Archivematica - User contributions [en]

Release Notes

2023-06-15T19:27:25Z

Sromkey:

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Security patches ==

* [[Log4j|Log4j vulnerability information]] Updated December 13, 2021

== Archivematica 1.x releases ==

* [[Archivematica_1.14.0_and_Storage_Service_0.20.0_release_notes|'''Archivematica 1.14.0 and Storage Service 0.20.0 Release Notes''']] (Current release)
* [[Storage Service 0.19 Release Notes|'''Storage Service 0.19 Release Notes''']]
* [[Archivematica_1.13.2|Archivematica 1.13.2 Release Notes]]
* [[Archivematica_1.13.1_and_Storage_Service_0.18.1_release_notes|'''Archivematica 1.13.1 and Storage Service 0.18.1 Release Notes''']]
* [[Archivematica_1.13.0_and_Storage_Service_0.18.0_release_notes|'''Archivematica 1.13.0 and Storage Service 0.18.0 Release Notes''']]
* [[Archivematica_1.12.2|Archivematica 1.12.2 Release Notes]]
* [[Archivematica_1.12.1_and_Storage_Service_0.17.1_release_notes|Archivematica 1.12.1 and Storage Service 0.17.1 Release Notes]]
* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']]
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
* [[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
* [[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
* [[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
* [[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-15T15:00:17Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: June 15, 2023'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 22.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

[https://archivematica.org/en/docs/archivematica-1.14/user-manual/transfer/import-metadata/#metadata-xml-validation Documentation]

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

* Python 2.7 removed [https://github.com/archivematica/Issues/issues/1506 GitHub issue 1506]
* rclone support in Storage Service [https://github.com/archivematica/Issues/issues/1567 GitHub issue 1567]
* Ability to override LDAP Attributes [https://github.com/archivematica/Issues/issues/1565 Github issue 1565] '''Contributed by Tom Misilo- thank you!'''

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.13.2

2023-06-14T17:11:18Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.2

'''Release date: 13 Dec 2021'''

This release fixes a critical security issue found in the Archivematica dashboard that allows unauthorized users to access some parts of the Administration tab.

This issue was discovered as a result of a security audit by Scholars Portal. It was not discovered as a result of a breach. Scholars Portal reported the issue to Artefactual privately via email. Once we became aware of the issue, we began to develop the fix. Artefactual has also implemented security reporting process documentation across Archivematica-related GitHub repositories and changed issue templates to reflect a more secure process. You can review Archivematica’s security reporting process here: https://github.com/artefactual/archivematica/security/policy.

==Upgrading==

The fix can be easily installed since this issue only affects the dashboard.

CentOS users relying on Archivematica packages should run:

<pre>
sudo yum -y update archivematica-dashboard
sudo systemctl restart archivematica-dashboard
</pre>

Automated installations using Ansible should deploy from the stable branch: stable/1.13.x.

Alternately, a fix can be applied to the web server. The following configuration snippet shows an updated Nginx server block with the additional rule added.

<pre>
server {
listen 80;
client_max_body_size 256M;
server_name _;
location / {
set $upstream_endpoint http://archivematica-dashboard:8000;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 172800s;
proxy_pass $upstream_endpoint;
}

# Directive to block access to admin pages in
# Archivematica v1.11.0 or older.
location ~ ^/administration/accounts/login/.+$ {
return 404;
}
}
</pre>

After the fix has been applied, please be sure to update passwords and API keys:

* Change the password and API key for the Storage Service user:
** In the Storage Service, change the password for the Storage Service user that the Archivematica dashboard uses. This will also regenerate the API key for the Storage Service user.
** In the Archivematica dashboard, under Administration > General, update the Storage Service user password and the API key to reflect the new password/key.
* Change the password for AtoM/Binder DIP upload.
* Review the PREMIS agent information to ensure that it is correct.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-14T17:02:42Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: TBD'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 22.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

Documentation link to be added.

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

* Python 2.7 removed [https://github.com/archivematica/Issues/issues/1506 GitHub issue 1506]
* rclone support in Storage Service [https://github.com/archivematica/Issues/issues/1567 GitHub issue 1567]
* Ability to override LDAP Attributes [https://github.com/archivematica/Issues/issues/1565 Github issue 1565] '''Contributed by Tom Misilo- thank you!'''

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-14T16:59:45Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: TBD'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 20.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

Documentation link to be added.

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

* Python 2.7 removed [https://github.com/archivematica/Issues/issues/1506 GitHub issue 1506]
* rclone support in Storage Service [https://github.com/archivematica/Issues/issues/1567 GitHub issue 1567]
* Ability to override LDAP Attributes [https://github.com/archivematica/Issues/issues/1565 Github issue 1565] '''Contributed by Tom Misilo- thank you!'''

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-14T16:58:11Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: TBD'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 20.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

Documentation link to be added.

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

* Python 2.7 removed [https://github.com/archivematica/Issues/issues/1506 GitHub issue 1506]
* rclone support in Storage Service [https://github.com/archivematica/Issues/issues/1567 GitHub issue 1567]

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-14T16:57:00Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: TBD'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 20.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

Documentation link to be added.

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

* Python 2.7 removed [https://github.com/archivematica/Issues/issues/1506 GitHub issue 1506]

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-14T16:55:41Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

'''Release date: TBD'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.14/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.14.0 and Storage Service 0.20.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Support for Ubuntu 20.04 and Rocky Linux 9 will be coming in the 1.15 release.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Metadata import, reingest and validation in XML ===

This is a new set of features that allows users to include metadata files in XML and have them parsed into the AIP METS file. Optionally, the metadata files can also be validated against an external or local schema. It also has improved the handling of updating or deleting metadata on reingest.

[https://github.com/archivematica/Issues/issues/1531 GitHub issue 1531]

[https://github.com/archivematica/Issues/issues/1537 GitHub issue 1537]

Documentation link to be added.

This feature was sponsored by the Saxon State and University Library Dresden. Thank you!

== Changed ==

=== PRONOM v.109 ===

As of this Archivematica release, we are up to date to PRONOM v. 109.

[https://github.com/archivematica/Issues/issues/1592 GitHub issue 1592]

=== Other changes ===

*

== Fixed ==

Please see the 1.14 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/20?closed=1.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-13T19:06:19Z

Sromkey:

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-13T18:51:42Z

Sromkey:

User:Dpatel

2023-06-13T18:29:55Z

Sromkey: Creating user page for new user.

Archivematica maintainer since January' 2023 and working in Maintainers team at Artefactual.

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-13T17:42:27Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.14.0 and Storage Service 0.20.0

Archivematica 1.14.0 and Storage Service 0.20.0 release notes

2023-06-13T17:41:08Z

Sromkey: Created page with "This is where we can put the release notes!"

This is where we can put the release notes!

Release Notes

2023-06-13T17:40:43Z

Sromkey:

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Security patches ==

* [[Log4j|Log4j vulnerability information]] Updated December 13, 2021

== Archivematica 1.x releases ==

* [[Archivematica_1.14.0_and_Storage_Service_0.20.0_release_notes|'''Archivematica 1.14.0 and Storage Service 0.20.0 Release Notes''']]
* [[Storage Service 0.19 Release Notes|'''Storage Service 0.19 Release Notes''']] (Current release)
* [[Archivematica_1.13.2|Archivematica 1.13.2 Release Notes]] (Current release)
* [[Archivematica_1.13.1_and_Storage_Service_0.18.1_release_notes|'''Archivematica 1.13.1 and Storage Service 0.18.1 Release Notes''']]
* [[Archivematica_1.13.0_and_Storage_Service_0.18.0_release_notes|'''Archivematica 1.13.0 and Storage Service 0.18.0 Release Notes''']]
* [[Archivematica_1.12.2|Archivematica 1.12.2 Release Notes]]
* [[Archivematica_1.12.1_and_Storage_Service_0.17.1_release_notes|Archivematica 1.12.1 and Storage Service 0.17.1 Release Notes]]
* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']]
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
* [[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
* [[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
* [[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
* [[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

User:Wchuang

2023-04-26T16:48:06Z

Sromkey: Creating user page for new user.

I work at a private university in Taipei City, Taiwan, as the head of the system group of the computer center. I am very happy to use this software to develop.

User:SaleteMJF

2023-04-26T16:47:55Z

Sromkey: Creating user page for new user.

Graduada em Arquivologia pela Universidade Estadual de Londrina - PR.

User:KristenCCA

2022-05-24T13:12:49Z

Sromkey: Creating user page for new user.

Newly qualified archivist working at the Centre For Contemporary Arts in Glasgow.

Log4j

2021-12-15T17:11:12Z

Sromkey: /* Atom */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Log4j vulnerability information

* Posted: 2021-12-13
* Last updated: 2021-12-15

Below is the latest information and recommendations we have about [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228], colloquially called the "Log4Shell" vulnerability found in Apache Log4j in December of 2021.

==What is this issue that everyone seems to be talking about?==

From [https://www.lunasec.io/docs/blog/log4j-zero-day/ LunaSec], one of the first companies to write about the vulnerability:

''On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string.''

''Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it'' "Log4Shell" ''for short.''

''The 0-day was [https://twitter.com/P0rZ9/status/1468949890571337731 tweeted] along with a POC posted on [https://github.com/tangxiaofeng7/apache-log4j-poc GitHub]. It has now been published as [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228].''

While full server control is the worst possible outcome, the vulnerability could lead to information disclosure or other remote code execution as well. Since the above post was made on December 12th, 2021, the "Log4Shell" name for this vulnerability has been generally adopted (though it is also sometimes referred to as "LogJam").

Another explanation from [https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/ Ars Technica]:

''Log4J is an open source Java-based logging tool available from Apache. It has the ability to perform network lookups using the [https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface Java Naming and Directory Interface] to obtain services from the [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol]. The end result: Log4j will interpret a log message as a URL, go and fetch it, and even execute any executable payload it contains with the full privileges of the main program. Exploits are triggered inside text using the ${} syntax, allowing them to be included in browser user agents or other commonly logged attributes.''

''...The vulnerability, tracked as CVE-2021-44228, has a severity rating of 10 out of 10. The zero-day had been exploited at least nine days before it surfaced.''

==What does Log4j have to do with Elasticsearch?==

[https://www.elastic.co/elasticsearch/ Elasticsearch] is the search index library used in AtoM and Archivematica to support indexing, browsing, and search functionality.

Elasticsearch uses the Log4j library to handle logging. Even if you have not actively configured additional logging, the package will have been installed when installing Elasticsearch as part of your AtoM or Archivematica installation.

For more detailed information from the Elastic team, see:

* https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

==What does Log4j have to do with Java?==

Log4j is a Java based tool. [https://java.com/en/download/help/whatis_java.html Java] is a programming language and computing platform first released by Sun Microsystems in 1995, and currently maintained by Oracle. Java is a general term used to denote both the software and its components, which include 'Java Runtime Environment' (JRE), 'Java Virtual Machine' (JVM) and also 'Plug-in'.

The vulnerability is not caused by Java directly, but rather how Log4j handles requests. However, ensuring you have the most up-to-date version of Java installed is always a good idea, and the Oracle Java website also includes further general tips for ensuring the security of your Java installation:

* https://www.java.com/en/download/help/security-tips.html

You can review Oracle’s announcement about this vulnerability on their blog, here:

* https://blogs.oracle.com/security/post/cve-2021-44228

==Do I need to do anything about this? Am I vulnerable?==

If you are an Artefactual hosted client, or if you have a maintenance agreement with Artefactual, then there is nothing you need to do - hosted clients have already been patched, as have most maintenance clients - if Artefactual needs to coordinate with you for support access and/or patching, our team will be in touch shortly if they have not been already.

If you are using a different hosting provider, we recommend that you contact them to verify that this issue is being addressed.

'''If your organization is hosting your own AtoM installation, then yes: you will need to ensure that your server is patched against the vulnerability to prevent information leakage.'''

==What has Artefactual done about this vulnerability?==

Our team has been monitoring all developing information, and using it to perform our own penetration tests to determine both the severity of the issue, as well as ensure that the recommended patch solutions correctly resolve the vulnerability.

Based on these findings, our team has already patched all Artefactual-hosted applications (and most maintenance agreement installations) affected by this vulnerability, and are in the process of coordinating with any locally maintained installation owners with a maintenance agreement where communication is required to perform the necessary patching.

We will continue to monitor developments, perform our own tests to ensure that any proposed solutions do in fact resolve the issue, and will be keeping a close eye on the logs for all hosted and maintained installations.

To support our user community, we have also prepared this FAQ with guidance on how best to secure your local installation.

==Can my AtoM or Archivematica instance end up running dangerous executable code because of this?==

Fortunately, the risk of this occurring appears to be low. There is some risk of information leakage, but based on current public sources as well as our own internal penetration testing thus far, currently it appears there is a very low risk that it’s possible to trigger executable code via an Elasticsearch query with this vulnerability.

As the Elastic team reports:

''Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster. We will also release a new version of Elasticsearch that contains the JVM property by default and removes certain components of Log4j out of an abundance of caution.''

However, this is clarified later with:

''Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Investigation into Elasticsearch 5 is ongoing.''

At this time, [[Releases/Release_announcements/Release_2.6|AtoM 2.6.0]] and later versions use Elasticsearch 5.6.

Additionally, most [https://www.archivematica.org Archivematica] installations are not publicly accessible, further reducing the likelihood of a successful attack using this vulnerability.

Despite the above, this is a developing situation and, '''we still strongly recommend that all AtoM and Archivematica users patch the vulnerability as soon as possible.'''

==What is the recommended fix for this vulnerability?==

If we discover further information that contradicts the current recommendations, we will edit this page with updates and links to further sources.

In the meantime, based on the different versions of Elasticsearch used in AtoM and Archivematica, below are the least disruptive ways we have found to ensure your installation is no longer vulnerable:

===Archivematica===

* First, upgrade to the latest version of Elasticsearch v6.x

Then proceed to follow the instructions on Step 4 on this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Edit <code>/etc/default/elasticsearch</code> (Debian/Ubuntu) or <code>/etc/sysconfig/elasticsearch</code> (RedHat/CentOS) and find the line with your ES_JAVA_OPTS, and append this option to the end of it:

<code>-Dlog4j2.formatMsgNoLookups=True</code>

It should look something like this:

<code>ES_JAVA_OPTS="-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=True"</code>

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

===Atom===

Please follow the instructions on the [https://wiki.accesstomemory.org/wiki/Development/Security/Log4j-2021-12 AtoM wiki].

==Where can I get more technical information for my IT team?==

CVE: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228]

(Learn more about what a CVE is [https://www.cve.org/About/Overview here] and [https://www.cve.org/About/History here])

Some sources we have found to be reliable and regularly updated:

* Elastic [https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 security announcement on CVE-2021-44228], December 10, 2021
* Apache [https://logging.apache.org/log4j/2.x/security.html Log4j security announcement] page
* LunaSec [https://www.lunasec.io/docs/blog/log4j-zero-day/ blog post on Log4Shell], December 12, 2021
* Oracle Security [https://blogs.oracle.com/security/post/cve-2021-44228 blog announcement on CVE-2021-4428], December 10, 2021

Log4j

2021-12-15T17:00:40Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Log4j vulnerability information

* Posted: 2021-12-13
* Last updated: 2021-12-15

Below is the latest information and recommendations we have about [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228], colloquially called the "Log4Shell" vulnerability found in Apache Log4j in December of 2021.

==What is this issue that everyone seems to be talking about?==

From [https://www.lunasec.io/docs/blog/log4j-zero-day/ LunaSec], one of the first companies to write about the vulnerability:

''On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string.''

''Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it'' "Log4Shell" ''for short.''

''The 0-day was [https://twitter.com/P0rZ9/status/1468949890571337731 tweeted] along with a POC posted on [https://github.com/tangxiaofeng7/apache-log4j-poc GitHub]. It has now been published as [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228].''

While full server control is the worst possible outcome, the vulnerability could lead to information disclosure or other remote code execution as well. Since the above post was made on December 12th, 2021, the "Log4Shell" name for this vulnerability has been generally adopted (though it is also sometimes referred to as "LogJam").

Another explanation from [https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/ Ars Technica]:

''Log4J is an open source Java-based logging tool available from Apache. It has the ability to perform network lookups using the [https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface Java Naming and Directory Interface] to obtain services from the [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol]. The end result: Log4j will interpret a log message as a URL, go and fetch it, and even execute any executable payload it contains with the full privileges of the main program. Exploits are triggered inside text using the ${} syntax, allowing them to be included in browser user agents or other commonly logged attributes.''

''...The vulnerability, tracked as CVE-2021-44228, has a severity rating of 10 out of 10. The zero-day had been exploited at least nine days before it surfaced.''

==What does Log4j have to do with Elasticsearch?==

[https://www.elastic.co/elasticsearch/ Elasticsearch] is the search index library used in AtoM and Archivematica to support indexing, browsing, and search functionality.

Elasticsearch uses the Log4j library to handle logging. Even if you have not actively configured additional logging, the package will have been installed when installing Elasticsearch as part of your AtoM or Archivematica installation.

For more detailed information from the Elastic team, see:

* https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

==What does Log4j have to do with Java?==

Log4j is a Java based tool. [https://java.com/en/download/help/whatis_java.html Java] is a programming language and computing platform first released by Sun Microsystems in 1995, and currently maintained by Oracle. Java is a general term used to denote both the software and its components, which include 'Java Runtime Environment' (JRE), 'Java Virtual Machine' (JVM) and also 'Plug-in'.

The vulnerability is not caused by Java directly, but rather how Log4j handles requests. However, ensuring you have the most up-to-date version of Java installed is always a good idea, and the Oracle Java website also includes further general tips for ensuring the security of your Java installation:

* https://www.java.com/en/download/help/security-tips.html

You can review Oracle’s announcement about this vulnerability on their blog, here:

* https://blogs.oracle.com/security/post/cve-2021-44228

==Do I need to do anything about this? Am I vulnerable?==

If you are an Artefactual hosted client, or if you have a maintenance agreement with Artefactual, then there is nothing you need to do - hosted clients have already been patched, as have most maintenance clients - if Artefactual needs to coordinate with you for support access and/or patching, our team will be in touch shortly if they have not been already.

If you are using a different hosting provider, we recommend that you contact them to verify that this issue is being addressed.

'''If your organization is hosting your own AtoM installation, then yes: you will need to ensure that your server is patched against the vulnerability to prevent information leakage.'''

==What has Artefactual done about this vulnerability?==

Our team has been monitoring all developing information, and using it to perform our own penetration tests to determine both the severity of the issue, as well as ensure that the recommended patch solutions correctly resolve the vulnerability.

Based on these findings, our team has already patched all Artefactual-hosted applications (and most maintenance agreement installations) affected by this vulnerability, and are in the process of coordinating with any locally maintained installation owners with a maintenance agreement where communication is required to perform the necessary patching.

We will continue to monitor developments, perform our own tests to ensure that any proposed solutions do in fact resolve the issue, and will be keeping a close eye on the logs for all hosted and maintained installations.

To support our user community, we have also prepared this FAQ with guidance on how best to secure your local installation.

==Can my AtoM or Archivematica instance end up running dangerous executable code because of this?==

Fortunately, the risk of this occurring appears to be low. There is some risk of information leakage, but based on current public sources as well as our own internal penetration testing thus far, currently it appears there is a very low risk that it’s possible to trigger executable code via an Elasticsearch query with this vulnerability.

As the Elastic team reports:

''Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster. We will also release a new version of Elasticsearch that contains the JVM property by default and removes certain components of Log4j out of an abundance of caution.''

However, this is clarified later with:

''Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Investigation into Elasticsearch 5 is ongoing.''

At this time, [[Releases/Release_announcements/Release_2.6|AtoM 2.6.0]] and later versions use Elasticsearch 5.6.

Additionally, most [https://www.archivematica.org Archivematica] installations are not publicly accessible, further reducing the likelihood of a successful attack using this vulnerability.

Despite the above, this is a developing situation and, '''we still strongly recommend that all AtoM and Archivematica users patch the vulnerability as soon as possible.'''

==What is the recommended fix for this vulnerability?==

If we discover further information that contradicts the current recommendations, we will edit this page with updates and links to further sources.

