红帽全球峰会1.4. Red Hat build of Apache Camel for Spring Boot 修复的问题
以下小节列出了红帽构建的 Apache Camel for Spring Boot 中修复的问题。
下表列出了红帽构建的 Apache Camel for Spring Boot 版本 4.0.3 中的已解决的问题。
下表列出了红帽构建的 Apache Camel for Spring Boot 版本 4.0.2 中的已解决的问题。
| 问题 | 描述 |
|---|---|
| CVE-2023-5072 JSON-java: parser混淆会导致 OOM |
下表列出了红帽构建的 Apache Camel for Spring Boot 版本 4.0 中的已解决的问题。
| 问题 | 描述 |
|---|---|
| [cxfrs-component] camel-cxf-rest-starter 需要 cxf-spring-boot-autoconfigure | |
| CXF TrustedAuthorityValidatorTest failure | |
| Camel Saxon: java.lang.ArrayIndexOutOfBoundsException: Index 8192 out of bounds for length 8192 | |
| [CSB 示例] - 对于 camel-jira 示例请求的 javax 依赖项 | |
| CXF 错误对齐 | |
| CVE-2023-34462 netty: io.netty:netty-handler: SniHandler 16MB allocation [rhint-camel-spring-boot-3.18] | |
| spring-security ConsensusBased accessDecisionManager | |
| CVE-2023-33008 apache-johnzon: 在大规模 [rhint-camel-spring-boot-3.18] 中,从 BigDecimal 进行低效的内部转换 | |
| camel-openapi-java-starter 在解析 openapi yaml 时抛出错误 | |
| 改进 JSch 库的日志记录 | |
| CSB archetype 缺少参数 | |
| camel-salesforce 包含 javax 传输的依赖项 | |
| cxf-services-xkms-itests 在 cxf-bom 中存在 | |
| camel-bindy org.apache.camel.util.ReflectionHelper.setField ()具有竞争条件 | |
| OpenShift Maven 插件在 MRRC 上的依赖关系 | |
| CVE-2022-46751 apache-ivy: XML External Entity vulnerability [rhint-camel-spring-boot-3.18] | |
| CVE-2022-44730 batik: Server-Side Request Forgery vulnerability [rhint-camel-spring-boot-3.18] | |
| CVE-2022-44729 batik: Server-Side Request Forgery vulnerability [rhint-camel-spring-boot-3.18] | |
| JDBC 和 spring-jdbc transacted ()无法正常工作 | |
| CVE-2023-26048 jetty-server: OutOfMemoryError for large multipart without filename via request.getParameter ()[rhint-camel-spring-boot-3.18] | |
| CVE-2023-26049 jetty-server: Cookie 解析有引号值可能会从其他 Cookie 中扩展值 [rhint-camel-spring-boot-3.18] | |
| [CAMEL-19814](camel-rest - Should filter out for the producer 端点) | |
|
cxf RS 发送 | |
| 自 CXF 4.0.1 开始,由新的引入的 http-client 导致的资源泄漏。 | |
| CVE-2023-40167 jetty-http: jetty: Improper validation of HTTP/1 content-length [rhint-camel-spring-boot-3.18] | |
| 没有从 JAXBElement<Type> 到 Type 的直接转换 |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}