Release Notes for ExtremeSecurity V7.7.2.4
If your deployment is installed with ExtremeSecurity 7.7.1.2 or later, you can install fix pack 7.2.4-QRADAR-QRSIEM-983526 and above to the latest software version. This release note does not cover all of the installation messages and requirements. For information on upgrading to V7.7.2.4, see the Extreme Networks Security Upgrade Guide.
To install this fix pack, see Patch Installation Instructions.
Resolved Issues
This is a cumulative release, meaning that installing the latest version includes all of the resolved issues identified in previous releases.
Note
Some APAR links in the table below might take 24 hours to display properly after a software release.Number | Description |
---|---|
IV46355 | RAPID7 NEXPOSE SCANNER DISPLAYS AN ERROR WHEN THE SITE NAME PATTERN FIELD CONTAINS AN AMPERSAND (&) CHARACTER |
IV46461 | THE TEST FIELD IN THE CUSTOM PROPERTIES WINDOW MIGHT NOT DISPLAY SPECIAL CHARACTERS AS INTENDED |
IV47857 | NO NOTIFICATION THAT EVENTS ARE DROPPED BY A ROUTING RULE |
IV50577 | THE LICENSE DETAILS SCREEN MAY SHOW LICENSE DETAILS FOR ANOTHER HOST IN THE DEPLOYMENT |
IV50730 | BACKUP ARCHIVES FAIL TO GENERATE DUE TO A MISSING RPM DEPENDANCY CAUSED BY AUTOMATIC UPDATES |
IV54191 | ASSET SEARCH WITH OS INFORMATION IS SLOW |
IV54564 | USER PROFILES WITH ONLY ACCESS TO REPORTS WILL THROW 404 WHEN ACCESSING REPORTS IN INTERNET EXPLORER |
IV54606 | AFTER AN UPGRADE TO EXTREME SECURITY 7.7.2.1 Patch 4, A LOG SOURCE EXTENSION MIGHT DISPLAY INVALID CHARACTER SYMBOLS |
IV54655 | DEPLOYS MAY FAIL WHEN AN ENCRYPTED CONNECTION EXISTS FOR AN UNASSIGNED COMPONENT |
IV54675 | DASHBOARD TIME SERIES GRAPHS FOR EVENT RATES (EPS) MIGHT DISPLAY A DECREASE IN AN EVENT RATE WHERE NONE EXISTS |
IV54720 | MANAGED HOSTS WITH AN HA SECONDARY MIGHT EXPERIENCE A POSTGRES RPM OR DISKMAINT ERROR AFTER A HOSTSERVICES RESTART |
IV54734 | RULE RESPONSES THAT SEND AN OFFENSE SUMMARY EMAIL NOTIFICATION MIGHT INCLUDE AN UNRESOLVABLE ADDRESS IN THE URL |
IV59270 | RISK SCORE FILTER NOT FILTERING - RETURNING ALL ASSETS |
IV59284 | NETWORK HIERARCHY TREE SHOWS "UNDEFINED" WHEN NETWORK GROUP HAS DEPTH GREATER THAN 9 LEVELS |
IV59345 | IMPROPERLY FORMATTED SYSTEM EVENTS ARE BEING PICKED UP BY THE CRE LOG SOURCE |
IV60520 | OFFENSE RULE CONDITION "LOG SOURCE TYPE(S) THAT DETECTED THE OFFENSE" DOES NOT FIRE DUE TO LOG SOURCE MISMATCH |
IV60570 | NON-ADMIN USERS UNABLE TO VIEW FULL RULE DETAILS |
IV60575 | NOTIFICATION QID VALUE IS INCORRECT |
IV60576 | IMPROVE CRE PERFORMANCE AGAINST PORTS AND LARGE DATABASE TABLES |
IV60644 | EXCESSIVE SIM AUDIT EVENTS FOR HA SSH ACTIVITY |
IV60760 | ROUTING RULES FILTER RETURNING UNEXPECTED RESULTS |
IV60765 | FILTERING PAYLOAD BY REGEX ENDING WITH "\ " INTERFERES WITH THE LOG ACTIVITY VIEW |
IV61200 | SORTING IN ASSET DETAILS - USER LIST DOES NOT WORK |
IV61255 | EXTREME SECURITY SHOWS A TIMESTAMP FOR 'LAST SEEN PASSIVE' EVEN IF ALL FLOW SOURCES ARE DISABLED |
IV61260 | RULE TEST TO NOT CREATE OFFENSE IF TWO RULES ARE MATCHED IS CREATING AN OFFENSE |
IV61456 | COLUMN SORTING NOT SORTING IN THE LOG SOURCE WINDOW |
IV61687 | RULE INFORMATION IS MISSING FROM THE AUDIT LOG WHEN RULES ARE MODIFIED |
IV62203 | MANUAL CARRIAGE RETURNS USED IN THE TEXT FIELD OF AN OFFENSE NOTE CAUSE INCOMPLETE NOTE OUTPUT IN THE AUDIT LOGS |
IV62349 | WINCOLLECT LOG SOURCE DISPLAY SORTING RETURNS NO RESULTS IN 7.1.0 |
IV62439 | UI PROBLEM IN FIREFOX 30 - UNABLE TO SELECT LEVEL ON SOURCE NETWORK GROUP |
IV62441 | ASSET TABLE EXPORT SHOWS 0.0.0.0 FOR THE IP AT TIMES WHEN THE GUI DISPLAYS A REAL IP |
IV62476 | VULNERABILITY DETAILS NOT SHOWN FOR NON-ADMIN USER |
IV62587 | RULE COUNTING IS NOT WORKING USING SPECIFIC PALO ALTO CONFIGURATION |
IV63048 | MEMORY LEAK IN BANDWIDTH MANAGER |
IV63122 | WHEN SHARING A SAVED SEARCH, INCLUDE IN MY DASHBOARD IS SELECTED BY DEFAULT AND SHOULD NOT BE |
IV63346 | HAVING AN EQUAL SIGN ("=") IN A RULE NAME CAN CAUSE EVENTS TO BE DROPPED AND OTHER EVENT PIPELINE FAILURES |
IV63375 | LARGE INCREASE IN EVENTS GENERATED BY THE SYSTEM NOTIFICATION LOG SOURCE |
IV63416 | GROUPED EVENT SEARCHES CONTAINING NUMERIC CUSTOM PROPERTIES MAY RETURN INCORRECT SUM CALCULATIONS |
IV63452 | WHEN AN HA FAILOVER OCCURS, ADDITIONAL BONDED INTERFACES WILL BE REMOVED |
IV63457 | ACTIVE DIRECTORY LOGIN FAILS WHEN TRYING TO AUTHENTICATE TO THE API |
IV63462 | PDF REPORT FILENAMES WITH CHINESE CHARACTERS THAT ARE MAILED DO NOT RETAIN CORRECT CHINESE CHARACTERS IN THE ATTACHMENT NAME |
IV63610 | THE WRAP TEXT CHECKBOX DOES NOT WORK WHEN SELECTED FOR VIEWING CISCO IDS EVENT PAYLOADS |
IV63733 | TUNNELRDATE WARNING MESSAGES GENERATED EVEN WHEN NOT USING ENCRYPTION BETWEEN CONSOLE AND MANAGED HOST |
IV63742 | 'BB:CATEGORYDEFINITION: COUNTRIES/REGIONS WITH NO REMOTE ACCESS' CONTAINS AN INCORRECT LOCATION NAME |
IV63743 | SELECTING A LANGUAGE OPTION OTHER THAN ENGLISH FOR EXTREME SECURITY LOG MANAGER DOES NOT WORK |
IV63792 | THE DESTINATION IP SOURCEPORT IS APPENDED TO THE DESTINATION IP WHEN QUERYING TYPE-B SUPERFLOWS |
IV63798 | NETWORK ACTIVITY SEARCH RIGHT-CLICK FILTER OPTIONS FOR APPLICATION IS OR IS NOT 'OTHER' NOT RETURNING CORRECT |
IV63799 | CHANGE IN LOCALE SETTINGS FROM ENGLISH TO ANY OTHER LANGUAGE CAUSES NO DATA RESULTS FROM FLOW DATA APPLICATION SEARCHES. |
IV64011 | THE NUMBER OF DATA VARIABLES IN AN OFFENSE CRE SNMP TRAP DOES NOT MATCH THAT OF THE ASSOCIATED EXTREME SECURITY FILE. |
IV64141 | EXTREME SECURITY PATCH MAY FAIL OR COMPLETE BUT WITH ERRORS THAT REFERENCE 722_PATCH_58912.INSTALL |
IV64252 | REFERENCE MAP OF MAPS DOES NOT WORK AS DESCRIBED IN THE EXTREME SECURITY ADMIN GUIDE DOCUMENTATION |
IV64738 | QFLOW PROCESS STOPS AND THEN FAILS TO START |
IV64977 | LOG ACTIVITY ADVANCED SEARCH THAT SPECIFIES USING 'LOGSOURCEGROUPNAME' ONLY RETURNS RESULTS FROM GROUP 'OTHER' |
IV65030 | QVM - EXTREME SECURITY SYSTEM NOTIFICATION THAT REFERS TO 'QVMSCANCOMPLETELISTENER HAS REACHED FULL CAPACITY' |
IV65081 | MULTIPLE VULNERABILITIES IN EXTREME SECURITY (SIEM CVE-2014-0075, CVE-2014-0096, CVE-2014-0119) |
IV65711 | MULTIPLE VULNERABILITIES IN EXTREME SECURITY SIEM (CVE-2014-3508, CVE-2014-3511) |
IV66146 | QIF - 'NO FILES TO DOWNLOAD' MESSAGE WHEN PERFORMING AN EXPORT AS PCAP |
IV66369 | QIF - THE 'LICENSE INFO' PAGE SHOWS 'DATABASE NOT ENABLED' |
IV66371 | RULES NO LONGER FIRING AFTER A REFERENCE SET IS FOUND TO BE EMPTY OR DOES NOT EXIST |
IV66785 | THE PARTITION /STORE/ARIEL/PERSISTENT_DATA IS NOT MONITORED BY DISK SENTINEL |
IV66787 | NO FLOW INFORMATION IS DISPLAYED WHEN USING NON ENGLISH LOCALE IN SOME INSTANCES |
IV66874 | THE ADMIN TAB, REMOTE NETWORKS AND SERVICES CONFIGURATION PAGE DOES NOT LOAD CORRECTLY IN THE EXTREME SECURITY UI |
IV66882 | QIF - CASES THAT ARE 'DELETED' FROM WITHIN CASE MANAGEMENT ARE NOT ACTUALLY DELETING |