Skip to main content
Version: 7.2402.x.x RR

Release notes

nevisAppliance 7.2402.0.1111 - 28.03.2024

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2402.0.1111 Rolling Release.

Announcement

This is patch release 1 for the February 2024 RR (Java 17 based) Nevis Cluster. It contains fixes for nevisProxy (logging issue in kubernetes with opentelemetry), nevisIdm (several fixes, including Fix for CVE-2024-22243) and many fixes in the nevisAdmin4 patterns and other components.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisadmin-plugin 7.2402.1.3
  • nevisauth 7.2402.1.2
  • nevisdetect 7.2402.0.4
  • nevisdp 7.2402.1.8174287153
  • nevisfido 7.2402.1.2
  • nevisfidocl 7.2402.1.2
  • nevisidm 7.2402.1.8173831181
  • nevisidmcl 7.2402.1.8173831181
  • nevisidmdb 7.2402.1.8173831181
  • nevismeta 7.2402.1.1
  • nevisproxy 7.2402.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2402.0.1107 - 21.02.2024

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2402.0.1107 Rolling Release.

Announcement

The Rolling Release is still Rocky Linux 8 based.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt 7.2402.0.3
  • nevisadmin4 7.2402.0.30
  • nevisadmin-plugin 7.2402.0.7
  • nevisauth 7.2402.0.6
  • nevisdetect 7.2402.0.4
  • nevisdp 7.2402.0.7891888641
  • nevisfido 7.2402.0.3
  • nevisfidocl 7.2402.0.3
  • nevisidm 7.2402.0.7902594534
  • nevisidmcl 7.2402.0.7902594534
  • nevisidmdb 7.2402.0.7902594534
  • nevislogrend 7.2402.0.2
  • nevismeta 7.2402.0.3
  • nevisproxy 7.2402.0.0
  • ninja 7.2402.0.1

Resolved issues

  • FIXED: We fixed an issue with the splunkforwarder where they have introduced a specific user and group (splunkfwd) for the package.
  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2311.1.1104 - 08.02.2024

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2311.1.1104 Rolling Release.

Announcement

This is patch release 4 for the Nevis November 2023 (Java 17 based) nevisAppliance. It is an emergency patch release due to issues with modsecurity.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisproxy 7.2311.2.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2311.1.1100 - 16.01.2024

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2311.1.1100 Rolling Release.

Announcement

This is patch release 3 for the Nevis November 2023 (Java 17 based) nevisAppliance. It contains fixes for nevisadmin4, nevisidm and a security fix for nevisproxy.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisadmin4 7.2311.1.0
  • nevisidm 7.2311.3.7525883571
  • nevisproxy 7.2311.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2311.1.1097 - 11.12.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2311.1.1097 Rolling Release.

Announcement

This is patch release 2 for the Nevis November 2023 (Java 17 based) nevisAppliance. It contains fixes for nevisFido and nevisMeta.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisfido 7.2311.1.8
  • nevismeta 7.2311.1.0

Resolved issues

  • UPGRADED: splunkforwarder to 9.1.2
  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2311.1.1095 - 04.12.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2311.1.1095 Rolling Release.

Announcement

This is patch release 1 for the Nevis November 2023 (Java 17 based) nevisAppliance. It contains fixes for nevisIdm.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisidm 7.2311.1.7048238069
  • nevisidmdb 7.2311.1.7048238069
  • nevisidmcl 7.2311.1.7048238069

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 7.2311.0.1094 - 15.11.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 7.2311.0.1094 Rolling Release. You may have notified our new versioning scheme, the nevisAppliance will follow this on RR. On this RR we have two breaking changes:

Java upgrade to Java 17

The Java 8 installation has been upgraded to Java 17 as on all Nevis components delivered with the November 2023 Rolling Release. To support this, the default java version on the nevisAppliance is Java 17, which is an LTS.

MariaDB upgrade from 10.3.x to 10.6.x

MariaDB 10.3.x is EOL and must be upgraded to MariaDB 10.6.x. We upgraded the nevisAppliance 'db' and 'admin4' images accordingly to MariaDB 10.6.x. Please follow these instructions while upgrading these 2 types of nevisAppliance flavors, the parts put in arrows <..> must be replaced by you to match yourt installation. The points put in brackets () are optional but are there for the safety of your installation; lines marked with '#' require shell interaction:

(1. Backup your existing MariaDB 10.3.x installation/files)

  # mariabackup --backup --user=root --password=<root_passwd> --target-dir=/home/nvbuser/mariadb-backup-10.3.x
# mariabackup --prepare --target-dir=/home/nvbuser/backup/mariadb-backup-10.3.x

in the case of failure, the database can then be fully restored using

  # systemctl stop mariadb
# mariabackup --copy-back --target-dir=/home/nvbuser/backup/mariadb-backup-10.3.x
# chown -R mysql:mysql /var/lib/mysql/
# systemctl start mariadb
  1. Check for setting ‘innodb_fast_shutdown’ in etc/my,cnf; verify that it’s unset or NOT 2, NOT 3 (default setting is 1, safest value is 0) Settings are described here: <link.... https://mariadb.com/kb/en/innodb-system-variables/ > InnoDB System Variables

  2. Check for setting ‘innodb_force_recovery’ in /etc/my.cnf; verify that it’s unset or less than 3 (Default is 0) Settings are described here: InnoDB System Variables

  3. Upgrade with provided appliance image files (select correct flavor)

4.1 For admin4 nevisAppliance update

4.1.1 Stop/disable the admin4 instance for the reboot to not have db errors in the log

# systemctl stop <admin4-instance>@admin.service
# systemctl disable <admin4-instance>@admin4.service

4.1.2 Upgrade

# update-nevis.sh <admin4-os-image> <admin-nevis-image>

4.1.3 Reboot appliance

# init 6
or
# reboot

4.1.4 Upgrade MariaDB system tables after reboot

# mariadb-upgrade --user=root --password=<your-db-root-password>
# systemctl restart mariadb

4.1.5. Start/enable the instance again

# systemctl start <admin4-instance>@admin.service
# systemctl enable <admin4-instance>@admin4.service

4.2 For db nevisAppliance update

4.2.1 Stop all Nevis instances accessing this DB

4.2.2 Edit /etc/my.cnf. The following lines(at least the setting) must be present/set to work proper with nevisProxy. Append these lines at the end of your existing config if not already set to correct value:

# This MUST be explicitly set from MariaDB version >= 10.5.1 on because the default 
# has changed there to 'optimistic' which will not work for proxy replication
# (see https://mariadb.com/kb/en/replication-and-binary-log-system-variables/#slave_parallel_mode)
slave_parallel_mode=conservative

4.2.3 On the DB nevisAppliance, update the images

# update-nevis.sh <db-os-image> <db-nevis-image>

4.2.4 Reboot appliance

# init 6
or
# reboot

4.2.5 Upgrade MariaDB system tables after rebootUpgrade MariaDB system tables after reboot

# mariadb-upgrade --user=root --password=<your-db-root_password>
# systemctl restart mariadb

4.2.6 Start the instances previously stopped in step 4.2.1.

Please also note that the MariaDB process'name has changed from 'mysqld' to 'mariadbd'.

NevisProxy Openssl 3.0 based

Starting with the nevisAppliance LTS21 and RR November release and going forward, nevisAppliance includes the nevisProxy OpenSSL3 based package by default.

For the majority of the integrations we expect this change to be transparent for the customers, no breaking changes and no action required when migrating to the OpenSSL3 packages. Therefore we urge customers to use the new packages as this will also help to prepare for the eventual LTS24 migration.

Announcement

The Rolling Release is still Rocky Linux 8 based.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt 7.2311.0.18
  • nevisadmin4 7.2311.0.10
  • nevisauth 7.2311.0.6
  • nevisdp 7.2311.0.6814381695
  • nevisdetect 7.2311.0.18
  • nevisfido 7.2311.0.8
  • nevisfidocl 7.2311.0.8
  • nevisidm 7.2311.0.6813600371
  • nevisidmcl 7.2311.0.6813600371
  • nevisidmdb 7.2311.0.6813600371
  • nevislogrend 7.2311.0.3
  • nevismeta 7.2311.0.1
  • nevisproxy 7.2311.0.0
  • ninja 7.2311.0.5
  • adnooprint 7.2311.0.6565033000

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded Java to OpenJDK 17.0.9 (this is an LTS version)
  • UPGRADED: We upgraded MariaDB to 10.6.14

nevisAppliance 2.202308.1087 - 07.11.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1087 Rolling Release.

Announcement

This is patch release 6 for the Nevis August 2023 nevisAppliance. It contains a fix for nevisProxy.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisProxy 5.7.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202308.1075 - 24.10.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1075 Rolling Release.

Announcement

This is patch release 5 for the Nevis August 2023 nevisAppliance. It contains a fix for nevisIdm.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisIdm 2.90.3.6566055173
  • nevisIdmDb 7.16.3.6566055173
  • nevisIdmCl 2.90.3.6566055173

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202308.1074 - 06.10.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1074 Rolling Release.

Announcement

This is patch release 4 for the Nevis August 2023 nevisAppliance. It contains a fix for SAML logout and token signing in nevisAuth.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisAuth 4.40.3.0

Resolved issues

  • FIXED: We fixed the SNMP scripts for nevisAuth and nevisIdm.
  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202308.1071 - 25.09.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1071 Rolling Release.

Announcement

This is patch release 3 for the Nevis August 2023 nevisAppliance. It contains specific component fixes for nevisAdapt, nevisAuth and nevisIdm.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisAdapt 1.16.2.7
  • nevisAuth 4.40.2.2
  • nevisIdm: 2.90.2.6273800741
  • nevisIdmCl: 2.90.2.6273800741
  • nevisIdmDb: 7.15.2.6273800741

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202308.1067 - 30.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1067 Rolling Release.

Announcement

This is patch release 2 for the Nevis August 2023 nevisAppliance. It contains specific component fixes for nevisAuth, nevisFido and nevisIdm.

For more information, see the component-specific upgrade and release notes.

Upgraded Nevis components

  • nevisAuth 4.40.1.0
  • nevisFido 2.4.1.1
  • nevisIdm: 2.90.1.5997238838
  • nevisIdmCl: 2.90.1.5997238838
  • nevisIdmDb: 7.15.1.5997238838

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202308.1064 - 22.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1064 Rolling Release.

Announcement

This is patch release 1 for the Nevis August 2023 nevisAppliance. It contains a fix for the missing splunkforwarder installation in /opt/splunkforwarder for customers using this feature. The package installation was also not available in the May 2023 releases. Please upgrade to this version if you are using the splunkforwarder.

Upgraded Nevis components

  • none

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We fixed the missing splunkforwarder in /opt/splunkforwarder

nevisAppliance 2.202308.1063 - 16.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202308.1063 Rolling Release. In this release, we removed the experimental for SELinux support and welcome feedback from those using this feature. Also MariDB is upgraded to the latest to patch CVE-2022-47015. In addition to the nevisAppliance upgrade files you'll find in the download section from this release on for all Rolling Releases a CIS Lvl2 compliance document (nevisappliance-extended-2.<release>-CIS-benchmark.html) for our hardened DMZ image for your convenience.

Announcement

The Rolling Release is still Rocky Linux 8 based.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt 1.16.0.2
  • nevisadmin4 4.20.0.13
  • nevisauth 4.40.0.10
  • neviscred 2.0.20.0
  • nevisdetect 1.16.0.2
  • nevisdetectcl 1.16.0.2
  • nevisdp 2.25.0.5518244101
  • nevisfido 2.4.0.7
  • nevisfidocl 2.4.0.7
  • nevisidm 2.90.0.5832994866
  • nevisidmcl 2.90.0.5832994866
  • nevisidmdb 7.15.0.5832994866
  • neviskeybox 2.2.4.3
  • nevislogrend 1.22.0.2
  • nevismeta 1.20.0.3
  • nevisproxy 5.7.0.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded MariaDB to 10.3.39 to patch CVE-2022-47015.

nevisAppliance 2.202305.1061 - 30.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1061 Rolling Release.

Announcement

This is patch release 6 for the Nevis May 2023 nevisAppliance. It contains a fix for the missing splunkforwarder installation in /opt/splunkforwarder for customers using this feature. Please upgrade to this versions if you are using the splunkforwarder and are on the May 2023 Rolling Release.

Also, for patch releases 2.202305.1055, 2.202305.1058 and 2.202305.1060 a wrong (upcoming) version of nevisProxy 5.7.0.0 has been added which is not part of this release and has been replaced by its correct version 5.6.1.0. Please do not use these nevisAppliance versions and upgrade to this latest version if you are on the May 2023 Rolling Release.

Upgraded/Fixed Nevis components

  • nevisproxy 5.6.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We fixed the missing splunkforwarder in /opt/splunkforwarder

nevisAppliance 2.202305.1060 - 22.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1060 Rolling Release.

Announcement

This is patch release 5 for the Nevis May 2023 nevisAppliance. It contains a fix for the missing splunkforwarder installation in /opt/splunkforwarder for customers using this feature. Please upgrade to this versions if you are using the splunkforwarder and are on the May 2023 Rolling Release.

Upgraded Nevis components

  • none

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We fixed the missing splunkforwarder in /opt/splunkforwarder

nevisAppliance 2.202305.1058 - 08.08.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1058 Rolling Release.

Announcement

This is patch release 4 for the Nevis May 2023 nevisAppliance. It contains 1 fix for nevisAuth. For more information, see the component specific upgrade and release notes.

Upgraded Nevis components

  • nevisAuth 4.39.3.1

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202305.1055 - 10.07.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1055 Rolling Release.

Announcement

This is patch release 3 for the Nevis May 2023 nevisAppliance. It contain 2 fixes for nevisAuth and nevisIDM. For more information, see the component specific upgrade and release notes.

Upgraded Nevis components

  • nevisAuth 4.39.2.0
  • nevisidm 2.89.3.5474270617
  • nevisidmcl 2.89.3.5474270617
  • nevisidmdb 7.13.3.5474270617

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202305.1045 - 05.06.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1045 Rolling Release.

Announcement

This is patch release 1 for the Nevis May 2023 nevisAppliance. It contains a set of fixes for the Nevis components. For more information, see the component specific upgrade and release notes.

Upgraded Nevis components

  • nevisadapt 1.15.1.0
  • nevisadmin4 4.19.1.0
  • nevisauth 4.39.1.0
  • nevisdetect 1.15.1.0
  • nevisfido 2.3.1.0
  • nevismeta 1.19.1.1
  • nevisproxy 5.6.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202305.1042 - 17.05.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202305.1042 Rolling Release.

Announcement

The Rolling Release is still Rocky Linux 8 based.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • adnooprint 1.2.3.4873585267
  • nevisadapt 1.15.0.12
  • nevisauth 4.39.0.6
  • nevisdetect 1.15.0.12
  • nevisdetectcl 1.15.0.12
  • nevisdp 2.24.0.4719796516
  • nevisfido 2.3.0.8
  • nevisfidocl 2.3.0.8
  • nevisidm 2.89.0.4955612706
  • nevisidmcl 2.89.0.4955612706
  • nevisidmdb 7.12.0.4955612706
  • nevislogrend 1.21.0.2
  • nevismeta 1.19.0.1
  • nevisproxy 5.6.0.1

Resolved issues

  • CHANGED: Adnooprint now runs independently from the JRE version.

nevisAppliance 2.202302.1032 - 24.04.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202302.1032 Rolling Release.

Announcement

This is patch release 4 for the Nevis February 2023 nevisAppliance. It contains a set of fixes for nevisauth, nevisidm and nevismeta. For more information, see the component specific upgrade and release notes.

Upgraded Nevis components

  • nevisauth 4.38.4.0
  • nevisidm 2.88.1.4678820627
  • nevismeta 1.18.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202302.1029 - 27.03.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202302.1029 Rolling Release.

Announcement

This is patch release 3 for the Nevis February 2023 nevisAppliance. It contains a security fix for the nevisauth SAML XSW injection vulnerability. For more information, see the nevisAuth upgrade and release notes.

Upgraded Nevis components

  • nevisauth 4.38.3.0

Resolved issues

  • FIXED: We fixed the nevisauth SAML vulnerability.
  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202302.1028 - 17.03.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202302.1028 Rolling Release.

Announcement

This is patch release 2 for the Nevis February 2023 nevisAppliance. It contains fixes (additional packages) for AD and LDAP authentication configuration for nevisAppliance users. During migration from Centos 7 to Rocky Linux 8 as the nevisAppliance base OS, the packacking of the additional needed packages (and usage) has been changed. They are now aligned with this patch release. The steps for AD and OpenLDAP auth are outlined in the nevisAppliance reference guide for nevisAppliance RR to help during migration from Centos7 based systems (LTS-19, LTS-21).

Upgraded Nevis components

  • none

Resolved issues

  • FIXED: (re-)added missing OS packages for AD and LDAP authentication configuration

nevisAppliance 2.202302.1026 - 28.02.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202302.1026 Rolling Release.

Announcement

This is patch release 1 for the Nevis February 2023 nevisAppliance. It contains fixes for nevisAuth, nevisDetect/nevisAdapt and nevisProxy components.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt-1.14.2.1
  • nevisauth-4.38.1.2
  • nevisdetect-1.14.2.1
  • nevisproxy-5.5.1.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202302.1025 - 15.02.2023

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202302.1025 Rolling Release.

Announcement

The Rolling Release is still Rocky Linux 8 based.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisAdapt: 1.14.0.3
  • nevisAdmin4: 4.18.0.10
  • nevisAuth: 4.38.0.12
  • nevisCred: 2.0.20.0
  • nevisDetect: 1.14.0.3
  • nevisDetectCl: 1.14.0.3
  • nevisDp: 2.23.0.4122324331
  • nevisFido: 2.2.0.8
  • nevisFidoCl: 2.2.0.8
  • nevisIdm: 2.88.0.4105994907
  • nevisIdmCl: 2.88.0.4105994907
  • nevisIdmDb: 7.11.0.4105994907
  • nevisLogrend: 1.20.0.1
  • nevisMeta: 1.18.0.7
  • nevisProxy: 5.5.0.0

Resolved issues

  • FIXED: Missing sssd packages for AD and LDAP authentication have been re-added
  • FIXED: SNMP scripts for nevisProxy has been fixed (Session counter)
  • UPGRADED: We upgraded the Rocky Linux 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202211.1021 - 07.12.2022

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202211.1021 Rolling Release.

Announcement

This is patch release 1 for the Nevis November 2022 nevisAppliance. It contains fixes for nevisAuth, nevisIdm and nevisFIDO components.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisauth-4.37.1.1
  • nevisfido-2.1.1.2
  • nevisfidocl-2.1.1.2
  • nevisidm-2.87.1.3581212047
  • nevisidmcl-2.87.1.3581212047
  • nevisidmdb-7.10.1.3581212047

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202211.1019 - 16.11.2022

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202211.1019 Rolling Release.

Announcement

The Rolling Release is still Rocky-Linux-8 based. It contains additional experimental SELinux policies for Nevis components. The OS and Nevis components are prepared to be run in SELinux enforcing mode. Although the initial setting is permissive mode, you can use the e option in the nevisAppliance menu, to switch into enforcing mode. This mode uses SELinux policies for all Nevis components, except nevisDp (Dataporter). During installation, or applying the update images, the machine initiates an additional reboot to apply the SELinux contexts. This is expected behavior of the system.

This means that you need additional knowledge on how to work with an SELinux system. We support you while moving towards this direction.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt-1.13.0.1
  • nevisadmin4-4.17.0.14
  • nevisauth-4.37.0.2
  • neviscred-2.0.20.0
  • nevisdetect-1.13.0.1
  • nevisdetectcl-1.13.0.1
  • nevisdp-2.22.0.3287539842
  • nevisfido-2.1.0.3
  • nevisfidocl-2.1.0.3
  • nevisidm-2.87.0.3469446643
  • nevisidmcl-2.87.0.3469446643
  • nevisidmdb-7.10.0.3469446643
  • nevislogrend-1.19.0.2
  • nevismeta-1.17.0.1
  • nevisproxy-5.4.0.0

Resolved issues

  • FIXED: Enabled serial console (ttyS) on the .iso boot image
  • UPGRADED: The Rocky Linux 8 operating system is upgraded to the latest available version.
  • UPGRADED: OpenJDK is upgraded to 1.8.0.352.b08.

nevisAppliance 2.202208.1012 - 28.10.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202209.1012 Rolling patch release.

Announcement

This is a patch release for the nevisAppliance August 2022 Rolling Release (2.202208.1011). Do not download/use 2.202208.1011 as it contains a bad version of nevisProxy that has been fixed in this release.

See the component Release Notes to get an in-depth view of the fix.

Upgraded Nevis components

  • nevisProxy 5.3.3.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded OpenJDK to 1.8.0.352.b08.

nevisAppliance 2.202208.1011 - 24.10.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202209.1011 Rolling patch release.

Announcement

This is a patch release for the nevisAppliance August 2022 Rolling Release (2.202208.1010). Included is a nevisIdm fix discovered after the Cluster release.

See the component Release Notes to get an in-depth view of the fix.

Upgraded Nevis components

  • nevisIdm 2.86.3.3271315812
  • nevisIdmDb 7.7.3.3271315812
  • nevisIdmCl 2.86.3.3271315812

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded OpenJDK to 1.8.0.352.b08

nevisAppliance 2.202208.1010 - 14.10.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202209.1010 Rolling patch release.

Announcement

This is a patch release for the nevisAppliance August 2022 Rolling Release (2.202208.1009). Included is a nevisIdm fix discovered after the Cluster release.

See the component Release Notes to get an in-depth view of the fix.

Upgraded Nevis components

  • nevisAdapt 1.12.2.0
  • nevisAdmin4 4.6.1.0
  • nevisAdmin4 plugins 4.16.2.8
  • nevisDetect 1.12.2.0
  • nevisProxy 5.3.2.0

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded OpenJDK to 1.8.0.345.b01

nevisAppliance 2.202208.1009 - 12.09.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202209.1009 Rolling patch release.

Announcement

This is a patch release for the nevisAppliance August 2022 Rolling Release (2.202208.1008). Included is a nevisIdm fix discovered after the Cluster release.

See the component Release Notes to get an in-depth view of the fix.

Upgraded Nevis components

  • nevisIdm 2.86.2.3028299852
  • nevisIdmcl 2.86.2.3028299852
  • nevisIdmdb 7.6.2.3028299852

Resolved issues

  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.

nevisAppliance 2.202208.1008 - 31.08.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202208.XXXX Rolling patch release.

Announcement

This is a patch release for the nevisAppliance August 2022 Rolling Release (2.202208.1005). Included are several component fixes like a ModsecurityFilter patch in nevisProxy and also fixes in nevisIdm and nevisAuth that have been discovered after the Cluster release.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisAdapt 1.12.1.0
  • nevisAuth 4.36.1.1
  • nevisDetect 1.12.1.0
  • nevisDetectCl 1.12.1.0
  • nevisIdm 2.86.1.2934490781
  • nevisIdmcl 2.86.1.2934490781
  • nevisIdmdb 7.6.1.2934490781
  • nevisProxy 5.3.1.0

Resolved issues

  • FIXED: We fixed the adnooprint instance creation.
  • UPGRADED: We upgraded the Rocky Linux 8 operating system to the latest available version.
  • UPGRADED: We upgraded OpenJDK to 1.8.0.342.b07.

nevisAppliance 2.202208.1005 - 17.08.2022

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202208.1005 Rolling Release.

Announcement

In this Rolling Release, we switch the base OS from Centos-Stream-8 to Rocky-Linux-8 to receive better CVE reporting. With this, we are also able to react faster and provide you an even more secure nevisAppliance. Also with this release, we added experimental SELinux support. The OS and Nevis components are prepared to be run in SELinux enforcing mode. Although the initial setting is permissive mode, you can use the e option in the nevisAppliance menu, to switch into enforcing mode. This mode uses SELinux policies for the major Nevis components, that is nevisProxy, nevisAuth, nevisIdm, nevisLogrend, nevisCred, and nevisKeybox. During installation, or applying the update images, the machine initiates an additional reboot to apply the SELinux contexts. This is expected behavior of the system.

This means that you need additional knowledge on how to work with an SELinux system. We support you while moving towards this direction.

The naming of the provided downloadable files for setting up and maintaining the nevisAppliance is changed according to the below scheme to show the relation to nevisAppliance:

Old filenameNew filename
neviscd2_<cluster-release>.isonevisappliance-<cluster-release>.iso
neviscd2_<cluster-release>.iso.ascnevisappliance-<cluster-release>.iso.asc
neviscd2_<cluster-release>_os_<type>.imgnevisappliance-<type>-os-<cluster-release>.img
neviscd2_<cluster-release>_nevis_<type>.imgnevisappliance-<type>-nevis-<cluster-release>.img
neviscd2_<cluster-release>_nevis_<type>.manifestnevisappliance-<type>-nevis-<cluster-release>.manifest

type, in the above table, belongs to admin4, base, db, dmz orextended.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisAdmin4 4.16.0.6
  • nevisAuth 4.36.0.4
  • nevisDataporter 2.21.0.2695501393
  • nevisFido 2.0.1.6
  • nevisFidocl 2.0.1.6
  • nevisIdm 2.86.0.2833457136
  • nevisIdmcl 2.86.0.2833457136
  • nevisIdmdb 7.6.0.2301361554
  • nevisKeybox 2.2.4.3
  • nevisLogrend 1.18.0.2
  • nevisMeta 1.16.0.1
  • nevisProxy 5.3.0.1

Resolved issues

  • UPGRADED: The Rocky Linux 8 operating system is upgraded to the latest available version.
  • UPGRADED: OpenJDK is upgraded to 1.8.0.342.b07.

nevisAppliance 2.202205.975 - 10.06.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202205.975 Rolling Release.

Announcement

This is a nevisAuth only bugfix release.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisauth 4.35.1.1

Resolved issues

  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202205.973 - 18.05.2022

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202205.973 Rolling Release.

Announcement

This is the third Rolling Release that is CentOS Stream 8 based to provide you the best support and latest patches on the successor of CentOS 7.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisadapt 1.11.0.6
  • nevisauth 4.35.0.8
  • neviscred 2.0.20.0
  • nevisdetect 1.11.0.6
  • nevisdetectcl 1.11.0.6
  • nevisDataporter 2.20.0.2089890501
  • nevisfido 1.18.0.4
  • nevisfidocl 1.18.0.4
  • nevisidm 2.85.0.2301361554
  • nevisidmcl 2.85.0.2301361554
  • nevisidmdb 7.6.0.2301361554
  • nevislogrend 1.17.0.3
  • nevismeta 1.15.0.3
  • nevisproxy 5.2.0.0

Resolved issues

  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.
  • UPGRADED: OpenJDK is upgraded to 1.8.0.332.b09.

nevisAppliance 2.202202.967 - 24.03.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202202.967 Rolling Release.

Announcement

This is a security fix release, addressing the lately found Common Vulnerability and Exposures (CVEs) :

  • CVE-2022-23943
  • CVE-2022-22721
  • CVE-2022-22720
  • CVE-2022-22719
  • CVE-2022-0778

We urge you to update soon to keep your Nevis systems safe.

Upgraded Nevis components

  • nevisProxy-5.1.1

Resolved issues

  • FIXED: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719, and CVE-2022-0778.
  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202202.966 - 03.03.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202202.966 Rolling Release.

Announcement

We had some issues reported from Customers using nvluser, and the respective sudoer mechanism for the user group nevisadmin, which are used for nevisAdmin 4 deployment.

If you installed the previous rolling releases and experience issues related to this, we recommend you upgrade to this version soon.

Resolved issues

  • FIXED: Sudoer mechanism for nevisadmin user group, for example, nvluser.
  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202202.965 - 01.03.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202202.965 Rolling Release.

Announcement

This is a bugfix release for the Rolling Release of the nevisAppliance 2.202202.965 that fixes wrongly assigned Nevis user homes (for example, /tmp) set in the /etc/passwd file for nvbuser, nvluser, and nvsuser. The issue blocked nevisAdmin4 deployments, depending on these homes set at the proper location.

If you installed the previous rolling release, we recommend you upgrade to this version soon.

Resolved issues

  • FIXED: The wrong user homes set in the /etc/passwd file.
  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202202.963 - 16.02.2022

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202202.963 Rolling Release.

