=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN303
_____________________________________________________________________

DATE                      : 12/08/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running EJBCA versions prior to 3.10.4.

======================================================================
https://jira.primekey.se/secure/ReleaseNote.jspa?projectId=10000&styleName=Html&version=10380
______________________________________________________________________

Release Notes - EJBCA - Version EJBCA 3.10.4 - HTML format
Bug

    * [ECA-1321] - Single-qoute bug when creating CRL from Admin GUI
    * [ECA-1710] - Certrequest session (and now CMP) requires ee profile
to use 'Batch', i.e. clear pwd
    * [ECA-1724] - Mitigate Cross Site Scripting (XSS) in the Admin GUI
    * [ECA-1731] - EJBCA WS KeyRevocerNewest always returns 0 as
approval Id in WaitingForApprovalException
    * [ECA-1736] - extractUsernameComponent in CMP client mode broken
    * [ECA-1737] - Error while setup admin permissions for superadmin
when superadmin.cn contains a space
    * [ECA-1738] - Nullpointer exception editing end entity profiles when
printer is null
    * [ECA-1746] - EjbcaWS does not work with external admin certificates
    * [ECA-1761] - Error parsing certificate serialnumber
    * [ECA-1778] - webconfiguraiton.jspf displays HTML
    * [ECA-1785] - Error when filling the Subject Directory Attribute Fields
    * [ECA-1789] - ocsphealthcheck does not deploy on JBoss 5

Improvement

    * [ECA-1729] - EJBCA on Glassfish with MySQL
    * [ECA-1734] - Add throws clause for CADoesntExistException to add/change user
in user admin session bean, and optimize away one read of CA info in cert req session
    * [ECA-1743] - Improve file log for parsing, prefix dn and quote it in log
    * [ECA-1752] - Harmonized themes for home page
    * [ECA-1757] - Harmonized themes for CA Activation page
    * [ECA-1762] - Harmonized GUI for all pages
    * [ECA-1763] - Make country DV renewals optionally take CVCA certificate from the EJBCA store
    * [ECA-1783] - CertTools.checkValidity should not log with error when a CVC certificate has expired

New Feature

    * [ECA-1727] - User defined serial number using UserDataVO
    * [ECA-1733] - Possible to configure CA to not use Certificate Request History
    * [ECA-1735] - Add configuration to fully cache CA objects, to minimize database roundtrips


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================