4.6.2.0-ISS-ProvG-AllModels-Hotfix-FP0022

Answer

Name of product: IBM Proventia Network Intrusion Prevention System
Fixpack version: FP0022

Applicable versions: 4.6.2


Problems Solved:

- Update patch to allow install with new naming convention of XPU.
Install will fail when XPU naming convention is XXXX.XXXXX rather than XX.XXX

Previous fixes:

- Updates expired Java applet and other dependent jars on LMI with new jars whose certificate will expire on 2020.

- Email reponse may cause a crash in some odd occassions due to incorrect
use of string conversion function.

- Fixes iss-secmgr memory leak.

- Solves issue where security policy takes forever to load.

- Prevent rsyslogd from hanging by using linkedlist queue for remote syslog
forwarding.

- Allow leef logging to appear locally wihtout debug being enabled, and
when leef policy is enabled. Tuning parameter crm.leef.log.asinfo=true

- Delivers security fixes to date. Please visit
http://www-947.ibm.com/support/entry/portal/support to view security bulletins
for this product.

- Updates MSL 5.9.2.0.1 and GSKit 8.0.50.57

- Fixes an issue with the accuracy of pcaps generated using the log evidence.

- Updates MSL to version 5.9.0.3.1

- Only log a logical_drive_status set to unknown as an error when it has
tried 5 times (wait 1 second per try)

- Don't change GX status to unhealthy until a percentage of errors have
occurred. Item tunable by spa.allowsperrcomm.percent an integer from 0-100
depicting percentage of heartbeat value times 2. Default value for tuning
parameter is 0.

- Updates gskit to version 8.0.50.41

- Dump event details when event serialization fails

- Prevent erroneous netengine restart when the packet thread is in
housekeeping

- Increase the time between detection of packet process thread hung and
restart of netengine to have a better chance to getting a stack trace.

- Adds error detection logic to catch and correct errors writing ips events
to the local database under certain conditions.

- Upgrades issMSL to version 5.9.0.1-3.

- Fixes the issue with the health check of Snort process where frequent
detaches
due to heavy traffic load spits out snort not running messages whereas the
LMI
indicates Snort as running.

- Fixes an issue with the loading of the Open Signature Policy that would
cause it to be loaded out of order.

- Fixes an issue in FW 4.6.2 where GX fails to post events to SP.
This fix uses non-blocking version of curl to avoid indefinite
block in the read call.

Notes:
Patch is Cumulative