Fortanix Data Security Manager (DSM) 4.23.2381 release provides an overview of resolved issues.
This release is superseded by the March 26, 2024, release.
WARNING
- You are REQUIRED to upgrade Fortanix DSM to version 4.16 or 4.19 before upgrading to version 4.23.2381. If you want to upgrade to 4.23.2381 from an earlier version, please reach out to the Fortanix Support team.
- Downgrading from Fortanix DSM version 4.23.2381 to any lower version is not possible.
NOTE
- The Fortanix DSM cluster upgrade must be done with Fortanix support on call. Please reach out to Fortanix support if you are planning an upgrade.
- The customer's BIOS version must be checked by Fortanix Support before the Fortanix DSM software upgrade. If required, the BIOS version should be upgraded to the latest version and verified by Fortanix Support for a smooth upgrade.
- If your Fortanix DSM version is 4.13 or later, then the HSM gateway version must also be 4.13 or later. Similarly, if the HSM Gateway version is 4.13 or later, then your Fortanix DSM version must be 4.13 or later.
1. Bug Fixes
- Fixed an issue where the DCAP peer certificates were not verified correctly (JIRA: PROD-8321).
NOTECustomers who have configured DCAP attestation on their cluster are advised to perform cluster master key (CMK) rotation after applying this patch.
- Fixed VXLAN spoofing which allowed circumvention of host-based access controls to obtain administrative access on DSM nodes (JIRA: DEVOPS-4607).
NOTEWe recommend customers operating clusters without attestation who have untrusted hosts on the same layer 2 network as their DSM hosts perform a CMK rotation after applying the patch.
For a complete list of new features, enhancements to existing features, other improvements, bug fixes, and known issues refer to the full description of the DSM 4.23 release note.
2. Installation
To download the DSM SGX (on-prem/Azure) and Software (AWS/Azure/VMWare) packages, click here.
Comments
Please sign in to leave a comment.