Release Notes 4.0Last Modified: 11/30/2015 at 18:59 | Release:
Table of Contents
What’s New in Avance R18.104.22.168
- Support for Internet Explorer 11 has been added
What’s New in Avance R22.214.171.124
- No new features
What’s New in Avance R126.96.36.199
- No new features
What’s New in Avance R188.8.131.52
- No new features
What’s New in Avance R184.108.40.206
- No new features
What’s New in Avance R220.127.116.11
IMPORTANT: DOM0 access enabled. Refer to Accessing DOM0 for details.
What’s New in Avance R18.104.22.168
- No new features
What’s New in Avance R22.214.171.124
- No new features
What’s New in Avance R126.96.36.199
In order to use the Avance UI without seeing warnings about unsigned Java applications, Stratus is providing a certificate for customers to download. Please visit the following link to download the certificate file which works with Avance r4.0.0:
The stratus.cer certificate can be installed by using the Java Control Panel (under Programs->Java->Configure Java in Windows).
- Go to the security tab, and look for “Manage Certificates…”
- Then pull down “Signer CA” as a “Certificate type”. Note: make sure you select “Signer CA” rather than the default “Trusted Certificates”
- Click on the “Import” button.
- In the “Files of type:” field, pull down “All Files”. Note: make sure you update the “Files of type:” field because the default file extensions (.csr and .p12) don’t include .cer.
- Select the stratus.cer file from wherever you downloaded it, and click the “open” box in the file menu. This will install the certificate.
- Close the windows from the Java Control Panel.
- Be sure to restart your browser to have the new certificate take effect.
What’s New in Avance R188.8.131.52
- Added support for the following Intel Ivy Bridge processor types. Refer to the
- for details
- Intel Xeon E5-2600 V2 series
- Intel Xeon E5-2400 V2 series
- Intel Xeon E3-1200 V2 series
- Added support for the Intel RMS25PB080 storage controller
Important Considerations – R4.0.0 PV Driver Installation
In order to install the xen-win-pv-drivers-184.108.40.20600 tools supplied with the Avance R4.0.0 release on Windows VMs, please use the AvanceXenSetupAssistant.cmd script that is supplied with the tools. If you need to install the tools manually, please ensure that you start xensetup.exe with the /allowlegacyinstall option. If you just click on xensetup.exe without specifying /allowlegacyinstall, you will get a popup and the tools will not install.
Additionally, in order to install the xen-win-pv-drivers-220.127.116.1100 tools on Windows XP or Windows 2003 VMs, you may need to address the following popup windows in order to get the network PV driver to function properly. After the initial reboot from the tools installer, several minutes will pass and the Found New Hardware Wizard may pop up. In this case, please click the button for “No, not this time” when the Wizard asks you to search Windows Update, and then click “Install the software automatically” when the Wizard locates the Citrix PV Ethernet Class.
Finally, if you are upgrading PV drivers and you are running a Windows VM with 3 or more drives, refer to the Avance Software Upgrade Guide for important precautions you must take to avoid a non-bootable VM
Important Considerations – Windows 2000 VMs
Avance R4.0 does not support Windows 2000 VMs. Avance release r18.104.22.168 is the last release to support Windows 2000. During the upgrade process a check is made for Windows 2000 VMs, and if any exist the upgrade will not proceed. The user will be required to abort the upgrade and recover the node.
Important Considerations – unsupported VMs will not migrate
Avance R4.0 will not attempt to migrate unless they are PV Aware (Linux) or run with PV Drivers (Windows). All such VMs should be listed in the Avance Compatibility Matrix. Any VMs in this category can be manually stopped and started on the other PM or will automatically restart in the event of loss of a physical machine. Also, note this restriction covers any VM that is booted with a recovery CD.
Outstanding Issues in this release
|20420||If you are upgrading PV drivers and you are running a Windows VM with 3 or more drives, refer to the Avance Software Upgrade Guide for important precautions you must take to avoid a non-bootable VM|
|20571||Update to the latest Kaspersky whitelist prior to Installation of Windows PV drivers if running Kaspersky anti-virus software|
Issues Fixed in this release
|KB/Case Number||Fix in Release||Description|
|KB-7618||22.214.171.124||Avance may be vulnerable to CVE-2014-3566 (POODLE)|
|KB-7619||126.96.36.199||Avance may be susceptible to the following openSSL security issues: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176|
|KB-7620||188.8.131.52||Update tzdata to accomodate 12/31/2016 leap second|
|KB-7621||184.108.40.206||Update PV drivers to version 220.127.116.1100 to address potential network drop outs when using the 18.104.22.16802 PV drivers bundled with 22.214.171.124|
|KB-7622||126.96.36.199||Address Citrix Xen Security Advisories|
|KB-7623||188.8.131.52||Avance may be susceptible to CVE-2016-5195 (DIRTY COW)|
|KB-7624||184.108.40.206||Possible data loss after cluster shutdown when powering on the node that was secondary first|
|KB-7625||220.127.116.11||Prevent everRun license upload on Avance. Alert if everRun license was previously inadevertently uploaded.|
|KB-7626||18.104.22.168||Correct the format of Avance SNMP traps|
|KB-7627||22.214.171.124||Avance may be susceptible to CVE-2015-7547 (glibc send_vc function allows denial of service)|
|KB-7628||126.96.36.199||Update Apache web server (httpd)|
|KB-7629||188.8.131.52||Avance may be susceptible to the security vulnerability described in CVE-2014-7810 (apache tomcat)|
|KB-7630||184.108.40.206||Avance may be vulnerable to Openssl CVE-2016-0800 (DROWN)|
|KB-7631||220.127.116.11||Avance https certificate has been updated|
|KB-2718||18.104.22.168||Update the links in the Avance help and e-Alerts|
|KB-2721||22.214.171.124||Address the FREAK security vulnerability described in CVE-2015-0204|
|KB-2720||126.96.36.199||Add suppport for JAVA 8 in the Avance user interface|
|KB-2719||188.8.131.52||Correct Avance SNMP MIB compilation errors|
|KB-2716||184.108.40.206||Disabling a network in a Windows VM can cause a crash during migration|
|KB-2717||220.127.116.11||Fix the inability of periodic diagnostics to be sent to Stratus|
|KB-2725||18.104.22.168||Change the name and strengthen the signature of the certificate used with https|
|KB-2726||22.214.171.124||Address the VENOM security vulnerability described in CVE-2015-3456|
|KB-2724||126.96.36.199||Update the ntp and tzdata packages to provide fixes for leap second adjustments|
|KB-2727||188.8.131.52||Update the HP Smart Array CCISS kernel driver|
|KB-2723||184.108.40.206||Address the LOGJAM security vulnerability described in CVE-2015-4000|
|KB-2722||220.127.116.11||Update the openssh package to the latest version|
|KB-1651||18.104.22.168||PV drivers cause communication failures on Windows 2003|
|KB-2046||22.214.171.124||VM MAC address changed after system IP address changed|
|KB-2264||126.96.36.199||Avance is susceptible to the MSR vulnerability described in CVE-2014-7188|
|KB-2265||188.8.131.52||Avance PM Firmware tab points to old firmware|
|KB-2266||184.108.40.206||GHOST Linux glibc security vulnerability (CVE-2015-0235)|
|KB-2267||220.127.116.11||NTP vulnerabilities (CVE-2014-9293 through CVE-2014-9296)|
PV drivers cause communication failures on Windows 2003
Response to Avance Shellshock bug vulnerability
Updating OpenSSH and Tomcat in Avance
Hoard corruption occurs after disk insertion and removal
An upgrade to the iDRAC7 1.56.55 or later firmware release causes BMC’s to lose connectivity on Dell systems
Avance is susceptible to the openSSL security issue described in CVE-2014-0224
Windows VMs that have PV drivers installed but not loaded correctly do not have an alert generated for this condition
Windows VMs that have PV drivers installed but not loaded correctly will fail to migrate and also keep other VMs that are in working order from migrating
Internal queue gets clogged causing system to become unresponsive
Ubuntu VM fails to live migrate after export/restore
A VM migration can result in an interruption of multicast traffic for up to two minutes
File descriptor leak causes VM live migration after 30 days
Recent Java produces stern warnings about VNC viewer, import/export wizard, and VCD import being unsigned
Long blackouts seen during VM live migration due to unavailable DNS server
avcli vm-import does not restore to same shared mirror(s) as the exported VM
Node unreachable alert – due to fatal swap utilization on r3.x and r4.x Avance systems
|21867 and 21878||18.104.22.168||
Node unreachable alert – hangs on Nehalem / Westmere-based Intel whitebox (e.g., S5520UR) nodes: disable iommu (21867) and install FlexPriority microcode (21878)
Node unreachable alert – kernel crash or other misbehavior after running for over 200 consecutive days on Intel Sandy Bridge processors
Node unreachable alert – kernel crash at kernel/cred.c:168
Node unreachable alert – kernel crash in e1000_open()
Avance cannot correct BIOS settings on recent Intel BIOS (version 2) on Intel whitebox S2600GZ, S2600CP, and S2400GP
|21872 and 21871||22.214.171.124||
Dell internal NIC (2x10Gb + 2x1Gb) has incorrect network display (21872) and node recovery/upgrade can fail (21871)
|21840||126.96.36.199||UDP multicast packets not received from after network fault until migration completes. Note, upgrade to the 188.8.131.5200 PV drivers included with the 4.0 release to prevent this issue from occurring.|
Installing Avance Release R4.0
Avance requires a DVD for installation, please review the documents below and follow all preparation, installation and configuration instructions:
Upgrading to Avance Release R4.0
Refer to the Avance Software Upgrade Guide for Important Considerations regarding this upgrade along with detailed instructions.
Important: If you are running a Windows VM with three or more drives or you are running Kaspersky anti-virus software in your VM refer to the the Avance Software Upgrade Guide prior to starting upgrade for special instructions. Failure to adhere to these instructions may result in a corrupted boot disk that can be time consuming to recover.
Enterprise Management – Avance CLI and MIB
New Avance 4.0 CLI and MIB versions must be downloaded and installed into your management solutions. These versions are backwards compatible with all previous releases of Avance
If you have a technical question about Avance system software, you can find the latest documentation about your Avance at the Stratus Avance Documentation Web site, http://avancedoc.stratus.com/. .For known issue on Avance, please refer to the Avance Knowledge Base
If you are unable to resolve your questions with the help available at the online site, and the system is covered by a service agreement, please contact the customer support or your authorized Stratus service representative. For information, see: http://www.stratus.com/Stratus/Home/Services/CustomerSupport.