Skip to content

Commit d92bfbb

Browse files
DOCSP-48982: OM 7.0.15 rn-v7.0-backport (811) (#818)
# Backport This will backport the following commits from `master` to `v7.0`: - [DOCSP-48982: OM 7.0.15 rn (#811)](10gen/docs-ops-manager#811) <!--- Backport version: 9.6.0 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport)
1 parent af2d7d8 commit d92bfbb

File tree

1 file changed

+78
-0
lines changed

1 file changed

+78
-0
lines changed

source/release-notes/changelogs/ops-manager/changelog-onprem-v7.0.rst

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,81 @@
1+
.. _opsmgr-server-7.0.15:
2+
3+
|onprem| Server 7.0.15
4+
~~~~~~~~~~~~~~~~~~~~~~
5+
6+
*Released 2025-04-03*
7+
8+
- Updates the {+mdbagent+} to 107.0.15.8741-1.
9+
- Releases ``mongosh`` 2.4.0 to |mms|.
10+
- Adds support for |bic-full| 2.14.22.
11+
- Compatible with :dbtools:`MongoDB Database Tools 100.11.0
12+
</release-notes/database-tools-changelog/#100.11.0-changelog>`.
13+
- Upgrades Jetty library to 11.0.25.
14+
- Reduces the maximum session length (:setting:`mms.session.maxHours`)
15+
from two months to one week to improve security.
16+
- Adds a new ``mms.cookies.sameSite`` setting to configure cookie behavior:
17+
18+
- ``Lax`` allows top-level navigation cookies.
19+
- ``Strict`` restricts cookies to same-site requests.
20+
- ``None`` permits all cross-site cookies over HTTPS.
21+
22+
All cookies are now ``httpOnly`` and marked as secure when
23+
using HTTPS.
24+
25+
- Adds support for configuing multiple passwords in :setting:`security.ldap.bind.queryPassword`
26+
so that users can ensure that MongoDB won't disconnect from LDAP after a restart when
27+
performing an LDAP credential rotation. To learn more, see :ref:`security-ldap`.
28+
29+
- Improves handling of misconfigured core/max pool sizes.
30+
31+
- Adds the ability for |mms| to recognize dashes (``-``) in deployment names.
32+
33+
- Exports all stored telemetry data into the related files in the diagnostic logs.
34+
35+
- Improves error handling to prevent ``mongodb-mms-stop`` from crashing
36+
with ``Mongodb-mms-backup-daemon`` errors when the pid file doesn't exist.
37+
38+
- Fixes the following issues:
39+
40+
- Fixes possibly innacurate |fcv| change timestamp warnings.
41+
- Fixes incorrect redirection to an |idp-full|\s entity ID for
42+
|idp-full|\s that don't have single logout (SLO) configured.
43+
44+
After logging out of |mms|, users are now reminded to also log out of the
45+
|idp-full| to complete the logout process.
46+
47+
- Fixes inaccurate restore job statuses when cancelled.
48+
49+
- Fixes an issue where the user interface passes incorrect values
50+
for ``pemFilePwd`` for the ``verifyTLSCertificate`` job.
51+
52+
- Fixes an issue where the {+mdbagent+} ignores the Windows
53+
{+mdbagent+} Certificate File information and uses the Linux path instead.
54+
55+
- Fixes a broken documentation link for :guilabel:`Create API Key > Add Access List Entry`.
56+
57+
- Fixes saving custom parameter settings due to ``mms.mail.transport``.
58+
59+
- Fixes the following |cve|\s:
60+
61+
- `CVE-2021-32050 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-32050>`__.
62+
- `CVE-2023-26159 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2023-26159>`__.
63+
- `CVE-2023-42282 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2023-42282>`__.
64+
- `CVE-2024-11831 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-11831>`__.
65+
- `CVE-2024-12905 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-12905>`__.
66+
- `CVE-2024-21536 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-21536>`__.
67+
- `CVE-2024-21538 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-21538>`__.
68+
- `CVE-2024-28849 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-28849>`__.
69+
- `CVE-2024-29180 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-29180>`__.
70+
- `CVE-2024-37890 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-37890>`__.
71+
- `CVE-2024-47535 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2024-47535>`__.
72+
- `CVE-2025-22868 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-22868>`__.
73+
- `CVE-2025-22869 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-22869>`__.
74+
- `CVE-2025-22870 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-22870>`__.
75+
- `CVE-2025-24970 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-24970>`__.
76+
- `CVE-2025-27789 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-27789>`__.
77+
- `CVE-2025-30204 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2025-30204>`__.
78+
179
.. _opsmgr-server-7.0.14:
280

381
|onprem| Server 7.0.14

0 commit comments

Comments
 (0)