Release Note for CTE v7.5 for AIX
| Release Note Version | Date |
|---|---|
| v7.5.0.26 | 2023-12-19 |
Release v7.5.0.26 of CipherTrust Transparent Encryption (CTE) for AIX adds new features, fixes known defects and addresses known vulnerabilities.
New Features and Enhancements
The major improvements to CipherTrust Transparent Encryption for AIX in this release is:
-
Validate CipherTrust Manager at CTE client during registration
To ensure that registration by the CTE agent is serviced only by the expected key manager, you can provide a copy of the root CA certificate that will be used to authenticate communications with the key manager, during the registration process.
-
Usage of vmutil utility
See vmutil.
-
Wildcard client settings include in CTE AIX
In CipherTrust Manager, Client settings now support specifying paths with an asterisk (*) when adding a binary to Client settings. For example,
|keyword+sig=<signature-set name>|/path/to/binary/* -
CTE agents can communicate with a CipherTrust Manager cluster behind a network load balancer
See Load Balancer.
-
Support Advance security configuration
See Blocking ptrace system calls to prevent process injection attacks.
Resolved Issues
-
AGT-47109: AIX Agents not transitioning to healthy state after CM reboot
After CipherTrust Manager rebooted, the clients remained at the warning state with a message stating:
1 of 1 servers are poor responders. This issue was caused by a long poll problem. CTE clients tried to upload the client status to CipherTrust Manager without sending a long poll message. As a result, the CTE agent was never notified of the new status. CTE clients waited indefinitely and never cleared the warning from the CipherTrust Manager.
Known Issues
-
AGT-48611: AIX upgrade from 7.1.0.33 to 7.5.0.25 with existing GuardPoints causes IO to hang
Work-around
Restart the agent or reboot the machine.
End of Life
-
AIX v7.1
CTE 7.5.0 no longer supports AIX v7.1 because IBM has discontinued AIX v7.1 support.
