Release notes

nevisAppliance 2.201911.814-LTS - 16.08.2023

Highlights

The Nevis Cluster 2.201911.814-LTS 2019 release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisadmin 3.7.16.1
• nevisadmin4 4.5.20.2
• nevisagent 3.7.16.1
• nevisauth 4.25.14.1
• nevisdp 2.17a.8.5677173160
• nevisidm 2.75.17.5783757299
• nevisidmcl 2.75.17.5783757299
• nevisidmdb 2.75.17.5783757299
• nevislogrend 1.7.24.1
• nevisproxy 3.14.3.29

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.
• UPGRADED: We upgraded MariaDB to 10.3.39 to patch CVE-2022-47015.

nevisAppliance 2.201911.805-LTS - 24.04.2023

nevisAppliance 2.201911.807-LTS - 17.05.2023

Highlights

The Nevis Cluster 2.201911.807-LTS 2019 release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin4 4.5.19.1
• nevisAdmin4 plugins 4.5.19.4
• nevisAuth 4.25.14.1
• nevisdp 2.17.7.4719798414
• nevisIdm 2.75.16.4720698322
• nevisIdmDb 2.75.16.4720698322
• nevisidmCl 2.75.16.4720698322
• nevisIdm Rest API 2.75.16.4720698322
• nevisproxy 3.14.3.28

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.805-LTS - 24.04.2023

Highlights

The Nevis Cluster 2.201911.805-LTS 2019 patch release 4 is published.

Announcement

This is a patch release for the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisadmin-3.7.16.1

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.803-LTS - 27.03.2023

Highlights

The Nevis Cluster 2.201911.803-LTS 2019 patch release 3 is published.

Announcement

This is a patch release for the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisauth-4.25.13.2

Resolved issues

• FIXED: We fixed the nevisauth SAML vulnerability.
• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.802-LTS - 28.02.2023

Highlights

The Nevis Cluster 2.201911.802-LTS 2019 patch release is published.

Announcement

This is a patch release for the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisagent-3.7.15.1
• nevisadmin-3.7.15.1
• nevisproxy-3.14.3.27

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.801-LTS - 15.02.2023

Highlights

The Nevis Cluster 2.201911.801-LTS 2019 release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin: 3.7.14.3
• nevisAdmin4: 4.5.17.1
• nevisAgent: 3.7.14.3
• nevisAuth: 4.25.13.1
• nevisDp: 2.17.6.4112284406
• nevisIdm: 2.75.15.3993822233
• nevisIdmCl: 2.75.15.3993822233
• nevisIdmDb: 2.75.15.3993822233
• nevisLogrend: 1.7.24.1
• nevisProxy: 3.14.3.26
• nevisReports: 4.3.8~202301311834.433

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.362.b08.

nevisAppliance 2.201911.796-LTS - 03.01.2023

Highlights

The Nevis Cluster 2.201911.796-LTS 2019 patch release is published.

Announcement

This is a nevisadm3 security patch release for the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisagent-3.7.14.3
• nevisadmin-3.7.14.3

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.795-LTS - 07.12.2022

Highlights

The Nevis Cluster 2.201911.795-LTS 2019 patch release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisproxy-3.14.3.26

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.

nevisAppliance 2.201911.794-LTS - 16.11.2022

Highlights

The Nevis Cluster 2.201911.794-LTS 2019 release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisadmin-3.7.13.1
• nevisadmin4-4.5.16.1
• nevisagent-3.7.13.1
• nevisauth-4.25.13.1
• neviscred-2.0.20.0
• nevisdp-2.17.5.3284864854
• nevisidm-2.75.14.3347558647
• nevisidmcl-2.75.14.3347558647
• nevisidmdb-2.75.14.3347558647
• nevislogrend-1.7.24.1
• nevismeta-1.5.15.4
• nevisproxy-3.14.3.25
• nevisreports-4.3.6~202210271136.431
• neviswf-1.13.1.27

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.352.b08.

nevisAppliance 2.201911.791 LTS - 14.10.2022

Highlights

The Nevis Cluster 2.201911.791-LTS 2019 patch release is published.

Announcement

This is a patch release for the nevisAppliance August 2022 LTS-19 Release (2.201911.790-LTS).

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

• nevisProxy 3.14.3.24

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.
• UPGRADED: We upgraded OpenJDK to 1.8.0.345.b01.

nevisAppliance 2.201911.790 LTS - 31.08.2022

Highlights

The Nevis Cluster 2.201911.790-LTS 2019 patch release is published.

Announcement

This is a patch release for the nevisAppliance August 2022 LTS-19 Release (2.201911.788-LTS). Included is a ModsecurityFilter patch in nevisProxy that has been discovered after the Cluster release.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

• nevisProxy 3.14.3.23

Resolved issues

• UPGRADED: We upgraded the CentOS operating system to the latest available version.
• UPGRADED: We upgraded OpenJDK to 1.8.0.342.b07.

nevisAppliance 2.201911.788 LTS - 17.08.2022

Highlights

The Nevis Cluster 2.201911.788-LTS 2019 release is published.

Announcement

This is the update of the LTS-201911 release. which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin 3.7.12.2
• nevisAdmin4 4.5.15.1
• nevisAgent 3.7.12.2
• nevisAuth 4.25.12.1
• nevisDp 2.17.4.2825839849
• nevisFido 1.8.6.1
• nevisFidocl 1.8.6.1
• nevisIdm 2.75.13.2780202234
• nevisIdmcl 2.75.13.2780202234
• nevisIdmdb 2.75.13.2780202234
• nevisLogrend 1.7.23.1
• nevisMeta 1.5.14.1
• nevisProxy 3.14.3.22
• nevisreports 4.3.5~202206271554.430
• nevisreports-es 4.3.5~202206271554.430
• nevisreports-ls 4.3.5~202206271554.430

Resolved issues

• UPGRADED: The CentOS operating system is upgraded to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.342.b07.

nevisAppliance 2.201911.778 LTS - 18.05.2022

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.201911.778-LTS 2019 release.

Announcement

This is the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin 3.7.11.2
• nevisAgent 3.7.11.2
• nevisAuth 4.25.11.2
• nevisCred 2.0.20.0
• nevisDataPorter 2.17.3.2095812162
• nevisIDM 2.75.12.2270117194
• nevisLogrend 1.7.22.1
• nevisMeta 1.5.13.0
• nevisProxy 3.14.3.21

Resolved issues

• UPGRADED: The CentOS operating system is upgraded to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.332.b09.

nevisAppliance 2.201911.776 LTS - 23.03.2022

Highlights

We are pleased to present the Nevis Cluster 2.201911.776-LTS 2019 release.

Announcement

This is a security fix release, addressing the lately found Common Vulnerability and Exposures (CVEs) :

• CVE-2022-23943
• CVE-2022-22721
• CVE-2022-22720
• CVE-2022-22719
• CVE-2022-0778

We urge you to update soon to keep your Nevis systems safe.

Upgraded Nevis components

• nevisProxy 3.14.3.20

Resolved issues

• FIXED: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719, and CVE-2022-0778.
• UPGRADED: The CentOS Stream 7 operating system is upgraded to the latest available version.

nevisAppliance 2.201911.768 LTS - 16.02.2022

Highlights

We are pleased to present the Nevis Cluster 2.201911.768-LTS 2019 release.

Announcement

This is the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin 3.7.10.2
• nevisAgent 3.7.10.2
• nevisAuth 4.25.10.1
• nevisDataPorter 2.17.2.1745278210
• nevisIDM 2.75.11.1717866455
• nevisLogrend 1.7.21.1
• nevisMeta 1.5.12.0
• nevisProxy 3.14.3.19

Resolved issues

• UPGRADED: The CentOS operating system is upgraded to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.322.b06.
• UPGRADED: MariaDB is upgraded to 10.3.34

nevisAppliance 2.201911.763 LTS - 17.11.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.762-LTS 2019 release.

Announcement

This is the update of the LTS-201911 release which is currently in Maintenance Support. Upgraded components contain security fixes as well as the nevisAppliance Operating System.

Upgraded Nevis components

• nevisAdmin 3.7.9.2
• nevisAgent 3.7.9.2
• nevisAuth 4.25.9.1
• nevisDataPorter 2.17.1.1412249687
• nevisIDM 2.75.10.1443938736
• nevisMeta 1.5.11.0
• nevisProxy 3.14.3.18

Resolved issues

• UPGRADED: The CentOS operating system is upgraded to the latest available version.
• UPGRADED: OpenJDK is upgraded to 1.8.0.312.b07.

nevisAppliance 2.201911.756 LTS - 18.08.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.756-LTS release.

Announcement

This is the last LTS-201911 release from Nevis. For the November release, the LTS switches to 2.202111 containing most of the August 2021 Rolling Release. LTS-201911 therefore is discontinued. We encourage you to plan ahead and switch in November to either the LTS-202111 release or the new Rolling Release (which is the most recent nevisAppliance and is based on the Centos-8-stream operating system), to keep along with up-to-date software and security fixes.

Discouraged

You should no longer use adnwildfly as a deployment container. Migrate your adnwildfly-based instances to the standalone container deployment.

Upgraded Nevis components

• nevisAdmin 3.7.8.8
• nevisAdmin 4.5.11.1
• nevisAgent 3.7.8.8
• nevisAuth 4.25.8.1
• nevisDataPorter 2.17.0.1049456321
• nevisFIDO 1.8.6.1
• nevisIDM 2.75.9.1079055471
• nevisLogRend 1.7.20.1
• nevisMeta 1.5.10.0
• nevisProxy 3.14.3.16

Resolved issues

• UPGRADED: The CentOS operating system is upgraded to the latest available version.

nevisAppliance 2.201911.755 LTS - 28.06.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.755-LTS security hotfix. It contains an updated nevisProxy component. See the nevisProxy release notes for more information on this security fix: nevisProxy 3.14.3.16 LTS - 25.6.2021.

Discouraged

You should no longer use adnwildfly as a deployment container. Migrate your adnwildfly-based instances to the standalone container deployment.

Upgraded Nevis components

• nevisProxy 3.14.3.16

Resolved issues

• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.754 LTS - 19.05.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.754 LTS Release.

• With this release, you get the latest component LTS updates. As there are issues with newer OpenJDK versions regarding TLS (see also the separate Nevis statement on this), the nevisAppliance continues to use OpenJDK 1.8.0.282.b08-1.el7_9, to provide a safe and good working Nevis environment.

Discouraged

You should no longer use adnwildfly as a deployment container. Migrate your adnwildfly-based instances to the standalone container deployment.

Upgraded Nevis components

• nevisAdapt 1.0.1.276
• nevisAdmin 3.7.7.5
• nevisAdmin4 4.5.10.3
• nevisAgent-3.7.7.5
• nevisAuth 4.25.7.1
• nevisDetect-1.0.1.276
• nevisFIDO 1.8.5.1
• nevisIDM 2.75.8.820524052
• nevisIDMDb 2.75.8.820524052
• nevisIDMCl 2.75.8.820524052
• nevisKeybox 2.2.4.1
• nevisLogrend 1.7.19.1
• nevisMeta 1.5.9.1
• nevisProxy 3.14.3.15
• nevisReports 4.3.2~202104140732.423

Resolved issues

• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.750 LTS - 08.04.2021

Highlights

We are pleased to present the Nevis November 2.201911.743 hotfix LTS**Release**.

• This release contains a security fix for nevisProxy regarding the following OpenSSL issues:

For more, see the nevisProxy upgrade and release notes: nevisProxy 3.14.3.14 LTS - 8.4.202

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly-based instances to the standalone container deployment, if possible.

Upgraded Nevis components

• nevisProxy 3.14.3.14

Resolved issues

• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.747 LTS - 08.03.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.747 LTS Release.

• This hotfix is only of relevance to you if you are still using nevisAdmin 3 for deployments. It fixes a redeploy issue that was introduced in the February 2.202102 Release. Only the nevisAdmin3 nevisAppliance image has been changed/upgraded in this release. For further details, see the nevisAdmin 3 release notes.

Warning

Do not use adnwildfly as a deployment container any more. Migrate your adnwildfly-based instances to the standalone container deployment.

Upgraded Nevis components

• nevisAdmin 3.7.7.3

Resolved issues

• FIXED: The bug that caused a redeploy issue in nevisAdmin 3 asking for an unknown password has been fix.
• UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.201911.746 LTS - 17.02.2021

Highlights

We are pleased to present the Nevis Cluster 2.201911.746 LTS Release.

• With this release, you get the latest component LTS updates as well as a security fix for the sudo(https://nvd.nist.gov/vuln/detail/CVE-2021-3156) vulnerability that has recently been identified.

Discouraged

You should not use adnwildfly as a deployment container any longer. Migrate your adnwildfly-based instances to the standalone container deployment.

Upgraded Nevis components

• nevisAdmin 3.7.6.3
• nevisAdmin4 4.5.9.0
• nevisAuth 4.25.6.1
• nevisFIDO 1.8.4.1
• nevisIDM 2.75.7.537519197
• nevisIDMDb 2.75.7.537519197
• nevisIDMCl 2.75.7.537519197
• nevisLogrend 1.7.18.1
• nevisMeta 1.5.8.0
• nevisProxy 3.14.3.13

Resolved issues

• FIXED: sudo vulnerability CVE-2021-3156.
• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.743 LTS - 16.12.2020

Highlights

We are pleased to present the Nevis November 2.201911.743 hotfix LTS**Release**.

• This release contains a security fix for nevisProxy. For more, see the component-specific upgrade and release notes: nevisProxy 3.14.3.12 LTS - 16.12.2020.

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly-based instances to the standalone container deployment, if possible.

Upgraded Nevis components

• nevisProxy 3.14.3.12

Resolved issues

• UPGRADED: CLAM-AV, to version 0.103. This version supports the configuration of proxy certificates for updates.
• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.740 LTS - 18.11.2020

Highlights

We are pleased to present the Nevis Cluster 2.201911.740 LTS**Release**.

This release brings an update for the reports flavor of the nevisAppliance. The update includes a new version (7.9.2) of Elasticsearch, Logstash and Kibana, together with the corresponding *beats-collection (Filebeat, Heartbeat and Jounalbeat) on the other images, to support the update.

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly-based instances to the standalone container deployment, if possible.

Upgraded Nevis components

• nevisAdmin 3.7.5.223
• nevisAdmin 4 4.5.8.1
• nevisAuth 4.25.5.101
• nevisFIDO 1.8.3.76
• nevisIDM 2.75.6.347577359
• nevisIDMDb 2.75.6.347577359
• nevisIDMCl 2.75.6.347577359
• nevisLogrend 1.7.17.52
• nevisMeta 1.5.7.55
• nevisProxy 3.14.3.11

Resolved issues

• FIXED: The bug where the sssd.service was not automatically started on reboot although it was activated in systemd.
• UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.201911.726 LTS - 15.10.2020

Issue with automatic start of Nevis components

Who is affected?

• Customers that used nevisAdmin 3 (or inst createcommands) to set up instances.
• NOT affected: nevisAdmin 4 customers.

What is the problem?

• Since the last nevisAppliance 2.201911.718 LTS release (in August 2020), some Nevis components were not automatically started after the nevisAppliance reboot.
• Older LTS releases are not affected.

Installation steps

1. Install the hot fix release 2.201911.726 LTS.

Background

A change in the August 2020 LTS update release is responsible for the automatic start problem. In the release notes of the August release, this change was marked as "FIXED: The issue regarding the boot order and the configuration of custom init.d scripts.".

This change accidentally removed the automatic startup of container-based setups, such as instances that are started as part of adnglassfish, adnwildfly or adnjboss. Also, standalone instances disabled in systemd were not started anymore after reboot.

With this LTS hotfix release of the nevisAppliance, this change has been completely reverted to keep stability on the LTS branch. An improved version of the boot order fix is now included in the RR branch only.

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly based instances to the standalone container deployment if possible.

Upgraded Nevis components

• nevisCred 2.0.20.0
• nevisKeybox 2.2.2.17

Resolved issues

• FIXED: The issue where container-based Nevis component instances were not automatically started after reboot.
• FIXED: This issue with the missing hpssacli package (HP Smart Storage Administrator). The package is now available. ****HP renamed the "hpssacli" tool. It is now called "ssacli".
• FIXED: The issue with the missing neviswf command on PATH. The command is now available.
• UPGRADED: The CentOS operating system has been upgraded to the latest available versions.

nevisAppliance 2.201911.718 LTS - 19.08.2020

Highlights

We are pleased to present the Nevis Cluster 2.201911.718 LTS release.