In the meantime, based on the different versions of Elasticsearch used in AtoM and Archivematica, below are the least disruptive ways we have found to ensure your installation is no longer vulnerable:

===Archivematica===

* First, upgrade to the latest version of Elasticsearch v6.x

Then proceed to follow the instructions on Step 4 on this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Edit <code>/etc/default/elasticsearch</code> (Debian/Ubuntu) or <code>/etc/sysconfig/elasticsearch</code> (RedHat/CentOS) and find the line with your ES_JAVA_OPTS, and append this option to the end of it:

<code>-Dlog4j2.formatMsgNoLookups=True</code>

It should look something like this:

<code>ES_JAVA_OPTS="-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=True"</code>

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

===Atom===

Please follow the instructions on Step 5 of this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Install the zip package: <code>apt-get install zip</code> (Debian/Ubuntu) or <code>yum install zip</code> (RedHat/CentOS)
* Change directories: <code>cd /usr/share/elasticsearch/lib/</code>
* Run the following line to remove the problematic file:

zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

==Where can I get more technical information for my IT team?==

CVE: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228]

(Learn more about what a CVE is [https://www.cve.org/About/Overview here] and [https://www.cve.org/About/History here])

Some sources we have found to be reliable and regularly updated:

* Elastic [https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 security announcement on CVE-2021-44228], December 10, 2021
* Apache [https://logging.apache.org/log4j/2.x/security.html Log4j security announcement] page
* LunaSec [https://www.lunasec.io/docs/blog/log4j-zero-day/ blog post on Log4Shell], December 12, 2021
* Oracle Security [https://blogs.oracle.com/security/post/cve-2021-44228 blog announcement on CVE-2021-4428], December 10, 2021

Log4j

2021-12-15T17:00:11Z

Sromkey: /* Archivematica */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Log4j vulnerability information

* Posted: 2021-12-13
* Last updated: 2021-12-13

Below is the latest information and recommendations we have about [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228], colloquially called the "Log4Shell" vulnerability found in Apache Log4j in December of 2021.

==What is this issue that everyone seems to be talking about?==

From [https://www.lunasec.io/docs/blog/log4j-zero-day/ LunaSec], one of the first companies to write about the vulnerability:

''On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string.''

''Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it'' "Log4Shell" ''for short.''

''The 0-day was [https://twitter.com/P0rZ9/status/1468949890571337731 tweeted] along with a POC posted on [https://github.com/tangxiaofeng7/apache-log4j-poc GitHub]. It has now been published as [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228].''

While full server control is the worst possible outcome, the vulnerability could lead to information disclosure or other remote code execution as well. Since the above post was made on December 12th, 2021, the "Log4Shell" name for this vulnerability has been generally adopted (though it is also sometimes referred to as "LogJam").

Another explanation from [https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/ Ars Technica]:

''Log4J is an open source Java-based logging tool available from Apache. It has the ability to perform network lookups using the [https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface Java Naming and Directory Interface] to obtain services from the [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol]. The end result: Log4j will interpret a log message as a URL, go and fetch it, and even execute any executable payload it contains with the full privileges of the main program. Exploits are triggered inside text using the ${} syntax, allowing them to be included in browser user agents or other commonly logged attributes.''

''...The vulnerability, tracked as CVE-2021-44228, has a severity rating of 10 out of 10. The zero-day had been exploited at least nine days before it surfaced.''

==What does Log4j have to do with Elasticsearch?==

[https://www.elastic.co/elasticsearch/ Elasticsearch] is the search index library used in AtoM and Archivematica to support indexing, browsing, and search functionality.

Elasticsearch uses the Log4j library to handle logging. Even if you have not actively configured additional logging, the package will have been installed when installing Elasticsearch as part of your AtoM or Archivematica installation.

For more detailed information from the Elastic team, see:

* https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

==What does Log4j have to do with Java?==

Log4j is a Java based tool. [https://java.com/en/download/help/whatis_java.html Java] is a programming language and computing platform first released by Sun Microsystems in 1995, and currently maintained by Oracle. Java is a general term used to denote both the software and its components, which include 'Java Runtime Environment' (JRE), 'Java Virtual Machine' (JVM) and also 'Plug-in'.

The vulnerability is not caused by Java directly, but rather how Log4j handles requests. However, ensuring you have the most up-to-date version of Java installed is always a good idea, and the Oracle Java website also includes further general tips for ensuring the security of your Java installation:

* https://www.java.com/en/download/help/security-tips.html

You can review Oracle’s announcement about this vulnerability on their blog, here:

* https://blogs.oracle.com/security/post/cve-2021-44228

==Do I need to do anything about this? Am I vulnerable?==

If you are an Artefactual hosted client, or if you have a maintenance agreement with Artefactual, then there is nothing you need to do - hosted clients have already been patched, as have most maintenance clients - if Artefactual needs to coordinate with you for support access and/or patching, our team will be in touch shortly if they have not been already.

If you are using a different hosting provider, we recommend that you contact them to verify that this issue is being addressed.

'''If your organization is hosting your own AtoM installation, then yes: you will need to ensure that your server is patched against the vulnerability to prevent information leakage.'''

==What has Artefactual done about this vulnerability?==

Our team has been monitoring all developing information, and using it to perform our own penetration tests to determine both the severity of the issue, as well as ensure that the recommended patch solutions correctly resolve the vulnerability.

Based on these findings, our team has already patched all Artefactual-hosted applications (and most maintenance agreement installations) affected by this vulnerability, and are in the process of coordinating with any locally maintained installation owners with a maintenance agreement where communication is required to perform the necessary patching.

We will continue to monitor developments, perform our own tests to ensure that any proposed solutions do in fact resolve the issue, and will be keeping a close eye on the logs for all hosted and maintained installations.

To support our user community, we have also prepared this FAQ with guidance on how best to secure your local installation.

==Can my AtoM or Archivematica instance end up running dangerous executable code because of this?==

Fortunately, the risk of this occurring appears to be low. There is some risk of information leakage, but based on current public sources as well as our own internal penetration testing thus far, currently it appears there is a very low risk that it’s possible to trigger executable code via an Elasticsearch query with this vulnerability.

As the Elastic team reports:

''Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster. We will also release a new version of Elasticsearch that contains the JVM property by default and removes certain components of Log4j out of an abundance of caution.''

However, this is clarified later with:

''Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Investigation into Elasticsearch 5 is ongoing.''

At this time, [[Releases/Release_announcements/Release_2.6|AtoM 2.6.0]] and later versions use Elasticsearch 5.6.

Additionally, most [https://www.archivematica.org Archivematica] installations are not publicly accessible, further reducing the likelihood of a successful attack using this vulnerability.

Despite the above, this is a developing situation and, '''we still strongly recommend that all AtoM and Archivematica users patch the vulnerability as soon as possible.'''

==What is the recommended fix for this vulnerability?==

If we discover further information that contradicts the current recommendations, we will edit this page with updates and links to further sources.

In the meantime, based on the different versions of Elasticsearch used in AtoM and Archivematica, below are the least disruptive ways we have found to ensure your installation is no longer vulnerable:

===Archivematica===

* First, upgrade to the latest version of Elasticsearch v6.x

Then proceed to follow the instructions on Step 4 on this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Edit <code>/etc/default/elasticsearch</code> (Debian/Ubuntu) or <code>/etc/sysconfig/elasticsearch</code> (RedHat/CentOS) and find the line with your ES_JAVA_OPTS, and append this option to the end of it:

<code>-Dlog4j2.formatMsgNoLookups=True</code>

It should look something like this:

<code>ES_JAVA_OPTS="-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=True"</code>

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

===Atom===

Please follow the instructions on Step 5 of this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Install the zip package: <code>apt-get install zip</code> (Debian/Ubuntu) or <code>yum install zip</code> (RedHat/CentOS)
* Change directories: <code>cd /usr/share/elasticsearch/lib/</code>
* Run the following line to remove the problematic file:

zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

==Where can I get more technical information for my IT team?==

CVE: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228]

(Learn more about what a CVE is [https://www.cve.org/About/Overview here] and [https://www.cve.org/About/History here])

Some sources we have found to be reliable and regularly updated:

* Elastic [https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 security announcement on CVE-2021-44228], December 10, 2021
* Apache [https://logging.apache.org/log4j/2.x/security.html Log4j security announcement] page
* LunaSec [https://www.lunasec.io/docs/blog/log4j-zero-day/ blog post on Log4Shell], December 12, 2021
* Oracle Security [https://blogs.oracle.com/security/post/cve-2021-44228 blog announcement on CVE-2021-4428], December 10, 2021

Log4j

2021-12-13T22:32:58Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Log4j vulnerability information

* Posted: 2021-12-13
* Last updated: 2021-12-13

Below is the latest information and recommendations we have about [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228], colloquially called the "Log4Shell" vulnerability found in Apache Log4j in December of 2021.

==What is this issue that everyone seems to be talking about?==

From [https://www.lunasec.io/docs/blog/log4j-zero-day/ LunaSec], one of the first companies to write about the vulnerability:

''On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string.''

''Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it'' "Log4Shell" ''for short.''

''The 0-day was [https://twitter.com/P0rZ9/status/1468949890571337731 tweeted] along with a POC posted on [https://github.com/tangxiaofeng7/apache-log4j-poc GitHub]. It has now been published as [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228].''

While full server control is the worst possible outcome, the vulnerability could lead to information disclosure or other remote code execution as well. Since the above post was made on December 12th, 2021, the "Log4Shell" name for this vulnerability has been generally adopted (though it is also sometimes referred to as "LogJam").

Another explanation from [https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/ Ars Technica]:

''Log4J is an open source Java-based logging tool available from Apache. It has the ability to perform network lookups using the [https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface Java Naming and Directory Interface] to obtain services from the [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol]. The end result: Log4j will interpret a log message as a URL, go and fetch it, and even execute any executable payload it contains with the full privileges of the main program. Exploits are triggered inside text using the ${} syntax, allowing them to be included in browser user agents or other commonly logged attributes.''

''...The vulnerability, tracked as CVE-2021-44228, has a severity rating of 10 out of 10. The zero-day had been exploited at least nine days before it surfaced.''

==What does Log4j have to do with Elasticsearch?==

[https://www.elastic.co/elasticsearch/ Elasticsearch] is the search index library used in AtoM and Archivematica to support indexing, browsing, and search functionality.

Elasticsearch uses the Log4j library to handle logging. Even if you have not actively configured additional logging, the package will have been installed when installing Elasticsearch as part of your AtoM or Archivematica installation.

For more detailed information from the Elastic team, see:

* https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

==What does Log4j have to do with Java?==

Log4j is a Java based tool. [https://java.com/en/download/help/whatis_java.html Java] is a programming language and computing platform first released by Sun Microsystems in 1995, and currently maintained by Oracle. Java is a general term used to denote both the software and its components, which include 'Java Runtime Environment' (JRE), 'Java Virtual Machine' (JVM) and also 'Plug-in'.

