This document provides an overview of the improvements and known issues in the Fortanix Data Security Manager (DSM) 4.11.2125 patch release.
WARNING
- It is “REQUIRED” to upgrade Fortanix DSM to version 4.8 or 4.9 before upgrading to version 4.11.2125. If you want to upgrade to 4.11.2125 from an older version, please reach out to the Fortanix Customer Success team.
NOTE
The Fortanix DSM cluster upgrade must be done with Fortanix support on call. Please reach out to Fortanix support if you are planning an upgrade.
1. Improvements
- This release allows you to log CPUSVN, ISVSV, and other useful SGX information when you start a node (JIRA: PROD-5714).
2. Known Issues
- An account could be lost if account tables are inconsistent between nodes. Make sure a backup is successful before proceeding with ANY upgrade (JIRA: PROD-4234).
- When a node is removed from a 3-node cluster with build 4.2.2087, and the 2-node cluster is upgraded with build 4.3.xxxx, it is possible that the deploy job is exited and marked completed before cluster upgrade (JIRA: DEVOPS-2068). Workaround: If all the pods are healthy, you can deploy the version again.
- The sync key API returns “400 status code and response error” due to the short-term access token expiry during the sync key operation of a group linked to AWS KMS (JIRA: PROD-3903).
-
excludedoes not work in the proxy config for operations such as attestation (JIRA: PROD: 3311). - Encryption with GCM mode is failing for DSM-Accelerator PKCS#11 Client Library (JIRA: PROD-5479).
- Unable to connect to the Azure non-SGX endpoint while running DSM-A (JIRA: PROD-5558).
- Unable to perform Local encrypt/decrypt operation in Fortanix DSM-Accelerator using DES3 algorithm in CBC/ECB mode with the key size 112 (JIRA: PROD-5598).
For a complete list of new features, enhancements to existing features, other improvements, and bug fixes refer to the full description of the DSM 4.11 release note.
Comments
Please sign in to leave a comment.