Please Read: Before starting the Control Center upgrade/uninstall process, you must backup the entire "conf" directory found under Control Center install location. Please follow the steps below before upgrading: The following instructions apply to maintenance upgrades. 1. Copy CCInstall64.exe or CCInstall64.bin to a temporary location on the server where Control Center is installed. If you are upgrading from a pre-6.2.0.0 iFix12 release to 6.2.0.0 iFix12 or later (i.e. upgrading FROM 5.4.2.2 through 6.2.0.0 iFix11 TO 6.2.0.0 iFix12 or later), the initial upgrade to 6.2.0.0 iFix12 or later cannot be a rolling upgrade. You must bring down all EPs and upgrade each EP to 6.2.0.0 iFix12 or later before starting any of the EPs again. All EPs must be in sync for the initial upgrade to 6.2.0.0 iFix12 or later, before being started. After the initial upgrade to 6.2.0.0 iFix12 or later, you may resume with rolling upgrades (eg. 6.2.0.0 iFix12 to 6.2.0.0 iFix13), where one EP is brought down at a time, upgraded, then restarted. 2. Back up the existing configuration data: If upgrading from 5.4.2.2 or prior, back up \conf directory found under Control Center install location. Backup your Control Center database. If upgrading from 6.0.0.0 or later, run exportConfig.sh/bat under \bin. The script creates a folder with all of the configuration data from the database and the conf folder. The location of this folder is conf-exported/{date_time}/conf. As per your need, for recovery purpopse, backup your existing Control Center database. 3. Proceed normally with installing the latest version of Control Center in original . (The installer would automatically un-install the previous version - but all of the configuration data will still be there). 4. Run configCC.sh 5. Start the Control Center engine. 6. Ensure the engine starts, and a user can login to the Control Center web console and access the links in the hamburger menu, including "Launch Classic Console". -------------------------------------------- 6.2.0.0 iFix15 (Released 01/21/2022) 1. IT39707/TS007706719/MFT-12738 (2022-01-07) Description of issue: Users are unable to login, due to a duplicate default timezone entry in CC_FILES. Description of fix: Added logic to remove duplicate entries. 2. IT39708/TS007250531/MFT-12673 (2022-01-14) Description of issue: CCD not populating sessions parameters from CDW. Description of fix: Corrected logic to fetch max simultaneous sessions. 3. IT39706/MFT-12831 (2021-01-18) Description of issue: Apache Log4j2 Remote attack vulnerability CVE-2021-44832 - CVSS 6.6. Description of fix: Upgraded to Log4j 2.17.1 (from 2.17.0). -------------------------------------------- 6.2.0.0 iFix14 (Released 12/22/2021) 1. IT39491/MFT-12809 (2021-12-21) Description of issue: Apache Log4j2 Denial-of-service vulnerability CVE-2021-45105 - CVSS 7.5. Description of fix: Upgraded to Log4j 2.17.0 (from 2.16.0). -------------------------------------------- 6.2.0.0 iFix13 (Released 12/17/2021) 1. IT39455/MFT-12765 (2021-12-16) Description of issue: Apache Log4j2 Denial-of-service vulnerability CVE-2021-45046 - CVSS 3.7. Description of fix: Upgraded to Log4j 2.16.0 (from 2.15.0). -------------------------------------------- 6.2.0.0 iFix12 (Released 12/14/2021) 1. IT39173/TS006406084/MFT-12401 (2021-11-15) Description of issue: Duplicate servers erroneously being added by discovery logic in Director. Description of fix: Database schema change was made. CC_SERVER.DUAL_HOST_NAME was changed to ALTERNATE_HOST_NAMES. New logic was added to ascertain all possible host names for CD agents' requests. Values obtained used to locate existing servers in database by searching CC_SERVER.HOST_NAME and ALTERNATE_HOST_NAMES. Two engine properties were added: CD_DISCOVERY_ENABLED: true/false - if set to false, adding new server is disabled. Default is true CD_IP_CACHING_ENABLED: true/false - if set to true, CD agents' request IP address will also be added to AltHostNames. Default is false. 2. IT39169/TS006763114/MFT-12497 (2021-11-15) Description of issue: When displaying the 'All C:D Servers' web page in Director, the user is unable to filter on active 'Agent' instances. The filter allows for up or down 'Server' instances, but there isn't an option to filter on the status of the install 'Agent' connection. Description of fix: Added an "Agent Status" filter allowing selection of up or down. 3. IT39073/MFT-12674/TS007366284 (2021-11-16) Description of isssue: Seeing "ClusterEventMonitor - Exception occurred processing configuration changed event Configuration Changed" errors in the Engine logs from the ClusterEventMonitor, primarily at startup. Description of fix: Updated the Controller logic that processed cluster events to not log errors when processing cluster events for non-existing objects unless debug level logging is on. 4. MFT-12706 (2021-11-18) Description of issue: deleteEP had problems if a user key had been configured, or other EPs were running when initiated (EventProcessorMonitor log entries showed errors occurring, repeatedly) Description of fix: Logic added to deal with prompting for the user key, when configured, was added, and changes were made to the EventProcessorService and EventProcessorMonitor logic to address an EP being removed to avoid errors. 5. MFT-12707 (2021-11-18) Description of issue: No metrics existed for Deployment service logic so it had no visibility in the web console's System Health view Description of fix: Metrics added for Deployment service and minor performance improvements were also made. 6. IT38908/MFT-12624/MFT-12715/TS007229815 (2021-11-18) Description of issue: "ORA-12899: value too large for column xxxxxxxx" errors when running Server Inventory Report. This was caused by a newline in the server description field. This is a follow-on fix for the same defect originally addressed in iFix11 for comma separators. Description of fix: Changed logic to handle newline escape sequence. 7. MFT-11458 (2021-11-19) Description of issue: GUI Console locks up with blank error window when initiating Secure+ node configuration Description of fix: The problem occurs when initiating a refresh for objects- typically initiated by the system when no version of data exists, and an error occurs. Note this can happen with any supported configuration object type. A change to the console was made to fix the error handling logic. 8. CC-8486 (2021-12-06) Description of issue: Potential problems could occur during deletion of monitored server. Description of fix: Certain clean up, like removal of checkpoint data, was not always occurring. This has been fixed. 9. CC-8519/MFT-12700 (2021-12-08) Description of issue: Code that handled EVENT_MONITOR_EVENT_DELAY when it was set greater than zero was problematic. Description of fix: Corrected EVENT_MONITOR_EVENT_DELAY logic issues. 10. IT39385/TS007790083/MFT-12768 (2021-12-12) Description of issue: Apache Log4j2 Zero-Day/Log4Shell vulnerability CVE-2021-44228 CVSS 10 Description of fix: Upgraded to Log4j2 2.15.0 (from 2.14.0). 11. IT39483/TS007083158/MFT-12611 (2021-12-13) Description of issue: Cannot add Functional Auth users to certain connect direct servers. This had to do with a SEAS user attempting an update from the non CEP environment. Description of fix: Corrected the logic where token signin mechanism is added for seas users (i.e. CC_TOKEN prefix). ------------------------------------------- 6.2.0.0 iFix11 (Released 11/12/2021) 1. MFT-12552 (2021-09-22) Description of isue: When you see a server with an alert badge on its icon in the Swing console and right click it to view its active alerts you can see nothing. Description of fix: The problem occurs for alerts based on SLC events from standard SLCs because while they have the server name in the event, they did not have the node type set. The fix was to change the query to only specify the server name but not the server type. 2. MFT-12455 (2021-09-23) Description of issue: During configCC, the step to reconfigure the package directory continuously displays the following line over again until "Y" is pressed: "Because this is an imported configuration, existing Packages location path value must be reviewed and reconfigured". Description of fix: Corrected logic to display the message only once and then continue prompting for further input. 3. IT38521/TS006717865/MFT-12501 (2021-09-24) Description of issue: Lack of full TLSv1.3 support for Connect:Direct node configuration in Control Center classic console in the following two scenarios: -right click on Connect Direct node -> Configure Server -> Secure+ -> Secure+ Nodes -> double click on Secure+ entry: (list does not contain TLS1.3 ciphers supported by the server) -right click on Connect Direct node -> Configure Server -> Secure+ -> Secure+ Cipher Suites -> column "Name": (list does not contain TLS1.3 ciphers supported by the server) Description of fix: Corrected logic to request the TLSv1.3 ciphers supported by the server. 4. LS-102 (2021-09-28) Descripton of issue: Rules created from Web UI showing invalid status if it contains special characters. This was caused by escaped characters in rules xml not being removed. Description of fix: Corrected logic to extract exact value from XML as real value not escaped value. 5. MFT-12570 (2021-09-28) Descripton of issue: During configCC, ERR_SSL_VERSION_OR_CIPHER_MISMATCH error occurs when the wrong Alias for Keystore is entered. Description of fix: Enhanced keystore/certificate validation logic to check for: valid keystore password, certificate exists, certificate expired/nearing expiration date, keystore contains multiple certificates, keystore contains private certificate and then re-prompt user for info or display warning msg or exit configCC accordingly. 6. MFT-12567 (2021-09-30) Descripton of issue: The latest MSSQL JDBC driver mssql-jdbc-9.4.0-jre8.jar is not in the list of known valid drivers. Description of fix: Update list with above mentioned driver. 7. CC-7888 (2021-10-01) Description of issue: Connect:Direct Configuration in classic console is missing C:D Unix initparms: cd.file.agent and cdfa.enable. Description of fix: Added support for these paramters. 8. MFT-12560 (2021-10-04) Descripton of issue: The process for deleting an EP, and its constituent parts from Control Center is too onerous. Description of fix: Scripts deleteEP.sh and deleteEP.bat now exist that can be used to remove an EP that's not running, and has no servers that identify it as their assigned or active EP, from Control Center, along with its constituent parts. 9. CC-8190 (2021-10-05) Description of issue: Need to correct user license acceptance in container environment. Description of fix: Corrected user license acceptance check in CCM/CCD container environment. 10. MFT-12542 (2021-10-06) Description of issue: Web UI page not resolving (i.e. HTTP ERROR 503 Service Unavailable) due to duplicate server entries in the CC_SERVER table. This scenario was caused by a customer installing a second EP on the same server and specifying the same port values. The original intent was to install a new single EP instance (instead of a 2nd EP to an existing instance). The workaround was to manually delete the duplicate EP/Web server entries. Description of fix: Implemented validation logic in configCC during port configurtion to make sure no other Web server entries already exist with the same hostname/port. If so, re-prompt user for a different port. 11. IT38654/MFT-12552/TS006939941 (2021-10-08) Description of issue: Email addresses specified in email lists wre still receiving emails after being removed from the list. Description of fix: Properly initialize the addesses list before generating the email. Note this issue (before being fixed) caused a memory leak to occur EVERY TIME an email action runs! It may just be a few dozen bytes each time, but after a while that would add up. It also causes email actions to take longer and longer to run each time they're taken. So this fix will both boost performance and eliminate a memory leak. 12. LS-88 (2021-10-12) Description of issue: The pmrstamp.info sent in the data collector does not give an easy method to determine the version of Linux the customer is running (example: os.version: 3.10.0-1160.21.1.el7.x86_64). Description of fix: Modified the Linux dataCollector output to display the OS version and name (and also added Disk usage and RAM usage) in pmrstamp.info. 13. IT38905/MFT-12350 (2021-10-13) Description of issue: Multiple vulnerabilities in Apache Commons Compress affect Control Center (CVE-2021-35516, CVE-2021-35515, CVE-2021-36090, CVE-2021-35517 (all CVSS 5.5)). Specially crafted 7Z/zip/tar files can result in looping or out of memory conditions causing denial of service. Security Bulletins: https://www.ibm.com/support/pages/node/6516780 https://www.ibm.com/support/pages/node/6516778 https://www.ibm.com/support/pages/node/6516776 https://www.ibm.com/support/pages/node/6516772 Description of fix: Upgraded affected component jar. 14. MFT-12608 (2021-10-14) Description of issue: Specifying 0.0.0.0 in config.sh/bat for staging DB host to remove staging DB causes Jetty to not start. Description of fix: If 0.0.0.0 is specified for the DB host properly remove all references to the staging DB. 15. IT38906/MFT-12507/TS006716504 (2021-10-15) Description of issue: OS Command execution error occurs when a curl command was specified. Part of the command included an apostrophe (single quote) embeded inside of a quoted string. Description of fix: Add logic to optionally split the OS command string by space excluding the tokens which are single/double quotes by specifying a new property: USE_REGEX_TO_SPLIT_CMD_ARGS = true|false. The default is false. The following example illustrates the results: input = curl -i -H "Content-type: application/json" output = curl,-i,-H,Content-type: application/json (when USE_REGEX_TO_SPLIT_CMD_ARGS = true) output = curl,-i,-H,Content-type:, application/json (when USE_REGEX_TO_SPLIT_CMD_ARGS = false) 16. IT38718/MFT-12599/TS006406084 (2021-10-15) Description of issue: Connection information and more for monitored Connect:Direct servers was all blank Description of fix: The problem was caused by the node services not starting, and therefore the Swing console could not get properties data for the servers from the EP. This was due to the fact that deleted servers had been erouneously left in the CD Configuration Needed system server group. This logic has been fixed, and start up logic was added to ensure no deleted/logically deleted servers remain in the CD Configuration Needed server group. 17. MFT-12619 (2021-10-21) Description of issue: Automated Reports are not enforcing user's Server Group/DVG restrictions set in role. Description of fix: Corrected logic to use the userid of the report submitter (creator). 18. MFT-12558 (2021-10-22) Descripton of issue: The following objects created from the web UI show invalid status if they contain special characters: Rule Schedules, Actions, Simple SLCs, SLC Schedules,calendars and email lists. This was caused by escaped characters in the xml not being removed. This is a follow-on fix to LS-102, where the same fix was made for Rules. Description of fix: Corrected logic to extract exact value from XML as real value not escaped value. 19. IT38908/MFT-12624/TS007229815 (2021-10-22) Description of issue: ORA-12899 errors when running Server Inventory Report. This was caused by commas in the server description field. Description of fix: Corrected logic to ignore commas in the server description. 20. MFT-12628 (2021-10-22) Description of issue: Connection information lost when upgrading from 6002. Description of fix: Insure that server properties are properly populated when upgrading. 21. IT38918/MFT-12641/TS007291848 (2021-11-01) Description of isssue: Don't see expected SLC alerts associated with a specific server. Description of fix: Did not occur SLC alerts did not appear to be associated with servers whose name was in the alert. This is caused by the fact the queries included the node type, in addition to the name of the server, while the "did not occur" alerts themselves only had the name of the server. The web console query logic was changed to ignore server type when it also queried for specific server(s). 22. MFT-12658 (2021-11-08) Description of issue: Customized tag label is not visible in the filtering list for "Completed File Transfer" and "Completed Process" tab in the web UI. Description of fix: Corrected filter display logic to show custom tag labels. -------------------------------------------- 6.2.0.0 iFix10 (Released 09/20/2021) 1. CC-6073 (2021-07-02) Description of isue: Server group added before upgrade gets deleted after upgrade in CCD mode. Description of fix: Corrected logic to not erroneously delete the server group. 2. IT36923/MFT-2298/TS004984094 (2021-07-06) Description of issue: The "Export All to CSV" function failed from the Completed File Transfers screen in the web UI. The original query to view the file transfer activity displayed relatively quickly on the screen with many entries. The error occured when attempting to Export all the returned/displayed activity to a CSV file. The error resulted in a pop-up error message stating a system error has occurred. Description of fix: Modified the Export to CSV logic to reduce unnesessary overhead and successfully create the CSV file. 3. IT37449/MFT-12262/TS005891894 (2021-07-08) Description of issue: Error during configCC caused by multiple MSSQL JDBC drivers at different levels in /lib/thirdparty and /web/ccbase/lib/ext directories. The presence of mssql-jdbc-9.2.1-jre8.jar caused a conflict. Description of fix: Added mssql-jdbc-9.2.1-jreX.jar files to a list used to delete all JDBC drivers for all JRE levels (not just JRE 8 levels) from /web/ccbase/lib/ext prior to installing the current user specified JDBC driver and exclude from the classpath. This is a follow-on fix to original fix MFT-12262 in iFix08 to simply add an entry to one list (missed in original port). 4. CC-6771 (2021-07-08) Description of issue: Swing console does not open from inside after logging to scc web console. Description of fix: Corrected logic to obtain proper host:port. 5. IT37572/MFT-12317/TS006029667 (2021-07-09) Description of issue: Server Inventory report failed to run with following error messages: ERROR RecoverableDAO - ORA-12899: value too large for column "IBM_CCD"."SERVERINV_SCC_3620943855261"."SERVER_NAME" (actual: 61, maximum: 50) executeQuery - SQL Exception msg : ORA-00942: table or view does not exist .... executeQuery - SQL State : 42000 .... executeQuery - SQL Error Code : 942 Note: the server name is not really 61 characters long in this case. The error has to do with the user incorrectly specifying the Oracle database parameter NLS_LENGTH_SEMANTICS=BYTE (should be set to CHAR) as documented: https://www.ibm.com/docs/en/control-center/6.2.0?topic=schemas-additional-settings-oracle-database-instance This error will not occur when this property is correctly configured. Description of fix: Made a fix to compensate for the customer mis-configuration to allow the affected reports to successfully execute: Server Inventory Report, High Watermark Report, C:D Configuration Changes Audit Report. 6. MFT-12315 (2021-07-09) Description of issue: MSSQL errors occur during configCC when attempting SQL command: DROP PARTITION SCHEME|FUNCTION because these objects did not exist. Following messages found in ccinstall.log: ERROR DB_Init - Cannot drop the partition scheme 'XX_PART_SCHEME', because it does not exist or you do not have permission. ERROR DB_Init - Cannot drop the partition function 'XX_PART_FUNC', because it does not exist or you do not have permission. (where XX is corresponding table name prefix: eg. CD, CE, EV, etc.) Description of fix: Added a check to determine if the partition scheme and function exist. If not, then skip the DROP command(s). 7. IT37624/MFT-12295/TS005958829 (2021-07-13) Description of issue: configCC.bat/sh is not prompting user to alter the web service non-secure port. Customer initially defined Control Center with web non-secure=0, and secure=58083. They need to have non-secure open. The issue is running configCC now, does not prompt to alter the non-secure port. Description of fix: Corrected logic in configCC to prompt the user to configure the web server non-secure port for either CCM only or CCM/CCD entitlement. 8. IT37591 /MFT-12260/TS005719790 (2021-07-13) Description of issue: RESTART / RESUME commands for a BP (Business Process) fails with the following error message returned in the SI Response: {newWorkflowId=null, isError=true, errorCode=-1, message=Not enough parameters...} Description of fix: Corrected the order of parameters passed to SI in the request. 9. IT37627/MFT-12326/TS005623073 (2021-07-14) Description of issue: Control Center's CD Browser displaying CT (Copy Termination) statistics records differently than CDzOS. Customer recently upgraded to CDzOS v6.0. They have reported seeing different results when viewing statistics using the C:D z/OS IUI and using C:D Browser available through Control Center. The CT (Copy Termination) record when viewed using C:D Browser has the PNODE and SNODE swapped when CDZ is the SNODE in the file transfer. It would appear that CD Browser is looking at the raw CT records to produce the output display under Control Center and must now account for the changes made in CDz 6.0. In CDz 5.2 (and prior releases) the PNODE and SNODE were swapped in the CT, FI and MC statistics records when the local node is the SNODE. This was fixed in CDz 6.0 (and later releases). There was a flag 'xxFXNODE' (where xx is CT, FI or MC) added to 6.0 that indicates when the PNODE/SNODE are corrected. Description of fix: Updated Control Center with C:D Browser 1.5.0.2 iFix29 to obtain the fix. 10. IT37630/MFT-12329/TS006144381 (2021-07-20) Description of issue: Excessive messages in FileAgentService log and Engine log. Description of fix: Changed the FileAgentService message from INFO to DEBUG and updated /conf/EngineLogger.xml to redirect DeploymentService/CDAgentService messages to corresponding logs, instead of Engine log. 11. MFT-12247 (2021-07-20) Description of issue: Web UI should not allow the Externally Authenticated user to reset password. Description of fix: Removed "Reset Password" action for SEAS user from the Actions selection menu (Users and Roles >> List Users >> ... -and- Users and Roles >> List Users >> individual user >> ... Actions). 12. IT37744/MFT-12353/TS006075139 (2021-07-23) Description of issue: Unable to create a rule as shown in documentation: https://www.ibm.com/docs/en/control-center/6.2.0?topic=risfg-how-can-producer-get-notified-when-file-does-not-arrive-in-their-mailbox-within-5-minutes-after-connection-is-initiated Description of fix: Corrected rule validation property table to allow the specified rule. 13. LS-97 (2021-07-27) Description of issue: The forgot password action does not work for admin user on the web UI login screen. The web page shows a message that an email is being sent, but nothing ever comes. There are errors in the ccweb log. Description of fix: Corrected the logic to display message: "Password reset is not allowed for this user". There are special instructions to reset the admin user password. These can be proveded by Support. 14. MFT-12246 (2021-07-27) Description of issue: When an External Authenticated user is created (Users and Roles >> Create User), an incorrect message is displayed: "An email has been sent to the user". No email is sent since no password is maintained in CC for the externally authenticated user. Description of fix: Corrected the display message upon successful creation: "External Auth User has been successfully created". 15. IT37853/MFT-12320/TS006093984 (2021-07-28) Descripton of issue: Emails are not sent when user is created and during password reset. This only occurs when the SMTP server requires authentication. Description of fix: Corrected logic to properly decrypt and pass the SMTP server password in the logon request. 16. LS-93 (2021-08-02) Description of issue: Some VIEWs were missing after a database server crash due to lack of space. The server crash caused Control Center to shutdown. After the space issue was fixed and DB server restarted, Control Center immediately shut down during startup, due to the missing VIEWs (even after running configCC in an attempt to create the views). Description of fix: Updated SQL scripts cc_configCC_[db2|oracle|sqlserver]_fixes.sql to check for the existence of all VIEWs and create any that are missing, whenever configCC is executed. 17. MFT-11873 (2021-08-04) Description of issue: When updating a server's properties in a multi-EP environment, changes aren't propagated to other EPs and Swing consoles Description of fix: Changes were made to improve when Swing consoles are notified of changes to server properties, including server status values. Note it still may take several moments for changes made to be reflected across Swing consoles connected to EPs that are not the active EP for a server. 18. MFT-12402/CC-7247 (2021-08-06) Description of issue: Events generated for pause and resume monitoring do not contain the ID of the initiating user. Description of fix: The element userId will be added to events created for pause and resume monitoring with the value set to the name of the initiating user. 19. MFT-12408 (2021-08-09) Description of issue: Events in SLC Debug reports show a processed time that is derived only from the EVENTS.ACTIONS_COMPLETED value. But that is the time the RuleService completed processing of the event, not necessarily the SlcService processed time, because unless BYPASS_EVENT_MONITOR_FOR_EVENTS is true, which can only be done in a single-EP environment, the SLC service gets its data from the EventMonitor, not the RuleService. Description of fix: Since the MetricsService logs the average EventMonitor delay between the ACTIONS_COMPLETED value and when it reconstitutes them, on an hourly basis, new logic uses those hourly average values to compute an approximate processed time for each event based on the hour each event occurred. 20. CC-6764 (2021-08-16) Description of issue: Found some input edit errors on the web UI Console screen (i.e. hamburger menu in upper right >> System Settings >> Console). Additionally have a requirement to increase the session time out/display warning message values. Description of fix: Corrected screen input edit logic and changed the default "Time Out After" value to 180 minutes and "Display Warning Message" value to 170 minutes. 21. IT38225/MFT-12292/TS005997093 (2021-08-18) Description of fix: Dashboard display is empty. Only showing blank pages and getting 404 error. This occured after a database outage and the web server did not re-establish it's DB connections after the DB server cam back online. Description of issue: Implemented a process that runs in the engine and detects if the DB server had been down. With this fix, when the DB server is restarted, the web server will be restarted to reinitialize the web applications to properly re-establish database connections. This feature is turned off by default. It must be turned on via engine.properties: true. 22. IT38223/MFT-12452/TS006569295 (2021-08-26) Description of issue: ICC performance issue. When the customer used a MSSQL JDBC driver that was not listed in the check list, the JDBC URL did not include SendStringParametersAsUnicode=false setting. Description of fix: Removed the driver specific check to always build the url to include SendStringParametersAsUnicode=false. 23. IT38219/MFT-12415/TS006469655 (2021-08-27) Description of issue: DeploymentService.xml is missing from /conf/services/system as referenced on the following "Troubleshooting Deployment Scenarios" page: https://www.ibm.com/docs/en/control-center/6.2.0?topic=troubleshooting-deployment-scenarios Description of fix: Created a new REST API to configure DeploymentService.xml. This file actually resides in the CC_FILES table. Updated REST API documentation: https://www.ibm.com/docs/en/control-center/6.2.0?topic=support-using-restful-apis-deployment-configuration 24. MFT-12473 (2021-08-30) Description of issue: SSP Audit events for ICAP and SOCKS Proxy configuration objects were not recognized and therefore not handled by Control Center when they were received. Description of fix: Added logic to process audit events from SSP for ICAP and SOCKS Proxy configuration objects. 25. IT38248/MFT-12281/MFT-12410 (2021-0-8-30) Description of issue: Required IBM JRE upgrade to address the following vulnerabilities: - CVE-2021-2161 (CVSS 5.9) - A flaw in the java.lang.ProcessBuilder API on the Windows platform leads to mishandling of escaped quotes inargument strings in certain circumstances. This allows an attacker to manipulate the Process command line and potentially run unexpected commands. - CVE-2021-2369 (CVSS 4.3) - A flaw in the JAR validation implementation may, under certain limited circumstances, lead to a failure to detect signedJAR files that have been modified. The fix ensures that JARs that have been modified since they were signed are properly detected and treated as unsigned. Description of fix: Upgraded from 8.0.6.25 to 8.0.6.35. 