Project related quality assurance efforts have revealed a number of concerns for the current release of 2017.1.0 and 2017.1.1 on all OpenVMS platforms. In certain situations, the impact can be severe.
July 27, 2017 – Alert: Linux Defects Can Corrupt Mirror Copies of Journal Files
InterSystems has encountered defects in Linux which can corrupt copies of journal files that are generated on a mirror backup or async member; this occurs only in certain specific configurations. The original mirror journal file created on the primary member is not affected.
June 26, 2017 – Alert: Data Corruption with Mixed Endian Mirror Shadowing
InterSystems has corrected a defect that may result in corruption of Unicode data on a shadow system whose source is an async mirror member.
This defect affects all currently released Caché, Ensemble, and HealthShare distributions beginning with version 2012.2.0. All platforms and operating systems are affected.
With the recent release of Caché and Ensemble 2017.1, InterSystems customers can now create configurations where the data-at-rest cryptographic library used is compliant with FIPS 140-2.
Caché and Ensemble now provides you with the option to enable FIPS mode on RedHat 6.6, 7.1 on x86-64. This means is, that InterSystems products will no longer use the supplied crypto libraries that come with the kit, but will use the FIPS validated libraries provided by the Operating Systems vendor.
The last version of Caché, Ensemble released for VSI OpenVMS is 2017.1. Unlike HP OpenVMS (Alpha and Itanium), VSI OpenVMS on Itanium continues to be supported. This means that critical corrections or changes required to support customer’s hardware purchases will all be based on 2017.1 or earlier versions.
Beginning with the next release after 2017.1, InterSystems products will no longer be offered on macOS (OS X) as a Server platform. This platform has been re-classified and will be available as a Development platform in future releases.
Products: Caché, Ensemble
Expected Availability: next major release after 2017.1
Starting with the Field Test of 2017.1 InterSystems products will include Feature Tracker. It is enabled by default during the Field Test and is explained more fully in the product documentation included below. Information collected by Feature Tracker is limited to technology usage information and instance identification. This tool has been carefully crafted to not transmit sensitive information related to customer applications or data.
InterSystems has corrected a defect that may result in missing updates when utilizing Caché online backup.
This defect is present in all Caché and Ensemble versions 2015.1.x, 2015.2.x and 2016.1.x, and all HealthShare distributions based on those versions. It affects all platforms and operating systems except backups of OpenVMS cluster databases.
That alert indicated that the database defragmentation utility in 2014.1 and higher, on all platforms except OpenVMS, could cause database degradation and the correction JO2871 is available to clients upon request and would be included in future releases. The correction was included in 2015.1.3, 2015.2.2 and 2016.1.
At the end of this year support for OpenSSL 1.0.1 will end. InterSystems has started the process to move to OpenSSL 1.0.2 and use the 1/28/2016 release (1.0.2f) for verification and product inclusion. I will update this post once InterSystems decided which versions will receive support for OpenSSL 1.0.2.
This advisory concerns the recently announced vulnerability CVE-2016-0800, aka DROWN, which is due to weaknesses in SSLv2. For more information, see https://drownattack.com. This vulnerability may be relevant to InterSystems customers as InterSystems products have the capability to utilize SSLv2.
By update