[jira] [Updated] (KARAF-4419) Multiple inharitance levels with generics cause ClassCastException when JPA is enabled

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4419:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Multiple inharitance levels with generics cause ClassCastException when JPA 
> is enabled
> --
>
> Key: KARAF-4419
> URL: https://issues.apache.org/jira/browse/KARAF-4419
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.4
> Environment: Win 7 x64, JDK 1.8.0_73, Karaf 4.0.4
>Reporter: Felix Wassmer
> Fix For: 4.1.0, 4.0.9
>
>
> I'm using inheritance with generics over multiple levels.
> Injecting properties to those beans works fine, but on access of a property 
> of the lowest class, there is a ClassCastException thrown.
> I could narrow it down to enabling JPA in the blueprint causing the issue:
> When disabling JPA, the proper bean class is resolved,
> enabled the type resolving stopped at the parent abstract class of the 
> expected class, thus throwing a ClassCastException.
> Example project to reproduce this issue:
> https://github.com/fwassmer/inheritance



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4361) Allow dynamic config customization when embedding Karaf using the Main class

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4361:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Allow dynamic config customization when embedding Karaf using the Main class
> 
>
> Key: KARAF-4361
> URL: https://issues.apache.org/jira/browse/KARAF-4361
> Project: Karaf
>  Issue Type: Improvement
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.4
>Reporter: Serge Huber
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.9
>
> Attachments: 
> KARAF_4361_Allow_dynamic_config_customization_when_embedding_Karaf_using_the_Main_class.patch
>
>
> We are using Karaf by embedding it and basically starting it like this : 
> {code}
> // code to setup System properties
> main = new Main(new String[0]);
> main.launch();
> {code}
> The problem is that the ConfigProperties that are used to startup Karaf are 
> directly created in the main.launch() method, like this:
> {code}
> public void launch() throws Exception {
> config = new ConfigProperties();
> {code}
> Ideally it would be great if we could either have a setter to provide the 
> config value, so that we could manipulate it before launching. In an embedded 
> environment this quickly becomes a necessity. For example we would like to 
> make it possible to have retrieve properties coming from another framework 
> such as Spring and use those to override  config.properties settings in a 
> dynamic way, without needing to dump them to a file at Karaf startup. I'm 
> aware of the ${includes} and ${optionals} but those require files to be read 
> from the disk where here I'm talking about being able to dynamically 
> manipulate the properties once loaded.
> Basically something like this would be fantastic
> {code}
> // code to setup System properties
> main = new Main(new String[0]);
> ConfigProperties config = main.getConfig();
> if (config == null) {
>config = new ConfigProperties();
> }
> // manipulate config in any way desired
> main.setConfig(config)
> main.launch();
> {code}
> The main.launch could then simply be modified to something like this : 
> {code}
> public void launch() throws Exception {
> if (config == null) {
> config = new ConfigProperties();
> }
> {code}
> Btw we are using Karaf 4.0.x so having this in both Karaf 4.1.0 and Karaf 4.0 
> would be fantastic.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KARAF-4770) Update etc/org.apache.karaf.management.cfg

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4770?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré resolved KARAF-4770.
-
Resolution: Fixed

> Update etc/org.apache.karaf.management.cfg
> --
>
> Key: KARAF-4770
> URL: https://issues.apache.org/jira/browse/KARAF-4770
> Project: Karaf
>  Issue Type: Improvement
>  Components: karaf-management
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.8
>
>
> Karaf management contains properties not really documented in 
> {{etc/org.apache.karaf.management.cfg}} default configuration file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4360) FrameworkEvent ERROR in the karaf.log when install cxf-core feature

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4360?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4360:

Fix Version/s: (was: 4.0.8)
   4.0.9

> FrameworkEvent ERROR in the karaf.log when install cxf-core feature
> ---
>
> Key: KARAF-4360
> URL: https://issues.apache.org/jira/browse/KARAF-4360
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-feature
>Affects Versions: 4.0.4
> Environment: Java 8
>Reporter: Xilai Dai
>Assignee: Jean-Baptiste Onofré
>Priority: Minor
> Fix For: 4.1.0, 4.0.9
>
>
> When trying to install cxf-core feature into Karaf 4.0.4, there is 
> FrameworkEvent ERROR in the karaf.log, but the bundles can be started and in 
> the Active status.
> {code}
> 2016-02-25 12:09:57,529 | ERROR | 8d8-961af9b70a25 | cxf-core 
> | 53 - org.apache.cxf.cxf-core - 3.1.5 | FrameworkEvent ERROR - 
> org.apache.cxf.cxf-core
> org.osgi.framework.BundleException: Could not resolve module: 
> org.apache.cxf.cxf-core [53]
>   Unresolved requirement: Import-Package: com.ctc.wstx.msv; 
> version="[4.4.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.ctc.wstx.stax; 
> version="[4.4.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.codehaus.stax2; 
> version="[3.1.0,4.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.codehaus.stax2.validation; 
> version="[3.1.0,4.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.msv.grammar; 
> version="[2013.6.0,2014.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.msv.grammar.xmlschema; 
> version="[2013.6.0,2014.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.msv.reader; 
> version="[2013.6.0,2014.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.msv.reader.xmlschema; 
> version="[2013.6.0,2014.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.xml.bind.marshaller; 
> version="[2.2.0,3.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: com.sun.xml.fastinfoset.stax; 
> version="[1.2.0,2.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: net.sf.cglib.proxy; 
> version="[2.1.3,3.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.osgi.io; 
> version="[1.2.0,2.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.osgi.util; 
> version="[1.2.0,2.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.aop; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.aop.framework; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.aop.support; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.beans; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.beans.factory; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.beans.factory.config; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.beans.factory.support; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.beans.factory.wiring; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.beans.factory.xml; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.context; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.context.event; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.context.support; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.core; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.core.io; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: 
> org.springframework.core.io.support; version="[3.1.0,5.0.0)"; 
> resolution:="optional"
>   Unresolved requirement: Import-Package: org.springframework.core.type; 
> version="[3.1.0,5.0.0)"; resolution:="optional"
>   Unresolved requirement: Import-Package: 
>

