Releases: phax/phoss-smp
Releases · phax/phoss-smp
phoss SMP 5.5.1
- Fixed an error in web.xml of the XML version (duplicate servlet mapping)
- Improved resilience of internal path handling
phoss SMP 5.5.0
- Updated to Log4J 2.17.1 for security reasons (CVE-2021-44832)
- Updated to ph-commons 10.1.5
- Updated to ph-oton 8.3.6
- The transport profiles are now managed in the database when using the SQL Backend (table
smp_tprofile
)- All the existing transport profiles are automatically migrated into the database
- The audit items are now also written directly to the database when using the SQL Backend (table
smp_audit
) - existing entries are NOT migrated - The security roles are now managed in the database when using the SQL Backend (table
smp_secrole
) - The users are now managed in the database when using the SQL Backend (table
smp_secuser
) - The user groups are now managed in the database when using the SQL Backend (table
smp_secusergroup
)- All existing roles, users and user groups are automatically migrated from the XML based file to the DB
- All the SMP settings as well as the ID maintenance are now managed in the database when using the SQL Backend (table
smp_settings
)- All the existing SMP settings are automatically migrated into the database
- Added new property in
webapp.properties
calledwebapp.public.showappname
to disable the display of the application name in the/public
part - Added new property in
webapp.properties
calledwebapp.public.showsource
to disable the display of the application source in the/public
part - Certain HTTP redirects now correctly honour the public URL - this only affects usage behind a reverse proxy
phoss SMP 5.4.5
- Updated to Log4J 2.17.0 because of CVE-2021-45105 - see https://logging.apache.org/log4j/2.x/security.html
phoss SMP 5.4.4
- Updated to Log4J 2.16.0 for security reasons (CVE-2021-45046) - see https://www.lunasec.io/docs/blog/log4j-zero-day/
phoss SMP 5.4.3
- Updated to Log4J 2.15.0 for security reasons - see https://www.lunasec.io/docs/blog/log4j-zero-day/
- This version is safe regarding to CVE-2021-44228
phoss SMP 5.4.2
- Switching back to Flyway v7 for compatibility with MySQL v5.7.
phoss SMP 5.4.1
- Fixed a regression in 5.4.0, that the parsing of date time values without a timezone failed.
phoss SMP 5.4.0
- Added support for migrating service groups from and to another SMP - see the new menu items in the "Service group" area (see issue #78)
- An internal error on the "Business Cards" page was solved, if a Directory configuration was enabled using "https" but the certificate setup of the PD Client is broken
- Added an additional check on the "Certificate Information" page if the configured key store contains more than 1 key entry
- Added a new page that shows all the identifier mappings uses in the SMP (available in "Administration | Identifier Mappings")
- The return code of the
PUT
andDELETE
APIs changed from 404 to 412 if the writable REST API is disabled - Extended the REST API to create and delete ServiceGroups without SML interaction (see issue #163)
- Added a new status item
smp.sql.db.connection-possible
when using the SQL backend - Added a new configuration property
smp.status.sql.enabled
to disable the new status item - Added a new configuration property
smp.timezone
to configure the global SMP time zone (see issue #167)
phoss SMP 5.3.3
- Updated to ph-commons 10.1
- Updated to peppol-commons 8.4
- Updated to ph-oton 8.3
- A new Administration page to dynamically change the log level was added
- The page "SML certificate update" received additional checks regarding the certificate layout
- Removed superfluous
pd-client.properties
file - Added new status item
startup.datetime
- The new configuration item
smp.flyway.enabled
allows to disable the usage of Flyway - When listing certificates, the alias is also shown if it is available
phoss SMP 5.3.2
- Fixed an error in the MongoDB backend that prevented the endpoint processes to be handled correctly. This is a regression error introduced in 5.2.6.