Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Release Notes

Release Note for CTE v7.4 for Linux

search

Please Note:

Release Note for CTE v7.4 for Linux

Release Note Version Date
7.4.0.95 2023-06-13

Release 7.4.0.95 of CipherTrust Transparent Encryption (CTE) for Linux adds new features, fixes known defects and addresses known vulnerabilities.

New Features and Enhancements

The major improvements to CTE for Linux in this release are:

  • Cloud Object Storage GuardPoints now supported for RHEL 9

    See CTE for Cloud Object Storage for more information.

  • Support for LDT Multiple communication groups

    See Multiple LDT Communication Groups Considerations for more information.

  • LDT NFS: Loss of connectivity to NAS share from primary host

    See Detecting Loss of NAS connection to an LDT GuardPoint Group for more information.

  • Report exact number files of encrypted in the GuardPoint

    A new command has been added, voradmin ldt summary <guard path> to report the exact number files encrypted in the GuardPoint.

    See CTE-LDT Command-Line Administration for more information.

  • Upgraded OpenSSL

    Agent libraries are now built on OpenSSL 3.0.

  • AES-NI

    The host on which you want to install CTE must support AES-NI hardware encryption. If it does not, any attempt to install or upgrade CTE to release 7.0.0, or any subsequent version, will fail.

New Platform Support

The following kernel is supported starting with CTE v7.4.0.99:

RHEL

  • RHEL 8.8

Rocky Linux

  • Rocky Linux 8.7

Ubuntu

  • New 5.15 kernels for Ubuntu 20.04

  • New 5.15 kernels for Ubuntu 22.04

Secure Boot Advisory

For CipherTrust Transparent Encryption to support Secure Boot, the signing key for CTE kernel modules must be renewed every three years. Thales' current schedule for changing the signing key is the first week of 2024. For customers who take advantage of Secure Boot with CTE, the new certificate, matching the new signing key, must be added to their systems by the end of this year 2023 to ensure a smooth upgrade. In CTE 7.5, Thales will provide instructions for obtaining the new certificate.

Resolved Issues

  • AGT-42578: QOS logs do not clear automatically

    The Linux LDT QOS logs now automatically rotate as the logs grow in size. Previously, the log kept growing and caused system performance issues. Now, when the log reaches 1 MG in size, LDT rotates the log. LDT saves a maximum of five logs. After 5 files are created, it deletes the oldest log.

  • AGT-43311 [CS1446938 ]: Policy message shows username is null after agent upgrade

    The issue occurred because the user info cache timed out before it could retrieve the user info from SecFSD. It should have waited for 60 seconds, but it timed out after 30 seconds. This has been fixed.

  • AGT-44775 [CS1462903] (LDT) Server crashed due to secfs2

    Resolved potential race issue between the LDT rekey operation and a deleted file that the application may have kept open.

Known Issues

  • AGT-44159: GuardPoint reports as busy when user tries to uninstall so uninstall fails

    Work-around

    Manually terminate the process that is holding the service. Error message should indicate which process is causing the problem.

End of Life

  • CipherTrust Transparent Encryption v7.4 is the last version in which CTE-Efficient Storage for Linux will be supported. CipherTrust Transparent Encryption v7.5 and subsequent versions will no longer support CTE-Efficient Storage for Linux.

  • CipherTrust Transparent Encryption v7.4 is the last version that will support Ubuntu 18.04

On this page