Skip to content

Commit

Permalink
Merge pull request #289 from catenax-ng/main
Browse files Browse the repository at this point in the history
Release 7.0.0
  • Loading branch information
ds-mwesener authored Sep 18, 2023
2 parents d9fdaa7 + 4715af0 commit 6075f20
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
## [Unreleased]
### Added

## [7.0.0 - 18.09.2023]
### Added

- OAuth2 client credentials rest template interceptor
- Configuration for left and right policies to use registry client library
- Add support for JustInSequence aspect model
Expand Down Expand Up @@ -58,6 +61,25 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Upgraded snakeyaml from 2.0 to 2.2
- Upgraded docker/login-action from 2 to 3
- Upgraded cypress-io/github-action 6.0.0 to 6.5.0
-
### Known knowns

- Backend [TRACEFOSS-1458]: AdminView: No validation of BPN for BPN EDC URL mapping
- Backend [TRACEFOSS-589]: Backend API access without login returns incorrect HTTP status code (500 instead of 401)
- Backend [TRACEFOSS-2148]: Endpoints for parts and notifications returns unsorted list
---
- Frontend [TRACEFOSS-2149]: Sorting on empty table causes unhandled error view
---
- Security [TRACEFOSS-829]: CVE Strict-Transport-Security header - The HSTS Warning and Error may allow attackers to bypass HSTS
- Security [TRACEFOSS-830]: CVE one stack trace disclosure (Java) in the target web server's HTTP response
- Security [TRACEFOSS-919]: Authorization Bypass Through User-Controlled SQL Primary Key CWE ID 566
- Security [TRACEFOSS-984]: Improper Output Neutralization for Logs CWE ID 117
- Security [TRACEFOSS-1313]: Using components with known vulnerabilities
- Security [TRACEFOSS-1314]: Open Redirect - host header injection
- Security [TRACEFOSS-1315]: No additional authentication component (MFA) during login process
---
- Environment [TRACEFOSS-2164]: HTTP Requests for syncing the submodel server inoperable~~



### Removed
Expand Down

0 comments on commit 6075f20

Please sign in to comment.