Please Read: Before starting the Control Center upgrade/uninstall process, you must backup the entire "conf" directory found under Control Center install location. Please follow the steps below before upgrading: The following instructions apply to maintenance upgrades. 1. Stop Control Center engine If you are upgrading from a pre-6.1.2.1 release to 6.2.0.0 (i.e. upgrading FROM 5.4.2.2 through 6.1.2.0 TO 6.2.0.0), the initial upgrade to 6.2.0.0 cannot be a rolling upgrade. You must bring down all EPs and upgrade each EP to 6.2.0.0 before starting any of the EPs again. All EPs must be in sync for the initial upgrade to 6.2.0.0, before being started. After the initial upgrade to 6.2.0.0, you may resume with rolling upgrades (eg. 6.2.0.0 to 6.2.0.0 iFix01), where one EP is brought down at a time, upgraded, then restarted. 2. Back up the existing configuration data: If upgrading from 5.4.2.2 or prior, back up \conf directory found under Control Center install location. Backup your Control Center database. If upgrading from 6.0.0.0 or later, run exportConfig.sh/bat under \bin. The script creates a folder with all of the configuration data from the database and the conf folder. The location of this folder is conf-exported/{date_time}/conf. As per your need, for recovery purpopse, backup your existing Control Center database. 3. Proceed normally with installing the latest version of Control Center in original . (The installer would automatically un-install the previous version - but all of the configuration data will still be there). 4. Run configCC.sh 5. Start the Control Center engine. 6. Ensure the engine starts, and a user can login to the Control Center web console and access the links in the hamburger menu, including "Launch Classic Console". -------------------------------------------- 6.2.0.0 iFix03 (Released 10/29/2020) 1. CC-3928 (2020-10-19) Description of issue: New CCM only install with Oracle DB throws exception in configCC: ERROR DeploymentJobMonitor - java.sql.SQLException: ORA-01003: no statement parsed. Description of fix: Added guard code to check for a null value to prevent the exception. 2. LS-40 (2020-10-19) Description of issue: Upgrade from CCM 613 shows CD servers with out address or port. Description of fix: Set hostname and port of CD server on upgrade. 3. CC-3971: (2020-10-19) Description of issue: Update Status count is not corrected on CCD dashboard. Description of fix: Corrected code to update status counts. 4. CCP-16878 (2020-10-20) Description of issue: When filtering based on Event Return Code under MQMFT FIle Transfer Report, it never comes with return codes as 40. We can see the return codes coming as 0,1,2 and 8 instead of standard MQ FTE return codes like 20,40, etc. Return code 40 means transfer fails and none of the files specified transferred. But in this report we show data of only successful transfer. So we won't be able to show return code 40 in the report. Description of fix: Removed return code filter from the MQMFT Report. 5. CC-4005 (2020-10-21) Description of issue: Enhancement to add source file to Connec:Direct Process Details report. Description of fix: Added new column "Source File Name" to the report. 6. CC-3800 (2020-10-21) Description of issue: NullPointerException in engine.log when CD Unix does nightly statistics archiving. Description of fix: Added guard code to check for a null value to prevent the exception. 7. CC-4043 (2020-10-22) Description of issue: User created on CCD 1.2 installation is not getting logged in after upgrading to 6.2 ifix01/02. Description of fix: Corrected logic to allow users login after upgrade. 8. CC-4040 (2020-10-22) Description of issue: Account lock message is not displayed when trying to reset password from CCD user details page for user having account locked. Description of fix: Corrected logic to display error message: "AUTH005E: Account is locked". 9. CC-4072 (2020-10-22) Description of issue: C:D server node name should be limited to a length of 16 on the "Overrides for Individual Servers" screen. Description of fix: Corrected "Node Name" input field edit check to allow a max length of 16. 10. IT34725/MFT-11516/TS004361714 (2020-10-25) Description of issue: Control Center Director Engine Startup failed after CCD was upgraded from 1.0.0.2 to the latest 6.2. The engine fails to start with a java exception due to the C:D server Name or Alias name too long (i.e. length greater than 16). Description of fix: Made changes to prevent installed CD server node names chosen by ICC from being too long. 11. CC-4075 (2020-10-25) Description of issue: On servers's create form (i.e. Add C:D Server >> Server Name / Alias Name), limit length of name field to 25 characters. Description of fix: Changed input max length check to 25. 12. CC-4022/CC-4065 (2020-10-27) Description of issue: CCD-New CD Win install package - DB password is specified but says that password is required with error meesage: "NWIN004E: Database password is mandatory for Windows OS". Description of fix: Corrected input field edit for "DB Password". 13. CC-4067 (2020-10-27) Description of issue: CCD Server list view - "Node name" column is incorrect. It should be changed to "Server Alias/Name". Description of fix: Changed column name. -------------------------------------------- 6.2.0.0 iFix02 (Released 10/16/2020) 1. CC-4031 (2020-10-16) Description of issue: [CCD] License information is not displayed for Connect:Direct z/OS servers in the "License" tab. Description of fix: Corrected logic which retrieves the license information for display. 2. CC-3985 (2020-10-16) Description of issue: [CCD] Multi-select delete does not delete all the archived packages. Description of fix: Made modifications to disable overflow menus when one or more rows are selected on listng pages. 3. CC-4059 (2020-10-16) Description of issue: Cold start flag is erroneously set in runEngine.sh script, causing loss of data at engine start (i.e. runEngine.sh behaves same as runEngineCold.sh). Description of fix: Removed property -DCOLD_START=true from runEngine.sh. This issue/fix applies to AIX/Linux/zLinux installations. Windows is not affected by this. -------------------------------------------- 6.2.0.0 iFix01 (Released 10/15/2020) 1. CC3505 (2020-09-18) Description of issue: Jetty webserver version is returned in response headers. This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Jetty. Description of fix: Setting property jetty.httpConfig.sendServerVersion=false in start.ini for hiding server the version. 2. IT34297/MFT-11373/TS004107066 (2020-09-22) Description of issue: Getting out of memory error on all but the CEP when adding multiple servers via batch creation utility. Also found that when initiating startHtmlAdaptor on command line, control is not returned, and CTRL-C doesn't break out of the command. Description of fix: As servers are added, the built in server groups are also updated appropriately. When 1000s of servers already exist, and 100s more are added quickly, the previous logic would keep the before and after server groups as servers are added, for each server added, in memory. With this fix, only one, before and after server group will be in memory at a time now. Also, for the startHtmlAdaptor problem, a System.exit() was added to the logic, and control is now returned when it completes. 3. CC-3729 (2020-09-22) Description of issue: Inconsistent password restrictions between config.bat/sh rules and Web UI change password rules. Description of fix: Set the same the same restrictions in config as are defaulted to in the Web UI. 4. CC-3896 (2020-09-22) Description of issue: SynchObject time for CD Configobjects has value "never" but NodeConfigService logic only accepts "NEVER". The system was creating a bunch of jobs to run to refresh servers for monitored C:D servers despite the fact that the synch time was set to "never". The engine.log display the following: "Unable to calculate delay before next SynchOjbectsTask" Description of fix: Changed the comparison to be case insensitive (i.e. NEVER, never, NevEr, etc, are all treated the same). 5. CC-3832 (2020-09-23) Description of issue: Server Inventory report from swing connect to different EPs, it only shows certain data for Servers that are monitored by that EP. otherwise data is blank or defaults to a value. Server Type, Node Name, Monitor, Configure, License Push and perhaps other fields are affected. Description of fix: Made changes to obtain the missing data for servers monitored by all EPs. 6. CC-3624 (2020-09-23) Description of issue: In the Swing UI, Functional Auth properties, the Admin field selection is not set. Since there is no explicit field name 'admin' in CD Windows, this field should not be displayed for CD Windows functional authorities. Whether the user selects any option or not, it still works. Description of fix: Disabled the Admin radio button on the Windows Functional Authority Properties. 7. CC-3781 (2020-09-24) Description of issue: Saved report listing in Web UI should be sorted by name, same as in the classic console. Description of fix: Corrected the web UI saved reports sort order. 8. CC-3860 (2020-09-25) Description of issue: Not able to run engine after enabling user key. Description of fix: Corrected userkey logic. 9. CC-3783 (2020-09-28) Description of issue: Blank row displaying at the end of Monthly File report which does not contain any data Description of fix: Removed erroneous blank row. 10. CC-3861 (2020-09-28) Description of issue: Error in partitioning of AUDIT_LOG with DB2 if DB2 database is 1 date ahead of current system database Description of fix: Corrected AUDIT_LOG partition logic which calclates the minimum partition date. 11. CC-3882 (2020-09-28) Description of issue: Error running config.sh when upgrading from 6.1.3 with DB2 10.x database. The resulting SQL error in ccinstall.log follows: Error code : InstallErrorCodeList.4008 / Error : DB2 SQL Error: SQLCODE=-440, SQLSTATE=42884, SQLERRMC=CHARACTER_LENGTH;FUNCTION, DRIVER=4.19.49 Description of fix: Made a SQL statement correction to upgrade script cc6020000_configCC_db2_changes.sql 12. IT34057/MFT-11393/TS004094974 (2020-09-28) Description of issue: Automated and scheduled reports do not run after upgrade to 6130. The following error message is written to the engine.log: "dd yyyy hh:mm:ss,nnn nnnnnnnnn [DefaultQuartzScheduler_Worker-10] WARN CCObject - File /rep.xml must be available and writable. Error message is: /rep.xml (Read-only file system)." Where: = home directory of the user who executed runEngine.bat|sh. Control Center writes temp file rep.xml to user.home when automated/scheduled reports are run. In this particular case, the customer had a requirement that the user's home directory (user.home) be read-only. Description of fix: Created a new optional property in /conf/InstallationInfo.properties to change user.home to a different (writeable) location: CCENTER_USER_HOME=. Example: CCENTER_USER_HOME=/data/control-center/user-home 13. CC-3881 (2020-09-29) Description of issue: Automated report in PDF format is truncated when there is a lot of data. Description of fix: Corrected report by allowing long rows to wrap instead of being truncated. 14. CC-3623 (2020-10-01) Description of issue: EP detail view in WEB UI shows a Cognos entry for report recovery time. Description of fix: Remove display of Cognos entry. 15. CCP-14679 (2020-10-01) Description of issue: Support for CDU initparm instance.id. Description of fix: Update tables for new initparm. 16. CC-3631 (2020-10-08) Description of issue: Alert count does not match alerts displayed. Description of fix: Include SLC generated alerts and update tab to show alert count is active plus handled. 17. CC-4021 (2020-10-09) Description of issue: There are two issues fixed for this defect. The CEP doesn't always cancel temporary server reassignments at startup, leaving servers temporarily reassigned away from the CEP even though they should not be, AND under certain circumstances monitored servers may be errouneously deleted when the CEP sees an EP starting that was previously down. If the database contains two servers with the same name, one logically deleted, and one not, and the server that was logically deleted was assigned to the EP just starting, the CEP errouneously reassigns the deleted server back to its EP, and that EP will attempt to delete it (again), causing the monitored server with that same name to be deleted from the system instead. Description of fix: For the first problem, fixed the logic at startup to ensure the CEP knows it is the CEP at startup, so temporarly server reassignments are always cancelled. For the second problem, fixed the queries used to ascertain servers to be reassigned to exclude logically deleted servers. 18. CC-3987 (2020-10-09) Description of issue: Bootstrap Certificate Validity field allows to specify the value up to 600 even though it is limited to 90 days (in CCD Server Default Settings), Description of fix: Corrected the validation logic to allow the max of 90 days. 19. CC-4025 (2020-10-09) Description if issue: Selected Data Visibility Group Count mismatch Description of fix: Corrected DVG count. 20. CC-4017 (2020-10-09) ???? maybe removed this from fix list ???? Description of issue: Packages filter height issue for diff resloution css fix Description of fix: 21. CC-4029 (2020-10-10) Description of issue: Swing console node tree not updated when servers are created or deleted. A problem was introduced with the fix for MFT-11373 ICC EP stopped monitoring the servers on CEP. The issue was caused by a change to the ServerGroupMgr updateServerGroup. Whenever this update is driven by a cluster event, an NPE occurs, causing, among other things, the update to the server group event to not be broadcast to Swing consoles. Description of fix: Corrected logic to perform the update for non-cluster events only. 22. LS-34 (2020-10-11) Description of issue: “Server Inventory Report” returns no servers even though many servers are defined. Description of fix: Corrected the filtering logic to properly display servers based on filter values. 23. LS-26 (2020-10-12) Description of issue: Not all messsage ID's are shown when creating a rule in Rule in the "IBM Control Center Message Lookup" screen. The last two lines displayed in the truncated list are "CXML009E" and "Environment". Description of fix: Corrected rule create logic to properly display all rule messages in the selection list. -------------------------------------------- ************************************************************************************************* All fix items listed ABOVE represent fixes made after 6.2.0.0 GA (i.e. 6.2.0.0 iFix01 and later). All fix items listed BELOW represent fixes included in 6.2.0.0 GA. ************************************************************************************************* -------------------------------------------- 6.2.0.0 (Released 09/18/2020) The following represent 6.1.3.0 iFixes included in 6.2.0.0 GA base release 6.1.3.0 iFix03 (Released 09/21/2020) 1. IT33567/MFT-11256/TS003891769 (2020-07-15) Description of issue: WLP (Websphere Liberty) encoded passwords (i.e. keystore/truststore/database) are written to the engine.log These encoded passwords should be masked. Description of fix: Changed the log display to mask the password. Before and After examples follow: Before fix: [StreamConsumerThread - ] INFO StreamConsumer - OUT-->{xor}Lz4sLCgwLTs= After fix: [StreamConsumerThread - ] INFO StreamConsumer - OUT-->{xor}************ 2. IT33545/MFT-11276/TS003927367 (2020-07-20) Description of issue: Problems upgrading to Control Center 6.1.3.0. Not recognizing EP already in CC_SERVER and adding new one and then ICC does not start. Description of fix: Logic that handles ensuring EP in CC_SERVER correctly refactored. 3. IT33623/MFT-11277/TS003911941 (2020-07-21) Description of issue: Null Pointer Exception occurring during refresh of Connect:Direct File Agent data in CC_SERVER_COMPONENT table. Description of fix: Fixed logic that didn't handle Connect:Direct servers that did not have file agents associated with them so the null pointer exception would no longer occur. 4. LS-21 (2020-07-22) Description of issue: It was determined in some cases that Control Center was listening on IPv6 addresses. This causes various problems. Currently, only IPv4 adddresses are supported in Control Center. Description of fix: Set a system property during application startup to ensure Control Center listens on IPv4 addresses (i.e. -Djava.net.preferIPv4Stack=true). 5. IT33623/MFT-11277/TS003911941 2020-07-28) Description of issue: When EPs are all restarted, some monitored servers are still temporarily reassigned. Description of fix: Added start up logic for the CEP to undo any temporary server reassignments. 6. IT34299/MFT-11272 (2020-07-29) Description of issue: Required commons-codec upgrade to address Apache Commons disclosure 177835 (CVSS 7.5). Description of fix: Upgraded to commons-code-1.14. 7. IT33623/MFT-11277/TS003911941 (2020-07-31) Description of issue: Exceptions occurring, and logged, by NodeServiceTableAdapter when updating servers - NodeServiceTableAdapter - Queue full. Description of fix: Changed logic to wait when the queue of servers to be updated is full. Note queue size can be increased via the Engine property UPDATE_SERVER_BUFFER_SIZE, which defaults to 500. 8. CC-3597 (2020-08-06) Description of issue: Unable to specify a port value less than 1024 when adding a B2Bi server to be monitored. Description of fix: Changed the validation logic to allow a port number as low as 1. 9. IT34300/MFT-11333 (2020-08-08) Description of issue: Required IBM JRE upgrade to address CVE-2020-14578 (CVSS 3.7) and CVE-2020-14579 (CVSS 3.7)in the Q3 2020 Java CPU. Description of fix: Upgraded from 8.0.6.10 to 8.0.6.15. 10. IT33876/MFT-11319/TS004013600(2020-08-12) Description of issue: Export of audit log to pdf fails with "java.lang.String cannot cast to java.lang.Boolean" (in classic console: Tools >> Audit Log >> Export List to PDF). Description of fix: Added code to catch the exception, allowing the export to complete. -------------------------------------------- 6.1.3.0 iFix02 (Released 07/08/2020) 1. IT32651/MFT-11059/TS003396613 (2020-4-29) Description of issue: Reoccuring "ORA-01000: maximum open cursors exceeded" errors and/or seeing high database cursor usage by ICC. Description of fix: Reduced cursor usage by changing two queries to no longer be cached. Also slightly altered the logic that logs when SQL exceptions occur to better log the SQL command value. 2. IT32611/MFT-11055/TS003575866 (2020-4-29) Description of issue: When ICC is far behind in monitoring SFG servers, perhaps because monitoring was paused, or ICC was down for an extended amount of time, it struggles to ever catch up. Description of fix: Made some small logic changes to address an inefficiency in queries initiated to retrieve "missing" arrived file route and delivery data. Altered the default engine property values for FG_RETRY_INTERVAL and FG_MAX_RETRIES. These properties control how often, and how frequently, ICC will request missing route and delivery data from SFG. Default for FG_RETRY_INTERVAL is now 2000. (A number of milliseconds.) Its default was 10000. Also, before, if the value specified was less than 60, ICC would instead use a much larger value. That's no longer the case. Default for FG_MAX_RETRIES is now 2. It was 10. Also, before the changes for this issue, even if FG_MAX_RETRIES were to be set to 0, ICC would have retried once anyway. That's no longer the case. Also, one new engine property was added - MAX_B2B_EVENT_AGE_IN_MINUTES_TO_LOOK_BACK_IN_DB_FOR. It's default is 64800, which equates to 45 days. This engine property tells ICC to not try to attempt to retrieve any missing arrived file route or delivery data for events that are older than the value specified, which would be 45 days if the default is not overridden. Finally, a small change was made to do a better job of logging SQL exceptions when they occur. 3. MFT-11093/TS003646841 (2020-4-29) Description of issue: When ICC is shutdown errors may fill up all log files from services that don't notice a shutdown is in progress. Description of fix: Logic added to ControllerMonitor, EventProcessorMonitor, ProcessSummaryService, ProcessSummaryWorker, ClusterEventMonitor, EnvironmentMonitor, and EventMonitor to watch for when ICC is shutting down and they now terminate their looping when that occurs. 4. IT32677/MFT-11085/TS003602851 (2020-4-29) Description of issue: When SSP adapters are assigned to multiple SSP engines ICC has problems handling their status. Description of fix: ICC logic updated to handle the situation where one SSP adapter may be assigned to more than one SSP engine. 5. IT32676/MFT-11047/TS003572480 (2020-4-29) Description of issue: Rules created or updated by the Swing console that have return code as a criteria process return code values as strings instead of as numeric values. Description of fix: Changed the Swing console logic that generates the rule match string to treat return code values as numerics instead of strings. Note treating return codes as strings in rules created or updated by the Swing console has occurred for > 10 years. Also, rules created or updated by the web console treat return code values as numerics. In case the original logic in the Swing console is still desired, an engine property was added, HANDLE_RULE_RETURNCODE_THE_ORIGINAL_WAY, whose default is false, and it may be set to true to get the original, albeit errant, behavior. 6. IT32909/MFT-11105/TS003635144 (2020-05-04) Description of issue: Customer ran configCC.sh specifying Oracle JDBC driver ojdbc8.jar after previously having configured using ojdbc7.jar. The following error resulted because both jars were now in the classpath: com.sterlingcommerce.scc.common.SCCException: CJDB014E Cannot create a new connection for URL jdbc:oracle:thin:[host:port:service]. Description of fix: Updated an internal list of database drivers to be excluded from the classpath to ensure only the current specified driver is added. 7. IT32808/MFT-11119/TS003623151 (2020-05-12) Description of issue: Changes introduced in 6130 caused CCTR034E and COSA028E events to not be generated for OSA type servers like SEAS and Global Mailbox, nor to set the status to 'Unknown' for server components associated with the OSA server deemed to be down. Description of fix: This ommission was corrected, so the code should behave as it did now in this area. 8. IT32851/MFT-11127/TS003606190 (2020-05-13) Description of issue: When starting Control Center, runEngine.sh does not return to the bash prompt (i.e. user must hit ENTER). Description of fix: Modified runEngine.sh/runEngineCold.sh so that control is returned to the bash prompt without any user interaction. 9. IT32884/MFT-11131/TS003675945 (2020-05-15) Description of issue: Under certain conditions when the CEP starts, any of its monitored servers temporarliy rassigned to other EPs will remain temporarliy reassigned and must be first manually reasigned to the server they're temporarily assigned to and then reassigned back to the CEP to put things back as they should be. Description of fix: At start up, the CEP will reassign all of its monitored servers temporarily reassigned to other EPs back to itself. 10. IT32912/MFT-11140/TS003699052 (2020-05-19) Description of issue: Attempting to use read Action and creating Action through REST APIs gets error com.ibm.tenx.ws.WebServiceException: Method not allowed. Description of fix: Those APIs had simply not been enabled, so now they and others that should have been are. 11. IT32996/MFT-11135/TS003646841 (2020-05-28) Description of issue: Dates displayed in Web console Recent transfer activity widget are incorrect for some time zones. Description of fix: When console user's preferred time zones are not whole hour offsets from UTC, they are rounded to the closest time zone that is a whole hour offset from UTC and this caused problems for the logic that displayed dates on the chart, which has now been corrected. 12. IT33033/MFT-11185/TS003699727 (2020-06-11) Description of issue: Process summary service logic repeatedly logging error messages when process ending type events handled that contained no process name. Description of fix: ICC process summarization logic was repeatedly receiving process interrupted events from monitored Connect:Direct servers that contained no process name and a process ID/number of 0, and when it did, it would log an error due to the lack of process name. The logic was updated to not log an error in this situation if the process ID was also zero since zero is an invalid process ID, which means these events could be safely ignored by the summarization logic. Logic also changed to not log an info message that started with "notifyProcessEndedDbOper() found batch = 0 and stmt = null, so no executeBatch() was NOT performed for events". It was only supposed to be a debug message, and is now. 13. IT33048/MFT-11142/TS003700086 (2020-06-02) Description of issue: User-Roles summary report doesn't show correct last logon dates. Description of fix: The last logon date stored in the user profile was only updated by the Swing console logic at logon if it ascertained that the current user was not always logged on. This logic was changed to always update the last logon time regardless of the perceived current logon status. 14. IT33062/MFT-11191/TS003776379 (2020-06-03) Description of issue: Swing console displays SSP servers configured to be monitored via multiple MQ servers as a single MQ server with a comma separated list of hosts and ports. Description of fix: Addressed problems in the swing console related to updating and viewing properties for SSP servers' connection information. 15. IT33399/MFT-10981/MFT-11113 (2020-06-28) Description of issue: Required IBM JRE upgrade to address CVE-2020-2654 (CVSS 4.3) and CVE-2020-2781 (CVSS 5.3)in the Q2 2020 Java CPU. Description of fix: Upgraded from 8.0.6.5 to 8.0.6.10. 16. IT33400/MFT-11012/MFT-11013/MFT-11095 (2020-06-28) Description of issue: Required Websphere/Liberty upgrade to address multiple vulnerabilities: CVE-2019-17573 (CVSS 6.1), CVE-2020-4303/4304 (CVSS 6.1), CVE-2020-4329 (CVSS 3.0) Description of fix: Upgraded Websphere Liberty to 20.0.0.5 (from 20.0.0.2). -------------------------------------------- 6.1.3.0 iFix01 (Released 04/29/2020) 1. IT32628/MFT-10872 (03-12-2020) Description of issue: Required IBM JRE upgrade to address CVE-2019-4732 (CVSS 7.2) in the Q1 2020 Java CPU. Description of fix: Upgraded from 8.0.6.0 to 8.0.6.5. 2. IT32178/MFT-10927/TS003385016 (2020-03-13) Description of issue: Connect:Direct Browser in Control Center gets error: "There is an IO error: Return Code 712" for the following functions: User Functions tab: "Select Process" and "Select Statistics" and Admin Functions tab: "Network Map", "Functional Authority" and "Proxy". These functions write to a temporary file. The path name generated erroneously included a file name instead of a valid directory name after a web server upgrade. Description of fix: Modifed /web/wlp/usr/servers/defaultServer/server.xml by removing the .war suffix in the following cdbrowser application definition: BEFORE: location="${shared.app.dir}/cdbrowser.war" (generates invalid path name: /web/wlp/usr/shared/apps/cdbrowser.war/cdbrowser) AFTER: location="${shared.app.dir}/cdbrowser" (generates valid path name: /web/wlp/usr/shared/apps/cdbrowser/cdbrowser) 3. IT32149/MFT-10976/TS003366915 (2020-03-17) Description of issue: If sess.pnode.max is set to 0 in an Unix remote node entry, the advance panel values can not be updated. Description of fix: Set the proper valid value range for the default class parameter. 4. IT32094/MFT-10961/TS003332342 (2020-03-17) Description of issue: Cognos failed to start due to a weak cipher list in the Cognos configuration file /Cognos/configuration/cogstartup.xml, when attempting to regenerate it's cryptographic keys. Description of fix: Updated /Cognos/configuration/cogstartup_SCC_Template.tmp to include additional strong ciphers in element cognosCryptoCiphersuite. This template is used to create the Cognos configuration file when configCC.sh|bat is executed. 5. IT31899/MFT-10861/TS003289277 (2020-3-17) Description of issue: Customer requested some query changes, and new indices, to improve ICC performance. Description of fix: A new properties file was introduced - sql.properties. (It is modifiable via the Web console.) At the instruction of customer support, SQL may be added to sql.properties to override the SQL ICC uses (for certain queries). Over time the list of queries that may be specified will grow. For now just two queries may be overridden via sql.properties. Both of which are used by the ICC QueuedProcessesClearJob. ICC looks for the sql property values "getQueuedProcessCount" and "getQueuedProcesses" to get the SQL to use to override its existing SQL. Note that updates to sql.properties do NOT require ICC to be restarted for the changes to take effect. 6. IT32086/MFT-10597/TS002749779 (2020-3-17) Description of issue: Loading the first static page in a Cognos workspace and other things with Cognos are slow. Description of fix: Customer felt part of the slowness was due to the speed of the Cognos Java Authentication Provider (JAP) logic, so via a new system property, USE_CACHED_USERS_AND_ROLES_IN_JAP, users will be able to cause the JAP to run faster. The JAP will run faster when USE_CACHED_USERS_AND_ROLES_IN_JAP is set TRUE (it will be FALSE by default) because it will stop requesting the current list of ICC users and roles every time it is invoked and instead only retrieve the list once, at startup. The effect of this change will be that Cognos will not be aware of any modifications to the list of ICC users and roles after ICC starts, unless it is stopped and restarted. To set USE_CACHED_USERS_AND_ROLES_IN_JAP you must edit {ICC Installation folder}/Cognos/wlp/usr/servers/cognosserver/bootstrap.properties and add the following line to it: USE_CACHED_USERS_AND_ROLES_IN_JAP=TRUE 7. IT32085/MFT-10956/TS003437021 (2020-3-17) Description of issue: ICC will not start. While loading rules the error "Invalid value specified for 'tagName.nonResolutionActionId'." occurred. Description of fix: The message "CRUL090E Error while saving merged Rules." was changed to "CRUL090E Error while saving merged Rules during processing of Rule ID: {0}". This will allow ICC to note the name of the name of the problematic rule that caused ICC to not start in the message logged, which will simplify troubleshooting. 8. CCP-15676 (2020-3-23) Description of issue: Security vulnerabilities - BlackDuck Scan - Upgrade Apache Xerces2 J Description of fix: Replaced xercesImpl-2.11.0.jar with xercesImpl-2.12.SP02-redhat-00001.jar. 9. CCP-15903 (2020-3-23) Description of issue: Security vulnerabilities - BlackDuck - Upgrade to Quartz from 2.2.3 to 2.3.2 Description of fix: Replaced quartz-2.2.3.jar with quartz-2.3.2.jar. 10. MFT-10994 (2020-03-24) Description of issue: Required CDBrowser upgrade to address a few security issues (Updated jasper-runtime-5.5.23.jar from jasper-runtime-5.5.15.jar/Clickjacking Issue fixed/Removed struts 1 references from C:D Browser code/ Jasper-runtime upgrade). Description of fix: Upgraded to C:D Browser 1.5.0.2 iFix26 (from iFix22). 11. IT32629/MFT-10873/MFT-10893 (2020-03-31) Description of issue: Required Websphere/Liberty upgrade to address multiple vulnerabilities: CVE-2019-4720, CVE-2019-12406 Description of fix: Upgraded Websphere Liberty to 20.0.0.2 (from 19.0.0.12). 12. IT32379/MFT-10940/TS003404923 (2020-04-03) Description of issue: When a monitored Connect:Direct File Agent uses the loopback address (127.0.0.1) to communicate with its Connect:Direct server, ICC does not accept its traps. Description of fix: For ICC to accept traps from Connect:Direct File Agents, the trap c_submitNode value must match the address and port used by ICC to monitor its Connect:Direct server. A change was made so ICC will also accept the trap if the source address of the trap matches the address of a monitored Connect:Direct server.