Chapter 5. Fixed issues
The issues fixed in AMQ Streams 1.7 are shown in the following table. For details of the issues fixed in Kafka 2.7.0, refer to the Kafka 2.7.0 Release Notes.
Issue Number | Description |
---|---|
OpenSSL tasks should be executed on separate worker executor and not on the main thread | |
Check the | |
Topic Operator sometimes renames KafkaTopics | |
Simplify Kafka upgrades and downgrades | |
Move to Java 11 language level | |
If the | |
All KafkaTopic custom resources are deleted and recreated when restarting kafka and zookeeper at the same time | |
Metrics reporter not able to produce metrics when Kafka | |
MirrorMaker: Enable synchronization of offsets to the consumer group on the target cluster | |
kafka-configs.sh is deprecating | |
Watching the wrong reconciliations for metrics in the Topic Operator | |
Improve configuration of network policies | |
Run the ConnectS2I deployment with | |
Adding or removing JBOD volumes not working as expected | |
Replacing namespace in Prometheus operator bundle file produces invalid YAML | |
Inconsistent use of CPU metric in Grafana dashboards | |
KafkaConnect Build: Declarative management of connector plugins in Kafka Connect custom resource | |
Add annotations to perform connector/task restart operations | |
Kafka Exporter dashboard does not auto-select namespace and cluster name | |
Network policies not properly configured when metrics ConfigMap is used | |
User-certificate renewal never triggered when it expires independently on the CA | |
Cruise Control Grafana dashboard presentation is affected when Cruise Control pod is rolled or deleted | |
Topic Operator fails to create a topic when replica or partition count is decreased | |
JMX configuration issues cause port already in use error | |
OAuth NullPointerException when using 'keycloak' authorization with 'resource' permissions | |
Use the ISO-8601 timestamp standard for Kafka resource status |
Table 5.1. Fixed common vulnerabilities and exposures (CVEs)
Issue Number | Title | Description |
---|---|---|
CVE-2020-25649 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) [amq-st-1] | A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity. |