Oval Definition:	oval:org.opensuse.security:def:60726
Revision Date: 2020-12-01 Version: 1 Title: Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important) Description: This update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm contains the following fixes: The update fixes several security issues: ansible - CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503). grafana - CVE-2020-13379: Fixed an incorrect access control issue which could lead to information leaks or denial of service (bsc#1172409). - CVE-2020-12052: Fixed an cross site scripting vulnerability related to the annotation popup (bsc#1170657). kibana - CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909). python-Django - CVE-2020-13254: Fixed a data leakage via malformed memcached keys. (bsc#1172167) - CVE-2020-13596: Fixed a cross site scripting vulnerability related to the admin parameters of the ForeignKeyRawIdWidget. (bsc#1172166) python-Flask - CVE-2019-1010083: Fixed a denial of service via crafted encoded JSON. (bsc#1141968) python-Pillow - CVE-2019-16865: Fixed a denial of service with specially crafted image files. (bsc#1153191) - CVE-2020-5312: Fixed a buffer overflow in the PCX P mode. (bsc#1160152) - CVE-2020-5313: Fixed a buffer overflow related to FLI. (bsc#1160153) - CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py. (bsc#1160192) python-psutil - CVE-2019-18874: Fixed a double free caused by refcount mishandling. (bsc#1156525) python-pysaml2 - CVE-2020-5390: Fixed an issue with the verification of signatures in SAML documents. (bsc#1160851) - CVE-2017-1000246: Fixed an issue with weak encryption data, caused by initialization vector reuse. (bsc#1068612) python-waitress (to version 1.4.3) - CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF handling. (bsc#1161088) - CVE-2019-16786: Fixed HTTP request smuggling through invalid Transfer-Encoding. (bsc#1161089) - CVE-2019-16789: Fixed HTTP Request Smuggling through Invalid whitespace characters. (bsc#1160790) - CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length header handling. (bsc#1161670) rubygem-activeresource - CVE-2020-8151: Fixed information disclosure issue via specially crafted requests. (bsc#1171560) rubygem-json-1_7 - CVE-2020-10663: Fixed an unsafe object creation vulnerability. (bsc#1167244) rubygem-puma - CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage. (bsc#1172175) - CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header. (bsc#1172176) Other non-security fixes in in the update below: Changes in ansible: - Add 0001-Disallow-use-of-remote-home-directories-containing-..patch (bsc#1126503, CVE-2019-3828) Changes in ansible1: - Add 0001-Disallow-use-of-remote-home-directories-containing-..patch (bsc#1126503, CVE-2019-3828) Changes in ardana-ansible: - Update to version 8.0+git.1589740980.6c3bcdc: * Reconfigure rabbitmq user permissions on update (SOC-11082) - Update to version 8.0+git.1588953487.9bfd5cb: * Fix incorrect prefix used to collect supportconfig files (bsc#1171273) - Update to version 8.0+git.1585690828.81d8f45: * Cleanup keystone-ansible (bsc#1108719) Changes in ardana-cluster: - Update to version 8.0+git.1585685203.3e71e49: * Use bool filter to ensure valid boolean evaluation (SOC-11192) Changes in ardana-freezer: - Update to version 8.0+git.1586539529.b7d295f: * Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137) Changes in ardana-input-model: - Update to version 8.0+git.1589740934.0e0ad61: * Add default rabbitmq exchange write permissions (SOC-11082) - Update to version 8.0+git.1586174594.2b92ec3: * add port neutron security extension to CI models (SOC-11027) Changes in ardana-logging: - Update to version 8.0+git.1591194866.b7375d0: * kibana: set x-frame-options header (bsc#1171909) - Update to version 8.0+git.1586179244.ae61f62: * Fix YAMLLoadWarning: calling yaml.load() without Loader (bsc#1168593) Changes in ardana-mq: - Update to version 8.0+git.1589715269.62ad6df: * Don't mirror reply queues (SOC-10317) - Update to version 8.0+git.1586784724.586343d: * Actually fail if sync HA queues retries exceeded (SOC-11083) Changes in ardana-neutron: - Update to version 8.0+git.1590756744.ba84abc: * Update L3 rootwrap filters (SOC-11306) - Update to version 8.0+git.1587737509.4e09de3: * Add network.target 'After' option (bsc#1169770) - Update to version 8.0+git.1586546152.e7bc07f: * Add neutron-common role dependencies (SOC-10875) - Update to version 8.0+git.1586543712.62bb5a3: * Fix neutron-ovsvapp-agent status (SOC-10637) - Update to version 8.0+git.1586535447.55769df: * Improve neutron service restart limit handling (SOC-8746) - Update to version 8.0+git.1586519528.a28db53: * Correctly setup ardana_notify_... fact (SOC-10902) Changes in ardana-octavia: - Update to version 8.0+git.1590100427.cf4cc8f: * fix octavia to glance communication over internal endpoint (SOC-11294) Changes in ardana-osconfig: - Update to version 8.0+git.1587034587.eac37b8: * Include SLE 12 SP3 LTSS repos in list of managed repos (SOC-11223) Changes in caasp-openstack-heat-templates: - Switch github URL from git@ to git:// to bypass authentication Changes in crowbar-core: - Update to version 5.0+git.1593156248.55bbdb26d: * Ignore CVE-8184 (SOC-11299) * Ignore latest ruby-related CVEs in the CI (SOC-11299) - Update to version 5.0+git.1589804984.44a89be24: * provisioner: Fix ssh key validation (SOC-11126) * assign host to hostless keys (noref) Changes in crowbar-openstack: - Update to version 5.0+git.1593085772.64c4ab43c: * monasca: Prevent deploying monasca-server to the node in pacemaker cluster (SOC-6354) - Update to version 5.0+git.1591171674.1f299cd1c: * Restore undeprecated nova dhcp_domain option (bsc#1171594) - Update to version 5.0+git.1591104265.683d76534: * [5.0] Fix availability zone script (bsc#1171661) - Update to version 5.0+git.1590398068.f5cfacc12: * nova: only create nonexistent cell1 - Update to version 5.0+git.1590150829.e86326d03: * [5.0] Tempest: enable test_volume_boot_pattern test (SOC-10874) - Update to version 5.0+git.1589814633.23fde86ab: * rabbitmq: sync startup definitions.json with recipe (SOC-11077,SOC-11274) - Update to version 5.0+git.1589647291.73c7f1cb6: * [5.0] trove: fix rabbitmq connection URL (SOC-11286) - Update to version 5.0+git.1589214669.8332efff3: * Fix monasca libvirt ping checks (bsc#1107190) - Update to version 5.0+git.1588271874.90adebc7a: * run keystone_register on cluster founder only when HA (SOC-11248) * nova: run keystone_register on cluster founder only (SOC-11243) - Update to version 5.0+git.1588059034.3823515b7: * tempest: retry openstack commands (SOC-11238) - Update to version 5.0+git.1587403360.c43cd9905: * tempest: disable block migration when using RBD (SOC-11176) - Update to version 5.0+git.1586293860.901cb0f55: * monasca: disable postgres backend monitoring by default (SOC-11190) - Update to version 5.0+git.1585659861.c29fac257: * magnum: Populate SSL configuration (SOC-9849) * magnum: Add SSL support (SOC-9849) * nova: Populate cinder SES settings early (SOC-11179) Changes in documentation-suse-openstack-cloud: - Update to version 8.20200527: * Update Travis config: new container name (noref) - Update to version 8.20200417: * Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137) - Update to version 8.20200326: * Clarify wipe_disks does not affect non-OS partitions (bsc#1092420) Changes in grafana: - Add CVE-2020-13379.patch * Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379) - Refresh systemd-notification.patch - Fix declaration for LICENSE - Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch * Security: Fix annotation popup XSS vulnerability (bsc#1170657) - Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#11483483) Changes in kibana: - Add 0001-Configurable-custom-response-headers-for-server.patch (bsc#1171909, CVE-2020-10743) Changes in openstack-dashboard: - Update to version horizon-12.0.5.dev3: * Fix typo in publicize\_image policy name Changes in openstack-dashboard-theme-HPE: - Switch github URL from git@ to https:// to bypass authentication Changes in openstack-heat-templates: - Update to version 0.0.0+git.1582270132.8a20477: * Drop use of git.openstack.org * Add sample templates for Blazar Changes in openstack-keystone: - Update to version keystone-12.0.4.dev11: * Fix security issues with EC2 credentials - Update to version keystone-12.0.4.dev10: * Check timestamp of signed EC2 token request * Ensure OAuth1 authorized roles are respected - Update to version keystone-12.0.4.dev6: * Remove neutron-grenade job Changes in openstack-keystone: - Update to version keystone-12.0.4.dev11: * Fix security issues with EC2 credentials - Update to version keystone-12.0.4.dev10: * Check timestamp of signed EC2 token request * Ensure OAuth1 authorized roles are respected - Update to version keystone-12.0.4.dev6: * Remove neutron-grenade job Changes in openstack-monasca-agent: - update to version 2.2.6~dev4 - Add debug output for libvirt ping checks - Lockdown /bin/ip permissions for the monasca-agent (bsc#1107190) - add addtional arguments to /bin/ip in sudoers - Fix missing sudo privleges (bsc#1107190) - add /bin/ip and /usr/bin/ovs-vsctl to monasca-agent sudoers - removed 0001-Avoid-overwriting-sys.path-ip-command.patch - update to version 2.2.6~dev3 - Do not copy /sbin/ip to /usr/bin/monasa-agent-ip - update to version 2.2.6~dev2 - Remove incorrect assignment of ping_cmd to 'True' - update to version 2.2.6~dev1 - Update hacking version to 1.1.x Changes in openstack-monasca-installer: - Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909, CVE-2020-10743) Changes in openstack-neutron: - Update to version neutron-11.0.9.dev65: * Revert iptables TCP checksum-fill code - Update to version neutron-11.0.9.dev64: * [Pike-only]: make grenade jobs non-voting Changes in openstack-neutron: - Update to version neutron-11.0.9.dev65: * Revert iptables TCP checksum-fill code - Update to version neutron-11.0.9.dev64: * [Pike-only]: make grenade jobs non-voting Changes in openstack-octavia-amphora-image: - Update image to 0.1.4 to include latest changes Changes in python-Django: - Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596) * Added patch CVE-2020-13254-1.8.19.patch * Added patch CVE-2020-13596-1.8.19.patch Changes in python-Flask: - Apply patch to resolve CVE-2019-1010083 (bsc#1141968) - 0001-detect-UTF-encodings-when-loading-json.patch Changes in python-GitPython: - Require git-core instead of git Changes in python-Pillow: - Remove decompression_bomb.gif and relevant test case to avoid ClamAV scan alerts during build - Add 001-Corrected-negative-seeks.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 002-Added-DecompressionBombError.patch * From upstream, backported * Adds DecompressionBombError class * Used by 003-Added-decompression-bomb-checks.patch - Add 003-Added-decompression-bomb-checks.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 004-Raise-error-if-dimension-is-a-string.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 005-Catch-buffer-overruns.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 006-Catch-PCX-P-mode-buffer-overrun.patch * From upstream, backported * Fixes CVE-2020-5312, bsc#1160152 - Add 007-Test-animated-FLI-file.patch * From upstream, backported * Adds test animated FLI file * Used by 008-Ensure-previous-FLI-frame-is-loaded.patch - Add 008-Ensure-previous-FLI-frame-is-loaded.patch * From upstream, backported * Fixes https://github.com/python-pillow/Pillow/issues/2649 * Uncovers CVE-2020-5313, bsc#1160153 - Add 009-Catch-FLI-buffer-overrun.patch * From upstream, backported * Fixes CVE-2020-5313, bsc#1160153 - Add 010-Invalid-number-of-bands-in-FPX-image.patch * From upstream, backported * Fixes CVE-2019-19911, bsc#1160192 Changes in python-amqp: - Add python-devel as build dependecy * Required when building against python 2.7.17 Changes in python-apicapi: - Add python-devel as build dependecy * Required when building against python 2.7.17 Changes in python-keystoneauth1: - switch to tracking stable/pike tarball - disable renderspec - update to version 3.1.2.dev2 - Make tests pass in 2020 - OpenDev Migration Patch - import zuul job settings from project-config into stable/pike - Remove tox_install.sh - import zuul job settings from project-config - Update UPPER_CONSTRAINTS_FILE for stable/pike into stable/pike - Update .gitreview for stable/pike into stable/pike - Updated from global requirements - Update UPPER_CONSTRAINTS_FILE for stable/pike - Update .gitreview for stable/pike Changes in python-oslo.messaging: - added 0001-Use-default-exchange-for-direct-messaging.patch (SOC-11082, SOC-11274, bsc#1159046) - Add 0001-Retry-to-declare-a-queue-after-internal-error.patch (bsc#1123872) After receiving 'AMQP internal error 541', retry to create the queue after a delay. Changes in python-psutil: - Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874)) Changes in python-pyroute2: - netns: fix NetNS resource leakage (#504) (bsc#1164322) Changes in python-pysaml2: - Add 0001-Always-generate-a-random-IV-for-AES-operations.patch (CVE-2017-1000246, bsc#1068612) - Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch (CVE-2020-5390, bsc#1160851) Changes in python-tooz: - update to version 1.58.1 - Update .gitreview for stable/pike - import zuul job settings from project-config - Add doc/requirements.txt - Fix sphinx-docs job for stable branch Changes in python-waitress: - update to 1.4.3 to include fixes for: * CVE-2019-16785 / bsc#1161088 * CVE-2019-16786 / bsc#1161089 * CVE-2019-16789 / bsc#1160790 * CVE-2019-16792 / bsc#1161670 - make sure UTF8 locale is used when runnning tests * Sometimes functional tests executed in python3 failed if stdout was not set to UTF-8. The error message was: ValueError: underlying buffer has been detached - %python3_only -> %python_alternative - update to 1.4.3 * Waitress did not properly validate that the HTTP headers it received were properly formed, thereby potentially allowing a front-end server to treat a request different from Waitress. This could lead to HTTP request smuggling/splitting. - drop patch local-intersphinx-inventories.patch * it was commented out, anyway - update to 1.4.0: - Waitress used to slam the door shut on HTTP pipelined requests without setting the ``Connection: close`` header as appropriate in the response. This is of course not very friendly. Waitress now explicitly sets the header when responding with an internally generated error such as 400 Bad Request or 500 Internal Server Error to notify the remote client that it will be closing the connection after the response is sent. - Waitress no longer allows any spaces to exist between the header field-name and the colon. While waitress did not strip the space and thereby was not vulnerable to any potential header field-name confusion, it should have sent back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273 - CRLR handling Security fixes - update to 1.3.1 * Waitress won’t accidentally throw away part of the path if it starts with a double slash - version update to 1.3.0 Deprecations ~~~~~~~~~~~~ - The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated pending removal in a future release. and https://github.com/Pylons/waitress/pull/246 Features ~~~~~~~~ - Add a new ``outbuf_high_watermark`` adjustment which is used to apply backpressure on the ``app_iter`` to avoid letting it spin faster than data can be written to the socket. This stabilizes responses that iterate quickly with a lot of data. See https://github.com/Pylons/waitress/pull/242 - Stop early and close the ``app_iter`` when attempting to write to a closed socket due to a client disconnect. This should notify a long-lived streaming response when a client hangs up. See https://github.com/Pylons/waitress/pull/238 and https://github.com/Pylons/waitress/pull/240 and https://github.com/Pylons/waitress/pull/241 - Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how much waitress will buffer internally before flushing to the kernel, whereas previously it used to also throttle how much data was sent to the kernel. This change enables a streaming ``app_iter`` containing small chunks to still be flushed efficiently. See https://github.com/Pylons/waitress/pull/246 Bugfixes ~~~~~~~~ - Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will no longer set the version to the string value 'None'. See https://github.com/Pylons/waitress/pull/252 and https://github.com/Pylons/waitress/issues/110 - When a client closes a socket unexpectedly there was potential for memory leaks in which data was written to the buffers after they were closed, causing them to reopen. See https://github.com/Pylons/waitress/pull/239 - Fix the queue depth warnings to only show when all threads are busy. See https://github.com/Pylons/waitress/pull/243 and https://github.com/Pylons/waitress/pull/247 - Trigger the ``app_iter`` to close as part of shutdown. This will only be noticeable for users of the internal server api. In more typical operations the server will die before benefiting from these changes. See https://github.com/Pylons/waitress/pull/245 - Fix a bug in which a streaming ``app_iter`` may never cleanup data that has already been sent. This would cause buffers in waitress to grow without bounds. These buffers now properly rotate and release their data. See https://github.com/Pylons/waitress/pull/242 - Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger an exception when passed to the ``wsgi.file_wrapper`` callback. See https://github.com/Pylons/waitress/pull/249 - Trim marketing wording and other platform mentions. - Add fetch-intersphinx-inventories.sh to sources - Add local-intersphinx-inventories.patch for generating the docs correctly - update to version 1.2.1: too many changes to list here, see: https://github.com/Pylons/waitress/blob/master/CHANGES.txt or even: https://github.com/Pylons/waitress/commits/master - Remove superfluous devel dependency for noarch package - update to version 1.1.0: * Features + Waitress now has a __main__ and thus may be called with 'python -mwaitress' * Bugfixes + Waitress no longer allows lowercase HTTP verbs. This change was made to fall in line with most HTTP servers. See https://github.com/Pylons/waitress/pull/170 + When receiving non-ascii bytes in the request URL, waitress will no longer abruptly close the connection, instead returning a 400 Bad Request. See https://github.com/Pylons/waitress/pull/162 and https://github.com/Pylons/waitress/issues/64 - Update to 1.0.2 * Python 3.6 is now officially supported in Waitress * Add a work-around for libc issue on Linux not following the documented standards. If getnameinfo() fails because of DNS not being available it should return the IP address instead of the reverse DNS entry, however instead getnameinfo() raises. We catch this, and ask getnameinfo() for the same information again, explicitly asking for IP address instead of reverse DNS hostname. - Implement single-spec version. - Fix source URL. - update to 1.0.1: - IPv6 support on Windows was broken due to missing constants in the socket module. This has been resolved by setting the constants on Windows if they are missing. See https://github.com/Pylons/waitress/issues/138 - A ValueError was raised on Windows when passing a string for the port, on Windows in Python 2 using service names instead of port numbers doesn't work with `getaddrinfo`. This has been resolved by attempting to convert the port number to an integer, if that fails a ValueError will be raised. See https://github.com/Pylons/waitress/issues/139 - Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on hosts where there is no internet connection but localhost is requested to be bound to. See https://github.com/Pylons/waitress/issues/131 for more information. - disable tests. need network access. Changes in storm: - update to 1.1.3: * 1.1.3: * [STORM-3026] - Upgrade ZK instance for security * [STORM-3027] - Make Impersonation Optional * [STORM-3011] - Use default bin path in flight.bash if $JAVA_HOME is undefined * [STORM-3039] - Ports of killed topologies remain in TIME_WAIT state preventing to start new topology * [STORM-2911] - SpoutConfig is serializable but does not declare a serialVersionUID field * [STORM-2978] - The fix for STORM-2706 is broken, and adds a transitive dependency on Zookeeper 3.5.3-beta for projects that depend on e.g. storm-kafka * [STORM-2979] - WorkerHooks EOFException during run_worker_shutdown_hooks * [STORM-2981] - Upgrade Curator to lastest patch version * [STORM-2985] - Add jackson-annotations to dependency management * [STORM-2989] - LogCleaner should preserve current worker.log.metrics * [STORM-2994] - KafkaSpout consumes messages but doesn't commit offsets * [STORM-3043] - NullPointerException thrown in SimpleRecordTranslator.apply() * [STORM-3052] - Let blobs un archive * [STORM-3059] - KafkaSpout throws NPE when hitting a null tuple if the processing guarantee is not AT_LEAST_ONCE * [STORM-2960] - Better to stress importance of setting up proper OS account for Storm processes * [STORM-3060] - Configuration mapping between storm-kafka & storm-kafka-client * [STORM-2952] - Deprecate storm-kafka in 1.x * [STORM-3005] - [DRPC] LinearDRPCTopologyBuilder shouldn't be deprecated * [STORM-2841] - testNoAcksIfFlushFails UT fails with NullPointerException * 1.1.2: * [STORM-2512] - Change KafkaSpoutConfig in storm-kafka-client to make it work with flux * [STORM-2616] - Document the built in metrics (just in time to replace them???) * [STORM-2657] - Update SECURITY.MD * [STORM-2663] - Backport STORM-2558 and deprecate storm.cmd on 1.x-branch * [STORM-2712] - accept arbitrary number of rows per tuple in storm-cassandra * [STORM-2775] - Improve KafkaPartition Metric Names * [STORM-2807] - Integration test should shut down topologies immediately after the test * [STORM-2862] - More flexible logging in multilang (Python, Ruby, JS) * [STORM-2877] - Introduce an option to configure pagination in Storm UI * [STORM-2917] - Check the config(nimbus.host) before using it to connect * [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack * [STORM-2426] - First tuples fail after worker is respawn * [STORM-2500] - waitUntilReady in PacemakerClient cannot be invoked * [STORM-2525] - Fix flaky integration tests * [STORM-2535] - test-reset-timeout is flaky. Replace with a more reliable test. * [STORM-2541] - Manual partition assignment doesn't work * [STORM-2607] - [kafka-client] Consumer group every time with lag 1 * [STORM-2642] - Storm-kafka-client spout cannot be serialized when using manual partition assignment * [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus' * [STORM-2666] - Storm-kafka-client spout can sometimes emit messages that were already committed. * [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes * [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time * [STORM-2682] - Supervisor crashes with NullPointerException * [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible * [STORM-2695] - BlobStore uncompress argument should be Boolean * [STORM-2705] - DRPCSpout sleeps twice when idle * [STORM-2706] - Nimbus stuck in exception and does not fail fast * [STORM-2724] - ExecutorService in WaterMarkEventGenerator never shutdown * [STORM-2736] - o.a.s.b.BlobStoreUtils [ERROR] Could not update the blob with key * [STORM-2750] - fix double_checked locking * [STORM-2751] - Remove AsyncLoggingContext from Supervisor * [STORM-2764] - HDFSBlobStore leaks file system objects * [STORM-2769] - Fast-fail if output stream Id is null * [STORM-2771] - Some tests are being run twice * [STORM-2779] - NPE on shutting down WindowedBoltExecutor * [STORM-2786] - Ackers leak tracking info on failure and lots of other cases. * [STORM-2810] - Storm-hdfs tests are leaking resources * [STORM-2811] - Nimbus may throw NPE if the same topology is killed multiple times, and the integration test kills the same topology multiple times * [STORM-2814] - Logviewer HTTP server should return 403 instead of 200 if the user is unauthorized * [STORM-2815] - UI HTTP server should return 403 if the user is unauthorized * [STORM-2833] - Cached Netty Connections can have different keys for the same thing. * [STORM-2853] - Deactivated topologies cause high cpu utilization * [STORM-2855] - Travis build doesn't work after update of Ubuntu image * [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image * [STORM-2868] - Address handling activate/deactivate in multilang module files * [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished * [STORM-2876] - Some storm-hdfs tests fail with out of memory periodically * [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm * [STORM-2892] - Flux test fails to parse valid PATH environment variable * [STORM-2894] - fix some random typos in tests * [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics * [STORM-2918] - Upgrade Netty version * [STORM-2942] - Remove javadoc and source jars from toollib directory in binary distribution * [STORM-2874] - Minor style improvements to backpressure code * [STORM-2858] - Fix worker-launcher build * 1.1.1: * STORM-2659: Add daemon.name variable to storm.cmd to fix log4j logging * STORM-2652: fix error in open method of JmsSpout * STORM-2645: Update storm.py to be python3 compatible * STORM-2621: add tuple_population metric * STORM-2639: Kafka Spout incorrectly computes numCommittedOffsets due to voids in the topic (topic compaction) * STORM-2544: Fixing issue in acking of tuples that hit retry limit under manual commit mode * STORM-2618: Add TridentKafkaStateUpdater for storm-kafka-client * STORM-2608: Remove any pending offsets that are no longer valid * STORM-2503: Fix lgtm.com alerts on equality and comparison operations * STORM-2478: Fix BlobStoreTest.testDeleteAfterFailedCreate on Windows * STORM-2602: storm.zookeeper.topology.auth.payload doesn't work even you set it * STORM-2597: Don't parse passed in class paths * STORM-2564: We should provide a template for storm-cluster-auth.yaml * STORM-2568: Fix getTopicsString * STORM-2563: Remove the workaround to handle missing UGI.loginUserFromSubject * STORM-2552: KafkaSpoutMessageId should be serializable * STORM-2562: Use stronger key size than default for blow fish key generator and get rid of stack trace * STORM-2557: A bug in DisruptorQueue causing severe underestimation of queue arrival rates * STORM-2449: Ensure same key appears only once in State iterator * STORM-2516: Fix timing issues with testPrepareLateTupleStreamWithoutBuilder * STORM-2489: Overlap and data loss on WindowedBolt based on Duration * STORM-2528: Bump log4j version to 2.8.2 * STORM-2527: Initialize java.sql.DriverManager earlier to avoid deadlock * STORM-2413: Make new Kafka spout respect tuple retry limits * STORM-2518: Handles empty name for 'USER type' ACL when normalizing ACLs * STORM-2511: Submitting a topology with name containing unicode getting failed * STORM-2496: Dependency artifacts should be uploaded to blobstore with READ permission for all * STORM-2505: Spout to support topic compaction * STORM-2498: Fix Download Full File link * STORM-2343: New Kafka spout can stop emitting tuples if more than maxUncommittedOffsets tuples fail at once. * STORM-2486: Prevent cd from printing target directory to avoid breaking classpath * STORM-2488: The UI user Must be HTTP. * STORM-2481: Upgrade Aether version to resolve Aether bug BUG-451566 * STORM-2435: Logging in storm.js inconsistent to console.log and does not support log levels * STORM-2315: New kafka spout can't commit offset when ack is disabled * STORM-2467: Use explicit charset when decoding from array backed buffer * STORM-1114: Race condition in trident zookeeper zk-node create/delete * STORM-2448: Add in Storm and JDK versions when submitting a topology * STORM-2343: Fix new Kafka spout stopping processing if more than maxUncommittedOffsets tuples fail at once * STORM-2431: the default blobstore.dir is storm.local.dir/blobs which is different from distcache-blobstore.md * STORM-2429: Properly validate supervisor.scheduler.meta * STORM-2451: windows storm.cmd does not set log4j2 config file correctly by default * STORM-2450: Write resources into correct local director * STORM-2440: Kill process if executor catches java.net.SocketTimeoutException * STORM-2432: Storm-Kafka-Client Trident Spout Seeks Incorrect Offset With UNCOMMITTED_LATEST Strategy * 1.1.0: * STORM-2425: Storm Hive Bolt not closing open transactions * STORM-2409: Storm-Kafka-Client KafkaSpout Support for Failed and NullTuples * STORM-2423: Join Bolt should use explicit instead of default window anchoring for emitted tuples * STORM-2416: Improve Release Packaging to Reduce File Size * STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs * STORM-2038: Disable symlinks with a config option * STORM-2240: STORM PMML Bolt - Add Support to Load Models from Blob Store * STORM-2412: Nimbus isLeader check while waiting for max replication * STORM-2408: build failed if storm.kafka.client.version = 0.10.2.0 * STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked * STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK * STORM-2353: Replace kafka-unit by kafka_2.11 and kafka-clients to test kafka-clients:0.10.1.1 * STORM-2387: Handle tick tuples properly for Bolts in external modules * STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map * STORM-2400: Upgraded Curator to 2.12.0 and made respective API changes * STORM-2396: setting interrupted status back before throwing a RuntimeException * STORM-1772: Adding Perf module with topologies for measuring performance * STORM-2395: storm.cmd supervisor calls the wrong class name * STORM-2391: Move HdfsSpoutTopology from storm-starter to storm-hdfs-examples * STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0 * STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs. * STORM-2388: JoinBolt breaks compilation against JDK 7 * STORM-2374: Storm Kafka Client Test Topologies Must be Serializable * STORM-2372: Pacemaker client doesn't clean up heartbeats properly * STORM-2326: Upgrade log4j and slf4j * STORM-2334: Join Bolt implementation * STORM-1363: TridentKafkaState should handle null values from TridentTupleToKafkaMapper.getMessageFromTuple() * STORM-2365: Support for specifying output stream in event hubs spout * STORM-2250: Kafka spout refactoring to increase modularity and testability * STORM-2340: fix AutoCommitMode issue in KafkaSpout * STORM-2344: Flux YAML File Viewer for Nimbus UI * STORM-2350: Storm-HDFS's listFilesByModificationTime is broken * STORM-2270 Kafka spout should consume from latest when ZK partition commit offset bigger than the latest offset * STORM-1464: storm-hdfs support for multiple output files and partitioning * STORM-2320: DRPC client printer class reusable for local and remote DRPC * STORM-2281: Running Multiple Kafka Spouts (Trident) Throws Illegal State Exception * STORM-2296: Kafka spout no dup on leader changes * STORM-2244: Some shaded jars doesn't exclude dependency signature files * STORM-2014: New Kafka spout duplicates checking if failed messages have reached max retries * STORM-1443: [Storm SQL] Support customizing parallelism in StormSQL * STORM-2148: [Storm SQL] Trident mode: back to code generate and compile Trident topology * STORM-2331: Emitting from JavaScript should work when not anchoring. * STORM-2225: change spout config to be simpler. * STORM-2323: Precondition for Leader Nimbus should check all topology blobs and also corresponding dependencies * STORM-2330: Fix storm sql code generation for UDAF with non standard sql types * STORM-2298: Don't kill Nimbus when ClusterMetricsConsumer is failed to initialize * STORM-2301: [storm-cassandra] upgrade cassandra driver to 3.1.2 * STORM-1446: Compile the Calcite logical plan to Storm Trident logical plan * STORM-2303: [storm-opentsdb] Fix list invariant issue for JDK 7 * STORM-2236: storm kafka client should support manual partition management * STORM-2295: KafkaSpoutStreamsNamedTopics should return output fields with predictable ordering * STORM-2300: [Flux] support list of references * STORM-2297: [storm-opentsdb] Support Flux for OpenTSDBBolt * STORM-2294: Send activate and deactivate command to ShellSpout * STORM-2280: Upgrade Calcite version to 1.11.0 * STORM-2278: Allow max number of disruptor queue flusher threads to be configurable * STORM-2277: Add shaded jar for Druid connector * STORM-2274: Support named output streams in Hdfs Spout * STORM-2204: Adding caching capabilities in HBaseLookupBolt * STORM-2267: Use user's local maven repo. directory to local repo. * STORM-2254: Provide Socket time out for nimbus thrift client * STORM-2200: [Storm SQL] Drop Aggregate & Join support on Trident mode * STORM-2266: Close NimbusClient instances appropriately * STORM-2203: Add a getAll method to KeyValueState interface * STORM-1886: Extend KeyValueState iface with delete * STORM-2022: update Fields test to match new behavior * STORM-2020: Stop using sun internal classes * STORM-1228: port fields_test to java * STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight * STORM-2257: Add built in support for sum function with different types. * STORM-2082: add sql external module storm-sql-hdfs * STORM-2256: storm-pmml breaks on java 1.7 * STORM-2223: PMML Bolt. * STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails * STORM-2190: reduce contention between submission and scheduling * STORM-2239: Handle InterruptException in new Kafka spout * STORM-2087: Storm-kafka-client: Failed tuples are not always replayed * STORM-2238: Add Timestamp extractor for windowed bolt * STORM-2235: Introduce new option: 'add remote repositories' for dependency resolver * STORM-2215: validate blobs are present before submitting * STORM-2170: [Storm SQL] Add built-in socket datasource to runtime * STORM-2226: Fix kafka spout offset lag ui for kerberized kafka * STORM-2224: Exposed a method to override in computing the field from given tuple in FieldSelector * STORM-2220: Added config support for each bolt in Cassandra bolts, fixed the bolts to be used also as sinks. * STORM-2205: Racecondition in getting nimbus summaries while ZK connectionions are reconnected * STORM-2182: Refactor Storm Kafka Examples Into Own Modules. * STORM-1694: Kafka Spout Trident Implementation Using New Kafka Consumer API * STORM-2173: [SQL] Support CSV as input / output format * STORM-2177: [SQL] Support TSV as input / output format * STORM-2172: [SQL] Support Avro as input / output format * STORM-2185: Storm Supervisor doesn't delete directories properly sometimes * STORM-2103: [SQL] Introduce new sql external module: storm-sql-mongodb * STORM-2175: fix double close of workers * STORM-2109: Under supervisor V2 SUPERVISOR_MEMORY_CAPACITY_MB and SUPERVISOR_CPU_CAPACITY must be Doubles * STORM-2110: in supervisor v2 filter out empty command line args * STORM-2117: Supervisor V2 with local mode extracts resources directory to topology root directory instead of temporary directory * STORM-2131: Add blob command to worker-launcher, make stormdist directory not writeable by topo owner * STORM-2018: Supervisor V2 * STORM-2139: Let ShellBolts and ShellSpouts run with scripts from blobs * STORM-2072: Add map, flatMap with different outputs (T->V) in Trident * STORM-2134: improving the current scheduling strategy for RAS * STORM-2125: Use Calcite's implementation of Rex Compiler * STORM-1546: Adding Read and Write Aggregations for Pacemaker to make it HA compatible * STORM-1444: Support EXPLAIN statement in StormSQL * STORM-2099: Introduce new sql external module: storm-sql-redis * STORM-2097: Improve logging in trident core and examples * STORM-2144: Fix Storm-sql group-by behavior in standalone mode * STORM-2066: make error message in IsolatedPool.java more descriptive * STORM-1870: Allow FluxShellBolt/Spout set custom 'componentConfig' via yaml * STORM-2126: fix NPE due to race condition in compute-new-sched-assign… * STORM-2124: show requested cpu mem for each component * STORM-2089: Replace Consumer of ISqlTridentDataSource with SqlTridentConsumer * STORM-2118: A few fixes for storm-sql standalone mode * STORM-2105: Cluster/Supervisor total and available resources displayed in the UI * STORM-2078: enable paging in worker datatable * STORM-1664: Allow Java users to start a local cluster with a Nimbus Thrift server. * STORM-1872: Release Jedis connection when topology shutdown * STORM-2100: Fix Trident SQL join tests to not rely on ordering * STORM-1837: Fix complete-topology and prevent message loss * STORM-2098: DruidBeamBolt: Pass DruidConfig.Builder as constructor argument * STORM-2092: optimize TridentKafkaState batch sending * STORM-1979: Storm Druid Connector implementation. * STORM-2057: Support JOIN statement in Storm SQL * STORM-1970: external project examples refator * STORM-2074: fix storm-kafka-monitor NPE bug * STORM-1459: Allow not specifying producer properties in read-only Kafka table in StormSQL * STORM-2052: Kafka Spout New Client API - Log Improvements and Parameter Tuning for Better Performance. * STORM-2050: [storm-sql] Support User Defined Aggregate Function for Trident mode * STORM-1434: Support the GROUP BY clause in StormSQL * STORM-2016: Topology submission improvement: support adding local jars and maven artifacts on submission * STORM-1994: Add table with per-topology & worker resource usage and components in (new) supervisor and topology pages * STORM-2042: Nimbus client connections not closed properly causing connection leaks * STORM-1766: A better algorithm server rack selection for RAS * STORM-1913: Additions and Improvements for Trident RAS API * STORM-2037: debug operation should be whitelisted in SimpleAclAuthorizer. * STORM-2023: Add calcite-core to dependency of storm-sql-runtime * STORM-2036: Fix minor bug in RAS Tests * STORM-1979: Storm Druid Connector implementation. * STORM-1839: Storm spout implementation for Amazon Kinesis Streams. * STORM-1876: Option to build storm-kafka and storm-kafka-client with different kafka client version * STORM-2000: Package storm-opentsdb as part of external dir in installation * STORM-1989: X-Frame-Options support for Storm UI * STORM-1962: support python 3 and 2 in multilang * STORM-1964: Unexpected behavior when using count window together with timestamp extraction * STORM-1890: ensure we refetch static resources after package build * STORM-1988: Kafka Offset not showing due to bad classpath. * STORM-1966: Expand metric having Map type as value into multiple metrics based on entries * STORM-1737: storm-kafka-client has compilation errors with Apache Kafka 0.10 * STORM-1968: Storm logviewer does not work for nimbus.log in secure cluster * STORM-1910: One topology cannot use hdfs spout to read from two locations * STORM-1960: Add