You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CoAP adapter did not properly consider the reduced minimum RAM requirements for starting up when running as a
native executable on a SubstrateVM. This could have resulted in the adapter not starting up at all, if configured
with less than ~150MB of RAM. This has been fixed.
The HTTP protocol adapter and Device Registry now support a configuration property for explicitly setting the idle timeout.
The timeout is configured with the property idleTimeout. This determines if a connection will timeout and be closed
if no data is received or sent within the idle timeout period. The idle timeout is in seconds.
A zero value means no timeout is used.
The MQTT adapter skipped command or error (the first one) subscription if both are requested for the same device. This has been fixed.
On startup, Hono components could get into a state that caused certain Kafka client metrics to not get reported.
This has been fixed.
The native executable based Lora adapter container image failed to forward Lora meta information in messages being
sent downstream. This has been fixed.
Default messaging type changed to Kafka. Changed related documentation pages.
The Command Router component possibly did not reach the "ready" state in case the Kafka broker got restarted during
Command Router startup. This has been fixed.
The CoAP protocol adapter now uses Eclipse Californium 3.6.0.
Upgraded to JJWT 0.11.5 which contains additional security guards against an ECDSA bug in Java SE versions
15-15.0.6, 17-17.0.2, and 18 (CVE-2022-21449).
Note: if your application does not use these JVM versions, you are not exposed to the JVM vulnerability.
The CVE is not a bug within JJWT itself - it is a bug within the above listed JVM versions, and the JJWT 0.11.5 release
adds additional precautions within JJWT in case an application team is not able to upgrade their JVM in a timely manner.
The Auth server failed to create a token when configured with an ECC based private key that does not use the P-256 curve.
This has been fixed.
