ESF 7.4.1 - Release
8 months ago by Matteo Maiero
Eurotech Everyware Software Framework ESF 7.4.1 (Eclipse Kura - 5.4.1) - March 2024
Description:
This service release of ESF includes the following changes:
- Fixed ESF firewall not being functional if floding protection rate limit is enabled
- ESF will now resume reading system journal from the beginning if the journal.cursor file is corrupted instead of stopping log processing
- Fixed NoSuchProviderException when creating new key pairs with keystores/v1 REST APIs
- Fixed memory leak in org.eclipse.kura.linux.usb when unrecongnized udev events are received
- Fixed data loss in Wire Record Store implementation for H2 when certain data types are stored
Target Environments:
- ESF supports the following Devices and Everyware Linux (EL) versions:
- ReliaGATE 10-12;
- EL 27.0.1
- EL 27.1.0
- ReliaGATE 10-20;
- EL 27.0.0
- ReliaGATE 20-25;
- EL 23.0.0
- BoltGATE 20-25;
- EL 21.4.0
- EL 30.1.0 (RC4 tested)
- ReliaGATE 10-14;
- EL 27.0.3
- EL 27.1.0
- EL 40.0.0 (generic-arm64 profile)
- DynaGATE 10-14;
- EL 33.0.0 (generic-arm64 profile)
- BoltGATE 20-31;
- EL 20.1.0
- EL 30.1.0 (RC4 tested)
- DynaGATE 20-30;
- EL 20.1.0
- EL 30.1.0 (RC4 tested)
- BoltGATE 10-12;
- EL 27.1.0
- DynaCOR 44-11;
- Ubuntu 22.04 LTS (generic-x86-64 profile)
- ReliaCOR 40-12;
- Ubuntu 22.04 LTS (generic-x86-64 profile)
- Generic profiles;
- generic-arm32
- generic-arm64
- generic-x86_64
- generic-arm32-nn
- generic-arm64-nn
- generic-x86_64-nn
- Raspberry Pi 2/3/4 with Raspberry Pi OS 32bit (Bookworm tested);
- Raspberry Pi 3/4 with Raspberry Pi OS 64bit (Bookworm tested);
- ReliaGATE 10-12;
- ESF is also available as a pre-built Docker container based on:
- Rocky Linux latest x86_64 and aarch64
- ubi-minimal latest x86_64 and aarch64
Bug Fixes (ESF):
- beae17c609 - [network.threat.manager] Added missing rules in mangle tables for ipv6 [backport release-7.4.0] (#2174) (github-actions[bot])
- 3ad70576b3 - Flooding protection issue [backport release-7.4.0] (#2169) (github-actions[bot])
- 8603061a6b - [linux.usb] memory leak on non-usb udev events [backport release-7.4.0] (#2157) (github-actions[bot])
- fa83d5b6e5 - Seek to journald head if cursor is not valid [backport release-7.4.0] (#2146) (github-actions[bot])
Bug Fixes (Kura):
- 678d3dd611 - [distrib] added libudev.so.0 symlink [backport release-5.4.0] (#5167) (github-actions[bot])
- 443f471a99 - Fixed unnecessary column type changes in H2DbWireRecordStoreImpl [backport release-5.4.0] (#5158) (github-actions[bot])
- b0e4b54907 - [linux.usb] memory leak on non-usb udev events [backport release-5.4.0] (#5138) (github-actions[bot])
- e2123f3559 - [BaseKeystoreService] Add missing key generator provider [backport release-5.4.0] (#5070) (github-actions[bot])
Target Platform Updates (ESF):
- 8e58a2258b - update com.eurotech.framework.linux.usb to 1.4.1-SNAPSHOT (#2168) (Marcello Rinaldo Martina)
Known Issues (ESF):
- [ECESF-6641] The installation of the com.eurotech.framework.fuse bundle causes an error in the log file. However, the bundle works correctly.
