Changelog

Release 33.1.1

Release 33.1.1 contains bug fixes, security updates and new features.

The codename for Horizon 33.1.1 is Powderpuff.

Note: Minion and OpenNMS must be on the same minor version because of changes introduced in NMS-16543.

Bug

  • 500 Server Error when sending events from GUI when OpenNMS has large number of Events configured (Issue NMS-16485)

  • Provisioning fails when category has been deleted (Issue NMS-16536)

  • With use-address-from-varbind traps are misassigned (Issue NMS-16543)

  • Update protobuf (Issue NMS-16636)

  • Update fop-core (Issue NMS-16961)

  • Update cxf-core (Issue NMS-16962)

Task

  • DevOps: Stop including ALEC in containers (Issue NMS-16576)

Enhancement

  • Enable snmpinterface meta-data to be exposed in the time series integration layer for Pollerd metrics where possible (Issue NMS-16946)

New Feature

  • PTP implementation: Implement poller to check for desired port state (Issue NMS-16956)

  • PTP implementation: add documentation (Issue NMS-16957)

Story

  • Include service status Integration API (Issue NMS-16972)

Release 33.0.10

Release 33.0.10 contains a bunch of security updates, bug fix and enhancements.

The codename for Horizon 33.0.10 is Downy Serviceberry.

Bug

  • Grafana reports endpoint failure (Issue NMS-16367)

  • Version in about page points to invalid release notes (Issue NMS-16482)

  • Structured Node List - some IP are missing (Issue NMS-16483)

  • Installation instructions are broken and show an unresolved variable (Issue NMS-16490)

  • Search does not return any results for Asset Search string Meridian 2024.1.3 (Issue NMS-16510)

  • OpenNMS RESTful API provides incorrect URL in GUI after SSL enablement (Issue NMS-16530)

  • Test case failures org.opennms.features.newts.converter. numeric value is NaN (Issue NMS-16936)

  • Test case failures: The markup in the document preceding the root element must be well-formed (Issue NMS-16949)

  • Logging in TcpListener in Eventd is done with a foreign class (Issue NMS-16951)

Task

  • Replace babel/polyfill with core-js 3 (foundation-2021 branch) (Issue NMS-16477)

  • Update dnsjava to version 3.6.0 if applicable (Issue NMS-16506)

  • Update proton-j to 0.34 or latest for OSGI (Issue NMS-16549)

  • Resolve jsoup version discrepancy seen in the dependency graph (Issue NMS-16552)

  • Update Snakeyaml for indirect dependencies (Issue NMS-16570)

  • Include nodeParentId in Rest API V2 returns for Node (Issue NMS-16571)

  • Update linux UBI version to address security vulnerabilities (Issue NMS-16587)

Enhancement

  • Add Node Labels to timeseries data for pollerd services (Issue NMS-16497)

  • Adding resourceLabels to TS data (Issue NMS-16498)

Release 33.0.9

Release 33.0.9 contains a bunch of security updates, bug fix and an enhancement.

The codename for Horizon 33.0.9 is Devilwood.

Task

  • Update grpc to to the next version to address CVEs (Issue NMS-16180)

  • Update org.apache.kafka:kafka to version 3.6.2 or higher. (Issue NMS-16507)

  • Purge jettison 1.4.x from the system directory (Issue NMS-16513)

  • Update BouncyCastle bcpkix to 1.78 (Issue NMS-16514)

Bug

  • Usage statistics reporter throws an NPE in the stdout on startup (Issue NMS-16435)

Configuration

  • Need to Update the Example Event Forwarder Script (Issue NMS-16501)

Release 33.0.8

Release 33.0.8 contains a bunch of bug fixes and an enhancement.

The codename for Horizon 33.0.8 is Golden Shower tree.

Task

  • Alarm Resync (Issue NMS-16489)

  • Update to Netty 4 (Issue NMS-16496)

  • Update pgjdbc to version 42.5.5 (Postgres sql JDBC driver) (Issue NMS-16503)

  • Update forked version of nekohtml parser to `>= 1.9.22.noko2`version of Nokogiri if applicable (Issue NMS-16504)

  • Update Apache CXF to 4.0.4, 3.6.3 or 3.5.8 to fix CVE-2024-28752 (Issue NMS-16505)

Bug

  • Snakeyaml vulnerable to Stack overflow leading to denial of service (Issue NMS-15169)

Release 33.0.7

Release 33.0.7 contains a bunch of security updates.

