Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[iot-pmc] Californium - Minor Release 3.5.0 is available
  • From: "Kraus Achim (IOB/PAD-DDA-HU)" <Achim.Kraus@xxxxxxxx>
  • Date: Thu, 28 Apr 2022 09:40:00 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IVCr6n7yAjBKPMbX3QBjmuWpaZKoVdgVr7SHScYyXpg=; b=IcC3p2jKEABVK8sd26xc84OqG+wqZYSiWFjMWkESiSGssHSja9g+Cik6NYvIVlOP42xIi6AHrC4togjEtVINsRWnqQzh/Vds1e/coxAGF9IzaSoyYdCHVO9JKs85QNeEUDgJzGzsiwtZcE+tkXrUGNByYhF8L8RASIMpGMHwUyInxD6p8fIlUR9UXKPAs7rPC2/2pLQH5TFff1wQ+yFQApeKgV2iVLr4xCUZKY6VQiolxmYPP0kwiO7vbHuLVXONncQGfPqer7vbIRhqdryUWzviGYQoHwwyCyWA7YQdn8auMyMqrxqVhdAm7R6lLTfyJkZLA6Eta2BRcjv6HXeKQg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=DQ0653niZeqfacFyuyyXbQ5k0eVsTss+lmemSCrItIZYYxyLlaBstgphIFYydahqPVPfdn2zxmHZbVwrERUUzQmUGpbL9mmjPBFRELh6kDsC/QOsySEMD/tNc+RC2WOuKw9FZOENrLdLs1YsJ4NW4jwDSaaro+UOnwrluea3opb/ckoq+bbGfHwSWrRiCgAkblsf+lP3jd94tY91IJ62lXi6DdcdIdDG9RuLOSlwhCkxOVOvqKe42cFNw40dgeyXbKytMZKgsIslsdJ5L6S4/wJ8hccryCchh5WDpNaDaSD5HTn9PlfWguC6MdI1C+SJVEYmMvJ0OXMMNwIUeQ26qw==
  • Delivered-to: iot-pmc@xxxxxxxxxxx
  • List-archive: <>
  • List-help: <>
  • List-subscribe: <>, <>
  • List-unsubscribe: <>, <>
  • Thread-index: Adha4sobRPiJ96GuQOKVwwEfKiLQCQ==
  • Thread-topic: Californium - Minor Release 3.5.0 is available

Dear Californians,

the minor release 3.5.0 is now available at the Eclipse Repo and on Maven Central.

It includes DTLS workaround for CVE-2022-21449 (ECDSA java 15-18 [1]). The (still experimental) TLS variant is not fixed with this!
Please update your java vm as soon as possible and available!

It also introduce new LeastRecentlyUpdatedCache with strict read/write function and exported read-write-lock.
And an extended ReadWriteLockConnectionStore, which optionally limits stale DTLS session for reused identities/principals.

The 3.5.0 processes empty messages (PING/ACK/RST) now strictly according RFC 7252, 4.1. This could be also disabled with "STRICT_EMPTY_MESSAGE_FORMAT=false" to support relaxed, not compliant, processing.

OSCORE is now added to the plugtest. Work on interoperability with libcoap is ongoing.
The API of cf-oscore is currently not considered to be stable.

For more details about the 3.5.0, please refer to [2].

You may fetch the selected binary core artefacts from Maven Central [3] or
all binary artefacts, including Californium.Tools and Californium.Actinium, from the Eclipse Repository [4].
Feedback and questions are very welcome!
You’re invited to use github issues [5] for everything ☺. 

You use Californium and want to be listed as adopter on the project page and [6]?
Just fill out a PR as explained in [7].


Mit freundlichen Grüßen / Best regards

 Achim Kraus

Bosch IoT Hub - Product Area IoT Platform (IOC/PAP-HU)
Bosch.IO GmbH | Postfach 30 02 40 | 70442 Stuttgart | GERMANY |
Besucheradresse: Grönerstraße 5/1 | 71636 Ludwigsburg

Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Stefan Koss; Geschäftsführung: Dr. Andreas Nauerz, Yvonne Reckling 

Back to the top