このコンテンツは選択した言語では利用できません。
3.1.1 Release Notes
JBoss Operations Network 3.1.1
for 3.1.1 updates to JBoss Operations Network
Copyright © 2012 Red Hat, Inc.
September 19, 2012
Abstract
These release notes contain important information about new features, known issues, and other technical notes available at the time that JBoss Operations Network 3.1.1 was released.
JBoss Operations Network 3.1.1 is a bug fix release which addresses numerous issues from JBoss ON 3.1.
1. Notable Changes in 3.1.1
While JBoss ON 3.1.1 is primarily a bug fix release, there have been some changes in JBoss ON functionality related to those bug fixes and that address recent security updates.
1.1. New: Agent RPMs
Agent RPMs are available through both Red Hat Network and system errata updates for Red Hat Enterprise Linux 6 systems. Using RPMs can simplify installing, configuring, and managing the agent as a system service and makes it much easier for administrators to kickstart systems or create cloud or virtual instances and configure those instances automatically for JBoss ON systems management.
More information on migrating from a JAR installation to an RPM agent and installing the agent RPMs is available in the Installation Guide.
1.2. New: PostgreSQL 9.1 Support
PostgreSQL 9.1 can be used as a backend database for the JBoss ON server, in addition to PostgreSQL 9.0 (introduced in JBoss ON 3.0) and PostgreSQL 8.2.4 and later 8.2.x versions.
1.3. Deprecated: Internet Explorer 8 Support
Internet Explorer 8 is currently a supported browser to access the JBoss ON installer and UI. However, this supported is deprecated in JBoss ON 3.1.1, meaning that its use is not recommended and support for Internet Explorer 8 will be removed in a future release of JBoss ON.
1.4. Deprecated: Augeas Plug-in for Apache Configuration Support
Editing the Apache configuration files and virtual hosts through JBoss ON is enabled on Red Hat Enterprise Linux using an Augeas lens. This Augeas lens requires the Augeas agent plug-in. The Augeas agent plug-in is deprecated in JBoss ON 3.1.1.
Important
The Augeas plug-in is not required to monitor an Apache resource. This plug-in is only used to manage resource configuration and view and edit configuration files.
1.5. Security Fix: JBoss Web/Apache Denial of Service Vulnerability (CVE-2012-0022)
The JBoss Web version used by JBoss ON used an inefficient approach for handling parameters, which allowed remote attackers to cause a denial of service attack by increasing CPU consumption through a request that contained many parameters and parameter values.
1.6. Fix: BRMS Resource Name
BRMS resources were incorrectly identified as JBoss AS resources. With the new plug-in, BRMS resources are correctly labeled.
1.7. Fix: Password Obfuscation for Content Repository Credentials
Password obfuscation was introduced in JBoss Operations Network 3.1 for stored content providers credentials, including the credentials used to access the Red Hat Customer Portal (a default repository in JBoss ON). However, there was a problem with the way that passwords were decoded when accessing the content repository. In some cases, a valid password was not properly decoded, so connecting to the patch repository or another content repository failed.
This issue has been fixed in JBoss ON 3.1.1.
Any stored credentials for an existing content repository must be updated. The fix for this issue implements a new way to hash, store, and retrieve the obfuscated password. Existing passwords must be reset in order to apply the new obfuscation method.