The codename for Horizon 33.0.7 is Pink powder puff.

Bug

  • Stored XSS on "Monitoring Locations" (Issue NMS-16443)

  • Host Header Injection (Issue NMS-16450)

  • [Web] - Missing Secure Flag on Session Cookie (Issue NMS-16451)

Release 33.0.6

Release 33.0.6 contains a couple of bug fixes and an enhancement.

The codename for Horizon 33.0.6 is Mango.

Task

  • Stalled threads in telemetryd parser (Issue NMS-16243)

Bug

  • Cross-Frame Scripting-CWE ID : 1021 Web scan vulnerability (Issue NMS-16369)

  • Address CVE-2020-15522 (Issue NMS-16384)

  • Querying Alarms by alarmId leads to a page that loses context on refresh (Issue NMS-16417)

  • NMS-16243 fix missing from 33.x release series (Issue NMS-16441)

  • Stored XSS on "MIB Compiler" (Issue NMS-16444)

  • Stored XSS on "Scheduled Outages" (Issue NMS-16445)

  • Missing Access Control on "Grafana Endpoints" (Issue NMS-16446)

  • Missing Access Control on "Geocoder Configuration" (Issue NMS-16447)

  • Stored XSS on "Node Label" (Issue NMS-16448)

  • Detailed server configuration in the error (Issue NMS-16449)

  • Services are deleted and recreated on each provisioning run (Issue NMS-16458)

Release 33.0.5

Release 33.0.5 contains a bug fix and an enhancement.

The codename for Horizon 33.0.5 is Black Pine.

Enhancement

  • Update Provisiond scan to remove old primary IP inteface (Issue NMS-16347)

Bug

  • Unable to set collection on detectors (Issue NMS-16360)

Release 33.0.4

Release 33.0.4 contains a bunch of bug fixes and enhancements.

The codename for Horizon 33.0.4 is Anacahuita.

Bug

  • PostgreSQL monitor url parameter metadata cannot be resolved properly and collection fails consequently (Issue NMS-16374)

  • Unable to display varbind’s form feed characters and other control characters in events (Issue NMS-16395)

Enhancement

  • Allow fix-permissions and update-package-permissions scripts to set ownership for customized users (Issue NMS-16406)

Release 33.0.3

Release 33.0.3 contains a number of bug fixes and a documentation update.

The codename for Horizon 33.0.3 is Weeping European Beech.

Bug

  • Running the config-tester -a throws an IllegalStateException for ActiveMQ context (Issue NMS-16355)

  • CVE-2024-3094 investigation (Issue NMS-16396)

  • Container image build fails with a wrong reference to deploy-base:ubi9-3.3.0.b265-jre-17 (Issue NMS-16399)

Release 33.0.2

Release 33.0.2 contains a bunch of bug fixes and enhancements.

The codename for Horizon 33.0.2 is Old Man’s Beard.

Bug

  • Access Denied when deleting a node with admin user (Issue NMS-15746)

  • Device config upload failed with org.apache.sshd.common.SshException: EdDSA provider not supported (Issue NMS-16131)

  • Event parameters with <> not rendering in event/alarm views (Issue NMS-16157)

  • Hikari CP leaking threads (Issue NMS-16345)

  • LdapMonitor does not work when a Minion is the poller (Issue NMS-16349)

  • The script showing the Karaf process status in our container image requires "ps" (Issue NMS-16356)

  • VMware credentials exposed in provisiond log file (Issue NMS-16357)

  • Collectd can’t persist time series data and throwing a NPE with "java.util.List.size()" because "rraList" is null (Issue NMS-16358)

Enhancement

  • Update install script to clear Karaf cache (Issue NMS-16226)

  • Add option to import-requisition command to block until import is done (Issue NMS-16343)

  • Rename User Data Collection feature to Product Update Enrollment (Issue NMS-16353)

  • Configurable option for Kafka Producer CollectionSet buffer size (Issue NMS-16366)

Release 33.0.1

Release 33.0.1 is a re-release of 33.0.0, reverting the async poller changes and fixing a packaging issue.

