Releases: OpenNMS/opennms
OpenNMS Horizon 29.0.5 (Kingfisher)
Release 29.0.5 contains a number of bug and security fixes, as well as a few enhancements.
It include an update to the latest Log4j2 release. It is not believed that we are vulnerable to the Log4j issues fixed in these newer releases, but are updating anyway just to be sure.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.5 is Kingfisher.
Bug
- TimescaleDB extension can’t added to existing opennms DB. (Issue NMS-13441)
- Enlinkd API response extremely slow for some nodes (Issue NMS-13507)
- Customer is not able to view Topology (Issue NMS-13851)
- Javascript security updates (December, 2021) (Issue NMS-13857)
- Very large node caches can cause telemetry adapters to fail on Sentinel (Issue NMS-13859)
- Permission check in ./install -dis flags unwriteable files in the .git directory - redux (Issue NMS-13860)
- CVE-2021-45105: Update to Log4j 2.17.0 (Issue NMS-13868)
- upgrade to log4j2 2.17.1 and pax-logging 1.11.13/2.0.14 (Issue NMS-13878)
Enhancement
- Consolidate all IPC features into one / need conf.d changes (Issue NMS-13610)
- Add metrics about twin communication (Issue NMS-13649)
- Extend SnmpMetadataProvisioningAdapter configuration to support exact OID matches (Issue NMS-13842)
- Support an endpoint that allows to access parts of resources (Issue NMS-13863)
- Minion Kafka docs missing reference to custom.system.properties (Issue NMS-13885)
OpenNMS Horizon 29.0.4 (The Bird)
Release 29.0.4 is a re-release of 29.0.3 with additional fixes relating to Log4j2 vulnerabilities.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.4 is The Bird.
Bug
- CVE-2021-45046: incomplete Log4j2 vulnerability mitigation (Issue NMS-13858)
OpenNMS Horizon 29.0.3 (Penguin)
Release 29.0.3 is an out-of-band release with a fix for the Log4j2 security issue, plus an enhancement to support exclude-url
in discovery’s configuration.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.3 is Penguin.
Bug
- Log4j2 0-day: CVE-2021-44228 (Issue NMS-13850)
Enhancement
OpenNMS Horizon 29.0.2 (Satanic Nightjar)
Release 29.0.2 contains a fix for a Jetty CVE, plus a number of bug fixes and small enhancements, including changes to user auth, Twin API, VMware, and running as non-root.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.2 is Satanic Nightjar.
Bug
- Update labelling in Configure Discover screen (Issue NMS-12992)
- Link to release notes in web Help / About needs updating (Issue NMS-13579)
- Twin logs doesn’t appear in ipc.log (Issue NMS-13731)
- Authorization changes not taking immediate effect (Issue NMS-13761)
- VMware sessions not correctly closed in all cases (Issue NMS-13774)
- Permission check in ./install -dis flags unwriteable files in the .git directory (Issue NMS-13778)
- Uncatched exception when importing a VMware virtual machine without an IP interface (Issue NMS-13781)
- opennms-webapp-hawtio %post chown errors (Issue NMS-13788)
- 29.0.1 minion should be RUNAS=minion (Issue NMS-13789)
- Missing RRD package definition in BMP persisting adapter (Issue NMS-13812)
- CVE-2021-28164: access to WEB-INF (Issue NMS-13832)
Enhancement
- Dynamic Configuration of Trap Listener (Issue NMS-13564)
- Tracing support for twin communication (Issue NMS-13650)
- Document how to install from source (Issue NMS-13685)
- Improve Related Events box in Alarm detail page (Issue NMS-13749)
- Optionally include a table of event parameters on the event detail page (Issue NMS-13765)
- Remove link to wiki from the landing page (Issue NMS-13779)
- Add support for VMware 7.0.3 performance data collection (Issue NMS-13780)
OpenNMS Horizon 29.0.1 (Emu)
Horizon 29.0.1 is a quick release outside of the normal schedule to address some bugs found in 29.0.0 mostly related to running as non-root, and Minion communication.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.1 is Emu.
Bug
- Kafka topics should start with OpenNMS Instance ID for Twin (Issue NMS-13733)
- opennms.spec file tries to find out if gid 1000 is used but doesn’t actually check hat (Issue NMS-13734)
- Events from Hardware Inventory Provisioning Adapter and SNMP Metadata Provisioning Adapter cannot be distinguished (Issue NMS-13735)
- Upgrade to 29: fix-permissions script fails changing ownership (Issue NMS-13736)
- Minion user not authorized to read from topic OpenNMS.Twin.Sink (Issue NMS-13742)
- opennms-plugin-provisioning-wsman-asset missing on Debian (Issue NMS-13747)
- Upgrade to 29: "$RUNAS is not set" (Issue NMS-13748)
- SNMP Metadata XSD does not allow multiple <config> elements (Issue NMS-13752)
Enhancement
OpenNMS Horizon 29.0.0 (Turkey)
Release 29.0.0 is the first in the Horizon 29 series, introducing running as non-root by default, optimizations to Minion communication, time-series improvements, support for Cortex for storing flow data, and more.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.0 is Turkey.
Bug
- Add Validation for Metadata in Thresholds (Issue NMS-12689)
- Prometheus collector won’t process untyped metrics (Issue NMS-12717)
- Confd doesn’t replace telemetryd config in etc (Issue NMS-13265)
- The node and interface counters of the Evaluation Layer are incorrect (Issue NMS-13283)
- EvaluationMetrics.log is contaminated with non-related metrics. (Issue NMS-13284)
- Meta-Data cannot be deleted using UI (Issue NMS-13314)
- Maven: external HTTP insecure URLs are blocked (Issue NMS-13323)
- Installation with non-root user failes on CentOS 8 (Issue NMS-13415)
- Starting opennms with systemd as non-root fails with access denied for pid (Issue NMS-13417)
- Fresh install requires to run fix-permissions script for iplike.so (Issue NMS-13418)
- Docker not able to access etc overlay as non-root (Issue NMS-13436)
- The Info ReST endpoint is not showing the services status (Issue NMS-13437)
- Fix ipInterface PrimaryType Hibernate mapping (Issue NMS-13469)
- Relaunch of bin/opennms script as opennms user fails due to missing arguments (Issue NMS-13470)
- Reflected XSS in webapp notice wizard (Issue NMS-13496)
- IFTTT integration not working anymore (Issue NMS-13501)
- Minion stops processing flows with "Invalid packet: null" until restart (Issue NMS-13539)
- Components that use JavaMail unable to use TLS 1.2+ (Issue NMS-13636)
- Hardware information not displayed for some devices (SnmpMetadataProvisioningAdapter) (Issue NMS-13648)
- Lock contention when processing large volume of REST API requests (Issue NMS-13655)
- Clean unused data in srv001.txt and srv002.txt (Issue NMS-13657)
- Nodes with complex hardware configuration are not correctly rendered (Issue NMS-13660)
- automation cleanUpRpStatusChanges that references removed action with same name remains in default vacuumd-configuration.xml configuration (Issue NMS-13661)
- ALEC in distributed mode doesn’t start on Sentinel (Issue NMS-13664)
- property name importer.adapter.dns.reverse.level is incorrect in commented out example (Issue NMS-13670)
- Fix JtiTelemetryIT smoke test (Issue NMS-13687)
- START_TIMEOUT ignored when run from systemd (Issue NMS-13702)
- macOS Monterey: older OpenNMS branches do not start anymore (Issue NMS-13703)
- related events box in alarm detail shows all events when alarm has no node / interface / service / ifindex (Issue NMS-13705)
- SNMP Metadata Provisioning Adapter: wrong line in debian/rules (Issue NMS-13717)
- invalid permissions in /var/opennms on fresh install (Issue NMS-13725)
