Search

3.1.1 Release Notes

download PDF
JBoss Operations Network 3.1.1

for 3.1.1 updates to JBoss Operations Network

Ella Deon Lackey

September 19, 2012

Abstract

These release notes contain important information about new features, known issues, and other technical notes available at the time that JBoss Operations Network 3.1.1 was released.
JBoss Operations Network 3.1.1 is a bug fix release which addresses numerous issues from JBoss ON 3.1.

1. Notable Changes in 3.1.1

While JBoss ON 3.1.1 is primarily a bug fix release, there have been some changes in JBoss ON functionality related to those bug fixes and that address recent security updates.

1.1. New: Agent RPMs

Agent RPMs are available through both Red Hat Network and system errata updates for Red Hat Enterprise Linux 6 systems. Using RPMs can simplify installing, configuring, and managing the agent as a system service and makes it much easier for administrators to kickstart systems or create cloud or virtual instances and configure those instances automatically for JBoss ON systems management.
More information on migrating from a JAR installation to an RPM agent and installing the agent RPMs is available in the Installation Guide.

1.2. New: PostgreSQL 9.1 Support

PostgreSQL 9.1 can be used as a backend database for the JBoss ON server, in addition to PostgreSQL 9.0 (introduced in JBoss ON 3.0) and PostgreSQL 8.2.4 and later 8.2.x versions.

1.3. Deprecated: Internet Explorer 8 Support

Internet Explorer 8 is currently a supported browser to access the JBoss ON installer and UI. However, this supported is deprecated in JBoss ON 3.1.1, meaning that its use is not recommended and support for Internet Explorer 8 will be removed in a future release of JBoss ON.

1.4. Deprecated: Augeas Plug-in for Apache Configuration Support

Editing the Apache configuration files and virtual hosts through JBoss ON is enabled on Red Hat Enterprise Linux using an Augeas lens. This Augeas lens requires the Augeas agent plug-in. The Augeas agent plug-in is deprecated in JBoss ON 3.1.1.

Important

The Augeas plug-in is not required to monitor an Apache resource. This plug-in is only used to manage resource configuration and view and edit configuration files.

1.5. Security Fix: JBoss Web/Apache Denial of Service Vulnerability (CVE-2012-0022)

The JBoss Web version used by JBoss ON used an inefficient approach for handling parameters, which allowed remote attackers to cause a denial of service attack by increasing CPU consumption through a request that contained many parameters and parameter values.

1.6. Fix: BRMS Resource Name

BRMS resources were incorrectly identified as JBoss AS resources. With the new plug-in, BRMS resources are correctly labeled.

1.7. Fix: Password Obfuscation for Content Repository Credentials

Password obfuscation was introduced in JBoss Operations Network 3.1 for stored content providers credentials, including the credentials used to access the Red Hat Customer Portal (a default repository in JBoss ON). However, there was a problem with the way that passwords were decoded when accessing the content repository. In some cases, a valid password was not properly decoded, so connecting to the patch repository or another content repository failed.
This issue has been fixed in JBoss ON 3.1.1.
Any stored credentials for an existing content repository must be updated. The fix for this issue implements a new way to hash, store, and retrieve the obfuscated password. Existing passwords must be reset in order to apply the new obfuscation method.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.