi tab | |
| Bundles: Problem with specific version filter | |
| camel websocket - java.lang.ClassCastException: org.eclipse.jetty.util.DecoratedObjectFactory | |
| Karaf - Warning - failed to parse and instantiate of javax.servlet.ServletContainerInitializer in classpath | |
| camel-weather does not work | |
| HTTP Connector method not honored | |
| Hawtio:Connection: dialog for adding connection is changing the title and text of button | |
| karaf-camel-amq - Unknown configuration type: undertow | |
| NPE in CamelDeploymentSettings when deploying an EAR with two WARs | |
| External transitive xalan dependency in SpringBoot application leads to exception: Can’t transform a Source of type javax.xml.transform.stax.StAXSource | |
| Camel Weather - deprecated endpoint | |
| [CAMEL-10103] Camel FTP - Unknown parser type | |
| Hawtio: duplication of Logs menu item | |
| Use correct versions of quickstarts | |
| Hawtio:Osgi:Configuration: When you try change error color value of org.apache.karaf.log configuration and click cancel the value will change to some hardcoded value. | |
| Hawtio:Camel: Profiles table has bad sorting on Total and Self columns | |
| GracePeriod after installing beginner quickstart | |
| Quickstart camel-xa is missing persistence.xml | |
| Cannot generate schema by hibernate for Oracle and DB2 database | |
| Hawtio:Camel: fatal error logs in terminal after sending empty message | |
| Port secure CXF examples to Elytron | |
| Let WildFlyCli.run(URL, String…) forward the additional args to WildFlyCli.run(Path, String…) | |
| Fuse on EAP doesn’t start when Java Security Manager is enabled | |
| Unable to install camel-linkedin with redhat-3, but it is working with redhat-1 | |
| Unable to install camel-thrift with redhat-3, but it is working with redhat-1 | |
| Fix patching mechanism to handle feature removals | |
| InterceptStrategy in camel 2.21.0 version of Fabric BOM 3.0.11.fuse-000039-redhat-1 does not print details of all endpoints | |
| MRRC contains some redhat artifacts without sources | |
| PAX-WEB HttpContextProcessing leaking after installing keycloak-pax-web-undertow fragment bundle | |
| CVE-2018-8036 pdfbox: Infinite loop in AFMParser.java allows for out of memory erros via crafted PDF [fuse-7.0.0] | |
| Desynchronized version of spring core in Fabric8 | |
| cxf-spring-boot-starter-jaxws generates java.lang.NoClassDefFoundError | |
| Unable to install eclipselink | |
| karaf - Unable to build assembly | |
| Can not find 7.0.1.fuse-000011-redhat-2 in maven.repository.redhat.com | |
| spring-boot-camel-xa template points to wrong git tag | |
| [prod] fuse-console:1.1-1 restarting | |
| [prod] archetypes dont' contain productized boms | |
| IllegalStateException on undeploy of Camel CXF applications | |
| fuse70 vs fuse71 naming | |
| images 7.0 vs 7.1 | |
| Disable save button in framework tab for 'viewer' users | |
| DeploymentConfigs in upgrade image refer to 1.3 image stream tags | |
| Syndesis operator image should reference syndesis version "1.1" in its template | |
| [CR2] Needed changed in operator and upgrade images | |
| [CR2] application-templates: eap tags are not productized | |
| [CR2] Instantiate of archetype karaf-cxf-rest-archetype (Property cxf-plugin-version is missing) |