Bug

  • Issue installing on Debian 11 Reported by Customer (Issue NMS-16309)

  • REVERT: enable async polling by default (Issue NMS-15738)

Enhancement

  • Docs page for Info REST service (Issue NMS-16351)

Release 33.0.0

Release 33.0.0 is the first major release in the 33.x series. It contains a bunch of changes, including metadata support in many more configs, a revamped node list, and more.

The codename for Horizon 33.0.0 is Coast Redwood.

Bug

  • Missing information in downtime model docs (Issue NMS-10133)

  • R-Core fails to install following the Horizon 30 Install Docs (Issue NMS-14777)

  • Surveillance Dashboard shows acknowledged Alarms (Issue NMS-15448)

  • Access Denied when deleting a node with admin user (Issue NMS-15746)

  • Typo in Configuring Minion via confd README (Issue NMS-15901)

  • "Dismiss" in Usage Statistics Sharing Notice is misleading (Issue NMS-16027)

  • Links in node table open both in current tab and in a new tab (Issue NMS-16047)

  • Fix Geographical Map after vue-leaflet upgrade (Issue NMS-16065)

  • Top of page search displays 'Show nodes with severity' multiple times (Issue NMS-16067)

  • Device config upload failed with org.apache.sshd.common.SshException: EdDSA provider not supported (Issue NMS-16131)

  • Data choices plugin throws a NPE when user clicks on show collected data. (Issue NMS-16151)

  • Event parameters with <> not rendering in event/alarm views (Issue NMS-16157)

  • Users with ROLE_READONLY can add, modify, and delete alarm memos (Issue NMS-16162)

  • Docs: Meridian plugins reference wrong package names (Issue NMS-16164)

  • Fix resource types for default Postgres collection (Issue NMS-16165)

  • Service detail page displays wrong collectd package (Issue NMS-16167)

  • enlinkd logging hibernate errors (lack of unique index) (Issue NMS-16199)

  • Zookeeper 3.4.6 version mismatch in Meridian 2021 (Issue NMS-16209)

  • upgrade ActiveMQ to latest 5.15.x (Issue NMS-16218)

  • Documentation build failing: cannot find antora/xref-validator (Issue NMS-16227)

  • Node structure: fix sorting (Issue NMS-16246)

  • OpenConfig Connector parameter frequency in incorrect unit (Issue NMS-16253)

  • Container flag -t does not pass correct arguments (Issue NMS-16265)

  • Cortex plugin does not start automatically (Issue NMS-16272)

Enhancement

  • Add var-bind section into notification docs (Issue NMS-13273)

  • Provisiond threads description discrepancies (Issue NMS-14766)

  • Metadata DSL: Add metadata interpolation capability onto more threshold fields (Issue NMS-15667)

  • enable async polling by default (Issue NMS-15738)

  • Switch our Docker base to UBI (Issue NMS-15788)

  • Docs: Add install note on DNS resolution (Issue NMS-15792)

  • Extend PageSequenceMonitor to allow basic auth credentials (Issue NMS-15802)

  • Expand BlueCat DNS Data Collection (Issue NMS-15865)

  • Add confd support to Sentinel container (Issue NMS-16149)

  • Docs: Remove deprecated resourcecli section (Issue NMS-16216)

  • Update install script to clear Karaf cache (Issue NMS-16226)

  • Upgrade to latest Karaf 4.3 (Issue NMS-16249)

  • Deprecate VMware 3-5 collection/graphs (Issue NMS-16266)

  • Fix formatting in snmp-graph.properties.d files (Issue NMS-16269)

  • Docs: Update install docs for monitoring database connection (Issue NMS-16286)

  • Update container confd to default Postgres SSL to prefer (Issue NMS-16287)

Task

  • Metadata DSL: Elasticsearch Integration (Issue NMS-15752)

  • Update UI for Admin password change prompt (Issue NMS-15780)

  • Create Initial Node Structure Page (Issue NMS-16037)

  • Update UI dependencies to latest Vue3, feather, etc. (Issue NMS-16045)

  • Node structure page: Union/Intersection category filter switch (Issue NMS-16058)

  • Node structure: add unit tests (Issue NMS-16060)

  • Structured Node List: Add smoke test (Issue NMS-16061)