CORS support to STORM UI Rest api * STORM-1959: Add missing license header to KafkaPartitionOffsetLag * STORM-1950: Change response json of 'Topology Lag' REST API to keyed by spoutId, topic, partition. * STORM-1833: Simple equi-join in storm-sql standalone mode * STORM-1866: Update Resource Aware Scheduler Documentation * STORM-1930: Kafka New Client API - Support for Topic Wildcards * STORM-1924: Adding conf options for Persistent Word Count Topology * STORM-1956: Disabling Backpressure by default * STORM-1934: Fix race condition between sync-supervisor and sync-processes * STORM-1919: Introduce FilterBolt on storm-redis * STORM-1945: Fix NPE bugs on topology spout lag for storm-kafka-monitor * STORM-1888: add description for shell command * STORM-1902: add a simple & flexible FileNameFormat for storm-hdfs * STORM-1914: Storm Kafka Field Topic Selector * STORM-1907: PartitionedTridentSpoutExecutor has incompatible types that cause ClassCastException * STORM-1925: Remove Nimbus thrift call from Nimbus itself * STORM-1909: Update HDFS spout documentation * STORM-1136: Command line module to return kafka spout offsets lag and display in storm ui * STORM-1911: IClusterMetricsConsumer should use seconds to timestamp unit * STORM-1893: Support OpenTSDB for storing timeseries data. * STORM-1723: Introduce ClusterMetricsConsumer * STORM-1700: Introduce 'whitelist' / 'blacklist' option to MetricsConsumer * STORM-1698: Asynchronous MetricsConsumerBolt * STORM-1705: Cap number of retries for a failed message * STORM-1884: Prioritize pendingPrepare over pendingCommit * STORM-1575: fix TwitterSampleSpout NPE on close * STORM-1874: Update logger private permissions * STORM-1865: update command line client document * STORM-1771: HiveState should flushAndClose before closing old or idle Hive connections * STORM-1882: Expose TextFileReader public * STORM-1873: Implement alternative behaviour for late tuples * STORM-1719: Introduce REST API: Topology metric stats for stream * STORM-1887: Fixed help message for set_log_level command * STORM-1878: Flux can now handle IStatefulBolts * STORM-1864: StormSubmitter should throw respective exceptions and log respective errors forregistered submitter hook invocation * STORM-1868: Modify TridentKafkaWordCount to run in distributed mode * STORM-1859: Ack late tuples in windowed mode * STORM-1851: Fix default nimbus impersonation authorizer config * STORM-1848: Make KafkaMessageId and Partition serializable to support * STORM-1862: Flux ShellSpout and ShellBolt can't emit to named streams * Storm-1728: TransactionalTridentKafkaSpout error * STORM-1850: State Checkpointing Documentation update * STORM-1674: Idle KafkaSpout consumes more bandwidth than needed * STORM-1842: Forward references in storm.thrift cause tooling issues * STORM-1730: LocalCluster#shutdown() does not terminate all storm threads/thread pools. * STORM-1709: Added group by support in storm sql standalone mode * STORM-1720: Support GEO in storm-redis * 1.0.6: * [STORM-2877] - Introduce an option to configure pagination in Storm UI * [STORM-2917] - Check the config(nimbus.host) before using it to connect * [STORM-2451] - windows storm.cmd does not set log4j2 config file correctly by default * [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible * [STORM-2751] - Remove AsyncLoggingContext from Supervisor * [STORM-2764] - HDFSBlobStore leaks file system objects * [STORM-2771] - Some tests are being run twice * [STORM-2786] - Ackers leak tracking info on failure and lots of other cases. * [STORM-2853] - Deactivated topologies cause high cpu utilization * [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image * [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished * [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm * [STORM-2892] - Flux test fails to parse valid PATH environment variable * [STORM-2894] - fix some random typos in tests * [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics * [STORM-2918] - Upgrade Netty version * [STORM-2874] - Minor style improvements to backpressure code * [STORM-2937] - Overwrite storm-kafka-client 1.x-branch into 1.0.x-branch * [STORM-2858] - Fix worker-launcher build - Use %license macro * 1.0.5: * [STORM-2657] - Update SECURITY.MD * [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack * [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus' * [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes * [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time * [STORM-2682] - Supervisor crashes with NullPointerException * [STORM-2695] - BlobStore uncompress argument should be Boolean * [STORM-2705] - DRPCSpout sleeps twice when idle * 1.0.4: * STORM-2627: Update docs for storm.zookeeper.topology.auth.scheme * STORM-2597: Don't parse passed in class paths * STORM-2524: Set Kafka client.id with storm-kafka * STORM-2448: Add in Storm and JDK versions when submitting a topology * STORM-2511: Submitting a topology with name containing unicode getting failed * STORM-2498: Fix Download Full File link * STORM-2486: Prevent cd from printing target directory to avoid breaking classpath * STORM-1114: Race condition in trident zookeeper zk-node create/delete * STORM-2429: Properly validate supervisor.scheduler.meta * STORM-2194: Stop ignoring socket timeout error from executor * STORM-2450: Write resources into correct local director * STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs * STORM-2038: Disable symlinks with a config option * STORM-2038: No symlinks for local cluster * STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked * STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK * STORM-2296: Kafka spout - no duplicates on leader changes * STORM-2387: Handle tick tuples properly for Bolts in external modules * STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map * STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight * STORM-2396: setting interrupted status back before throwing a RuntimeException * STORM-2395: storm.cmd supervisor calls the wrong class name * STORM-2385: pacemaker_state_factory.clj does not compile on branch-1.0.x * STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0 * STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs * STORM-2360: Storm-Hive: Thrift version mismatch with storm-core * STORM-2372: Pacemaker client doesn't clean up heartbeats properly * STORM-2326: Upgrade log4j and slf4j * STORM-2350: Storm-HDFS's listFilesByModificationTime is broken * 1.0.3: * STORM-2197: NimbusClient connectins leak due to leakage in ThriftClient * STORM-2321: Handle blobstore zk key deletion in KeySequenceNumber. * STORM-2324: Fix deployment failure if resources directory is missing in topology jar * STORM-2335: Fix broken Topology visualization with empty ':transferred' in executor stats * STORM-2336: Close Localizer and AsyncLocalizer when supervisor is shutting down * STORM-2338: Subprocess exception handling is broken in storm.py on Windows environment * STORM-2337: Broken documentation generation for storm-metrics-profiling-internal-actions.md and windows-users-guide.md * STORM-2325: Logviewer doesn't consider 'storm.local.hostname' * STORM-1742: More accurate 'complete latency' * STORM-2176: Workers do not shutdown cleanly and worker hooks don't run when a topology is killed * STORM-2293: hostname should only refer node's 'storm.local.hostname' * STORM-2246: Logviewer download link has urlencoding on part of the URL * STORM-1906: Window count/length of zero should be disallowed * STORM-1841: Address a few minor issues in windowing and doc * STORM-2268: Fix integration test for Travis CI build * STORM-2283: Fix DefaultStateHandler kryo multithreading issues * STORM-2264: OpaqueTridentKafkaSpout failing after STORM-2216 * STORM-2276: Remove twitter4j usages due to license issue (JSON.org is catalog X) * STORM-2095: remove any remaining files when deleting blobstore directory * STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails * STORM-2251: Integration test refers specific version of Storm which should be project version * STORM-2234: heartBeatExecutorService in shellSpout don't work well with deactivate * STORM-2216: Favor JSONValue.parseWithException * STORM-2208: HDFS State Throws FileNotFoundException in Azure Data Lake Store file system (adl://) * STORM-2213: ShellSpout has race condition when ShellSpout is being inactive longer than heartbeat timeout * STORM-2210: remove array shuffle from ShuffleGrouping * STORM-2052: Kafka Spout - New Client API - Performance Improvements * storm-2205: Racecondition in getting nimbus summaries while ZK connections are reconnected * STORM-2198: perform RotationAction when stopping HdfsBolt * STORM-2196: A typo in RAS_Node::consumeCPU * STORM-2189: RAS_Node::freeCPU outputs incorrect info * STORM-2184: Don't wakeup KafkaConsumer on shutdown * STORM-2185: Storm Supervisor doesn't delete directories properly sometimes * STORM-2175: fix double close of workers * STORM-2018: Supervisor V2 * STORM-2145: Leave leader nimbus's hostname to log when trying to connect leader nimbus * STORM-2127: Storm-eventhubs should use latest amqp and eventhubs-client versions * STORM-2040: Fix bug on assert-can-serialize * STORM-2017: ShellBolt stops reporting task ids * STORM-2119: bug in log message printing to stdout * STORM-2120: Emit to _spoutConfig.outputStreamId * STORM-2101: fixes npe in compute-executors in nimbus * STORM-2090: Add integration test for storm windowing * STORM-2003: Make sure config contains TOPIC before get it * STORM-1567: in defaults.yaml 'topology.disable.loadaware' should be 'topology.disable.loadaware.messaging' * STORM-1987: Fix TridentKafkaWordCount arg handling in distributed mode. * STORM-1969: Modify HiveTopology to show usage of non-partition table. * STORM-1849: HDFSFileTopology should use the 3rd argument as topologyName * STORM-2086: use DefaultTopicSelector instead of creating a new one * STORM-2079: Unneccessary readStormConfig operation * STORM-2081: create external directory for storm-sql various data sources and move storm-sql-kafka to it * STORM-2070: Fix sigar native binary download link * STORM-2056: Bugs in logviewer * STORM-1646: Fix ExponentialBackoffMsgRetryManager test * STORM-2039: Backpressure refactoring in worker and executor * STORM-2064: Add storm name and function, access result and function to log-thrift-access * STORM-2063: Add thread name in worker logs * STORM-2042: Nimbus client connections not closed properly causing connection leaks * STORM-2032: removes warning in case more than one metrics tuple is received * STORM-1594: org.apache.storm.tuple.Fields can throw NPE if given invalid field in selector * STORM-1995: downloadChunk in nimbus.clj should close the input stream Changes in rubygem-activeresource: - Add bsc#1171560-CVE-2020-8151-encode-id-param.patch Prevent possible information disclosure issue that could allow an attacker to create specially crafted requests to access data in an unexpected way (bsc#1171560 CVE-2020-8151))_ Changes in rubygem-crowbar-client: - Update to 3.9.2 - Enable SES commands in Cloud8 (SOC-11122) Changes in rubygem-json-1_7: - Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244) Changes in rubygem-puma: - Fix indentation in gem2rpm.yml_ - Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077) - Add chunked-request-handling.patch (needed for CVE-2020-11076.patch) - Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076) - Add all patches to gem2rpm.yml Family: unix Class: patch Status: Reference(s): 1027519 1052825 1055047 1061075 1063123 1068032 1068187 1068191 1068612 1086001 1088004 1088009 1092420 1094327 1098369 1102062 1102068 1102073 1106061 1107190 1108719 1109663 1109961 1113160 1122208 1123156 1123161 1123872 1125674 1126503 1127034 1128977 1130972 1133860 1134195 1134399 1135335 1135365 1137584 1138822 1139358 1139826 1140652 1140903 1140945 1141181 1141401 1141402 1141452 1141453 1141454 1141661 1141968 1142023 1142038 1142254 1142857 1143045 1143048 1143189 1143191 1143333 1143913 1144257 1144273 1144288 1144920 1145920 1145922 1146873 1148177 11483483 1148383 1149811 1153090 1153191 1153277 1154940 1154968 1155372 1156525 1159046 1159856 1159858 1159860 1160024 1160152 1160153 1160192 1160250 1160251 1160790 1160851 1160937 1161066 1161088 1161089 1161670 1163018 1163871 1164322 1165921 1166240 1167244 1168310 1168593 1169770 1170231 1170557 1170657 1170940 1171273 1171560 1171594 1171661 1171687 1171909 1172166 1172167 1172175 1172176 1172409 1172462 1173998 1174157 1175259 1178512 1178682 CVE-2017-1000246 CVE-2017-15289 CVE-2017-15597 CVE-2017-5715 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061 CVE-2018-11763 CVE-2018-14598 CVE-2018-14599 CVE-2018-14600 CVE-2018-20855 CVE-2018-20856 CVE-2018-3760 CVE-2019-1010083 CVE-2019-10207 CVE-2019-10215 CVE-2019-1125 CVE-2019-11810 CVE-2019-12068 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-15043 CVE-2019-15043 CVE-2019-15117 CVE-2019-15118 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-15890 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-16865 CVE-2019-17639 CVE-2019-18874 CVE-2019-19911 CVE-2019-3819 CVE-2019-3828 CVE-2019-6446 CVE-2019-6778 CVE-2020-10663 CVE-2020-10743 CVE-2020-11076 CVE-2020-11077 CVE-2020-12052 CVE-2020-12245 CVE-2020-13254 CVE-2020-13379 CVE-2020-13379 CVE-2020-13596 CVE-2020-13753 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-1711 CVE-2020-1983 CVE-2020-25708 CVE-2020-28196 CVE-2020-5312 CVE-2020-5313 CVE-2020-5390 CVE-2020-7039 CVE-2020-8151 CVE-2020-8608 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 SUSE-SU-2017:3115-1 SUSE-SU-2018:0007-1 SUSE-SU-2018:2176-1 SUSE-SU-2019:0419-1 SUSE-SU-2019:2263-1 SUSE-SU-2020:0159-1 SUSE-SU-2020:1538-1 SUSE-SU-2020:1901-1 SUSE-SU-2020:2069-1 SUSE-SU-2020:2461-1 SUSE-SU-2020:3379-1 SUSE-SU-2020:3550-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information fuse-2.9.7-lp150.2.3 is installed OR fuse-devel-2.9.7-lp150.2.3 is installed OR fuse-devel-static-2.9.7-lp150.2.3 is installed OR fuse-doc-2.9.7-lp150.2.3 is installed OR libfuse2-2.9.7-lp150.2.3 is installed OR libfuse2-32bit-2.9.7-lp150.2.3 is installed OR libulockmgr1-2.9.7-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3 is installed OR libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3 is installed OR subversion-1.10.6-lp151.4.3 is installed OR subversion-bash-completion-1.10.6-lp151.4.3 is installed OR subversion-devel-1.10.6-lp151.4.3 is installed OR subversion-perl-1.10.6-lp151.4.3 is installed OR subversion-python-1.10.6-lp151.4.3 is installed OR subversion-python-ctypes-1.10.6-lp151.4.3 is installed OR subversion-ruby-1.10.6-lp151.4.3 is installed OR subversion-server-1.10.6-lp151.4.3 is installed OR subversion-tools-1.10.6-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information xen-4.9.1_02-3.21 is installed OR xen-doc-html-4.9.1_02-3.21 is installed OR xen-libs-4.9.1_02-3.21 is installed OR xen-libs-32bit-4.9.1_02-3.21 is installed OR xen-tools-4.9.1_02-3.21 is installed OR xen-tools-domU-4.9.1_02-3.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information qemu-2.9.1-6.44 is installed OR qemu-block-curl-2.9.1-6.44 is installed OR qemu-block-iscsi-2.9.1-6.44 is installed OR qemu-block-rbd-2.9.1-6.44 is installed OR qemu-block-ssh-2.9.1-6.44 is installed OR qemu-guest-agent-2.9.1-6.44 is installed OR qemu-ipxe-1.0.0+-6.44 is installed OR qemu-kvm-2.9.1-6.44 is installed OR qemu-lang-2.9.1-6.44 is installed OR qemu-seabios-1.10.2-6.44 is installed OR qemu-sgabios-8-6.44 is installed OR qemu-tools-2.9.1-6.44 is installed OR qemu-vgabios-1.10.2-6.44 is installed OR qemu-x86-2.9.1-6.44 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed OR libwebkit2gtk3-lang-2.28.3-2.56 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed OR webkit2gtk3-2.28.3-2.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libX11-1.6.2-12.5 is installed OR libX11-6-1.6.2-12.5 is installed OR libX11-6-32bit-1.6.2-12.5 is installed OR libX11-data-1.6.2-12.5 is installed OR libX11-xcb1-1.6.2-12.5 is installed OR libX11-xcb1-32bit-1.6.2-12.5 is installed OR libxcb-1.10-4.3 is installed OR libxcb-dri2-0-1.10-4.3 is installed OR libxcb-dri2-0-32bit-1.10-4.3 is installed OR libxcb-dri3-0-1.10-4.3 is installed OR libxcb-dri3-0-32bit-1.10-4.3 is installed OR libxcb-glx0-1.10-4.3 is installed OR libxcb-glx0-32bit-1.10-4.3 is installed OR libxcb-present0-1.10-4.3 is installed OR libxcb-present0-32bit-1.10-4.3 is installed OR libxcb-randr0-1.10-4.3 is installed OR libxcb-render0-1.10-4.3 is installed OR libxcb-render0-32bit-1.10-4.3 is installed OR libxcb-shape0-1.10-4.3 is installed OR libxcb-shm0-1.10-4.3 is installed OR libxcb-shm0-32bit-1.10-4.3 is installed OR libxcb-sync1-1.10-4.3 is installed OR libxcb-sync1-32bit-1.10-4.3 is installed OR libxcb-xf86dri0-1.10-4.3 is installed OR libxcb-xfixes0-1.10-4.3 is installed OR libxcb-xfixes0-32bit-1.10-4.3 is installed OR libxcb-xinerama0-1.10-4.3 is installed OR libxcb-xkb1-1.10-4.3 is installed OR libxcb-xkb1-32bit-1.10-4.3 is installed OR libxcb-xv0-1.10-4.3 is installed OR libxcb1-1.10-4.3 is installed OR libxcb1-32bit-1.10-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information xorg-x11-server-1.19.6-4.8 is installed OR xorg-x11-server-extra-1.19.6-4.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ansible-2.4.6.0-3.9 is installed OR ansible1-1.9.6-7.3 is installed OR ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73 is installed OR ardana-cluster-8.0+git.1585685203.3e71e49-3.36 is installed OR ardana-freezer-8.0+git.1586539529.b7d295f-3.21 is installed OR ardana-input-model-8.0+git.1589740934.0e0ad61-3.39 is installed OR ardana-logging-8.0+git.1591194866.b7375d0-3.24 is installed OR ardana-mq-8.0+git.1589715269.62ad6df-3.22 is installed OR ardana-neutron-8.0+git.1590756744.ba84abc-3.42 is installed OR ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29 is installed OR ardana-osconfig-8.0+git.1587034587.eac37b8-3.45 is installed OR caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18 is installed OR documentation-suse-openstack-cloud-installation-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-operations-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-planning-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-security-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-supplement-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26 is installed OR documentation-suse-openstack-cloud-user-8.20200527-1.26 is installed OR grafana-4.6.5-4.9 is installed OR kibana-4.6.3-3.3 is installed OR openstack-dashboard-12.0.5~dev3-3.26 is installed OR openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15 is installed OR openstack-keystone-12.0.4~dev11-5.33 is installed OR openstack-keystone-doc-12.0.4~dev11-5.33 is installed OR openstack-monasca-agent-2.2.6~dev4-3.18 is installed OR openstack-monasca-installer-20190923_16.32-3.12 is installed OR openstack-neutron-11.0.9~dev65-3.33 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-doc-11.0.9~dev65-3.33 is installed OR openstack-neutron-ha-tool-11.0.9~dev65-3.33 is installed OR openstack-neutron-l3-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-metadata-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-metering-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33 is installed OR openstack-neutron-server-11.0.9~dev65-3.33 is installed OR openstack-octavia-amphora-image-0.1.4-3.12 is installed OR openstack-octavia-amphora-image-x86_64-0.1.4-3.12 is installed OR python-Django-1.11.23-3.15 is installed OR python-Flask-0.12.1-3.3 is installed OR python-GitPython-2.1.8-3.3 is installed OR python-Pillow-4.2.1-3.5 is installed OR python-amqp-2.4.2-3.12 is installed OR python-apicapi-1.6.0-3.6 is installed OR python-horizon-12.0.5~dev3-3.26 is installed OR python-keystone-12.0.4~dev11-5.33 is installed OR python-keystoneauth1-3.1.2~dev2-3.3 is installed OR python-monasca-agent-2.2.6~dev4-3.18 is installed OR python-neutron-11.0.9~dev65-3.33 is installed OR python-oslo.messaging-5.30.8-3.11 is installed OR python-psutil-5.2.2-3.3 is installed OR python-pyroute2-0.4.21-3.3 is installed OR python-pysaml2-4.0.2-5.6 is installed OR python-tooz-1.58.1-3.3 is installed OR python-waitress-1.4.3-3.3 is installed OR storm-1.1.3-3.3 is installed OR storm-nimbus-1.1.3-3.3 is installed OR storm-supervisor-1.1.3-3.3 is installed OR venv-openstack-aodh-5.1.1~dev7-12.26 is installed OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.26 is installed OR venv-openstack-barbican-5.0.2~dev3-12.27 is installed OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.27 is installed OR venv-openstack-ceilometer-9.0.8~dev7-12.24 is installed OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24 is installed OR venv-openstack-cinder-11.2.3~dev23-14.27 is installed OR venv-openstack-cinder-x86_64-11.2.3~dev23-14.27 is installed OR venv-openstack-designate-5.0.3~dev7-12.25 is installed OR venv-openstack-designate-x86_64-5.0.3~dev7-12.25 is installed OR venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.22 is installed OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22 is installed OR venv-openstack-glance-15.0.3~dev3-12.25 is installed OR venv-openstack-glance-x86_64-15.0.3~dev3-12.25 is installed OR venv-openstack-heat-9.0.8~dev22-12.27 is installed OR venv-openstack-heat-x86_64-9.0.8~dev22-12.27 is installed OR venv-openstack-horizon-12.0.5~dev3-14.30 is installed OR venv-openstack-horizon-x86_64-12.0.5~dev3-14.30 is installed OR venv-openstack-ironic-9.1.8~dev8-12.27 is installed OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.27 is installed OR venv-openstack-keystone-12.0.4~dev11-11.28 is installed OR venv-openstack-keystone-x86_64-12.0.4~dev11-11.28 is installed OR venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.26 is installed OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26 is installed OR venv-openstack-manila-5.1.1~dev5-12.31 is installed OR venv-openstack-manila-x86_64-5.1.1~dev5-12.31 is installed OR venv-openstack-monasca-2.2.2~dev1-11.22 is installed OR venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.22 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22 is installed OR venv-openstack-monasca-x86_64-2.2.2~dev1-11.22 is installed OR venv-openstack-murano-4.0.2~dev2-12.22 is installed OR venv-openstack-murano-x86_64-4.0.2~dev2-12.22 is installed OR venv-openstack-neutron-11.0.9~dev65-13.30 is installed OR venv-openstack-neutron-x86_64-11.0.9~dev65-13.30 is installed OR venv-openstack-nova-16.1.9~dev61-11.28 is installed OR venv-openstack-nova-x86_64-16.1.9~dev61-11.28 is installed OR venv-openstack-octavia-1.0.6~dev3-12.27 is installed OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.27 is installed OR venv-openstack-sahara-7.0.5~dev4-11.26 is installed OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.26 is installed OR venv-openstack-swift-2.15.2_2.15.2_2.15.2~dev32-11.18 is installed OR venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18 is installed OR venv-openstack-trove-8.0.2~dev2-11.26 is installed OR venv-openstack-trove-x86_64-8.0.2~dev2-11.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed OR rubygem-sprockets-2_12-2.12.5-1.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed
BACK