The vulnerability is not caused by Java directly, but rather how Log4j handles requests. However, ensuring you have the most up-to-date version of Java installed is always a good idea, and the Oracle Java website also includes further general tips for ensuring the security of your Java installation:

* https://www.java.com/en/download/help/security-tips.html

You can review Oracle’s announcement about this vulnerability on their blog, here:

* https://blogs.oracle.com/security/post/cve-2021-44228

==Do I need to do anything about this? Am I vulnerable?==

If you are an Artefactual hosted client, or if you have a maintenance agreement with Artefactual, then there is nothing you need to do - hosted clients have already been patched, as have most maintenance clients - if Artefactual needs to coordinate with you for support access and/or patching, our team will be in touch shortly if they have not been already.

If you are using a different hosting provider, we recommend that you contact them to verify that this issue is being addressed.

'''If your organization is hosting your own AtoM installation, then yes: you will need to ensure that your server is patched against the vulnerability to prevent information leakage.'''

==What has Artefactual done about this vulnerability?==

Our team has been monitoring all developing information, and using it to perform our own penetration tests to determine both the severity of the issue, as well as ensure that the recommended patch solutions correctly resolve the vulnerability.

Based on these findings, our team has already patched all Artefactual-hosted applications (and most maintenance agreement installations) affected by this vulnerability, and are in the process of coordinating with any locally maintained installation owners with a maintenance agreement where communication is required to perform the necessary patching.

We will continue to monitor developments, perform our own tests to ensure that any proposed solutions do in fact resolve the issue, and will be keeping a close eye on the logs for all hosted and maintained installations.

To support our user community, we have also prepared this FAQ with guidance on how best to secure your local installation.

==Can my AtoM or Archivematica instance end up running dangerous executable code because of this?==

Fortunately, the risk of this occurring appears to be low. There is some risk of information leakage, but based on current public sources as well as our own internal penetration testing thus far, currently it appears there is a very low risk that it’s possible to trigger executable code via an Elasticsearch query with this vulnerability.

As the Elastic team reports:

''Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster. We will also release a new version of Elasticsearch that contains the JVM property by default and removes certain components of Log4j out of an abundance of caution.''

However, this is clarified later with:

''Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Investigation into Elasticsearch 5 is ongoing.''

At this time, [[Releases/Release_announcements/Release_2.6|AtoM 2.6.0]] and later versions use Elasticsearch 5.6.

Additionally, most [https://www.archivematica.org Archivematica] installations are not publicly accessible, further reducing the likelihood of a successful attack using this vulnerability.

Despite the above, this is a developing situation and, '''we still strongly recommend that all AtoM and Archivematica users patch the vulnerability as soon as possible.'''

==What is the recommended fix for this vulnerability?==

If we discover further information that contradicts the current recommendations, we will edit this page with updates and links to further sources.

In the meantime, based on the different versions of Elasticsearch used in AtoM and Archivematica, below are the least disruptive ways we have found to ensure your installation is no longer vulnerable:

===Archivematica===

Please follow the instructions on Step 4 on this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Edit <code>/etc/default/elasticsearch</code> (Debian/Ubuntu) or <code>/etc/sysconfig/elasticsearch</code> (RedHat/CentOS) and change the ES_JAVA_OPTS line to look like this:

ES_JAVA_OPTS="-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=True"

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

===Atom===

Please follow the instructions on Step 5 of this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Install the zip package: <code>apt-get install zip</code> (Debian/Ubuntu) or <code>yum install zip</code> (RedHat/CentOS)
* Change directories: <code>cd /usr/share/elasticsearch/lib/</code>
* Run the following line to remove the problematic file:

zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

==Where can I get more technical information for my IT team?==

CVE: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228]

(Learn more about what a CVE is [https://www.cve.org/About/Overview here] and [https://www.cve.org/About/History here])

Some sources we have found to be reliable and regularly updated:

* Elastic [https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 security announcement on CVE-2021-44228], December 10, 2021
* Apache [https://logging.apache.org/log4j/2.x/security.html Log4j security announcement] page
* LunaSec [https://www.lunasec.io/docs/blog/log4j-zero-day/ blog post on Log4Shell], December 12, 2021
* Oracle Security [https://blogs.oracle.com/security/post/cve-2021-44228 blog announcement on CVE-2021-4428], December 10, 2021

Release Notes

2021-12-13T22:13:00Z

Sromkey:

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Security patches ==

* [[Log4j|Log4j vulnerability information]] Updated December 13, 2021

== Archivematica 1.x releases ==

* [[Archivematica_1.13.2|Archivematica 1.13.2 Release Notes]] (Current release)
* [[Archivematica_1.13.1_and_Storage_Service_0.18.1_release_notes|'''Archivematica 1.13.1 and Storage Service 0.18.1 Release Notes''']] (Current release)
* [[Archivematica_1.13.0_and_Storage_Service_0.18.0_release_notes|'''Archivematica 1.13.0 and Storage Service 0.18.0 Release Notes''']]
* [[Archivematica_1.12.2|Archivematica 1.12.2 Release Notes]]
* [[Archivematica_1.12.1_and_Storage_Service_0.17.1_release_notes|Archivematica 1.12.1 and Storage Service 0.17.1 Release Notes]]
* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']]
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
*[[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
*[[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
*[[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
*[[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

Log4j

2021-12-13T22:11:26Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Log4j vulnerability information

* Posted: 2021-12-13
* Last updated: 2021-12-13

Below is the latest information and recommendations we have about [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228], colloquially called the "Log4Shell" vulnerability found in Apache Log4j in December of 2021.

==What is this issue that everyone seems to be talking about?==

From [https://www.lunasec.io/docs/blog/log4j-zero-day/ LunaSec], one of the first companies to write about the vulnerability:

''On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string.''

''Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it'' "Log4Shell" ''for short.''

''The 0-day was [https://twitter.com/P0rZ9/status/1468949890571337731 tweeted] along with a POC posted on [https://github.com/tangxiaofeng7/apache-log4j-poc GitHub]. It has now been published as [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228].''

While full server control is the worst possible outcome, the vulnerability could lead to information disclosure or other remote code execution as well. Since the above post was made on December 12th, 2021, the "Log4Shell" name for this vulnerability has been generally adopted (though it is also sometimes referred to as "LogJam").

Another explanation from [https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/ Ars Technica]:

''Log4J is an open source Java-based logging tool available from Apache. It has the ability to perform network lookups using the [https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface Java Naming and Directory Interface] to obtain services from the [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol]. The end result: Log4j will interpret a log message as a URL, go and fetch it, and even execute any executable payload it contains with the full privileges of the main program. Exploits are triggered inside text using the ${} syntax, allowing them to be included in browser user agents or other commonly logged attributes.''

''...The vulnerability, tracked as CVE-2021-44228, has a severity rating of 10 out of 10. The zero-day had been exploited at least nine days before it surfaced.''

==What does Log4j have to do with Elasticsearch?==

[https://www.elastic.co/elasticsearch/ Elasticsearch] is the search index library used in AtoM and Archivematica to support indexing, browsing, and search functionality.

Elasticsearch uses the Log4j library to handle logging. Even if you have not actively configured additional logging, the package will have been installed when installing Elasticsearch as part of your AtoM or Archivematica installation.

For more detailed information from the Elastic team, see:

* https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

==What does Log4j have to do with Java?==

Log4j is a Java based tool. [https://java.com/en/download/help/whatis_java.html Java] is a programming language and computing platform first released by Sun Microsystems in 1995, and currently maintained by Oracle. Java is a general term used to denote both the software and its components, which include 'Java Runtime Environment' (JRE), 'Java Virtual Machine' (JVM) and also 'Plug-in'.

The vulnerability is not caused by Java directly, but rather how Log4j handles requests. However, ensuring you have the most up-to-date version of Java installed is always a good idea, and the Oracle Java website also includes further general tips for ensuring the security of your Java installation:

* https://www.java.com/en/download/help/security-tips.html

You can review Oracle’s announcement about this vulnerability on their blog, here:

* https://blogs.oracle.com/security/post/cve-2021-44228

==Do I need to do anything about this? Am I vulnerable?==

If you are an Artefactual hosted client, or if you have a maintenance agreement with Artefactual, then there is nothing you need to do - hosted clients have already been patched, as have most maintenance clients - if Artefactual needs to coordinate with you for support access and/or patching, our team will be in touch shortly if they have not been already.

If you are using a different hosting provider, we recommend that you contact them to verify that this issue is being addressed.

'''If your organization is hosting your own AtoM installation, then yes: you will need to ensure that your server is patched against the vulnerability to prevent information leakage.'''

==What has Artefactual done about this vulnerability?==

Our team has been monitoring all developing information, and using it to perform our own penetration tests to determine both the severity of the issue, as well as ensure that the recommended patch solutions correctly resolve the vulnerability.

Based on these findings, our team has already patched all Artefactual-hosted applications (and most maintenance agreement installations) affected by this vulnerability, and are in the process of coordinating with any locally maintained installation owners with a maintenance agreement where communication is required to perform the necessary patching.

We will continue to monitor developments, perform our own tests to ensure that any proposed solutions do in fact resolve the issue, and will be keeping a close eye on the logs for all hosted and maintained installations.

To support our user community, we have also prepared this FAQ with guidance on how best to secure your local installation.

==Can my AtoM or Archivematica instance end up running dangerous executable code because of this?==

Fortunately, the risk of this occurring appears to be low. There is some risk of information leakage, but based on current public sources as well as our own internal penetration testing thus far, currently it appears there is a very low risk that it’s possible to trigger executable code via an Elasticsearch query with this vulnerability.

As the Elastic team reports:

''Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster. We will also release a new version of Elasticsearch that contains the JVM property by default and removes certain components of Log4j out of an abundance of caution.''

However, this is clarified later with:

''Elasticsearch 6 and 7 are not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Investigation into Elasticsearch 5 is ongoing.''

At this time, [[Releases/Release_announcements/Release_2.6|AtoM 2.6.0]] and later versions use Elasticsearch 5.6.

Additionally, most [https://www.archivematica.org Archivematica] installations are not publicly accessible, further reducing the likelihood of a successful attack using this vulnerability.

Despite the above, this is a developing situation and, '''we still strongly recommend that all AtoM and Archivematica users patch the vulnerability as soon as possible.'''

==What is the recommended fix for this vulnerability?==

If we discover further information that contradicts the current recommendations, we will edit this page with updates and links to further sources.

In the meantime, based on the different versions of Elasticsearch used in AtoM and Archivematica, below are the least disruptive ways we have found to ensure your installation is no longer vulnerable:

===Archivematica===

Please follow the instructions on Step 4 on this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Edit <code>/etc/default/elasticsearch</code> (Debian/Ubuntu) or <code>/etc/sysconfig/elasticsearch</code> (RedHat/CentOS) and change the ES_JAVA_OPTS line to look like this:

ES_JAVA_OPTS="-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=True"

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

===Atom===

Please follow the instructions on Step 5 of this guide:

* https://www.geekyhacker.com/2021/12/11/three-ways-to-patch-log4shell-cve-2021-44228-vulnerability/

In short, as root:

* Install the zip package: <code>apt-get install zip</code> (Debian/Ubuntu) or <code>yum install zip</code> (RedHat/CentOS)
* Change directories: <code>cd /usr/share/elasticsearch/lib/</code>
* Run the following line to remove the problematic file:

zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

* Restart the ElasticSearch service with: <code>service elasticsearch restart</code>

==Where can I get more technical information for my IT team?==

CVE: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 CVE-2021-44228]

(Learn more about what a CVE is [https://www.cve.org/About/Overview here] and [https://www.cve.org/About/History here])

Some sources we have found to be reliable and regularly updated:

* Elastic [https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 security announcement on CVE-2021-44228], December 10, 2021
* Apache [https://logging.apache.org/log4j/2.x/security.html Log4j security announcement] page
* LunaSec [https://www.lunasec.io/docs/blog/log4j-zero-day/ blog post on Log4Shell], December 12, 2021
* Oracle Security [https://blogs.oracle.com/security/post/cve-2021-44228 blog announcement on CVE-2021-4428], December 10, 2021

-----

* [[Development/Security|Back to Security announcements]]
* [[Development|Back to Development]]
* [[Main Page|AtoM wiki home]]

[[Category:Development documentation]]

Log4j

2021-12-13T21:49:00Z

Sromkey: Created page with "in progress"

in progress

User:Hansberende

2021-07-19T19:43:02Z

Sromkey: Creating user page for new user.

Archivist in The Netherlands. Lecturer in The Netherlands and Belgium. Project-manager.

User:Hans Berende

2021-07-19T19:42:33Z

Sromkey: Creating user page for new user.

Archivist and teacher in the Netherlands. See linkedin.com/in/hansberende or @archiefding.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-12T16:09:44Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: July 12, 2021'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json. This would allow institutions to add to the Archivematica workflow (e.g. custom micro-services) in a way that is easier to maintain through upgrades. Developer documentation is pending.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Dev tools deprecated / Hiding active packages ===

Issue: https://github.com/archivematica/Issues/issues/68

Issue: https://github.com/archivematica/Issues/issues/1446

Due to maintainability issues, we have removed the devtools repo. The most commonly used dev tool was used for resolving hidden transfers, which should no longer be relevant since resolving [https://github.com/archivematica/Issues/issues/1446 Issue 1446]- active transfers or SIPs can no longer be hidden. However as a precaution, we have made that command available within Archivematica (https://github.com/artefactual/archivematica/blob/qa/1.x/src/dashboard/src/main/management/commands/resolve_pending_jobs.py).

=== DIP storage locations now allowed in S3 spaces ===

* Issue: https://github.com/archivematica/Issues/issues/1442

This is a '''contribution''' by Fashion Institute of Technology NYC. Thank you!

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450
* Deleting AIPs does not delete associated directories from AIP store, Issue 359: https://github.com/archivematica/Issues/issues/359
* Cannot add a processing configuration is the name has diacritics, Issue 1104: https://github.com/archivematica/Issues/issues/1104
* Cannot create a replicator location in Duracloud space, Issue 1350: https://github.com/archivematica/Issues/issues/1350
* Fixity status tab sorts alphabetically, now sorts by date, Issue 1196: https://github.com/archivematica/Issues/issues/1196
* Failure report not generated when email not configured, Issue 1033: https://github.com/archivematica/Issues/issues/1033
* Replicator does not replicate AIPs on re-ingest or delete replicated AIPs, Issue 985: https://github.com/archivematica/Issues/issues/985

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Release Notes

2021-07-12T16:09:02Z

Sromkey: /* Archivematica 1.x releases */

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Archivematica 1.x releases ==

* [[Archivematica_1.13.0_and_Storage_Service_0.18.0_release_notes|'''Archivematica 1.13.0 and Storage Service 0.18.0 Release Notes''']] (Current release)
* [[Archivematica_1.12.1_and_Storage_Service_0.17.1_release_notes|Archivematica 1.12.1 and Storage Service 0.17.1 Release Notes]]
* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']]
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
*[[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
*[[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
*[[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
*[[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T16:41:15Z

Sromkey: /* Other changes */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: ???'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json. This would allow institutions to add to the Archivematica workflow (e.g. custom micro-services) in a way that is easier to maintain through upgrades. Developer documentation is pending.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Dev tools deprecated / Hiding active packages ===

Issue: https://github.com/archivematica/Issues/issues/68

Issue: https://github.com/archivematica/Issues/issues/1446

Due to maintainability issues, we have removed the devtools repo. The most commonly used dev tool was used for resolving hidden transfers, which should no longer be relevant since resolving [https://github.com/archivematica/Issues/issues/1446 Issue 1446]- active transfers or SIPs can no longer be hidden. However as a precaution, we have made that command available within Archivematica (https://github.com/artefactual/archivematica/blob/qa/1.x/src/dashboard/src/main/management/commands/resolve_pending_jobs.py).

=== DIP storage locations now allowed in S3 spaces ===

* Issue: https://github.com/archivematica/Issues/issues/1442

This is a '''contribution''' by Fashion Institute of Technology NYC. Thank you!

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450
* Deleting AIPs does not delete associated directories from AIP store, Issue 359: https://github.com/archivematica/Issues/issues/359
* Cannot add a processing configuration is the name has diacritics, Issue 1104: https://github.com/archivematica/Issues/issues/1104
* Cannot create a replicator location in Duracloud space, Issue 1350: https://github.com/archivematica/Issues/issues/1350
* Fixity status tab sorts alphabetically, now sorts by date, Issue 1196: https://github.com/archivematica/Issues/issues/1196
* Failure report not generated when email not configured, Issue 1033: https://github.com/archivematica/Issues/issues/1033
* Replicator does not replicate AIPs on re-ingest or delete replicated AIPs, Issue 985: https://github.com/archivematica/Issues/issues/985

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T16:34:33Z

Sromkey: /* Changed */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: ???'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json. This would allow institutions to add to the Archivematica workflow (e.g. custom micro-services) in a way that is easier to maintain through upgrades. Developer documentation is pending.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Dev tools deprecated / Hiding active packages ===

Issue: https://github.com/archivematica/Issues/issues/68

Issue: https://github.com/archivematica/Issues/issues/1446

Due to maintainability issues, we have removed the devtools repo. The most commonly used dev tool was used for resolving hidden transfers, which should no longer be relevant since resolving [https://github.com/archivematica/Issues/issues/1446 Issue 1446]- active transfers or SIPs can no longer be hidden. However as a precaution, we have made that command available within Archivematica (https://github.com/artefactual/archivematica/blob/qa/1.x/src/dashboard/src/main/management/commands/resolve_pending_jobs.py).

=== DIP storage locations now allowed in S3 spaces ===

* Issue: https://github.com/archivematica/Issues/issues/1442

This is a '''contribution''' by Fashion Institute of Technology NYC. Thank you!

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T16:30:30Z

Sromkey: /* Changed */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: ???'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json. This would allow institutions to add to the Archivematica workflow (e.g. custom micro-services) in a way that is easier to maintain through upgrades. Developer documentation is pending.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Dev tools deprecated / Hiding active packages ===

Issue: https://github.com/archivematica/Issues/issues/68

Issue: https://github.com/archivematica/Issues/issues/1446

Due to maintainability issues, we have removed the devtools repo. The most commonly used dev tool was used for resolving hidden transfers, which should no longer be relevant since resolving [https://github.com/archivematica/Issues/issues/1446 Issue 1446]- active transfers or SIPs can no longer be hidden. However as a precaution, we have made that command available within Archivematica (https://github.com/artefactual/archivematica/blob/qa/1.x/src/dashboard/src/main/management/commands/resolve_pending_jobs.py).

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T16:21:12Z

Sromkey: /* Customized workflow file */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: ???'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json. This would allow institutions to add to the Archivematica workflow (e.g. custom micro-services) in a way that is easier to maintain through upgrades. Developer documentation is pending.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T15:34:26Z

Sromkey: /* Added */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.13.0 and Storage Service 0.18.0

'''Release date: ???'''

== Environments ==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.13.0 and Storage Service 0.18.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

Please note that we've dropped support for Ubuntu Linux 16.04 since it reached the end of its five-year LTS window on April 30th 2021. We're planning to add support for Ubuntu 20.04 in the short term.

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

== Added ==

=== Disableable virus scanning ===

* Issue: https://github.com/archivematica/Issues/issues/869

Virus scanning can now be disabled from the processing configuration.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Purge management command ===

* Issue: https://github.com/archivematica/Issues/issues/1239

A new [https://www.archivematica.org/en/docs/archivematica-1.13/admin-manual/maintenance/maintenance/#management-commands management command] has been added to provide a mechanism to remove old processing data from the system filling up the application database and search indices.

=== Strong password validation ===

* Issue: https://github.com/archivematica/Issues/issues/1332

Archivematica and the Storage Service can now require strong passwords for user accounts. Prompts are given when creating a new user if the password doesn't meet the requirements.

This feature was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Audit logging capability ===

* Issue: https://github.com/archivematica/Issues/issues/1341

This addition allows audit logs to be written to third party applications- Artefactual Systems' implementation of this is in a new application called [https://github.com/artefactual-labs/auditmatica Auditmatica]. The change in Archivematica and the Storage Service is only to facilitate the capture of audit logging information in other applications.

This addition was '''sponsored''' by the City of Winnipeg Archives. Thank you!

=== Customized workflow file ===

* Issue: https://github.com/archivematica/Issues/issues/1441

This feature allows the user to indicate the location/existence of a customized workflow document, in json.

== Changed ==

=== Python 3 ===

* Issues: https://github.com/archivematica/Issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.13.0+label%3A%22%3Asnake%3A%C2%B3+Python+3%22

All Archivematica components are now running on Python 3.6.

=== Archivematica Storage Service now uses MySQL by default ===

* Issue: https://github.com/archivematica/Issues/issues/952

MySQL is now the default database in Archivematica Storage Service. SQLite is still supported but we encourage users to migrate. We have documented the process: [https://www.archivematica.org/en/docs/storage-service-0.18/migration-sqlite-mysql/#migration-sqlite-mysql Migrating data from SQLite to MySQL].

=== Allow replicated AIPs to be packaged in a different format from the original ===

*Issue: https://github.com/archivematica/Issues/issues/1440

By using an offline replica storage space it is now possible to replicate AIPs in a different packaging format than the original AIP (helpful in use cases such as offline tape storage, etc).

This change was '''sponsored''' by Norwegian Health Archives. Thank you!

=== Tasks will open in one tab only ===

* Issue: https://github.com/archivematica/Issues/issues/85

Now instead of opening multiple tabs every time a user clicks on a task gear, they will all open in one new tab.

This change was '''contributed''' by Bodleian Library. Thank you!

=== Other changes ===

* Archivematica now records granular time stamps for original files, Issue 1427: https://github.com/archivematica/Issues/issues/1427
* Archival storage csv file sortable by size column, Issue 1450: https://github.com/archivematica/Issues/issues/1450

== Fixed ==

Please see the 1.13 milestone in GitHub for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/17.

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T15:30:48Z

Sromkey: /* Changed */

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T14:35:26Z

Sromkey: /* Added */

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T14:20:07Z

Sromkey: /* Changed */

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-09T11:55:28Z

Sromkey:

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-08T14:10:53Z

Sromkey: /* Disableable virus scanning */

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-08T13:54:50Z

Sromkey: /* Changed */

Archivematica 1.13.0 and Storage Service 0.18.0 release notes

2021-07-08T13:37:35Z

Sromkey: /* Added */

Archivematica 1.12.1 and Storage Service 0.17.1 release notes

2021-01-07T15:10:44Z

Sromkey: /* Supported environments */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.1 and Storage Service 0.17.1

'''Release date: January 7, 2021'''

This minor release primarily addresses a defect related to Duracloud AIP storage integration as well as some installation/upgrade issues experienced after the 1.12.0 release.

==Supported environments==

Installation instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation

Upgrade instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/upgrading/upgrading/#upgrade

Guidance on how to update mapping and reindex Elasticsearch indices: https://wiki.archivematica.org/Update_mapping_and_reindex_Elasticsearch_indices

==Fixed==

List bugfixes with a link to the Github issue.

* AIPs larger than 1 GB cannot be stored in Duracloud: https://github.com/archivematica/Issues/issues/1314
* Upgrade from 1.11.2 to 1.12.0 fails: https://github.com/archivematica/Issues/issues/1312
* Awesome-font error in rpm packages: https://github.com/archivematica/Issues/issues/1300
* Clicking on metadata icon in transfer tab causes internal server error: https://github.com/archivematica/Issues/issues/1324
* Transfer name doesn't always show up ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1250
* Interval setting for updated UI being ignored ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1017

Archivematica 1.12.1 and Storage Service 0.17.1 release notes

2021-01-07T14:19:56Z

Sromkey: /* Supported environments */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.1 and Storage Service 0.17.1

'''Release date: January 7, 2021'''

This minor release primarily addresses a defect related to Duracloud AIP storage integration as well as some installation/upgrade issues experienced after the 1.12.0 release.

==Supported environments==

Installation instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation

Upgrade instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/upgrading/upgrading/#upgrade

==Fixed==

List bugfixes with a link to the Github issue.

* AIPs larger than 1 GB cannot be stored in Duracloud: https://github.com/archivematica/Issues/issues/1314
* Upgrade from 1.11.2 to 1.12.0 fails: https://github.com/archivematica/Issues/issues/1312
* Awesome-font error in rpm packages: https://github.com/archivematica/Issues/issues/1300
* Clicking on metadata icon in transfer tab causes internal server error: https://github.com/archivematica/Issues/issues/1324
* Transfer name doesn't always show up ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1250
* Interval setting for updated UI being ignored ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1017

Archivematica 1.12.1 and Storage Service 0.17.1 release notes

2021-01-07T14:10:38Z

Sromkey: Created page with "Home > Release Notes > Archivematica 1.12.1 and Storage Service 0.17.1 '''Release date: January 7, 2021''' This minor release primarily addre..."

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.1 and Storage Service 0.17.1

'''Release date: January 7, 2021'''

This minor release primarily addresses a defect related to Duracloud AIP storage integration as well as some installation/upgrade issues experienced after the 1.12.0 release.

==Supported environments==

Link to installation instructions.

Specify supported environments, especially if the point release includes new packages.

Make special note of any changes to supported environment.

==Fixed==

List bugfixes with a link to the Github issue.

* AIPs larger than 1 GB cannot be stored in Duracloud: https://github.com/archivematica/Issues/issues/1314
* Upgrade from 1.11.2 to 1.12.0 fails: https://github.com/archivematica/Issues/issues/1312
* Awesome-font error in rpm packages: https://github.com/archivematica/Issues/issues/1300
* Clicking on metadata icon in transfer tab causes internal server error: https://github.com/archivematica/Issues/issues/1324
* Transfer name doesn't always show up ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1250
* Interval setting for updated UI being ignored ('''Sponsored''' by Picturae- thank you!): https://github.com/archivematica/Issues/issues/1017

Release Notes

2021-01-07T13:51:22Z

Sromkey: /* Archivematica 1.x releases */

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Archivematica 1.x releases ==

* [[Archivematica_1.12.1_and_Storage_Service_0.17.1_release_notes|Archivematica 1.12.1 and Storage Service 0.17.1 Release Notes]] (Current release)
* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']]
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
*[[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
*[[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
*[[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
*[[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

Archivematica 1.12.0 and Storage Service 0.17.0 release notes

2020-10-07T14:15:05Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.0 and Storage Service 0.17.0

'''Release date: October 7, 2020'''

==Environments==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.12.0 and Storage Service 0.17.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

<div style="padding: 10px 10px; border: 1px solid black; background-color: #F79086;">Note: if you are upgrading from Archivematica 1.10.x or earlier, please be sure to clean up the completed transfers watched directory before upgrading. Instructions can be found on the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/upgrading/upgrading/#upgrade Upgrading] page in the documentation. </div> <p>

== Added ==

=== Processing configuration selector ===

This feature allows the user to choose a processing configuration at the time of transfer by way of a drop down in the "Start transfer" button.

* Issue: https://github.com/archivematica/Issues/issues/1166
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/transfer/transfer.rst

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== Column selectors for the Backlog and Archival Storage tab ===

Users can now choose the columns displayed while browsing the Backlog and Archival Storage tabs so they can see the information most relevant to them.

* Issue (Archival Storage): https://github.com/archivematica/Issues/issues/1168
* Documentation (Archival Storage): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

* Issue (Backlog): https://github.com/archivematica/Issues/issues/1167
* Documentation (Backlog): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/backlog/backlog/#backlog

These features have been sponsored by Simon Fraser University Archives. Thank you!

=== AIP location column on Archival Storage tab ===

* Issue: https://github.com/archivematica/Issues/issues/1214
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Downloadable CSV from Archival Storage search ===

Users can now download a CSV containing all entries in Archival Storage, containing these columns: AIP name, Size, UUID, Number of files, Date stored, Status, Encrypted, and Storage Location

* Issue: https://github.com/archivematica/Issues/issues/1213
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Central Authentication Service (CAS) for Archivematica and Storage Service ===

* Issue: https://github.com/archivematica/Issues/issues/1211
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#cas-setup

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== OpenID Connect (OIDC) support for Archivematica and Storage Service ===

'''Experimental! Please share your feedback.'''

* Issue: https://github.com/archivematica/Issues/issues/1053
* Instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#oidc-setup

OIDC support is a community contribution by Wellcome Collection. Thank you!

== Changed ==

=== Django 1.12 support ===

* Issue: https://github.com/artefactual/archivematica/issues/1016

Archivematica has been upgraded to Django 1.12 LTS. Our next target is Django 2.2 LTS!

There are a couple of things to be aware of during the Archivematica upgrade in this respect:
* For a seamless experience for your users make sure that all active user sessions are deleted. We explain how here: [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/maintenance/maintenance/#clear-user-sessions Maintenance > Clear user sessions].
* Django's User model now comes with a character limit of 150 characters. In Archivematica v1.11.x or older we had that limit set to 250 characters via a third-party app that we have now deleted. During the database migration (i.e. when running manage.py migrate), users may be required to fix the problem manually. See the [https://github.com/artefactual/archivematica/blob/f87d2f39acce9a59bf49f72fd7e57f9eced2dbe5/src/dashboard/src/main/migrations/0078_username_check.py#L1-L20 migration module documentation] for more details. We expect this to be highly unlikely to happen since the exception is only triggered when the 150 character limit in the username field is exceeded.

=== Replace whitelist with allowlist ===

* Issue: https://github.com/archivematica/Issues/issues/1226

We have changed "whitelist" to "allowlist" in an effort to use more inclusive language throughout Archivematica's code.

== Fixed ==

* Status doesn't revert to "Stored" after deletion requests are rejected: https://github.com/archivematica/Issues/issues/1273
* Cannot create a SIP from a Bag transfer in Appraisal tab: https://github.com/archivematica/Issues/issues/1267
* Transfer/AIP status not in sync when package is deleted within SS: https://github.com/archivematica/Issues/issues/1189
* Cannot rebuild backlog or AIP indices when location is encrypted: https://github.com/archivematica/Issues/issues/734
* Disk usage pages are not reporting accurate numbers: https://github.com/archivematica/Issues/issues/1281

And more! Please see the 1.12 milestone in Github for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/12

Archivematica 1.12.0 and Storage Service 0.17.0 release notes

2020-10-07T14:01:23Z

Sromkey: /* Central Authorization Service (CAS) for Archivematica and Storage Service */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.0 and Storage Service 0.17.0

'''Release date: October 7, 2020'''

==Environments==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.12.0 and Storage Service 0.17.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

Please note due to a dependency issue we have not provided RPMs for the 1.12 release. We plan to address this issue in a point release and provide RPMs then.

<div style="padding: 10px 10px; border: 1px solid black; background-color: #F79086;">Note: if you are upgrading from Archivematica 1.10.x or earlier, please be sure to clean up the completed transfers watched directory before upgrading. Instructions can be found on the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/upgrading/upgrading/#upgrade Upgrading] page in the documentation. </div> <p>

== Added ==

=== Processing configuration selector ===

This feature allows the user to choose a processing configuration at the time of transfer by way of a drop down in the "Start transfer" button.

* Issue: https://github.com/archivematica/Issues/issues/1166
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/transfer/transfer.rst

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== Column selectors for the Backlog and Archival Storage tab ===

Users can now choose the columns displayed while browsing the Backlog and Archival Storage tabs so they can see the information most relevant to them.

* Issue (Archival Storage): https://github.com/archivematica/Issues/issues/1168
* Documentation (Archival Storage): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

* Issue (Backlog): https://github.com/archivematica/Issues/issues/1167
* Documentation (Backlog): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/backlog/backlog/#backlog

These features have been sponsored by Simon Fraser University Archives. Thank you!

=== AIP location column on Archival Storage tab ===

* Issue: https://github.com/archivematica/Issues/issues/1214
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Downloadable CSV from Archival Storage search ===

Users can now download a CSV containing all entries in Archival Storage, containing these columns: AIP name, Size, UUID, Number of files, Date stored, Status, Encrypted, and Storage Location

* Issue: https://github.com/archivematica/Issues/issues/1213
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Central Authentication Service (CAS) for Archivematica and Storage Service ===

* Issue: https://github.com/archivematica/Issues/issues/1211
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#cas-setup

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== OpenID Connect (OIDC) support for Archivematica and Storage Service ===

'''Experimental! Please share your feedback.'''

* Issue: https://github.com/archivematica/Issues/issues/1053
* Instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#oidc-setup

OIDC support is a community contribution by Wellcome Collection. Thank you!

== Changed ==

=== Django 1.12 support ===

* Issue: https://github.com/artefactual/archivematica/issues/1016

Archivematica has been upgraded to Django 1.12 LTS. Our next target is Django 2.2 LTS!

There are a couple of things to be aware of during the Archivematica upgrade in this respect:
* For a seamless experience for your users make sure that all active user sessions are deleted. We explain how here: [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/maintenance/maintenance/#clear-user-sessions Maintenance > Clear user sessions].
* Django's User model now comes with a character limit of 150 characters. In Archivematica v1.11.x or older we had that limit set to 250 characters via a third-party app that we have now deleted. During the database migration (i.e. when running manage.py migrate), users may be required to fix the problem manually. See the [https://github.com/artefactual/archivematica/blob/f87d2f39acce9a59bf49f72fd7e57f9eced2dbe5/src/dashboard/src/main/migrations/0078_username_check.py#L1-L20 migration module documentation] for more details. We expect this to be highly unlikely to happen since the exception is only triggered when the 150 character limit in the username field is exceeded.

=== Replace whitelist with allowlist ===

* Issue: https://github.com/archivematica/Issues/issues/1226

We have changed "whitelist" to "allowlist" in an effort to use more inclusive language throughout Archivematica's code.

== Fixed ==

* Status doesn't revert to "Stored" after deletion requests are rejected: https://github.com/archivematica/Issues/issues/1273
* Cannot create a SIP from a Bag transfer in Appraisal tab: https://github.com/archivematica/Issues/issues/1267
* Transfer/AIP status not in sync when package is deleted within SS: https://github.com/archivematica/Issues/issues/1189
* Cannot rebuild backlog or AIP indices when location is encrypted: https://github.com/archivematica/Issues/issues/734
* Disk usage pages are not reporting accurate numbers: https://github.com/archivematica/Issues/issues/1281

And more! Please see the 1.12 milestone in Github for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/12

Archivematica 1.12.0 and Storage Service 0.17.0 release notes

2020-10-07T13:57:05Z

Sromkey: /* Environments */

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.0 and Storage Service 0.17.0

'''Release date: October 7, 2020'''

==Environments==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.12.0 and Storage Service 0.17.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

Please note due to a dependency issue we have not provided RPMs for the 1.12 release. We plan to address this issue in a point release and provide RPMs then.

<div style="padding: 10px 10px; border: 1px solid black; background-color: #F79086;">Note: if you are upgrading from Archivematica 1.10.x or earlier, please be sure to clean up the completed transfers watched directory before upgrading. Instructions can be found on the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/upgrading/upgrading/#upgrade Upgrading] page in the documentation. </div> <p>

== Added ==

=== Processing configuration selector ===

This feature allows the user to choose a processing configuration at the time of transfer by way of a drop down in the "Start transfer" button.

* Issue: https://github.com/archivematica/Issues/issues/1166
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/transfer/transfer.rst

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== Column selectors for the Backlog and Archival Storage tab ===

Users can now choose the columns displayed while browsing the Backlog and Archival Storage tabs so they can see the information most relevant to them.

* Issue (Archival Storage): https://github.com/archivematica/Issues/issues/1168
* Documentation (Archival Storage): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

* Issue (Backlog): https://github.com/archivematica/Issues/issues/1167
* Documentation (Backlog): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/backlog/backlog/#backlog

These features have been sponsored by Simon Fraser University Archives. Thank you!

=== AIP location column on Archival Storage tab ===

* Issue: https://github.com/archivematica/Issues/issues/1214
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Downloadable CSV from Archival Storage search ===

Users can now download a CSV containing all entries in Archival Storage, containing these columns: AIP name, Size, UUID, Number of files, Date stored, Status, Encrypted, and Storage Location

* Issue: https://github.com/archivematica/Issues/issues/1213
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Central Authorization Service (CAS) for Archivematica and Storage Service ===

* Issue: https://github.com/archivematica/Issues/issues/1211
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#cas-setup

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== OpenID Connect (OIDC) support for Archivematica and Storage Service ===

'''Experimental! Please share your feedback.'''

* Issue: https://github.com/archivematica/Issues/issues/1053
* Instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#oidc-setup

OIDC support is a community contribution by Wellcome Collection. Thank you!

== Changed ==

=== Django 1.12 support ===

* Issue: https://github.com/artefactual/archivematica/issues/1016

Archivematica has been upgraded to Django 1.12 LTS. Our next target is Django 2.2 LTS!

There are a couple of things to be aware of during the Archivematica upgrade in this respect:
* For a seamless experience for your users make sure that all active user sessions are deleted. We explain how here: [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/maintenance/maintenance/#clear-user-sessions Maintenance > Clear user sessions].
* Django's User model now comes with a character limit of 150 characters. In Archivematica v1.11.x or older we had that limit set to 250 characters via a third-party app that we have now deleted. During the database migration (i.e. when running manage.py migrate), users may be required to fix the problem manually. See the [https://github.com/artefactual/archivematica/blob/f87d2f39acce9a59bf49f72fd7e57f9eced2dbe5/src/dashboard/src/main/migrations/0078_username_check.py#L1-L20 migration module documentation] for more details. We expect this to be highly unlikely to happen since the exception is only triggered when the 150 character limit in the username field is exceeded.

=== Replace whitelist with allowlist ===

* Issue: https://github.com/archivematica/Issues/issues/1226

We have changed "whitelist" to "allowlist" in an effort to use more inclusive language throughout Archivematica's code.

== Fixed ==

* Status doesn't revert to "Stored" after deletion requests are rejected: https://github.com/archivematica/Issues/issues/1273
* Cannot create a SIP from a Bag transfer in Appraisal tab: https://github.com/archivematica/Issues/issues/1267
* Transfer/AIP status not in sync when package is deleted within SS: https://github.com/archivematica/Issues/issues/1189
* Cannot rebuild backlog or AIP indices when location is encrypted: https://github.com/archivematica/Issues/issues/734
* Disk usage pages are not reporting accurate numbers: https://github.com/archivematica/Issues/issues/1281

And more! Please see the 1.12 milestone in Github for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/12

Archivematica 1.12.0 and Storage Service 0.17.0 release notes

2020-10-07T13:50:13Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.0 and Storage Service 0.17.0

'''Release date: October 7, 2020'''

==Environments==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.12.0 and Storage Service 0.17.0 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

Please note due to a dependency issue we have not provided RPMs for the 1.12 release. We plan to address this issue in a point release and provide RPMs then.

<div style="padding: 10px 10px; border: 1px solid black; background-color: #F79086;">Note: if you are upgrading from Archivematica 1.10.x or earlier, please be sure to clean up the completed transfers watched directory before upgrading. Instructions can be found on the [https://www.archivematica.org/en/docs/archivematica-1.11/admin-manual/installation-setup/upgrading/upgrading/#upgrade Upgrading] page in the documentation. </div> <p>

== Added ==

=== Processing configuration selector ===

This feature allows the user to choose a processing configuration at the time of transfer by way of a drop down in the "Start transfer" button.

* Issue: https://github.com/archivematica/Issues/issues/1166
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/transfer/transfer.rst

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== Column selectors for the Backlog and Archival Storage tab ===

Users can now choose the columns displayed while browsing the Backlog and Archival Storage tabs so they can see the information most relevant to them.

* Issue (Archival Storage): https://github.com/archivematica/Issues/issues/1168
* Documentation (Archival Storage): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

* Issue (Backlog): https://github.com/archivematica/Issues/issues/1167
* Documentation (Backlog): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/backlog/backlog/#backlog

These features have been sponsored by Simon Fraser University Archives. Thank you!

=== AIP location column on Archival Storage tab ===

* Issue: https://github.com/archivematica/Issues/issues/1214
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Downloadable CSV from Archival Storage search ===

Users can now download a CSV containing all entries in Archival Storage, containing these columns: AIP name, Size, UUID, Number of files, Date stored, Status, Encrypted, and Storage Location

* Issue: https://github.com/archivematica/Issues/issues/1213
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Central Authorization Service (CAS) for Archivematica and Storage Service ===

* Issue: https://github.com/archivematica/Issues/issues/1211
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#cas-setup

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== OpenID Connect (OIDC) support for Archivematica and Storage Service ===

'''Experimental! Please share your feedback.'''

* Issue: https://github.com/archivematica/Issues/issues/1053
* Instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#oidc-setup

OIDC support is a community contribution by Wellcome Collection. Thank you!

== Changed ==

=== Django 1.12 support ===

* Issue: https://github.com/artefactual/archivematica/issues/1016

Archivematica has been upgraded to Django 1.12 LTS. Our next target is Django 2.2 LTS!

There are a couple of things to be aware of during the Archivematica upgrade in this respect:
* For a seamless experience for your users make sure that all active user sessions are deleted. We explain how here: [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/maintenance/maintenance/#clear-user-sessions Maintenance > Clear user sessions].
* Django's User model now comes with a character limit of 150 characters. In Archivematica v1.11.x or older we had that limit set to 250 characters via a third-party app that we have now deleted. During the database migration (i.e. when running manage.py migrate), users may be required to fix the problem manually. See the [https://github.com/artefactual/archivematica/blob/f87d2f39acce9a59bf49f72fd7e57f9eced2dbe5/src/dashboard/src/main/migrations/0078_username_check.py#L1-L20 migration module documentation] for more details. We expect this to be highly unlikely to happen since the exception is only triggered when the 150 character limit in the username field is exceeded.

