Releases: bastillion-io/Bastillion
Releases · bastillion-io/Bastillion
4.0.1
🚀 Bastillion Release Notes
What’s New
- ✅ Upgraded to Java 21 and Jakarta EE 11 — modern language features, improved performance, and long-term support.
- 🔐 Added full support for Ed25519 and Ed448 SSH key generation, with Ed25519 now set as the default key type.
- 📦 Updated all libraries and dependencies to their latest stable releases for enhanced security, stability, and compatibility.
Migration Guide (from v3.10.00)
To migrate from a previous installation:
-
Ensure Java 21 is installed
Bastillion now requires Java 21. Confirm it's installed and available in your environment:java --version
On Ubuntu, you can install it via:
sudo apt update sudo apt install -y openjdk‑21‑jdk
-
Backup your existing database
The H2 data store is usually named:bastillion.h2.db(Older versions may use
keybox.h2.db.) -
Copy the following files and directories from your old installation:
jetty/bastillion/WEB-INF/classes/keydb/→ copy the entire folder and its contentsjetty/bastillion/WEB-INF/classes/bastillion.jceksjetty/bastillion/WEB-INF/classes/BastillionConfig.properties
-
Review and migrate configuration files as needed:
jaas.conflog4j2.xmlkeystorejetty-ssl.xmljetty-http.xml
-
Restart Bastillion
Confirm that the application is connected to its previous database and that all services start cleanly under Jetty.
Additional Notes
- Ed25519 keys (256-bit) are now the default for improved speed and security.
- Ed448 keys (448-bit) are supported for environments requiring extended cryptographic strength.
- Migration preserves existing authorized keys and stored credentials if configuration paths are copied correctly.
3.15.00
Update 3rd party dependencies to latest including Jetty.
To migrate from >= 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.14.0
New look and feel - Upgraded to Bootstrap v5, the latest Jetty, and updated all 3rd party libraries to the latest.
To migrate from >= 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.13.00
Update h2 to the latest version fix issue upgrading due to incompatibilities with H2 v2 - #417
To migrate from >= 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.12.02
Update jetty, jsch, and h2 to the latest version
To migrate from 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.12.01
Remediation for CVE-2021-45105
To migrate from 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.12.00
Remediation for CVE-2021-23463
To migrate from 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar /opt/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.11.01
Update Log4j to 2.16 to address CVE-2021-44228 and CVE-2021-45046
To migrate from 3.10.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.10.00
Upgraded all dependencies including jquery to 3.5.1.
Added map option for default profile on Ldap authentication
Up'ed encryption key size to 256 default
To migrate from 3.08.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
3.09.00
Removed license key requirement.
To migrate from 3.08.00
- Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
- Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
- Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml