Released with DX UIM 23.4 CU1.

What's New:

• Upgraded OpenSSL from v3.0.11 to v3.0.13

Released with DX UIM 20.4 CU10

Released with DX UIM 23.4

Released with DX UIM 20.4 CU9.

Released with DX UIM 20.4 CU8.

• Released with DX UIM 20.4 CU7.

(Released with DX UIM 20.4 CU6)

Fixed Defects:

• Potential memory/handle leak using Hub v9.33. (Support Case: 33094507)

(Released with DX UIM 20.4 CU4)

What's New:

• OpenSSL upgraded to v1.1.1q for BCI-Nimbus components.

Fixed Defects:

• Libraries to enable Security-Enhanced - SELinux Enforcing mode is missing in the Hub folder.
  Support Case: 33093582

What's New:

• OpenSSL lib upgrade from version 1.1.1k to 1.1.1l
• OpenLDAP lib upgrade from version 2.4.48 to 2.6.1

Fixed Defects:

• UIM 20.33-Nimbus account password reset issue. (Support Case: 32795970)
• Hub Ldap over SSL not working after upgrade to 20.4. (Support Case: 32986207)

(Released as part of DX UIM 20.4.0.)

• Resolved an issue where users started observing duplicate entries for many robots in the robot.sds file of the hub (after they upgraded from 9.20 to 20.3). Because of this problem, they were noticing a large number of robot inactive alarms coming from certain robots that were not inactive. (Support Cases: 32454722, 32491190, 32498918, 32516879, 32516736, 32519350, 32536779, 32576041, 32581832, 32578868, 32548485, 32604924, 32608299, 32602034, 32687594, and 32682095)
• Resolved an issue where the nimldr silent/express installation was not working. The silent/express was always going into interactive mode. (Support Case: 32788303)
• Resolved an issue where users were observing junk characters in the hub and nas log files. (Support Case: 32720590 and 32727163)

(Released as part of UIM 20.3.3.)

• (9.32 HF2) Resolved an issue where users were able to see the cleartext passwords in the hub.log file when they were logging in using the Admin Console. (Support Case: 32475607)
• Fixed an issue where the primary hub was restarting after every few minutes. The logs from controller and hub were not showing any relevant information about the issue. (Support Case: 32498752)
• Fixed an issue where users were getting errors when they were trying to create tunnels on a hub. (Support Case: 32488645)
• Fixed an issue where the enhanced security.cfg configurations were not propagating to one of the hubs in the environment. (Support Case: 32509796)
• Fixed an issue where the AD/LDAP login through IM was failing. The hub was able to connect to the AD/LDAP server and fetch the group/user list, but the login was still failing. (Support Case: 32424406)

(Included in UIM 20.3)

What's New:

• (7.97 HF9) Fixed a tunnel problem with robot 7.97 HF8. (Support Case: 20325857)
• (7.97 HF9) Fixed an issue where snmpgtw was interferring with hub. (Support Case: 20274225)
• (9.20 HF11) Fixed an issue with LDAP Authentication being failed due to password hardness (characters set). (Support Case: 20302003)
• (9.20 HF11) Fixed an issue with LDAP+SSL authentication while upgrading to UIM 20.1. (Support Case: 31829437)
• (9.20 HF16) Fixed an issue where renaming a robot causes hub to send "robot inactive" alarms. (Support Case: 31888942)

(Included in UIM 20.1)

For the hub 9.30 Release Notes, see http://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/ca-unified-infrastructure-management-probes/GA/alphabetical-probe-articles/hub/hub-release-notes.html

• (9.20 HF1) Fixed an issue in which a tunnel server was not able to establish connection in high latency cases. A new config parameter epoll_wait_timeout has been introduced through which the user can set a different timeout. If the parameter is not specifically configured in hub cfg then default value will be considered which is 15 secs. For Hub to Hub tunnel communication, this parameter needs to be configured in tunnel server hub (applicable for both Secure and Non-secure hubs ) under Tunnel/server section of hub cfg. Valid values for this parameter is between 100 and 15000 (100ms to 15 secs).