=== Replace whitelist with allowlist ===

* Issue: https://github.com/archivematica/Issues/issues/1226

We have changed "whitelist" to "allowlist" in an effort to use more inclusive language throughout Archivematica's code.

== Fixed ==

* Status doesn't revert to "Stored" after deletion requests are rejected: https://github.com/archivematica/Issues/issues/1273
* Cannot create a SIP from a Bag transfer in Appraisal tab: https://github.com/archivematica/Issues/issues/1267
* Transfer/AIP status not in sync when package is deleted within SS: https://github.com/archivematica/Issues/issues/1189
* Cannot rebuild backlog or AIP indices when location is encrypted: https://github.com/archivematica/Issues/issues/734
* Disk usage pages are not reporting accurate numbers: https://github.com/archivematica/Issues/issues/1281

And more! Please see the 1.12 milestone in Github for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/12

Release Notes

2020-10-07T13:49:37Z

Sromkey: /* Archivematica 1.x releases */

[[Main_Page|Home]] > Release Notes

== About ==

Release notes are prepared by Artefactual for each release of Archivematica. Most releases also have a corresponding release of the Storage System, and may also include corresponding releases for various dependencies and libraries (i.e. FIDO, Automation Tools) - be sure to check the release notes for more information.

Major releases are '''bolded''', minor releases are not.

Features, enhancements, and bug fixes are often sponsored by members of the Archivematica community who are dedicated to funding Archivematica's ongoing development and maintenance. Code contributors are individuals who write Archivematica code and [https://github.com/artefactual/archivematica/blob/stable/1.6.x/CONTRIBUTING.md| contribute it] back to the project. Archivematica couldn't continue to grow without sponsors and contributors - thank you!

Questions about a release or the release notes? Ask on the [https://groups.google.com/forum/#!forum/archivematica| Archivematica Google Group!]

== Archivematica 1.x releases ==

* [[Archivematica_1.12.0_and_Storage_Service_0.17.0_release_notes|'''Archivematica 1.12.0 and Storage Service 0.17.0 Release Notes''']] (Current release)
* [[Archivematica_1.11.2_and_Storage_Service_0.16.1_release_notes|Archivematica 1.11.2 and Storage Service 0.16.1 Release Notes]]
* [[Archivematica_1.11.1|Archivematica 1.11.1 Release Notes]]
* [[Archivematica_1.11_and_Storage_Service_0.16_release_notes|'''Archivematica 1.11 and Storage Service 0.16 Release Notes''']]
* [[Archivematica_1.10.2|Archivematica 1.10.2 Release Notes]]
* [[Archivematica_1.10.1_release_notes|Archivematica 1.10.1 and Storage Service 0.15.1 Release Notes]]
* [[Archivematica_1.10_and_Storage_Service_0.15_release_notes|'''Archivematica 1.10 and Storage Service 0.15 Release Notes''']]
* [[Archivematica_1.9.3|Archivematica 1.9.3 Release Notes]]
* [[Archivematica_1.9.2_release_notes|Archivematica 1.9.2 Release Notes]]
* [[Archivematica_1.9.1_and_Storage_Service_0.14.1_release_notes|Archivematica 1.9.1 and Storage Service 0.14.1 Release Notes]]
* [[Archivematica_1.9_and_Storage_Service_0.14_release_notes|'''Archivematica 1.9 and Storage Service 0.14 Release Notes''']]
* [[Archivematica_1.8.1_release_notes|Archivematica 1.8.1 Release Notes]]
* [[Archivematica_1.8_and_Storage_Service_0.13_release_notes|'''Archivematica 1.8 and Storage Service 0.13 Release Notes''']]
*[[Archivematica 1.7.2_release_notes|Archivematica 1.7.2 Release Notes]]
*[[Storage Service 0.12 Release Notes|'''Storage Service 0.12 Release Notes''']]
*[[Archivematica 1.7.1_release_notes|Archivematica 1.7.1 Release Notes]]
*[[Storage Service 0.11.1 Release Notes]]
* [[Archivematica_1.7_and_Storage_Service_0.11_release_notes|'''Archivematica 1.7 and Storage Service 0.11 Release Notes''']]
* [[Archivematica_1.6.1_release_notes|Archivematica 1.6.1 Release Notes]]
* [[Archivematica_1.6_release_notes|'''Archivematica 1.6 Release Notes''']]
* [[Archivematica_1.5.1_Release_Notes|Archivematica 1.5.1 Release Notes]]
* [[Archivematica_1.5_Release_Notes|'''Archivematica 1.5 Release Notes''']]
* [[Archivematica_1.4.1_Release_Notes|Archivematica 1.4.1 Release Notes]]
* [[Archivematica_1.4_Release_Notes|'''Archivematica 1.4 Release Notes''']]
* [[Archivematica_1.3.2_Release_Notes|Archivematica 1.3.2 Release Notes]]
* [[Archivematica_1.3.1_Release_Notes|Archivematica 1.3.1 Release Notes]]
* [[Archivematica_1.3_Release_Notes|'''Archivematica 1.3 Release Notes''']]
* [[Archivematica_1.2_Release_Notes|'''Archivematica 1.2 Release Notes''']]
* [[Archivematica_1.1_Release_Notes|'''Archivematica 1.1 Release Notes''']]
* [[Archivematica_1.0_Release_Notes|'''Archivematica 1.0 Release Notes''']]

== Archivematica 0.x releases ==

* [[Archivematica_0.10-beta_Release_Notes|'''Archivematica 0.10 Release Notes''']]
* [[Archivematica_0.9_Release_Notes|'''Archivematica 0.9 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.8 Release Notes''']]
* [[Archivematica_0.7.1_Release_Notes|Archivematica 0.7.1 Release Notes]]
* [[Archivematica_0.7_Release_Notes|'''Archivematica 0.7 Release Notes''']]
* [[Archivematica_0.8_Release_Notes|'''Archivematica 0.6 Release Notes''']]

== Templates ==

* [[Major_release_notes|Template for major releases]]
* [[Minor_release_notes|Template for minor releases]]

Archivematica 1.12.0 and Storage Service 0.17.0 release notes

2020-08-28T19:38:29Z

Sromkey:

[[Main_Page|Home]] > [[Release_Notes|Release Notes]] > Archivematica 1.12.0 and Storage Service 0.17.0

'''Release date: still in progress!'''

==Environments==

Please see the [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/installation-setup/installation/installation/#installation installation instructions].

Archivematica 1.11 and Storage Service 0.16 have been tested in the following environments:

* Ubuntu 18.04 64-bit Server Edition
* CentOS 7 64-bit

For development purposes, most of our developers prefer to use Docker containers. These and all above environments are linked from the installation instructions above.

Please note due to a dependency issue we have not provided RPMs for the 1.12 release. We plan to address this issue in a point release and provide RPMs then.

<div style="padding: 10px 10px; border: 1px solid black; background-color: #F79086;">Note: if you are upgrading from Archivematica 1.10.x or earlier, please be sure to clean up the completed transfers watched directory before upgrading. Instructions can be found on the [https://www.archivematica.org/en/docs/archivematica-1.11/admin-manual/installation-setup/upgrading/upgrading/#upgrade Upgrading] page in the documentation. </div> <p>

== Added ==

=== Processing configuration selector ===

This feature allows the user to choose a processing configuration at the time of transfer by way of a drop down in the "Start transfer" button.

* Issue: https://github.com/archivematica/Issues/issues/1166
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/transfer/transfer.rst

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== Column selectors for the Backlog and Archival Storage tab ===

Users can now choose the columns displayed while browsing the Backlog and Archival Storage tabs so they can see the information most relevant to them.

* Issue (Archival Storage): https://github.com/archivematica/Issues/issues/1168
* Documentation (Archival Storage): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

* Issue (Backlog): https://github.com/archivematica/Issues/issues/1167
* Documentation (Backlog): https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/backlog/backlog/#backlog

These features have been sponsored by Simon Fraser University Archives. Thank you!

=== AIP location column on Archival Storage tab ===

* Issue: https://github.com/archivematica/Issues/issues/1214
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Downloadable CSV from Archival Storage search ===

Users can now download a CSV containing all entries in Archival Storage, containing these columns: AIP name, Size, UUID, Number of files, Date stored, Status, Encrypted, and Storage Location

* Issue: https://github.com/archivematica/Issues/issues/1213
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/user-manual/archival-storage/archival-storage/#archival-storage

This feature has been sponsored by Picturae. Thank you!

=== Central Authorization Service (CAS) for Archivematica and Storage Service ===

* Issue: https://github.com/archivematica/Issues/issues/1211
* Documentation: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#cas-setup

This feature has been sponsored by Simon Fraser University Archives. Thank you!

=== OpenID Connect (OIDC) support for Archivematica and Storage Service ===

'''Experimental! Please share your feedback.'''

* Issue: https://github.com/archivematica/Issues/issues/1053
* Instructions: https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/security/security/#oidc-setup

OIDC support is a community contribution by Wellcome Collection. Thank you!

== Changed ==

=== Django 1.12 support ===

* Issue: https://github.com/artefactual/archivematica/issues/1016

Archivematica has been upgraded to Django 1.12 LTS. Our next target is Django 2.2 LTS!

For a seamless experience for your users make sure that all active user sessions are deleted. We explain how here: [https://www.archivematica.org/en/docs/archivematica-1.12/admin-manual/maintenance/maintenance/#clear-user-sessions Maintenance > Clear user sessions].

=== Replace whitelist with allowlist ===

* Issue: https://github.com/archivematica/Issues/issues/1226

We have changed "whitelist" to "allowlist" in an effort to use more inclusive language throughout Archivematica's code.

== Fixed ==

* Status doesn't revert to "Stored" after deletion requests are rejected: https://github.com/archivematica/Issues/issues/1273
* Cannot create a SIP from a Bag transfer in Appraisal tab: https://github.com/archivematica/Issues/issues/1267
* Transfer/AIP status not in sync when package is deleted within SS: https://github.com/archivematica/Issues/issues/1189
* Cannot rebuild backlog or AIP indices when location is encrypted: https://github.com/archivematica/Issues/issues/734
* Disk usage pages are not reporting accurate numbers: https://github.com/archivematica/Issues/issues/1281

And more! Please see the 1.12 milestone in Github for all issues addressed in this release: https://github.com/archivematica/Issues/milestone/12