[jira] [Commented] (KARAF-4770) Update etc/org.apache.karaf.management.cfg

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15739284#comment-15739284
 ] 

ASF subversion and git services commented on KARAF-4770:


Commit 88c589d136ea18b81bfb540b3203cf1d2fdbbe5c in karaf's branch 
refs/heads/karaf-4.0.x from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=88c589d ]

[KARAF-4770] Update etc/org.apache.karaf.management.cfg


> Update etc/org.apache.karaf.management.cfg
> --
>
> Key: KARAF-4770
> URL: https://issues.apache.org/jira/browse/KARAF-4770
> Project: Karaf
>  Issue Type: Improvement
>  Components: karaf-management
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.8
>
>
> Karaf management contains properties not really documented in 
> {{etc/org.apache.karaf.management.cfg}} default configuration file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4770) Update etc/org.apache.karaf.management.cfg

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4770?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4770:

Fix Version/s: (was: 3.0.9)

> Update etc/org.apache.karaf.management.cfg
> --
>
> Key: KARAF-4770
> URL: https://issues.apache.org/jira/browse/KARAF-4770
> Project: Karaf
>  Issue Type: Improvement
>  Components: karaf-management
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.8
>
>
> Karaf management contains properties not really documented in 
> {{etc/org.apache.karaf.management.cfg}} default configuration file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4770) Update etc/org.apache.karaf.management.cfg

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15739280#comment-15739280
 ] 

ASF subversion and git services commented on KARAF-4770:


Commit 52689bfe2e8248d5ecde4e461ad0c827a43c6930 in karaf's branch 
refs/heads/master from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=52689bf ]

[KARAF-4770] Update etc/org.apache.karaf.management.cfg


> Update etc/org.apache.karaf.management.cfg
> --
>
> Key: KARAF-4770
> URL: https://issues.apache.org/jira/browse/KARAF-4770
> Project: Karaf
>  Issue Type: Improvement
>  Components: karaf-management
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> Karaf management contains properties not really documented in 
> {{etc/org.apache.karaf.management.cfg}} default configuration file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4835) Add content assist for paths in karaf shell source

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4835?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4835:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Add content assist for paths in karaf shell source
> --
>
> Key: KARAF-4835
> URL: https://issues.apache.org/jira/browse/KARAF-4835
> Project: Karaf
>  Issue Type: Task
>  Components: karaf-shell
>Affects Versions: 4.1.0, 4.0.8
>Reporter: Lijun Liao
>Assignee: Guillaume Nodet
> Fix For: 4.1.0, 4.0.9
>
>
> Add auto-completion of file path to the karaf command "source", like in 
> command "install". 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré resolved KARAF-4890.
-
Resolution: Fixed

> Upgrade to Spring 4.2.8.RELEASE
> ---
>
> Key: KARAF-4890
> URL: https://issues.apache.org/jira/browse/KARAF-4890
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15739226#comment-15739226
 ] 

ASF subversion and git services commented on KARAF-4890:


Commit dc596d5db10dea44f95f1298bc85b6b57d6fc39f in karaf's branch 
refs/heads/karaf-3.0.x from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=dc596d5 ]

[KARAF-4890] Upgrade to Spring 4.2.8.RELEASE


> Upgrade to Spring 4.2.8.RELEASE
> ---
>
> Key: KARAF-4890
> URL: https://issues.apache.org/jira/browse/KARAF-4890
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15739222#comment-15739222
 ] 

ASF subversion and git services commented on KARAF-4890:


Commit ccfe2e04599cc610aeffd4f7c1761c539addeed0 in karaf's branch 
refs/heads/karaf-4.0.x from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=ccfe2e0 ]

[KARAF-4890] Upgrade to Spring 4.2.8.RELEASE


> Upgrade to Spring 4.2.8.RELEASE
> ---
>
> Key: KARAF-4890
> URL: https://issues.apache.org/jira/browse/KARAF-4890
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15739221#comment-15739221
 ] 

ASF subversion and git services commented on KARAF-4890:


Commit 61015a8c66dd2849c59134308ed0848f8672d1d2 in karaf's branch 
refs/heads/master from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=61015a8 ]

[KARAF-4890] Upgrade to Spring 4.2.8.RELEASE


> Upgrade to Spring 4.2.8.RELEASE
> ---
>
> Key: KARAF-4890
> URL: https://issues.apache.org/jira/browse/KARAF-4890
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4890:

Fix Version/s: 3.0.9

> Upgrade to Spring 4.2.8.RELEASE
> ---
>
> Key: KARAF-4890
> URL: https://issues.apache.org/jira/browse/KARAF-4890
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré resolved KARAF-4623.
-
Resolution: Fixed

> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15738037#comment-15738037
 ] 

ASF subversion and git services commented on KARAF-4623:


Commit 23417f08f6f125ee6c092d08fa1595660b14f3df in karaf's branch 
refs/heads/karaf-3.0.x from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=23417f0 ]

[KARAF-4623] Upgrade to Spring 4.1.9.RELEASE


> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4623:

Fix Version/s: (was: 3.0.9)

> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4623:

Fix Version/s: 3.0.9

> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15737622#comment-15737622
 ] 

ASF subversion and git services commented on KARAF-4623:


Commit 04736fbc2e47bca39d3478df4171f5c20ab42c93 in karaf's branch 
refs/heads/master from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=04736fb ]

[KARAF-4623] Upgrade to Spring 4.1.9.RELEASE


> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15737624#comment-15737624
 ] 

ASF subversion and git services commented on KARAF-4623:


Commit d53180fe0db0e88659c04c5e28f05e29951a0199 in karaf's branch 
refs/heads/karaf-4.0.x from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=d53180f ]

[KARAF-4623] Upgrade to Spring 4.1.9.RELEASE


> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4623) Upgrade to Spring 4.1.9.RELEASE

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4623:

Summary: Upgrade to Spring 4.1.9.RELEASE  (was: Upgrade to Spring 4.1.8)

> Upgrade to Spring 4.1.9.RELEASE
> ---
>
> Key: KARAF-4623
> URL: https://issues.apache.org/jira/browse/KARAF-4623
> Project: Karaf
>  Issue Type: Dependency upgrade
>  Components: karaf-core
>Affects Versions: 4.1.0, 4.0.5, 3.0.7
>Reporter: Krzysztof Sobkowiak
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 3.0.9, 4.0.8
>
>
> We are currently using Spring 4.1.7.RELEASE, but one user has pointed to a 
> vulerability in this version http://pivotal.io/security/cve-2015-5211. We 
> should upgrade to 4.1.8.RELEASE (not available yet as bundle)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KARAF-4891) Provide Spring 4.3.3.RELEASE feature

2016-12-10 Thread JIRA 
Jean-Baptiste Onofré created KARAF-4891:
---

 Summary: Provide Spring 4.3.3.RELEASE feature
 Key: KARAF-4891
 URL: https://issues.apache.org/jira/browse/KARAF-4891
 Project: Karaf
  Issue Type: Dependency upgrade
  Components: karaf-core
Reporter: Jean-Baptiste Onofré
Assignee: Jean-Baptiste Onofré
 Fix For: 4.1.0, 4.0.8






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KARAF-4890) Upgrade to Spring 4.2.8.RELEASE

2016-12-10 Thread JIRA 
Jean-Baptiste Onofré created KARAF-4890:
---

 Summary: Upgrade to Spring 4.2.8.RELEASE
 Key: KARAF-4890
 URL: https://issues.apache.org/jira/browse/KARAF-4890
 Project: Karaf
  Issue Type: Dependency upgrade
  Components: karaf-core
Reporter: Jean-Baptiste Onofré
Assignee: Jean-Baptiste Onofré
 Fix For: 4.1.0, 4.0.8






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4534) Assembly builder does not support file urls in features

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4534:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Assembly builder does not support file urls in features
> ---
>
> Key: KARAF-4534
> URL: https://issues.apache.org/jira/browse/KARAF-4534
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-tooling
>Affects Versions: 4.0.5
>Reporter: Christian Schneider
>Priority: Critical
> Fix For: 4.1.0, 4.0.9
>
>
> [ERROR] Failed to execute goal 
> org.apache.karaf.tooling:karaf-maven-plugin:4.0.5:assembly 
> (process-resources) on project decanter-server: Unable to build assembly: 
> Error -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute 
> goal org.apache.karaf.tooling:karaf-maven-plugin:4.0.5:assembly 
> (process-resources) on project decanter-server: Unable to build assembly
>   at 
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:216)
>   at 
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
>   at 
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
>   at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
>   at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
>   at 
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
>   at 
> org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:120)
>   at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:355)
>   at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:155)
>   at org.apache.maven.cli.MavenCli.execute(MavenCli.java:584)
>   at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:216)
>   at org.apache.maven.cli.MavenCli.main(MavenCli.java:160)
>   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>   at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>   at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>   at java.lang.reflect.Method.invoke(Method.java:498)
>   at 
> org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
>   at 
> org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
>   at 
> org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
>   at 
> org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
> Caused by: org.apache.maven.plugin.MojoExecutionException: Unable to build 
> assembly
>   at org.apache.karaf.tooling.AssemblyMojo.execute(AssemblyMojo.java:234)
>   at 
> org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:132)
>   at 
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:208)
>   ... 19 more
> Caused by: org.apache.karaf.features.internal.util.MultiException: Error
>   at 
> org.apache.karaf.features.internal.download.impl.MavenDownloadManager$MavenDownloader.(MavenDownloadManager.java:84)
>   at 
> org.apache.karaf.features.internal.download.impl.MavenDownloadManager.createDownloader(MavenDownloadManager.java:72)
>   at 
> org.apache.karaf.features.internal.region.Subsystem.downloadBundles(Subsystem.java:363)
>   at 
> org.apache.karaf.features.internal.region.Subsystem.downloadBundles(Subsystem.java:360)
>   at 
> org.apache.karaf.features.internal.region.SubsystemResolver.resolve(SubsystemResolver.java:187)
>   at 
> org.apache.karaf.features.internal.service.Deployer.deploy(Deployer.java:263)
>   at org.apache.karaf.profile.assembly.Builder.resolve(Builder.java:1214)
>   at 
> org.apache.karaf.profile.assembly.Builder.startupStage(Builder.java:1002)
>   at 
> org.apache.karaf.profile.assembly.Builder.doGenerateAssembly(Builder.java:606)
>   at 
> org.apache.karaf.profile.assembly.Builder.generateAssembly(Builder.java:389)
>   at 
> org.apache.karaf.tooling.AssemblyMojo.doExecute(AssemblyMojo.java:392)
>   at org.apache.karaf.tooling.AssemblyMojo.execute(AssemblyMojo.java:228)
>   ... 21 more
>   Suppressed: java.io.IOException: Error downloading 
> wrap:file:/home/cschneider/.m2/repository/org/fusesource/leveldbjni/leveldbjni-all/1.8/leveldbjni-all-1.8.jar$Bundle-Version=1.8=*;-noimport:=true;version="1.8"
>   at 
> org.apache.karaf.features.internal.download.impl.AbstractRetryableDownloadTask.run(AbstractRetryableDownloadTask.java:71)
>