For the hub 9.20 Release Notes, see https://docops.ca.com/rest/ca/product/latest/topic?hid=hub_RN&space=UIMPGA&language=&format=rendered

Note: If you are upgrading to hub 7.97, ensure that you first upgrade robot to 7.97 and then upgrade hub to 7.97.

Included in CA UIM 9.0.2

What's New:

• Added the ability to monitor, at specific intervals, if robots deployed on a hub are powered on. You need to manually add specific parameters to the hub configuration to enable this. For more information, see Additional parameters in hub 7.96.
• Provided support for Red Hat Directory Server 10 (RHDS 10) as the LDAP Server. (Support Case 00528637)
• Provided support for communicating with TLS v1.2-enabled OpenLDAP server.
• Updated this probe as part of removing dependency on the end-of-life (EOL) Microsoft Visual C++ Redistributables in CA UIM 9.0.2. CA UIM 9.0.2 now uses Microsoft Visual C++ Redistributable for Visual Studio 2017.
• Updated this probe as part of removing known security vulnerabilities in CA UIM 9.0.2 by using upgraded OpenSSL components.
• (7.93HF12) Fixed the issue where USM was ignoring the severity of hub alarms. The alarms were showing up under hub in USM; however, the severity icon was not changing for these alarms to reflect the correct severity. With this fix, USM no longer ignores the severity of hub alarms; it now displays the correct severity icon for them. (Support Case 01115256)
• Removed support for the following platforms:
  • RHEL 5 (32-bit and 64-bit)
  • Windows 2008
  • CentOS 5 (32-bit and 64-bit)
  • Debian 5 and 6
• Removed support for the following 32-bit platforms:

  • Solaris 10 and 11

  • RHEL 6

  • CentOS 6 and 7

  • SUSE 11

  • OpenSUSE 12 and 13

• Changed the default check_spooler_sessions setting in hub.cfg to 1 = ON.
• Changed the default protocol_mode setting in the tunnel section of hub.cfg to 3 = ON.
• Changed the default value of the max_heartbeat setting in the tunnel section of hub.cfg to 1800 ms.
• Changed the default value of the postroute_interval setting in hub.cfg to 120.
• Changed the default value of the postroute_reply_timeout setting in hub.cfg to 180.
• Changed the default value of the postroute_passive_timeout setting in hub.cfg to 300.
• Changed the default value of the hub_request_timeout setting in hub.cfg to 120.
• Changed the default value of the setting tunnel_hang_timeout = 300 in hub.cfg.
• Changed the default value of the setting tunnel_hang_retries = 3 in hub.cfg.
• Updated this probe as part of adding support for TLS v1.2 in CA UIM. This support establishes secure communication with the UIM database: Microsoft SQL Server and Oracle in CA UIM. For more information about how to enable TLS v1.2 support in CA UIM, see TLS v1.2 Support for Microsoft SQL Server and TLS v1.2 Support for Oracle.

Fixed Defects:

• The default queue bulk size no longer changes to 1 when other changes are made to the queue. (Support Case 797687)
• (7.93HF1) When the LDAP server is down and you restart the hub, the hub starts responding quickly; it no longer remains unresponsive. (Support Case 831283)
• Fixed an issue in which qos_processor was intermittently failing to delete the queue properly, (Support Case: 00815516)
• Corrected a

What's New:

• (7.92HF4) Added support for multiple LDAP Servers.
• (7.92) Added support for SuSE 11 or later.
• (7.92HF1) By default, changes to security.cfg are propagated from any hub.
• (7.92HF6) To improve the throughput performance of tunnel communication between hubs in a high latency network, data compression can now be configured.

