OCTOBER 2023
This maintenance release includes important corrections and additional improvements for EJBCA 7.x customers. All EJBCA 7 customers are advised to upgrade to EJBCA 8.
This release also resolves a security authentication issue (ECA-11478) discovered in EJBCA 7.12.0 that allowed the EJBCA RA user interface certificate distribution servlet to allow partial denial of service. This issue is rated as medium severity and has been assigned CVE-2023-34196. It is recommended that customers upgrade to EJBCA 8 in order to resolve the issue. While EJBCA 7 is still supported, customers may choose to upgrade to EJBCA 7.12.0.3 as an intermediate step.
As a maintenance release, the upgrade procedure is the same as for EJBCA 7.12.
For information on upgrading to EJBCA 8, see the EJBCA Upgrade Notes. For upgrade instructions and information on upgrade paths, see Upgrading EJBCA.
Change Log: Resolved Issues
Issues Resolved in 7.12.0.3
Released October 2023
New Features
ECA-11876 - SOAP WS API: Support more fields when creating CAs
Improvement
ECA-11852 - Upgrade JackNJI11 to improve error handling in FindObjects and work with cloudHSM with more than 1024 key pairs
Bug Fixes
ECA-11599 - Rest Endenityv1 not working on 7.12 RA + 7.10 CA
ECA-11721 - CA revocation revokes expired certificates
ECA-11744 - Wrong timezone is used for CT log sharding
Issues Resolved in 7.12.0.2
EJBCA 7.12.0.2 was an internal release, not generally available to customers
ECA-11478 - Security issue
ECA-11525 - Crypto tokens created using ejbca.sh do not autoactivate