- [ECESF-3394] Non-existent unsaved changes in UI preserved after update from 7.0.2
- ReliaCELL Dual SIM option not supported
- Hardware watchdog: not implemented on all platforms
- On Reliagate 10-20 the watchdog cannot be disabled ("watchdog no-way-out")
- During ESF shutdown, an error stacktrace can be shown in the log from the Jetty server. This does not affect the success of the procedure
- #872: Provisioning Service: provisioned flag not reset if provisioning is re-enabled
- # 786: Connection Failed on Snapshot Rollback
- # 624: [Serial] RXTX fails to set 38400 bauds
- # 509: [ESF 5.2.0 QA] Check message verification failed with diagnostics ping
- # 423: [Terminal Services] socat resets the tty configuration on TCP client disconnect
- # 395: ESF on RG 20-25 reports wwan0 interface with LE910 V1 modem.
- # 358: [20-25] jdk.dio.properties digital in/out gpio numbers are incorrect
- # 81: [Security - Message Signing] ESF verifies the signature of every control message
- # 64: Message signature propagated to application bundles
Known Issues (Kura):
- The firewall rule applied by the network threat manager that block uncommon TCP MSS values is not applied in the Nvidia Jetson Nano.
- When the IPv6 network threat manager is disabled, the filtering on TCP fragments is disabled only after a reboot.
- The republish.mqtt.birth.cert.on.modem.detect property in the CloudService configuration is not supported for devices that use NetworkManager. The property value is ignored.
- When dnsmasq is used as DHCP server, only one file is used to store the leases.
- When dnsmasq is used as DHCP server, the DHCP List field in the DHCP and NAT tab shows the leases for all the interfaces.
- The system reboot command cannot be issued even with a privileged user in Debian Bookworm due to an OS issue related to the CAP_SYS_BOOT capability.
- The Wi-Fi AP scanning may fail in Debian Bookworm on the first scanning attempt in the specific Raspberry PI profile. A forced rescan can succeed and properly display the available APs.
- The nvidia-jetson-nano installer disables FAN protocol support due to compatibility issues (see #4593)
- The nvidia-jetson-nano doesn't support the Unprivileged Command Service (see #3598)
- isc-dhcp-server fails upon first Kura installation on Raspberry Pi Bullseye. This is due to how the isc-dhcp-server installer package is
built and run immediately after installation. - An update to the sslmanagerservice where the pid of the keystoreservice is updated can lead to an error in the following reconnection.
The issue impact is limited, if the dataservice reconnect option is enabled. - The implementation of the CryptoService performs encryption using a
password that is hardcoded and published. - Modem: Ublox Lisa U201 may not be able to establish PPP connection when CHAP/PAP authentication is required.
- WiFi on Raspberry Pi 2 has only been tested with WiPi WiFi Dongle (Realink RT5370 chipset) and official Pi USB WiFi Dongle (Broadcom BCM43143 chipset).
AccessPoint WiFi mode not working for Broadcom chipset. - Hardware watchdog: not implemented on all platforms
- Only one WAN interface is currently supported with old networking. A warning in displayed
in the WEB UI if the user attempts to enable more than one WAN interface - # 4212: Wrong order of BIRTH/APPLICATION certificates for custom APP IDs registration
- # 3972: Topic name validation: issue with names containing "//" (Cloud Subscriber)
- # 4141: Sometimes user is not logged in after changing password
- # 3796: Server manager does not close properly
- # 3211: Kura Docker | Bluetooth error in log during starting service
- # 3005: Kura Gets Stuck in Loading View if Services Clicked Too Fast
- # 2843: Access Banner Content All in One Line
- # 2747: No Spacing Between "Wire Components" and Error in Wire Graph
- # 2728: WireGraph Component Description Windows Too Wide
- # 2725: Different Pop-up Windows for Warnings
- # 2702: Error Message For Long Item Names Not Displayed Properly
- # 2696: Component Name Inteferes With Wire Graph Border
- # 2695: Component Names in Wires Not Limited
- # 2410: Deployment handler and URLs with many query parameters
- # 2038: [Kura 3.2.0 QA] Package uninstallation log
- # 1993: Search Domains Are Not Supported
- # 1663: Authentication Issue with Deploy V2
- # 1572: serial modbus has errors on some hardware
- # 1529: OSGI console is not redirected to Eclipse IDE with Kura 3.0
- # 1161: Incorrectly configuring a component can be irreversable.
- # 1128: [Kura 3.0.0 M1 QA] Unable to delete manually added CamelFactory services
- # 1016: ConfigurationServiceImpl creates duplicate instances
- # 797: Design of ServiceUtil is broken
- # 771: Web UI fails with INTERNAL_ERROR when WireHelperService is not registered
- # 654: Clean up static initialization around "modem" functionality
- # 645: Clean up internal dependencies in Kura
- # 522: [Net] Modem monitor should monitor interfaces, not modems
- # 486: Build environment broken on Windows
- # 406: Replace System.get* with calls to SystemService.getProperties
- # 329: [DEPLOY-V2] Review/refactoring needed
- # 297: [Status led] What connection instance controls the status led?
- # 253: Check if bundle contexes correctly unget services after invoking getService
- # 222: CloudConnectionStatusServiceImpl does not cancel workers on component deactivation
Changelog (ESF):
- beae17c609 - fix(network.threat.manager): Added missing rules in mangle tables for ipv6 [backport release-7.4.0] (#2174) (github-actions[bot])
- 65c6a7c06c - chore: add ESF 7.4.1 release notes (#2171) (github-actions[bot])
- d68d6fa3d3 - chore: automated uptick to 7.4.1 (#2170) (github-actions[bot])
- 3ad70576b3 - fix: Flooding protection issue [backport release-7.4.0] (#2169) (github-actions[bot])
- 8e58a2258b - build(distrib): update com.eurotech.framework.linux.usb to 1.4.1-SNAPSHOT (#2168) (Marcello Rinaldo Martina)
- 8603061a6b - fix(linux.usb): memory leak on non-usb udev events [backport release-7.4.0] (#2157) (github-actions[bot])
- 9eac994134 - ci: migrate Sonar scan to JDK 17 [backport release-7.4.0] (#2158) (github-actions[bot])
- fa83d5b6e5 - fix: Seek to journald head if cursor is not valid [backport release-7.4.0] (#2146) (github-actions[bot])
- 802b255db1 - docs: Added known issue about com.eurotech.framework.fuse plugin (#2145) (Salvatore Coppola)
- 06a9b548e4 - chore: automated uptick to 7.4.1-SNAPSHOT (#2139) (github-actions[bot])
Changelog (Kura):
- 678d3dd611 - fix(distrib): added libudev.so.0 symlink [backport release-5.4.0] (#5167) (github-actions[bot])
- f26ed8b694 - chore: add Kura 5.4.1 release notes (#5161) (github-actions[bot])
- 9b0737185d - chore: automated uptick to 5.4.1 (#5160) (github-actions[bot])
- 443f471a99 - fix: Fixed unnecessary column type changes in H2DbWireRecordStoreImpl [backport release-5.4.0] (#5158) (github-actions[bot])
- cca825718d - build(distrib): update org.eclipse.kura.linux.usb.version from 1.4.0 to 1.4.1-SNAPSHOT (#5145) (Marcello Rinaldo Martina)
- b0e4b54907 - fix(linux.usb): memory leak on non-usb udev events [backport release-5.4.0] (#5138) (github-actions[bot])
- a8d3a333bd - chore: Added known issue for birth publish on modem detect (#5134) (Pierantonio Merlino)
- e2123f3559 - fix(BaseKeystoreService): Add missing key generator provider [backport release-5.4.0] (#5070) (github-actions[bot])
- 93489213ca - chore: automated uptick to 5.4.1-SNAPSHOT (#5038) (github-actions[bot])