[3.27] Patch - May 19, 2021

This release is superseded by July 6, 2021 release

This release note provides an overview of the resolved issues in the Fortanix Data Security Manager (DSM) 3.27 patch release.

WARNING
  • If the Fortanix DSM cluster is not running the 3.27 version, then it is recommended to upgrade to Fortanix DSM 4.0 version to avoid the issue documented in the “Known Issues” section below.
  • AWS/VMware: If the Fortanix DSM cluster is running an old version of 3.27, then the upgrade to 4.0 will fail. Hence, it is mandatory to upgrade to the latest 3.27 patch - July 6, 2021 (3.27.1470-1987) before upgrading to the Fortanix DSM 4.0 version. If the cluster is running the 3.25 version, then upgrade to 4.0 can be done without upgrading to the latest 3.27 patch (3.27.1470-1987).
  • Onprem/Azure: If the cluster is running Fortanix DSM 3.25 or 3.27 version, you can directly upgrade to 4.0 (upgrade to the latest 3.27 patch [3.27.1460-1989] is not necessary). But if you are upgrading to the Fortanix DSM 3.27 version and if attestation is enabled in the cluster, then only the latest 3.27 patch - July 6, 2021 (3.27.1460-1989) will work post-July-13th, 2021.

1. Bug Fixes

  • Increases heap size to avoid the probability of backend panic (JIRA: PROD-3354)
  • Resolves basic authorization backward-compatibility issue (JIRA: PROD-3355)
  • Resolves a few plugin-related deadlocks (JIRA: PROD-3372)
  • Backup goes back to snapshot as default - should provide consistent backup time/size (JIRA: DEVOPS-1308 and JIRA: DEVOPS-1368)
    • The backup will not backup unnecessary session tables (consistent backup size).
    • The backup will optionally provide a way to avoid audit-log in the backup.
    • Optionally, cqlsh backup is available for customers that do not have fully replicated Cassandra.

For all other previously resolved issues as well as enhancements and improvements in the Fortanix Data Security Manager for 3.27, refer to the Apr 16, 2021 release notes.

2. Known Issues

This release introduces a change that fails the API requests if the request is made to the Fortanix DSM endpoint with a trailing slash '/'. For example: https://sdkms.fortanix.com//sys/v1/session/auth (JIRA: PROD-3326).

On the application side please make sure that the Fortanix DSM API endpoint does not end with an extra slash, that is, it should not be https://sdkms.fortanix.com/, rather should be https://sdkms.fortanix.com

Since this is a backward-incompatible change for existing applications, we have reverted the behavior in the latest Fortanix DSM 4.0 release.

3. Installation

To download the DSM SGX (on-prem/Azure) and Software (AWS/Azure/VMWare) packages, click here.

Comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful