You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kafka.apache.org by rs...@apache.org on 2020/02/17 11:38:51 UTC
[kafka] branch 2.5 updated: MINOR: Add upgrade note about TLSv1 and
TLSv1.1 being disabled in 2.5.0 (#8128)
This is an automated email from the ASF dual-hosted git repository.
rsivaram pushed a commit to branch 2.5
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/2.5 by this push:
new e4971cd MINOR: Add upgrade note about TLSv1 and TLSv1.1 being disabled in 2.5.0 (#8128)
e4971cd is described below
commit e4971cd2d8788a762a1975aea073eab8d036afa0
Author: Rajini Sivaram <ra...@googlemail.com>
AuthorDate: Mon Feb 17 11:37:15 2020 +0000
MINOR: Add upgrade note about TLSv1 and TLSv1.1 being disabled in 2.5.0 (#8128)
Reviewers: Manikumar Reddy <ma...@gmail.com>
---
docs/upgrade.html | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/docs/upgrade.html b/docs/upgrade.html
index b6b3c06..55593d6 100644
--- a/docs/upgrade.html
+++ b/docs/upgrade.html
@@ -38,6 +38,10 @@
for details of the new Java authorizer API added in 2.4.0. Note that <code>kafka.security.auth.Authorizer</code>
and <code>kafka.security.auth.SimpleAclAuthorizer</code> were deprecated in 2.4.0.
</li>
+ <li>TLSv1 and TLSv1.1 have been disabled by default since these have known security vulnerabilities. Only TLSv1.2 is now
+ enabled by default. You can continue to use TLSv1 and TLSv1.1 by explicitly enabling these in the configuration options
+ <code>ssl.protocol</code> and <code>ssl.enabled.protocols</code>.
+ </li>
</ul>
<h4><a id="upgrade_2_4_0" href="#upgrade_2_4_0">Upgrading from 0.8.x, 0.9.x, 0.10.0.x, 0.10.1.x, 0.10.2.x, 0.11.0.x, 1.0.x, 1.1.x, 2.0.x or 2.1.x or 2.2.x or 2.3.x to 2.4.0</a></h4>