Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Linux Patch Notes for CTE v7.7.0

Linux Patch Notes for CTE v7.7.0

search

Please Note:

printsuggest an edit

Linux Patch Notes for CTE v7.7.0

Patch Information
Release v7.7.0.100
Date 2025-02-04
Document version 1

Note

Due to the addition of support for Dynamic Resource Sets and other issues fixed in build 100 that relate to management of LDT metadata, it is required to upgrade all CipherTrust Transparent Encryption clients to CTE agent v7.7.0.100 to avoid problems resulting from Dynamic Resource Sets, or management of LDT metadata.

copy link to clipboardNew Features and Enhancements

copy link to clipboardEnhancement of Dynamic Resource Sets on LDT Local and NFS GuardPoints

With Dynamic Resource Sets, you can now add a new key rule to a resource set that includes files that are not encrypted under the dynamic resource style policy. This results in the inclusion of those files for rekey and encryption. LDT launches rekey operations on the affected GuardPoints to encrypt the files associated with the resource set in the newly added key rule. Before inclusion of the key rule, those files associated with the resource set were in clear-text.

copy link to clipboardAdded Support for Automating and Reducing the Duration of the Subsequent Data Transformations

Thales created a script to perform subsequent rekey operations using embedded metadata on a set of IDT-Capable devices configured with external metadata. This reduces the time needed to rekey the devices, as the external metadata is a bottleneck when performing rekey on multiple concurrent devices. The script works by converting each device to IDT with embedded metadata before launching rekey. Embedded IDT metadata makes rekey operations significantly faster.

copy link to clipboardResolved Issues

  • AGT-46320: Backup file with exclusion clear_key on LDT NFS GuardPoint does not contain ldt xattr

    Backing up LDT protected files associated with an exclusion key rule with clear key or not associated with any key rule, resulted in the files in the backup image not containing LDT attributes. Such files could not be accessed after restoring into an LDT GuardPoint. This has been fixed.

  • AGT-60463: New primary system crashes during live recovery during active single-file-rekey

    Renaming directories and the addition of the Dynamic Resource Set feature introduced issues in the failover of the primary host in a LDT GuardPoint Group, such as failure to recover files on the promoted primary client as the result of the rename. Those issues are resolved in this patch release.

  • AGT-61568 | AGT-61317: Renaming /dir1 with LDT encrypted data to /dir2 with implicitly excluded data results in the wrong sum value

    On a CipherTrust Transparent Encryption standard GuardPoint, renaming a directory pathname under an encryption key rule, to a pathname associated with an exclusion directory, didn't change the files in the renamed directory to clear_text nor exclude it from rekey. The files in the renamed directory remained encrypted until the next key rotation, at which point those files matched the property of the exclusion key rule associated with the parent pathname. This has been fixed.

  • AGT-61687: Directory renaming sharing conflicting key rules makes renamed files corrupt in a standard GuardPoint

    Renaming a directory that results in changing the association of the directory to a different key rule, with conflicting keys, results in the wrong key being applied to the data in the files with the new directory name. This issue has been resolved by forcing the rename operation to copy and delete source files if the source and target key rules have conflicting keys.

  • AGT-61830: LDT NFS GuardPoint fails to repair/join after host crash

    After a primary host crashes in a single host LDT GuardPoint Group, attempts to guard on the same host after reboot fails. This issue has been resolved by enhancing the voradmin ldt group repair command to detect and fix this scenario.

  • AGT-62934 [CS1569355]: Failed to Renew external client certificates with error vmshare_update_rest_certs: rc = 403

    CTE has been improved to manage a CipherTrust Manager API change which introduced an incompatibility with certificate renewal when using external certificate authorities.

copy link to clipboardKnown Issues

No Known Issues at this time.

On this page