Domibus 5.1.6

This page collects the resources for Domibus version 5.1.6, released in September 2024.

Description

We are happy to announce the release of Domibus 5.1.6 sample implementation of the eDelivery Access Point. The Domibus 5.1.6 release includes several security fixes and it addresses the latest reported vulnerabilities. We strongly recommend the upgrade.

• Add support for custom properties in the JMS plugin
• Improved the information provided in the BUSINESS logs and added more codes
• Added property domibus.sender.trust.validation.signal.sync.onreceiving
• If activated Domibus will verify before receiving syncronously a signal message following a push or pull request, that the sender certificate is valid and not revoked
• Updated the description of default.domibus.sender.trust.validation.onreceiving
• If activated Domibus will verify before receiving a User Message when using Push/Pull or a Signal Acknowledgement (NRR) when using Pull, that the sender certificate is valid and not revoked
• When disabled, none of the other checks are performed on the sender's certificate
• Fixed issue related to expired partition purging and added a new property to limit the number of partitions dropped in one run of the retention worker
• Double click on a message should populate all fields for that message
• Added diagnostic logging in case of a pMode mismatch or a submission error
• Improved the sql scripts by removing the unnecessarily dropping and recreating an index
• Fixed issue with message sanitizer failing at first message
• Consider QUEUED batches in batch sanitiser
• Upgraded Tomcat 9 to the latest version 9.0.91
• Libraries upgrades to fix OWASP vulnerabilitiesPIs

Domibus 5.1.6 is backward compatible with 5.1.5 and the upgrade is not mandatory, but it is highly recommended.

Supported platforms:

• Application servers:
  • WildFly 26.1.x
    Please be advised that WildFly will not be supported after Domibus 5.2, and it is best avoided for new installations. More details here.
  • WebLogic 12.2.1.4 (tested version, future versions might work)
  • Apache Tomcat 9.0.x
• Database:
  • MySQL 8 (future versions might work)
  • Oracle 12c R2 and Oracle 19c

• Java 8 features

  / compile with Oracle JDK 8u291+:

  for compile, tested to run correctly with:

  • Oracle JDK 8u291+ 8 for WebLogic, Tomcat and WildFly
  • OpenJDK 11.0. 11 for WildFly and Tomcat (tested with AdoptOpenJDK 11 version 11.0.9.1+1)

Security Note 1: To ensure your setup’s security, users installing any of the Domibus packages labelled as “Full Distribution” have the responsibility to update the application servers to the latest version after the installation.

Security Note 2: Please consult this page for essential guidelines and best practices for ensuring a secure and robust deployment of the Domibus Access Point -https://ec.europa.eu/digital-building-blocks/sites/display/DIGITAL/Domibus+Secure+Deployment+Recommendations

Technical Documentation

Anchor
techdocs techdocs

Upgrade from 5.1.5 to 5.1.6

For a detailed description of the Domibus upgrade procedure, click heresee the Domibus Upgrade Guides.

Release notes

Please find below the list of improvements and fixed bugs:

Improvements

• [EDELIVERY-13422] - JMS plugin support for custom properties
• [EDELIVERY-13412] - [UI] Double click on a message should populate all fields for that message
• [EDELIVERY-13853] -  Improve the logging on the JMS plugin
• [EDELIVERY-13666] -  Improve BUS logs for TAPAS CESOP
• [EDELIVERY-13914] -  Unnecessarily dropping and recreating an index   

Fixed bugs

• [EDELIVERY-13611] - Could not extract the certificate for validation
• [EDELIVERY-13612] - Domibus/5.0.8: NPE at eArchiving batch creation
• [EDELIVERY-13902] - Fix this error that seems to affect all the WildFly plan
• [EDELIVERY-12577] - Domibus 5.1.5 metadata deletion not happening
• [EDELIVERY-13416] -  ListPendingMessagesRequest issue for generated request
• [EDELIVERY-13524] -  Get message errors request does not return the errors on the receiving side
• [EDELIVERY-13541] -  EULogin - When super admin is trying to disable a domain, an error is raised and the domain is not disabled
• [EDELIVERY-13553] -  ERROR DOMIBUS  "NullPointerException"
• [EDELIVERY-13566] -  Domibus 5.1 message retry triggered much later
• [EDELIVERY-13686] -  ORA-04022/ORA-00054 when dropping partition in reference-partitioned hierarchy
• [EDELIVERY-13694] -  Crossvalidation vs Domibus Documentation
• [EDELIVERY-13699] -  Domibus 5.1.5 Message status DELETED for sent messages
• [EDELIVERY-13719] -  Domibus/5.0.8-EA: Batch confirmation mixed with new batch creation
• [EDELIVERY-13722] -  Question on Domibus update in relationship to Peppol
• [EDELIVERY-13749] -  EU Send ACC Domibus 5.1.5 not starting
• [EDELIVERY-13759] -  Error thrown by eArchiveSanitizerJob
• [EDELIVERY-13768] -  Exception blocks batch processing
• [EDELIVERY-13780] -  Command propagation fails as long as truststore contains EC-based certificates
• [EDELIVERY-13846] -  Get message errors request does not return the errors on the receiving side
• [EDELIVERY-13884] -  Cannot find keystore key for alias in 5.1.6
• [EDELIVERY-13895] -  Update of keystore does not work correctly in case keystore and private key passwords are different
• [EDELIVERY-10231] -  Error thrown in Domibus logs
• [EDELIVERY-13171] -  Exception thrown by retentionWorkerJob in domibus C2
• [EDELIVERY-13234] -  FSPlugin: The successfully sent message file was not foundException thrown by retention
• [EDELIVERY-13304] -  Default value of ws plugin property "wsplugin.messages.notifications" should include deleted notifications
• [EDELIVERY-13305] -  Re-initiate the Domibus Admin console password
• [EDELIVERY-13605] -  The Domibus OWASP Bamboo Plan When Vulnerabilities Discovered
• [EDELIVERY-13613] -  Domibus/5.0.8: Message sanitizer fails at first message
• [EDELIVERY-13673] -  Consider QUEUED batches in batch sanitiser  omibus/5.0.8: Message sanitizer fails at first message
• [EDELIVERY-13680] -  Remove the space character after the curl command parameter in all instances
• [EDELIVERY-13735] -  Extra node present in retrieveMessage response
• [EDELIVERY-13788] -  Process mismatch
• [EDELIVERY-13896] -  Issue when uploading keystore via admin console in case new file has different passwords
• [EDELIVERY-13176] -  Updating property "domibus.authentication.dss.custom.trusted.list.keystore.type" at runtime only accepts "JKS" value
• [EDELIVERY-13500] -  Properties: Password hidden field should hidden new values added
• [EDELIVERY-13545] -  Content-Security-Policy error when navigating pages of the grid
• [EDELIVERY-13774] -  FSPlugin : NPE in FSSendMessagesService.clearObservedFiles
• [EDELIVERY-13867] -  Checking to see if the plugin is enabled should be on DEBUG
• [EDELIVERY-13385] -  Attribute "mustUnderstand" present on the message header that has no prefix
• [EDELIVERY-13161] -   Update DSS Ext to use latest DSS (5.13)
• [EDELIVERY-13707] -   Vulnerabilities check for docker images 5.1.6
• [EDELIVERY-13692] -   Upgrade Tomcat to the latest version on all branches       

Known bugs

• [EDELIVERY-13885] Not possible to re-send a failed message submitted in pull mode
• [EDELIVERY-13917] Possibility to upload a keystore with a keystore password that is not the same as the password for the private key

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu