2021-06-15_06-18-29_Service Pack 3: version 8.9.03
This topic contains information about fixes and updates in Service Pack 3 (product version 8.9.03), and provides instructions for downloading and installing the service pack.
For information about issues corrected in this service pack, see Known and corrected issues.
The following table lists build information for this release.
EPD version number
|Patch 3 for Service Pack 4 for version 8.9|
|8.9.04.003||December 6, 2019|
|Patch 2 for Service Pack 4 for version 8.9|
|8.9.04.002||September 18, 2019|
|Patch 1 for Service Pack 4 for version 8.9|
|8.9.04.001||June 21, 2019|
|Service Pack 4 for version 8.9|
|8.9.04||January 28, 2019|
|Patch 1 for version 8.9 Service Pack 3|
|8.9.03.001||October 5, 2018|
|Service Pack 3 for version 8.9|
|8.9.03||June 11, 2018|
BMC Software is alerting users of BMC Server Automation for Windows Patching that they need to upgrade the BMC Server Automation application server and Windows target servers to the latest versions to ensure the continued functioning of Windows Patching within the product.
Ivanti has announced the end-of-life for an underlying Shavlik SDK version that BMC Server Automation uses to get updates for Windows patches. The original end-of-life support for Shavlik 9.1 was December 31, 2018. The end-of-life support is now extended to September 30, 2019, which provides users with additional time to upgrade BMC Server Automation application server and the BMC Server Automation RSCD Agents running on Windows target servers.
The following topics describe the enhancements included in this service pack.
The following table lists the new features included in this service pack.
|Patching||Shavlik update OR Third-party software updates|
Shavlik version that is shipped with TrueSight Server Automation has been upgraded from Shavlik 9.1 to Shavlik 9.3. This requires that all Windows RSCD Agents that are used for Windows Patching are upgraded to 8.9.03. Windows Patching will not work with downlevel agents once the application server is upgraded to 8.9.03.
|General||Third-party software updates|
Java Runtime Environment (JRE) version that is shipped with TrueSight Server Automation has been updated to 1.8.0_172 (JRE 1.8 Update 172).
For more information about other third-party software versions, see Third-party software.
|General||Third-party software updates||The version of the SysInfo utility (from MagniComp) has been updated to 10-H82.|
You can perform patching and remediation activities for Ubuntu 16.04 by using TrueSight Server Automation.
|General||AIX build date|
A new property, Build Date has been added in AIX for Service Packs. You can view this property in the following tabs of the Service Packs:
For more information, see Examining patch properties for AIX.
Server Message Block (SMB) version has been upgraded to SMB version 2 (SMBv2) to avoid exposure to security vulnerabilities (for example,WannaCry ransomware attack). For more information, see multiple-vulnerabilities-in-microsoft-windows-smb-server in documentation.
You must ensure that SMBv2 is enabled for Microsoft Windows server for following actions:
|Compliance Content||Template updates to newer benchmarks|
The component template for the Health Insurance Portability and Accountability Act (HIPAA) policy has been updated to more recent benchmarks:
For the complete list of available templates, see Compliance policy standards supported by TrueSight Server Automation templates.
|General||SHA 256 support|
TrueSight Server Automation now supports Secure Hash Algorithm 256 (SHA 256). By default, the following certificates use SHA256 signing algorithm:
For fresh installation of RSCD Agent 8.9.03, the certificate.pem is created with SHA256 Signature Algorithm.
If secure logging is configured on RSCD agent, certificate.pem file is used in secure logging. So, in case of upgrade, by default, the existing certificate.pem file is not upgraded to SHA256. To use SHA256 in certificate.pem for upgraded RSCD Agent, perform the following steps:
For fresh installation of application server 8.9.03, the bladelogic.keystore is created with SHA256 Signature Algorithm.
In case of upgrade, by default, the existing bladelogic.keystore file is not upgraded to SHA256. To use SHA256 in bladelogic.keystore for upgraded application server, perform the following steps:
The following table lists down the features that have been modified.
Modifications: The following changes are done with reference to Shavlik upgrade from Shavlik 9.1 to Shavlik 9.3:
Pre-requisites: Ensure that you meet the following pre-requisites:
Post-upgrade tasks: You must perform the following tasks after upgrading the agent, because Catalogs, Patch Analysis Job, remediation prepared with Shavlik 9.1 does not work after upgrade:
|Patching||Patching support deprecation||Patching support for the following products have been removed:|
TrueSight Server Automation no longer supports the following compliance content templates:
These content templates are deprecated as updates on the compliance standards as well as the platform have been stopped by their respective vendors. TrueSight Server Automation no longer supports agent for the underlying platforms. These templates are no longer bundled and tested. However, the existing templates in your environment are not modified. If you need to use the existing templates in your environment, you can still use the existing templates. However, if you face any issues on this templates ( if the rules need fix), and you need assistance, contact BMC Customer Support.
For more information about the templates supported by the product, see Compliance policy standards supported by TrueSight Server Automation templates.
|General||Offline help||TrueSight Server Automation 8.9.03 does not support the local offline help.|
You must apply both the granular and resource permissions:
For more information, see List of required database permissions.
Downloading the service pack
Service Pack 3 for version 8.9 includes full installers for all components. You can download the files for version 8.9.03 from the TrueSight Server Automation 8.9.03 download page at the BMC Electronic Product Distribution (EPD) website.
For full download instructions, see Downloading the installation files.
For a list of installation programs by OS, see Installation programs for TrueSight Server Automation.
Installing the service pack as a fresh product installation
If you are installing this service pack as a fresh product installation, do one of the following:
- To use a centralized UI for installation of most TrueSight Server Automation components, see Installing using the unified product installer.
- To install individual components, download the service pack files and then follow the instructions in Installing individual components. To see an overview of the installation steps, see Walkthrough: Installing individual components for Microsoft Windows and SQL Server environments or Walkthrough: Installing individual components for Linux and Oracle environments, depending on your environment.
Upgrading to the service pack
You can upgrade to this service pack from product versions 8.7.x, 8.8.x, 8.9.00, 8.9.01, and 8.9.02.
To upgrade, do one of the following:
- To use a centralized UI for installation of most TrueSight Server Automation components, see Upgrading on Windows using the unified product installer. For step by step instructions based on platform, see .
Note: Upgrading the TrueSight Server Automation console
When you upgrade the TrueSight Server Automation Application Server to version 8.9.03, you must upgrade the TrueSight Server Automation Console to version 8.9.03.
Using with BMC Decision Support for Server Automation 8.9
BMC Decision Support for Server Automation version 8.9.00 is not compatible with TrueSight Server Automation version 8.9.03. BMC Decision Support for Server Automation users must install a hotfix on BMC Decision Support for Server Automation 8.9, before installing or upgrading to TrueSight Server Automation 8.9.03. For more information about the hotfix, see in the BMC Decision Support for Server Automation documentation.