kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rsiva...@apache.org
Subject [kafka] branch 2.5 updated: MINOR: Add upgrade note about TLSv1 and TLSv1.1 being disabled in 2.5.0 (#8128)
Date Mon, 17 Feb 2020 11:38:51 GMT
This is an automated email from the ASF dual-hosted git repository.

rsivaram pushed a commit to branch 2.5
in repository https://gitbox.apache.org/repos/asf/kafka.git


The following commit(s) were added to refs/heads/2.5 by this push:
     new e4971cd  MINOR: Add upgrade note about TLSv1 and TLSv1.1 being disabled in 2.5.0
(#8128)
e4971cd is described below

commit e4971cd2d8788a762a1975aea073eab8d036afa0
Author: Rajini Sivaram <rajinisivaram@googlemail.com>
AuthorDate: Mon Feb 17 11:37:15 2020 +0000

    MINOR: Add upgrade note about TLSv1 and TLSv1.1 being disabled in 2.5.0 (#8128)
    
    Reviewers: Manikumar Reddy <manikumar.reddy@gmail.com>
---
 docs/upgrade.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/upgrade.html b/docs/upgrade.html
index b6b3c06..55593d6 100644
--- a/docs/upgrade.html
+++ b/docs/upgrade.html
@@ -38,6 +38,10 @@
         for details of the new Java authorizer API added in 2.4.0.  Note that <code>kafka.security.auth.Authorizer</code>
         and <code>kafka.security.auth.SimpleAclAuthorizer</code> were deprecated
in 2.4.0.
     </li>
+    <li>TLSv1 and TLSv1.1 have been disabled by default since these have known security
vulnerabilities. Only TLSv1.2 is now
+        enabled by default. You can continue to use TLSv1 and TLSv1.1 by explicitly enabling
these in the configuration options
+        <code>ssl.protocol</code> and <code>ssl.enabled.protocols</code>.
+    </li>
 </ul>
 
 <h4><a id="upgrade_2_4_0" href="#upgrade_2_4_0">Upgrading from 0.8.x, 0.9.x,
0.10.0.x, 0.10.1.x, 0.10.2.x, 0.11.0.x, 1.0.x, 1.1.x, 2.0.x or 2.1.x or 2.2.x or 2.3.x to
2.4.0</a></h4>


Mime
View raw message