diff --git a/.hgtags b/.hgtags
index 477ee6e..570383f 100644
--- a/.hgtags
+++ b/.hgtags
@@ -81,3 +81,5 @@ eebce4e024fdcf705d1ea6baef62e86e3f2eb947 eumw-2.2.4
ad72b05e4f74397acc3725e0000a5881c823d4f4 eumw-2.2.8-RC1
c8da8c54dd21220a86db8c326a752bd0dacda6f0 eumw-2.2.8-RC2
b1c4925d7f9bb7c9b7d5fa5d50e598f230453d2f eumw-2.2.8-RC3
+c2603c35086fb65f2c863e363d11627d25a6e90b eumw-2.2.8
+8b0576bda9ebd2490878dfc4d0199ab069fb8899 eumw-2.2.9-RC1
diff --git a/configuration-checker/pom.xml b/configuration-checker/pom.xml
index 23ac568..92e2ea9 100644
--- a/configuration-checker/pom.xml
+++ b/configuration-checker/pom.xml
@@ -14,7 +14,7 @@
eumw
de.governikus.eumw
- 2.2.8
+ 2.2.9
configuration-checker
diff --git a/configuration-wizard/pom.xml b/configuration-wizard/pom.xml
index 38f03bd..9c43da0 100644
--- a/configuration-wizard/pom.xml
+++ b/configuration-wizard/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
configuration-wizard
diff --git a/databasemigration/pom.xml b/databasemigration/pom.xml
index 08d9e8e..1ba6690 100644
--- a/databasemigration/pom.xml
+++ b/databasemigration/pom.xml
@@ -14,7 +14,7 @@
eumw
de.governikus.eumw
- 2.2.8
+ 2.2.9
database-migration
diff --git a/distribution/pom.xml b/distribution/pom.xml
index ec904b6..e97b332 100644
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@@ -15,11 +15,11 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
distribution
- 2.2.8
+ 2.2.9
pom
diff --git a/doc/source/chapter/Changelog.rst b/doc/source/chapter/Changelog.rst
index 5e13189..29ef8a2 100644
--- a/doc/source/chapter/Changelog.rst
+++ b/doc/source/chapter/Changelog.rst
@@ -187,3 +187,7 @@ Changelog
* 2.2.8
- eIDAS Middleware: Security patch.
+
+* 2.2.9
+
+ - eIDAS Middleware: Fix CVEs by updating affected libraries, most notably xmlsec.
diff --git a/doc/source/chapter/Configuration.rst b/doc/source/chapter/Configuration.rst
index ef9bd9d..2386b8c 100644
--- a/doc/source/chapter/Configuration.rst
+++ b/doc/source/chapter/Configuration.rst
@@ -72,7 +72,7 @@ In case you are using your own environment, copy the JAR file to a folder of you
You can start the application with the following command::
- java -jar configuration-wizard-2.2.8.jar
+ java -jar configuration-wizard-2.2.9.jar
In addition you can define the config folder with adding the parameter ``DconfigDirectory`` and its value to the
command. This way the configuration wizard will be available at ``http://localhost:8080/config-wizard.``
@@ -102,7 +102,7 @@ to run the wizard again whenever you need it.
To run the configuration wizard, execute the following command.
It will mount the named volume in the container so that the configuration wizard can store the configuration in the volume. ::
- docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -p 8080:8080 --name eidas-configuration-wizard governikus/eidas-configuration-wizard:2.2.8
+ docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -p 8080:8080 --name eidas-configuration-wizard governikus/eidas-configuration-wizard:2.2.9
Running this command the configuration wizard will be available on http://localhost:8080/config-wizard.
@@ -116,7 +116,7 @@ with the alias ``localhost`` and the password ``123456`` for the keystore and th
You can also use PKCS12 keystores,
in this case you must change the value of ``SERVER_SSL_KEY_STORE_TYPE`` to ``PKCS12``. ::
- docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -v /home/user/keystore.jks:/opt/eidas-middleware/keystore.jks -p 443:8080 -e SERVER_SSL_KEY_STORE=file:/opt/eidas-middleware/keystore.jks -e SERVER_SSL_KEY_STORE_TYPE=JKS -e SERVER_SSL_KEY_STORE_PASSWORD=123456 -e SERVER_SSL_KEY_ALIAS=localhost -e SERVER_SSL_KEY_PASSWORD=123456 --name eidas-configuration-wizard governikus/eidas-configuration-wizard:2.2.8
+ docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -v /home/user/keystore.jks:/opt/eidas-middleware/keystore.jks -p 443:8080 -e SERVER_SSL_KEY_STORE=file:/opt/eidas-middleware/keystore.jks -e SERVER_SSL_KEY_STORE_TYPE=JKS -e SERVER_SSL_KEY_STORE_PASSWORD=123456 -e SERVER_SSL_KEY_ALIAS=localhost -e SERVER_SSL_KEY_PASSWORD=123456 --name eidas-configuration-wizard governikus/eidas-configuration-wizard:2.2.9
Because the application is now bound to the host in port 443,
the configuration wizard is available at https://localhost/config-wizard.
diff --git a/doc/source/chapter/DemoApplication.rst b/doc/source/chapter/DemoApplication.rst
index a2a32ee..ac7dd7b 100644
--- a/doc/source/chapter/DemoApplication.rst
+++ b/doc/source/chapter/DemoApplication.rst
@@ -50,8 +50,8 @@ Using the eIDAS Demo Application
To use the eIDAS Demo Application, start by running the eIDAS Demo Application.