[jira] [Updated] (KARAF-4572) NullPointer Exception when deploying EclipseLink model bundle

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4572?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4572:

Fix Version/s: (was: 4.0.8)
   4.0.9

> NullPointer Exception when deploying EclipseLink model bundle
> -
>
> Key: KARAF-4572
> URL: https://issues.apache.org/jira/browse/KARAF-4572
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-core
>Affects Versions: 4.0.5
>Reporter: Viktor Kozlov
>Priority: Minor
> Fix For: 4.1.0, 4.0.9
>
>
> When I deploy my model bundle which contains only persistence unit I get this 
> Exception:
> karaf@root()> bundle:install -s mvn:biz.lorien.niichi/model;
> [EL Warning]: 2016-01-18 17:14:57.797--java.lang.NullPointerException
> Bundle ID: 167
> and every time I start Karaf with this model bundle:
> Hit '' for a list of available commands.
> Type '[cmd] --help' for help on a specific command.
> karaf@root()> [EL Warning]: 2016-01-18 
> 17:18:08.176--java.lang.NullPointerException
> If I uninstall and install my model bundle there is no Exception.
> Exception popups when first installed and after Karaf restart. 
> It looks like exception is thrown during eclipselink engine init.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4324) Shell commands and optional @Reference

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4324:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Shell commands and optional @Reference
> --
>
> Key: KARAF-4324
> URL: https://issues.apache.org/jira/browse/KARAF-4324
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-shell
>Affects Versions: 4.0.4
>Reporter: J. Brébec
>Assignee: Guillaume Nodet
>Priority: Minor
> Fix For: 4.1.0, 4.0.9
>
>
> The annotation @Reference have a optional property, but this property is not 
> used to resolve the dependencies of a command.
> Moreover, if I define in a bundle two commands, and one of this command can't 
> be deployed because of an optional dependencies, then none of the command of 
> the bundle is not deployed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4306) karaf-maven-plugin is not assembling the correct version of dependencies

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4306:

Fix Version/s: (was: 4.0.8)
   4.0.9

> karaf-maven-plugin is not assembling the correct version of dependencies
> 
>
> Key: KARAF-4306
> URL: https://issues.apache.org/jira/browse/KARAF-4306
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-tooling
>Affects Versions: 4.0.4
>Reporter: Raman Gupta
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.9
>
>
> This is similar to KARAF-3994.
> I see that the commit for that issue added the following TODO:
> * TODO Need to also check for version ranges. Currently ranges are ignored 
> and all features matching the name
> I have a similar problem -- the generated system repo contains all versions 
> of a feature that is matched by a range, not just the highest one that 
> fulfills all of the requirements of the boot features. This is an issue 
> because the generated repo may contain older (or newer) versions of libraries 
> that have CVEs against them, which is then flagged by ops.
> For example:
> My feature depends on spring-dm which depends on spring range [2.5.6,4). At 
> runtime, Karaf only needs and uses Spring 3.2.14, but my system repo contains 
> Spring 3.1.4 (as well as three versions of Spring 4), all of which are 
> defined in the Karaf Spring repo. And of course, Spring 3.1.4 has CVEs 
> against it, so the system is flagged by ops as using jars with security 
> problems (even though those jars are not actually used by the app).
> Shouldn't the Builder apply the same resolution logic as is used by Karaf 
> itself, and assemble only those jars?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4275) StaticConfigurationAdmin and NPE with spring dm

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4275?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4275:

Fix Version/s: (was: 4.0.8)
   4.0.9

> StaticConfigurationAdmin and NPE with spring dm
> ---
>
> Key: KARAF-4275
> URL: https://issues.apache.org/jira/browse/KARAF-4275
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-profile
>Affects Versions: 4.0.4
> Environment: Karaf 4.0.4 with a static distribution
>Reporter: J. Brébec
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.9
>
>
> Spring DM throw a NPE with a Karaf static distribution, when a configuration 
> is not bound. The Static ConfigurationAdmin implementation is not compliant 
> with the specification : getConfiguration should never return null.
> A workaround : create an for every configuration a file .cfg in 
> etc.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4290) karaf-maven-plugin uses inactive proxies from settings.xml

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4290:

Fix Version/s: (was: 4.0.8)
   4.0.9

> karaf-maven-plugin uses inactive proxies from settings.xml
> --
>
> Key: KARAF-4290
> URL: https://issues.apache.org/jira/browse/KARAF-4290
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-tooling
>Affects Versions: 4.0.4
>Reporter: Michael Prescott
>Assignee: Jean-Baptiste Onofré
>Priority: Minor
> Fix For: 4.1.0, 4.0.9
>
> Attachments: karaf-4290-stack-trace.txt
>
>
> My maven settings.xml has a  server defined, but it's inactive:
> 
>   charles-proxy
>   false
>   http
>   localhost
>   
>   www.google.com|*.example.com
> 
> Nevertheless, when runs, I get IOExceptions related to attempting to contact 
> the proxy server (which isn't running):
> Connect to localhost: [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] 
> failed: Connection refused: connect



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KARAF-4275) StaticConfigurationAdmin and NPE with spring dm

2016-12-10 Thread JIRA 

[ 
https://issues.apache.org/jira/browse/KARAF-4275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15737482#comment-15737482
 ] 

Jean-Baptiste Onofré commented on KARAF-4275:
-

It's more a Felix ConfigAdmin issue. Let me try to reproduce.

> StaticConfigurationAdmin and NPE with spring dm
> ---
>
> Key: KARAF-4275
> URL: https://issues.apache.org/jira/browse/KARAF-4275
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-profile
>Affects Versions: 4.0.4
> Environment: Karaf 4.0.4 with a static distribution
>Reporter: J. Brébec
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.8
>
>
> Spring DM throw a NPE with a Karaf static distribution, when a configuration 
> is not bound. The Static ConfigurationAdmin implementation is not compliant 
> with the specification : getConfiguration should never return null.
> A workaround : create an for every configuration a file .cfg in 
> etc.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4217) XML External Entity Injection

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4217:

Fix Version/s: (was: 4.0.8)
   4.0.9

> XML External Entity Injection
> -
>
> Key: KARAF-4217
> URL: https://issues.apache.org/jira/browse/KARAF-4217
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> XML parser configured in MavenConfigService.java:74 does not prevent nor 
> limit external entities resolution. This can expose the parser to an XML 
> External Entities attack. See external issue URL.
> File: 
> bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/MavenConfigService.java
> Line: 74
> MavenConfigService.java, lines 66-76:
> {code}
> 66 static String getLocalRepoFromConfig(Dictionary dict) 
> throws XMLStreamException, FileNotFoundException {
> 67 String path = null;
> 68 if (dict != null) {
> 69 path = (String) dict.get("org.ops4j.pax.url.mvn.localRepository");
> 70 if (path == null) {
> 71 String settings = (String) 
> dict.get("org.ops4j.pax.url.mvn.settings");
> 72 if (settings != null) {
> 73 File file = new File(settings);
> 74 XMLStreamReader reader = 
> XMLInputFactory.newFactory().createXMLStreamReader(new FileInputStream(file));
> 75 try {
> 76 int event;
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4215) Use of Dynamic Class Loading, Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4215?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4215:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Use of Dynamic Class Loading, Use of Externally-Controlled Input to Select 
> Classes or Code ('Unsafe Reflection')
> 
>
> Key: KARAF-4215
> URL: https://issues.apache.org/jira/browse/KARAF-4215
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> Dynamically loaded code has the potential to be malicious. The application 
> uses external input with reflection to select which classes or code to use, 
> but it does not sufficiently prevent the input from selecting improper 
> classes or code. The constructor for DefaultJDBCLock includes one parameter 
> for a Properties object from which the parameters for the dynamic class are 
> taken. None of the properties are checked for content.
> File: main\src\main\java\org\apache\karaf\main\lock\DefaultJDBCLock.java
> Line: 365
> DefaultJDBCLock.java, lines 364-369:
> {code}
> 364 Connection doCreateConnection(String driver, String url, String username, 
> String password) throws ClassNotFoundException, SQLException {
> 365 Class.forName(driver);
> 366 // results in a closed connection in Derby if the update lock table 
> request timed out
> 367 // DriverManager.setLoginTimeout(timeout);
> 368 return DriverManager.getConnection(url, username, password);
> 369 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4216) Poor Error Handling: Return Inside Finally

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4216:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Poor Error Handling: Return Inside Finally
> --
>
> Key: KARAF-4216
> URL: https://issues.apache.org/jira/browse/KARAF-4216
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> The method build() in PublickeyBackingEngineFactory.java returns from inside 
> a finally block on line 52, which will cause exceptions to be lost.
> File: 
> jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngineFactory.java
> Line: 52
> PublickeyBackingEngineFactory.java, lines 40-54:
> {code}
> 40 public BackingEngine build(Map options) {
> 41 PublickeyBackingEngine engine = null;
> 42 String usersFile = (String) options.get(USER_FILE);
> 43 
> 44 File f = new File(usersFile);
> 45 Properties users;
> 46 try {
> 47 users = new Properties(f);
> 48 engine = new PublickeyBackingEngine(users);
> 49 } catch (IOException ioe) {
> 50 logger.warn("Cannot open keys file:" + usersFile);
> 51 } finally {
> 52 return engine;
> 53 }
> 54 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4214) Deserialization of Untrusted Data

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4214?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4214:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Deserialization of Untrusted Data
> -
>
> Key: KARAF-4214
> URL: https://issues.apache.org/jira/browse/KARAF-4214
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> The application deserializes untrusted data without sufficiently verifying 
> that the resulting data will be valid. An adversary could attack the 
> application by tampering with the resource "karaf.key". 
> File: client\src\main\java\org\apache\karaf\client\Main.java
> Line: 297
> Main.java, lines 291-313:
> {code}
> 291 private static SshAgent startAgent(String user, URL privateKeyUrl, String 
> keyFile) {
> 292 InputStream is = null;
> 293 try {
> 294 SshAgent agent = new AgentImpl();
> 295 is = privateKeyUrl.openStream();
> 296 ObjectInputStream r = new ObjectInputStream(is);
> 297 KeyPair keyPair = (KeyPair) r.readObject();
> 298 is.close();
> 299 agent.addIdentity(keyPair, user);
> 300 if (keyFile != null) {
> 301 String[] keyFiles = new String[]{keyFile};
> 302 FileKeyPairProvider fileKeyPairProvider = new 
> FileKeyPairProvider(keyFiles);
> 303 for (KeyPair key : fileKeyPairProvider.loadKeys()) {
> 304 agent.addIdentity(key, user);
> 305 }
> 306 }
> 307 return agent;
> 308 } catch (Throwable e) {
> 309 close(is);
> 310 System.err.println("Error starting ssh agent for: " + 
> e.getMessage());
> 311 return null;
> 312 }
> 313 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4210) Unreleased Resource: Streams

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4210?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4210:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Unreleased Resource: Streams
> 
>
> Key: KARAF-4210
> URL: https://issues.apache.org/jira/browse/KARAF-4210
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> The function getLocalRepoFromConfig() in MavenConfigService.java sometimes 
> fails to release a system resource allocated by FileInputStream() on line 74.
> File: 
> bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/MavenConfigService.java
> Line: 74
> MavenConfigService.java, lines 66-76:
> 66 static String getLocalRepoFromConfig(Dictionary dict) 
> throws XMLStreamException, FileNotFoundException {
> 67 String path = null;
> 68 if (dict != null) {
> 69 path = (String) dict.get("org.ops4j.pax.url.mvn.localRepository");
> 70 if (path == null) {
> 71 String settings = (String) 
> dict.get("org.ops4j.pax.url.mvn.settings");
> 72 if (settings != null) {
> 73 File file = new File(settings);
> 74 XMLStreamReader reader = 
> XMLInputFactory.newFactory().createXMLStreamReader(new FileInputStream(file));
> 75 try {
> 76 int event;



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4213) Public cloneable() Method Without Final ('Object Hijack')

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4213:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Public cloneable() Method Without Final ('Object Hijack')
> -
>
> Key: KARAF-4213
> URL: https://issues.apache.org/jira/browse/KARAF-4213
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> A class has a cloneable() method that is not declared final, which allows an 
> object to be created without calling the constructor. This can cause the 
> object to be in an unexpected state.
> File: 
> util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
> Line: 247
> CopyOnWriteArrayIdentityList.java, lines 246-255:
> {code}
> 246 @Override
> 247 public Object clone() {
> 248 try {
> 249 CopyOnWriteArrayIdentityList thisClone = 
> (CopyOnWriteArrayIdentityList) super.clone();
> 250 thisClone.setData(this.getData());
> 251 return thisClone;
> 252 } catch (CloneNotSupportedException e) {
> 253 throw new RuntimeException("CloneNotSupportedException is not 
> expected here");
> 254 }
> 255 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4212) Null Dereference

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4212:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Null Dereference
> 
>
> Key: KARAF-4212
> URL: https://issues.apache.org/jira/browse/KARAF-4212
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> The method execute() in LoadTest.java can crash the program by dereferencing 
> a null pointer on line 71.
> File: bundle/core/src/main/java/org/apache/karaf/bundle/command/LoadTest.java
> Line: 71
> LoadTest.java, lines 65-74:
> {code}
> 65 @Override
> 66 public Object execute() throws Exception {
> 67 if (!confirm(session)) {
> 68 return null;
> 69 }
> 70 final BundleContext bundleContext = 
> this.bundleContext.getBundle(0).getBundleContext();
> 71 final FrameworkWiring wiring = 
> bundleContext.getBundle().adapt(FrameworkWiring.class);
> 72 final CountDownLatch latch = new CountDownLatch(threads);
> 73 final Bundle[] bundles = bundleContext.getBundles();
> 74 final AtomicBoolean[] locks = new AtomicBoolean[bundles.length];
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4211) Portability Flaw: Locale Dependent Comparison