Fixed Defects:

• (7.92HF1) A problem which caused the primary hub to crash with a segmentation fault is now fixed. (Support Case 00652137)
• (7.92HF4) Fixed an issue where robot install fails on Windows but appears succeed when the PATH is not set in the section of robot.cfg. Robot install now fails when the PATH is not set. (Support Case 00732914)
• (7.92HF4) Fixed the issue of being unable to save probe config changes after secure_callbacks_from_primary_hub_only is enabled (hub 7.80 HF23) (Support Case 00291708)
• (7.92HF5) If you create a new Solaris zone, a robot installed in the global zone is not automatically deployed to the new zone. To install a robot in a new, non-global zone, install the robot into the non-global zone using the same steps that you use to install the robot in the global zone. (Support Case 746015)
• (7.92HF5) Fixed a problem where false application down alarms were triggered during AIX startup because the robot started before the monitored application. (Support Case 707038)
• (7.92HF8) Duplicate hosts names shared by multiple tenants are now correctly reported to all interested tenants.
• (7.92HF8) When secure_callbacks_from_primary_hub_only is enabled, requests to add the probe to the security file are not forwarded to a primary hub in a different domain.
• (7.92HF8) Fixed an issue where creating a queue with an empty Subject field caused the hub configuration UI in Admin Console to report an error and fail to open. (Support Case 00648129)
• (7.92HF6) Fixed an issue where user_tags were overwritten by the hub spooler. Now, the hub spooler only sets the user_tags if they are empty.
• (7.92HF7) An issue was fixed that caused robots to failover to the secondary hub sooner than expected, appearing to ignore the configured failover interval.
• (7.92HF8) An issue was fixed that caused robots with plugins to not completely release memory on Windows. (Support Case 00791437, DE307126)
• (7.92HF10) Duplicate host names across tenants no longer cause data leaks when the same metric is collected against a target with the same name.
• (7.92HF10) Improved performance between the hub spooler and controller. (Support Case 00687052, 00676791)
• (7.92HF10) Corrected an issue where hubs intermittently show as yellow until selected in the GUI.
• (7.92HF10) The nexec configuration no longer fails when LDAP is enabled. (Support Case 00245766, 00799227)
• (7.92HF10) Alerts now clear for stopped probes once a probe starts running. (Support Case 00723878)
• (7.92HF10) Hubs no longer overwrite the primary_hub status if the field is not supported by a hub version.
• (7.92HF10) Added a variable to hub.cfg that provides a mechanism to periodically close spooler sessions that are in a half-closed state. The check_spooler_sessions variable is set to 0=off by default. When set to 1=on, the spooler sessions are closed.
• Corrected a tunnel stability issue in which hubs would turn red and become unresponsive in Infrastructure Manager and Admin Console. (Support Case 00824936)

• To improve tunnel stability, set protocol_mode=1 in the <tunnel> section of hub.cfg for all tunneled hubs.
• Two new hub parameters specify the amount of time a queue waits for an acknowledgement before re-sending data to a subscriber.
  • postroute_reply_timeout specifies a global timeout setting that applies to all hub queues. Specify this value in the <hub> section of hub.cfg.
  • reply_timeout specifies the reply timeout setting on a per queue basis. This value overrides the global postroute_reply_timeout for the specific queue. Specify this setting in the <queue> section of hub.cfg
  The default reply timeout for a queue is 60 seconds. Setting the timeout value to zero (0) specifies no timeout (infinite wait). The settings apply to attach-get queues and post queues. If the value specified for an attach queue is not equal to the value set for the corresponding get queue, the value for the get queue is used. If the subscriber is a probe, the probe timeout value overrides the attach queue value.
• A new property, robot_missed_update_count, specifies how many consecutive missed updates from the robot must occur before the hub begins issuing robot is inactive alarms. Specify the property in hub.cfg. Default, 2.
• Updated Novell C LDAP libraries to version, which is a mid-2015 release. The version varies by platform. For Linux x64 the version is 098ZW.
• If no min_bulk_size is specified by the subscriber, the min_bulk_size set on the attach queue is now used.
• Support for Solaris as a primary hub is discontinued. Secondary hubs on Solaris are supported.

• Tunnel stability is improved. Hubs no longer appear to randomly switch between available and unavailable. Probe configuration UIs in Infrastructure Manager and Admin Console can be accessed across a tunnel. (Support Case 466247)
• A problem with file descriptors for SSL, which could cause a hub to crash is now fixed.
• Hub keep-alive heartbeat support is added for temporary queues.
• Hub queue parameters min_bulk_size and min_bulk_wait are not working.
• Support for LDAP anonymous simple binds is removed. LDAP anonymous simple binds are now explicitly denied. Valid credentials are required to query LDAP. (US228760)
• Added logic to prevent nametoip requests to an unresponsive hub.
• Simplified the timeout logic for forwarded namtoip requests to the hub. (7.80HF9)
• NAS subscription does not reset as expected when a problem is detected.
• Allow UTF-8 characters in database login user name.
• Hub crashes on restart if hub.cfg contains a static hub entry with the same name.
• Invalid robot is inactive messages.
• Hub and robot can crash when the logging level is set to 5 and a callback reply contains nested PDSs.
• Logging is improved by moving some hub messages from log level 3 to log level 5. (Support Case 169553)
• Queues and tunnels reestablish connections more reliably after a network outage.
• Hub main thread blocks for seconds to minutes.
• Hub does not attempt to reconnect to an unresponsive LDAP server when it comes back online.
• Hub spooler experiences a catastrophic queue error when attempting to read a corrupt PDS file, and good PDS files are discarded. (Support Case 379065)
• Volume of SSL Layer Error 5 messages is now reduced in the hub log file.
• Extended_source is missing from QoS and Alarms from SNMPCollector v3.2 .

• Windows IA64 platform support is dropped for robots. Prior to robot-7.80, support for Windows Itanium (IA64) was enabled as part of the release binaries packaged for the robot. The 7.80 version of the robot no longer comes packaged with the Windows IA64 binaries. All robot functions will continue although the platform is not officially supported.

• TLS Cipher Support and OpenSSL 1.0.1m. OpenSSL 1.0.1m and TLS 1.1 or 1.2 cipher suites are now made available with hub-7.80 and robot-7.80. To maintain backward compatibility with tunnels you must specify a cipher suite that will have TLS first and then SSLv3 last, as this will allow tunnel communication with hub 7.71 and earlier.

• Updated migration path for user tag from robot to hub. To facilitate upgrading from version of the hub prior to 7.80, hub-7.80 will automatically copy user tags from the robot.cfg to the hub.cfg file on restart, if and only if, no user tags exist in hub.cfg and if the new hub option os_user_retrieve_from_robot is set to true (default is true).

• Proper user tag selection for robot state change. In hub-7.80, for the special case of alarms that the hub sends about its robots, the default behavior for user tags has changed to revert back to hub-7.63, where the user tags are set to that of the robot which represents the alarm. This is only a change for the special case of the hub’s robot alarms, not for other alarms and messages. Note, these changes do not affect robot alarms that come directly from the robot itself. This ONLY concerns robot alarms that are generated by the hub in cases such that the robot or the robot’s probes come up or down. A new configuration option, called os_user_robot_alarms_use_hub_tags, is added to optionally revert back to the hub-7.70 behavior if desired.

Whats New in Hub 7.61:

• Tunnel Stability improvements

Whats New in Hub 7.60:

• Improved socket management between two hubs connected via a tunnel
• Reduction in communication errors caused by long-running callbacks over a tunnel connection.
• Refined alarming around queue status to reduce false positives.
• More efficient handling of LDAP directories with large numbers of groups when paired with UMP 7.6.
• Additional defect fixes and general improvements.

Package that is included in the NMS 7.50 distribution.

Package Signatures: