This release of PingDataGovernance Server addresses critical issues from earlier versions. Update all affected servers appropriately.
- Addressed an issue that could lead to slow, off-heap memory growth. This only
occurred on servers whose
cn=Version,cn=monitor
entry was retrieved frequently.- Fixed in: 8.1.0.0
- Introduced in: 5.2.0.0
- Support identifiers: DS-41301
- The following enhancements were made to the topology manager to make it easier
to diagnose connection errors:
- Added monitoring information for all the failed outbound connections (including the time since it has been failing and the last error message seen when the failure occurred) from a server to one of its configured peers and the number of failed outbound connections.
- Added alarms/alerts for when a server fails to connect to a peer server within a configured grace period.
- Fixed in: 7.3.0.0
- Introduced in: 7.0.0.0
- Support identifiers: DS-38334 SF#00655578
- The topology manager now raises a
mirrored-subtree-manager-connection-asymmetry
alarm when a server can establish outbound connections to its peer servers but those peer servers cannot establish connections back to the server within the configured grace period. The alarm is cleared as soon as there is connection symmetry.- Fixed in: 7.3.0.0
- Introduced in: 7.0.0.0
- Support identifiers: DS-38344 SF#00655578
- Fixed two issues in which the server could have exposed some clear-text
passwords in files on the server file system.
- When creating an encrypted backup of the alarms, alerts, configuration, encryption settings, schema, tasks, or trust store backends, the password used to generate the encryption key (which may have been obtained from an encryption settings definition) could have been inadvertently written into the backup descriptor.
- When running certain command-line tools with an argument instructing the
tool to read a password from a file, the password contained in that file
could have been written into the server's tool invocation log instead of
the path to that file. Affected tools include backup,
create-initial-config,
ldappasswordmodify,
manage-tasks, manage-topology,
reload-http-connection-handler-certificates,
remove-defunct-server,
restore, rotate-log, and
stop-server. Other tools are not affected. Also
note that this only includes passwords contained in files that were
provided as command-line arguments; passwords included in the
tools.properties file, or in a file referenced
from tools.properties, would not have been exposed.
In each of these cases, the files would have been written with permissions that make their contents only accessible to the system account used to run the server. Further, while administrative passwords might have been exposed in the tool invocation log, neither the passwords for regular users, nor any other data from their entries, should have been affected. We have introduced new automated tests to help ensure that such incidents do not occur in the future.
We recommend changing any administrative passwords you fear might have been compromised as a result of this issue. If you are concerned that the passphrase for an encryption settings definition might have been exposed, then we recommend creating a new encryption settings definition that is preferred for all subsequent encryption operations. You also might want to re-encrypt or destroy any existing backups, LDIF exports, or other data encrypted with a compromised key, and you might want to sanitize or destroy any existing tool invocation log files that might contain clear-text passwords.
- Fixed in: 7.3.0.0
- Introduced in: 7.0.0.0
- Support identifiers: DS-38897 DS-38908
- The following enhancements were made to the topology manager to make it easier
to diagnose connection errors:
- Added monitoring information for all the failed outbound connections (including the time since it has been failing and the last error message seen when the failure occurred) from a server to one of its configured peers and the number of failed outbound connections.
- Added alarms/alerts for when a server fails to connect to a peer server within a configured grace period.
- Fixed in: 7.2.1.0
- Introduced in: 7.0.0.0
- Support identifiers: DS-38334 SF#00655578
- The topology manager now raises a
mirrored-subtree-manager-connection-asymmetry
alarm when a server can establish outbound connections to its peer servers but those peer servers cannot establish connections back to the server within the configured grace period. The alarm is cleared as soon as there is connection symmetry.- Fixed in: 7.2.1.0
- Introduced in: 7.0.0.0
- Support identifiers: DS-38344 SF#00655578
- Fixed two issues in which the server could have exposed some clear-text
passwords in files on the server file system.
- When creating an encrypted backup of the alarms, alerts, configuration, encryption settings, schema, tasks, or trust store backends, the password used to generate the encryption key (which may have been obtained from an encryption settings definition) could have been inadvertently written into the backup descriptor.
- When running certain command-line tools with an argument instructing the
tool to read a password from a file, the password contained in that file
could have been written into the server's tool invocation log instead of
the path to that file. Affected tools include backup,
create-initial-config,
ldappasswordmodify,
manage-tasks, manage-topology,
reload-http-connection-handler-certificates,
remove-defunct-server,
restore, rotate-log, and
stop-server. Other tools are not affected. Also
note that this only includes passwords contained in files that were
provided as command-line arguments; passwords included in the
tools.properties file, or in a file referenced
from tools.properties, would not have been exposed.
In each of these cases, the files would have been written with permissions that make their contents only accessible to the system account used to run the server. Further, while administrative passwords might have been exposed in the tool invocation log, neither the passwords for regular users, nor any other data from their entries, should have been affected. We have introduced new automated tests to help ensure that such incidents do not occur in the future.
We recommend changing any administrative passwords you fear might have been compromised as a result of this issue. If you are concerned that the passphrase for an encryption settings definition might have been exposed, then we recommend creating a new encryption settings definition that is preferred for all subsequent encryption operations. You also might want to re-encrypt or destroy any existing backups, LDIF exports, or other data encrypted with a compromised key, and you might want to sanitize or destroy any existing tool invocation log files that might contain clear-text passwords.
- Fixed in: 7.0.1.3
- Introduced in: 7.0.0.0
- Support identifiers: DS-38897 DS-38908