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4211:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Portability Flaw: Locale Dependent Comparison
> -
>
> Key: KARAF-4211
> URL: https://issues.apache.org/jira/browse/KARAF-4211
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> The call to compareTo() on line 109 causes portability problems because it 
> has different locales which may lead to unexpected output. This may also 
> circumvent custom validation routines.
> File: 
> features/command/src/main/java/org/apache/karaf/features/command/ListFeaturesCommand.java
> Line: 109
> ListFeaturesCommand.java, lines 107-111:
> 107 class FeatureComparator implements Comparator {
> 108 public int compare(Feature o1, Feature o2) {
> 109 return o1.getName().toLowerCase().compareTo( 
> o2.getName().toLowerCase() );
> 110 }
> 111 }



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4209) Weak XML Schema: Unbounded Occurrences

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4209?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4209:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Weak XML Schema: Unbounded Occurrences
> --
>
> Key: KARAF-4209
> URL: https://issues.apache.org/jira/browse/KARAF-4209
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis on the karaf source code.
> Setting a maxOccurs value to unbounded can lead to resources exhaustion and 
> ultimately a denial of service.
> File: 
> features/core/src/main/resources/org/apache/karaf/features/karaf-features-1.0.0.xsd
> Line: 64
> karaf-features-1.0.0.xsd, lines 64-77:
> 64 
> 65 
> 66 
> 67 
> 70 
> 71 
> 72 
> 73 
> 74 
> 75 
> 76 
> 77 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4205) Privacy Violation

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4205:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Privacy Violation
> -
>
> Key: KARAF-4205
> URL: https://issues.apache.org/jira/browse/KARAF-4205
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis of the karaf source code.
> The method find() in GogoParser.java mishandles confidential information, 
> which can compromise user privacy and is often illegal.
> File: 
> shell/core/src/main/java/org/apache/karaf/shell/support/parsing/GogoParser.java
> Line: 332
> GogoParser.java, lines 329-333:
> 329 while (level != 0) {
> 330 if (eof()) {
> 331 throw new RuntimeException("Eof found in the middle of a compound 
> for '"
> 332 + target + deeper + "', begins at " + context(start));
> 333 }



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4204) Weak SecurityManager Check: Overridable Method

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4204:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Weak SecurityManager Check: Overridable Method
> --
>
> Key: KARAF-4204
> URL: https://issues.apache.org/jira/browse/KARAF-4204
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application 
> security analysis of the karaf source code.
> Non-final methods that perform security checks can be overridden in ways that 
> bypass security checks. See external issue for more information.
> File: exception/src/main/java/java/lang/Exception.java
> Line: 137
> Exception.java, lines 137-153:
> {code}
> 137 public Class[] getThrowableContext(Throwable t) {
> 138 try {
> 139 Class[] context = getClassContext();
> 140 int nb = 0;
> 141 for (;;) {
> 142 if (context[context.length - 1 - nb] == t.getClass()) {
> 143 break;
> 144 }
> 145 nb++;
> 146 }
> 147 Class[] nc = new Class[nb];
> 148 System.arraycopy(context, context.length - nb, nc, 0, nb);
> 149 return nc;
> 150 } catch (Exception e) {
> 151 return null;
> 152 }
> 153 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4174) NullPointerException when running obr:info on a bundle served by cave

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4174?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4174:

Fix Version/s: (was: 4.0.8)
   4.0.9

> NullPointerException when running obr:info on a bundle served by cave
> -
>
> Key: KARAF-4174
> URL: https://issues.apache.org/jira/browse/KARAF-4174
> Project: Karaf
>  Issue Type: Bug
>  Components: cave-server, karaf-repository
>Affects Versions: 4.0.4
>Reporter: Marton Papp
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, cave-4.0.1, 4.0.9
>
>
> Hello,
> I am using Cave 4.0.0 with Karaf 4.0.4-SNAPSHOT (after having the same 
> problem with 4.0.3) and I get a NullPointerException when running the 
> obr:info command on a bundle. 
> To reproduce:
> __ __    
>/ //_/ __ _/ __/  
>   / ,<  / __ `/ ___/ __ `/ /_
>  / /| |/ /_/ / /  / /_/ / __/
> /_/ |_|\__,_/_/   \__,_/_/ 
>   Apache Karaf (4.0.4-SNAPSHOT)
> Hit '' for a list of available commands
> and '[cmd] --help' for help on a specific command.
> Hit '' or type 'system:shutdown' or 'logout' to shutdown Karaf.
> karaf@root()> feature:repo-add cave 4.0.0
> Adding feature url 
> mvn:org.apache.karaf.cave/apache-karaf-cave/4.0.0/xml/features
> karaf@root()> feature:install cave-server
> karaf@root()> cave:repository-create my-repository
> karaf@root()> cave:repository-upload my-repository 
> mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.ant/1.7.0_5
> karaf@root()> feature:install obr
> karaf@root()> obr:url-add 
> http://localhost:8181/cave/http/my-repository-repository.xml
> karaf@root()> obr:list
> Name | Symbolic Name | Version
> --
>  | org.apache.servicemix.bundles.ant | 1.7.0.5
> karaf@root()> obr:info org.apache.servicemix.bundles.ant
> Error executing command: java.lang.NullPointerException
> karaf@root()> display -n 3
> 2015-12-05 18:40:26,319 | INFO  | pool-50-thread-1 | bundle   
> | 56 - org.apache.aries.spifly.dynamic.bundle - 1.0.1 | No 
> 'SPI-Provider' Manifest header. Skipping bundle: org.apache.karaf.obr.core
> 2015-12-05 18:40:26,319 | INFO  | pool-50-thread-1 | FeaturesServiceImpl  
> | 9 - org.apache.karaf.features.core - 4.0.4.SNAPSHOT | Done.
> 2015-12-05 18:40:40,518 | ERROR | nsole user karaf | ShellUtil
> | 44 - org.apache.karaf.shell.core - 4.0.4.SNAPSHOT | Exception 
> caught while executing command
> java.lang.NullPointerException
>   at 
> org.apache.karaf.obr.command.InfoCommand.printResource(InfoCommand.java:65)[118:org.apache.karaf.obr.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.obr.command.InfoCommand.doExecute(InfoCommand.java:57)[118:org.apache.karaf.obr.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.obr.command.ObrCommandSupport.execute(ObrCommandSupport.java:58)[118:org.apache.karaf.obr.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.shell.impl.action.command.ActionCommand.execute(ActionCommand.java:83)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.shell.impl.console.osgi.secured.SecuredCommand.execute(SecuredCommand.java:67)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.shell.impl.console.osgi.secured.SecuredCommand.execute(SecuredCommand.java:87)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.Closure.executeCmd(Closure.java:480)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.Closure.executeStatement(Closure.java:406)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.Pipe.run(Pipe.java:108)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.Closure.execute(Closure.java:182)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.Closure.execute(Closure.java:119)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.felix.gogo.runtime.CommandSessionImpl.execute(CommandSessionImpl.java:94)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at 
> org.apache.karaf.shell.impl.console.ConsoleSessionImpl.run(ConsoleSessionImpl.java:270)[44:org.apache.karaf.shell.core:4.0.4.SNAPSHOT]
>   at java.lang.Thread.run(Thread.java:745)[:1.8.0_60]
> karaf@root()> 
> Regards



