APM 10.8 Hotfixes
search cancel

APM 10.8 Hotfixes

book

Article ID: 260131

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope) CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management SaaS DX Application Performance Management

Issue/Introduction

The following is the list of  APM 10.8 Hotfixes

NOTES:

1- HOTFIXES is cumulative.
2- Contact Broadcom Support if you need a HOTFIX that is not available from https://support.broadcom.com/ 

Environment

Application Performance Management (APM) 10.8

 

Resolution

SERVER HOTFIX # 7
Not available from https://support.broadcom.com/  To obtain a copy contact BRCM Support
version:    10.8.0.95  
build : 990703  
Release date :  2024-11-12
Fixed components:  EM, WV
Targeted for release :  10.8 SP2 
Fixed Issues:
DE613408 - 35648731-Security vulnerabilities in Spring Framework 5.3.26_1,upgraded to 5.3.34_1
DE618276 - Search is not properly working in the Universes page

SERVER HOTFIX # 6
Not available from https://support.broadcom.com/  To obtain a copy contact BRCM Support
version:    10.8.0.88  
build : 990524  
Release date :  2024-02-23  
Fixed components:  EM, WV, WS 
Targeted for release :  10.8 SP2 
Fixed Issues:
DE595789 - 33688352-WebView cannot handle a loss of connectivity to MOM (FqdnFormAuthenticator)
DE576186 - Not able to select options (userId, URL) in the dropdown in Transaction trace viewer (DE592946)
DE592893 - ^M bad interpreter error when try to run SupportBundler.sh & IndexRebuilder.sh files
DE604128 - com.wily.introscope.soa libraries from ws-plugins removed
DE604477 - Webstart workstation failed to open with NPE

SERVER HOTFIX # 5
Not available from https://support.broadcom.com/  To obtain a copy contact BRCM Support
version:    10.8.0.88  
build : 990524  
Release date :  2024-02-23  
Fixed components:  EM, WV, WS 
Targeted for release :  10.8 SP2 
Fixed Issues:
DE567083 - 33447591-Missing httpOnly cookie attribute security issue
DE574805 - 33515746-Session cookie does not contain the Secure Attribute
DE589781 - Copyright year changed to 2024



SERVER HOTFIX # 4 = *** 10.8 SERVICE PACK # 1 ***
Available from https://support.broadcom.com/ 
version:    10.8.0.64  
build : 990426  
Release date :  2023-05-17  
Fixed components:  EM, WV, WS, agents  

New Features:
************
This service pack includes the following new and updated features.

- PLA (Portfolio Licensing Agreement) Telemetry - We are making it easier for
customers
to report information manually through a new UX and changes to product usage
reporting
instructions. We are providing a tool, the Product Usage Collector, for
automatic on-demand
gathering of metrics within the customers environment without special
requirements such as
firewall rules or software installed on the system in their data center. The
Product usage metrics
are now easily accessible from the product UI and contains an overview of all
metrics which are
being sent to Broadcom as part of customer PLA agreement, together with the
licensed metric
calculation details.

- Updated Version Support for CA APM Database - CA APM now supports APM
database up to
PostgreSQL 14.x and Oracle 19c. For more information, see the Upgrade
Components section
in the documentation. PostgreSQL installation is not part of the CA APM 10.8
installation
and must be installed before you start the CA APM 10.8 installation.

-  An example of the manual upgrade procedure to upgrade Postgres from 9.6.2 to 13.4  (https://knowledge.broadcom.com/external/article/228491 )

- Introscope Workstation for Windows - Introscope Workstation on the Windows
platform has both
32bit & 64bit JRE bundles.

- Introscope Workstation Packaged as a Mac OS X Application - Introscope
Workstation is now available
packaged as Mac OS X application. Please contact Broadcom support for
details. It requires Java 11
to be already installed on the system. You can check that it is available by
running the following
command: /usr/libexec/java_home -v 11

- SOAP API updates - There is a new implementation of SOAP API for listing and
retrieving metrics.
It is a subset of the existing SOAP API. It is based on Spring WS instead of
on Apache Axis:
1) The new API uses document/literal style instead of rpc/encoded style.
2) Its endpoint is at http://HOST:PORT/introscope-web-services2/services/.

Its WSDL is retrievable from
http://HOST:PORT/introscope-web-services2/wsdl11.wsdl.
3) Detailed migration documentation

Fixed Issues:
************
DE562920 - Security vulnerabilities in snakeyaml 1.33, upgraded to 2.0
DE563830 - java.lang.OutOfMemoryError fixed in the EM logs [ETC MoM is down]
DE563808 - Integer overflow fixed for the agent health calculation
DE562816 - Use java.awt.Desktop to open browser to URL instead of directly executing Mozilla (Workstation)
DE562969 - Metrics data validation failure in EsdplatelemetryMetricsUploadJob
DE562850 - Error invoking Velocity template exception in WebView logs when we enable SAML internal IDP in EM
DE562954 - SupportBundler, SHA2Encoder and SmartStorTools scripts updated to use bundled JRE
DE562295 - 33399612-Security vulnerabilities in apache-jsp 8.5.70, upgraded to 8.5.87
DE562295 - 33399612-Security vulnerabilities in json-smart 2.4.7, upgraded to 2.4.10
DE562565 - Fixed unsupported CipherSuite: TLSv1.3" exception when workstation try to connect EM using https/ssl port
DE562151 - File Open Error when trying to open saved transaction trace XML file
DE560713 - JAXBContext exception in EM logs when trying to login to ATC with the EEM user
DE548295 - Introduced new SOAP API with Spring WS (existing Axis SOAP services are still supported)
DE550785 - Dashboard console throwing java.lang.NullPointerException
DE560994 - Remove alignment from logger name in logs
DE552145 - Installation Fails with error on schematools.log
DE551193 - Fixed "Invalid date entered" error while trying to open Template Editor
DE551180 - Added com.sun.xml.bind.v2 to com.wily.introscope.client
DE550502 - 33279620-Security vulnerabilities in commons-bcel 5.0
DE552798 - APM support telemetry PUC API - ESD - 10.x - Calculations
DE524657 - 32971146-Validate certificate at start only if Jetty's certificate validation is also turned on
DE519623 - 32904897-Security vulnerabilities in commons-io 2.10.0
DE519623 - 32904897-Security vulnerabilities in Commons Collections4 4.2
DE519623 - 32904897-Security vulnerabilities in BouncyCastle 1.64
DE519623 - 32904897-Security vulnerabilities in Netty 4.1.63.Final
DE519623 - 32904897-Security vulnerabilities in Quartz scheduler 2.3.0_2
DE519623 - 32904897-Security vulnerabilities in xmlsec 2.1.7
DE519623 - 32904897-Security vulnerabilities in snakeyaml 1.28
DE519623 - 32904897-Avoid checker-qual dependency in PostgreSQL JDBC driver
DE519623 - 32904897-Security vulnerabilities in net.bytebuddy 1.12.22
DE519623 - 32904897-Security vulnerabilities in xstream 1.4.19
DE519623 - 32904897-Security vulnerabilities in com.fasterxml.jackson.core libraries, upgraded to 2.14.2
DE496642 - Security vulnerabilities in Apache log4j, replaced with logback
DE496642 - Allow TLS 1.3 (em-jetty-config.xml)
DE496642 - Removed com.wily.log4j OSGi bundle from management
DE496642 - New OSGi R7 Logger implemented
DE519623 - Remove com.google.code.findbugs:jsr305
DE519623 - Replaced AspectJ artifacts in com.ca.apm.osgilibs group with com.ca.apm.eclipse_sdk_4_21
DE519623 - Use ServiceMix Spring OSGi bundles exclusively
DE519623 - 32904897-Security vulnerabilities in oracle.database.driver 19.13.0.0.1
DE519623 - 32904897-Security vulnerabilities in postgresql jdbc driver 42.2.25
DE519623 - 32904897-Upgrade Jetty from 9.4.45 to 9.4.51.v20230217
DE519623 - 32904897-Security vulnerabilities in org.apache.xerces 2.12.2
DE519623 - 32904897-Security vulnerabilities in org.apache.xalanj 2.7.2.6
DE519623 - 32904897-Use Jaxen without org.w3c package
DE519623 - 32904897-Hibernate OSGi bundle upgraded to 5.6.14
DE519623 - 32904897-Added org.apache.aries.spifly.dynamic.framework.extension version management
DE519623 - 32904897-AdoptOpenJDK 11.0.18 update for linux, windows, aix and solaris
DE519623 - 32904897-Eclipse sdk 4_7_3a upgraded to 4_21
DE519623 - 32904897-Security vulnerabilities in javax.activation 1.2.0
DE519623 - 32904897-Security vulnerabilities in Objenesis, upgraded to 3.2
DE519623 - 32904897-Security vulnerabilities in ASM, upgraded to 9.4
DE519623 - 32904897-Security vulnerabilities in Bouncy Castle
DE519623 - 32904897-Security vulnerabilities in Eclipse Equinox
DE562295 - 32904897,33399612-Security vulnerabilities in Spring Framework 4.3.30, upgraded to 5.3.26

See also: https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/application-performance-management/10-8/ca-apm-release-notes/prerequisites-for-10-8-hotfix-.html 

SERVER HOTFIX # 3
Not available from https://support.broadcom.com/    To obtain a copy contact BRCM Support
version:    10.8.0.39    
build : 990301 
Release date :  2023-02-10
Fixed components:  WS
Targeted for release :  10.8.1  
Fixed Issues:
DE557966 - Workstation fails to start, need timestamps added to the Workstation jars (JAR signing)

SERVER HOTFIX # 2
Not available from https://support.broadcom.com/   To obtain a copy contact BRCM Support
version:    10.8.0.38    
build : 990207 
Release date :  2022-11-22
Fixed components: EM, WV, WS 
Targeted for release :  10.8.1  
Fixed Issues:

Fixed Issues:
************
DE548836 - 33206918-Use http:// and classpath:// for Hibernate's XSD schemas (apmDataService bean initialisation issue)
DE545327 - 33211693-Fixed java.lang.IllegalArgumentException: Comparison method violates its general contract

New Features:
************
This hotfix includes the following new and updated features.

- PLA (Portfolio Licensing Agreement) Telemetry - We are making it easier for customers to report information manually through a new UX and changes to product usage reporting instructions. We are providing a tool, the Product Usage Collector, for automatic on-demand gathering of metrics within the customer environment without special requirements such as firewall rules or software installed on the system in their data center. The Product usage metrics are now easily accessible from the product UI and contains an overview of all metrics which are being sent to Broadcom as part of customer PLA agreement, together with the licensed metric calculation details.

- PostgreSQL database 9.6.2 - The manual upgrade procedure from 9.6.2 to 13.4 is available, see the user documentation.

10.8.0 GA Release

Available from https://support.broadcom.com/ 
version:  10.8.0.27
build : 990027 
Release date : 01-Jun-2022

For details of fixes and known issues, see

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/application-performance-management/10-8/ca-apm-release-notes.html 

 

Additional Information