APM 10.7 Hotfixes
search cancel

APM 10.7 Hotfixes

book

Article ID: 105898

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) INTROSCOPE CA Application Performance Management (APM / Wily / Introscope) DX Application Performance Management

Issue/Introduction

The following is the list of 10.7 SERVER and AGENT Hotfixes


NOTES:

1- A SERVER HOTFIX is cumulative, it can be installed on top of any 10.7 version.
2- Contact Broadcom Support if you need a HOTFIX that is not available from https://support.broadcom.com/
3- Server components can be: Introscope Enterprise Manager (EM),  Introscope Webview (WV), Team Center(ATC), CEM, Workstation(WS), APM SQL Server (APMSqlSrv), APM Command Center (ACC)

Environment

DX Application Performance Management 10.7

 

Resolution

IMPORTANT: CEM functionality is not available starting from HOTFIX#61. The latest most stable HOTFIX for CEM customers is HF#60

SERVER HOTFIX # 88
Not available from https://casupport.broadcom.com/
version:   10.7.0.382       
build : 998806  
Release date : 2023-04-28  
Fixed components: Workstation
Targeted for release :  10.8
Enhancement: US877971 

CA APM Introscope Workstation is now available packaged as Mac OS X application.
Please contact Broadcom support for details. It requires Java 1.8 to be already
installed on your system. You can check that it is available by running the
following command: /usr/libexec/java_home -v 1.8

Mac OS 13.3.1 is the OS version we certified (back-end was 10.7 HF84) and Java
8 are requirements.

SERVER HOTFIX # 87
Not available from https://casupport.broadcom.com/
version:   10.7.0.376      
build : 998701  
Release date : 2023-02-16
Fixed components: Workstation
Targeted for release :  
Fixed Issues:
DE557966 - Workstation fails to start, need timestamps added to the Workstation jars (JAR signing)

AGENT HOTFIX # 86
Not available from https://casupport.broadcom.com/
version:   10.7.0.375      
build : 998605   
Release date : 2022-07-19
Fixed components: Agent  
Targeted for release :  
Fixed Issues:
DE532568  - After HF51 applied, still getting legacy tracers detected for webspheremq.pbl.

AGENT HOTFIX # 85
Not available from https://casupport.broadcom.com/
version:   10.7.0.359    
build : 998500  
Release date : 2021-11-29
Fixed components: Agent  
Targeted for release :  
Fixed Issues:
F115660 - 10.7 - Add Oracle 19.x support to SQL agent


SERVER HOTFIX # 84 

Not available from https://casupport.broadcom.com/
version:   10.7.0.358  
build : 998412  
Release date : 2021-11-12  
Fixed components: EM, ATC, WV, WS, ACC, APMSQLsrv  
Targeted for release :  10.8  
New features:
-  Java HotSpot(TM) 64-Bit Server VM 1.8.0_112 from Oracle Corporation was replaced with OpenJDK 64-Bit Server VM 1.8.0_292 from AdoptOpenJDK.
-  CEM/TIM and CEM/TESS services were removed from 10.7 hotfix #84.
-  Manual upgrade procedure to upgrade Postgres from 9.6.2 to 13.4  (https://knowledge.broadcom.com/external/article/228491)
For the complete list of new features refer to the HOTFIX README.txt

Fixed Issues:
DE433916 - Security vulnerabilities in Commons Beanutils 1.9.2, 1.9.3
DE508381 - Security vulnerabilities in commons-compress 1.9
DE508381 - Security vulnerabilities in commons-io 2.4
DE514522 - Security vulnerabilities in commons-lang3 3.2.1
DE496642 - Security vulnerabilities in commons-codec 1.10
DE508381 - Security vulnerabilities in commons-logging 1.2
DE508381 - Security vulnerabilities in commons-configuration 1.1
DE508381 - Security vulnerabilities in commons-digester 2.1
DE433916 - Security vulnerabilities in org.jasypt_1.9.2
DE505953 - Security vulnerabilities in Jetty 9.4.39 (CVE-2021-28169,BDSA-2021-1714)
DE508381 - Security vulnerabilities in jetty-schemas 3.1
DE513278 - Security vulnerabilities in Apache Ant 1.6.5
DE496642 - Security vulnerabilities in Apache log4j 1.2rc1, 1.2.14 and 1.2.17
DE508381 - Security vulnerabilities in Apache CXF 3.2.6 in APMSqlServer
DE512709 - Security vulnerabilities in XStream 1.4.16, 1.4.17
DE513274 - Security vulnerabilities in com.ibm.icu icu4j 52.1 and 58.2
DE433916 - Security vulnerabilities in javassist 3.19.0-GA
DE508381 - Security vulnerabilities in javax.annotation-api 1.2
DE433916 - Security vulnerabilities in org.apache.commons.logging 1.1.1
DE508381 - Security vulnerabilities in org.apache.commons_beanutils 1.9.4
DE508381 - Security vulnerabilities in org.apache.commons_digester 1.7.0
DE508381 - Security vulnerabilities in org.eclipse OSGI libraries
DE514522 - Security vulnerabilities in jackson-databind 2.9.10
DE515806 - Security vulnerabilities in Jackson Data Mapper for Jackson 1.9.0
DE508381 - Security vulnerabilities in org.owasp.esapi 2.2.0.0
DE508381 - Security vulnerabilities in org.apache.axis 1.4.1.1927
DE508381 - Security vulnerabilities in org.hibernate 3.3.2-2
DE508381 - Security vulnerabilities in org.apache.xerces 2.12.1
DE508381 - Security vulnerabilities in org.slf4j 1.7.25-4
DE513282 - Security vulnerabilities in mqtt-client 1.14
DE513275 - Security vulnerabilities in netty 4.0.56.Final
DE433916 - Security vulnerabilities in net.java.jaxb 2.2.11
DE508381 - Security vulnerabilities in postgresql 42.2.8 and 42.2.14
DE508381 - Security vulnerabilities in ojdbc 6
DE508381 - Security vulnerabilities in oracle.database.driver 11.2.0.4_11.2.0.4
DE508381 - Security vulnerabilities in jna-platform and jna 4.1.0
DE508381 - Security vulnerabilities in httpclient 4.5.2
DE508381 - Security vulnerabilities in httpcore 4.4.4
DE508381 - Security vulnerabilities in httpcore-nio 4.3.3
DE513278 - Security vulnerabilities in httpasyncclient 4.0.2
DE508381 - Security vulnerabilities in HikariCP-java7 2.4.13
DE513277 - Security vulnerabilities in Spring 5.0.11, 5.0.16 in APMSqlServer,EM
DE508381 - Security vulnerabilities in Spring 3.2.18 in EM
DE513279 - Security vulnerabilities in Spring Security 4.1.5
DE508381 - Security vulnerabilities in json 20090211
DE514303 - Security vulnerabilities in Velocity 1.7
DE513278 - Security vulnerabilities in infinispan-core and infinispan-common 7.2.3.Final
DE508381 - Security vulnerabilities in wss4j-bindings 2.0.4
DE464332 - 31956165-Extend start-up time checking of Jetty certificate
DE506787 - 32750911-ITicketValidator" exception when integrating Introscope with the Solution Manager
DE516957 - 32855692-Security vulnerabilities in Apache Santuario xmlsec 1.5.7 (EM/WV)
DE515317 - 32855692-Security vulnerabilities in Apache Santuario xmlsec 2.1.2 (ApmSQLServer)
DE489884 - 31926620-EM jetty temp files not being cleaned up in the work folder
DE500372 - Webview default dashboard not displaying "Welcome to APM Dashboards" when there is another dashboard listed before it
DE513526 - Cannot update JRE that is used to execute the hotfix
DE513349 - NoSuchMethodError in the cluster setup: mising classes in org.apache.commons.io.FileUtils
DE513271 - Error in storing the key store on AIX: No data to encode (at least Service refresh 5 needed)
DE513519 - Merge original JRE trust store with the new one of the updated JRE
DE513523 - Oracle jre did not copied to the hotfix folder for backup purposes
DE512604 - Generate report status is showing as in-progress even after report is available in ACC report page
DE513945 - CEM UI is still accessible with "\wily" context path & able to login and able to see CEM data
DE513536 - org.hibernate.LazyInitializationException: could not initialize proxy - no Session
DE514291 - Introscope_Enterprise_Manager.lax updated for AIX (javax.xml.transform.TransformerFactory)
DE508381 - OSGi bundles: unnecessary Require-Bundle from castyles5.1.2 and castylesr2 removed
DE515137 - OnPrem to DOI Integration Summary Alerts not showing in Alarm Analytics
DE514974 - Agents are not connecting and throwing error - java.lang.NoClassDefFoundError: com/wily/org/apache/commons/io/input/CountingInputStream
DE511056 - Set digestAlgorithm to SHA256 in eaim.config if it is SHA1 or MD5
DE466308 - Jetty SSL certificate with expired certificates in chain is not detected
DE515881 - NoSuchFileException: EM/commons-lang_2.6.jar
DE516610 - Exception in EM logs: java.lang.IllegalStateException: This is not a simple alert
DE511376 - Exception in MOM logs: [APMInventory-0] [Manager.AppMap] Error fetching response
DE517003 - WatchDog when trying to get EM status throwing Exception: java.lang.NullPointerException
DE511793 - FLD Webview environment: NPE in WebServer.AAsyncMessagePipeEndpoint
DE515652 - Installer: Unable to load and to prepare the installer in console or silent mode
DE514706 - TypeViewers in ext/xmltv updated

AGENT HOTFIX # 83
Not available from https://casupport.broadcom.com/
version:   10.7.0.333  
build : 998300                         
Release date :  2021-08-18  
Fixed components: Agent
Targeted for release :  10.8  
Fixed Issues:
DE487858/DE509463: Hotfix - JMX Metric not reporting real value
JMX Service can be started in 3 ways:
1. startup class configured on App Sever.
2. IntroscopeWLStartupTracer, also load startup class.
3. exposed JMX Service from WebAppSupport plugin.
Root cause Multiple JMX Services were started interfering with each other. 

