Commit Graph

627 Commits

Author SHA1 Message Date
chriscochrane
7cde5523dc
Dependency updates for security issues 2024-07-09 16:13:53 +01:00
Chris Cochrane
503d887fd1
Upgrade for security vulns 2024-04-11 14:01:57 +01:00
Chris Cochrane
07a2d98d0b
Security vulnerabilities 2024-01-12 11:51:12 +00:00
Ronan Browne
18d98760b1
Merge branch 'release/os/4.9' into merge-release/os/4.8-release/os/4.9-2023-11-19-6 2023-11-19 19:56:09 +00:00
Adel El-Beik
548242e3cd
Merge branch 'release/os/4.8' into merge-release/os/4.7-release/os/4.8-2023-11-17-6 2023-11-18 18:10:07 +00:00
Connel McGovern
5b846406c8
ES-1331: Enable Gradle Enterprise build scans & remote caching (#7574)
* ES-1131: Enable Gradle Enterprise build scans & remote caching
2023-11-17 17:41:45 +00:00
Chris Cochrane
6735e4bf36
ENT-10806 - Bumped jetty version (#7504) 2023-09-27 11:43:14 +01:00
Ronan Browne
a104923cd6
ENT-10606: fix shell artifact resolution (#7458) 2023-08-24 16:44:35 +01:00
Ronan Browne
befae353ac ES-853: Merging forward updates from 4.8 to 4.9 (2023-07-13) 2023-07-13 15:25:55 +01:00
Ronan Browne
6bcc843f19 ES-853: Merging forward updates from 4.7 to 4.8 (2023-07-13) 2023-07-13 07:07:17 +01:00
Ronan Browne
010a9a6c08 ES-853: Merging forward updates from 4.6 to 4.7 (2023-07-12) 2023-07-12 20:02:32 +01:00
Ronan Browne
b410cd2a5d
ES-853: update Artifactory refrences to new public location (#7416)
* ES-853: update artifactory references to new public location
2023-07-12 17:36:57 +01:00
Chris Cochrane
e100bee4f1
ENT-10076,ENT-10080 - Security Vulnerabilities (#7405)
* Updated dependencies

* Address compiler checks
2023-06-28 13:20:58 +01:00
Chris Cochrane
d02f6ff68c
ENT-10048,ENT-10050 - Security vulnerabilities (#7397)
* Updated netty and tcnative
2023-06-27 13:29:28 +01:00
Chris Cochrane
89b2deebe3
Upgraded tcnative, for nett (previous commit) 2023-06-15 16:56:42 +01:00
Chris Cochrane
40f928da50
Upgrade netty 2023-06-15 14:35:49 +01:00
Chris Cochrane
c61ea7de81
Fixed bracketing issue after merge 2023-04-27 02:44:30 +01:00
Chris Cochrane
34d4a5f667
Fwd-merge from OS 4.8 2023-04-26 22:54:20 +01:00
Chris Cochrane
e12ab8194f
Merge branch 'release/os/4.7' into cc/merge/os-4.7-os-4.8/25-apr-2023
Fwd-merge from OS 4.7.
2023-04-25 14:54:21 +01:00
Chris Cochrane
91c38fa84b
Merge branch 'release/os/4.6' into cc/merge/os-4.6-os-4.7/24-apr-2023
Fwd-merge from OS 4.6.
2023-04-24 20:13:50 +01:00
Chris Cochrane
fc758ab766
Update build.gradle
Co-authored-by: Viktor Kolomeyko <viktor.kolomeyko@r3.com>
2023-04-20 17:14:23 +01:00
Chris Cochrane
c58c49d27a
Upgrade corda/crash, snakeyaml 2023-04-20 14:01:20 +01:00
Chris Cochrane
641a47bf32
Upgraded shiro to address security issues 2023-04-20 07:37:00 +01:00
Chris Cochrane
c263ba7563
Updated to fix Jackson tests 2023-04-19 13:06:35 +01:00
Chris Cochrane
dfbfda5520
Upgrade corda/crash 2023-04-18 19:30:22 +01:00
Chris Cochrane
95c4a18352
ENT-6336,ENT-6960 - upgrade snakeyaml to address security vulnerabilities 2023-04-06 19:14:30 +01:00
Chris Cochrane
0997b49b24
Upgraded shiro and commons-text to address security issues 2022-10-19 10:48:27 +01:00
Chris Cochrane
878f0bba8b
ENT-6885: Added build option to specify the version of Apache commons-configuration2 (#7224)
Added a build.gradle option to specify the version of Apache commons-configuration2 to build with, overriding whatever version is pulled in by Artemis Server.
This is to address Nexus security vulnerability reported for Apache commons-configuration2 v2.7.

This change was previously applied in Ent-4.9 and was shown to remove the critical security issues reported by Nexus. See [PR-4652](https://github.com/corda/enterprise/pull/4562) for more info about that.

The Corda jar was built locally and then scrutinised, revealing that it had Apache commons-configuration2 v2.8.0 included within.
2022-07-29 17:33:13 +01:00
Adel El-Beik
ffc843b64d
ENT-6882: Upgraded shiro-core to 1.9.1. (#7217) 2022-07-13 14:40:55 +01:00
Adel El-Beik
c23e8b49d4 ENT-6847: Updated shiro and netty version. 2022-06-30 12:15:31 +01:00
Waldemar Zurowski
ec14f9ccba NOTICK: Merging forward updates from OS 4.7 to OS 4.8 (2022-05-26) 2022-05-26 14:13:33 +02:00
Waldemar Zurowski
0336c938a6 NOTICK: Merging forward updates from OS 4.6 to OS 4.7 (2022-05-25)
Conflicts:
* .ci/dev/regression/Jenkinsfile
*
core/src/main/kotlin/net/corda/core/internal/PlatformVersionSwitches.kt
2022-05-25 19:07:45 +02:00
Waldemar Zurowski
ef76ae0973 NOTICK: Merging forward updates from OS 4.5 to OS 4.6 (2022-05-25)
Conflicts:
*
client/rpc/src/integration-test/kotlin/net/corda/client/rpcreconnect/CordaRPCClientReconnectionTest.kt
*
client/rpc/src/main/kotlin/net/corda/client/rpc/internal/ReconnectingCordaRPCOps.kt
* constants.properties
* gradle/wrapper/gradle-wrapper.properties
* tools/shell/src/main/kotlin/net/corda/tools/shell/InteractiveShell.kt
2022-05-25 10:14:38 +02:00
Adel El-Beik
81348de000 ENT-6802: Upgrade Jackson to 2.13.3 2022-05-24 20:02:15 +01:00
Adel El-Beik
e33265f60d ENT-6765: Upgraded quassar and hibernate. 2022-05-09 13:36:16 +01:00
Dimos Raptis
b331a421b2 ENT-6579 - Upgrade netty 2022-04-22 15:40:28 +01:00
Adel El-Beik
c53b0af997 ENT-6748: Make sure correct artemis is picked up, and don't rely on cache. 2022-04-11 12:21:49 +01:00
Adel El-Beik
f89cb76309 ENT-6629: Update hibernate version to match ent. 2022-04-01 16:40:19 +01:00
Adel El-Beik
40a72a4837
ENT-6687: Added the corda-releases repo, so that deployNodes in the s… (#7113)
* ENT-6687: Added the corda-releases repo, so that deployNodes in the samples can find the corda shell.
2022-03-10 17:56:09 +00:00
Rick Parker
1e227fdfc4
ENT-6711 - Fix for upgrade to Jackson 2.12 and beyond (actual upgrade to 2.13.1) (#7096)
* NOTICK - Don't know what the JIRA is but wanted to share.

* Updates to resolve bukld issues

* NOTICK: Fixed JDK11 version to prevent capsule version error

* ENT-6711: Added comment for use of jackson_kotlin_version.

* ENT-6711: Avoid deprecation warning, switched to the default method.

Co-authored-by: Chris Cochrane <chris.cochrane@r3.com>
Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2022-03-07 11:08:06 +00:00
Adel El-Beik
4594c76259 ENT-6637: Targeted exclude of the jgroups dependency. 2022-03-04 11:52:14 +00:00
Adel El-Beik
4203a56c3a ENT-6637 & ENT-6618: Removed jgroups and dbcp from artemis dependencies. 2022-03-03 16:40:18 +00:00
Chris Cochrane
9dfdd71c22
ENT-6631 - upgrade jackson version to get rid of databind vulnerability, keeping jackson-module-kotlin the same 2022-02-24 13:26:37 +00:00
Adel El-Beik
5ad2486041
Merge pull request #7082 from corda/vkolomeyko/ENT-6286-official-artemis-switch
ENT-6286: Switch to official version of Artemis library
2022-02-23 10:15:59 +00:00
Adel El-Beik
ba8cd1b80d Merge remote-tracking branch 'origin/release/os/4.8' into adel/merge-from-4.8-21Feb 2022-02-21 12:52:29 +00:00
Viktor Kolomeyko
cfbfa23ec3 ENT-6286: Switch to official version of Artemis library
Version number is the same as ours - `2.19.1`, removing `includeGroup 'org.apache.activemq'` from Corda Dependencies repository, will make it fall back to Maven Central where the official version is available.
2022-02-21 10:00:16 +00:00
Chris Cochrane
b008f5f42a
Updated tcnative version to 2.0.48 (#7072) 2022-02-16 18:10:05 +00:00
Rick Parker
9c30d5a2cc
ENT-6498 Fix API docs dependencies (#7054) 2022-02-08 10:25:07 +00:00
Viktor Kolomeyko
835321bb70
ENT-6286: OS: Upgrade version of Artemis to 2.19.1 (#6975)
Fixes DDoS attack mentioned on the Jira ticket.

PR upgrades Artemis library to version 2.19.1.
This is our own release of Apache Artemis library which has vulnerability fix for v2.20 applied.

**_Breaking changes discovered during Artemis upgrade:_**
1. When the queue is created as temporary, it needs to explicitly be specified as non-durable.
2. By default, Artemis Client performs Host DNS name check against the certificate presented by the server. Our TLS certificates fail this check and this verification has to be explicitly disabled, see use of: `TransportConstants.VERIFY_HOST_PROP_NAME`.
3. Artemis Server now caches login attempts, even unsuccessful ones. When we add RPC users dynamically via DB insert this may have an unexpected outcome if the user with the same `userName` and `password` was not available previously.
To workaround permissions changing dynamically, authorization and authentication caches had to be disabled.
4. When computing `maxMessageSize`, the size of the headers content is now taken into account as well.
5. Artemis handling of start-up errors has changed. E.g. when the port is already bound.
6. A number of deprecated APIs like: `createTemporaryQueue`, `failoverOnInitialAttempt`, `NullOutputStream`, `CoreQueueConfiguration`.
7. Log warning message is produced like: `AMQ212080: Using legacy SSL store provider value: JKS. Please use either 'keyStoreType' or 'trustStoreType' instead as appropriate.`
8. As reported by QA, Artemis now produces more audit logging more details [here](https://r3-cev.atlassian.net/browse/ENT-6540). Log configuration been adjusted to reduce such output.
2022-01-21 09:18:14 +00:00
Ryan Fowler
857b8aa286
ENT-6542: Add Community Edition string for R3 builds (#7026) 2022-01-18 11:12:32 +00:00