サポートと今すぐチャット
サポートとのチャット

One Identity Safeguard for Privileged Sessions 7.0 LTS - Release Notes

Deprecated features

Apache lucene database

In SPS 7.0 LTS, One Identity modified the search for screen content in session data to use the Elasticsearch database only. The Apache lucene database support is phased out, but the query language remained lucene-like.

After the switch to the Elasticsearch database, you will be able to access content stored in an Apache lucene database only if you regenerate the content with the reindex tool. For more information, see Regenerate content stored in lucene indices.

Due to the removal of lucene indices, users are not able to search for content in lucene indices with the content request parameter on the /api/audit/sessions and /api/audit/sessions/stats endpoints.

For more information, see "Searching in the session database" in the REST API Reference Guide and "Session statistics" in the REST API Reference Guide.

Additionally, in Reporting, statistics subchapters that included the audit_content filter will not work. Alternatively, you can use Search-based subchapters with the screen.content filter to create statistic reports from connection metadata that included a specific content in the audit trail.

For more information, see "Creating search-based report subchapters from search results" in the Administration Guide.

Content search option deprecation

On the Search page, the Content search option has been deprecated.

Advanced statistics

Creating statistics from custom queries using the Reporting > View & edit subchapters > Advanced statistics page has been deprecated. The /api/configuration/reporting/custom_subchapters REST API endpoint has also been deprecated.

During the upgrade process, existing advanced statistics subchapters and their references are removed from the SPS configuration. Additionally, advanced statistics ACLs assigned to user groups are also removed from the SPS configuration. Note that if a user group only had the advanced statistics ACL assigned under Users & Access Control > Appliance Access, the whole ACL entry is removed during the upgrade process.

Alternatively, you can use search-based subchapters to query connection metadata. For more information, see "Creating search-based report subchapters from search results" in the Administration Guide.

Resolved issues

The following is a list of issues addressed in this release.

Table 1: General resolved issues in release 7.0 LTS
Resolved Issue Issue ID

An error message or a blank page is displayed when visiting the user interface the first time after an upgrade.

Due to an error, the previous versions of SPS redirected the users to the login page with a permanent redirect. Since the browsers remembered this information and the URL was not available anymore, SPS showed a blank page or an error message on the first visit of the user interface after an upgrade. This has been fixed and SPS now correctly redirects to the login page.

PAM-16656

Copying files over the clipboard in RDP could cause all connections to terminate.

In some rare edge cases, copying files to or from an RDP session host using clipboard copy and paste could cause all RDP connections to terminate during the paste operation. In this case, a core file was generated. The issue was caused by an insufficient safety check, in case the RDP client or server requested an invalid file from the clipboard.

This has been fixed by correcting the safety check. In case of an invalid paste request, the message "Invalid file index in cliprdr file content request" will appear in the system log, and the request will be dropped properly in all cases.

PAM-16569

Online player video share did not work.

Video share did not work when the other user was not logged into the SPS. This issue has been fixed.

PAM-16519

Generated reports displayed session start and session end times only with month precision.

A previous patch for "Session history" and "Verdicts history by sessions" subchapters that fixed the resolution of charts for daily reports unfortunately had an unwanted side effect that caused other subchapters that displayed session start and session end times like "Top 10 longest sessions" or "Top 10 shortest sessions" to display session start and session end times only with month precision as opposed to second precision.

This has been fixed and reports generated now display session start and session end times with second precision.

PAM-16485

SPS falsely displayed the "Play video" button and screenshot viewing possibilities for mssql sessions.

The features for playing video or displaying screenshots for mssql sessions have not yet been implemented.

PAM-16461

If there is no license configured, then the firmware test denies the upgrade without displaying the reason.

When there was no license configured, and you clicked the Test firmware icon, or at Basic Settings/System/Firmwares you selected a different firmware to be active after the reboot, then the firmware test failed, but none of the test results indicated any problems. This issue has been fixed.

PAM-16450

Audited connections, mostly RDP, could fail to write the audit trail and connection could be terminated.

In certain cases, auditing a connection could run into an issue when the audited traffic contained an overly large message. In this case, auditing failed, and the connection was terminated.

Also, the message "Failed to send request to audit writer service;" was added to the system log.

The issue mostly affected RDP clipboard transfers, for example when image data was copied between the RDP session host and the RDP client host.

This issue has been mitigated, by increasing the limit of single transfers to 128 megabytes, which allows copying uncompressed 4K 32bpp images in RDP. Also, logging has been improved to help determine if a connection closed due to this limit.

PAM-16379

Setting a server certificate or private key in the last step of the Welcome Wizard fails with an error.

The web server's certificate and private key can be configured in the last step of the Welcome Wizard before finishing it, but due to an error, it was not possible to set a custom certificate and key pair, or to view the automatically generated one. This has been fixed.

PAM-16282

LDAP connections can accumulate over a short time period in some cases.

Open LDAP connections could accumulate in several cases, for example when an anonymous bind was used. The reason for this was incorrect internal caching. This was fixed.

PAM-16198

Health status information was not up-to-date on the API.

After upgrading to SPS 6.13.0, the {{/api/health-status}} information was not updated. This has been fixed.

PAM-16197

SSH SFTP file transfer might fail from certain servers.

In some cases, transferring files from certain servers using the SFTP protocol failed due to a packet size limit. In this case, the message 'Invalid packet length;' was written to the system log.

The interoperability with these servers has been improved by increasing the packet size limit to match the server limit.

PAM-16188

After upgrading from 5.0.11 to 6.0.12, SPS fails to boot, due to invalid nodeid.json.

Though the upgrade finishes successfully, SPS stops before starting up the system. The web UI gets stuck on "Firmware is starting up, please wait...", and the last message on the screen reads "Fatal error: could not start core firmware because makeworld has failed". This issue has been fixed.

PAM-16172

The Login options page was visible for those as well who had no permission to change or view anything.

This issue has been fixed and now the Login options page is only visible for those who have permission to it, and read-only mode has been added.

PAM-16125

When trying to visualize session data on the timeline on the Search page, if the start time attribute of a session that is to be included on the timeline is missing, the UI displays InternalError.

SPS Search UI provides a feature to visualize session metadata on a timeline chart within a set time range specified by the date filters on the search page.

In order to build the timeline, sessions that fall into the given time range specified by the date filters on the search page are collected. Unfortunately, there can be situations, when the start time property of a session is missing. In this case, if the session is included in the timeline, the UI displays InternalError.

In order to solve this problem, sessions for which the start time attribute is not specified, are not included in the timeline.

PAM-16086

Gateway authentication, Four eyes and Active connections were not available on the web interface.

Due to an authorization error, the Gateway authentication, Four eyes and Active connections pages were not available on the web interface. This issue has been fixed.

PAM-16029

The UI did not accept the ecdsa-sha2-nistp384, ecdsa-sha2-nistp521 host key algorithms.

On the SSH options page, setting the host key algorithms field to ecdsa-sha2-nistp384 or ecdsa-sha2-nistp521 was not possible on the client and server side. This issue has been fixed.

PAM-15959

The Quick Connection Setup configuration could not be finished if a commit log was required, but its dialog was canceled.

This issue has been fixed: canceling the commit log takes you to the Review page of the Quick Connection Setup configuration.

PAM-15913

Encrypted sudo-iolog sessions can be replayed without decryption keys.

Even though users had no decryption keys for encrypted sudo-iolog sessions, screenshots and videos were available for inspection. This issue has been fixed. Now, encrypted sudo-iolog sessions cannot be replayed without decryption keys.

PAM-15862

Some of the Mssql connections fail if TLS is configured.

Mssql connections from clients running on either Windows or Linux could fail when TLS was configured.

On Windows, the connections could fail because the Microsoft command line tool could not parse TDS messages sent in multiple fragments due to a timing related issue.

On Linux, connections could fail if OpenSSL 1.1.1 or later was installed, because the Microsoft command line tool falsely advertised support for TLS v1.3. Currently this TLS version cannot be used due to limitations in the TDS protocol.

Both issues have been fixed. Negotiating TLS v1.3 has been temporarily disabled until proper support is implemented in the TDS protocol.

Furthermore, the initial packet size has been raised during the TLS handshake.

PAM-15839

Vault details information box width was too small to read.

The information box width is corrected, it can be read easily.

PAM-15825

Users could not upload all supported certifications to trust stores.

Some of the certifications were not visible and the user could not upload those to trust stores. This issue is fixed.

PAM-15822

Disk fill-up prevention does not stop active connections.

Due to an error, the active connections were not stopped after the disk fill-up prevention threshold was reached. This has been corrected.

PAM-15785

"Accepted" verdict of RDP session could incorrectly turn to "Rejected".

In some rare cases, when the RDP session was established using multiple TCP connections, then failing intermediate connection, 'Rejected' status was displayed in UI search page for the session, even if a subsequent connection in the same session was accepted. This was fixed by correctly displaying the final session verdict.

PAM-15616

SPS does not support openssh 8.5 and later clients using pubkey auth.

After openssh 8.5 there were some changes related to the pubkey sign algorithm; therefore, the client waits for a message from the server containing the supported server sign algorithms. If this message was missing, the client closed the connection.

This has been fixed, SPS now supports pubkey auth with openssh 8.5 and later clients.

PAM-15596

On editing the Error Templates, we changed the logo. After that, we changed the logo again, and canceled this change, and the loading got stuck.

This issue has been fixed and now the loading is displayed only if a file is selected.

PAM-15588

Configuration lock isn't released when used app switcher

When the user used the app switcher while holding the configuration lock, is it not released and another user wasn't able to configure the SPS.

PAM-15562

tsadaemon tracebacks after reboot.

There is a known bug in the openssl-ts tool, which can corrupt its serial file if it is terminated during a timestamping request. The fix prevents this situation and handles the serial file in a failsafe mode.

PAM-15401

Disk space fill-up prevention can be triggered after an upgrade.

In SPS 6.10.0, a change was introduced in disk space fill-up prevention, requiring +3 GB of free disk space in addition to the configured disk space fill-up prevention value. The pre-check before the upgrade did not use the new rules and this could lead to a situation where the pre-check is successful but after the upgrade and the reboot, the disk fill-up prevention is triggered. To avoid this situation, the pre-check was modified to verify the disk space with the new rules.

PAM-15005

For iolog sessions, the Terminate button has been removed from Safeguard Desktop Player.

In some cases, the Safeguard Desktop Player showed a non-functioning Terminate button, while playing iolog sessions. This issue has been fixed. As terminating iolog sessions is not supported, the Terminate button was removed for iolog sessions.

PAM-14611

Deleting a failed report without a generated pdf may cause an internal server error.

It can happen that there is an error during the pdf creation of a report. If you tried to delete such a report on the Reporting > Download Reports page, it resulted in an internal server error, because SPS tried to delete a pdf that did not exist.

This issue has been fixed and now you can delete the failed reports.

PAM-13632

On the SPS Search UI, in the Advanced search filter, for the deprecated 'psm.index_status' field, there was no valid option to search for sessions with INDEXING_ABORTED index status.

When a new index status called INDEXING_ABORTED was introduced for the 'recording.index_status' field, there was no option provided for its deprecated field, 'psm.index_status' to search for sessions with INDEXING_ABORTED index status. As a result, sessions with INDEXING_ABORTED status could not be searched by the psm.index_status field.

This has been fixed by adding the value '7' to the psm.index_status field as a valid option, which is mapped to the value of the INDEXING_ABORTED status of the recording.index_status field.

PAM-12584

Table 2: Resolved Common Vulnerabilities and Exposures (CVE) in release 7.0 LTS
Resolved Issue Issue ID
bash: CVE-2019-18276
bind9: CVE-2021-25220
cifs-utils: CVE-2020-14342
CVE-2021-20208
CVE-2022-27239
CVE-2022-29869
cups: CVE-2019-8842
CVE-2020-10001
CVE-2022-26691
curl: CVE-2022-22576
CVE-2022-27774
CVE-2022-27775
CVE-2022-27776
CVE-2022-27781
CVE-2022-27782
cyrus-sasl2: CVE-2022-24407
dbus: CVE-2020-35512
dpkg: CVE-2022-1664
expat: CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-23852
CVE-2022-23990
CVE-2022-25235
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
fribidi: CVE-2022-25308
CVE-2022-25309
CVE-2022-25310
glibc: CVE-2016-10228
CVE-2019-25013
CVE-2020-27618
CVE-2020-29562
CVE-2020-6096
CVE-2021-27645
CVE-2021-3326
CVE-2021-35942
CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
gzip: CVE-2022-1271
klibc: CVE-2021-31870
CVE-2021-31871
CVE-2021-31872
CVE-2021-31873
libinput: CVE-2022-1215
libsepol: CVE-2021-36084
CVE-2021-36085
CVE-2021-36086
CVE-2021-36087
libxml2: CVE-2022-23308
CVE-2022-29824
linux: CVE-2020-27820
CVE-2021-26401
CVE-2022-0001
CVE-2022-0435
CVE-2022-0492
CVE-2022-0516
CVE-2022-0847
CVE-2022-1016
CVE-2022-1055
CVE-2022-1116
CVE-2022-23960
CVE-2022-25636
CVE-2022-26490
CVE-2022-27223
CVE-2022-27666
CVE-2022-29581
mysql-8.0: CVE-2022-21412
CVE-2022-21413
CVE-2022-21414
CVE-2022-21415
CVE-2022-21417
CVE-2022-21418
CVE-2022-21423
CVE-2022-21425
CVE-2022-21427
CVE-2022-21435
CVE-2022-21436
CVE-2022-21437
CVE-2022-21438
CVE-2022-21440
CVE-2022-21444
CVE-2022-21451
CVE-2022-21452
CVE-2022-21454
CVE-2022-21457
CVE-2022-21459
CVE-2022-21460
CVE-2022-21462
CVE-2022-21478
nginx: CVE-2020-11724
CVE-2020-36309
CVE-2021-3618
nss: CVE-2020-25648
openjdk-lts: CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
CVE-2022-21426
CVE-2022-21434
CVE-2022-21443
CVE-2022-21476
CVE-2022-21496
openldap: CVE-2022-29155
openssl: CVE-2022-0778
CVE-2022-1292
pcre3: CVE-2019-20838
CVE-2020-14155
php7.4: CVE-2017-8923
CVE-2017-9118
CVE-2017-9119
CVE-2017-9120
CVE-2021-21707
CVE-2021-21708
postgresql-12: CVE-2022-1552
python3.8: CVE-2022-0391
redis: CVE-2022-0543
rsync: CVE-2018-25032
sqlite3: CVE-2021-36690
tar: CVE-2021-20193
tcpdump: CVE-2018-16301
CVE-2020-8037
tiff: CVE-2020-35522
CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0891
xz-utils: CVE-2022-1271
zlib: CVE-2018-25032
Table 3: Resolved Common Vulnerabilities and Exposures (CVE) between releases 6.0.0 and 6.13.0
Resolved Issue Issue ID
apt: CVE-2014-0487
  CVE-2019-3462
  CVE-2020-27350
  CVE-2020-3810
avahi: CVE-2021-3468
bash: CVE-2019-18276
bind9: CVE-2018-5738
  CVE-2018-5740
  CVE-2018-5743
  CVE-2018-5744
  CVE-2018-5745
  CVE-2019-6465
  CVE-2019-6471
  CVE-2019-6477
  CVE-2020-8616
  CVE-2020-8617
  CVE-2020-8618
  CVE-2020-8619
  CVE-2020-8620
  CVE-2020-8621
  CVE-2020-8622
  CVE-2020-8623
  CVE-2020-8624
  CVE-2020-8625
  CVE-2021-25214
  CVE-2021-25215
  CVE-2021-25216
  CVE-2021-25219
  CVE-2021-25220
bubblewrap: CVE-2020-5291
busybox: CVE-2011-5325
  CVE-2017-15873
  CVE-2018-1000500
  CVE-2018-1000517
  CVE-2018-20679
  CVE-2019-5747
  CVE-2021-28831
  CVE-2021-42374
  CVE-2021-42378
  CVE-2021-42379
  CVE-2021-42380
  CVE-2021-42381
  CVE-2021-42382
  CVE-2021-42384
  CVE-2021-42385
  CVE-2021-42386
bzip2: CVE-2008-1372
  CVE-2016-3189
  CVE-2019-12900
cairo: CVE-2018-19876
cifs-utils: CVE-2020-14342
  CVE-2021-20208
  CVE-2022-27239
  CVE-2022-29869
cloud-init: CVE-2020-8632
cpio: CVE-2015-1197
  CVE-2016-2037
  CVE-2021-38185
cron: CVE-2017-9525
cryptsetup: CVE-2016-4484
  CVE-2020-14382
  CVE-2021-4122
cups: CVE-2018-4180
  CVE-2018-4181
  CVE-2018-4182
  CVE-2018-4183
  CVE-2018-4700
  CVE-2018-6553
  CVE-2019-2228
  CVE-2019-8675
  CVE-2019-8696
  CVE-2019-8842
  CVE-2020-10001
  CVE-2020-3898
  CVE-2022-26691
curl: CVE-2018-0500
  CVE-2018-1000120
  CVE-2018-1000121
  CVE-2018-1000122
  CVE-2018-1000300
  CVE-2018-1000301
  CVE-2018-14618
  CVE-2018-16839
  CVE-2018-16840
  CVE-2018-16842
  CVE-2018-16890
  CVE-2019-3822
  CVE-2019-3823
  CVE-2019-5435
  CVE-2019-5436
  CVE-2019-5481
  CVE-2019-5482
  CVE-2020-8169
  CVE-2020-8177
  CVE-2020-8231
  CVE-2020-8284
  CVE-2020-8285
  CVE-2020-8286
  CVE-2021-22876
  CVE-2021-22890
  CVE-2021-22898
  CVE-2021-22924
  CVE-2021-22925
  CVE-2021-22946
  CVE-2021-22947
  CVE-2022-22576
  CVE-2022-27774
  CVE-2022-27775
  CVE-2022-27776
  CVE-2022-27781
  CVE-2022-27782
cyrus-sasl2: CVE-2019-19906
  CVE-2022-24407
db5.3: CVE-2019-8457
dbus: CVE-2019-12749
  CVE-2020-12049
  CVE-2020-35512
dpkg: CVE-2022-1664
e2fsprogs: CVE-2019-5094
  CVE-2019-5188
elfutils: CVE-2018-16062
  CVE-2018-16402
  CVE-2018-16403
  CVE-2018-18310
  CVE-2018-18520
  CVE-2018-18521
  CVE-2019-7146
  CVE-2019-7148
  CVE-2019-7149
  CVE-2019-7150
  CVE-2019-7664
  CVE-2019-7665
expat: CVE-2018-20843
  CVE-2019-15903
  CVE-2021-45960
  CVE-2021-46143
  CVE-2022-22822
  CVE-2022-22823
  CVE-2022-22824
  CVE-2022-22825
  CVE-2022-22826
  CVE-2022-22827
  CVE-2022-23852
  CVE-2022-23990
  CVE-2022-25235
  CVE-2022-25236
  CVE-2022-25313
  CVE-2022-25314
  CVE-2022-25315
ffmpeg: CVE-2018-12458
  CVE-2018-12459
  CVE-2018-12460
  CVE-2018-13300
  CVE-2018-13301
  CVE-2018-13302
  CVE-2018-13303
  CVE-2018-13304
  CVE-2018-14394
  CVE-2018-14395
  CVE-2018-15822
  CVE-2019-1000016
  CVE-2019-11338
  CVE-2019-11339
  CVE-2019-12730
  CVE-2019-13312
  CVE-2019-17539
  CVE-2019-17542
  CVE-2019-9718
  CVE-2019-9721
  CVE-2020-12284
  CVE-2020-13904
file: CVE-2018-10360
  CVE-2019-18218
  CVE-2019-8904
  CVE-2019-8905
  CVE-2019-8906
  CVE-2019-8907
freerdp2: CVE-2020-11097
  CVE-2020-15103
  CVE-2020-4030
freetype: CVE-2018-6942
  CVE-2020-15999
fuse: CVE-2018-10906
gettext: CVE-2018-18751
glib2.0: CVE-2012-3524
  CVE-2019-12450
  CVE-2020-6750
  CVE-2021-2721
  CVE-2021-27218
  CVE-2021-27219
  CVE-2021-28153
glibc: CVE-2016-10228
  CVE-2016-10739
  CVE-2018-11236
  CVE-2018-11237
  CVE-2018-19591
  CVE-2019-19126
  CVE-2019-25013
  CVE-2019-6488
  CVE-2019-7309
  CVE-2019-9169
  CVE-2020-27618
  CVE-2020-29562
  CVE-2020-6096
  CVE-2021-27645
  CVE-2021-3326
  CVE-2021-35942
  CVE-2021-3999
  CVE-2022-23218
  CVE-2022-23219
gnupg2: CVE-2018-12020
gnutls28: CVE-2019-3829
  CVE-2019-3836
  CVE-2020-13777
  CVE-2020-24659
  CVE-2021-20231
  CVE-2021-20232
graphite2: CVE-2016-1977
  CVE-2016-2790
  CVE-2016-2791
  CVE-2016-2792
grub2: CVE-2020-10713
  CVE-2020-14308
  CVE-2020-14309
  CVE-2020-14310
  CVE-2020-14311
  CVE-2020-15705
  CVE-2020-15706
  CVE-2020-15707
gzip: CVE-2022-1271
heimdal: CVE-2018-16860
  CVE-2019-12098
  CVE-2019-14870
icu: CVE-2018-18928
  CVE-2020-10531
  CVE-2021-30535
isc-dhcp: CVE-2017-3144
  CVE-2018-5732
  CVE-2018-5733
  CVE-2021-25217
jinja2: CVE-2019-10906
json-c: CVE-2020-12762
klibc: CVE-2021-31870
  CVE-2021-31871
  CVE-2021-31872
  CVE-2021-31873
krb5: CVE-2007-0956
  CVE-2007-1216
  CVE-2014-9422
  CVE-2018-20217
  CVE-2018-5729
  CVE-2018-5730
  CVE-2020-28196
lcms2: CVE-2018-16435
ldb: CVE-2019-3824
  CVE-2020-25718
  CVE-2020-27840
  CVE-2021-20277
libdbi-perl: CVE-2014-10402
libgcrypt20: CVE-2018-0495
  CVE-2019-13627
  CVE-2021-33560
  CVE-2021-40528
libgd2: CVE-2017-6363
  CVE-2018-1000222
  CVE-2018-14553
  CVE-2018-5711
  CVE-2019-11038
  CVE-2019-6977
  CVE-2019-6978
  CVE-2021-38115
  CVE-2021-40145
libinput: CVE-2022-1215
libjpeg-turbo: CVE-2018-19664
  CVE-2018-20330
  CVE-2020-13790
libmspack: CVE-2018-14679
  CVE-2018-14680
  CVE-2018-14681
  CVE-2018-14682
  CVE-2018-18584
  CVE-2018-18585
  CVE-2018-18586
libonig: CVE-2019-13224
  CVE-2019-13225
  CVE-2019-16163
  CVE-2019-19012
  CVE-2019-19203
  CVE-2019-19204
  CVE-2019-19246
libpcap: CVE-2018-16301
  CVE-2019-15165
libpng1.6: CVE-2014-0333
  CVE-2018-13785
  CVE-2019-7317
librabbitmq: CVE-2019-18609
libseccomp: CVE-2019-9893
libsepol: CVE-2021-36084
  CVE-2021-36085
  CVE-2021-36086
  CVE-2021-36087
libssh2: CVE-2019-3855
  CVE-2019-3856
  CVE-2019-3857
  CVE-2019-3858
  CVE-2019-3859
  CVE-2019-3860
  CVE-2019-3861
  CVE-2019-3862
  CVE-2019-3863
libtasn1-6: CVE-2018-1000654
libtirpc: CVE-2016-4429
  CVE-2018-14622
libwebp: CVE-2018-25009
  CVE-2018-25010
  CVE-2018-25011
  CVE-2018-25012
  CVE-2018-25013
  CVE-2018-25014
  CVE-2020-36328
  CVE-2020-36329
  CVE-2020-36330
  CVE-2020-36331
  CVE-2020-36332
libx11: CVE-2018-14598
  CVE-2018-14599
  CVE-2018-14600
  CVE-2020-14344
  CVE-2020-14363
  CVE-2021-31535
libxkbcommon: CVE-2018-15853
  CVE-2018-15854
  CVE-2018-15855
  CVE-2018-15856
  CVE-2018-15857
  CVE-2018-15858
  CVE-2018-15859
  CVE-2018-15861
  CVE-2018-15862
  CVE-2018-15863
  CVE-2018-15864
libxml2: CVE-2016-9318
  CVE-2017-16932
  CVE-2017-18258
  CVE-2018-14404
  CVE-2018-14567
  CVE-2018-9251
  CVE-2019-19956
  CVE-2019-20388
  CVE-2020-24977
  CVE-2020-7595
  CVE-2021-3516
  CVE-2021-3517
  CVE-2021-3518
  CVE-2021-3537
  CVE-2021-3541
  CVE-2022-23308
  CVE-2022-29824
libxslt: CVE-2019-11068
  CVE-2019-13117
  CVE-2019-13118
  CVE-2019-18197
libzstd: CVE-2021-24031
  CVE-2021-24032
linux: CVE-2017-5715
  CVE-2018-6559
  CVE-2018-9363
  CVE-2019-12614
  CVE-2019-14895
  CVE-2019-14896
  CVE-2019-14897
  CVE-2019-14901
  CVE-2019-15098
  CVE-2019-15791
  CVE-2019-15792
  CVE-2019-15793
  CVE-2019-15794
  CVE-2019-16089
  CVE-2019-17052
  CVE-2019-17053
  CVE-2019-17054
  CVE-2019-17055
  CVE-2019-17056
  CVE-2019-17666
  CVE-2019-19050
  CVE-2019-19076
  CVE-2019-19078
  CVE-2019-19332
  CVE-2019-19449
  CVE-2019-19642
  CVE-2019-19770
  CVE-2019-3016
  CVE-2019-3460
  CVE-2019-3874
  CVE-2019-9857
  CVE-2020-0543
  CVE-2020-11494
  CVE-2020-11884
  CVE-2020-11935
  CVE-2020-12351
  CVE-2020-12352
  CVE-2020-12888
  CVE-2020-13143
  CVE-2020-14351
  CVE-2020-14386
  CVE-2020-16119
  CVE-2020-16120
  CVE-2020-24490
  CVE-2020-24586
  CVE-2020-24587
  CVE-2020-24588
  CVE-2020-26139
  CVE-2020-26141
  CVE-2020-26145
  CVE-2020-26147
  CVE-2020-26541
  CVE-2020-27170
  CVE-2020-27171
  CVE-2020-27777
  CVE-2020-27820
  CVE-2020-28374
  CVE-2020-29372
  CVE-2020-36385
  CVE-2020-4788
  CVE-2020-8694
  CVE-2020-8835
  CVE-2021-1052
  CVE-2021-1053
  CVE-2021-26401
  CVE-2021-27363
  CVE-2021-27364
  CVE-2021-27365
  CVE-2021-29154
  CVE-2021-29650
  CVE-2021-33200
  CVE-2021-33909
  CVE-2021-3428
  CVE-2021-3444
  CVE-2021-3492
  CVE-2021-3653
  CVE-2021-3656
  CVE-2021-3759
  CVE-2021-4002
  CVE-2021-40490
  CVE-2021-4083
  CVE-2021-4155
  CVE-2022-0001
  CVE-2022-0185
  CVE-2022-0330
  CVE-2022-0435
  CVE-2022-0492
  CVE-2022-0516
  CVE-2022-0847
  CVE-2022-1016
  CVE-2022-1055
  CVE-2022-1116
  CVE-2022-22942
  CVE-2022-23960
  CVE-2022-25636
  CVE-2022-26490
  CVE-2022-27223
  CVE-2022-27666
  CVE-2022-29581
lxml: CVE-2020-27783
  CVE-2021-28957
  CVE-2021-43818
lz4: CVE-2019-17543
  CVE-2021-3520
mysql-5.7: CVE-2016-9843
  CVE-2018-0739
  CVE-2018-2755
  CVE-2018-2758
  CVE-2018-2759
  CVE-2018-2761
  CVE-2018-2762
  CVE-2018-2766
  CVE-2018-2767
  CVE-2018-2769
  CVE-2018-2771
  CVE-2018-2773
  CVE-2018-2775
  CVE-2018-2776
  CVE-2018-2777
  CVE-2018-2778
  CVE-2018-2779
  CVE-2018-2780
  CVE-2018-2781
  CVE-2018-2782
  CVE-2018-2784
  CVE-2018-2786
  CVE-2018-2787
  CVE-2018-2810
  CVE-2018-2812
  CVE-2018-2813
  CVE-2018-2816
  CVE-2018-2817
  CVE-2018-2818
  CVE-2018-2819
  CVE-2018-2839
  CVE-2018-2846
  CVE-2018-3054
  CVE-2018-3056
  CVE-2018-3058
  CVE-2018-3060
  CVE-2018-3061
  CVE-2018-3062
  CVE-2018-3064
  CVE-2018-3065
  CVE-2018-3066
  CVE-2018-3070
  CVE-2018-3071
  CVE-2018-3077
  CVE-2018-3081
  CVE-2018-3133
  CVE-2018-3143
  CVE-2018-3144
  CVE-2018-3155
  CVE-2018-3156
  CVE-2018-3161
  CVE-2018-3162
  CVE-2018-3171
  CVE-2018-3173
  CVE-2018-3174
  CVE-2018-3185
  CVE-2018-3187
  CVE-2018-3200
  CVE-2018-3247
  CVE-2018-3251
  CVE-2018-3276
  CVE-2018-3277
  CVE-2018-3278
  CVE-2018-3282
  CVE-2018-3283
  CVE-2018-3284
  CVE-2019-14775
  CVE-2019-2911
  CVE-2019-2914
  CVE-2019-2920
  CVE-2019-2922
  CVE-2019-2923
  CVE-2019-2924
  CVE-2019-2938
  CVE-2019-2946
  CVE-2019-2948
  CVE-2019-2950
  CVE-2019-2957
  CVE-2019-2960
  CVE-2019-2963
  CVE-2019-2966
  CVE-2019-2967
  CVE-2019-2968
  CVE-2019-2969
  CVE-2019-2974
  CVE-2019-2982
  CVE-2019-2991
  CVE-2019-2993
  CVE-2019-2997
  CVE-2019-2998
  CVE-2019-3003
  CVE-2019-3004
  CVE-2019-3009
  CVE-2019-3011
  CVE-2019-3018
  CVE-2020-14539
  CVE-2020-14540
  CVE-2020-14547
  CVE-2020-14550
  CVE-2020-14553
  CVE-2020-14559
  CVE-2020-14568
  CVE-2020-14575
  CVE-2020-14576
  CVE-2020-14586
  CVE-2020-14591
  CVE-2020-14597
  CVE-2020-14619
  CVE-2020-14620
  CVE-2020-14623
  CVE-2020-14624
  CVE-2020-14631
  CVE-2020-14632
  CVE-2020-14633
  CVE-2020-14634
  CVE-2020-14641
  CVE-2020-14643
  CVE-2020-14651
  CVE-2020-14654
  CVE-2020-14656
  CVE-2020-14663
  CVE-2020-14672
  CVE-2020-14678
  CVE-2020-14680
  CVE-2020-14697
  CVE-2020-14702
  CVE-2020-14765
  CVE-2020-14769
  CVE-2020-14771
  CVE-2020-14773
  CVE-2020-14775
  CVE-2020-14776
  CVE-2020-14777
  CVE-2020-14785
  CVE-2020-14786
  CVE-2020-14789
  CVE-2020-14790
  CVE-2020-14791
  CVE-2020-14793
  CVE-2020-14794
  CVE-2020-14800
  CVE-2020-14804
  CVE-2020-14809
  CVE-2020-14812
  CVE-2020-14814
  CVE-2020-14821
  CVE-2020-14827
  CVE-2020-14828
  CVE-2020-14829
  CVE-2020-14830
  CVE-2020-14836
  CVE-2020-14837
  CVE-2020-14838
  CVE-2020-14839
  CVE-2020-14844
  CVE-2020-14845
  CVE-2020-14846
  CVE-2020-14848
  CVE-2020-14852
  CVE-2020-14853
  CVE-2020-14860
  CVE-2020-14861
  CVE-2020-14866
  CVE-2020-14867
  CVE-2020-14868
  CVE-2020-14869
  CVE-2020-14870
  CVE-2020-14873
  CVE-2020-14878
  CVE-2020-14888
  CVE-2020-14891
  CVE-2020-14893
  CVE-2020-2570
  CVE-2020-2572
  CVE-2020-2573
  CVE-2020-2574
  CVE-2020-2577
  CVE-2020-2579
  CVE-2020-2584
  CVE-2020-2588
  CVE-2020-2589
  CVE-2020-2627
  CVE-2020-2660
  CVE-2020-2679
  CVE-2020-2686
  CVE-2020-2694
  CVE-2020-2759
  CVE-2020-2760
  CVE-2020-2762
  CVE-2020-2763
  CVE-2020-2765
  CVE-2020-2780
  CVE-2020-2804
  CVE-2020-2812
  CVE-2020-2892
  CVE-2020-2893
  CVE-2020-2895
  CVE-2020-2896
  CVE-2020-2897
  CVE-2020-2898
  CVE-2020-2901
  CVE-2020-2903
  CVE-2020-2904
  CVE-2020-2921
  CVE-2020-2923
  CVE-2020-2924
  CVE-2020-2925
  CVE-2020-2926
  CVE-2020-2928
  CVE-2020-2930
  CVE-2021-2002
  CVE-2021-2010
  CVE-2021-2011
  CVE-2021-2021
  CVE-2021-2022
  CVE-2021-2024
  CVE-2021-2031
  CVE-2021-2032
  CVE-2021-2036
  CVE-2021-2038
  CVE-2021-2046
  CVE-2021-2048
  CVE-2021-2056
  CVE-2021-2058
  CVE-2021-2060
  CVE-2021-2061
  CVE-2021-2065
  CVE-2021-2070
  CVE-2021-2072
  CVE-2021-2076
  CVE-2021-2081
  CVE-2021-2087
  CVE-2021-2088
  CVE-2021-2122
  CVE-2021-2146
  CVE-2021-2162
  CVE-2021-2164
  CVE-2021-2166
  CVE-2021-2169
  CVE-2021-2170
  CVE-2021-2171
  CVE-2021-2172
  CVE-2021-2179
  CVE-2021-2180
  CVE-2021-2193
  CVE-2021-2194
  CVE-2021-2196
  CVE-2021-2201
  CVE-2021-2203
  CVE-2021-2208
  CVE-2021-2212
  CVE-2021-2215
  CVE-2021-2217
  CVE-2021-2226
  CVE-2021-2230
  CVE-2021-2232
  CVE-2021-2278
  CVE-2021-2293
  CVE-2021-2298
  CVE-2021-2299
  CVE-2021-2300
  CVE-2021-2301
  CVE-2021-2304
  CVE-2021-2305
  CVE-2021-2307
  CVE-2021-2308
  CVE-2021-2339
  CVE-2021-2340
  CVE-2021-2342
  CVE-2021-2352
  CVE-2021-2354
  CVE-2021-2356
  CVE-2021-2357
  CVE-2021-2367
  CVE-2021-2370
  CVE-2021-2372
  CVE-2021-2374
  CVE-2021-2383
  CVE-2021-2384
  CVE-2021-2385
  CVE-2021-2387
  CVE-2021-2389
  CVE-2021-2390
  CVE-2021-2399
  CVE-2021-2402
  CVE-2021-2410
  CVE-2021-2417
  CVE-2021-2418
  CVE-2021-2422
  CVE-2021-2424
  CVE-2021-2425
  CVE-2021-2426
  CVE-2021-2427
  CVE-2021-2429
  CVE-2021-2437
  CVE-2021-2440
  CVE-2021-2441
  CVE-2021-2478
  CVE-2021-2479
  CVE-2021-2481
  CVE-2021-35546
  CVE-2021-35575
  CVE-2021-35577
  CVE-2021-35584
  CVE-2021-35591
  CVE-2021-35596
  CVE-2021-35597
  CVE-2021-35602
  CVE-2021-35604
  CVE-2021-35607
  CVE-2021-35608
  CVE-2021-35610
  CVE-2021-35612
  CVE-2021-35613
  CVE-2021-35622
  CVE-2021-35623
  CVE-2021-35624
  CVE-2021-35625
  CVE-2021-35626
  CVE-2021-35627
  CVE-2021-35628
  CVE-2021-35630
  CVE-2021-35631
  CVE-2021-35632
  CVE-2021-35633
  CVE-2021-35634
  CVE-2021-35635
  CVE-2021-35636
  CVE-2021-35637
  CVE-2021-35638
  CVE-2021-35639
  CVE-2021-35640
  CVE-2021-35641
  CVE-2021-35642
  CVE-2021-35643
  CVE-2021-35644
  CVE-2021-35645
  CVE-2021-35646
  CVE-2021-35647
  CVE-2021-35648
  CVE-2022-21245
  CVE-2022-21249
  CVE-2022-21253
  CVE-2022-21254
  CVE-2022-21256
  CVE-2022-21264
  CVE-2022-21265
  CVE-2022-21270
  CVE-2022-21301
  CVE-2022-21302
  CVE-2022-21303
  CVE-2022-21304
  CVE-2022-21339
  CVE-2022-21342
  CVE-2022-21344
  CVE-2022-21348
  CVE-2022-21351
  CVE-2022-21358
  CVE-2022-21362
  CVE-2022-21367
  CVE-2022-21368
  CVE-2022-21370
  CVE-2022-21372
  CVE-2022-21374
  CVE-2022-21378
  CVE-2022-21379
  CVE-2022-21412
  CVE-2022-21413
  CVE-2022-21414
  CVE-2022-21415
  CVE-2022-21417
  CVE-2022-21418
  CVE-2022-21423
  CVE-2022-21425
  CVE-2022-21427
  CVE-2022-21435
  CVE-2022-21436
  CVE-2022-21437
  CVE-2022-21438
  CVE-2022-21440
  CVE-2022-21444
  CVE-2022-21451
  CVE-2022-21452
  CVE-2022-21454
  CVE-2022-21457
  CVE-2022-21459
  CVE-2022-21460
  CVE-2022-21462
  CVE-2022-21478
ncurses: CVE-2019-17594
  CVE-2019-17595
net-snmp: CVE-2018-18065
  CVE-2019-20892
  CVE-2020-15861
  CVE-2020-15862
nettle: CVE-2021-20305
  CVE-2021-3580
nfs-utils: CVE-2019-3689
nghttp2: CVE-2018-1000168
nginx: CVE-2019-9511
  CVE-2019-9513
  CVE-2019-9516
  CVE-2020-11724
  CVE-2020-36309
  CVE-2021-23017
  CVE-2021-3618
nss: CVE-2018-12384
  CVE-2018-18508
  CVE-2019-11719
  CVE-2019-11727
  CVE-2019-11745
  CVE-2019-17023
  CVE-2020-12399
  CVE-2020-12400
  CVE-2020-12401
  CVE-2020-12402
  CVE-2020-12403
  CVE-2020-25648
  CVE-2020-6829
  CVE-2021-43527
ntp: CVE-2016-1549
  CVE-2018-7170
  CVE-2018-7182
  CVE-2018-7183
  CVE-2018-7184
  CVE-2018-7185
  CVE-2019-8936
opencv: CVE-2016-1516
  CVE-2016-1517
  CVE-2017-1000450
  CVE-2017-12597
  CVE-2017-12598
  CVE-2017-12599
  CVE-2017-12600
  CVE-2017-12601
  CVE-2017-12602
  CVE-2017-12603
  CVE-2017-12604
  CVE-2017-12605
  CVE-2017-12606
  CVE-2017-12862
  CVE-2017-12863
  CVE-2017-12864
  CVE-2017-14136
  CVE-2017-17760
  CVE-2017-18009
  CVE-2018-5268
  CVE-2018-5269
openldap: CVE-2019-13057
  CVE-2019-13565
  CVE-2020-12243
  CVE-2020-25692
  CVE-2020-25709
  CVE-2020-25710
  CVE-2020-36221
  CVE-2020-36222
  CVE-2020-36223
  CVE-2020-36224
  CVE-2020-36225
  CVE-2020-36226
  CVE-2020-36227
  CVE-2020-36228
  CVE-2020-36229
  CVE-2020-36230
  CVE-2021-27212
  CVE-2022-29155
openssh: CVE-2018-15473
  CVE-2018-20685
  CVE-2019-6109
  CVE-2019-6111
  CVE-2021-28041
openssl: CVE-2018-0732
  CVE-2018-0734
  CVE-2018-0735
  CVE-2018-0737
  CVE-2019-1543
  CVE-2019-1547
  CVE-2019-1549
  CVE-2019-1551
  CVE-2019-1563
  CVE-2020-1967
  CVE-2020-1971
  CVE-2021-23840
  CVE-2021-23841
  CVE-2021-3449
  CVE-2021-3711
  CVE-2021-3712
  CVE-2022-0778
  CVE-2022-1292
p11-kit: CVE-2020-29361
  CVE-2020-29362
  CVE-2020-29363
pam: CVE-2009-0887
pango1.0: CVE-2011-0020
  CVE-2011-0064
  CVE-2019-1010238
patch: CVE-2018-1000156
  CVE-2019-13636
  CVE-2019-13638
pcre3: CVE-2019-20838
  CVE-2020-14155
perl: CVE-2018-12015
  CVE-2018-18311
  CVE-2018-18312
  CVE-2020-10543
  CVE-2020-10878
  CVE-2020-12723
php-pear: CVE-2020-2894
  CVE-2020-28948
  CVE-2020-28949
  CVE-2020-36193
  CVE-2021-32610
postgresql-10: CVE-2018-1058
  CVE-2020-14349
  CVE-2020-14350
  CVE-2020-1720
  CVE-2020-25694
  CVE-2020-25695
  CVE-2020-25696
  CVE-2021-23214
  CVE-2021-23222
  CVE-2021-32027
  CVE-2021-32028
  CVE-2021-32029
  CVE-2021-3393
  CVE-2021-3449
  CVE-2022-1552
postgresql-common: CVE-2019-3466
procps: CVE-2017-18078
  CVE-2018-1123
  CVE-2018-1124
  CVE-2018-1125
  CVE-2018-1126
python-babel: CVE-2021-20095
python-crypto: CVE-2018-6594
python-cryptography: CVE-2018-10903
  CVE-2020-25659
python-urllib3: CVE-2019-11236
  CVE-2020-26137
python2.7: CVE-2013-1752
  CVE-2018-1000802
  CVE-2018-14647
  CVE-2019-16056
  CVE-2019-17514
  CVE-2019-18348
  CVE-2019-20907
  CVE-2019-5010
  CVE-2019-9636
  CVE-2019-9674
  CVE-2019-9948
  CVE-2020-26116
  CVE-2020-8492
  CVE-2021-3177
pyyaml: CVE-2020-14343
  CVE-2020-1747
qtbase-opensource-src: CVE-2015-9541
  CVE-2018-15518
  CVE-2018-19870
  CVE-2018-19873
  CVE-2020-0569
  CVE-2020-0570
  CVE-2021-38593
rabbitmq-server: CVE-2016-9877
  CVE-2017-4965
  CVE-2017-4966
  CVE-2017-4967
  CVE-2021-22116
redis: CVE-2018-11218
  CVE-2018-11219
  CVE-2022-0543
requests: CVE-2018-18074
rpcbind: CVE-2015-7236
  CVE-2017-8779
rsync: CVE-2018-25032
  CVE-2018-5764
samba: CVE-2016-2124
  CVE-2018-1050
  CVE-2018-1057
  CVE-2018-10858
  CVE-2018-10918
  CVE-2018-10919
  CVE-2018-1139
  CVE-2018-1140
  CVE-2018-14629
  CVE-2018-16841
  CVE-2018-16851
  CVE-2018-16852
  CVE-2018-16853
  CVE-2018-16857
  CVE-2018-16860
  CVE-2019-10197
  CVE-2019-10218
  CVE-2019-12435
  CVE-2019-12436
  CVE-2019-14833
  CVE-2019-14861
  CVE-2019-14870
  CVE-2019-14902
  CVE-2019-14907
  CVE-2019-19344
  CVE-2019-3870
  CVE-2019-3880
  CVE-2020-10700
  CVE-2020-10704
  CVE-2020-10730
  CVE-2020-10745
  CVE-2020-10760
  CVE-2020-14303
  CVE-2020-14318
  CVE-2020-14323
  CVE-2020-14383
  CVE-2020-1472
  CVE-2020-25717
  CVE-2020-25718
  CVE-2020-25719
  CVE-2020-25721
  CVE-2020-25722
  CVE-2021-20254
  CVE-2021-23192
  CVE-2021-3738
  CVE-2021-43566
  CVE-2021-44142
  CVE-2022-0336
screen: CVE-2021-26937
smarty3: CVE-2009-5052
  CVE-2009-5053
  CVE-2017-1000480
  CVE-2018-16831
sqlite3: CVE-2018-8740
  CVE-2019-19242
  CVE-2019-19244
  CVE-2019-19603
  CVE-2019-19645
  CVE-2019-19880
  CVE-2019-19923
  CVE-2019-19924
  CVE-2019-19925
  CVE-2019-5018
  CVE-2019-5827
  CVE-2019-8457
  CVE-2019-9936
  CVE-2019-9937
  CVE-2020-11655
  CVE-2020-13434
  CVE-2020-13435
  CVE-2020-13630
  CVE-2020-13631
  CVE-2020-13632
  CVE-2020-15358
  CVE-2020-9327
  CVE-2021-36690
strongswan: CVE-2014-9221
  CVE-2015-8023
  CVE-2018-10811
  CVE-2018-16151
  CVE-2018-16152
  CVE-2018-17540
  CVE-2018-5388
  CVE-2021-41990
  CVE-2021-41991
  CVE-2021-45079
sudo: CVE-2019-14287
  CVE-2021-23239
  CVE-2021-3156
sysstat: CVE-2018-19416
  CVE-2018-19517
  CVE-2019-16167
  CVE-2019-19725
systemd: CVE-2018-15686
  CVE-2018-15687
  CVE-2018-15688
  CVE-2018-16864
  CVE-2018-16865
  CVE-2018-20839
  CVE-2018-6954
  CVE-2019-15718
  CVE-2019-3842
  CVE-2019-3843
  CVE-2019-3844
  CVE-2019-6454
  CVE-2020-13529
  CVE-2020-1712
  CVE-2021-33910
  CVE-2021-3997
tar: CVE-2018-20482
  CVE-2019-9923
  CVE-2021-20193
tcpdump: CVE-2017-16808
  CVE-2018-16301
  CVE-2020-8037
tiff: CVE-2018-10963
  CVE-2018-12900
  CVE-2018-17000
  CVE-2018-17100
  CVE-2018-17101
  CVE-2018-18557
  CVE-2018-18661
  CVE-2018-19210
  CVE-2018-8905
  CVE-2019-14973
  CVE-2019-6128
  CVE-2020-19143
  CVE-2020-35522
  CVE-2020-35523
  CVE-2020-35524
  CVE-2022-0561
  CVE-2022-0562
  CVE-2022-0865
  CVE-2022-0891
util-linux: CVE-2018-7738
  CVE-2021-3995
  CVE-2021-3996
vim: CVE-2019-12735
  CVE-2021-3770
  CVE-2021-3778
  CVE-2021-3796
  CVE-2021-3872
  CVE-2021-3903
  CVE-2021-3927
  CVE-2021-3928
  CVE-2021-3974
  CVE-2021-3984
  CVE-2021-4019
  CVE-2021-4069
walinuxagent: CVE-2019-0804
wget: CVE-2018-0494
  CVE-2018-20483
  CVE-2019-5953
xfsprogs: CVE-2012-2150
xz-utils: CVE-2022-1271
zlib: CVE-2018-25032

Known issues

The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.

Table 4: General known issues
Known Issue

Caution:

After upgrading to version 7.0 LTS, SPS requires a new license. To avoid possible downtimes due to certain features not being available, before starting the upgrade, ensure that you have a valid SPS license for 7.0 LTS.

Upgrade as follows:

  1. Perform the upgrade to 7.0 LTS with your current license.

  2. Update your SPS license to 7.0 LTS.

For a new SPS license for 7.0 LTS, contact our Licensing Team.

TLS version 1.3 is not supported when using the inWebo, Okta or One Identity Starling 2FA plugins. To ensure that TLS 1.2 is used by SPS during negotiation, specify the minimum and maximum TLS version as follows:

  • For the minimum TLS version, select TLS version 1.2.

  • For the maximum TLS version, select TLS version 1.3.

For more information, see "Verifying certificates with Certificate Authorities using trust stores" in the Administration Guide.

The accuracy of replaying audit trails in Asian languages (Traditional Chinese, Korean) has been enhanced. Due to this change, when upgrading SPS to version 6.11.0, all your sessions will be reindexed, and while reindexing is in progress, your sessions on the Search interface are incomplete. For this reason, plan your upgrade to SPS 6.11.0 accordingly.

Report generation may fail if a report subchapter references a connection policy that has been deleted previously.

SPS can create reports giving detailed information about connections of every connection policy. For this, the user can add connection subchapters in the Report Configuration Wizard, under Reporting > Create & Manage Reports.

For a successful report generation, the referenced connection policy must exist on the appliance. However, when deleting a connection policy that is referenced as a connection subchapter, the user is not warned that the report subchapter must be removed, otherwise the subsequent report generation will fail.

This affects scheduled report generation as well.

System requirements

Before installing SPS 7.0 LTS, ensure that your system meets the following minimum hardware and software requirements.

The One Identity Safeguard for Privileged Sessions Appliance is built specifically for use only with the One Identity Safeguard for Privileged Sessions software that is already installed and ready for immediate use. It comes hardened to ensure the system is secure at the hardware, operating system, and software levels.

For the requirements about installing One Identity Safeguard for Privileged Sessions as a virtual appliance, see one of the following documents:

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択