23.2 enhancements and patches

Review the TrueSight Server Automation 23.2 enhancements and patches for features that will benefit your organization and to understand changes that might impact your users.

Version

Fixed issues

Updates and enhancements

23.2.01

23.2.00

For a list of recent updates and enhancements across multiple versions, see Release-notes-and-notices.

Related topics

Deprecated-and-discontinued-features

23.2.01

Support for additional platforms

This release additionally supports the Microsoft Windows 11 (Console) platform.

For a complete list of supported platforms, see Supported-platforms.

What else changed in this release

Update

Product behavior in versions earlier than 23.2.01

Product behavior in version 23.2.01

A new BLASAdmin parameter, AllowMultipleDownloadJobsInCUJ is introduced in the Appserver module.

The system concurrently executed multiple patch download jobs for a catalog.

You can use the new BLASAdmin parameter to decide if you want tconcurrently execute multiple patch download jobs for a catalog. For more information, see Downloading-patch-payloads-to-the-catalog.

23.2

Support for additional platforms

This release supports the following additional platforms: 

  • Oracle Linux 9 x86_64 (RSCD Agent, Smart Agent, Patching)
  • Red Hat Enterprise Linux 9 x86_64 (Unified Product Installer, Application Server, NSH, Live Reporting)
  • Ubuntu 22.04 (Bare-metal and Physical provisioning)
  • VMware vCenter Server 8.0 (Hypervisor) 
  • Microsoft Windows 11 (Console)

For a complete list of supported platforms, see Supported-platforms.


Support for additional databases

This release supports the following additional databases:

  • Microsoft SQL Server 2022
  • Microsoft SQL Server 2022 Cluster
  • Oracle 21c
  • Oracle 21c RAC

For a complete list of supported databases, see Database support.


Patching enhancements

This release contains the following patching enhancements.

Support for Oracle Linux 9 Public and Unbreakable Linux Network repositories

The Public repository (offline mode only) and Oracle Linux Unbreakable Linux Network (OL ULN) are supported for Oracle Linux 9.x.

Support for SuSE Linux Enterprise Server 15 repository

Starting from this version, you can store patches on a SuSE Linux Enterprise Server 15 that is configured with Repository Mirroring Tool (RMT).

Support for live kernel patching for SuSE Linux Enterprise Server 12 and 15 systems

Server Automation supports applying security patches and other updates to a running (live) SuSE kernel. It provides support for these live patching repositories as new filters in the Catalog Update Jobs. For example, Server Automation provides support for the following kpatch repositories in SuSE 15:

  • SLE-Module-Live-Patching15-SP3-Pool
  • SLE-Module-Live-Patching15-SP3-Updates

After you upgrade to version 23.2, ensure that you update the existing patch catalogs for the new options to take effect.

For more information, see Preparing-the-configuration-file-for-SUSE-Linux-Enterprise.


Security enhancements

TrueSight Server Automation security features have been enhanced by upgrading to OpenSSL library version 3.0.8. This is important for ensuring that the software is secure, reliable, and up-to-date, particularly in the context of encryption, decryption, and other cryptographic functions.

TLS protocol changes

The Internet Engineering Task Force (IETF) deprecated TLS 1.0 and TLS 1.1 in March 2020. IETF recommends using the newer and more secure versions of the protocol, such as TLS 1.2 and TLS 1.3. Starting version 23.2, RSCD Agent only supports TLS 1.2 protocol.

Support for TLS 1.2 is already enabled by default in the RSCD Agent starting from version 8.9.01. 

TLS communication between the Application Server and RSCD Agent

The RSCD Agent 23.2 only supports TLS 1.2 protocol. TLS 1.1 and older protocols are not supported.

However, the Application Server 23.2 can work with RSCD Agents having TLS 1.2 or older protocols.

In order to ensure successful communication with RSCD Agents prior to version 8.9.01 (which do not support TLSv1.2 protocol), configure the Application Server parameters as follows:

EnabledRscdProtocols = TLSv1,TLSv2
EnabledTlsContextProtocol= TLS

The value TLS means both TLSv1 and TLSv1.2 are supported. However, if none of the agents are using TLSv1, we recommend you to change the property value to TLSv1.2 from TLS

Restart the Application Server after you modify these parameters.

For more information about TLS communication, see Configuring-the-TLS-protocol.


REST API enhancements

This version provides the following REST API enhancements.

Compliance API enhancements

Use the following new APIs to perform retrieve and update operations:

  • GET

     /api/v1/compliance-jobs: Retrieve the details of all Compliance Jobs according to the specified filter criteria.

  • PUT /api/v1/compliance-jobs/{id}: Update the Compliance Job for a specified job ID.

Use the remediate API to perform rule-based remediation by specifying a specific rule for remediation:

  • POST /rest/api/v1/compliance-jobs/remediate: Remediate all non-compliant targets or a specific target, based on a rule ID, or a rule group ID, or a template ID.

Patching API enhancement

The REST API support is available for Patching Jobs on the Oracle Linux Public repository.

For more information, see REST-API-endpoints.


Support for additional Compliance Content template

This release supports the CIS template for Red Hat Enterprise Linux 9. 

For more information, see CIS-Red-Hat-Enterprise-Linux-9.


Reset column configuration for the Job Results view

In the Job Results view, reset the column configuration to the default values by using the new option Reset Column Configuration

For more information, see Resetting-column-configuration-for-the-Job-Results-view.

image-2023-4-27_17-57-25.png 


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*