Announcement

This is the second Rolling Release that is Centos Stream 8 based to provide you the best support and latest patches on the successor of Centos 7.

See the component Release Notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisAdapt 1.10.0.3
  • nevisAdmin4 4.14.0.5
  • nevisAuth 4.34.0.4
  • nevisDetect 1.10.0.3
  • nevisDp 2.19.0.1744896953
  • nevisFido 1.17.0.1
  • nevisIdm 2.84.0.1816761841
  • nevisIdmDb 7.6.0.1816761841
  • nevisIdmCl 2.84.0.1816761841
  • nevisLogrend 1.16.0.1
  • nevisMeta 1.14.0.0
  • nevisProxy 5.1.0.0

Resolved issues

  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.
  • UPGRADED: MariaDB is upgraded to 10.3.34.
  • FIXED: The issue to set the NTP server via the Shell GUI.
  • FIXED: The missing nevisadmin group in /etc/group.

nevisAppliance 2.202111.954 - 17.12.2021

Highlights

We are pleased to announce the publication of the Nevis Appliance 2.202111.954 Rolling Release.

Announcement

This nevisAppliance release contains Nevis components affected by the log4j CVE-2021-44228 and CVE-2021-45046.

See the component release notes to get an in-depth view of the fixes.

Upgraded Nevis components

  • nevisIdm 2.83.1.1582843141
  • nevisIdmDb 7.5.1.1582843141
  • nevisIdmCl 2.83.1.1582843141

Resolved issues

  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.

nevisAppliance 2.202111.950 - 6.12.2021

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202111.950 Rolling Release.

Announcement

This is the second Rolling Release that is Centos Stream 8 based, and it is a full replacement of the November 2021 Rolling Release 2.202111.948.

We have improved the upgrade process and with this, also Centos 7 based nevisAppliances can be smoothly upgraded without re-allocation of new machines. Just update with our update-nevis.sh script, and provide the corresponding OS and Nevis images.

We crafted this release using additional packages to help you having a smooth and easy upgrade of existing LTS 2019 or LTS 2021 based nevisAppliances, as well as the current Rolling Release based ones with just minimal effort.

We recommend you make yourself familiar with the changes the base OS (Centos Stream 8) comes with compared to Centos 7, which was the former OS of the nevisAppliance.

To enhance security on the nevisAppliance Rolling Release, it comes with SELinux in disabled mode state, which we enhance in upcoming releases using improved policy files and running it in enforcing mode.

If you run into any issues during the upgrade, we are here to support you.

Upgraded Nevis components

  • nevisAdmin4 4.13.1.0
  • nevisAdmin4 plugins 4.13.1.1

Removed Nevis components

  • None.

Resolved issues

  • UPGRADED: The CentOS Stream 8 operating system is upgraded to the latest available version.
  • UPGRADED: Splunk Forwarder is upgraded to 8.2.3.

nevisAppliance 2.202111.948 - 17.11.2021

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202111.948 Rolling Release.

Announcement

Centos 7, the base Operating System used so far on the nevisAppliance, reached EOL. nevisAppliance has a new Operating System, Centos Stream 8.

This is the first Rolling Release that is Centos Stream 8 based to provide you the best support and latest patches on the successor of Centos 7.

We crafted this release using additional packages to help you having a smooth and easy upgrade of existing LTS 2019 based nevisAppliances, as well as the current Rolling Release based ones with just minimal effort.

info

This release is a major update. It needs additional effort to preserve the existing configurations from the previous Centos 7 based nevisAppliance.

  1. Start a fresh installation using the provided ISO boot image, and install the image files of your choice. Do not upgrade or mix existing Centos 7 based installations with the new images. If you apply the new Rolling Release nevisAppliance images to a previous (earlier than August 2021 RR) you end up with a stuck GRUB bootloader during reboot.
  2. For Nevis components, you can find the existing configuration in /var/opt/<component>. Apply them on newly allocated machines/VMs, and consider dependencies of /var/opt/<component> in other files as well.
  3. Then go through the component Release Notes and Migration Guides, and make the necessary configuration and setup changes for your instances. If you have a nevisAdmin 4 based setup, you can deploy your configuration to the new allocated machines replacing the Centos 7 based nevisAppliances.

To enhance security on the nevisAppliance Rolling Release, it comes in its first release with SELinux in disabled mode state which we enhance in upcoming releases using proper policy files and running it in enforcing mode.

If you run into any issues during the upgrade, we are here to support you.

Upgraded Nevis components

  • nevisAdapt 1.9.0.4
  • nevisAdmin4 4.13.0.5
  • nevisAuth 4.33.0.8
  • nevisDetect 1.9.0.4
  • nevisDataPorter 2.18.0.1408144319
  • nevisfFIDO 1.16.0.8
  • nevisIDM 2.83.0.1443644301
  • nevisidmdb 7.5.0.1443644301
  • nevisLogRend 1.15.0.9
  • nevisMeta 1.13.0.0
  • nevisProxy 5.0.0.1

The components not mentioned here are no longer supported on the Rolling Release stream.

Removed Nevis components

  • nevisAdmin3
  • nevisAgent

Resolved issues

  • UPGRADED: The CentOS operating system is upgraded to the latest available version.
  • UPGRADED: OpenJDK is upgraded to 1.8.0.312.b07.

nevisAppliance 2.202108.943 - 18.08.2021

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202108.943 Rolling Release.

Announcement

This is the last Rolling Release that is Centos-7 based. Due to Centos 7 becoming EOL, we switch for the November 2021 Rolling Release to a new Centos8-stream based Operating System as the base for the nevisAppliance to keep up with up-to-date software and security fixes. See the component release notes for more specific information.

Removed

Support for adnwildfly and adnjboss as deployment containers is now removed. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • nevisAdapt 1.8.0.4
  • nevisAdmin 3.8.8.8
  • nevisAdmin 4.12.0.8
  • nevisAgent 3.8.8.8
  • nevisAuth 4.32.0.3
  • nevisDetect 1.8.0.4
  • nevisDataPorter 2.17.0.1049456321
  • nevisfFIDO 1.15.0.3
  • nevisIDM 2.82.0.1117104689
  • nevisidmdb 7.4.0.1117104689
  • nevisLogRend 1.14.0.2
  • nevisMeta 1.12.0.0
  • nevisProxy 4.6.0.1

Resolved issues

  • UPGRADED: The CentOS operating system is upgraded to the latest available version.

nevisAppliance 2.202105.939 - 20.07.2021

Highlights

We are pleased to announce the publication of the Nevis Cluster 2.202105.939 Rolling Release bugfix release. It contains an updated nevisAuth component with improved RelyingPartyState functionality. See the nevisAuth release notes for more information on this security fix: nevisAuth 4.31.1.0 - 19.07.2021.

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • nevisAuth 4.31.1.0

Resolved issues

  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202105.938 - 01.07.2021

Highlights

We are pleased to present the Nevis Cluster 2.202105.938 Rolling Release bugfix release. It contains an updated nevisMeta component. See the nevisMeta release notes for more information on this security fix: nevisMeta 1.11.0.5 - 05.07.2021.