- JMS Twin doesn’t work with minion user (Issue NMS-13726)
- Remove reference to DHCP plugin from docs (Issue NMS-13727)
- GeoIP Provisioning Adapter: SubnetUtils does not support IPv6 (Issue NMS-13728)
Enhancement
- Change the webUI so it runs as a non-root user easily and reliably (Issue NMS-1231)
- Create opennms user on install (Issue NMS-11970)
- syslogd as non-root user (Issue NMS-11982)
- opennms.service in non-root environment (Issue NMS-12005)
- opennms init script "runas" setting (Issue NMS-12007)
- TrapD won’t run as non-root user (Issue NMS-12026)
- non-root user:group file permissions (Issue NMS-12034)
- Documentation for reloadable daemons (Issue NMS-12611)
- Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)
- Update Provisioning chapter (Issue NMS-12810)
- Create docs about Newts confd parameters (Issue NMS-13005)
- Allow OpenNMS Core service to run as non-root (Issue NMS-13016)
- Improve usability and self-contained features of the Kafka Producer payload for metrics (Issue NMS-13191)
- Upgrade Kafka components to 2.8.0 (Issue NMS-13264)
- Monitor localhost in a fresh install (Issue NMS-13313)
- Location dropdown on Add Node does not sort/filter (Issue NMS-13316)
- Persist monitor status in RRD (Issue NMS-13324)
- TSS 2.0: Improved Tag handling (Issue NMS-13356)
- Provide ability to store aggregated flow data from Nephron in Cortex (Issue NMS-13372)
- Investigate the Conversations related performance with Cortex & large amount of data (Issue NMS-13375)
- Nephron: Get rid of convo_key and grouped_by_key (Issue NMS-13377)
- Define Minion/OpenNMS Object replication Interfaces (Issue NMS-13401)
- Integrate Object replication with Trapd (for SNMPV3 Users) (Issue NMS-13402)
- Limit CollectionSet size in Kafka Producer to less than 1MB. (Issue NMS-13407)
- Remove remote repository dependencies during Minion OCI build (Issue NMS-13432)
- Implement gRPC broker for Object replication (Twin) (Issue NMS-13460)
- Implement ActiveMQ broker for Object replication ( Twin) (Issue NMS-13461)
- Implement In-memory broker for Object replication ( Twin) (Issue NMS-13462)
- Implement Kafka broker for Object replication ( Twin) (Issue NMS-13463)
- Changes to review bulk indexing with raw flow data (Issue NMS-13478)
- Grpc IPC and Twin should be able to run from the same port (Issue NMS-13487)
- Add Karaf Command to add query and publish Twin Objects (Issue NMS-13488)
- delete the opennms-tools directory (Issue NMS-13563)
- Upgrade Karaf to v4.3.2 (Issue NMS-13565)
- Support partial updates to Twin API (Issue NMS-13576)
- Optimize ip address handling in flow classification engine (Issue NMS-13577)
- optimize repeated reloads of the flow classification engine (Issue NMS-13580)
- The implementation of HealthCheck.performAsyncHealthCheck is not async (Issue NMS-13590)
- Add tag argument to health-check command (Issue NMS-13592)
- Provide basic implementation for patch support for Twin (Issue NMS-13594)
- Show Link State when viewing links on the Enlinkd topology maps (Issue NMS-13619)
- Topologies menu (Issue NMS-13622)
- Documentation for the new feature persisting flows in Cortex (Issue NMS-13635)
- Dis...
OpenNMS Horizon 28.1.1 (Mikaela Banes)
Release 28.1.1 contains a number of bug fixes and enhancements, including web UI, Minion, Docker, and documentation improvements.
For a high-level overview of what has changed in Horizon 28, see What’s New in OpenNMS Horizon 28.
The codename for Horizon 28.1.1 is Mikaela Banes.
Bug
- Fix example configuration for Scriptd (Issue NMS-13271)
- Strings with URL arguments are truncated in the eventdescr field (Issue NMS-13428)
- SNMPv3 traps are not counted correctly in JMX metrics (Issue NMS-13489)
- missing fields in search autocomplete (Issue NMS-13518)
- Some of the tests of ClassificationRulePageIT are flaky (Issue NMS-13566)
- Signed Minion container bleeding image shows revision as meridian-foundation-2021.1.4-1-487 (Issue NMS-13587)
- Meridian Minion images do not include release (Issue NMS-13591)
- Horizon release-28.x builds fail with a certificate error (Issue NMS-13609)
Enhancement
- Document data types in collectd (Issue NMS-10476)
- Update adapters documentation (Issue NMS-12999)
- Move monitors docs to the Reference section (Issue NMS-13524)
- Move detectors to reference section (Issue NMS-13525)
- Move collectors to reference section (Issue NMS-13526)
- Move telemetryd (streaming telemetry) to reference section (Issue NMS-13527)
- Move ticketing docs to reference section (Issue NMS-13529)
- Add search term highlight functionality in documentation (Issue NMS-13540)
- Minion: Health ReST API: Lightweight/passive health check for broker/OpenNMS (Issue NMS-13547)
- Move provisioning policies to the reference section (Issue NMS-13562)
- Implement HW inventory Provisioning adapter API to support Juniper HW (Issue NMS-13575)
- Add full trapoid for Snmp V1 (Issue NMS-13586)
- Geolocator Doc Clarification (Issue NMS-13611)
OpenNMS Horizon 28.1.0 (Bumblebee)
Release 28.1.0 contains a bunch of bug fixes and enhancements, including a dependency update related to a CVE.
For a high-level overview of what has changed in Horizon 28, see What’s New in OpenNMS Horizon 28.
Note that we bumped the minor version on the release because of the changes made in NMS-13479 — in order to optimize the flow classification processing, some significant changes were made behind the scenes. There shouldn’t be any change from a user perspective, but we bumped the version just in case.
The codename for Horizon 28.1.0 is Bumblebee
Bug
- OpenNMS Admin Guide HostResourceSwRunMonitor service-name not exact match string (Issue NMS-8968)
- Trailing whitespace breaks flow listener config (Issue NMS-13477)
- Syslog messages missing nodelabel, location, and interface (Issue NMS-13485)
- Minions > v27.0.0 stop processing flows after apprx 5 minutes (Issue NMS-13486)
- IFTTT integration not working anymore (Issue NMS-13501)
- Bump Apache Ant version to 1.10.11 (CVE-2021-36373, CVE-2021-36374) (Issue NMS-13509)
- Service Parameters box misses Poller Patterns (Issue NMS-13517)
- missing fields in search autocomplete (Issue NMS-13518)
Enhancement
- Add the full trap oid for v2 snmp event (Issue NMS-13422)
- Update Provisiond Docs (Issue NMS-13446)
- Update table formatting in docs. (Issue NMS-13472)
- Migrate VMware config from wiki to docs (Issue NMS-13473)
- Review classification rules in the flow pipeline (Issue NMS-13479)
- Use Karaf shell commands to secure Minion SSH Karaf access (Issue NMS-13511)
- Reformat tables (again) (Issue NMS-13515)
OpenNMS Horizon 28.0.2 (Soundwave)
Release 28.0.2 contains a bunch of bug fixes and enhancements, as well as some fixes for XSS issues and a Jetty CVE.
For a high-level overview of what has changed in Horizon 28, see What’s New in OpenNMS Horizon 28.
The codename for Horizon 28.0.2 is Soundwave.
Bug
- The Dev Documentation doesn’t have information about the Hardware Inventory (Issue NMS-11730)
- Admin guide still uses deprecated term "provisioning group" in places (Issue NMS-12373)
- Swagger UI hard coded to server via HTTP (Issue NMS-13353)
- OpenAPI spec fails validation (Issue NMS-13354)
- OutOfMemory issue on Minion (corner case related to Offheap) (Issue NMS-13405)
- vmwareconfigbuilder and vmwarecimquery not working anymore (Issue NMS-13444)
- Jetty 9.4.38 security issues CVE-2021-28164, CVE-2021-34428 and CVE-2021-28169 (Issue NMS-13449)
- Reflected XSS in webapp notice wizard (Issue NMS-13496)
- Reflected XSS in scheduled outage editor (Issue NMS-13498)
Enhancement
- Add missing Prometheus collectd example in our documenation (Issue NMS-12978)
- Nephron: Consider interfaces for unaligned windows (Issue NMS-13352)
- Table formatting issue in new docs (Issue NMS-13364)
- Hardware Inventory Plugin needs docs (Issue NMS-13370)
- Document search panel (Issue NMS-13408)
- The PageSequenceMonitor keys host and virtual-host are confusing (Issue NMS-13412)
- Only publish Docker images when system tests are green (Issue NMS-13433)
- Doc typos - improper character escaping (Issue NMS-13448)
- Update table formatting in collectors section of docs (Issue NMS-13456)
- Optimize node cache refresh to be non-blocking to flow data (Issue NMS-13481)
OpenNMS Horizon 28.0.1 (Optimus Prime)
Release 28.0.1 contains a bunch of bug fixes and enhancements, plus a few security updates.
For a high-level overview of what has changed in Horizon 28, see What’s New in OpenNMS Horizon 28.
The codename for Horizon 28.0.1 is Optimus Prime.
Bug
- SNMP collection failing for "interface label is null or blank" (Issue NMS-11764)
- Typo in Graphs: "File Descritors" (Issue NMS-12876)
- Problems in Helm documentation (Issue NMS-12900)
- minion-config-schema.yml java agent example as a string (Issue NMS-13272)
- Minion container v28.0.0 refuse to start (Issue NMS-13347)
- Release notes display issues (Issue NMS-13351)
- Default Debian instructions don’t work on a minimal install (Issue NMS-13355)
- CVE-2020-13956: Update commons-httpclient to 4.5.13 (Issue NMS-13360)
- CVE-2017-5929: bump logback-classic version to latest (Issue NMS-13361)
- Update images chapter in docs remove two chapters (Issue NMS-13371)
- Package diffutils is missing in Docker image (Issue NMS-13429)
Enhancement
- Add Node ID reference to noticeWizard (Issue NMS-11790)
- Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)
- Create BSFDetector documenation (Issue NMS-13073)
- Add operator instructions for graphInvalidated (Issue NMS-13173)
- Nephron: add benchmark launcher (Issue NMS-13176)
- Enhance Availability (RTC) data via REST with current service status (Issue NMS-13238)
- PageSequenceMonitor not accepting metadata in <page/> element (Issue NMS-13257)
- Expand PageSequenceMonitor Documentation (Issue NMS-13260)
- Publish minion config schema (Issue NMS-13285)
- Health-check: provide restful api to query health for different tags (Issue NMS-13312)
- Check if Docker Content Trust and Docker Registry Proxies play together nicely (Issue NMS-13315)
- Use DCT to secure the Minion image (Issue NMS-13318)
- Provide OpenAPI doc to health-check REST API (Issue NMS-13319)
- update WMI dependencies (Issue NMS-13320)
- Add out-of-band monitoring content to main user documentation (Issue NMS-13330)
- Create DnsDetector docs (Issue NMS-13338)
- Create FtpDetector docs (Issue NMS-13339)
- Create HostResourceSWRunDetector docs (Issue NMS-13340)
- Documentation Typos (Issue NMS-13344)
- Setup DCT keys for the OpenNMS and OpenNMS-Forge organizations (Issue NMS-13345)
- Implement Kafka Consumer for events (protobuf) (Issue NMS-13362)
- Add info icon with a tooltip for effective meta-data values (Issue NMS-13365)
- Allow setting java heap minimum and maximum values in opennms.conf (Issue NMS-13367)
- Add tags as query params to /health/probe Rest API (Issue NMS-13369)
- Add custom Meta-data in search results (Issue NMS-13378)
- Misc documentation fixes (Issue NMS-13426)