The following issues were resolved in 22.3.1-Patch1-4. 22.3.1-Patch1-4 includes all fixes up to and including ExtremeXOS 11.6.5.3, and earlier, ExtremeXOS 12.0.5, ExtremeXOS 12.1.7, ExtremeXOS 12.2.2-patch1-12, ExtremeXOS 12.3.6, ExtremeXOS 12.4.5, ExtremeXOS 12.5.5, ExtremeXOS 12.6.3, ExtremeXOS 12.6.5, ExtremeXOS 12.7.1, ExtremeXOS 15.1.5, ExtremeXOS 15.2.4, ExtremeXOS 15.3.3, ExtremeXOS 15.4.1, ExtremeXOS 15.5.1, ExtremeXOS 15.5.2, ExtremeXOS 15.6.1, ExtremeXOS 15.6.2, ExtremeXOS 15.7.1, ExtremeXOS 16.1, ExtremeXOS 16.1.2, ExtremeXOS 16.1.3, ExtremeXOS 21.1, ExtremeXOS 22.1, ExtremeXOS 22.2, ExtremeXOS 22.3. For information about those fixes, see the release notes for the specific release.
Resolved Issues, Platform-Specific, and Feature Change Requests (CRs) in 22.3.1-Patch1-4
| CR Number | Description |
|---|---|
| General | |
| xos0062256 | When auto-polarity is turned off, link comes up for straight cable rather than crossover connection. |
| xos0068323 | In ExtremeXOS Python scripting, the argument sent to the command Exsh.clicmd is replicated 24 times. |
| xos0068500 | HAL timeout occurs while rebooting the stack using the command reboot stack-topology. |
| xos0068553 | The ARP learning rate on the Summit X770 series switches has decreased starting with ExtremeXOS 22.2 due to code infrastructure changes. |
| xos0068888 | When the command show tech-support all detail is executed after running enable cli-config-logging, messages beginning with "serial unknown" appear in the log. This issue also occurs when executed from a Telnet session. |
| xos0068911 | After enabling STP auto-bind on a VLAN, removing all ports from the VLAN, and then adding them back, displays STP tag as "(none)" in the show ports information detail command. |
| xos0069051 | After 65,000 new FDB entries are learned, subsequent entries are continuously added and deleted. |
| xos0069068 | On Summit X770 and X670-G2 series switches with with IPv4 forwarding enabled and more than 32 ARPs, IPv4 unicast traffic destined to IPv4 addresses residing on port number 64 or higher may be dropped. |
| xos0069070 | The process BCMAsync stops processing with scaled route/ARP entries in hash table. |
| xos0069150 | In the output of the show vlan command, ports can have both "!" and "*" flags set if the port is a share group port. |
| xos0069196 | Inconsistent port learning flag appears in HAL with PVLAN and MLAG configuration. |
| xos0069210 | Unable to create private VLAN with 32-character name if the first 31 characters match an existing private VLAN name. |
| xos0069318 | When ingress port is part of both tagged and untagged VLANs that are participating in MSTP then the BPDU will not be processed |
| xos0069111 | EXSH process ends unexpectedly with signal 6, when executing invalid command string with more than 32 characters. |
| xos0067587 | When running show tech-support command with user-created VRs, show configuration command does not display full configuration. |
| Summit X770 Series Switches | |
| xos0069487 | HAL process ends unexpectedly with signal 6 when switch boots up with PTP configurations. |
| ExtremeSwitching X870 Series Switches | |
| xos0069072 | On ExtremeSwitching X870 series switches, traffic ingressing ISC ports get forwarded on MLAG ports if ports are between 91–96. |
| ExtremeSwitching X870 and X690 Series Switches | |
| xos0069087 | Operational diagnostics sometimes do not run on some ExtremeSwitching X870 and X690 series switches. When the switch is rebooted to run operational diagnostics, the diagnostics do not run due to a timeout of the hardware watchdog timer, and the switch reboots and starts ExtremeXOS instead. |
| xos0069050 | On ExtremeSwitching X690 and X870 stacking switches, unable to complete the upgrade operation. |
| Security | |
| xos0069355 | SSH idle timeout does not clear SSH sessions. |
| xos0069424 | The output of the command show ssh2 private-key actually shows the private key, which could be a security threat. |
| xos0063637 | The command configure cli max-failed-loginsnum-of-logins" needs to apply to SSH password-based logins. |
| xos0063638 | Lockout of account occurs incorrectly after the second wrong login attempt (should be third attempt) using SSH, and error message does not correctly explain what has happened. |
| xos0069112 | Invalid dates are allowed for February when configuring switch's time/date. |
| xos0069127 | EMS log should indicate when a read-only user tries to update the switch's software image. |
| xos0069223 | Reconciliation with Syslog server for TCP timeout is too long (15 minutes). Needs to be changed to 30 seconds. |
| xos0069224 | Change severity from "info" to "notice" for clear log entries in log. |
| xos0069254 | Log EMS message when user cancels the save configuration as-script command in addition to when the command is successful. |
| xos0069326 | During Nmap scan, random TCP port from Nettools with higher number (from 32xxx to 44xxx) are discovered. |
| xos0069362 | Need to upgrade openssl FIPS to 2.0.16. |
| xos0069363 | Secure Syslog: Need to turn off TLS session resumption. |
| xos0069367 | Change the severity level for bind and unbind of user to SSH key in log messages. |
| xos0069442 | In EMS log, identify the RSA key with user associated. |
| xos0069261 | EMS log message required when download image command is cancelled. |
| xos0069140 | The following are ExtremeXOS vulnerabilities due to
scripting allowed when in FIPS mode: Note: You must enable FIPS for
this fix to take effect.
The following are additional ExtremeXOS vulnerabilities:
For more information about these vulnerabilities, see Vulnerability Notice. |
Print
this page
Email this topic
Feedback
View PDF
Download EPUB