26. MFT-12478 (2021-08-31) Description of issue: Database report not working since upgrade to 6.2. Received error message "CCTR189E: Unable to obtain database information from database". The web server entry (node_type_id 99) in CC_SERVER did not have the expected hostname. Description of fix: Modified logic to use the value specified in CCENTER_WEB_START_HOSTNAME in InstallationInfo.properties. 27. MFT-12485 (2021-09-01) Description of issue: When an upgrade is performed from older CDU/CDW versions to 6.2 via CCD, upgrade is successful but version is still appearing as the the older one (in CCD web console >> Servers >> All C:D Servers). Description of fix: Corrected logic to detect a version change in the C:D server after an upgrade and correctly display it. 28. MFT-12483 (2021-09-03) Description of issue: configCC allows the secure web port to be disabled in Suite mode (i.e. both CCM and CCD are installed). CCD requires a secure web port to be configured. Description of fix: Modified configCC logic to not allow the secure web port to be disabled (set to 0). 29. MFT-12494 (2021-09-03) Description of issue: Control Center build job completes as successful when jar signing fails. When this occurs, installers are created with unsigned jars. Description of fix: Corrected the build process to immediately end whenever jar signing fails. 30. IT37358/MFT-12407/MFT-12114 (2021-09-06) Description of issue: DB2 z/OS initialization fails with multiple configCC errors. Description of fix: Corrected issues specific to DB2 zOS (i.e. SQL syntax and logic awareness for differences between DB2 LUW vs DB2 z/OS). 31. IT38404/MFT-12498/TS006763214 (2021-09-13) Description of issue: Director Deploy 'Select Servers' does not allow for column expansion. The full "C:D Version" value was not visible. Description of fix: Modified the screen display to wrap to a second line if needed, to display the complete values. 32. IT38405/MFT-12499/TS006763284 (2021-09-13) Description of issue: Director Server Group display limited to 1 screen. When viewing C:D groups under 'All C:D Groups' in Director, unable to scroll to next set of servers. Limited to 10 servers without the ability to go to the next page. Description of fix: Added capability for page scrolling and selecting number of items per page. 33. IT38406/MFT-11866/TS005079378 (2021-09-13) Description of issue: Scheduled reports stop running 4-5 days after Control Center is re-cycled. This is caused by a database connection leak. Meaning, each time a report is run, a connection is obtained but never closed. Description of fix: Corrected the report logic to always close the database connection upon completion. 34. MFT-12480 (2021-09-14) Description of issue: Customer is unable to run manual SQL queries against the EVENTS table to obtain summary statistics. Needs Events by date and server type report. Description of fix: Created a new report category named "Events Summary" which includes the following reports (i.e. classic java console >> Tools >> Reports >> Define/Run >> Events Summary): -Events By Date Report -Events By Date And Event Type Report -Events By Date and Server Report -Events By Data And Hour Report -Events By Date And Server Type Report -Events By Date-Hour And Server Report -Events By Date-Server And Event Type Report 35. CC-7731 (2021-09-14) Description of issue: Report does not open after logging onto scc web console (applies to container environment). Description of fix: Modified logic to generate the correct URL to route the report to. 36. LS-105 (2021-09-15) Description of issue: configCC fails with a NullPointerException after upgrading from 6002 to 6200 iFix09 with the following error message (from top of stack trace): java.lang.NullPointerException at com.sterlingcommerce.scc.agent.services.jdbc.DB_Init.removeDuplicateCCUsers(DB_Init.java:3540) Description of fix: Added gaurd code to check for a null value to prevent the error. 37. MFT-12529 (2021-09-16) Description of issue: Classic console webstart launch fails on non-secure port when secure port is also enabled. Description of fix: Corrected logic set the correct port when building the url for the webstart launch. -------------------------------------------- 6.2.0.0 iFix09 (Released 06/30/2021) 1. IT36829/MFT-12100/TS005444031 (2021-05-10) Description of issue: FileAgentService logs filling up with unneeded messages, exceptions logged by the ClusterEventMonitor after shutdown initiated, and totals from metrics weren't being logged, only maximum and average values. Description of fix: The FileAgentService was changed to log most messages only when debug level logging is set. Also, changes were made to prevent exceptions from being thrown when it processed CD 400 servers, which aren't able to have CD File Agents. Also, logic was added to the ClusterEventMonitor to stop processing cluster events as soon as it sees the shutdown process has started, which limits the exceptions it will log. And finally, the metrics being logged were by design not logging the total values if average and max values were shown. It was changed to show the total values too as it is helpful information at times. Note these changes were made during the work done for MFT-12092, which was a part of iFix08. They just were not delivered until now as they were not critical. 2. IT36925/MFT-11828/TS004995222 (2021-05-17) Description of issue: Config.sh/bat fails after upgrade due to duplicate USERNAMEs in the CC_USER table and a new unique index cannot be created. Description of fix: Check for duplicates entries and delete them after update any related table entries that referenced them. 3. IT36923/MFT-11868/TS004984094 (2021-05-19) Description of issue: The "Export All to CSV" function failed from the Completed File Transfers screen in the web UI. The original query to view the file transfer activity displayed relatively quickly on the screen with many entries. The error occured when attempting to Export all the returned/displayed activity to a CSV file. The error resulted in a pop-up error message stating a system error has occurred. Description of fix: Modified the Export to CSV logic to reduce unnesessary overhead and successfully create the CSV file. 4. IT36986/MFT-12171/TS005651544 (2021-05-20) Description of issue: Cannot establish a secure connection with the classic console using OpenJDK (does not apply to Control Center installations with the IBM JRE). Description of fix: Corrected a check for the JVM vendor. 5. IT37024/MFT-12181/TS005584597 (2021-05-26) Description of issue: Configuration Management copy parameter option to multiple servers fails after the first server with error: CCFG151E Operation failed. Operation: copy parameters Object type: InitParms Reason: java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 8 Description of fix: Corrected logic that iterates through the config objects parameters to be copied so they'll be there for each server they're to be copied to. 6. MFT-12016 (2021-05-26) Description of issue: New install of Control Center resulted in MSSQL database error: HTTP ERROR 503 SQL Error: 208, SQLState: S0002. This was caused be the improper collation setting having been specified when the database was setup. Per the Control Center documentation one of the following must be specified: SQL_Latin1_General_CP1_CI_AS or Latin1_General_CI_AS. Description of fix: Added Error / Warning messages during configCC execution as follows: 1) If this is a fresh install (i.e. new database), configCC will fail with error messages instructing the user to correct the collation setting. 2) If this is an upgrade (i.e. existing Control Center database), configCC will continue with warning message stating the valid collation settings values and the currently specified invalid setting. 7. LS-65 (2021-05-26) Description of issue: Need to display info/warning messages during configCC about the current summary tables purge setting (i.e. how many days of summary data to keep), in order to help avoid performance issues. Description if fix: Modified configCC logic as follows: If the value is set to 0 (i.e. never purge summary data), warning messages are displayed instructing the user how to run a one-tme manual purge of the summary tables and then afterwards change the value in System Settings in the web UI. Otherwise if the existing value is not 0, the current value is displayed, informing the user it can be changed in System Settings. 8. IT37092/MFT-12153/TS005649292 (2021/06/02) Description of issue: Regardless of the number of summary days of data retained the web console dashboard widgets attempt to show a month of historic data. Description of fix: The dashboard content logic was changed to show a minimum of either 31 days of data, or the number of summary days of data retained (plus one day for the current day) 9. MFT-12213 (2021/06/02) Description of issue: After upgrade from 6.2 iFix08, config.sh displayed database tables out of sync message Description of fix: configCC process has been changed to run the schema changes scripts first and then validate the database tables to avoid the out of sync message. 10. IT37091/MFT-12091/TS05479369 (2021/06/04) Description of issue: Data movement over B2Bi Mailbox adapters not counted as transfers, by default, making it impossible to find data in the completed file transfer activity widget associated with movement over them. Description of fix: Added new engine property, COUNT_TRANSFERS_VIA_MAILBOX_ADAPTORS. It's value is false, by default, but when set true, and ICC is restarted, ICC will mark data moved over B2Bi Mailbox adapters as transfers, which will cause them to be displayed in the completed file transfer view, and allow searches for those transfers to succeed. 11. MFT-12174 (2021-06-04) Description of issue: Duplicate monitoring of a CD server is erroneously allowed, if a CD server definition is updated with the same ippaddr/port of another existing CD server definition. Description of fix: Added a check for this condition upon server update attempt. If so, the following error message will be displayed: "CCTR110E Duplicate monitoring not allowed. This C:D Server {0} at port {1} is already monitored using alias {2}". 12. IT37155/MFT-12221/TS005725519 (2021-06-07) Description of issue: Engine log is flooded with leftover diagnostic messages from troubleshooting previously resolved defect MFT-12138. The messages begins with the text "Uh Oh!!!" as in the following example: java.lang.Exception: Uh Oh!!! No Server properties. Server.setProperties() invoked with |null| for server <> at com.sterlingcommerce.component.common.util.Util.stackTrace(Util.java:841) at com.ibm.cc.model.Server.setProperties(Server.java:941) Description of fix: Removed the offending diagnostic messages. 13. IT37153/MFT-12209/TS005756513 (2021-06-07) Description of issue: The automation to add SEAS users fails in version 6.2 with "password cannot be blank" (i.e. via CCAPI createUser). The following messages are displayed in the engine log: ERROR SccContextChecker - com.sterlingcommerce.scc.common.AclException: Password can not be blank INFO UserMgr - ACL Service.createUser...Begin ERROR AccessControlUtil - CACL014E Error while decrypting password. Description of fix: Added a check to skip password validation for SEAS users. 14. IT37162/MFT-12206/TS005691464 (2021-06-07) Description of issue: Need to limit the data that goes into the logs or limit the size of the SCC/web/ccbase/logs Log Files: sccwebclient-.request .request. Files are not required for normal operations and can produce multi GB files. Description of fix: Changed the default configuraiton to turn off logging to the files. These files are not required for normal operations. If needed for a specific issue, Support will instruct how to turn on logging. 15. MFT-12046 (2021-06-07) Description of issue: Required updates to address the following vulnerability: Upgrade Apache log4j - CVE-2020-9488 - CVSS 3.7 Description of fix: Applied updates to above components. 16. IT37171/MFT-11976/TS004975555 (2021/06/07) Description of issue: The email test function in the web UI fails if the SMTP server requires authentication (i.e. System Settings >> Email Server >> Test). Description of fix: Corrected the Email Server test function to properly pass the username/password in the request and provide more meaningful error messages, due to bad input data or a connection problem. This is a follow-on fix to the original first fix attempt for this issue in the previous 6200 iFix08, but with new APAR number. 17. IT37167/MFT-12148/TS005604608 (2021-06-08) Description of issue: CC shuts down due to errors inserting/updating entries into the CC_PROCESS table. Description of fix: Ensure that insert failures due to duplicate entries are handled as updates. 18. IT37295/MFT-12145/TS005590679 (2021-06-15) Description of issue: Connecting to Director corrupts previous configuration, reverting to default values in Server Properties. Description of fix: Update logic to preserve existing CD server definitions. 19. MFT-12266 (2021-6-16) Description of issue: Requirement to support the Linux Power LE platform Description of fix: Introduced Linux Power LE installers/fix packages beginning with iFix09. 20. IT37365/MFT-12249/TS005842283 (2021-06-21) Description of issue: Connect:Direct Statistics Detail Report is not showing complete filenames for the Source File and Destination File. Description of fix: Corrected the report definition to display the complete file name. 21. MFT-12066 (2021-06-21) Description of issue: Required update to address the following PDFBox vulnerabilities: CVE-2021-31811 CVSS 5.5 / CVE-2021-31812 CVSS 5.5 Description of fix: Applied update to above component. 22. MFT-12104 (2021-06-22) Description of issue: Required update to address the following Castor vulnerability: CVE-2014-3004 - CVSS 5 Description of fix: Applied update to above component. 23. MFT-12282 (2021-06-23) Description of issue: Build date/time calculated using hour of day as 01-24 (instead of 00-23), causing confusion. Following example shows an engine log entry where the installer was built during 11pm: "Starting Engine 6.2.0.0_iFix08 - build June 21 2021 24:03". This should be calculated/displayed as 23:03 instead. Description of fix: Corrected the build process to use the SimpleDateFormat specification for hour of day 00-23. 24. IT37399/MFT-12257/TS005775429 (2021-06-23) Description of issue: After upgrading from 612 to 62 ICC crashing with out of memory (OOM) error Description of fix: Changes made to deal with "Maximum open cursors exceeded" issues exposed a logic error that had to do with how statements were being created, but not closed, when performing batch updates and inserts. The logic has been changed to use a single statement, instead of multiple ones, which is closed, which resolves the memory leak that was occurring. 25. MFT-12240 (2021-06-24) Description of issue: Requirement to allow Sterling Secure Proxy (SSP) servers to be monitored via Open Server Architecture (OSA). Description of fix: You can now use Open Server Architecture for IBM Sterling Secure Proxy event/status publishing for IBM Sterling Control Center Monitor monitoring. For more information, refer to: https://www.ibm.com/docs/en/control-center/6.2.0?topic=considerations-sterling-secure-proxy / https://www.ibm.com/docs/en/control-center/6.2.0?topic=issues-monitoring-osa-servers 26. IT37453/MFT-12227/TS005681027 (2021-06-24) Description of issue: Web console times out after 30 minutes, logging off the user, no matter what timeout value is specified in the web UI (i.e. home page >> hamburger menu (upper right) >> System Settings >> Console >> Time Out After). Description of fix: Corrected logic to populate the timeout value in multiple locations (tables/xml files). Please note: If a change is made to any of the values on the Console screen, a re-cycle is required of all EPs. Whenever an update is made on this page, the following pop-up message will display: "Data updated succesfully. For this change to become effective, it requires restarting all instances of Event Processor" 27. IT36205/MFT-11866/TS005079378 (2021-06-24) Description of issue: Scheduled reports are failing to run in Jasper (thousands of old virtual work files found in: /web\ccbase\reports\temp\virt-xxxxxxxxxxxxxxxx. Description of fix: Added logic to remove the temporary virtual work files during engine startup and upon report execution completion to ensure proper cleanup. This is a follow-on fix to the original first fix attempt for this issue in the previous 6200 iFix06. 28. MFT-12172 (2021-06-25) Description of issue: Requirement to allow users to create custom reports. Control Center provides several out of the box reports that can be run on demand and schedule basis. These out of the box reports are generated using Jasper Reports Library. Description of fix: You can now create your own Jasper report using Jasper Report Sudio and use it within Control Center. Please refer to the Control Center online documentation for detailed instructions: https://www.ibm.com/docs/en/control-center/6.2.0?topic=reporting-custom-reports 29. IT37449/MFT-12262/TS005891894 (2021-06-25) Description of issue: Error during configCC caused by multiple MSSQL JDBC drivers at different levels in /lib/thirdparty and /web/ccbase/lib/ext directories. The presence of mssql-jdbc-9.2.1-jre8.jar caused a conflict. Description of fix: Added mssql-jdbc-9.2.1-jreX.jar files to a list used to delete all JDBC drivers for all JRE levels (not just JRE 8 levels) from /web/ccbase/lib/ext prior to installing the current user specified JDBC driver and exclude from the classpath. -------------------------------------------- 6.2.0.0 iFix08 (Released 05/11/2021) 1. IT36651/MFT-12027/TS005305922 (2021/04/22) Description of issue: Excessive database cursor usage resulted in reoccuring "ORA-01000: maximum open cursors exceeded" errors and/or seeing high database cursor usage by ICC. Description of fix: Reduced cursor usage by changing more logic to stop caching queries that would never be used again. 2. CC-5039 (2021/04/28) Description of issue: HTTP Error 500 javax.servlet.ServletException: org.apache.jasper.JasperException while launching the SCC launch page. Description of fix: Removed obsolete jasper jars from cdbrowser.war. 3. LS-68 (2021/04/29) Description of issue: configCC failed from 6.1.x upgrade to 6.2.0.0 (AUDIT_LOG gone and installer log missing from data collector). Description of fix: Corrected a reference to an upgrade script ccd1000001_iFix1_[dbtype]_changes.sql which did not get executed during configCC (name was missing an underscore). Also corrected the name of the the installation log in the data collector (i.e. IBM_Sterling_Control_Center_V6.2_Install_mm_dd_yyyy_hh_mm_ss.log). The version reference had been changed to uppercase beginning with 6.2.0.0 (i.e. v6.2 >> V6.2) 4. LS-55 (2021/04/29) Description of issue: INFO messages that are filling up Engine logs: "Adding stat with Unknown Process name ......". Description of fix: Changed this message from INFO to DEBUG as to not fill the logs. 4.1 IT36868/MFT-11976/TS004975555 (2021/04/30) Description of issue: The email test function in the web UI fails if the SMTP server requires authentication (i.e. System Settings >> Email Server >> Test). Description of fix: Corrected the Email Server test function to properly pass the username/password in the request. 5. MFT-12039 (2021/05/04) Description of issue: Required updates to address the following vulnerability: Upgrade Jar ICU4J - CVE-2020-10531 - CVSS 9.8 Description of fix: Applied updates to above components. 6. MFT-12040 (2021/05/04) Description of issue: Required updates to address the following vulnerability: Upgrade Jar Apache HttpClient - CVE-2020-13956 - CVSS 5.3 Description of fix: Applied updates to above components. 7. MFT-12041 (2021/05/04) Description of issue: Required updates to address the following vulnerability: Upgrade Jar Spring Framework - CVE-2020-5421 - CVSS 5.3 Description of fix: Applied updates to above components. 8. MFT-12043 (2021/05/04) Description of issue: Required updates to address the following vulnerabilities: Upgrade Jar - Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Serverr - CVE-2020-27218 - CVSS 5.8 + CVE-2020-27216 - CVSS 7.8 Description of fix: Applied updates to above components. 9. CC-5982 (2021/05/04) Description of issue: On switching from non secure CCM mode to secure configuration in all products mode (CCM/CCD), facing issue in downloading jnlp file, error in remoteUIURL api. Description of fix: Added in required file for configuring secure port and ssl. 10. MFT-12038 (2021/05/04) Description of issue: Required updates to address the following vulnerabilities: Upgrade Jar Apache Ant - CVE-2020-1945 - CVSS 6.5 / CVE-2020-11979 - CVSS 5 Description of fix: Applied updates to above components. 11. MFT-12105 (2021/05/04) Description of issue: Required updates to address the following vulnerabilities: Upgrade Jar CKeditor WYSIWYG editor: - CVE-2021-26271 CVSS 7.5 / CVE-2021-26272 - CVSS 7.5 / CVE-2018-17960 - CVSS 6.1 / CVE-2020-9281 - CVSS 6.1 Description of fix: Applied updates to above components. 12. MFT-12102 (2021/05/04) Description of issue: Required updates to address the following vulnerability: Upgrade Jar JasperReports - CVE-2018-18809 - CVSS 9.9 Description of fix: Applied updates to above components. 13. MFT-12036 (2021/05/04) Description of issue: Required updates to address the following vulnerabilities: Upgrade Jar IBM MQ - CVE-2020-4310 - CVSS 5.9 / CVE-2020-4320 5.3 / CVE-2019-4762 CVSS 5.9 / CVE-2020-4338 CVSS 5.1 Description of fix: Applied updates to above components. 14. MFT-12042 (2021/05/04) Description of issue: Required updates to address the following vulnerability: Upgrade Jar Guava: Google Core Libraries for Java - CVE-2020-8908 - CVSS 5.4 Description of fix: Applied updates to above components. 15. MFT-12124 (2021/05/05) Description of issue: Strengthen algorithm of encrypting internal keys. Description of fix: Changed key encryption algorithm. 16. MFT-12037 (2021/05/05) Description of issue: Required updates to address the following vulnerabilities: Upgrade Jar Hibernate ORM - CVE-2020-25638 - CVSS 7.4 / CVE-2019-14900 CVSS Description of fix: Applied updates to above components. 17. MFT-12138 (2021/05/08) Description of issue: CD Server definition was erroneously deleted after upgrading from 6.1.x. After the upgrade, the web UI has logic to query all the CD servers that do not have a value for CC_SERVER.DUAL_HOST_NAME column and updates the value. The query that retrieved the Servers did not have this additional condition: AND logicallyDeleted = 0. When this process posts a cluster event, it posts the cluster event for an already deleted server entity. And it causes the EP to delete an active server. Description of fix: Corrected the conditional query. 18. IT36829/MFT-12092/TS005514377/TS005581175/TS005596248/TS005552025 (2021-05-10) Description of issue: During server reassignment CC_SERVER.PROPERTIES entry for server becoming null rendering the server unable to be monitored. Description of fix: When server entities are updated, if up-to-date properties are not available from the node service, which happens when the node service is stopped, the logic was updated to no longer null out CC_SERVER.PROPERTIES. 19. MFT-12144 (2021/05/10) Description of issue: Upgrade to 6200 (from 6002 and 6130) fails in configCC, when using Oracle database. Description of fix: Added a check to skip execution of the offending script when upgrading with an Oracle database. -------------------------------------------- 6.2.0.0 iFix07 (Released 04/12/2021) 1. IT36373/MFT-11877/TS005005223 (2021-03-26) Description of issue: During SEAS Authenticated User logging into Web Console, "extended authentication check failed" error occurs. Description of fix: Fixed the issue by addressing the case mis-match while checking the existence of the user ID. 2. MFT-12007 (2021-04-06) Description of issue: Not able to schedule/automate the Server Status Report. The following message was displayed in the classic console when attempting schedule the report: "The following Report Types are not supported: Server Status Report". Description of fix: Corrected saved report type validation logic. 3. MFT-11749 (2021-03-25) Description of issue: Address vulnerablities: -General Information Disclosure CVE-2021-20529 CVSS 5.3 -Clickjacking in cdbrowser Description of fix: Removed webserver version from response / Upgraded to to latest cdbrowser.war file. 4. IT36496/MFT-11643/MFT-11775/MFT-11823/MFT-11824 (2021-04-07) Description of issue: Required IBM JRE upgrade to address the following vulnerabilities: -Flaw in the CertPath impl. allows bypass of cert. fingerprint checks - CVE-2020-14782 - CVSS 3.7 -User could gain unauthorized read access to java embedded accessible data. CVE-2020-114781 - CVSS 3.7 -Buffer overflow in widely used function writing characters to a file - CVE-2020-27221 - CVSS 9.8 -Unauthenticated attacker could cause a denial of service - CVE-2020-2773 - CVSS 3.7 Description of fix: Upgraded from 8.0.6.15 to 8.0.6.25. 5. MFT-11886 (2021-04-08) Decription of issue: Remove remaining sccwebstart.war Jasper dependencies (and remove Jasper jars). This is a follow-on fix to MFT-11885 in previous iFix06 where the Jasper jars had to be re-instated due to some remaining dependencies in some of the reports. Description of fix: Removed the remaining dependencies and removed all Jasper jars from sccwebstart.war. -------------------------------------------- 6.2.0.0 iFix06 (Released 03/19/2021) 1. IT35740/MFT-11783/TS004884358 (2021-01-29) Description of issue: Node messages shown in the Swing console sometimes include the full exception stack trace. Description of fix: Stopped appending the exception trace to the message text (in most cases) to be displayed by the Swing console. 2. MFT-11767 (2021-02-01) Description of issue: Unable to run CX Summary Report resulting in the following error messages: ERROR ScheduledReportsJob - Unable to generate report output. Exception Msg :Could not load the following font: pdfFontName: DejaVu Sans / pdfEncoding: Cp1252 / isPdfEmbedded : false Description of fix: Corrected font specification in the report template. 3. LS-62 (2021-02-04) Description of issue: When tracing is enabled for monitored Connect:Direct server the output goes to the console instead of the appropriate log file. Description of fix: Redirected console output generated by the CDAIJ to the appropriate log file via code changes in Control Center. 4. IT35755/MFT-11773/TS004868677 (2021-02-09) Description of issue: Default summarizer computed invalid transfer durations for SFG redeliveries. Description of fix: Adjusted summarizer logic to account for the fact that SFG redeliveres are done with the same process ID as the original deliveries and that those processes have multiple end events but a single start event. 5. IT35848/MFT-11764/TS004546288 (2021-02-09) Description of issue: AdHoc Reports do not allow the report to be saved as PDF, XLS, XML. Description of fix: Added a new "Report Output Format" selection screen in the report wizard which allows the user to select one of the following formats: HTML, PDF, CSV, Single sheet XLS, Multi Sheets XLS. HTML is the default. 6. MFT-11803 (2021-02-09) Description of issue: Warnings generated in engine log when updating Servers in swing console: Warning: Neither heartbeat interval nor polling interval was specififed for [server name] Description of fix: Removed warning message. 7. MFT-11799 (2021-02-09) Description of issue: After exporting and importing config to a new instance, when admin user first logs in to web UI, it prompts for email address. This would seem to indicate that the email address, which was already defined in the instance when config was exported, is not being included in export. Description of fix: Corrected logic to correctly import the admin user email address. 8. MFT-11800 (2021-02-09) Description of issue: Port to maint branch RUNBATCH allows creation o a user with no pasword. Description of fix: Added logic to verify password is present and conforms to password policy. 9. CC-4336 (2021-02-09) Description of issue: Audit log entries for changes to System Settings are not showing up in ICC Conig Changes Audit report. Description of fix: Corrected audit log logic to correctly display System Setting objects in the report. 10. MFT-11801 (2021-02-10) Description of issue: Logger errors running exportConfig.sh Description of fix: Corrected casing of the following reference in some scripts/xml files: FROM configEximLogger.xml TO ConfigEximLogger.xml 11. MFT-11798 (2021-02-10) Description of issue: Engine will not start after importing configuration with DVG-restricted Role. Description of fix: Moved reference to VisibilityService.xml to a common startup services list. 12. MFT-11802 (2021-02-10) Description of issue: DB Info statistics panel not displaying correct record count. Description of fix: Corrected panel display. 13. IT35963/MFT-11781/TS004901712 (2021-02-12) Description of issue: IBM Control Center classic console fails to open when launching sccwebstart.war, while downloading a jasper jar file, resulting in the following stack trace error message: java.io.IOException: Server returned HTTP response code: 503 for URL: host-name:port/webstart/lib/Jasper_Jars/jasperreports-6.7.0.jar Description of fix: Removed obsolete jasper jar files from sccwebstart.war 14. IT35971/MFT-11766/TS004818440 (2021-02-12) Description of issue: Error while processing osa event :: NullPointerException","statusCode":"BAD_REQUEST","statusCodeValue":400} Description of fix: Added guard code to check for unconfigured parameters. 15. MFT-11817 (2021-02-14) Description of issue: Cannot enable node discovery for servers that use cert based authentication. Description of fix: Allow for discovery if a secure protocol in in use. 16. IT35892/MFT-11695/TS004688667 (2021-02-17) Description of issue: High cursor count associated with Control Center in Oracle database Description of fix: The query used to obtain the events needed to summarize processes was being cached by Control Center, causing a cursor to be left open as long as it was, but there's no point in caching those queries as they're never used again, so the fix was to stop caching them. 17. CC-4945 (2021-02-18) Description of issue: Getting exception: Invalid new install bundle Description of fix: Modifed error message to include install bundle ID. 18. IT36004/MFT-11851/TS004956346 (2021-02-27) Description of issue: CCTR135I slow inserts into EVENTS occurring Description of fix: Changed some queries used for MSSQL servers related to handling alerts, improved the logic used to automatically handle alerts, and added a new index to CC_PROCESS for MSSQL server databases. 19. MFT-11846 (2021-03-01) Description of issue: Duplicate records in NODE_TYPE table caused shutdown. This condition can exist if an old 5.4.2.2 release is upgraded to a 6.x release. The following error mesages were displayed in the engine log. ERROR SQLExceptionShutdownHandler - ** SQLExceptionShutdownHandler entered with sqlex=java.lang.IllegalStateException: Found more than one NodeType with NODE_TYPE "3"! ERROR SQLExceptionShutdownHandler - ** Event not updated or details on what was being done when error occurred -> Found more than one NodeType with NODE_TYPE "3"! ERROR SQLExceptionShutdownHandler - Found more than one NodeType with NODE_TYPE "3"! Description of fix: Added logic to check if the NODE_TYPE table contains a primary key. If there is no primary key, the table is re-created with primary key and re-populated with one of each NODE_TYPE (i.e. DROP, CREATE, INSERT). 20. MFT-11885 (2021-03-03) Description of issue: The following reports cannot be created in the classic console after implementing MFT-11781: [Configuration Management/all reports], [Monitoring/High Watermark Report], [Audit/Sterling Connect:Direct Configuration Changes Audit Report]. Some jars were removed from sccwebstart.war believed to have no remaining dependencies across all reports. Description of fix: Re-instated the previously removed Jasper jars in sccwebstart. There will be a follow-on fix to eliminate the remaining dependecies on these jars from the reports mentiond above, so they may be removed again later. 21. MFT-11908 (2021-03-08) Description of issue: See null pointer exceptions, and node services are started and stopped multiple times when server reassignments are performed. Description of fix: Adjusted the logic that handles server updated cluster events to ignore them if the server was in the process of being reassigned. 22. IT36169/MFT-11928/TS005067737 (2021-03-10) Description of issue: Customer wanted to use the embedded flag expression (?s) in the regex for a milestone parameter value but the existing validation logic would not permit parenthesis to be specified in the value Description of fix: Updated validation logic to allow parenthesis to be specified. 23. IT36205/MFT-11866/TS005079378 (2021-03-12) Description of issue: Scheduled reports fail to run due to a problem creating temporary tables. Description of fix: Added logic to detect if the temp tables normally used during report execution fail to be created. If so, use a CSV file instead to create the report. 24. IT36206/MFT-11831/TS005021428 (2021-03-12) Description of issue: Automated reports are not being emailed, resulting in the following error message found in the engine.log: CRPT038E Error while trying to send E-Mail message. Error message : Access to default session denied Automated Report Group : [report-group] Schedule : [schedule-name] Schedule Time : hh:mm Report Name : [report-name] Description of fix: Modified the email send function to create a new session instance, instead of using the default session instance. 25. IT36247/MFT-11878/TS005095362 (2021-03-12) Description of issue: User getting HTTP ERROR 503 Service Unavailable when trying to access the web UI. The cause of this was an SQL syntax error due to the existence of 1000+ user roles being defined. The following error was displayed in ccweb.log: Caused by: java.sql.SQLSyntaxErrorException: ORA-01795: maximum number of expressions in a list is 1000 Description of fix: Modified the logic which constructs the query to limit each IN clause to a maximum of 999 items. 26. IT36273/MFT-11870/TS005076913 (2021-03-16) Description of issue: Reinstalling to a deleted/cleared directory fails. Description of fix: Update CCNameConfigurator to treat this as if installation.propeties had AGENT_NAME_INSTALLED=true and CCENTER_NAME=existing_ep_name specified. 27. IT36274/MFT-11903/TS005023041 (2021-03-18)MFT-11903: TS005023041 - High CPU on EPs that are not the CEP Description of issue: High CPU on EPs that are not the CEP. Description of fix: Changed the DeploymentService, a CCD service, to only run when it is on the CEP. Other changes made include moving the DeploymentService.xml and LicenseDataCollectorService.xml configuration files to the database at startup, and allowing their values to be modified via the ICC Web interface. 28. IT36282/MFT-11945/TS005212567 (2021-03-18) Description of issue: Java jar signing certificate expired on 2021-03-14, at which time users could no longer launch the classic console via webstart because the jars were not signed with a timestamp. Description of fix: Implemented a new jar signing process using a current certificate and also turned on the the jar signing timestamp. This timestamp is used to verify the code was signed prior to the certificate's expiration date. -------------------------------------------- 6.2.0.0 iFix05 (Released 01/22/2021) 1. CC-4221 (2020-11-27) Description of issue: CognosStopper erroneously called during self initiated shutdown due to a database outage. The following error messages occurred in the engine.log: ERROR CognosStopper - CRUL041E Error while invoking user operation: CognosStopper for rule: CognosStopper ERROR CognosStopper - Cannot run program "/bin/sh" (in directory "/Cognos/bin"): error=2, A file or directory in the path name does not exist. Description of fix: Removed the call to the deprecated code. 2. CC-4095 (2020-11-30) Description of issue: Multiple bundle are getting added with same name from CCD UI Description of fix: Updated database upgrade scripts to ensure a unique index is created on CC_BUNDLE table to prevent multiple bundles with the same name. 3. CC-3901 (2020-12-01) Description of issue: After upgrade of CCD installer from 1.2 to 6.2 if we do not confirm truststore and keystore and reconfirm it second time getting truststore already been used error. Description of fix: Added logic to detect and recover from duplicate truststore. 4. CC-4222 (2020-12-01) Description of issue: Unable to delete tokens message in Jetty log as follows: main] c.a.a.s.ScheduledAuthenticationTasks :Error while deleting Tokens :: [ACCESS: [token here - long character string] Description of fix: Corrected logic to delete tokens. 5. CC-4126 (2020-12-01) Description of issue: Server export is exporting only first page data irrespective of navigation of list Description of fix: Corrected logic to export all servers (not just the currently displayed page). 6. CC-4199 (2020-12-02) Description of issue: Users added with Web console do not set time zone preference, resulting in Swing console NullPointerException. Description of fix: Set default timezone setting to UTC. 7. CC-1853 (2020-12-02) Description of issue: Search is disabled if filter is made hidden with the filter icon toggle Description of fix: Corrected filter icon toggle processing leave search enabled. 8. MFT-11625/IT35132/TS004557926 (2020-12-02) Description of issue: StartWebAppServer.bat will fail if %DATE% has a comma in it. Description of fix: Remove a date/time entry from the name of the jettyStartup log file. 9. MFT-11667/IT35201/TS004500628 (2020-12-09) Description of issue: The web UI is not loading, although port 58082 is up. HTTP 503 error. This was caused by two MSSQL JDBC drivers at different JRE levels both in a directory. The presence of both correct/invalid drivers (mssql-jdbc-8.4.1.jre8.jar/mssql-jdbc-8.4.1.jre14.jar) caused a conflict. Description of fix: Added logic in configCC to delete all JDBC drivers for all JRE levels (not just JRE 8 levels) from /web/ccbase/lib/ext prior to installing the current user specified JDBC driver. 10. CCP-12386 (2020-12-09) Description of issue: Missing permissions cause install/configuration failures. Description of fix: Added code to check required database permissions before proceeding. 11. CC-4036 (2020-12-10) Description of issue: Intermittent NPE when starting an EP as it starts monitoring its servers Description of fix: Fixed the logic that caused this. 12. LS-38 (2020-12-10) Description of issue: Users use the EST time zone errouneously thinking it supports Daylight Saving Time when they really should use the time zone named America/New_York Description of fix: Logic added to remove EST as a choice and to update current usage to be America/New_York. The one area that may require manual modifications are reports. Scheduled reports using EST will be updated, but report criteria specifying EST will have to be manually updated. 13. CC-3572 (2020-12-10) Description of issue: Counts displayed of active Swing console users can be incorrect. Description of fix: Logic added to address incorrect Swing console user counts. 14. IT35194/CC-4313/MFT-11633/TS004561575 (2020-12-10) Description of issue: Tag mapped value not being set consistently. This occurred whenever the value came from XML string and contained a new line character or other non-alphanumeric characters. Description of fix: The logic used to extract the tag mapped value from XML string was updated to account for any valid value, including new line characters. 15. IT34943/CC-4314/MFT-11546/TS004390039 (2020-12-10) Description of issue: ICC doesn't recognize the 'replication' events from Global Mailbox Description of fix: The real issue was ICC when ICC determined that the GM server went down, it set the status of all the servers components to UNKNOWN, resulting in red lines that never changed because new status events from the components are not sent when the GM server restarts. So rather than change the status of an OSA servers components to UNKNOWN when the OSA server is determined to be down, the status of its components will be left as they are.. Also, before this update, when heartbeat event received, server's status would only be changed to up/active if its status was down or unknown. Now the status will be changed to active, and a server up event broadcast, if it was not in an active status before receiving the heartbeat event. 16. CC-4037 (2020-12-10) Description of issue: Errors in engine log when deleting B2B server in multi-EP system Description of fix: Logic that caused errors to be logged has been fixed. 17. CC-3941 (2020-12-10) Description of issue: Performance problems caused when using Swing console in multi-EP environment. Description of fix: In a multi-EP environment, requests for data made by Swing consoles are sometimes forwarded to other EPs, which has a negative impact on performance. The bulk of these remote procedure calls have been eliminated for data from monitored Connect:Direct servers and for Connect:Direct File agents. 18. IT34944/CC-4315/MFT-11576/TS004456801 (2020-12-10) Description of issue: ICC shows SEAS down, even though SEAS up. Description of fix: New diagnostic ability added to the EventProcessorService, which handles OSA events for processing. Specifically a new log file, EventProcessorServiceEvents, was added to allow all OSA data received, from servers like SEAS and GM, to be seen. If the EngineLogger.xml is updated, such that debug level logging is enabled for EventProcessorServiceEvents, all events processed by the EventProcessorService will be written to the EventProcessorServiceEvents log file. 19. CC-4216 (2020-12-10) Description of issue: Weak cipher suites warning message appears in jetty log. Description of fix: Disabled weak cipher suites which caused the warning message from jetty default log files 20. CC-3838 (2020-12-10) Description of issue: Slow running Server Inventory report. Description of fix: Eliminate remote calls to EP when when this report is run in cluster mode. 21. MFT-11472 (2020-12-11) Description of issue: Upgrade from 6.0.0.x with a STAG database to 6.2.0.0 fails. After running configCC, engine startup fails with the following error message: ERROR CCEngine(CCenter) - CCTR142E The Event Processor name has not been properly configured since its location is not set. Please run configCC to configure event processor name. Name: CCenter Description of fix: Corrected logic to properly reference both the PROD and STAG database connection pools as needed. 22. CC-3782 (2020-12-14) Description of issue: Audit log creating multiple entries for adding SNMP host and other objects in System Setting. Description of fix: Modified logic to create audit log entry for add and delete. 23. MFT-11481 (2020-12-16) Description of issue: Unable to login in web console after upgrading to ICC 6.2 Description of fix: Corrected Oracle upgrade scripts. 24. CC-4219 (2020-12-17) Description of issue: Web App log messages are in different time zone than the Jetty Log messages Description of fix: Corrected logging configuration files to use consistent time zones. 25. LS-52 (2020-12-17) Description of issue: Oracle JDBC driver ojdbc10.jar remained in /lib/thirdparty after having been erroneously specified during configCC. When the customer ran configCC again to specify the correct ojdbc8.jar, the presence of both correct/invalid drivers (ojdbc8.jar/ojdbc10.jar) caused a conflict. Description of fix: Added ojdbc10.jar to a list of drivers to ensure it is excluded from the classpath (i.e. only the current JDBC driver is added). 26. CC-4009 (2020-12-17) Description of issue: Cannot enter initparms for license and install agent on CDW and CDU servers. Description of fix: Add support for the new fields. 27. MFT-11468 (2020-12-17) Description of issue: Json documentation fot heartbeat interval listed to value as a string and not a number. Description of fix: Change code to accept a sting that is a number with a warning as well as a number. 28. CC-4215 (2020-12-21) Description of issue: Monitor rest time ignored for CD servers with manage and monitoring turned off. When a CD server is configured with both Do not monitor and Do not allow configuration management selected, the internal logic in the CD Node service ignores the monitor rest time and polls the server every 60 seconds. Description of fix: Corrected logic to always use monitor rest time, regardless of the settings for Do not monitor and Do not allow configuration management. 29. CC-4375/MFT-11718 (2020-12-21) Description of issue: Error occurs importing monitored server from exported configuration at startup while processing the server's time zone value. Description of fix: Logic used to ascertain time zone from database treated the time zone ID as a numeric value instead of the string it is. This was fixed. 30. CC-4255 (2020-12-21) Description of issue: Servers configured to not be monitored or managed had a fixed monitor rest time of one minute instead of honoring the configuring monitor rest time. Description of fix: Logic changed to honor the configured monitor rest time even for servers not monitored or managed. 31. CC-4362 (2020-12-23) Description of issue: Database purge and movement timed scheduling not working properly. Note daily scheduling works fine. Description of fix: Correct tome zone handling. 32. MFT-11650 (2020-12-28) Description of issue: Can not access the Web Console, gets error HTTP ERROR 503 Service Unavailable. This was caused by a program referencing table lowercased column name instead of uppercased. Following error message found in ccweb-yyyy-mm-dd.log: [ main] o.h.e.j.s.SqlExceptionHelper : Invalid column name 'm_version'. Description of fix: Corrected code to referenced columns names in uppercase. 33. LS-35 (2020-12-28) Description of issue: I have multiple Connect Direct servers not U/W/Z defined in CCD/CCM and they show in the CCD Web Console, but the CCD Dashboard OS Distribution does not show these as part of Unknown or as the platform they are. CD i5/OS servers are not being counted. Description of fix: Corrected logic to count/display OS distributions as expected in categories: Unix, Unknown, Windows, Z/OS. 34. CC-4213 (2020-12-29) Description of issue: Bad error text when adding a duplicte SNMP host (i.e. error message pop-up box only partially display). Description of fix: Corrected error display. 35. LS-47 (2020-12-29) Description of issue: Error messages with stack trace written to engine.log when executing startWebAppServer.sh due to a normal InteruptedException. Beginning of of stack trace messages follow: [StreamConsumerThread - //bin/startWebAppServer.sh] ERROR StreamConsumer - RULE011E Error while executing user operation: //bin/startWebAppServer.sh Stack Trace: java.io.IOException: Stream closed at java.io.BufferedInputStream.getBufIfOpen(BufferedInputStream.java:181) Description of fix: Removed logic which catches this type of exception. Processing continues as normal (but without displaying the stack trace). 36. CC-4101 (2020-12-30) Description of issue: Users and Roles summary report shows incorrect IP address for logged in user. Description of fix: Corrected report. 37. CC-3724/CC-4086/MFT-11716 (2020-12-30) Description of issue: CCM 6.2>User having view permission on system setting not able to view Audit Logs Swing UI. Description of fix: Corrected permissions checking to properly allow audit logs visibility. 38. CC-4208 (2021-01-03) Description of issue: Misspelling on Successful Windows Installation Dialog. Description of fix: Correct dialog display. 39. LS-19 (2021-01-03) Description of issue: Errors in install logs are confusing customers (i.e. multiple occurrences of the following message): ERROR Unable to locate appender "B2BConversionAppender" for logger config "B2BConversion" (multiple occurrences of this line) Description of fix: 40. CC-4414 (2021-01-04) Description of issue: Non-admin users unable to update custom views, properties for web console, caused by erroneous authentication failure for non-admin user. Description of fix: Corrected authentication parameter. 41. MFT-11589 (2021-01-05) Description of issue: Required updates to address the following vulnerabilities. CVE-2020-1953 CVSS 7.5 - ccroot/lib/thirdparty/commons-configuration2-2.7.jar CVE-2012-5784 CVSS 5.8, CVE-2014-3596 CVSS 5.8, CVE-2018-8032 CVSS 4.3 , CVE-2019-0227 CVSS 5.4 - ccroot/lib/thirdparty/axis-ant.jar Description of fix: Applied updates to above components. 42. CC-4365 (2021-01-05) Description of issue: In License API , historical usage, no of servers are coming up as blank Description of fix: Corrected logic to display historical usage. 43. CC-4433 (2021-01-07) Description of issue: Connection type,connection timeout and status monitor rest time are getting displayed as blank on editing server. Description of fix: Corrected display logic. 44. CC-4482 (2021-01-07) Description of issue: Required update to address vulnerability dom4j: flexible XML framework for Java CVE-2020-10683 CVSS 7.5 Description of fix: Removed affected obsolete jar file: /lib/Cognos_Jars/dom4j-1.6.1-osgi.jar 45. LS-53 (2021-01-08) Description of issue: ConfigureEntitlement locks up when customer tries running the script (configureEntitlement.sh) with the following console error message: Exception while executing com.sterlingcommerce.scc.agent.install.EntitlementConfigurator:java.lang.RuntimeException: java.sql.SQLSyntaxErrorException: ORA-00942: table or view does not exist Description of fix: Correct configuration logic. 46. MFT-11719 (2021-01-10) Description of issue: Configuration Changes Audit Report does not show or allow editing of servers/groups. Description of fix: Corrected logic in the classic console to initialize all report subpanels allowing fields to be displayed/edited. 47. CC-4403 (2021-01-11) Description of issue: Getting FilenameEventTypeFilter exception while upgrading installer from CCD 1.2 to 6.2 with the following error in ccinstall.log: UPDATE CC_SEERVER SET TIMEZONE_ID - timezone.TIMEZONE_ID FROM CC_SERVER server, CC_TIMEZONE timezone WHERE NODE_TYPE_ID NOT IN(0,99,98) and NODE_TYPE_ID is NOT NULL AND timezone.IANA_CODE = server.TIMEZONE_ID SQL Error 209 Error: Ambiguos column name 'TIMEZONE_ID' Description of fix: Corrected SQL upgrade scripts to properly set timezone in CC_SERVER table. 48. CC-4526 (2021-01-12) Description of issue: Setting B2Bi server BP selection to be not monitored reverts back to monitored (i.e. Server Properties >> Settings >> Selected Business Process to be: Monitored / Not Monitored) Description of fix: Corrected logic to preserve the udated setting. 49. CC-3819 (2021-01-12) Description of issue: Requirement to upgrade cdbrowser.war to address the following vulnerability: CVE-2020-8022 CVSS 3.1 Description of fix: Upgraded cdbrowser.war with fix. 50. MFT-11715 (2021-01-14) Description of issue: Not able to update CD Server license settings from Swing UI (i.e. agent.enable and agent.installation_id) Description of fix: Updated a validation properties table to allow these arameters. 51. CC-4532 (2021-01-14) Description of issue: Error when an OSA (SEAS) server and server group is first created, resulting in the following error message: [ClusterEventMonitor] ERROR ClusterEventMonitor - Exception occurred processing configuration changed event Configuration Changed(nnn, day mon dd hh:mm:ss TZ yyyy, Monitor_event_repository, ) in com.sterlingcommerce.scc.agent.services.security.ServerGroupMgr java.lang.RuntimeException: CUSR007E User not found for user ID: Unknown Description of fix: Corrected to skip updating user role when creating a new server group due to a cluster event because there is no user id in this type of request. 52. CC-4277/MFT-11729 (2021-01-15) Description of issue: Cannot view any Staging DB or production DB Movement information in the web UI. Description of fix: Corrected logic to properly display the information. 53. CC-3820 (2021-01-15) Description of issue: Requirement to address the following vulnerability in Apache log4j: CVE-2020-9488 CVSS 3.1 Description of fix: Updated affected classes in Apache ActiveMQ 5.15.14. 54. CC-4554/CC-3819/CC4555 (2021-01-21) Description of issue: Multiple issues addressed in cdbrowser.war file (ClassNotFoundException / jasper.jar causing conflicts) Description of fix: Upgraded cdbrowser.war file with missing class added and removal of jasper.jar. -------------------------------------------- 6.2.0.0 iFix04 (Released 11/20/2020) 1. IT34725/MFT-11516/TS004361714 (2020-10-25) Description of issue: After ugrading from CCD 1.0.0.2 to 6.2.0.0 the engine fails to start with a java exception on the Name or Alias name too long. Description of fix: Made changes to ensure a CD server alias name is restricted to 25 characters and a unique hashed code is appended to a discovered server with duplicate name. 2. MFT-11541/TS004405705 (2020-10-29) Description of issue: Engine startup fails with a NullPoinerException (ServerGroupMgr.init failed) with the following error message: CCTR023E Start Service failed. Service: Agent:Name=CCEngineService,Type=0. This was caused by a service name entry placed in the wrong service startup list. Description of fix: Moved file entry "MetricsServices.xml" from monitorServicesList.txt to commonServicesList.txt. 3. CC-4035 (2020-11-02) Description of issue: When creating a role in the Control Center Director web UI, a server group of "ZZZZJAVA_CONSOLE_REDIRECT" is erroneously displayed in the "Select Server Groups" screen. Description of fix: Corrected logic to only populate the selection screen with valid server groups. 4. CC-4115/CC-4128 (2020-11-04) Description of issue: Unable to change SEAS persistent connection setting in Web UI. When changing Persistent Connection setting in the web UI, it sets incorrect XML tag persistenetConnection (instead of correct tag persistentConnection). The result is both tags present in XML, but the operative one remains unchanged. Description of fix: 5. IT34851/MFT-11555/TS004412991 (2020-11-07) Description of issue: The web UI is not loading, although port 58082 is up. HTTP 503 error. This was caused by an older JDBC driver erroneously remaining in a directory. The presence of both old and current drivers caused a conflict. The following error messages were dislayed in the web log (/web/ccbase/logs/ccweb_yyyy-mm-dd.log): Driver does not support get/set network timeout for connections. (java/sql/Connection.getNetworkTimeout()I) Failed to execute isValid() for connection, configure connection test query (java/sql/Connection.isValid(I)Z). Description of fix: Added logic in configCC to delete all JDBC drivers from /web/ccbase/lib/ext prior to installing the current user specified JDBC driver. 6. CC-4192 (2020-11-09) Description of issue: Getting invalid option in overflow menu for package in Control Center Director web UI. Description of fix: Corrected logic to not show any invalid overflow menu option. 7. IT34785/MFT-11564/TS004439237 (2020-11-10) Description of issue: configCC fails with error message: "ERROR DBConn - Not a valid MSSQL JDBC Driver" when specifying mssql-jdbc-8.4.1.jre8.jar Description of fix: Updated a list of all valid MSSQL JDBC drivers. 8. IT34934/MFT-11560/TS004416401 (2020-11-16) Description of issue: Cannot logon to the classic console getting either of the following error messages: "CSEC001E Either User Name or Password is invalid" or "ControlCenterMessages: extended authentication check failed". This occurs if a user attempts to logon using a secure connection and the keystore/truststore is invalid. This only occurs if the user logs into the web UI and then clicks on the hamburger menu and then clicks on the "Launch Classic Console" link. This error will not occur if the user logs onto the classic console navigating from the Control Center Launch Page by click the link on the web UI logon page. Description of fix: Set a system property to correct the problem. 9. IT34926/MFT-11574/TS004500628 (2020-11-16) Description of issue: The web server failed to initialize due to a mixed case column name definition. The following messages were found in /web/ccbase/logs/ccweb_yyyy-mm-dd.log: "SQL Error: 207, SQLState: S0001" and "Invalid column name: 'PROP_Value'". This error occured because the customer specified a collation setting of SQL_Latin1_General_CP850_BIN which is case sensitive. When a case sensitive collation setting is specified, both column name and value are treated as case sensitive in a SQL query. Description of fix: Changed a reference to a column name in the X_PROPERTY table from: "PROP_Value" to "PROP_VALUE". 10. LS-45 (2020-11-18) Description if issue: The following obsolete configCC console message is displayed during keystore/truststore configuration: "Warning: If you specified a new truststore file path, then you must reconfigure your Cognos HTTPS connection". Description of fix: Removed the warning message. -------------------------------------------- 6.2.0.0 iFix03 (Released 10/29/2020) 1. CC-3928 (2020-10-19) Description of issue: New CCM only install with Oracle DB throws exception in configCC: ERROR DeploymentJobMonitor - java.sql.SQLException: ORA-01003: no statement parsed. Description of fix: Added guard code to check for a null value to prevent the exception. 2. LS-40 (2020-10-19) Description of issue: Upgrade from CCM 613 shows CD servers with out address or port. Description of fix: Set hostname and port of CD server on upgrade. 3. CC-3971: (2020-10-19) Description of issue: Update Status count is not corrected on CCD dashboard. Description of fix: Corrected code to update status counts. 4. CCP-16878 (2020-10-20) Description of issue: When filtering based on Event Return Code under MQMFT FIle Transfer Report, it never comes with return codes as 40. We can see the return codes coming as 0,1,2 and 8 instead of standard MQ FTE return codes like 20,40, etc. Return code 40 means transfer fails and none of the files specified transferred. But in this report we show data of only successful transfer. So we won't be able to show return code 40 in the report. Description of fix: Removed return code filter from the MQMFT Report. 5. CC-4005 (2020-10-21) Description of issue: Enhancement to add source file to Connec:Direct Process Details report. Description of fix: Added new column "Source File Name" to the report. 6. CC-3800 (2020-10-21) Description of issue: NullPointerException in engine.log when CD Unix does nightly statistics archiving. Description of fix: Added guard code to check for a null value to prevent the exception. 7. CC-4043 (2020-10-22) Description of issue: User created on CCD 1.2 installation is not getting logged in after upgrading to 6.2 ifix01/02 Description of fix: Corrected logic to allow users login after upgrade. 8. CC-4040 (2020-10-22) Description of issue: Account lock message is not displayed when trying to reset password from CCD user details page for user having account locked. Description of fix: Corrected logic to display error message: "AUTH005E: Account is locked" 9. CC-4072 (2020-10-22) Description of issue: C:D server node name should be limited to a length of 16 on the "Overrides for Individual Servers" screen. Description of fix: Corrected "Node Name" input field edit check to allow a max length of 16. 10. IT34725/MFT-11516/TS004361714 (2020-10-25) Description of issue: Control Center Director Engine Startup failed after CCD was upgraded from 1.0.0.2 to the latest 6.2. The engine fails to start with a java exception due to the C:D server Name or Alias name too long (i.e. length greater than 16). Description of fix: Made changes to prevent installed CD server node names chosen by ICC from being too long. 11. CC-4075 (2020-10-25) Description of issue: On servers's create form (i.e. Add C:D Server >> Server Name / Alias Name), limit length of name field to 25 characters. Description of fix: Changed input max length check to 25. 12. CC-4022/CC-4065 (2020-10-27) Description of issue: CCD-New CD Win install package - DB password is specified but says that password is required with error meesage: "NWIN004E: Database password is mandatory for Windows OS". Description of fix: Corrected input field edit for "DB Password". 13. CC-4067 (2020-10-27) Description of issue: CCD Server list view - "Node name" column is incorrect. It should be changed to "Server Alias/Name". Description of fix: Changed column name. -------------------------------------------- 6.2.0.0 iFix02 (Released 10/16/2020) 1. CC-4031 (2020-10-16) Description of issue: [CCD] License information is not displayed for Connect:Direct z/OS servers in the "License" tab. Description of fix: Corrected logic which retrieves the license information for display. 2. CC-3985 (2020-10-16) Description of issue: [CCD] Multi-select delete does not delete all the archived packages. Description of fix: Made modifications to disable overflow menus when one or more rows are selected on listng pages. 3. CC-4059 (2020-10-16) Description of issue: Cold start flag is erroneously set in runEngine.sh script, causing loss of data at engine start (i.e. runEngine.sh behaves same as runEngineCold.sh). Description of fix: Removed property -DCOLD_START=true from runEngine.sh. This issue/fix applies to AIX/Linux/zLinux installations. Windows is not affected by this. -------------------------------------------- 6.2.0.0 iFix01 (Released 10/15/2020) 1. CC3505 (2020-09-18) Description of issue: Jetty webserver version is returned in response headers. This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Jetty. Description of fix: Setting property jetty.httpConfig.sendServerVersion=false in start.ini for hiding server the version. 2. IT34297/MFT-11373/TS004107066 (2020-09-22) Description of issue: Getting out of memory error on all but the CEP when adding multiple servers via batch creation utility. Also found that when initiating startHtmlAdaptor on command line, control is not returned, and CTRL-C doesn't break out of the command. Description of fix: As servers are added, the built in server groups are also updated appropriately. When 1000s of servers already exist, and 100s more are added quickly, the previous logic would keep the before and after server groups as servers are added, for each server added, in memory. With this fix, only one, before and after server group will be in memory at a time now. Also, for the startHtmlAdaptor problem, a System.exit() was added to the logic, and control is now returned when it completes. 3. CC-3729 (2020-09-22) Description of issue: Inconsistent password restrictions between config.bat/sh rules and Web UI change password rules. Description of fix: Set the same the same restrictions in config as are defaulted to in the Web UI. 4. CC-3896 (2020-09-22) Description of issue: SynchObject time for CD Configobjects has value "never" but NodeConfigService logic only accepts "NEVER". The system was creating a bunch of jobs to run to refresh servers for monitored C:D servers despite the fact that the synch time was set to "never". The engine.log display the following: "Unable to calculate delay before next SynchOjbectsTask" Description of fix: Changed the comparison to be case insensitive (i.e. NEVER, never, NevEr, etc, are all treated the same). 5. CC-3832 (2020-09-23) Description of issue: Server Inventory report from swing connect to different EPs, it only shows certain data for Servers that are monitored by that EP. otherwise data is blank or defaults to a value. Server Type, Node Name, Monitor, Configure, License Push and perhaps other fields are affected. Description of fix: Made changes to obtain the missing data for servers monitored by all EPs. 6. CC-3624 (2020-09-23) Description of issue: In the Swing UI, Functional Auth properties, the Admin field selection is not set. Since there is no explicit field name 'admin' in CD Windows, this field should not be displayed for CD Windows functional authorities. Whether the user selects any option or not, it still works. Description of fix: Disabled the Admin radio button on the Windows Functional Authority Properties. 7. CC-3781 (2020-09-24) Description of issue: Saved report listing in Web UI should be sorted by name, same as in the classic console. Description of fix: Corrected the web UI saved reports sort order. 8. CC-3860 (2020-09-25) Description of issue: Not able to run engine after enabling user key. Description of fix: Corrected userkey logic. 9. CC-3783 (2020-09-28) Description of issue: Blank row displaying at the end of Monthly File report which does not contain any data Description of fix: Removed erroneous blank row. 10. CC-3861 (2020-09-28) Description of issue: Error in partitioning of AUDIT_LOG with DB2 if DB2 database is 1 date ahead of current system database Description of fix: Corrected AUDIT_LOG partition logic which calclates the minimum partition date. 11. CC-3882 (2020-09-28) Description of issue: Error running config.sh when upgrading from 6.1.3 with DB2 10.x database. The resulting SQL error in ccinstall.log follows: Error code : InstallErrorCodeList.4008 / Error : DB2 SQL Error: SQLCODE=-440, SQLSTATE=42884, SQLERRMC=CHARACTER_LENGTH;FUNCTION, DRIVER=4.19.49 Description of fix: Made a SQL statement correction to upgrade script cc6020000_configCC_db2_changes.sql 12. IT34057/MFT-11393/TS004094974 (2020-09-28) Description of issue: Automated and scheduled reports do not run after upgrade to 6130. The following error message is written to the engine.log: "dd yyyy hh:mm:ss,nnn nnnnnnnnn [DefaultQuartzScheduler_Worker-10] WARN CCObject - File /rep.xml must be available and writable. Error message is: /rep.xml (Read-only file system)." Where: = home directory of the user who executed runEngine.bat|sh. Control Center writes temp file rep.xml to user.home when automated/scheduled reports are run. In this particular case, the customer had a requirement that the user's home directory (user.home) be read-only. Description of fix: Created a new optional property in /conf/InstallationInfo.properties to change user.home to a different (writeable) location: CCENTER_USER_HOME=. Example: CCENTER_USER_HOME=/data/control-center/user-home 13. CC-3881 (2020-09-29) Description of issue: Automated report in PDF format is truncated when there is a lot of data. Description of fix: Corrected report by allowing long rows to wrap instead of being truncated. 14. CC-3623 (2020-10-01) Description of issue: EP detail view in WEB UI shows a Cognos entry for report recovery time. Description of fix: Remove display of Cognos entry. 15. CCP-14679 (2020-10-01) Description of issue: Support for CDU initparm instance.id. Description of fix: Update tables for new initparm. 16. CC-3631 (2020-10-08) Description of issue: Alert count does not match alerts displayed. Description of fix: Include SLC generated alerts and update tab to show alert count is active plus handled. 17. CC-4021 (2020-10-09) Description of issue: There are two issues fixed for this defect. The CEP doesn't always cancel temporary server reassignments at startup, leaving servers temporarily reassigned away from the CEP even though they should not be, AND under certain circumstances monitored servers may be errouneously deleted when the CEP sees an EP starting that was previously down. If the database contains two servers with the same name, one logically deleted, and one not, and the server that was logically deleted was assigned to the EP just starting, the CEP errouneously reassigns the deleted server back to its EP, and that EP will attempt to delete it (again), causing the monitored server with that same name to be deleted from the system instead. Description of fix: For the first problem, fixed the logic at startup to ensure the CEP knows it is the CEP at startup, so temporarly server reassignments are always cancelled. For the second problem, fixed the queries used to ascertain servers to be reassigned to exclude logically deleted servers. 18. CC-3987 (2020-10-09) Description of issue: Bootstrap Certificate Validity field allows to specify the value up to 600 even though it is limited to 90 days (in CCD Server Default Settings), Description of fix: Corrected the validation logic to allow the max of 90 days. 19. CC-4025 (2020-10-09) Description if issue: Selected Data Visibility Group Count mismatch Description of fix: Corrected DVG count. 20. CC-4017 (2020-10-09) ???? maybe removed this from fix list ???? Description of issue: Packages filter height issue for diff resloution css fix Description of fix: 21. CC-4029 (2020-10-10) Description of issue: Swing console node tree not updated when servers are created or deleted. A problem was introduced with the fix for MFT-11373 ICC EP stopped monitoring the servers on CEP. The issue was caused by a change to the ServerGroupMgr updateServerGroup. Whenever this update is driven by a cluster event, an NPE occurs, causing, among other things, the update to the server group event to not be broadcast to Swing consoles. Description of fix: Corrected logic to perform the update for non-cluster events only. 22. LS-34 (2020-10-11) Description of issue: “Server Inventory Report” returns no servers even though many servers are defined. Description of fix: Corrected the filtering logic to properly display servers based on filter values. 23. LS-26 (2020-10-12) Description of issue: Not all messsage ID's are shown when creating a rule in Rule in the "IBM Control Center Message Lookup" screen. The last two lines displayed in the truncated list are "CXML009E" and "Environment". Description of fix: Corrected rule create logic to properly display all rule messages in the selection list. -------------------------------------------- ************************************************************************************************* All fix items listed ABOVE represent fixes made after 6.2.0.0 GA (i.e. 6.2.0.0 iFix01 and later). All fix items listed BELOW represent fixes included in 6.2.0.0 GA. ************************************************************************************************* -------------------------------------------- 6.2.0.0 (Released 09/18/2020) The following represent 6.1.3.0 iFixes included in 6.2.0.0 GA base release 6.1.3.0 iFix03 (Released 09/21/2020) 1. IT33567/MFT-11256/TS003891769 (2020-07-15) Description of issue: WLP (Websphere Liberty) encoded passwords (i.e. keystore/truststore/database) are written to the engine.log These encoded passwords should be masked. Description of fix: Changed the log display to mask the password. Before and After examples follow: Before fix: [StreamConsumerThread - ] INFO StreamConsumer - OUT-->{xor}Lz4sLCgwLTs= After fix: [StreamConsumerThread - ] INFO StreamConsumer - OUT-->{xor}************ 2. IT33545/MFT-11276/TS003927367 (2020-07-20) Description of issue: Problems upgrading to Control Center 6.1.3.0. Not recognizing EP already in CC_SERVER and adding new one and then ICC does not start. Description of fix: Logic that handles ensuring EP in CC_SERVER correctly refactored. 3. IT33623/MFT-11277/TS003911941 (2020-07-21) Description of issue: Null Pointer Exception occurring during refresh of Connect:Direct File Agent data in CC_SERVER_COMPONENT table. Description of fix: Fixed logic that didn't handle Connect:Direct servers that did not have file agents associated with them so the null pointer exception would no longer occur. 4. LS-21 (2020-07-22) Description of issue: It was determined in some cases that Control Center was listening on IPv6 addresses. This causes various problems. Currently, only IPv4 adddresses are supported in Control Center. Description of fix: Set a system property during application startup to ensure Control Center listens on IPv4 addresses (i.e. -Djava.net.preferIPv4Stack=true). 5. IT33623/MFT-11277/TS003911941 2020-07-28) Description of issue: When EPs are all restarted, some monitored servers are still temporarily reassigned. Description of fix: Added start up logic for the CEP to undo any temporary server reassignments. 6. IT34299/MFT-11272 (2020-07-29) Description of issue: Required commons-codec upgrade to address Apache Commons disclosure 177835 (CVSS 7.5). Description of fix: Upgraded to commons-code-1.14. 7. IT33623/MFT-11277/TS003911941 (2020-07-31) Description of issue: Exceptions occurring, and logged, by NodeServiceTableAdapter when updating servers - NodeServiceTableAdapter - Queue full. Description of fix: Changed logic to wait when the queue of servers to be updated is full. Note queue size can be increased via the Engine property UPDATE_SERVER_BUFFER_SIZE, which defaults to 500. 8. CC-3597 (2020-08-06) Description of issue: Unable to specify a port value less than 1024 when adding a B2Bi server to be monitored. Description of fix: Changed the validation logic to allow a port number as low as 1. 9. IT34300/MFT-11333 (2020-08-08) Description of issue: Required IBM JRE upgrade to address CVE-2020-14578 (CVSS 3.7) and CVE-2020-14579 (CVSS 3.7)in the Q3 2020 Java CPU. Description of fix: Upgraded from 8.0.6.10 to 8.0.6.15. 10. IT33876/MFT-11319/TS004013600(2020-08-12) Description of issue: Export of audit log to pdf fails with "java.lang.String cannot cast to java.lang.Boolean" (in classic console: Tools >> Audit Log >> Export List to PDF). Description of fix: Added code to catch the exception, allowing the export to complete. -------------------------------------------- 6.1.3.0 iFix02 (Released 07/08/2020) 1. IT32651/MFT-11059/TS003396613 (2020-4-29) Description of issue: Reoccuring "ORA-01000: maximum open cursors exceeded" errors and/or seeing high database cursor usage by ICC. Description of fix: Reduced cursor usage by changing two queries to no longer be cached. Also slightly altered the logic that logs when SQL exceptions occur to better log the SQL command value. 2. IT32611/MFT-11055/TS003575866 (2020-4-29) Description of issue: When ICC is far behind in monitoring SFG servers, perhaps because monitoring was paused, or ICC was down for an extended amount of time, it struggles to ever catch up. Description of fix: Made some small logic changes to address an inefficiency in queries initiated to retrieve "missing" arrived file route and delivery data. Altered the default engine property values for FG_RETRY_INTERVAL and FG_MAX_RETRIES. These properties control how often, and how frequently, ICC will request missing route and delivery data from SFG. Default for FG_RETRY_INTERVAL is now 2000. (A number of milliseconds.) Its default was 10000. Also, before, if the value specified was less than 60, ICC would instead use a much larger value. That's no longer the case. Default for FG_MAX_RETRIES is now 2. It was 10. Also, before the changes for this issue, even if FG_MAX_RETRIES were to be set to 0, ICC would have retried once anyway. That's no longer the case. Also, one new engine property was added - MAX_B2B_EVENT_AGE_IN_MINUTES_TO_LOOK_BACK_IN_DB_FOR. It's default is 64800, which equates to 45 days. This engine property tells ICC to not try to attempt to retrieve any missing arrived file route or delivery data for events that are older than the value specified, which would be 45 days if the default is not overridden. Finally, a small change was made to do a better job of logging SQL exceptions when they occur. 3. MFT-11093/TS003646841 (2020-4-29) Description of issue: When ICC is shutdown errors may fill up all log files from services that don't notice a shutdown is in progress. Description of fix: Logic added to ControllerMonitor, EventProcessorMonitor, ProcessSummaryService, ProcessSummaryWorker, ClusterEventMonitor, EnvironmentMonitor, and EventMonitor to watch for when ICC is shutting down and they now terminate their looping when that occurs. 4. IT32677/MFT-11085/TS003602851 (2020-4-29) Description of issue: When SSP adapters are assigned to multiple SSP engines ICC has problems handling their status. Description of fix: ICC logic updated to handle the situation where one SSP adapter may be assigned to more than one SSP engine. 5. IT32676/MFT-11047/TS003572480 (2020-4-29) Description of issue: Rules created or updated by the Swing console that have return code as a criteria process return code values as strings instead of as numeric values. Description of fix: Changed the Swing console logic that generates the rule match string to treat return code values as numerics instead of strings. Note treating return codes as strings in rules created or updated by the Swing console has occurred for > 10 years. Also, rules created or updated by the web console treat return code values as numerics. In case the original logic in the Swing console is still desired, an engine property was added, HANDLE_RULE_RETURNCODE_THE_ORIGINAL_WAY, whose default is false, and it may be set to true to get the original, albeit errant, behavior. 6. IT32909/MFT-11105/TS003635144 (2020-05-04) Description of issue: Customer ran configCC.sh specifying Oracle JDBC driver ojdbc8.jar after previously having configured using ojdbc7.jar. The following error resulted because both jars were now in the classpath: com.sterlingcommerce.scc.common.SCCException: CJDB014E Cannot create a new connection for URL jdbc:oracle:thin:[host:port:service]. Description of fix: Updated an internal list of database drivers to be excluded from the classpath to ensure only the current specified driver is added. 7. IT32808/MFT-11119/TS003623151 (2020-05-12) Description of issue: Changes introduced in 6130 caused CCTR034E and COSA028E events to not be generated for OSA type servers like SEAS and Global Mailbox, nor to set the status to 'Unknown' for server components associated with the OSA server deemed to be down. Description of fix: This ommission was corrected, so the code should behave as it did now in this area. 8. IT32851/MFT-11127/TS003606190 (2020-05-13) Description of issue: When starting Control Center, runEngine.sh does not return to the bash prompt (i.e. user must hit ENTER). Description of fix: Modified runEngine.sh/runEngineCold.sh so that control is returned to the bash prompt without any user interaction. 9. IT32884/MFT-11131/TS003675945 (2020-05-15) Description of issue: Under certain conditions when the CEP starts, any of its monitored servers temporarliy rassigned to other EPs will remain temporarliy reassigned and must be first manually reasigned to the server they're temporarily assigned to and then reassigned back to the CEP to put things back as they should be. Description of fix: At start up, the CEP will reassign all of its monitored servers temporarily reassigned to other EPs back to itself. 10. IT32912/MFT-11140/TS003699052 (2020-05-19) Description of issue: Attempting to use read Action and creating Action through REST APIs gets error com.ibm.tenx.ws.WebServiceException: Method not allowed. Description of fix: Those APIs had simply not been enabled, so now they and others that should have been are. 11. IT32996/MFT-11135/TS003646841 (2020-05-28) Description of issue: Dates displayed in Web console Recent transfer activity widget are incorrect for some time zones. Description of fix: When console user's preferred time zones are not whole hour offsets from UTC, they are rounded to the closest time zone that is a whole hour offset from UTC and this caused problems for the logic that displayed dates on the chart, which has now been corrected. 12. IT33033/MFT-11185/TS003699727 (2020-06-11) Description of issue: Process summary service logic repeatedly logging error messages when process ending type events handled that contained no process name. Description of fix: ICC process summarization logic was repeatedly receiving process interrupted events from monitored Connect:Direct servers that contained no process name and a process ID/number of 0, and when it did, it would log an error due to the lack of process name. The logic was updated to not log an error in this situation if the process ID was also zero since zero is an invalid process ID, which means these events could be safely ignored by the summarization logic. Logic also changed to not log an info message that started with "notifyProcessEndedDbOper() found batch = 0 and stmt = null, so no executeBatch() was NOT performed for events". It was only supposed to be a debug message, and is now. 13. IT33048/MFT-11142/TS003700086 (2020-06-02) Description of issue: User-Roles summary report doesn't show correct last logon dates. Description of fix: The last logon date stored in the user profile was only updated by the Swing console logic at logon if it ascertained that the current user was not always logged on. This logic was changed to always update the last logon time regardless of the perceived current logon status. 14. IT33062/MFT-11191/TS003776379 (2020-06-03) Description of issue: Swing console displays SSP servers configured to be monitored via multiple MQ servers as a single MQ server with a comma separated list of hosts and ports. Description of fix: Addressed problems in the swing console related to updating and viewing properties for SSP servers' connection information. 15. IT33399/MFT-10981/MFT-11113 (2020-06-28) Description of issue: Required IBM JRE upgrade to address CVE-2020-2654 (CVSS 4.3) and CVE-2020-2781 (CVSS 5.3)in the Q2 2020 Java CPU. Description of fix: Upgraded from 8.0.6.5 to 8.0.6.10. 16. IT33400/MFT-11012/MFT-11013/MFT-11095 (2020-06-28) Description of issue: Required Websphere/Liberty upgrade to address multiple vulnerabilities: CVE-2019-17573 (CVSS 6.1), CVE-2020-4303/4304 (CVSS 6.1), CVE-2020-4329 (CVSS 3.0) Description of fix: Upgraded Websphere Liberty to 20.0.0.5 (from 20.0.0.2). -------------------------------------------- 6.1.3.0 iFix01 (Released 04/29/2020) 1. IT32628/MFT-10872 (03-12-2020) Description of issue: Required IBM JRE upgrade to address CVE-2019-4732 (CVSS 7.2) in the Q1 2020 Java CPU. Description of fix: Upgraded from 8.0.6.0 to 8.0.6.5. 2. IT32178/MFT-10927/TS003385016 (2020-03-13) Description of issue: Connect:Direct Browser in Control Center gets error: "There is an IO error: Return Code 712" for the following functions: User Functions tab: "Select Process" and "Select Statistics" and Admin Functions tab: "Network Map", "Functional Authority" and "Proxy". These functions write to a temporary file. The path name generated erroneously included a file name instead of a valid directory name after a web server upgrade. Description of fix: Modifed /web/wlp/usr/servers/defaultServer/server.xml by removing the .war suffix in the following cdbrowser application definition: BEFORE: location="${shared.app.dir}/cdbrowser.war" (generates invalid path name: /web/wlp/usr/shared/apps/cdbrowser.war/cdbrowser) AFTER: location="${shared.app.dir}/cdbrowser" (generates valid path name: /web/wlp/usr/shared/apps/cdbrowser/cdbrowser) 3. IT32149/MFT-10976/TS003366915 (2020-03-17) Description of issue: If sess.pnode.max is set to 0 in an Unix remote node entry, the advance panel values can not be updated. Description of fix: Set the proper valid value range for the default class parameter. 4. IT32094/MFT-10961/TS003332342 (2020-03-17) Description of issue: Cognos failed to start due to a weak cipher list in the Cognos configuration file /Cognos/configuration/cogstartup.xml, when attempting to regenerate it's cryptographic keys. Description of fix: Updated /Cognos/configuration/cogstartup_SCC_Template.tmp to include additional strong ciphers in element cognosCryptoCiphersuite. This template is used to create the Cognos configuration file when configCC.sh|bat is executed. 5. IT31899/MFT-10861/TS003289277 (2020-3-17) Description of issue: Customer requested some query changes, and new indices, to improve ICC performance. Description of fix: A new properties file was introduced - sql.properties. (It is modifiable via the Web console.) At the instruction of customer support, SQL may be added to sql.properties to override the SQL ICC uses (for certain queries). Over time the list of queries that may be specified will grow. For now just two queries may be overridden via sql.properties. Both of which are used by the ICC QueuedProcessesClearJob. ICC looks for the sql property values "getQueuedProcessCount" and "getQueuedProcesses" to get the SQL to use to override its existing SQL. Note that updates to sql.properties do NOT require ICC to be restarted for the changes to take effect. 6. IT32086/MFT-10597/TS002749779 (2020-3-17) Description of issue: Loading the first static page in a Cognos workspace and other things with Cognos are slow. Description of fix: Customer felt part of the slowness was due to the speed of the Cognos Java Authentication Provider (JAP) logic, so via a new system property, USE_CACHED_USERS_AND_ROLES_IN_JAP, users will be able to cause the JAP to run faster. The JAP will run faster when USE_CACHED_USERS_AND_ROLES_IN_JAP is set TRUE (it will be FALSE by default) because it will stop requesting the current list of ICC users and roles every time it is invoked and instead only retrieve the list once, at startup. The effect of this change will be that Cognos will not be aware of any modifications to the list of ICC users and roles after ICC starts, unless it is stopped and restarted. To set USE_CACHED_USERS_AND_ROLES_IN_JAP you must edit {ICC Installation folder}/Cognos/wlp/usr/servers/cognosserver/bootstrap.properties and add the following line to it: USE_CACHED_USERS_AND_ROLES_IN_JAP=TRUE 7. IT32085/MFT-10956/TS003437021 (2020-3-17) Description of issue: ICC will not start. While loading rules the error "Invalid value specified for 'tagName.nonResolutionActionId'." occurred. Description of fix: The message "CRUL090E Error while saving merged Rules." was changed to "CRUL090E Error while saving merged Rules during processing of Rule ID: {0}". This will allow ICC to note the name of the name of the problematic rule that caused ICC to not start in the message logged, which will simplify troubleshooting. 8. CCP-15676 (2020-3-23) Description of issue: Security vulnerabilities - BlackDuck Scan - Upgrade Apache Xerces2 J Description of fix: Replaced xercesImpl-2.11.0.jar with xercesImpl-2.12.SP02-redhat-00001.jar. 9. CCP-15903 (2020-3-23) Description of issue: Security vulnerabilities - BlackDuck - Upgrade to Quartz from 2.2.3 to 2.3.2 Description of fix: Replaced quartz-2.2.3.jar with quartz-2.3.2.jar. 10. MFT-10994 (2020-03-24) Description of issue: Required CDBrowser upgrade to address a few security issues (Updated jasper-runtime-5.5.23.jar from jasper-runtime-5.5.15.jar/Clickjacking Issue fixed/Removed struts 1 references from C:D Browser code/ Jasper-runtime upgrade). Description of fix: Upgraded to C:D Browser 1.5.0.2 iFix26 (from iFix22). 11. IT32629/MFT-10873/MFT-10893 (2020-03-31) Description of issue: Required Websphere/Liberty upgrade to address multiple vulnerabilities: CVE-2019-4720, CVE-2019-12406 Description of fix: Upgraded Websphere Liberty to 20.0.0.2 (from 19.0.0.12). 12. IT32379/MFT-10940/TS003404923 (2020-04-03) Description of issue: When a monitored Connect:Direct File Agent uses the loopback address (127.0.0.1) to communicate with its Connect:Direct server, ICC does not accept its traps. Description of fix: For ICC to accept traps from Connect:Direct File Agents, the trap c_submitNode value must match the address and port used by ICC to monitor its Connect:Direct server. A change was made so ICC will also accept the trap if the source address of the trap matches the address of a monitored Connect:Direct server.