#. Change to the correct directory where the aforementioned configuration is present.
-#. If not present, copy the ``eidas-demo-2.2.8.jar`` file in this directory.
-#. Start the application by executing ``java -jar eidas-demo-2.2.8.jar``.
+#. If not present, copy the ``eidas-demo-2.2.9.jar`` file in this directory.
+#. Start the application by executing ``java -jar eidas-demo-2.2.9.jar``.
Now you must configure your eIDAS Middleware to communicate with the eIDAS Demo Application.
@@ -80,7 +80,7 @@ If there was an error or the user aborted the authorization procedure, you would
There is also the possibility to demonstrate the eIDAS Middleware handling various errors.
Open the URL ``http://your.demo.host:8080/NewRequesterServlet``. The third part of the linklist sends
``LoA = Test`` with different error provocations. This test works without eID card and AusweisApp2. In this
-demonstration also the CVC check is conducted. The result is shown if the CVC check wasn’t successful. If the CVC
+demonstration also the CVC check is conducted. The result is shown if the CVC check wasn't successful. If the CVC
check was successful the eIDAS Middleware is configured properly.
Using the eIDAS Demo Application in Docker
@@ -93,7 +93,7 @@ Also bear in mind that you must use the path of the container file system in the
To run the middleware, execute the following command after you have prepared the configuration, certificate and keystores::
- docker run --rm -it -v /path/to/your/config-directory:/opt/eidas-middleware/config -p 8080:8080 governikus/eidas-demo-application:2.2.8
+ docker run --rm -it -v /path/to/your/config-directory:/opt/eidas-middleware/config -p 8080:8080 governikus/eidas-demo-application:2.2.9
Now you can follow the steps above to configure and test the eIDAS Middleware.
diff --git a/doc/source/chapter/Operating.rst b/doc/source/chapter/Operating.rst
index 2c96581..e761d7f 100644
--- a/doc/source/chapter/Operating.rst
+++ b/doc/source/chapter/Operating.rst
@@ -106,14 +106,14 @@ To run the eIDAS Middleware, execute the following command.
It will mount the named volumes containing the database and configuration in the container
and the application will be available on port 8443. ::
- docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -v eidas-database:/opt/eidas-middleware/database -p 8443:8443 --name eidas-middleware-application governikus/eidas-middleware-application:2.2.8
+ docker run --rm -it -v eidas-configuration:/opt/eidas-middleware/configuration -v eidas-database:/opt/eidas-middleware/database -p 8443:8443 --name eidas-middleware-application governikus/eidas-middleware-application:2.2.9
To stop and remove the container, just hit ``CTRL+C``.
To keep the container running longer without being attached to the STDOUT and STDERR, change the command to
the following::
- docker run -d -v eidas-configuration:/opt/eidas-middleware/configuration -v eidas-database:/opt/eidas-middleware/database -p 8443:8443 --name eidas-middleware-application governikus/eidas-middleware-application:2.2.8
+ docker run -d -v eidas-configuration:/opt/eidas-middleware/configuration -v eidas-database:/opt/eidas-middleware/database -p 8443:8443 --name eidas-middleware-application governikus/eidas-middleware-application:2.2.9
For more information on starting and stopping containers and viewing the logs,
see the `Docker Docs `_.
@@ -177,7 +177,7 @@ Scalability
The performance of the eIDAS Middleware improves by adding more memory (RAM) and using a faster CPU.
In case the memory configuration has changed, the server needs to be restarted.
To start the JVM with more memory, add ``-Xmx`` with the new maximum memory size to the start command,
-e.g. ``java -Xmx8g -jar eidas-middleware-2.2.8.jar`` for 8 GB.
+e.g. ``java -Xmx8g -jar eidas-middleware-2.2.9.jar`` for 8 GB.
Request Signer Certificate
@@ -269,7 +269,7 @@ Optional property for ``TRAP`` is ``poseidas.snmp.managementport`` (port 162 is
set).
All existing SNMP GET values are explained in detail in the MIB located at
-``https://github.com/Governikus/eidas-middleware/blob/2.2.8/poseidas/snmp/EIDASMW-SNMP-MIB.mib``.
+``https://github.com/Governikus/eidas-middleware/blob/2.2.9/poseidas/snmp/EIDASMW-SNMP-MIB.mib``.