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4200) Privacy Violation: Heap Inspection

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4200?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4200:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Privacy Violation: Heap Inspection
> --
>
> Key: KARAF-4200
> URL: https://issues.apache.org/jira/browse/KARAF-4200
> Project: Karaf
>  Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify and SciTools Understand were used to perform an application 
> security scan on the karaf source code.
> The method login() in JDBCLoginModule.java stores sensitive data in a String 
> object on line 95, making it impossible to reliably purge the data from 
> memory.
> JDBCLoginModule.java, lines 88-96:
> {code}
> 88 user = ((NameCallback) callbacks[0]).getName();
> 89 
> 90 char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
> 91 if (tmpPassword == null) {
> 92 tmpPassword = new char[0];
> 93 }
> 94 
> 95 String password = new String(tmpPassword);
> 96 principals = new HashSet<>();
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4162) Wrap deployer does not add default versions to exported packages

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4162:

Fix Version/s: (was: 4.0.8)
   4.0.9

> Wrap deployer does not add default versions to exported packages
> 
>
> Key: KARAF-4162
> URL: https://issues.apache.org/jira/browse/KARAF-4162
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-feature
>Affects Versions: 4.0.3
>Reporter: Aleksei Lissitsin
> Fix For: 4.1.0, 4.0.9
>
> Attachments: export-package-actual.txt, export-package-expected.txt, 
> spring-beans-4.1.7.RELEASE.jar
>
>
> Wrap deployer does not add default versions to exported packages but should. 
> Try, e.g., with the provided spring-beans jar.
> My attempts to override this behaviour by using bundle:install with wrap url 
> containing '-nodefaultversion=false' failed too.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4109) For backward compatibility, support the resolver attribute in features XML

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4109?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4109:

Fix Version/s: (was: 4.0.8)
   4.0.9

> For backward compatibility, support the resolver attribute in features XML
> --
>
> Key: KARAF-4109
> URL: https://issues.apache.org/jira/browse/KARAF-4109
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-archetypes, karaf-feature
>Affects Versions: 4.0.0, 4.0.1, 4.0.2, 4.0.3
>Reporter: Jean-Baptiste Onofré
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.9
>
>
> The resolver attribute in features XML is not supported anymore throwing 
> errors at installation time.
> We have to:
> 1. fix the feature archetype to remove the reference to the resolver attribute
> 2. for backward compatibility, it makes sense to support the resolver 
> attribute even if we don't really use it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KARAF-4105) karaf-assembly fails when used Maven versions do not match derived OSGi versions

2016-12-10 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/KARAF-4105?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré updated KARAF-4105:

Fix Version/s: (was: 4.0.8)
   4.0.9

> karaf-assembly fails when used Maven versions do not match derived OSGi 
> versions
> 
>
> Key: KARAF-4105
> URL: https://issues.apache.org/jira/browse/KARAF-4105
> Project: Karaf
>  Issue Type: Bug
>  Components: karaf-tooling
>Affects Versions: 4.0.3
>Reporter: Oliver Lietz
>Assignee: Jean-Baptiste Onofré
> Fix For: 4.1.0, 4.0.9
>
>
> e.g. {{$\{project.version\}}} {{0.1.1-SNAPSHOT}} and {{0.1.1.SNAPSHOT}} do 
> not match in {{org.apache.karaf.profile.assembly.Builder}}
> See mail thread [\[K4.0.3\] custom distribution and 
> kar|http://mail-archives.apache.org/mod_mbox/karaf-user/201511.mbox/%3c7781910.EKNrsAyV2X@madness%3e]
>  for more.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)