Bug 1182125 - Rebase to 5.5 aggregated war package with bug fixes.
Summary: Rebase to 5.5 aggregated war package with bug fixes.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: jasperreports-server-pro
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 3.5.1
Assignee: Shirly Radco
QA Contact: Petr Matyáš
URL:
Whiteboard: infra
Depends On:
Blocks: 1129172 1132288 1138170 1140470 1193058 1197441
TreeView+ depends on / blocked
 
Reported: 2015-01-14 13:39 UTC by Shirly Radco
Modified: 2022-07-09 07:36 UTC (History)
11 users (show)

Fixed In Version: vt14 jasperreports-server-pro-5.5.0-10.el6ev
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-04-28 18:44:10 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Jasperserver log (707.47 KB, text/plain)
2015-03-10 12:47 UTC, Petr Matyáš 		no flags Details
New Jasperserver log (921.87 KB, text/plain)
2015-03-17 11:28 UTC, Petr Matyáš 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHV-47331 0 None None None 2022-07-09 07:36:58 UTC
Red Hat Product Errata RHBA-2015:0908 0 normal SHIPPED_LIVE jasperreports-server-pro security update 2015-04-28 22:49:58 UTC
Red Hat Product Errata RHSA-2015:0888 0 normal SHIPPED_LIVE Moderate: Red Hat Enterprise Virtualization Manager 3.5.1 update 2015-04-28 22:40:04 UTC

Description Shirly Radco 2015-01-14 13:39:50 UTC 
Description of problem:
This bug is for rebasing to 5.5 aggregated war package with bug fixes which fixes several issues.


It addresses the following bugs:

01/29/2014 - lchirita
Modified:
WEB-INF/lib/ji-datarator-5.5.0.jar
WEB-INF/lib/ji-gyroscope-5.5.0.jar
[35415] - [case #37666] - Ad Hoc OLAP reports do not display cell values when measures have captions

01/31/2014 - skylypko
Modified:
scripts/ext.utils.touch.controller.js
[35184] - [case #41080] iPad: Clicking on “Chart Type” in a dashboard muddles up line and legend alignment of charts in the dashboard

02/20/2014 - dlitvak
Modified:
WEB-INF/lib/ji-gyroscope-5.5.0.jar
WEB-INF/lib/xstream-1.2.2.jar UPGRADED to xstream-1.4.7.jar
[36110] - [case 45502] Upgrade to XStream 1.4.7 to avoid CVE-2013-7285 XStream flaw

02/28/2014 - ztomchenco
Modified:
WEB-INF/lib/jasperserver-api-metadata-5.5.0.jar
WEB-INF/lib/jasperserver-api-metadata-impl-5.5.0.jar
WEB-INF/lib/jasperserver-search-5.5.0.jar
WEB-INF/lib/ji-search-5.5.0.jar
36196 - [Case #45269] hibernate error on reports and repository pages in Jasperserver UI

03/06/2014 - inesterenko
Modified:
WEB-INF/lib/jasperserver-jax-rs-rest-5.5.0.jar
WEB-INF/js.config.properties
WEB-INF/classes/js.config.properties
Bug 35642 - [case #42327+5] JasperServer 5.5 with Proxy skip Proxy for some JSON subresources

03/24/2014 - afomin
Modified:
WEB-INF/lib/ji-semantic-layer-5.5.0.jar
WEB-INF/applicationContext-semanticLayer.xml
Bug 36518 - [Case #46132] DomainDesigner doesn't display TIMESTAMP WITH TIME ZONE

04/09/2014 - ichan
Modified:
WEB-INF/lib/jasperserver-api-engine-impl-5.5.0
Bug 36788 - [case #46164+1] improve the way of detecting duplication of report job output location

05/02/2014 - dlitvak
Modified:
scripts/namespace.js
Bug 36234 - [case #42415]Problem with Encrypting User Session Login

05/23/2014 - schubar
Modified:
WEB-INF/applicationContext-rest-services.xml
WEB-INF/applicationContext-search.xml
WEB-INF/lib/jasperserver-jax-rs-rest-5.5.0.jar
WEB-INF/lib/jasperserver-remote-services-5.5.0.jar
WEB-INF/lib/jasperserver-search-5.5.0.jar
Bug 36806 - [case 47014] REST_v2 resources API does permission check after limit check
Note:
You need to set forceFullPage=true in URL. Server fill execute more DB queries (to get
resources filtered by security), to fill up requested page (limit). In the
response there will be new header Next-Offset, client have to use value of
Next-Offset as value of offset parameter to get next page without duplicates or
missing resources.
Amount of DB queries to fulfill this call is not specified and it may happen
that server have to query all DB. Size of DB query grow on each next query up
to the maxItemsPerQuery configuration property.

05/26/2014 - lchirita
Modified:
WEB-INF/lib/jasperreports-highcharts-5.5.0.jar
[37624] - [case #49489] - REST v2 Reports service does not recognize functions in HighCharts properties


05/23/2014 - schubar
Modified:
scripts/datetime/Time.js
Bug 37112 - [Case #47406] Time validation error while applying time filter in Ad Hoc View



06/05/2014 - vsabadosh
Modified:

WEB-INF/lib/jasperserver-api-metadata-impl-5.5.0.jar
WEB-INF/lib/ji-gyroscope-5.5.0.jar

WEB-INF/applicationContext-olap-connection.xml
WEB-INF/applicationContext-adhoc-dataStrategy.xml

WEB-INF/olap-ehcache.xml
WEB-INF/flows/mondrianActionBeans.xml

Bug 37191 -  [case 47635] AdHoc OLAP - problem with filter when there are many members


Bug 35515 - [case 40725, +1] AdHoc OLAP - missing values in filters based on hierarchies with many members

06/09/2014 - esytnik
Modified:
WEB-INF/lib/jasperserver-api-metadata-impl-5.5.0.jar
Bug 37625 - [case 49509] - Rest V2 in cluster environment is not working

08/07/2014 - dlitvak
Modified:
WEB-INF/lib/jasperserver-api-externalAuth-impl-5.5.0.jar
Bug 38453 - [case #51114] Role mapping using |* doesn't work as documented

10/14/2014 - asokolnikov
Modified:
WEB-INF/lib/jasperserver-api-metadata-impl-5.5.0.jar
Bug 39235 - [case 52805] Error with more than 1000 tenants

10/22/2014 - bob

Modified:
WEB-INF/lib/ji-gyroscope-5.5.0.jar
Bug 39300 - [case #52741] Item ID matching any other ID in domain causes StackOverflow


12/19/2014 - dlitvak
Modified:
Substituted httpclient jar 4.2.1 with 4.3.6, httpcore jar 4.2.1 with 4.3.3, castor 1.2 with castor-core and castor-xml 1.3.3.
jasperreports-5.5.0 castor dependency was upgraded as well.  
Bugs 38776, 38660 - RedHat security escalations.

01/07/2015 - dlitvak
Modified:
WEB-INF/lib/jasperserver-api-engine-impl-5.5.0.jar
Bug 38985 - [case #52527] RedHat: CVE-2014-3574 CVE-2014-3529 jasperreports-server-pro: various flaws, vulnerability in poi-3.7.jar
Comment 3 Shirly Radco 2015-03-01 07:40:31 UTC 
Please also test the following since they were fixes for them in the aggregated Jasper war that are not related to the CVE cases:

1. Ad Hoc reports
2. Reports

Try running several reports and Ad Hoc with several different Inputs.
Comment 4 Shirly Radco 2015-03-01 13:06:07 UTC 
Please also test upgrades:
3.4   -> 3.5.1
3.5.0 -> 3.5.1
Comment 5 Petr Matyáš 2015-03-09 13:25:57 UTC 
Is there some more extensive bug description somewhere or do I have to do with the summaries? Steps to reproduce would be useful.
Comment 6 Shirly Radco 2015-03-09 13:34:34 UTC 
please see comment 3 and comment 4.
These are general steps that should be tested that they work properly
Comment 7 Shirly Radco 2015-03-10 10:04:02 UTC 
Also there are  a few on_qa CVE bugs for this version.
Nor sure who should test them.
Comment 8 Petr Matyáš 2015-03-10 12:47:30 UTC 
Created attachment 999895 [details]
Jasperserver log

When creating Ad-hoc report, it throws an error when adding certain items to columns.
Comment 9 Yaniv Lavi 2015-03-10 15:44:16 UTC 
This bug has nothing to do with BZ #1200454. Just make sure engine will not have async tasks before running setup, it's not blocking this in any way.
Comment 10 Shirly Radco 2015-03-15 14:16:26 UTC 
Added a new bugs BZ #1202109 , #1202112
Please try using a different domain for testing.
Comment 11 Petr Matyáš 2015-03-17 11:28:14 UTC 
Created attachment 1002766 [details]
New Jasperserver log

There are similar errors on all domains and topics.
Comment 15 errata-xmlrpc 2015-04-28 18:44:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0888.html
Note You need to log in before you can comment on or make changes to this bug.