Global GET
''''''''''
@@ -369,6 +369,6 @@ Stop the eIDAS Middleware Application and copy the database file to your backup
e.g. ``cp /opt/eidas-middleware/database/eidasmw.mv.db /path/to/your/backup-location/eidasmw.mv.db``.
To perform the migration, copy the database migration JAR file to the directory where your
-configuration file is available and execute the command ``java -jar database-migration-2.2.8.jar``.
+configuration file is available and execute the command ``java -jar database-migration-2.2.9.jar``.
If there are errors in the log output, please send the complete log output and some information on your environment to
eidas-middleware@governikus.com.
diff --git a/doc/source/conf.py b/doc/source/conf.py
index 47c8fc5..9eb0a59 100644
--- a/doc/source/conf.py
+++ b/doc/source/conf.py
@@ -55,9 +55,9 @@
# built documents.
#
# The short X.Y version.
-version = '2.2.8'
+version = '2.2.9'
# The full version, including alpha/beta/rc tags.
-release = '2.2.8'
+release = '2.2.9'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
diff --git a/dvca-connection-configurator/pom.xml b/dvca-connection-configurator/pom.xml
index 0c8bc1d..fef3e04 100644
--- a/dvca-connection-configurator/pom.xml
+++ b/dvca-connection-configurator/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
dvca-connection-configurator
dvca-connection-configurator
diff --git a/eidas-base-container/pom.xml b/eidas-base-container/pom.xml
index ffaaeae..32a4f9c 100644
--- a/eidas-base-container/pom.xml
+++ b/eidas-base-container/pom.xml
@@ -14,7 +14,7 @@
eumw
de.governikus.eumw
- 2.2.8
+ 2.2.9
eidas-base-container
diff --git a/eidas-base-container/src/main/docker/Dockerfile b/eidas-base-container/src/main/docker/Dockerfile
index 39d4480..fce567b 100644
--- a/eidas-base-container/src/main/docker/Dockerfile
+++ b/eidas-base-container/src/main/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM azul/zulu-openjdk-alpine:8u332
+FROM azul/zulu-openjdk-alpine:8u362
MAINTAINER Benny Prange
diff --git a/eidas-common/pom.xml b/eidas-common/pom.xml
index 76e8f0c..c09a672 100644
--- a/eidas-common/pom.xml
+++ b/eidas-common/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
eidas-common
diff --git a/eidas-demo/pom.xml b/eidas-demo/pom.xml
index 1243273..78ffdd5 100644
--- a/eidas-demo/pom.xml
+++ b/eidas-demo/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
eidas-demo
diff --git a/eidas-middleware/pom.xml b/eidas-middleware/pom.xml
index 2fa95a9..94f30fc 100644
--- a/eidas-middleware/pom.xml
+++ b/eidas-middleware/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
eidas-middleware
diff --git a/eidas-starterkit/pom.xml b/eidas-starterkit/pom.xml
index 66ce922..903d0b2 100644
--- a/eidas-starterkit/pom.xml
+++ b/eidas-starterkit/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
eidas-starterkit
diff --git a/password-generator/pom.xml b/password-generator/pom.xml
index 94723cf..89d8618 100644
--- a/password-generator/pom.xml
+++ b/password-generator/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
password-generator
diff --git a/pom.xml b/pom.xml
index 86f49e7..b889a6a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
pom
EU Middleware
@@ -37,7 +37,7 @@
https://hg.govkg.de/Autent/eumw
scm:hg:https://hg.govkg.de/Autent/eumw
- eumw-2.2.8
+ eumw-2.2.9
@@ -86,7 +86,7 @@
1.0.8
3.4.6
- 2.3.1
+ 2.3.4
3.4.7
2.6.9
@@ -112,6 +112,8 @@
3.0.11
2.7.4
+
+ 9.0.82
1.18.24
@@ -799,6 +801,23 @@
${version.joda-time}
+
+
+ org.apache.tomcat.embed
+ tomcat-embed-core
+ ${version.tomcat}
+
+
+ org.apache.tomcat.embed
+ tomcat-embed-el
+ ${version.tomcat}
+
+
+ org.apache.tomcat.embed
+ tomcat-embed-websocket
+ ${version.tomcat}
+
+
org.slf4j
diff --git a/poseidas-configuration/pom.xml b/poseidas-configuration/pom.xml
index 582761c..9cf56da 100644
--- a/poseidas-configuration/pom.xml
+++ b/poseidas-configuration/pom.xml
@@ -13,7 +13,7 @@
eumw
de.governikus.eumw
- 2.2.8
+ 2.2.9
4.0.0
diff --git a/poseidas/pom.xml b/poseidas/pom.xml
index feb906c..1e4117b 100644
--- a/poseidas/pom.xml
+++ b/poseidas/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
poseidas
diff --git a/utils/pom.xml b/utils/pom.xml
index 1f65328..d1aa659 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -14,7 +14,7 @@
de.governikus.eumw
eumw
- 2.2.8
+ 2.2.9
utils