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • nevisMeta 1.11.0.5

Resolved issues

  • UPGRADED: The CentOS operating system, to the latest available version.

nevisAppliance 2.202105.937 - 28.06.2021

Highlights

We are pleased to present the Nevis Cluster 2.202105.937 Rolling Release security hotfix. It contains an updated nevisProxy component. See the nevisProxy release notes for more information on this security fix: nevisProxy 4.5.1 - 25.6.2021.

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed in this release. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • nevisProxy 4.5.1.0

Resolved issues

  • UPGRADED: The CentOS operating system, to the latest available version.

nevisAppliance 2.202105.936 - 22.06.2021

Highlights

We are pleased to present the Nevis Cluster 2.202105.936 Rolling Release Update. This nevisAppliance release fixes the unsupported and incompatible OpenJDK version (1.8.0.292), which was delivered with the extended image set. If you are using the nevisAppliance extended image version 2.202105.934, upgrade to this new version.

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed. This also pertains to the two J2EE deployment containers.

Resolved issues

  • FIXED: The issue with the delivery of the unsupported OpenJDK version 1.8.0.292 (instead of the supported version 1.8.0.282) on the nevisAppliance has been fixed.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202105.934 - 15.06.2021

Highlights

We are pleased to present the Nevis Cluster 2.202105.934 Rolling Release Update. This nevisAppliance release fixes the memory leak that occurred when using OpenOffice with adnooprint as the nevisIDM printing facility. If you use the nevisIDM printing functionality on the extended nevisAppliance image, we recommend upgrading to this latest version.

Currently, the only supported printing facility is adnooprint together with LibreOffice. To give a clear plot, we removed the oooserver package in this release. Migration To use the new printing tool, perform the following steps:

  1. Adjust the OPENOFFICE_HOME variable in the /var/opt/adnooprint/<instance>/conf/env.conf file as shown in the next code snippet:
...
OPENOFFICE_HOME=/usr/lib64/libreoffice
...
  1. The /tmp/.config folder can prevent LibreOffice from starting (ending in a TIMEOUT). Therefore, remove an existing /tmp/.config folder completely after installing the nevisAppliance images. Use the following command: rm -Rf /tmp/.config

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed in this release. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • adnooprint-1.2.1.928552561

Removed Nevis components

  • oooserver-1.1.0.0

Resolved issues

  • FIXED: The issue with the memory leak in OpenOffice has been fixed with a full replacement.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202105.933 - 19.05.2021

Highlights

We are pleased to present the Nevis Cluster 2.202105.933 Rolling Release. We are heading towards the upcoming LTS switch (November 2021) and therefore are cleaning up/adjusting components. As there are issues with newer OpenJDK versions regarding TLS (see also the separate Nevis statement on this), the nevisAppliance continues to use OpenJDK 1.8.0.282.b08-1.el7_9, to provide a safe and good working Nevis environment.

  • With this release, you get the latest component updates.

Removed

Support for adnwildfly and adnjboss as deployment containers has been removed in this release. This also pertains to the two J2EE deployment containers.

Upgraded Nevis components

  • adnooprint-1.2.0.683684080
  • nevisAdapt 1.7.0.5
  • nevisAdmin 3.8.7.5
  • nevisAdmin4 4.11.0.9
  • nevisAuth 4.31.0.1
  • nevisDetect 1.7.0.5
  • nevisFIDO 1.14.0.1
  • nevisIDM 2.81.0.830749540
  • nevisIDMDb 7.4.0.830749540
  • nevisIDMCl 2.81.0.830749540
  • nevisKeybox 2.2.4.1
  • nevisLogrend 1.13.0.1
  • nevisMeta 1.11.0.3
  • nevisProxy 4.5.0.2

Removed Nevis components

  • adnjboss (EOL since November 2020)
  • adnwildfly (EOL since November 2020)
  • nevisPortal (EOL since May 2019)

Resolved issues

  • FIXED: The issue with the memory leak in adnooprint has been fixed with an upgraded version.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202102.911 - 08.04.2021

Highlights

We are pleased to present the Nevis February 2.202102.911 hotfix Rolling Release.

  • This release contains a security fix for nevisProxy regarding the following OpenSSL issues:

For more, see the nevisProxy upgrade and release notes: nevisProxy 4.4.1 - 8.4.2021.

Deprecated

Support of adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisProxy 4.4.1.0

Resolved issues

  • UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.202102.908 - 08.03.2021

Highlights

We are pleased to present the Nevis February 2.202102.908 hotfix Rolling Release.

  • This hotfix is only of relevance to you if you are still using nevisAdmin 3 for deployments. It fixes a redeploy issue that was introduced in the February 2.202102 Release. Only the nevisAdmin3 nevisAppliance image has been changed/upgraded in this release. For further details, see the nevisAdmin 3 release notes.

    Deprecated

Support for adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisAdmin3 3.8.7.3

Resolved issues

  • FIXED: The bug that caused a redeploy issue in nevisAdmin 3 asking for an unknown password has been fixed.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202102.902 - 23.02.2021

Highlights

We are pleased to present the Nevis February 2.202102.902 hotfix Rolling Release.

  • This hotfix is of relevance to you if you use nevisAdmin 4 for deployments. It fixes a ConcurrentModification exception during deployment generation on multicore machines as well as some issues with patterns in the nevisAdmin 4 component. For further details, see the nevisAdmin 4.10.1 release notes.

    Deprecated

Support for adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisAdmin4 4.10.1.2

Resolved issues

  • FIXED: The bug that caused a ConcurrentModification exception in nevisAdmin 4.
  • FIXED: Some issues with nevisAdmin 4 patterns.
  • UPGRADED: The CentOS operating system, to the latest available version.

nevisAppliance 2.202102.901 - 17.02.2021

Highlights

We are pleased to present the Nevis Cluster 2.202102.901 Rolling Release.

  • With this release, you get the latest component updates as well as a security fix for the sudo CVE-2021-3156 that recently has been identified. To improve security even more, the rolling release comes with the audit daemon activated and preconfigured with CIS Lvl2 recommended configuration.

    Deprecated

Support for adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisAdapt 1.0.6.6
  • nevisAdmin 3.8.6.9
  • nevisAdmin4 4.10.0.8
  • nevisAuth 4.30.0.2
  • nevisDetect 1.0.6.6
  • nevisFIDO 1.13.0.1
  • nevisIDM 2.80.0.552486535
  • nevisIDMDb 7.3.0.552486535
  • nevisIDMCl 2.80.0.552486535
  • nevisLogrend 1.12.0.1
  • nevisMeta 1.10.0.0
  • nevisProxy 4.4.0.0

Resolved issues

  • NEW: The audit daemon of CentOS is installed and activated.
  • FIXED: sudo vulnerability CVE-2021-3156.
  • FIXED: on the nevisAppliance DB image (only), /proc/sys/vm/swappiness has been lowered to 10 to reduce swappiness, which is important while running MariaDB.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available version.

nevisAppliance 2.202011.788 - 16.12.2020

Highlights

We are pleased to present the Nevis November 2.202011.788 hotfix Rolling**Release**.

  • This release contains a security fix for nevisProxy. For more, see the component-specific upgrade and release notes: nevisProxy 4.3.1 - 16.12.2020.

    Deprecated

Support of adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisProxy 4.3.1.0

Resolved issues

  • UPGRADED: CLAM-AV, to version 0.103. This version supports the configuration of proxy certificates for updates.
  • UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.202011.785 - 24.11.2020

Highlights

We are pleased to present the Nevis November 2.202011.785 hotfix Rolling**Release**.

  • This release aligns the nevisIDM version with the RPM software delivery for the Nevis November 2020 official Cluster release. Do not install release version 2.202011.784 but use this one instead.

    Deprecated

Support of adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisIDM 2.79.0.347578032
  • nevisIDMDb 6.0.0.347578032
  • nevisIDMCl 2.79.0.347578032

Resolved issues

  • FIXED: The issue with the old version of nevisIDM that was delivered with release version 2.202011.784
  • UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.202011.784 - 18.11.2020

Highlights

We are pleased to present the Nevis Cluster 2.202011.784 Rolling**Release**.

  • With this release, we had to remove Oracle products section in the nevisAppliance reference guide. In this new FAQ section, we provide answers to often asked questions and How-to's regarding the handling of the nevisAppliance.

  • To support nevisReports, we added the latest *beats-collection (Filebeat, Heartbeat, Journalbeat) to this release on all image types.

    Deprecated

Support of adnwildfly as deployment container has been removed. Migrate your adnwildfly-based instances to a standalone container deployment.

Upgraded Nevis components

  • nevisAdapt 1.0.5.5
  • nevisAdmin 3.8.5.222
  • nevisAdmin 4 4.9.0.7
  • nevisAuth 4.29.0.249
  • nevisDetect 1.0.5.5
  • nevisFIDO 1.12.0.1272
  • nevisIDM 2.79.0.347578032
  • nevisIDMDb 5.4.0.207381899
  • nevisIDMCl 2.79.0.347578032
  • nevisLogrend 1.11.0.120
  • nevisMeta 1.9.0.110
  • nevisProxy 4.3.0.0

Resolved issues

  • FIXED: The issue with the removed JDK support tools (jstack, jstat and jmap). They are now available again.
  • FIXED: The bug where the sssd.service was not automatically started on reboot although it was activated in systemd.
  • FIXED: The bug regarding the duplicate entries in the /etc/passwd and /etc/group files.
  • UPGRADED: The CentOS operating system, to the latest available versions.

nevisAppliance 2.202008.740 - 15.10.2020

Issue with automatic start of Nevis components

Who is affected?

  • Customers that used nevisAdmin 3 (or inst createcommands) to set up instances.
  • NOT affected: nevisAdmin 4 customers.

What is the problem?

  • Since the last nevisAppliance 2.202008.729 RR release (August 2020), some Nevis components were not automatically started after the nevisAppliance reboot.
  • Older RR releases are not affected.

Installation steps

  1. Make sure that all your Nevis standalone instances are enabled at systemd-level.
  • If this is not the case, enable them using the command systemctl enable.
  1. Install the hot fix release 2.202008.740.
  2. After reboot, check that all instances are running.

Background

The August 2020 RR release provided an improved nevisAppliance startup process, including a better systemdintegration. From this release on, dependencies in systemd files are configured such that custom scripts are completed before Nevis components are started. In the release notes of the August release, this change was marked as "FIXED: The issue regarding the boot order and the configuration of custom init.d scripts.".

This change accidentally removed the automatic startup of container-based setups, such as instances that are started as part of adnglassfish, adnwildfly or adnjboss. Also, standalone instances disabled in systemd were not started anymore after reboot.

With this hotfix release, the startup of container-based instances has been re-introduced to keep backward compatibility. To start standalone instances (such as nevisProxy, nevisAgent, nevisAuth, nevisLogrend), enable them in systemd first as per the above installation steps.

Deprecated

Support of adnwildfly as deployment container is deprecated and will be removed in the November 2020 release. Plan the migration of your adnwildfly based instances to a standalone container deployment until this date.

Upgraded Nevis components

  • nevisCred 2.0.20.0
  • nevisKeybox 2.2.2.17

Resolved issues

  • FIXED: The issue where Nevis component instances were not automatically started after reboot.
  • FIXED: This issue with the missing hpssacli package (HP Smart Storage Administrator). The package is now available. ****HP renamed the "hpssacli" tool. It is now called "ssacli".
  • FIXED: The issue with the missing neviswf command on PATH. The command is now available.
  • UPGRADED: The CentOS operating system has been upgraded to the latest available versions.

nevisAppliance 2.202008.729 - 19.08.2020

Highlights

We are pleased to present the Nevis Cluster 2.202008.729 Rolling Release.

Deprecated

Support of adnwildfly as deployment container is deprecated and will be removed in the November 2020 release. Plan the migration of your adnwildfly based instances to a standalone container deployment accordingly until this date.

Upgraded Nevis components

  • nevisAdapt 1.0.4.3
  • nevisAdmin 3 3.8.3.198
  • nevisAdmin 4 4.8.0.12
  • nevisAuth 4.28.0.230
  • nevisDetect 1.0.4.3
  • nevisFIDO 1.11.0.1267
  • nevisIDM 2.78.0.207381899
  • nevisIDMDb 5.4.0.207381899
  • nevisLogrend 1.10.0.101
  • nevisMeta 1.8.0.98
  • nevisProxy 4.2.0.0

Resolved issues

  • CHANGED: The nevisIDM EELS version is no longer available.
  • CHANGED: Applied additional hardening to the group nobody and the user nvbuser.
  • FIXED: The issue regarding the boot order and the configuration of custom init.d scripts has been fixed.
  • FIXED: The issue regarding the unique IDs of users (/etc/passwd) and groups (/etc/group) has been fixed. It is now ensured that users and groups have unique IDs.
  • FIXED: The bug where an error message was sent about a missing sssd-shadowutils file when running the nevis-update.sh script.

nevisAppliance 2.202005.622 - 15.06.2020

Highlights

We are pleased to present the Nevis Cluster 2.202005.622 Rolling Release.

This release is a hot fix release for nevisProxy.

Read the nevisProxy release notes for additional information.

Upgraded Nevis components

  • nevisProxy 4.1.1.0

Resolved issues

  • FIXED: A bug that caused a memory leak in openssl is now fixed.
  • FIXED: A bug in the HttpConnectorServlet is now fixed.
  • UPGRADED: UnbluFilter has been upgraded to the newest Unblu version 1.7.5.
  • UPGRADED: The CentOS operating system and the OpenJDK have both been upgraded to the latest available versions.

nevisAppliance 2.202005.608 - 20.05.2020

Highlights

We are pleased to present the Nevis Cluster 2.202005.608 Rolling Release. With this release, we had to remove Oracle products (SQLPlus, JDBC drivers) from the NevisAppliance due to oracle's license restrictions. In case you need these back on the NevisAppliance you will find an answer in the new FAQ section in the nevisAppliance reference guide where we pick up often asked questions and answer them here and also provide helpful "How to's".

Deprecated

Support of adnwildfly as deployment container is deprecated and will be removed in the November 2020 release. Plan the migration of your adnwildfly based instances to a standalone container deployment accordingly to this date.

Upgraded Nevis components

  • nevisAdapt 1.0.3.8
  • nevisAdmin 3 3.8.2.6
  • nevisAdmin 4 4.7.0.166
  • nevisAuth 4.27.0.210
  • nevisDetect 1.0.3.8
  • nevisFIDO 1.10.0.1253
  • nevisIDM 2.77.0.75
  • nevisIDMDb 4.4.0.75
  • nevisIDMCl 2.77.0.75
  • nevisLogrend 1.9.0.93
  • nevisMeta 1.7.0.68
  • nevisProxy 4.1.0.0

Resolved issues

  • CHANGED: The sshd configuration and the pam authentication have been hardened. (NEVISAPPLIANCE-449)
  • FIXED: The problem that the sssd-shadowutils was not persisted during reboots. (NEVISAPPLIANCE-449)
  • FIXED: The issue with the broken couchbase template config.dat in the February 2020 release. (NEVISAPPLIANCE-450)
  • UPDATED: The MariaDB sample configuration, to match the latest nevisIDM changes. (NEVISAPPLIANCE-446)
  • UPGRADED: The CentOS system and OpenJDK (to the latest available versions).

nevisAppliance 2.202002.576 - 30.04.2020

Changes

We are pleased to present the Nevis Cluster 2.202002.576 Rolling Release.

This release is a hot fix release for nevisAdmin 3. Only the images file for the admin appliance are provided.

Read the nevisAdmin 3 release notes for additional information.

Upgraded Nevis components

  • nevisAdmin 3.8.1.2

nevisAppliance 2.202002.566 - 17.04.2020

Changes

We are pleased to present the Nevis Cluster 2.202002.566 Rolling Release.

This release is merely a security fix release for nevisProxy.

Read the nevisProxy release notes for additional backward incompatibilities and changes.

Upgraded Nevis components

  • nevisProxy 4.0.1

Resolved issues

  • UPGRADED: The Linux kernel and system libraries, to the latest available versions.

nevisAppliance 2.202002.522 - 20.02.2020

Highlights

We are pleased to present the Nevis Cluster 2.202002.522 Rolling Release.

This release ships, among many bug fixes and product improvements, with the following highlights:

  • Major release of nevisProxy (4.0.0) featuring many security and other improvements.
  • nevisAdmin 4 with performance-related improvements and support for Azure Database for MariaDB (requires Kubernetes deployment).
  • Nevis Mobile Authentication with a new dispatcher that generates QR codes to be consumed by the Nevis Authentication Mobile SDK. You can use the QR code to transfer authentication information to the mobile device, as an alternative to the Firebase Cloud Messaging push messages.

Read the nevisProxy and nevisIDM release notes for additional backward incompatibilities and changes.

Upgraded Nevis components

  • nevisAdmin 3.8.0.0
  • nevisAdmin 4.6.0.63
  • nevisAuth 4.26.0.192
  • nevisDataPorter 2.16.0.39
  • nevisFIDO 1.9.0.1227
  • nevisIDM 2.76.2.63
  • nevisLogRend 1.8.0.88
  • nevisMeta 1.6.0.45
  • nevisProxy 4.0.0
  • nevisDetect 1.0.2.266

Removed Nevis components

The following components are not available anymore in rolling releases:

  • nevisReports
  • nevisWorkflow
  • nevisGate Tunnel Worker

If you still need these components, use the LTS release.

Resolved issues

  • NEW: nevisDetect and nevisAdapt are now available on the extended Nevis appliance.
  • FIXED: The login for user nvauser has been fixed to /sbin/nologin.
  • UPGRADED: The Linux kernel and system libraries, to the latest available versions.
  • UPGRADED: The Splunk Forwarder, to version 8.0.2.
  • REMOVED: There is no support anymore for the nevisReports appliance.

nevisAppliance 2.201911.427 - 26.11.2019

Highlights

We are pleased to present the Nevis Cluster 2.201911.427 LTS release. This is the first Nevis release covered by an extensive long-term-support plan, as detailed in the Nevis Product Lifetime and Platform Support Matrix. The LTS (long-term-support) releases focus on stability and will fix defects and security issues while avoiding major, potentially breaking changes.

This release ships, among many bug fixes and product improvements, with the following highlights:

  • Performance improvements and faster recovery in the nevisProxy MariaDB session store, leading to a better user experience during infrastructure failovers.
  • Support of TLS 1.3, the new and most secure version of the TLS protocol in nevisProxy (requires at least nevisAppliance, RHEL 7 and SLES12 only).
  • Full support for OAuth 2.0 token introspection endpoints (RFC 7662).
  • Protect your services with terms and conditions, using the new feature available in nevisIDM.
  • Starting with this release, nevisIDM fully supports the latest long-term release of Oracle: Oracle 19c.
  • Performance and stability improvements in nevisAdmin 4 when working with large deployments.
  • PREVIEW Experimental support of highly automated Kubernetes deployments in nevisAdmin 4.
  • … and much much more.

Upgraded Nevis components

  • nevisAdmin 3.7.0.0
  • nevisAdmin 4.5.0.89
  • nevisAuth 4.25.0.2
  • nevisDataPorter 2.16.0.39
  • nevisFIDO 1.8.0.7
  • nevisIDM 2.75.1.34
  • nevisIDM 2.68.9.0 (EELS, fade-out support until 20 May 2020)
  • nevisLogrend 1.7.11.1
  • nevisMeta 1.5.3.71
  • nevisProxy 3.14.3.2
  • nevisReports 4.3.0
  • nevisWorkflow 1.13.0.2

Upgrade notes

  • This version of the nevisAppliance ships with the nevisProxy version for RHEL7, with the latest Mod Security and OpenSSL 1.1. Carefully read the nevisProxy release notes for details and backwards compatibility. There are known incompatibilities with old Mod Security rules and CA trust chains which are not created with the proper CA:TRUE flag. You can check old versions of nevisAdmin 3 used to create CA certificates without that flag on the nevisAdmin 3 host if you are affected and need to rotate all certificates signed by this CA:
openssl x509 -text -in /var/opt/nevisadmin/default/nevisadmin/repository/cert/ca_certificate.pem \
| grep "CA:TRUE"
# OK: CA:TRUE
# NOK: (no output)

If there is no output, this CA is no longer readable by nevisProxy and all certificates must be rotated. See the nevisAdmin 3 release notes and reference guide for detailed instructions.

  • Carefully read the nevisIDM, nevisAuth and nevisAdmin 4 release notes for additional backward incompatibilities.

Resolved issues

  • UPGRADED: The Linux kernel and system libraries to the latest available versions.
  • CHANGED: The value for kernel.pid_max parameter in /etc/sysctl.conf was increased to 65534. This increases the ability to work on systems with lots of resources and to perform under heavy load. Otherwise, errors like -bash: fork: Cannot allocate memory were displayed. It addresses an issue known to RedHat and described at `http://access.redhat.com/solutions/1434943. (NEVIS-5791, NEVISAPPLIANCE-430)
  • FIXED: OpenJDK support for nevisAuth and nevisIDM when rendering images or documents, like captchas. Previously, errors like "libfreetype.so.6: cannot open shared object file: No such file or directory" occurred on the Base and DMZ nevisAppliance when using OpenJDK. This was fixed by ensuring the fontconfig packages are always installed. (NEVISAPPLIANCE-425)