Release Notes
Abstract
This technical note provides guidance for installing IBM Security Guardium Data Protection sniffer patch 11.0p4079, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
- Patch file name: SqlGuard-11.0p4079_Snif_Oct_29_2024.tgz.enc.sig
- MD5 checksum: 05ca4dc490d8f24709cd38dd152841c8
Finding the patch
Make the following selections to locate this patch for download on the IBM Fix Central website:
- Product selector: IBM Security Guardium
- Installed Version: 11.0
- Platform: All
Click Continue.
On the "Identify fixes" page, select Browse for fixes and click Continue .
On the "Select fixes" page, select Appliance patch (GPU and ad hoc). Then, enter the patch information in the Filter fix details field to locate the patch.
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Installation
Notes:
- This universal sniffer patch can be installed on all releases of Guardium 11.x
- This patch restarts the sniffer process.
Overview:
- Download the patch and extract the compressed package outside the Guardium system.
- Be sure to check the latest version of these patch release notes online just before you install this patch.
- Pick a "quiet" or low-traffic time to install the patch on the Guardium system.
- Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors. This sniffer patch must be installed across all the appliances such as the central manager, aggregators, and collectors.
For information about installing Guardium Data protection patches, see How to install patches in the Guardium documentation.
Attention
Renewed Guardium patch signing certificate
Guardium appliance patches are signed by an internal certificate to validate that the patch is created by Guardium. Unsigned patch files cannot be installed. This patch is signed by a new patch signing certificate. Therefore, to install this patch, the patch signing certificate on your Guardium appliance must first be updated by installing ad hoc patch 11.0p1057 (see release note) or an appropriate appliance bundle listed in IBM Guardium - Patch signing certificate set to expire in March 2025.
New currency items
This patch provides the following new currency items.
| Issue key | Summary |
|---|---|
|
GRD-83876
|
Support for Couchbase 7.6.3 (UNIX and Windows)
|
|
GRD-85245
|
Support for PostgreSQL 17 (UNIX and Windows)
|
|
GRD-87062
|
Support for MySQL 8.4.2 (UNIX and Windows)
|
|
GRD-87451
|
Support for Oracle Database 23ai on Windows 23.4.0.24.05
|
Enhancements
This patch provides the following enhancements.
| Issue key | Summary |
|---|---|
|
GRD-63079
|
Oracle parser errors
|
|
GRD-76620
|
Updated session information to support distributed reports for Universal Connector traffic
|
|
GRD-84677
|
Universal Connector automatically removes red S-TAP entries from a managed unit
|
|
GRD-85789
|
Skip MongoDB response parsing
|
|
GRD-86046
|
Add new session-level policy tokens
|
Resolved issues
This patch resolves the following issues.
| Patch | Issue key | Summary | APAR |
|---|---|---|---|
| 11.0p4078 | -- |
See release notes for patch 11.0p4078
|
-- |
|
11.0p4079
|
GRD-82246 |
Parser error with keyword 'desc' for IBM Db2 statement:
select * from EMP desc limit 3;
|
DT393671 |
| GRD-83175 | Session-level policy rule with criteria on SERVER_IP and action IGNORE_SESSION does not work correctly after installing sniffer patch 11.0p4076 | DT399772 | |
| GRD-83993 |
Incorrect handling of error packet format
|
DT406771 | |
| GRD-84172 | Query rewrite (QRW) issue on count(*) IBM Db2 SQL query | DT391634 | |
| GRD-84834 | Universal Connector configured for Oracle Unified Audit did not report user's activities from Toad client | DT396500 | |
| GRD-85144 | Parsing errors | DT398865 | |
| GRD-86519 | Parser error for MySQL 8 revoke role command | DT396911 | |
| GRD-86523 | Analyzer issue to handle some Teradata Database traffic | DT398866 | |
| GRD-87125 |
Handling of use statements in Toad Sybase connections
|
DT398941 | |
| GRD-87285 |
Session-level policy rules required the use of wildcards in the DB_USER, OS_USER, and SOURCE_PROGRAM criteria when monitoring IBM Db2
|
DT399887 | |
| GRD-87489 | Weak default snif ciphers (TLS_RSA) | DT396934 | |
| GRD-88424 | Catch Sybase database user creation and deletion activities | DT399722 | |
| GRD-88996 | Parser error for some Postgres insert statements on collector | DT406772 | |
| GRD-89103 | MySQL failed login | DT401013 |
Known limitations
This patch provides the following known limitations.
| Issue key | Summary |
|---|---|
|
GRD-89684
|
Query rewrite (QRW) does not work as expected for Windows S-TAP using Protocol 8.
|
[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"},{"code":"a8m0z000000Gp0SAAS","label":"SNIFFER"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.0.0;11.1.0;11.2.0;11.3.0;11.4.0;11.5.0"}]
Was this topic helpful?
Document Information
Modified date:
21 April 2025
UID
ibm17175168