SERVER HOTFIX # 82
Not available from https://casupport.broadcom.com/
version:   10.7.0.320  
build : 998207                         
Release date :  2021-08-16  
Fixed components: EM, VW, WS, ATC
Targeted for release :  10.8  
Fixed Issues:
DE496640 - Security vulnerabilities in Apache Commons FileUpload 1.3.2 (CVE-2016-1000031 (BDSA-2016-1573) & BDSA-2013-0013)
DE496648 - Security vulnerabilities in Apache POI 3.16 (CVE-2017-12626 (BDSA-2018-0190) and CVE-2019-12415 (BDSA-2019-3341))
DE496660 - Security vulnerabilities in Spring LDAP 1.3.1 (CVE-2017-8028)
DE496650 - Security vulnerabilities in Apache Xerces2 J 2.9.1 (CVE-2009-2625(BDSA-2009-0005), CVE-2012-0881 (BDSA-2012-0077) and BDSA-2016-1289)
DE496657 - Security vulnerabilities in Quartz Enterprise Job Scheduler 1.6.0 (BDSA-2019-3134)
DE496663 - Security vulnerabilities in XStream 1.4.11.1 (CVE-2020-26217, CVE-2020-26258 and CVE-2020-26259)
DE499067 - Security vulnerabilities in Jetty (CVE-2021-28165, CVE-2021-28164, CVE-2021-28163)
DE496658 - Security vulnerabilities in SnakeYAML 1.23 (CVE-2017-18640)
DE499784 - Security vulnerabilities in Spring Framework 4.3.18.RELEASE (CVE-2018-15756, CVE-2020-5421)
DE496654 - Security vulnerabilities in Batik XML utility library 1.7
DE508980 - CSRF token from request does not match token from session (Webview)

AGENT HOTFIX # 81
Not available from https://casupport.broadcom.com/
version:   10.7.0.320  
build : 998100                       
Release date :  2021-03-26  
Fixed components: Agent
Targeted for release :  10.8  
Fixed Issues:
[F99156] Full featured monitoring of java applications running on zOS
[F99147] zOS Agent enhancement to make host and process metrics configurable

AGENT HOTFIX # 80
Not available from https://casupport.broadcom.com/
version:    10.7.0.319    
build : 998001                       
Release date :    2021-02-26  
Fixed components: Agent  
Targeted for release :  10.8  
DE492126  : Ability to disable response cookie for Browser Agent

SERVER HOTFIX # 79
Not available from https://casupport.broadcom.com/
version:   10.7.0.317   
build : 997900                     
Release date :  2021-02-28  
Fixed components: EM, WV  
Targeted for release :  10.8  
*** DO NOT *** release this hotfix to customers with CEM/TESS functionalities.
Fixed Issues:
DE469686  : alert action is not being triggering

SERVER HOTFIX # 78
Not available from https://casupport.broadcom.com/
version:   10.7.0.316  
build : 997800                   
Release date :  2021-02-11
Fixed components: EM, ACC 
Targeted for release :  10.8  
*** DO NOT *** release this hotfix to customers with CEM/TESS functionalities.
Fixed Issues:
DE488738: CVE 2020 28052: Bouncy Castle BC Java 1.65 and 1.66.OpenBSDBCrypt.checkPassword

SERVER HOTFIX # 77
Not available from https://casupport.broadcom.com/
version:   10.7.0.315 
build : 997700                 
Release date : 2021-01-25  
Fixed components: CEM/Tess, EM, WV, WS   
Targeted for release :  10.8  
*** DO NOT *** release this hotfix to customers with CEM/TESS functionalities.
Fixed Issues:
DE489884: build 10.7.0.279 remaining temp files
DE489876: 10 new CVEs related to FasterXML jackson-databind 2.9.10.7.
DE477804: Attribute context an analysis note book the screen does not refresh when changing the layer on the map

SERVER HOTFIX # 76
Not available from https://casupport.broadcom.com/
version:   10.7.0.314   
build : 997600               
Release date : 2020-12-31     
Fixed components: EM,   
Targeted for release :  10.8  
*** DO NOT *** release this hotfix to customers with CEM/TESS functionalities. 
Fixed Issues:
DE488134 - The EM failed to start with its log capturing
com.wily.introscope.spec.metric.BadlyFormedNameException about a metric name
length being longer than the maximum allowed length of 16000.
 
SERVER HOTFIX # 75
Not available from https://casupport.broadcom.com/
version:   10.7.0.313    
build : 997500             
Release date : 2020-12-16     
Fixed components: EM, ACC, WV, WS    
Targeted for release :  10.8  
*** DO NOT *** release this hotfix to customers with CEM/TESS functionalities.
Fixed Issues:
DE479546: 32253401: ETC fails with SAML setup after applying HOTFIX 65
DE479995: 32257432: APM - ACC UI reference links incorrect (10.7)
DE485759: 32387148: Security vulnerability in jackson-databind (CVE-2020-25649)
 
SERVER HOTFIX # 74
Not available from https://casupport.broadcom.com/
version:   10.7.0.312  
build : 997400             
Release date : 2020-11-06   
Fixed components: WV  
Targeted for release :  10.8  
Fixed Issues:
DE481393 - Can't login to Webview using SAML
 
SERVER HOTFIX # 73
Not available from https://casupport.broadcom.com/
version:   10.7.0.311  
build : 997300           
Release date : 2020-10-29  
Fixed components: WV  
Targeted for release :  10.8  
Fixed Issues:
DE480132 - Ordering by Timestamp does not take into account the date
 
SERVER HOTFIX # 72
Not available from https://casupport.broadcom.com/
version:   10.7.0.310   
build : 997200           
Release date : 2020-10-22  
Fixed components: EM  
Targeted for release :  10.8  
Fixed Issues:
DE481194 - Unable to generate a report (An error occurred while creating the
report) - Exception: java.lang.IllegalArgumentException: unknown format type

SERVER HOTFIX # 71
Not available from https://casupport.broadcom.com/
version:   10.7.0.309   
build : 997101           
Release date : 2020-10-12  
Fixed components: EM  
Targeted for release :  10.8  
Fixed Issues:
DE473701 - 32155372-Normal Alerts in CA APM 10.7 missing "Problem Details" and "Links to the problem metrics or associated alerts" links
DE480570 - 32144884-Backout fix for stopping APM's multi metric alerts from sending 2 or more trap to Spectrum

SERVER HOTFIX # 70
Not available from https://casupport.broadcom.com/
version:   10.7.0.307  
build : 997005         
Release date : 2020-10-06
Fixed components: EM, WV, WS, APMSQLServer    
Targeted for release :  10.8  
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE467977 - 32070150: Webview: HTTP Status 500 for /webview/jsp/login.jsf
DE478171 - 32231977: vulnerabilities in jackson-databind (CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-14195, CVE-2020-24616)
DE477810 - 32215196: Block users in config/users-sap.xml by default
DE477841 - 32218569: IntroscopeJDBC.jar is not included as part the 10.7 HF/SP packages causing java.lang.ArrayIndexOutOfBoundsException
DE476881 - 32209371-It is possible to exploit server with a malicious cookie: [CVE-2020-6364] OS Command Injection Vulnerability in CA Introscope Enterprise Manager : allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.

AGENT HOTFIX # 69
Not available from https://casupport.broadcom.com/
version:   10.7.0.197  
build : 992906       
Release date : 
Fixed components: Agent  
Targeted for release : 20.9
Fixed Issues:
DE460320  : Spring agent extension on z/OS will not load and capture a syntax error message similar to the one below in the IntroscopeAgent.log file:
[ERROR] [IntroscopeAgent.Agent] Introscope AutoProbe will not run because the provided directives files are not valid:
(/SY4G/uss/WebSphere/wily/IZ/extensions/spring/directives/toggles.pbd:1) Syntax Error: Unsupported character 
Identified root cause: Spring agent extension pbd files not converted to EBCDIC format for deployment on z/OS.

SERVER HOTFIX # 68
Not available from https://casupport.broadcom.com/
version:   10.7.0.301  
build : 996801     
Release date :    2020-09-14  
Fixed components: EM
Targeted for release : 10.8
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE472917: The alerts from CAAPM via SNMP trap are transmitting multiple traps to Spectrum even when "Notifyby individual metric" is disabled

SERVER HOTFIX # 67
Not available from https://casupport.broadcom.com/
version: 10.7.0.299  
build : 996701   
Release date :  2020-09-03  
Fixed components: EM, APMSQL  
Targeted for release : 10.8
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE472040: 10.7 vulnerability: CVE-2020-13692 (postgresql) jetty-server-9.4.29.v20200521 / CVE-2019-17638 (DE471947)
DE470819: 32112761 - potential vulnerability in APMSQL with "spring-core-5.0.8.RELEASE.jar" - https://tanzu.vmware.com/security/cve-2020-5398
DE463779: 10.7.0.279  Webview bookmark regression - Book marking a url in webview is not working anymore. It throws the login page.

AGENT HOTFIX # 66
Not available from https://casupport.broadcom.com/
version: 10.7.0.297 
build : 996602        
Release date :  2020-08-14 
Fixed components: Browser Agent, Java Agent  
Targeted for release : 10.8
Fixed Issues:
DE468542: 32078347 - Browser Agent broke App web pages (page got truncated)
DE468422: 32057106 - The monitored application HTTP request was failing and agent would log errors and NoSuchMethodException on methods getUri() and getMethod() similar to the
one below:
6/16/20 09:17:29 PM UTC [ERROR] [IntroscopeAgent.Apache HTTP Components Client Data Resolver] getHttpMethod() : Unable to get HTTP method
6/16/20 09:17:29 PM UTC [VERBOSE] [IntroscopeAgent.Agent]java.lang.NoSuchMethodException: org.apache.http.message.BasicHttpRequest.getMethod()

SERVER HOTFIX # 65
Not available from https://casupport.broadcom.com/
version:   10.7.0.292   
build : 996501      
Release date :    2020-08-11  
Fixed components:   EM, VW, APMSQLServer  
Targeted for release : 10.8
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE463445 - 31936193-Pruning task stops working if any of the sql queries as part of this process fail
DE466776 - 32045141-CSRF token protection is configurable now (j_security_check)
DE471947 - 32130743-Security vulnerability in Jetty 9.4.29, CVE-2019-17638 (EM, WV)

SERVER HOTFIX # 64
Not available from https://casupport.broadcom.com/
version:   10.7.0.291   
build : 996402    
Release date :    2020-07-31  
Fixed components:   DOI SaaS Integration, EM, WV  
Targeted for release : 10.8
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE447001 - MBT plugin stops checking for changes in MBT config.yml if it fails due to syntax error in config.yml, even after correcting syntax mistakes
DE465928 - External ID and Isolation View coming for onPrem alerts by default without providing any fallback property in APM properties
DE426719 - APM Isolation view is not applying appropriate filters
DE431341 - Property control to default vertex id to agent in absence of vertexid in both alarms and metric metadata
DE437225 - fallback to agent should be applicable only for external_ids
DE420771 - SaaS june Roll Out : java.lang.ArrayIndexOutOfBoundsException exception in EM logs when plugin tries to push metrics data to DOI
DE464157 - NPE in EM Manager log - Uncaught Exception in Enterprise Manager
DE467483 - MBT Default YML File w.r.to. new file format
DE467490 - Update to hot configuration property doi.metric.token is not picked up by APM-EM and 401 token exceptions are encountered
DE420795 - 20004410-Summary Engine is not sending data
DE412867 - 01337425-Security vulnerability CVE-2000-0649 in EM Jetty, added HostHeaderCustomizer
DE403006 - 01284417-APM alerts in SOI are not displaying correct summary info
DE407561 - 01280368-supportability.IntFluctuatingSupportabilityMetric cannot be cast to supportability.PerIntervalSupportabilityMetric
DE410336 - 01323340-Getting errors when doing a query via JDBC driver to smartstor :  [WARN] [Manager.IsengardObjectInputStream] Unexpected constructor exception java.lang.ArrayIndexOutOfBoundsException
DE415562 - 01347166-Warning log messages in 10.7 SP3 EM logs
DE438307 - 20076170-Collector "in use post GC" spiking and flat line causing EM overall capacity
DE433801 - 20070805-Negative value for Metric - Data Points Retrieved From Disk Per Interval
DE430016 - 20055693-storyid cache is out of sync with db entries
DE451441 - Repair invalid metric
DE412650 - PieCharts are not shown in WebView for the new languages
DE392264 - 01232623-Mistranslation 'min' and 'd' in Team Center
DE414851 - 01347231-WVCtrl.sh script startup generating netstat errors
DE410130 - 01316440-EM lax file parameters not being used

SERVER HOTFIX # 63
Not available from https://casupport.broadcom.com/
version:   10.7.0.289  
build : 996301    
Release date :    2020-07-03  
Fixed components:   Jetty cfg. migration  
Targeted for release : 10.8
IMPORTANT NOTES:
DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
Fixed Issues:
DE467501: HF61 installer overwrites the em-jetty-config.xml and webview-jetty-config.xml, all custom Jetty configuration like keystore password, keystore path, etc. is overwritten and all the other customizing is simply not considered

AGENT HOTFIX # 62
Not available from https://casupport.broadcom.com/
version:   10.7.0.288  
build : 996113  
Release date :    2020-04-16  
Fixed components:   Tibco Powerpack  
Targeted for release : 10.8
Fixed Issues:
TIBCO 5.14 support in APM 10.7

SERVER HOTFIX # 61
Not available from https://casupport.broadcom.com/
version:   10.7.0.287 
build : 996112 
Release date :    2020-06-19 
Fixed components:  EM, WV, WS, APMSqlServer, ACC 
Targeted for release : 10.8
IMPORTANT NOTES:
1.DO NOT release this hotfix to customers with CEM/TESS functionalities. 
Otherwise, disable CEM by adding introscope.enterprisemanager.tess.enabled=false in EM IntroscopeEnterpriseManager.properties file
2. This HOTFIX upgrades Jetty to 9.4.27 (DE434288), If any other customizations were done to em-jetty-config.xml or webview-jetty-config.xml, you need to be recreate those in the new configuration files, see HOTFIX README file. This problem is fixed in HF#63

Fixed Issues:

a) build 996104(10.7.0.279)

b) Standard EM:
DE449168 - 20320127-HTTP 500 error codes from metrics data webservice (Axis 1.4.1120-1)
DE434288 - 20068181-Security vulnerabilities in Jetty (EM/WV,APMSQLServer, jetty 9.4.11-2 upgraded to 9.4.27)
DE434288 - 20068181-Security vulnerabilities in jquery 2.2.4
DE449639 - 31704439-Security vulnerabilities in apache-el 8.5.23
DE449639 - 31704439-Security vulnerabilities in apache-jsp 8.5.23
DE449639 - 31704439-Security vulnerabilities in javax.servlet 2.5, 3.1.0
DE449639 - 31704439-Security vulnerabilities in javax.servlet-api 2.5, 3.1.0
DE449639 - 31704439-Security vulnerabilities in jetty-schemas 3.1
DE449639 - 31704439-Security vulnerabilities in org.hibernate 3.2.1
DE449639 - 31704439-Security vulnerabilities in org.owasp.esapi 2.0.0
DE449639 - 31704439-Security vulnerabilities in org.postgresql 9.2.1003 (PostgreSQL JDBC driver to 42.2.8)
DE449639 - 31704439-Security vulnerabilities in WilyBouncyCastle 1.0, replaced with bcprov-jdk15on.jar, bcpkix-jdk15on.jar and bcpg-jdk15on.jar
DE449639 - 31704439-Security vulnerabilities in Axis 1.4.1
DE452281 - Security vulnerabilities in fasterxml-jackson-databind 2.9.10.1, 2.9.10.3
DE452067 - 20113531-com.wily.apm.tess/WebContent/WEB-INF/lib/lib not found when deployed with an installer
DE449639 - 31704439-Add property for non-OSGi Jetty version (9.4.27.v20200227, APMSQLServer)
DE434288 - 20068181-SameSiteCookieFilter added to prevent CSRF attacks
DE434288 - 20068181-TLSv1.1 removed from the supported protocols in em-jetty-config.xml and webview-jetty-config.xml, SHA1 cipher excluded
DE434288 - 20068181-sniHostCheck set to true in webview-jetty-config.xml (the SNI Host name must match)
DE434288 - 20068181-stsMaxAgeSeconds set to 31536000 in webview-jetty-config.xml (the max age in seconds for a Strict-Transport-Security response header)
DE434288 - 20068181-stsIncludeSubdomains set to false in webview-jetty-config.xml (a include subdomain property is not sent with any Strict-Transport-Security header)
DE434288 - 20068181-Added CSRF filter to all TomSawyer links in web.xml (WV)
DE434288 - 20068181-Added ReferrerPolicyFilter and ExpectCTFilter in web.xml (WV)
DE434288 - 20068181-Disabled OPTIONS method with security constraint (WV)
DE434288 - 20068181-Added cookie same site, strict (WV)
DE434288 - 20068181-HTTP DELETE method is not authorized
DE434288 - 20068181-content security policy settings (introscope.webview.headers.csp) modified in IntroscopeWebView.properties
DE434288 - 20068181-ACC:make sure org.bouncycastle.jce.provider.BouncyCastleProvider is installed as the last provider
DE434288 - 20068181-yFiles upgraded from 1.0.3 to 1.0.4
DE434288 - 20068181-angular upgraded from 1.6.6 to 1.7.8
DE434288 - 20068181-angular-gettext upgraded from 2.3.4 to 2.4.1
DE434288 - 20068181-angular-ui-grid upgraded from 4.0.6 to 4.8.3
DE434288 - 20068181-bootstrap upgraded from 3.3.6 to 3.4.1
DE434288 - 20068181-jquery-ui upgraded from 1.11.4 to 1.12.1
DE434288 - 20068181-moment upgraded from 2.13.0 to 2.24.0
DE434288 - 20068181-lodash upgraded from 4.13.1 to 4.17.15
DE449639 - 31704439-Hibernate library missing javassist_3.19.0-GA
DE449639 - 31704439-Added hibernate-core 3.3.2.GA into com.wily.apm.tess
DE449639 - 31704439-Disabling cache for ServicesDef in com.wily.apm.tess
DE449639 - 31704439-Database and migration scripts modified due to the upgrade of PostgreSQL JDBC driver to 42.2.8
DE451112 - 31793627-Database access is disabled when deployed with a specific installer
DE455696 - Daily Schedule task trying to connect Postgres DB when deployed with a specific installer
DE455534 - collector EM is still trying to connect DB when deployed with a specific installer
DE400634 - Persistent Cross-Site Scripting (XSS): HTML escape of delete status message in the alert
DE460340 - MOM is not restarting with new management module is created (NPE fix)
DE456074 - KeyStores with multiple certificates are not supported on the base SslContextFactory class (em-jetty-config.xml, webview-jetty-config.xml)
DE461576 - 31917805-Security vulnerabilities in org.dom4j CVE-2020-10683 (DE461044)
DE462669 - Webview login fails due to "CSRF token is expected to exist in session" after Jetty upgrade
DE461744 - Jetty-runner in APMSQLServer is deprecate, startup logs are displaying on console,not redirecting to "apmsqlserverout.log"
DE460176 - Business Transactions does not show List of Transactions after angular-ui-grid upgrade

SERVER HOTFIX # 60
Not available from https://casupport.broadcom.com/
version:  10.7.0.271
build : 996001   
Release date :   2020-03-24  
Fixed components: EM
Targeted for release : 10.8
Enhancement:
F92377 - Adding count and weighted average to SQL REST API in appmap

AGENT HOTFIX # 59
Not available from https://casupport.broadcom.com/
version:  10.7.0.270 
build : 995902   
Release date :  2020-03-12
Fixed components: Agent > CTG Powerpack
Targeted for release : 10.8
Fixed Issues:
DE444921 - Fixed the specific tracer routine to encode special characters in its metric naming.

SERVER [HOTFIX # 58]
Not available from https://casupport.broadcom.com/
version:  10.7.0.265  
build : 995803  
Release date :  2020-03-06  
Fixed components: EM, Webview, Workstation  
Targeted for release : 10.8
Fixed Issues

a) build 995803(10.7.0.265) - upgrade from 10.5.2

b) Standard EM:

DE419816 01312605-EM is unable to instantiate ISupportabilityServiceLocal bean when configured without DB 
DE434979: 20079136 Workstation Slow after 10.7.0.45 Upgrade
DE450152: 20276723-Removed CEM debug messages added in CHF#55

AGENT [HOTFIX # 57]
Not available from https://casupport.broadcom.com/
version: 10.7.0.260
build : 995700
Release date :  2020-02-24 
Fixed components: MQ Powerpack, Tibco Powerpack 
Targeted for release : 10.8
Fixed Issues 
DE437614 - MQ Agent Autodiscovery Queue configuration is attempting to read/write hundreads of times per second.
DE447928 - Tibco- Metric that exist on BW5 and don't exist on BW6

SERVER [HOTFIX # 56]

Not available from https://casupport.broadcom.com/
version: 10.7.0.258
build : 995603
Release date : 02/18/2020
Fixed components: CEM
Targeted for release : 10.8
Fixed Issues 
DE445697 - 20276723-CEMExportTool no longer working: java.lang.StackOverflowError

SERVER [HOTFIX # 55]

Not available from https://casupport.broadcom.com/
version: 10.7.0.253
build : 995500
Release date : 01/31/2020
Fixed components: CEM
Targeted for release : 10.8
Fixed Issues 
DE432466 - 20065832-Impossible to decode image on CEM interface with IE11

SERVER [HOTFIX # 54]

Not available from https://casupport.broadcom.com/
version: 10.7.0.252
build : 995401
Release date : 01/13/2020
Fixed components: EM, WV
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE438470: 20099449 Security Vulnerability: HTTP Strict Transport Security (HSTS) Missing from HTTPS Server. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.

SERVER [HOTFIX # 53]

Not available from https://casupport.broadcom.com/
version: 10.7.0.250
build : 995300
Release date : 12/03/2019
Fixed components: EM \ TESS
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE436977 - CEM - NestedServletException: Request processing failed; nested exception is net.sf.jasperreports.engine.JRException

SERVER [HOTFIX # 52]

Not available from https://casupport.broadcom.com/
version: 10.7.0.249
build : 995200
Release date : 11/22/2019
Fixed components: EM, WV
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE429425 - 20052285 Ontology Engine High response time
DE440224 - 20111055-apmdb pruning task broken and affecting EM performance
DE438719 - SAML Realm - error in authenticating
 

SERVER [HOTFIX # 51]

Not available from https://casupport.broadcom.com/
version: 10.7.0.248
build : 995101
Release date : 11/11/2019
Fixed components: EM, WV
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE425923 - 20034264-Jetty in Webview not configured in an environment with reverse proxies
DE435755 - 20085640-Spring Data Commons upgraded to 1.13.23.RELEASE
DE434478: 20071280 10.7 Loadbalancing latched="true" not working as expected

AGENT [HOTFIX # 50]

Not available from https://casupport.broadcom.com/
version: 10.7.0.246
build : 995000
Release date : 11/5/2019
Fixed components: Agent > EPAgent
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE436472: 20089537 Hotfix Request for 20012274 - EPAgent HTTP Error 400 MetricClampExceededException

SERVER [HOTFIX # 49]

Not available from https://casupport.broadcom.com/
version: 10.7.0.245
build : 994901
Release date : 10/31/2019
Fixed components: EM, WV, WS, ApmSqlServer
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE427572 - 20031876-ASM Agent cannot handle load balancing since installing 10.7 SP3
DE427410 - 20042360-Not seeing the Problem details in SpyderView in ATC
DE435755 - 20085640-Security vulnerabilities in fasterxml-jackson-databind 2.9.8 (Apache-2.0)
DE423459 - Added hostname cross layer correlation VM to everything, trim property value
DE429024 - Cannot open experience cards after upgrade to SP3

AGENT [HOTFIX # 48]

Not available from https://casupport.broadcom.com/
version: 10.7.0.243
build : 994800
Release date : 10/15/2019
Fixed components: TibcoBW6 Agent
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE424189 - TibcoBW6 Agent Memory Leak Issue

AGENT [HOTFIX # 47]

Not available from https://casupport.broadcom.com/
version: 10.7.0.242
build : 994700
Release date : 10/15/2019
Fixed components: APMIA
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE431454 - Win SystemEdge with APMIA is being installed with vulnerable VC 2010 SP1 runtime

AGENT [HOTFIX # 46]

Not available from https://casupport.broadcom.com/
version: 10.7.0.241
build : 994600
Release date : 10/03/2019 
Fixed components: APMIA > EPAgent
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE426578 - APMIA show goofy text in APM EM

SERVER [HOTFIX # 45]

Not available from https://casupport.broadcom.com/
version: 10.7.0.238
build : 994501
Release date : 2019-09-26
Fixed components: EM, ACC, WS
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE428244: APM web interface - average response and transactions volume - huge difference to Introscope
DE429484: ACC -- Need Fix for getting agent log during diagnostic report (DE426992: ACC: Diag report - cannot download agent log)
F89434: Email Actions goes to BCC 

AGENT [HOTFIX # 44]

Not available from https://casupport.broadcom.com/
version: 10.7.0.236
build : 994400
Release date : 2019-09-19
Fixed components: MQ Powerpack
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE424159 - Few code changes were made in the latest IBM libraries, which are resulting into unknown nodes in the MQNameFormatter.

SERVER [HOTFIX # 43]

Not available from https://casupport.broadcom.com/
version: 10.7.0.235
build : 994301
Release date : 2019-09-19
Fixed components: Agent, EM
Targeted for release : 10.8
Fixed Issues & Enhancements:
DE409758 - During 10.5.2 to 10.7 upgrade if we install Postgres in different folder, SP3 script is applying the patch on old Postgres folder instead of new DB folder
DE423385 - Metric based Topology: introscope.enterprisemanager.mbt.metrics.query.frequency.in.seconds property hot config not working
DE423040 - APM OI connector is not sending TAS externalId information with alarms to DOI[DOI]
DE423506 - HostName is displaying as "Custom Metric Host (Virtual)" instead of EM hostname for Custom Metric host payload for APM_Inventory_Custom layer
DE423819 - MBT plugin still trying to push data to TAS, when only OI plugin is enabled
DE422882 - MetricBasedTopology:Plugin still processing data & creating vertex & edges even after disabling plugin
DE424942 - doi.metric.path.ciuniqueid, host, external ID properties are repeated in EM properties files when MBT Plugin is disabled & enabled
DE425003 - CI_uniquie_id found in cache per interval" metric is 0 & new vertex are not created in when we load new rules in MetricBasedTopologyconfig.yml file
DE424258 - External ID are not same for inventory & alarms data
DE424422 - ao_itoa_metrics_metadata_1_1 is getting created by the code
DE424386 - Meta data cache is not getting cleared
DE425741 - No Error message in EM logs, when proxy server went down and also wrong supportability metrics info is seen
DE425739 - Error initializing Jarvis for APM java.lang.NullPointerException when we start EM - Metrics are not reaching
DE425345 - No, Warn or Error message in EM logs when tenant/index doesn't exist in Jarvis
DE424426 - Data is not getting ingested in Metadata index after disabling and enabling the Metadata and adding a new agent
DE425048 - "ci_unique_id" is wrong. Sample - "1\\|2\\|3\\|CookieExample" when we enable MBT plugin for metadata data in ES
DE425058 - Metadata not working in collector
DE425943 - OI proxy property turn off (hot property) is not working
DE426170 - MBT plugin not able to create vertex on ETC EM for Agents connected to provider EM's
DE425856 - "ci_unique_id" displaying wrong for "configuration_item_type": "AGENT", inventory data
DE426496 - Layer information missing for metadata data when MBT plugin is enabled
DE425344 - When APM OI plugin disabled & started EM without mapping properties, observed Cannot onboard tenant as tenant ID is null & nullpointer exception errors in EM logs
DE426631 - Metadata plugin pushing metrics with MBT custom values (host, external_id, ci_uiquie_id), when EM contains "doi.metric.path" properties & MBT plugin is disabled
DE426629 - Metadata plugin not picking MBT plugin custom values(host,external_id, ci_uinquie_id), when we enable/disable MBT plugin Multiple times(form 2nd time onwards)
DE426712 - "java.lang.ClassCastException: com.wily.introscope.server.beans.metricdata.Metric DataManager" exception in EM Console
DE411039 - OI Plugin: message [MapperParsingException[failed to parse [agent_ip]]; nested: IllegalArgumentException] in jarvis indexer logs
DE425991 - Metadata baseurl cannot be null. Check IntroscopeEnterpriseManager.properties in EM logs, even after providing url in properties file
DE427328 - java.util.concurrent.RejectedExecutionException in EM logs during load runs when metadata is enabled
DE426630 - proxy plugin unable to send metrics data to Jarvis, when proxy server has authentication enabled (with username/pwd)
DE430012 - Metadata Doctype version property introscope.enterprisemanager.doi.metadata.docTypeVersion=2 is not working
DE430980 - External ID missing for few alerts, non topological alerts in ES

Agent:
DE414333: 01344290-Concerns with CVEs from CA Wiley for the following agent jars

AGENT [HOTFIX # 42]

Not available from https://casupport.broadcom.com/
version: 10.7.0.232
build : 994202
Release date : 2019-09-05
Fixed components: Agent
Targeted for release : 10.8
Fixed Issues & Enhancements:
- DE408823: 01307835 - Missing components in Team Center MAP
As part of ATT implementation, there is a feature requirement to build Topology/Map from metrics.
Requirement: ATT uses custom instrumentation where there are no frontends/backends for most of the cases.

SERVER [HOTFIX # 41]

Not available from https://casupport.broadcom.com/
version: 10.7.0.226
build : 994106
Release date : 2019-08-20
Fixed components: WV, WS, APMSqlServer, EM
Targeted for release : 10.8, Nextgen
Fixed Issues & Enhancements:
- F86500 - WebView / Workstation "New Transaction Trace" dialog enhancements
New Transaction Trace Session in WebView and Workstation - The default option "Trace all supported Agents" 
is modified to "Trace selected Agent(s)" so users do not start by default tracing session for 
all agents. The users can resize the dialog to see the complete agent list and filter the agents 
by name including the support for RegEx queries.
- DE425090 - 01373171-Security vulnerability in c3p0-0.9.1.jar in APMSQLServer (CVE-2019-5427)
- F87376 - Error filtering during ingestion in 10.7  - Sometimes when the Enterprise Manager ingests a high volume of 
Transaction Traces, certain microservices fail, causing APM Team Center not to function properly. 
Administrators can filter out unwanted Transaction Traces by configuring the 
introscope.traces.errorsnapshots properties in the IntroscopeEnterpriseManager.properties file

SERVER [HOTFIX # 40]

Not available from https://casupport.broadcom.com/
version: 10.7.0.220
build : 994002
Release date : 2019-07-30
Fixed components: ACC, EM
Targeted for release : 10.8, Nextgen
Fixed Issues:
DE385476: 01180139-Unable to push new configurations from ACC to Agent - Error EC1006
DE389992: 01214083-ACC Agent Controller unable to reconnect to ACC Configuration Server
DE413466: ACC Controller from 10.7.0_sp: com.thoughtworks.xstream.security.ForbiddenClassException: javax.jms.InvalidClientIDException
DE418110: CVE-2019-3778 (Medium) - spring-security-oauth2-2.0.16.RELEASE.jar
DE401970: ACC: UI: polling continues even after you leave the view where polling was started (reports, agents)
DE407958 -FormAuthenticator added to all contexts except SOAP services (/introscope-web-services, /apm-web-services)

SERVER [HOTFIX # 39]

Not available from https://casupport.broadcom.com/
version: 10.7.0.218
build : 993901
Release date : 7/24/2019
Fixed components: EM, WV, CEM
Targeted for release : 10.8
Fixed Issues:
DE414866: web view alert graph windows are super tiny
DE423459 - 20020746-vcenter monitor, VM correlation to HOST in ATC fixed
DE418783: CEM console in 10.7SP3 does not shows tabs after login
DE419431: error 500 on CEM transaction discovery tab

AGENT [HOTFIX # 38]

Not available from https://casupport.broadcom.com/
version: 10.7.0.217
build : 993801
Release date : 7/12/2019
Fixed components: EM, Agent, Agent -MQ
Targeted for release : 10.8
Fixed Issues:
DE417535: New MQ Agent extension enhancement (F24177)

SERVER [HOTFIX # 37]

Not available from https://casupport.broadcom.com/
version: 10.7.0.213
build : 993701
Release date : 2019-06-21
Fixed components: EM, WV, ATC, WS
Targeted for release : 10.8
Fixed Issues:
E401623 - 01278866-Still getting RestApiException: INTERNAL_SERVER_ERROR in 10.7 SP2
DE419553 - 01371692-Not seeing any data in TeamCenter
DE419829 - 01373171-Security vulnerabilities in xstream_1.4.10.jar (CVE-2013-7285)
DE417875 - 01360979-10.7sp3 HF#30 SSL issue, Webstart service could not be started, Cannot recover key
DE420814 - DE420814-DX APM 10.7 #HF30 upgrade WebStart will not open with SSL issues

AGENT [HOTFIX # 36]

Not available from https://casupport.broadcom.com/
version: 10.7.0.212
build : 993600
Release date : 2019-06-12
Fixed components: Agent -SOA,Spring,Tibco,PHP
Targeted for release : 10.8
Fixed Issues:
DE406897: org.apache.jasper.JasperException: java.lang.ClassCastException: com.sun.xml.ws.transport.Headers cannot be cast to com.sun.xml.ws.transport.Headers
DE415645: "com.wily.introscope.spec.metric.BadlyFormedNameException: Metric_Name_Is_Too_Long" and UTFDataFormatException breaks the Agent to EM connection
DE416613: java.lang.StringIndexOutOfBoundsException due to spring extension
DE411112: Agent doesn't rename agent on TIBCO BW 5 or BW 6
DE420307: PHP 7.2 and 7.3 support for PHP Agent

SERVER [HOTFIX # 35]

Not available from https://casupport.broadcom.com/
version: 10.7.0.211
build : 993505
Release date : 2019-06-05
Fixed components: EM, VW, ATC
Targeted for release : 10.8
Fixed Issues:
DE402232 - 01281857-Security vulnerabilities in commons-httpclient-3.0.1.jar, dom4j-1.5.2.jar, guava.jar and xerces.jar
DE407958 - 01312605-Several exceptions and warnings in IntroscopeEnterpriseManager.log when installer is used
DE411433 - Webview: transaction trace viewer fails to process uploaded json because of CSP header
DE419783 - APM security headers are missing on root page on port 8081 (WS java web start)
DE416908 - 01358154-HTTP Security headers missing from EM port 8081 response
DE418466 - 01365022-lots of com.fasterxml.jackson.databind.JsonMappingException in EM logs after applying APM HF33
DE419980 - ETC: User failed to login to Provider webview, when we access it from ETC UI(DE412132 - missing CSRF token)
DE419945 - Experience view filter and alerts fixes
DE403848 - Properties to configure jarvis and es url for OI plugin
DE403853 - DOI to APM navigation for alarm: alerts created under custom domain doesn't have right alarm url
DE405269 - APM-DOI Plugin Load Run: After 1 hour of continues load run, plugin stopped pushing inventory data to jarvis with "401 Unauthorized" error, Token expire
DE408867 - Zero values metrics has to be pushed to ES, to view continues graph & for few functionalities to work properly on DOI
DE408864 - unique_id collision when multiple clusters connected to same DOI
DE409272 - Read agent specifiers
DE410205 - Host name with Fully qualified domain name across alerts, metrics, inventory
DE419179 - Push frequency from 15 sec to configurable (default 60 sec)
DE419183 - Host as EMHost for Inventory, metrics, alarms for Custom Metric Host
DE403213 - Disable OI plugin when DOI integration is not needed
DE411258 - Hostname in inventory and metrics has to be in same case
DE410399 - APM metrics index change to have only value
DE415563 - Handle numeric metric names from Connector (don't push numeric metric names even it is (.*))
DE415564 - Alarms are not pushing to ES & "jarvis onboarding URL is empty" warning messages displayed in logs
DE417646 - Even after disabling OI Plugin, logs shows APM Inventory "Getting card details" and EM ATC shows OI Inventory Supportability Metrics
DE419654 - Inventory disabled in the MOM/Standalone setup, Inventory data is still getting received at ES Level

AGENT [HOTFIX # 34]

Not available from https://casupport.broadcom.com/
build : 993400
Release date : 2019-05-17
Fixed components: PHP Agent, .NET Agent
Targeted for release : 10.8
Fixed Issues:
DE413120: Rollup fixes/enhancements related to PHP from SaaS to 10.7 OnPrem
DE417275: PerfMon agent consumes high amount of Memory and CPU in server

SERVER [HOTFIX # 33]

Not available from https://casupport.broadcom.com/
version: 10.7.0.205  
build : 993302                                                  
Release date :    2019-05-13  
Fixed components: EM, VW              
Targeted for release : 10.8  
Fixed Issues:
DE413095 - 01308100-Add commented out settings for enableOCSP and enableCRLDP in Jetty cfg files
DE407780 - 01312738-Cards report does not show the quantity for the 1 seconds
DE413348 - 01340439-Enterprise Team Center shows blank screen
DE415885 - 01346555-Unexpected: last resultset already had less than LIMIT size, expected empty resultset now
DE414659 - 01346576-ETC Experience cards returns "No Traffic" message on all cards
DE413955 - 01343497-Cannot start APM
DE413708 - APM 10.7 SP3 installation bundled without SOA dependency map jars
DE416611 - Placeholder support for attribute rules

SERVER [HOTFIX # 32]

Not available from https://casupport.broadcom.com/
version: 10.7.0.202  
build : 993201                                                
Release date :    2019-04-29
Fixed components: Agent, EM              
Targeted for release : APM 11.1/SaaS/SP4    
Fixed Issues:
F83270: Support Spring Reactive Applications (Enhancement)

AGENT [HOTFIX # 31]

Not available from https://casupport.broadcom.com/
version: 10.7.0.201
build : 993100                                              
Release date :   2019-03-30  
Fixed components: PHP Agent, .NET Agent, JavaAgent                 
Targeted for release : 11  
Fixed Issues:
DE407671 - PHP Agent breaks app  502 Bad Gateway
DE409952 - .NET Duplicated backend DB
DE405260 - introscope.agent.urlgroup.frontend.url.resources.list checks the resouce list within range of start and end index provided in introscope.agent.urlgroup.group.default.format instead of checking the full URL length to correctly identify URLs as a resources
 

SERVER [HOTFIX # 30]

Not available from https://casupport.broadcom.com/
version : 10.7.0.199     
build : 993003                                            
Release date :   2019-03-28  
Fixed components: EM, ATC, WV, ACC                 
Targeted for release : 10.7.0 SP4  
Fixed Issues:
DE400641 - Cross-Site Request Forgery (CSRF)
DE400629 - X-Forwarded-For Header Security Bypass
DE409657 - "Webserver not yet available" error message in log for DOINotificator
DE405923 - 01301277-ACC Cannot insert property with space in name
DE407927 - 01313255-ACC->SAML authentication stopped working

[HOTFIX # 29] = 10.7 SERVICE PACK # 3

Available from https://casupport.broadcom.com/
version :  10.7.0.197  
build : 992906                                            
Release date :   2019-03-22   
Fixed components: EM, ATC, WV, WS, ACC, APMSQLsrv                  
Fixed Issues:
DE371495 - 01117071-com.ca.apm.crypto: Detect key store type and add support for PKCS12 type
DE380705 - 01167544-Add HTTP Security Headers in WebView: * Content-Security-Policy HTTP Header missing on port 8080.
DE380709 - 01167576-Add HTTP Security Headers in WebView Jetty on port 8081
DE380860 - 01168383-Add HTTP Security Headers in WebView: X-XSS-Protection HTTP Header missing on port 8080
DE406117 - 01302427-Add '-Djava.io.tmpdir=./work' to default Java options for Jetty's temporary files
DE357374 - 00992541-On MOM, agent mount action mounts agent on the first identified node
DE382649 - 01171999-APM Status Console-reporting "disconnected historic agent limit"-active clamp
DE391754 - 01226637-Metric View, the link into Webview for the individual SQL metrics does not work (blank page)
DE391746 - 01226637-Metric View, long SQL statements causes the metric graph to be very small
DE387003 - 01201865-Seeing error ORA-01795: maximum number of expressions in a list is 1000
DE394205 - 01222597-Manager.MessageService, java.util.ConcurrentModificationException
DE385712 - 01193991-Webview console dropdown issue with not escaping edit mode when collapsed
DE392584 - 01224037-WebView graph empty even when there is metric within the agent listing
DE386434 - 01198575-ACC not checking for the complete list of locations (the lack of space)
DE397978 - 01249054,01306493-Security vulnerabilities in spring-websocket-4.3.17.RELEASE.jar in ACC
DE404518 - 01293813,01303609-Not able to invoke apm webservices after Jetty upgrade
DE389992 - 01214083-ACC Agent Controller unable to reconnect to ACC Configuration Server
DE393586 - 01229361-WebView graph on console appearing on top of time axis labels
DE395435 - 01206926-WebView Trace will not trace multiple agents of same name
DE377498 - 01106718-Introscope PDF Report, cannot display Japanese strings
DE398231 - 01263384-Some card not showing attributes when try to edit it (DE400656)
DE358818 - 01000669-Could not synchronize database state with session (tess)
DE388091 - 01144346-MOM SpringMVC_Aggregation.js MOM cannot output metric data
DE385452 - 01168220-Spring bean initialization error at CDV WebView startup (DE381040)
DE391247 - 01191617-10.7sp2 gives warn messages AgentThreasholdDeliveryService
DE391538 - 01225523-Garbled characters in resource metric and BlamePoint metric
DE397083 - 01219203-TeiidSQLException is unable to transform the column value
DE394836 - 01246604-MOM Connection error messages in standalone EM
DE398064 - 01242233-Unexpected Behavior on domains.xml permission
DE388998 - 01214063-Shared Agent Deployment - ACC Fix request
DE397909 - 01259731-Error AppMap with storage after hotfix
DE394949 - 01240760-Issue with tiles histogram bars height
DE387497 - 01201275-Timezone issue with apmsql
DE397429 - 01256023-Webservice api update getMetricData_v2
DE405364 - 01298884-Default language English not working in Webview in Management tab
DE407191 - 01309943-Analysis Notebook, map layouting fix
DE394574 - 01245505-Use DELAY_START for ACC controller service on windows
DE395433 - 01246817-Unable to open Analysis Notebook
DE376501 - 01136907-Unable to start MOM Instance
DE378407 - 01148518-APMSQL connection issue
DE389337 - Security vulnerabilities in cxf-rt-rs-client, cxf-rt-rs-security-jose, cxf-rt-wsdl and cxf-core 3.2.2
DE375385 - Security vulnerabilities in fasterxml-jackson-databind 2.7.9.3 (Apache-2.0)
DE401876 - Security vulnerabilities in fasterxml-jackson-core 2.9.6 (Apache-2.0), DE401878
DE363005 - Security vulnerabilities in apache-jakarta-taglibs 1.1.2
DE402764 - Security vulnerabilities in spring-web-4.3.9.RELEASE.jar (com.ca.apm.em.idp.shibboleth)
DE402736 - Security vulnerabilities in spring-aspects-3.2.16.RELEASE.jar
DE363013 - Security vulnerabilities in apache-jakarta-taglibs 1.1 (tess)
DE376092 - Security vulnerabilities in lucene-core-2.2.0.jar (tess)
DE401800 - Security vulnerabilities in slf4j-api 1.7.9 (MIT)
DE400714 - Security vulnerabilities in Apache ActiveMQ 5.8.0 (Apache 2.0, 5.14.5-bcm-1)
DE383269 - If you delete all filters in an experience card and save it, you can't modify filters anymore
DE399460 - AT possible culprit shows java app name for .Net agent & for .Net app name for java agent
DE401283 - WebView sockets (add NIO|Channels) related metric groupings changed after Jetty upgrade
DE390016 - ACC Controller does not reconnect activemq connection on silently closed connection
DE387408 - Package wizard shows invalid package download link under certain conditions in ACC
DE381342 - ACC package name is not visible on diag report, it is empty after upgrade to SP2
DE401600 - Log info about X.509 certificate used by Jetty
DE388217 - Concurrent package push actions can lead on out-of-memory on controller in ACC
DE397883 - TokenValidatorClient:Invalid Registry Path Exception when MOM is not running
DE238012 - EM collector configuration does not respect Hot config if invalid initially
DE381396 - PagerDuty Api URL is SaaS config
DE390520 - Maps shows topo changes on edges but timeline and component view shows none
DE399385 - Show INFO message, not error if ACC ActiveMQ broker is not yet started
DE384408 - WVCtrl.sh-Add double quotes so that the script handles spaces in path
DE400797 - Agent with package from different ACC CS is counted in local package
DE325678 - Package's agent count is inconsistent after upgrade from ACC 10.5.0
DE401510 - Quotes/double quotes fixes in WebView SOA map and other JSP pages
DE402757 - Removed database deadlock by sorting objects
DE406658 - Metric tree is inconsistent on MOM
DE397299 - Modify error message-AXA/APM integration
DE402207 - No logs are generated in em log when application fails to delete the alert
DE403583 - Fixed browser language with country code in ACC (fr-FR, it-IT, de-DE and es-ES)
DE171824 - Invalid hotconfig.pollingInterval values not handled
DE389492 - Problem with height of expanded row in Universes
DE381881 - Several localization improvements in Workstation
DE396604 - RestApiException: OUTDATED_SETTINGS in ETC log
DE396924 - DuplicateKeyException while storing Evidences
DE404381 - MessageFormat.format issues in logs after Jetty upgrade (mostly apostrophe escaping)
DE402569 - Replace Java serialization for SessionToken with ad-hoc serialization (Insecure Java De-serialization)
DE403731 - Discovery Trace is not working since the agent cannot get introscope.apm.data.agingTime from EM
DE399530 - Perspective dropdown & Application dropdown are overlapped in Analysis Notebook page
DE400697 - Blank data is sometimes displayed for Analysis Notebook for the very first time
DE404776 - Sequential data loading in historical mode is not working in case one of the calls fail on backend
DE389960 - 10.6 Agent keep connecting and disconnecting
DE395465 - ACC upgrade tool-Multiple ver files found
DE393844 - NPE fixed in Harvest Engine Pooled Worker
DE401255 - WebView: CSP header prevents the UI from rendering
DE400743 - Blank screen is displayed when user minimizes the map and maximizes it again on Experience View page
DE404739 - Lower log level of "Webserver not yet available" message to INFO (DE404864)
DE402543 - NPE fixed in APMAdapter (SQLserver)
DE402533 - JSON element error in Grafana fixed (SQLserver)
DE404839 - New Simple Alert from Metric is disabled for non-admin users
DE403853 - DOI to APM navigation for alarm: alerts created under custom domain doesn't have right alarm url
DE405557 - APM-DOI Plugin: Alerts clamp not working, clamp values was 10000 but ingested alerts per interval is around 40k
DE405262 - APM-DOI Plugin: Inventory data query failed when we enable https in EM with self signed certificates with CN=*.ca.com
DE405269 - APM-DOI Plugin Load Run: After 1 hour of continues load run, plugin stopped pushing inventory data to jarvis with "401 Unauthorized" error, Token expire
DE408861 - APM Infrastructure Inventory data has to be pushed to ES (new ask from DOI team)
DE409261 - ci_unique_id & isolation url is missing for APM_Infrastructure layer inventory data in ES
DE408863 - Pushing inventory data failed when ATC map has more vertices, Doc size is more than 20 MB & jarvis unable to handle
DE408867 - Zero values metrics has to be pushed to ES, to view continues graph & for few functionalities to work properly on DOI
DE408864 - unique_id collision when multipule clusters connected to same DOI
DE401743 - NPE or Internal Server Error happened during controller invocation
DE401944 - Audit actual host name when Workstation logs out instead of localhost
DE387835 - Hide 'New Alert' popup on metric view page for non-admin user
DE390969 - The size of the evidence statement is clamped to 2MB
DE408694 - Health, Transaction Count, ART metrics data not displayed on Experience View Cards after upgrade
DE408429 - EM SAML Internal IDP: ATC is just showing blank page with spinning [after refreshing browser it is navigating to SSO login page]

SERVER [HOTFIX # 28]

Not available from https://casupport.broadcom.com/
version : 10.7.0.191   
build : 992804                                          
Release date :   2019-02-13    
Fixed components: CEM (TESS)                
Targeted for release : 10.7 SP3  
Fixed Issues:
DE405253 - Remove "Database Settings" from CEM UI - CEM UI Password in html source page

AGENT [HOTFIX # 27]

Not available from https://casupport.broadcom.com/
version : 10.7.0.176  
build : 992712                                        
Release date :   2019-01-18    
Fixed components: .NET Agent               
Targeted for release : 10.7 SP3  
Fixed Issues:
DE389894  - Mitigate a potential issue with APM 10.7.0 Browser Agent auto injection crashing .NET application by skipping injection of the BRTM JavaScript into web pages not having content type specified.  

SERVER [HOTFIX # 26]

Not available from https://casupport.broadcom.com/
version : 10.7.0.189 
build : 992605                                      
Release date :  2019-01-31   
Fixed components: EM             
Targeted for release : 10.7 SP3  
Fixed Issues:
DE397310 - 01256486-Parallelism in storing edges, lower memory consumption, IllegalSE fixed
DE387003 - 01201865-Seeing error ORA-01795 maximum number of expressions in a list is 1000

SERVER [HOTFIX # 25]

Not available from https://casupport.broadcom.com/
version : 10.7.0.172 
build : 992504                                    
Release date :  2019-01-10   
Fixed components: Webview, Workstation, ACC, EM           
Targeted for release : 10.7 SP3  
Fixed Issues:
DE398352 - 01261431-Cyber vulnerability in "Spring Data Commons" in ACC (CVE-2018-1273, RCE), plus spring-security-oauth
DE400241 - 01272245-WVCtrl.sh script is not able to parse WV port out of webview-jetty-config.xml  (custom configuration only)
DE391972 - 01229210-Report generation does not work in french UI version
DE397310 - 01256486-Some topological data are not present because of performance issue
DE396265 - Fix for metric browser sometimes being empty

SERVER [HOTFIX # 24]

Not available from https://casupport.broadcom.com/
version : 10.7.0.165    
build : 992403                                  
Release date :  2019-01-02 
Fixed components: EM, ATC, WV, CEM, APMSqlSrv          
Targeted for release : 10.7 SP3  
Fixed Issues:
DE385641 - 01194546-Security vulnerabilities in Jetty and EM/WV (jetty 6.1.26/6.1.25 upgraded to 9.4.11)
DE376081 - Security vulnerabilities in Jetty and APMSQLServer (ehcache, jetty-runner)
DE391433 - 01226643-Fixed language switch with the property "introscope.webview.locales=en"
DE390000 - 01244886-Performance improvements of AT story mapping, metric query logging and supportability metrics improvements
DE396794 - 01255014-10.7 SP2 Java Agent - Spring Boot Extension Request
DE388836 - 01213029-Acceptance Environment SQL Error
DE396170 - Single sign on is not working for ATC UI when we define Name ID type as User Attribute & value as uid (SAML + external IDP(siteminder))
DE395551 - com.ca.apm.server.teiid-10.7.0.war does not contain bundle version in MANIFEST.MF
DE396606 - Set Jetty connector idle timeout to 300 seconds
DE395711 - CEM tab in TESS UI giving 500 error
DE391456 - Incremental loading fix in global view
DE396969 - Error retrieving metrics in em log, increasing the timeout 
DE396604 - FLD/ETC log RestApiException: OUTDATED_SETTINGS
DE383157 - apmsql binary is copied with Read Only permissions

SERVER [HOTFIX # 23]

Not available from https://casupport.broadcom.com/
version : 10.7.0.158    
build : 992303                                
Release date :  2018-12-17  
Fixed components: Agent, EM        
Targeted for release : 10.7 SP3  
Fixed Issues:
DE391438: Pb OutOfMemory agent 10.7
DE396794: 10.7 SP2 Java Agent - Spring Boot Extension Request
DE388836: Acceptance Environment SQL Error

SERVER [HOTFIX # 22]

Not available from https://casupport.broadcom.com/
version : 10.7.0.141    
build : 992201                              
Release date : 2018-11-23  
Fixed components: Enterprise Manager      
Targeted for release : 10.7 SP3  
Fixed Issues:
DE394553 - 10.7 ETC Home page and universes are slow
DE394136 - "All my universes" not visible for read-only users in 10.7

SERVER [HOTFIX # 21]

Not available from https://casupport.broadcom.com/
version : 10.7.0.134  
build : 992100                            
Release date : 2018-10-23  
Fixed components: ACC    
Targeted for release : 10.7 SP3  
Fixed Issues:
DE387984 - Command Center jetty version - security vulnerability

AGENT [HOTFIX # 20]

Not available from https://casupport.broadcom.com/
version : 10.7.0
build : 999999                          
Release date :  2018-10-09  
Fixed components: WebMethod extension      
Targeted for release : 10.7 SP3  
Fixed Issues:
DE388651  - issues fixed per CGR for 10.7 SOA Performance Manager to support WebMethods Integration server version 10.1

SERVER [HOTFIX # 19]

Not available from https://casupport.broadcom.com/
version : 10.7.0.131  
build : 991900                          
Release date :  2018-10-11     
Fixed components: Webview      
Targeted for release : 10.7 SP3  
Fixed Issues:
DE387646 - WebView Trace will not trace multiple agents of same name

SERVER [HOTFIX # 18]

Not available from https://casupport.broadcom.com/
version : 10.7.0.130  
build : 991800                        
Release date :  2018-10-09    
Fixed components: ACC    
Targeted for release : 10.7 SP3  
Fixed Issues:
DE386027 - ACC: Error pushing hot property changes to cold bundle
DE384878 - 01188663-Command Center won't start after APM 10.7 SP2

SERVER [HOTFIX # 17]

Not available from https://casupport.broadcom.com/
version : 10.7.0 
build : 999999                      
Release date : 2018-09-25  
Fixed components: CEM  
Targeted for release : 10.7 SP3  
Fixed Issues:
F72245  - This feature is to provde support for TIM support on RHEL 7.3 and CentOS 7.3. 
As a User, CEM should be working with the latest VMTP which runs on CentOS 7.3
As a User, CEM should be compatible with RHEL/CentOS 7.3 since RHEL 6.x is not allowed in most customer environment for security reasons.

SERVER [HOTFIX # 16]

Not available from https://casupport.broadcom.com/
version : 10.7.0.122   
build : 991604                    
Release date : 2018-10-03  
Fixed components: EM, ATC
Targeted for release : 10.7 SP3  
Fixed Issues:
DE378390 - 01148987-Standalone EM doesn't connect agents when agent clamp drops below threshold
DE385214 - EM wont start after JRE upgrade to version 1.8.0_172-b25
DE381847 - 01173559-performance improvements in ATC

SERVER [HOTFIX # 15]

Not available from https://casupport.broadcom.com/
version : 10.7.0.121  
build : 991413                    
Release date : 2018-09-17     
Fixed components: EM, WV   
Targeted for release : 10.7 SP3  
Fixed Issues:
DE378498 - 01151435-Log in issues if PostgreSQL DB is down
DE374413 - 01113274-regex search in Investigator metric browser returns no data in value column after initial search

[HOTFIX # 14 ] = 10.7 SERVICE PACK # 2

Available from https://casupport.broadcom.com/
version : 10.7.0.115  
build : 991408                    
Release date : 2018-09-07  
Fixed components: EM, ATC, WV, WS, ACC, Agent, PG     
Targeted for release : 10.7.0 SP2
Fixed Issues:
DE377002 - 01145684-Dynamic Web Scan detected Insufficient Session Protection/Regeneration
DE369866 - 01073835-The matrix are on the collector, the MOM is not showing those matrix
DE369862 - 00973317-APM have slow response times when one Collector has network problems resolving other collector addresses
DE372792 - 01127855-ORA-24816: Expanded non LONG bind data supplied after actual LONG or LOB column - APM 10.7 SP1
DE379887 - 01127358-LDAP Authentication Causing Team Center Issues
DE358682 - 00998673-Defect aggregation failed to start (DE36249)
DE354178 - 00992985-ETC Metric View is missing all the agents in super domain
DE367758 - 01104827-Unable to get SAML authentication working for ACC through MOM IDP
DE361530 - 00994619-Open Source BlackDuck Vulnerabilities
DE375369 - Security vulnerabilities in commons-collections 3.2.1 (Apache-2.0)
DE369015 - Security vulnerabilities in org.springframework.webmvc.jar (CVE-2016-5007, CVE-2018-1258)
DE363244 - Security vulnerabilities in JFreeChart 1.0.8 (CVE-2007-6307, CVE-2007-6306)
DE363238 - Security vulnerabilities in Apache Commons HttpClient 3.1 (CVE-2014-3577, CVE-2015-5262)
DE363268 - Security vulnerabilities in Spring used in Shibboleth (2.5.6.SEC03 to 4.3.9)
DE329263 - Security vulnerabilities in hawk, jquery (CVE-2016-2515, CVE-2011-4969, CVE-2016-7103)
DE377959 - Security vulnerabilities in spring-tx-5.0.5.RELEASE.jar in APMSQLServer (CVE-2018-1258, 00986299)
DE344091 - IntroscopeAgent.profile, Extensions.profile & all pbds contain unresolved copyright symbol
DE360217 - Update APM Documentation For EM, Agents Web Servers TLS 1.2 Cipher Suites and installation steps
DE379784 - 01116203-RestApiException in AGCLandingController: INTERNAL_SERVER_ERROR (DE370457)
DE343658 - 00934982-DB install failure
DE366399 - Missing audit log record for provider de-registration
DE374276 - Add 10.7 version to Oracle schema drop
DE367860 - LIKE is not working correctly in SQL rest query API
DE366718 - 01096226-No cross jvm correlation on TeamCenter when backends are only Socket calls
DE378342 - 01155174-Team center is blank/APM backend communication errors
DE376529 - 01124331-speedup authorization to universes (for over 1000 universes)
DE380793 - 01167518-CDL 10.7 HF11 slow Smartstor queries after upgrade
DE362491 - Error in EM Log: Separate JVM for defect aggregation failed to start
DE376223 - Experience cards are loading forever when no tile-order is set in the database yet
DE367208 - Error in fldagc log - Failed to invoke @ExceptionHandler method
DE379025 - Error in fldagc log - [Manager.AT] Exception during event contextualization
DE375483 - Proxy insertion processor after BT cleaner processor to have not proxies as left mosts
DE367618 - Wrong map relayout after group expand/collapse
DE367241 - Business Transaction tab shows inconsistent place when click Experience and Map views
DE336008 - User doesn't get notification for importing corrupted JSON TT file
DE368551 - Vertical scroll bar is not present if agent list grows on Agents page
DE339330 - Performance optimization for cases there is a huge amount of tiles on the top view
DE371771 - Settings/Universes is very slow to load with many Universes
DE363965 - TTViewer: Missing tool tip for Maximize view in List View
DE369451 - TTViewer: OK button for invalid JSON file dialogue hides when pressing tab key to have focus
DE364356 - Nodes highlighted in the map for no apparent reason
DE340854 - Metric Browser enhancements
DE380387 - Filter dropdown layer is under Map Loading layer
DE338782 - When you export certain traces and re-import them, the breadcrumbs duration changes
DE370735 - Compound filters in Isolation View
DE374402 - Drill-down in experience view does not work when there is a '%' sign in the card name
DE374407 - Filter layout is broken when editing an experience card
DE364357 - Showing number of loaded metrics instead of number of requested metrics
DE362533 - Map view & Dash Board View infrastructure layer view not in sync
DE348071 - Package edit wizard writes an exception to the browser console
DE368986 - ACC: inconsistent cold/hot change identification on packages
DE377972 - Close and ? icons are overlapping on each other while creating Universe, also in same screen entered data cannot be saved
DE376142 - Java Agent not honoring the "Turn On all Agent components" option on Workstation, component remains shut off till we enable it specifically
DE379865 - Fix Homepage broken in FFv36 (Map with null constructor is only supported from Firefox version 37)
DE379185 - ATC Map page shows wrong agent information during loading balancing
DE381444 - Application Layer dropdown is not displayed in Map area of Notebook View
DE381720 - FLD-Exp View Tiles take 25-55 seconds for loading data when we select the time range of last one week (increase the clamp to see data)
US388079 - For bundle property change, ACC should modify only properties and shouldn't reinstall the entire bundle
US512941 - Foreign Attributes: allow cross-layer propagation
US500880 - LIKE_REGEX added to APM SQL grammar (APMSQLServer)
US498265 - Create a OOTB perspective for Docker containers in App Layer
US508120 - Domain universes enhancements

AGENT [HOTFIX # 13]

Not available from https://casupport.broadcom.com/
version : 10.7.0.109  
build : 991300                  
Release date : 2018-08-12   
Fixed components: Agent   
Targeted for release : 10.7 SP3
Fixed Issues:
DE379234 - provide a tentative solution to support ignoring/skipping specific SOA SOAP Faults. The more comprehensive implementation will be addressed by dev team via Rally Story US525133 and its defects DE370528 and DE380262.

SERVER [HOTFIX # 12]

Not available from https://casupport.broadcom.com/
version : 10.7.0.108
build : 991201                
Release date : 2018-08-09   
Fixed components: EM, ACC     
Targeted for release : 10.7 SP2  
Fixed Issues:
DE369797 - ACC: SAML EM internal IdP metadata not updated during upgrade (DE364038)
DE369015 - Security vulnerabilities in EM-org.springframework.webmvc.jar (CVE-2016-5007,CVE-2018-1258) - MEDIUM
DE378914 - 01155863-APM 10.7hf09 upgrade errors after ServiceNotFound (No Data in one of the cluster of FLD)

SERVER [HOTFIX # 11]

Not available from https://casupport.broadcom.com/
version : 10.7.0.104 
build : 991103              
Release date : 2018-07-24  
Fixed components: EM, WV, PostgreSQL   
Targeted for release : 10.7 SP2  
Fixed Issues:
DE369909 - 01114985-APM 10.7sp1 Universe and attributes and Experience Card not showing Docker Attributes
DE369904 - 01114908-APM 10.7sp1 ETC Universe too slow after upgrade 20+ when creating universal and more
US508086 - Metric Tree in Analysis Notebook → WebView
DE368014 - 01106231-Invalid metric name kills team center
DE372076 - 01119088-Experience Cards in TeamCenter show "No traffic"
DE374652 - Security vulnerabilities in PostgreSQL-9.6.2: xmlsave.h & xslt.h ( CVE-2017-18258, CVE-2017-5130, CVE-2013-2877, CVE-2013-0339, CVE-2014-3660, CVE-2016-1683, CVE-2015-7995, CVE-2016-1684)
DE371555 - ETC slowness after APM upgrade to 10.7 sp1

SERVER [HOTFIX # 10]

Not available from https://casupport.broadcom.com/
version : 10.7.0.98   
build : 991002            
Release date : 2018-07-09   
Fixed components: ACC, EM, ATC, WS    
Targeted for release : 10.7 SP2  
Fixed Issues:
DE357957 - Security vulnerabilities in ACC-activemq-spring-5.14.0.jar (CVE-2017-15709-MEDIUM)
DE365679 - Security vulnerabilities in ACC-spring-security-web-4.1.4.RELEASE.jar & spring-websocket-4.3.11.RELEASE.jar (CVE-2018-1199,CVE-2017-15709-MEDIUM)
DE371965 - Security vulnerabilities in ACC-spring security OAuth v2.0.14 (CVE-2018-1260-HIGH) - RCE
DE355261 - 01111486,01122817-EXACT metric query is doing full scan when type is not specified
DE371144 - ATC Agent view-low resolution view (24 hour range) not uses the very last value for metric/GC count
DE365129 - ATC Agent view - Incorrect value under Metrics Collected
DE369851 - 01114508-ACC upgrade not working
DE355092 - 00997433-Garbled characters at Text Diff View 

SERVER [HOTFIX # 9]

Not available from https://casupport.broadcom.com/
version : 10.7.0.94  
build : 990904          
Release date :  2018-06-27  
Fixed components: ATC, PG, APMSqlSrv,EM     
Targeted for release : 10.7 SP2  
Fixed Issues:
DE361495 - 01073913-10.7 EM installer fails to add GC options for new EM install
DE361907 - 01073117-TeamCenter Loading delay on "esw.min.js"
DE366855 - Experience cards 2-phase loading
DE316022 - PostgreSQL security vulnerabilities: CVE-2014-3660, CVE-2013-2877, CVE-2013-0339, CVE-2016-1684, CVE-2015-7995, CVE-2016-1683
DE366386 - CVE-2018-1199 - spring-tx-5.0.2.RELEASE.jar reported against APMSqlServer using Black Duck
DE358281 - 00973317-APM have slow response times when one Collector has network problems resolving other collector addresses
DE370519 - 01106033-Metrics collected analysis, Team Center Vs Investigator 
DE368060 - 01106460-Domain to Universe on upgrade issues
DE370255 - Alerts.maxPeriods is 2000 by default

[HOTFIX # 8 ] = 10.7 SERVICE PACK # 1

Not available from https://casupport.broadcom.com/
version : 10.7.0.90 
build : 990803        
Release date : 2018-06-06  
Fixed components: EM, ATC, WV, WS, ACC, Agent, PG      
Targeted for release : 10.7.0 SP1
Fixed Issues:
DE356674 - 00995003-JAR resources in JNLP file are not signed by the same certificate (Webstart Workstation issue)
DE358862 - 00978321-MoM having issue staying connected to collectors due to blocked PollingWorker thread
DE348515 - 00935715-copying WebAppSupport.jar to the core/ext dir, to enable jmx metrics, the server does not start
DE365527 - 01094315-Exp Card filters not showing when editing
DE341794 - CEM should use HikariCP since the current apache-commons-pool2 has issues
DE355261 - EXACT metric query is doing full scan when type is not specified
DE339207 - myfaces implementation and api version changed
DE354556 - Hide InterruptedException when stopping connection
DE341744 - Use SSLSocketFactory from Jetty TrustingSslSocketConnector
DE356522 - Flipping attributes causes large DB and slow performance
DE353323 - Auditing of public api vertex controller added
DE350683 - MM description field disappear after MM copy
DE345198 - Agent should not use IP address in URL by default when connecting to EM
DE305755 - ArrayStoreException in EM logs on Openshift Env
DE344839 - Telemetry enhancements and fixes
DE345596 - Clamp on graphs count in whole buffer and in separate buckets
DE343547 - Increase clamp for EV live mode
DE308701 - New BadlyFormedObjectException(String, Throwable) is not thrown in buildVertex(IAppMapVertex)
DE359918 - Fixed AT not returning data when cache is null
DE341654 - 00937760-Cannot see APIM Gateway EPAgents Correlation in Transaction Trace & Team Center Map
DE359482 - APM/Spectrum integration using standard APM SNMP Alert Action creates inconsistent metric data in Spectrum Event
DE304958 - APMSqlServer doesn't appear to support SSL
DE348512 - HF#60 - 00929536-Potential Memory Leak on MoM
DE358001 - 00967515-SMTP Email Alert Metric Link Incorrect for Calculator Metrics
DE354433 - 00994559-Historical mode optimizations
DE356800 - CollectorEventsReceiverImpl is blocking Isengard processing thread
DE343971 - Error in AGC log - Unreachable service on follower
DE355261 - EXACT metric query is doing full scan when type is not specified
DE357551 - SC-FLD with UIM: ATC is too slow and is not responding for new session
DE356446 - Support single node context creation when no edges exists for left most node
DE357974 - Bulk delete for vertices in Lucene
DE343865 - SQLSyntaxErrorException: ORA-00913: too many values
DE355021 - 00994859-Correcting running profile of the TTProcessor
DE357147 - Not left most vertex marked as experience
DE338849 - Jarvis trace store supportability metrics should be removed from MOM
DE356381 - 00987178 DSE: Analysis Notebook doesn't show any data for one application when initiated in Live mode
DE360347 - 01061593-Summary Alerts broken if they includes an alert that is based on a metrics that is not reporting anything
DE356292 - Moved ATS metric specifiers from configuration controller to VertexMetricQueryManagerImpl
DE341950 - FLD BadlyFormedNameException not legal Metric name fixed
DE338441 - 00931480-Different Results at command line extraction
DE340391 - APMSQL Buffer Memory Issue
DE358655 - Case insensitive attributes
DE359222 - UTF-8 encoding for JA
DE360139 - HashMap with JarvisTraceStore consumes great amount of memory when Jarvis is down
DE361452 - Error/Stall type event generated from multiple agents don't get tracked properly
DE361037 - AT Rest calls (ART) taking more time, ~ 4 seconds and more (Story Context Retrieval clamp added and leftMostComponent retrieval logic changed)
DE361897 - Evidence query range should never be more than 24 hours
DE357235 - [CFMonitorExtension] Change cf 'Organisation' node name to en us locale 'Organization' or just 'Orgs'
DE343935 - Selected and expanded Stories are not preserved in the URL when reloading the page or opening the URL in a new page
DE360041 - Sessions gets logged off after about 15 minutes
DE355240 - Component chart icon and left navigation menu should open only after 500 ms hovering
DE359920 - TTViewer: ms string left after close imported json file
DE360730 - TTViewer: Zoom in/out has gap at the beginning and not disabled and back to 1st segment
DE355044 - 00995119-Webview links removed in 10.7
DE348055 - 00968481-LiveMetricViewerGraph refresh when agent unmounted
DE356697 - Tabbing (expand large Invocations records) takes long (6 seconds)
DE345096 - After agent is connected the same is not reflected in "Agent page"
DE360108 - Saving experience range state when leaving Home page
DE360937 - Notebook requests stat/top/attr events even when the checkboxes are not checked
DE361612 - Infrastructure actor type is sometime missing from AT Story Panel
DE353429 - 00990763-Alert threshold "Periods" parameters have no limit for very large numbers
DE345250 - Selected node (highlight is orange) doesn't get reset when I go back to experience tiles
DE354396 - Open Source BlackDuck Vulnerabilities in ACC (jackson-databind)
DE354641 - Update Jackson to 2.7.6 and jackson-databind to 2.7.9.3 to fix CVE-2017-7525
DE300305 - 00772370-Common Vulnerabilities and Exposures (CVE) security threat
DE359087 - CVE-2016-9878, CVE-2016-5007- spring-core-3.2.16.RELEASE.jar in APMSQL Server reported against APM 10.7
DE359094 - CVE-2016-5007- spring-core-3.2.18.RELEASE.jar and spring-aop-3.2.18.RELEASE.jar in APMSQL Server reported against APM 10.7
DE358676 - 01061287-INFLUENCEOF CVE-2018-1273: RCE with Spring Data Commons
DE351113 - CVE-2017-8046 - RCE in PATCH requests in Spring Data REST
DE352441 - 00986299-Black Duck Scan issue for CA APM 10.7
DE354864 - Update Jackson Json to latest patch version to fix CVE-2017-7525 in ACC
DE316022 - PostgreSQL security vulnerabilities: CVE-2014-3660, CVE-2013-2877, CVE-2013-0339, CVE-2016-1684, CVE-2015-7995, CVE-2016-1683
DE359803 - Security vulnerabilities in PostgreSQL-9.6.2/pgAdmin 4 - xmllib.py, pct_warnings.py, _compat.py, testapp.py
DE266666 - CVE fixes for APMSQL Server1
DE363139 - Upgrading to 10.7.0.79 doesn't bring up old evidences of 10.5.1 
DE361673 - New messages in event-context.properties
DE345567 - Alerts are not mapped to BT nodes in AppMap
DE335336 - While running "WatchDog.bat", it is asking for a password which is shown in plain text
DE362456 - Domain Universes property not updated in Properties file
DE361056 - Missing layer for story's notebookFilter
DE361271 - Memory leak in DateTimePicker
DE362146 - Fixing left menu in IE
DE331978 - TTViewer: IE scroll bar keeps moving up when move it down in wedding cake
DE361787 - Hiding metric browser when nothing is selected in the current layer
DE362255 - Store default language to global variable if it's not set
DE356032 - Align Hide/Show healthy components to the rest of the UI and make it reactive
DE345154 - Notebook map reloads every time AT panel group is expanded or collapsed
DE344362 - When 'Type' Perspective is selected, edges comes out to be green
DE361053 - AGCLanding controller is returning AT stories with actors as null
DE359882 - Experience Tile association to AT stories in AT Panel is broken
DE362141 - Clicking on 'Open Analysis Notebook' doesn't give any message when link is not clickable
DE363656 - Tree View columns not showing double-bytes characters and also missing tool tips
DE363655 - findIndex fixed on IE
DE364241 - Default App Layer (Application Infra Overview) Infra Layer (Infra Overview) does not work
DE364642 - Domain Universes are not deleted when the feature is disabled
DE363654 - Localization does not working on Windows 10 Edge and IE
DE358866 - Automatically scrolling to selected metric in the tree
US459055 - Reducing JSON size stored in db at_stories - JSON minification
US456302 - AT to change type retrieval information for infrastructure type components
US465733 - Replace “vertex_id� value in evidence table with “vertex id value (integer)� for json
US492724 - Performance improvements in EM
US490987 - Historical Flow Optimizations - UI (2 phase loading)
US484800 - Remove supportability metrics relating to Story References
US487516 - Improved 3 sigma rule considering outliers
US467907 - Relearns the DA when agent is restarted after sometime
US489292 - Increased the DA status level to 3 for AT consumption
US430700 - Changes for Reflection Utils for Agent Extension
US480547 - ApmData available under public api root
US480551 - Agent Config Rest API
DE354184 - ETC 10.7 Metric View OTB all domains are expanded (updated fix)
DE354191 - ETC 10.7 Map View 0 filter when components exceed 50,000 locks out
DE354319 - Clamping on map nodes should not take into account nodes on different layers
DE354399 - Landing page metric cache memory usage optimization
DE354011 - Scrolling in metric browser tree is not usable (updated fix)
DE344873 - Layer dropdown over info text in map
DE354433 - 00994559-Dashboard calls longer than 30s
DE355442 - Topology explosion due attribute flipping (agentDisconnectTime, remoteAddress, localAddress, remotePort, remoteName)
DE355234 - Performance bottleneck in public API vertex REST call
DE341654 - 00937760-Cannot see APIM Gateway EPAgents Correlation in Transaction Trace & Team Center Map
DE348470 - FLD: Constant Full GC on ETC after 12 days
DE347813 - Team Center freezing on Open an Analysis Notebook
DE348526 - Swarm level metrics in Wily: are missing often
DE346723 - Error in AGC logs - java.lang.IndexOutOfBoundsException
DE352876 - Attributes are sent twice (lowered) in REST response
DE352438 - Added the upgrade of universes from 10.5 format to 10.7 (added missing layer property)

SERVER [HOTFIX # 7]

Not available from https://casupport.broadcom.com/
version : 10.7.0.87  
build : 990700      
Release date : 2018-05-18   
Fixed components: EM,WV,WS, APMSqlSrv, Postgrs,ACC      
Targeted for release : 10.7.0SP1
Fixed Issues:
DE354396: 00994619-Open Source Blackduck Vulnerabilities
DE300305: 00772370 - Common Vulnerabilities and Exposures (CVE) security threat
DE359094: CVE-2016-5007 (APMSqlServer) - spring-core-3.2.18.RELEASE.jar and spring-aop-3.2.18.RELEASE.jar reported against APM 10.7 using Black Duck
DE359087: CVE-2016-9878, CVE-2016-5007 (APMSqlServer) - spring-core-3.2.16.RELEASE.jar reported against APM 10.7 using Black Duck
DE358676: 01061287-INFLUENCEOF CVE-2018-1273: RCE with Spring Data Commons
DE316022: PostgreSQL security vulnerabilities reported by JPMC: CVE-2014-3660, CVE-2013-2877, CVE-2013-0339, CVE-2016-1684, CVE-2015-7995, CVE-2016-1683
DE359803: Security vulnerabilities in PostgreSQL-9.6.2/pgAdmin 4 - xmllib.py, pct_warnings.py, _compat.py, testapp.py (CVE-2013-7459 is HIGH and 5 MEDIUM vuln.)
DE354641 - CVE-2017-7525 (WebView) - jackson-databind reported against APM 10.7 using Black Duck Scan (00986299) - HIGH
DE266666 - CVE fixes for APMSQL Server
DE351113 - CVE-2017-8046 - RCE in PATCH requests in Spring Data REST
DE354864 - Update Jackson Json to latest patch version to fix CVE-2017-7525
DE352441 - 00986299-Black Duck Scan issue for CA APM 10.7

AGENT [HOTFIX # 5]

Not available from https://casupport.broadcom.com/
version : 10.7.0.78  
build : 990306    
Release date : 2018-04-26  
Fixed components: Powerpack    
Targeted for release : 10.7.0SP1
Fixed Issues:
DE350291 - Unknown nodes are appearing in the investigator tree, for the customer

SERVER [HOTFIX # 4]

Not available from https://casupport.broadcom.com/
version : 10.7.0.63  
build : 990200  
Release date : 2018-04-19  
Fixed components: ACC  
Targeted for release : 10.7.0SP1
Fixed Issues:
DE354396 - Open Source BlackDuck Vulnerabilities in ACC (jackson-databind)

SERVER [HOTFIX # 3]

Not available from https://casupport.broadcom.com/
version : 10.7.0.74 
build : 990305    
Release date : 2018-04-25  
Fixed components: EM,ATC  
Targeted for release : 10.7.0SP1
Fixed Issues:
DE356674 - 00995003 - JAR resources in JNLP file are not signed by the same certificate (Webstart Workstation issue)
DE354184 - ETC 10.7 Metric View OTB all domains are expanded (updated fix)
DE354191 - ETC 10.7 Map View 0 filter when components exceed 50,000 locks out
DE354319 - Clamping on map nodes should not take into account nodes on different layers
DE354399 - Landing page metric cache memory usage optimization
DE354011 - Scrolling in metric browser tree is not usable (updated fix)
DE344873 - Layer dropdown over info text in map
DE354433 - 00994559 - Dashboard calls longer than 30s
DE355442 - Topology explosion due attribute flipping (agentDisconnectTime, remoteAddress, localAddress, remotePort, remoteName)
DE355234 - Performance bottleneck in public API vertex REST call
DE341654 - APM 10.5.2 HF#32 - 00937760 - Cannot see APIM Gateway EPAgents Correlation in Transaction Trace & Team Center Map
DE348470 - FLD: Constant Full GC on ETC after 12 days
DE347813 - Team Center freezing on Open an Analysis Notebook
DE348526 - Swarm level metrics in Wily: are missing often
DE346723 - Error in AGC logs - java.lang.IndexOutOfBoundsException
DE352876 - Attributes are sent twice (lowered) in REST response
DE352438 - Added the upgrade of universes from 10.5 format to 10.7 (added missing layer property)
[Known Issue]
DE358455 - ETC auto refreshes and logs login logout events in webview log, it was reproducible in a case when multiple instances running on same machine.

SERVER [HOTFIX # 2]

Not available from https://casupport.broadcom.com/
version : 10.7.0.63 
build : 990200      
Release date :  2018-03-29   
Fixed components: EM,APMSqlServer,Webview,Workstat    
Targeted for release : 10.7.0SP1
Fixed Issues:
DE354641 - CVE-2017-7525 (WebView) - jackson-databind reported against APM 10.7 using Black Duck Scan (00986299) - HIGH
DE266666 - CVE fixes for APMSQL Server
DE351113 - CVE-2017-8046 - RCE in PATCH requests in Spring Data REST
DE354864 - Update Jackson Json to latest patch version to fix CVE-2017-7525
DE352441 - 00986299-Black Duck Scan issue for CA APM 10.7

SERVER [HOTFIX #1]

Not available from https://casupport.broadcom.com/
version : 10.7.0.60 
build : 990102        
Release date :   2018-03-21   
Fixed components: EM
Targeted for release : 10.7.0SP1
Fixed Issues:
DE347813 - Team Center freezing on Open an Analysis Notebook
DE348526 - Swarm level metrics in Wily: are missing often
DE346723 - Error in AGC logs - java.lang.IndexOutOfBoundsException
DE352876 - Attributes are sent twice (lowered) in REST response
DE352438 - Added the upgrade of universes from 10.5 format to 10.7 (added missing layer property)

10.7.0 GA Release

Available from https://casupport.broadcom.com/

Release date : February 28, 2018

For details of fixes and known issues, see

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/application-performance-management/10-7/ca-apm-release-notes.html 

Additional Information

Compatibility Guides:
https://techdocs.broadcom.com/us/product-content/status/compatibility-matrix/application-performance-management-compatibility-guide.html?r=2

Release Information and EOS
https://support.broadcom.com/group/ecx/productdetails?productName=DX%20Application%20Performance%20Management

 

 

Attachments

1655472716304__readme_HF84.txt get_app