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly based instances to the standalone container deployment if possible.

Upgraded Nevis components

• nevisAdapt 1.0.1.271
• nevisAdmin 3.7.3.199
• nevisAdmin 4 4.5.7.2
• nevisAuth 4.25.3.77
• nevisDetect 1.0.1.271
• nevisFIDO 1.8.2.61
• nevisIDM 2.75.5.205151960
• nevisIDMDb 2.75.5.205151960
• nevisLogrend 1.7.15.34
• nevisMeta 1.5.6.4
• nevisProxy 3.14.3.10

Resolved issues

• CHANGED: The nevisIDM EELS version is no longer available.
• FIXED: The issue regarding the boot order and the configuration of custominit.d scripts has been fixed.
• FIXED: The issue regarding the unique IDs of users (/etc/passwd) and groups (/etc/group) has been fixed. It is now ensured that users and groups have unique IDs.

nevisAppliance 2.201911.582 LTS - 20.05.2020

Highlights

We are pleased to present the Nevis Cluster 2.201911.582 LTS release.

Discouraged

The use of adnwildfly as deployment container is discouraged. Consider migrating your adnwildfly based instances to the standalone container deployment if possible.

Upgraded Nevis components

• nevisAdapt 1.0.1.271
• nevisAdmin 3 3.7.2.5
• nevisAdmin 4 4.5.6.165
• nevisAuth 4.25.2.46
• nevisDetect 1.0.1.271
• nevisFIDO 1.8.1.40
• nevisIDM 2.75.4.18
• nevisIDMDb 2.75.4.18
• nevisIDMCl 2.75.4.18
• nevisLogrend 1.7.14.19
• nevisMeta 1.5.5.3
• nevisProxy 3.14.3.8

Resolved issues

• CHANGED: The sshd configuration and the pam authentication have been hardened. (NEVISAPPLIANCE-449)
• FIXED: The problem that the sssd-shadowutils was not persisted during reboots. (NEVISAPPLIANCE-449)
• FIXED: The issue with the broken couchbase template config.dat in the February 2020 release. (NEVISAPPLIANCE-450)
• UPGRADED: The CentOS system and OpenJDK (to the latest available versions).

nevisAppliance 2.201911.557 LTS - 30.04.2020

Changes

We are pleased to present the Nevis Cluster 2.201911.557 LTS release.

This release is a hot fix release for nevisAdmin 3. Only the images file for the admin appliance are provided.

Read the nevisAdmin 3 release notes for additional information.

Upgraded Nevis components

• nevisAdmin 3.7.1.13

nevisAppliance 2.201911.541 LTS - 03.04.2020

Changes

We are pleased to present the Nevis Cluster 2.201911.541 LTS release.

This release is merely a security fix release for nevisProxy to fix a ModSecurity bug.

Upgraded Nevis components

• nevisProxy 3.14.3.7

Components not listed here still have the version number of the November LTS release.

Upgrade notes

• None.

Resolved issues

• UPGRADED: The Linux kernel and system libraries, to the latest available versions.

nevisAppliance 2.201911.535 LTS - 23.03.2020

Changes

We are pleased to present the Nevis Cluster 2.201911.535 LTS release.

This release contains a security fix release for nevisProxy that fixes the CacheFilter. For detailed changes, see the.

Upgraded Nevis components

• nevisProxy 3.14.3.6

Components not listed here still have the version number of the November LTS release.

Upgrade notes

• None.

Resolved issues

• UPGRADED: The Linux kernel and system libraries, to the latest available versions.

nevisAppliance 2.201911.511 LTS - 20.02.2020

Changes

We are pleased to present the Nevis Cluster 2.201911.511 LTS release.

This release ships with improvements focused on stability and security. Notable changes include:

• Many improvements and bugfixes for nevisAdmin 4 patterns.
• Various improvements and bugfixes in nevisAuth, including a new default for the sign algorithm (SHA256) for SAML AuthStates.
• Various improvements and bugfixes in nevisIDM, now supporting REST services for enterprise roles and enterprise roles authorizations.
• Improvements to session reaping and ModSecurity in nevisProxy.
• Minor improvements for nevisFIDO, nevisMeta, nevisLogRend and nevisWorkflow.

Upgraded Nevis components

• nevisAdmin 4.5.4.101
• nevisAuth 4.25.1.28
• nevisFIDO 1.8.0.26
• nevisIDM 2.75.3.6
• nevisLogRend 1.7.13.14
• nevisMeta 1.5.4.1
• nevisProxy 3.14.3.4
• nevisWorkflow 1.13.1.27

Components not listed here still have the version number of the November LTS release.

Upgrade notes

• None.

Resolved issues

• UPGRADED: The Linux kernel and system libraries, to the latest available versions.
• UPGRADED: The Splunk Forwarder, to version 8.0.2.

nevisAppliance 2.201911.427 LTS - 26.11.2019

Initial Long Term Support Release

Highlights

We are pleased to present the Nevis Cluster 2.201911.427 LTS release. This is the first Nevis release covered by an extensive long-term-support plan, as detailed in the Nevis Product Lifetime and Platform Support Matrix. The LTS (long-term-support) releases focus on stability and will fix defects and security issues while avoiding major, potentially breaking changes.

This release ships, among many bug fixes and product improvements, with the following highlights:

• Performance improvements and faster recovery in the nevisProxy MariaDB session store, leading to a better user experience during infrastructure failovers.
• Support of TLS 1.3, the new and most secure version of the TLS protocol in nevisProxy (requires at least nevisAppliance, RHEL 7 and SLES12 only).
• Full support for OAuth 2.0 token introspection endpoints (RFC 7662).
• Protect your services with terms and conditions, using the new feature available in nevisIDM.
• Starting with this release, nevisIDM fully supports the latest long-term release of Oracle: Oracle 19c.
• Performance and stability improvements in nevisAdmin 4 when working with large deployments.
• PREVIEW Experimental support of highly automated Kubernetes deployments in nevisAdmin 4.
• … and much much more.

Upgraded Nevis components

• nevisAdmin 3.7.0.0
• nevisAdmin 4.5.0.89
• nevisAuth 4.25.0.2
• nevisDataPorter 2.16.0.39
• nevisFIDO 1.8.0.7
• nevisIDM 2.75.1.34
• nevisIDM 2.68.9.0 (EELS, fade-out support until 20 May 2020)
• nevisLogrend 1.7.11.1
• nevisMeta 1.5.3.71
• nevisProxy 3.14.3.2
• nevisReports 4.3.0
• nevisWorkflow 1.13.0.2

Upgrade notes

• This version of the nevisAppliance ships with the nevisProxy version for RHEL7, with the latest Mod Security and OpenSSL 1.1. Carefully read the nevisProxy release notes for details and backwards compatibility. There are known incompatibilities with old Mod Security rules and CA trust chains which are not created with the proper CA:TRUE flag. You can check old versions of nevisAdmin 3 used to create CA certificates without that flag on the nevisAdmin 3 host if you are affected and need to rotate all certificates signed by this CA:

openssl x509 -text -in /var/opt/nevisadmin/default/nevisadmin/repository/cert/ca_certificate.pem \
 | grep "CA:TRUE"
# OK: CA:TRUE
# NOK: (no output)

If there is no output, this CA is no longer readable by nevisProxy and all certificates must be rotated. See the nevisAdmin 3 release notes and reference guide for detailed instructions.

• Carefully read the nevisIDM, nevisAuth and nevisAdmin 4 release notes for additional backward incompatibilities.

Resolved issues

• UPGRADED: The Linux kernel and system libraries to the latest available versions.
• CHANGED: The value for kernel.pid_max parameter in /etc/sysctl.conf was increased to 65534. This increases the ability to work on systems with lots of resources and to perform under heavy load. Otherwise, errors like -bash: fork: Cannot allocate memory were displayed. It addresses an issue known to RedHat and described at `http://access.redhat.com/solutions/1434943. (NEVIS-5791, NEVISAPPLIANCE-430)
• FIXED: OpenJDK support for nevisAuth and nevisIDM when rendering images or documents, like captchas. Previously, errors like libfreetype.so.6: cannot open shared object file: No such file or directory occurred on the Base and DMZ nevisAppliance when using OpenJDK. This was fixed by ensuring the fontconfig packages are always installed. (NEVISAPPLIANCE-425)