  • Structured node list: Export CSV/XLS (Issue NMS-16064)

  • Unzip command is missing from UBI images (Issue NMS-16087)

  • Convert Menu store to pinia (Issue NMS-16092)

  • Structured node list: UX Updates (Issue NMS-16103)

  • Structured node list: handle legacy query strings (Issue NMS-16116)

  • Structured node list: UX updates Part 2 (Issue NMS-16123)

  • Structured node list: Merge feature branch to develop (Issue NMS-16124)

  • Convert NodeStructure store to pinia (Issue NMS-16125)

  • Node structure: Add management IP address (Issue NMS-16126)

  • Node structure: Make preferences persistent (Issue NMS-16130)

  • Convert Node store to pinia (Issue NMS-16136)

  • Update Vue UI README with dev workflow instructions (Issue NMS-16142)

  • Convert more stores to pinia (Issue NMS-16144)

  • Convert auth, usageStats and other stores to pinia (Issue NMS-16154)

  • Convert deviceStore etc to pinia, remove vuex from project (Issue NMS-16156)

  • DOCS: Document structured node list (Issue NMS-16210)

  • Docs: Remove reference to 'opennms-cloud-plugin' plugin (Issue NMS-16231)

New Feature

  • Metadata DSL: VMware Integration (Issue NMS-15753)

  • Metadata DSL: WSMAN Integration (Issue NMS-15754)

  • Metadata DSL: TL1D Integration (Issue NMS-15755)

  • Metadata DSL: JMX Data-collection (Issue NMS-15756)

  • Metadata DSL: XML Data-collection (Issue NMS-15757)

  • Metadata DSL: HTTP/HTTPS Data-collection (Issue NMS-15758)

  • Metadata DSL: Notification Credentials (Issue NMS-15759)

  • Metadata DSL: Ticketer Plugins (Issue NMS-15760)

  • Metadata DSL: Trapd Configuration (Issue NMS-15761)

  • Metadata DSL: JCIFS Monitor (Issue NMS-15762)

  • Metadata DSL: IFTTT Configuration (Issue NMS-15763)

  • Metadata DSL: Repository Configuration (Issue NMS-15764)

  • Metadata DSL: [OPTIONAL] Consistent *-config.xml Configurations (Issue NMS-15765)

  • Metadata DSL: Evaluate feasability to support metadata in Drools rules (Issue NMS-15766)

  • Metadata DSL: Change default poller and collectd configuration files to reflect ability to use metadata (Issue NMS-16016)

  • Metadata DSL: snmp-config.xml & SNMP Profiles (Issue NMS-16028)

  • Metadata DSL: change default opennms-datasources.xml to reflect the possibility of using metadata (Issue NMS-16029)

  • OpenShift: Document the impact of disabling allowPrivilegeEscalation (Issue NMS-16239)

  • Update wording to Product Update Sign Up (Issue NMS-16352)

Story

  • Metadata DSL: Documentation for Metadata DSL updates (Issue NMS-15774)

  • Document change in login password behaviour (Issue NMS-15775)

  • Smoke test for Admin password change (Issue NMS-15866)

  • Admin Password Change: UX Review and Updates (Issue NMS-15867)

  • Admin Password Change: Merge to develop (Issue NMS-15868)

  • User is redirected to landing page after password change is done (Issue NMS-16036)

  • Use pinia instead of vuex in Vue UI (Issue NMS-16043)

  • Add pinia stores to UI but do not yet activate them (Issue NMS-16068)

  • Metadata DSL: Persist poller parameters as meta data (Issue NMS-16146)

  • Node structure: more query params (fs:fid, snmp, sys) (Issue NMS-16197)

  • Remove plugin 'opennms-cloud-plugin' from installation (Issue NMS-16219)

  • Geo Map: enable user-defined map to be the default one (Issue NMS-16229)

  • DOCS: Document Geographical Map user-defined map (Issue NMS-16230)

  • Add node-gyp to fix CircleCI build-ui errors (Issue NMS-16242)

  • News Feed: UI Panel and REST Service (Issue NMS-16282)

  • Web UI for User Data Collection (Issue NMS-16283)

  • User Data Collection: Database / Rest / CM work (Issue NMS-16284)

Epic

  • Opt-In User Data: Name, email and company Collection (Issue NMS-16279)