Chapter 5. Fixed issues

The issues fixed in AMQ Streams 1.7 are shown in the following table. For details of the issues fixed in Kafka 2.7.0, refer to the Kafka 2.7.0 Release Notes.

Issue NumberDescription

ENTMQST-1561

OpenSSL tasks should be executed on separate worker executor and not on the main thread

ENTMQST-1607

Check the log.message.format.version and inter.broker.protocol.version from the brokers during upgrade

ENTMQST-1631

Topic Operator sometimes renames KafkaTopics

ENTMQST-1676

Simplify Kafka upgrades and downgrades

ENTMQST-1914

Move to Java 11 language level

ENTMQST-2030

If the bin/kafka-acls.sh utility is used to add or remove an ACL, the operation is successful but a warning is generated

ENTMQST-2085

All KafkaTopic custom resources are deleted and recreated when restarting kafka and zookeeper at the same time

ENTMQST-2184

Metrics reporter not able to produce metrics when Kafka min.insync.replicas is greater than 1

ENTMQST-2188

MirrorMaker: Enable synchronization of offsets to the consumer group on the target cluster

ENTMQST-2269

kafka-configs.sh is deprecating --zookeeper option but does not provide alternative functionality to list configs for users

ENTMQST-2295

Watching the wrong reconciliations for metrics in the Topic Operator

ENTMQST-2311

Improve configuration of network policies

ENTMQST-2335

Run the ConnectS2I deployment with tini init

ENTMQST-2386

Adding or removing JBOD volumes not working as expected

ENTMQST-2472

Replacing namespace in Prometheus operator bundle file produces invalid YAML

ENTMQST-2480

Inconsistent use of CPU metric in Grafana dashboards

ENTMQST-2483

KafkaConnect Build: Declarative management of connector plugins in Kafka Connect custom resource

ENTMQST-2525

Add annotations to perform connector/task restart operations

ENTMQST-2529

Kafka Exporter dashboard does not auto-select namespace and cluster name

ENTMQST-2547

Network policies not properly configured when metrics ConfigMap is used

ENTMQST-2548

User-certificate renewal never triggered when it expires independently on the CA

ENTMQST-2550

Cruise Control Grafana dashboard presentation is affected when Cruise Control pod is rolled or deleted

ENTMQST-2595

Topic Operator fails to create a topic when replica or partition count is decreased

ENTMQST-2625

JMX configuration issues cause port already in use error

ENTMQST-2636

OAuth NullPointerException when using 'keycloak' authorization with 'resource' permissions

ENTMQST-2643

Use the ISO-8601 timestamp standard for Kafka resource status

Table 5.1. Fixed common vulnerabilities and exposures (CVEs)

Issue NumberTitleDescription

ENTMQST-2334

CVE-2020-25649 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) [amq-st-1]

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.