TIBCO Managed File Transfer Command Center/Internet Server 8.0.1 hotfix HF-004 is now available
Article ID: KB0102533
Updated On:
| Products | Versions |
|---|---|
| TIBCO Managed File Transfer Command Center | 8.0.1 |
Description
Hotfix TIB_mftccis_8.0.1_HF-004 can be downloaded from TIBCO Support Portal (https://support.tibco.com).
You will need to provide your TIBCO Support Portal credentials. Once logged in you can download the hotfix by selecting the “Downloads” -> “Hotfixes” option. Then go to “/AvailableDownloads/MFT/CommandCenter-InternetServer/8.0.1/” to download the hotfix.
The .zip file has the Readme file inside. Please unzip the file and review the Readme file for instructions on how to apply the hotfix.
Introduction
Hotfixes are cumulative. This is the fourth hotfix for TIBCO Managed File
Transfer Command Center 8.0.1 and TIBCO Managed File Transfer Internet
Server 8.0.1.
================================================================================
Closed Issues in 8.0.1_HF-004 (This Release)
Note: The Desktop Client must be re-installed to activate the Desktop Client
fixes in this hotfix. Refer to the "TIBCO(R) Managed File Transfer
Internet Server Installation" manual for more information on installing
the Desktop Client.
The following issues have been closed in this release:
MFCC-3352
The FTP data channel opened slowly because the DNS Server timed out on a
reverse DNS lookup.
MFCC-3350
SFTP logon requests received without a password were considered failed
logon attempts and could trigger lockouts.
MFCC-3349
If the file size written to a JMS queue was an exact multiple of the
transfer definition "Max Message Size", an extra empty message was written to
the JMS queue.
MFCC-3346
The SSH server did not perform a simple path resolve. For example, from
SSH client: put a.txt /a/b/../b.txt caused an error.
MFCC-3340
The MFT SSH service startup failed when using the "diffie-hellman-group-
exchange-sha256" key exchange algorithm.
MFCC-3338
As part of the regular update, Apache STRUTS was updated to 2.3.32.
MFCC-3337
On the JMS Platform Transfer Completion message, the header property
"ReturnCode" showed successful for a failed transfer when the transfer
terminated with a network error.
MFCC-3329
The desktop client could not create a TLS connection when the MFT server
deactivated "tlsv1".
MFCC-3316
The browser client received the error, "The public key you entered is not
a valid public SSH key" when adding an SSH Public key.
MFCC-3313
The Hotfix install failed on the GENSTUBS step when "CONFIDENTIAL" was set in the
web.xml.
MFCC-3306
An exception was received on the Manage Users page when the selection criterion
"To Expiration Date" was specified.
MFCC-3273
When executing the MFT API application for transferring files using an HTTPS
request initiated from the client machine to the MFT v7.3.0 server, the
following error message was incorrectly displayed:
"HTTPClientTrustManager.getAcceptedIssuers – Called. Always returns null."
MFCC-3270
Transfers hung when FTP or SSH pooling was enabled for a server.
MFCC-3265
When the password included a "+" sign, it resulted in an authentication problem.
MFCC-3254
Client connections to MFT SSH server using HMAC-SHA-512 failed.
MFCC-3253
All view rights did not allow you to view the server details. The following error
occurred, "Error trying to search keys through Admin Service: You are not authorized
to search keys".
MFCC-3225
When a Platform Server had a node defined as "TLS Tunnel", the CC node inquiry
failed with an error.
MFCC-3194
Changes to authenticators did not take effect until restarting MFT.
MFCC-3185
When the user was an LDAP user, the authentication failed if the user id was not
defined with the authenticator in the correct case.
MFCC-3087
The MFT FTPS Server did not send a list of trusted certificates when an
FTPS client connected using certificate authentication.
A new web.xml Parameter was added to address this issue:
<context-param>
<param-name>SendMFTTrustedCerts</param-name>
<param-value/>
</context-param>
Valid Values: True and False
True: When an FTPS client connects to the MFT FTPS Server, MFT will return a list of
certificates that are defined to MFT as "Trusted Certificates".
False: MFT will not send any trusted certificates to the FTPS Client.
If not defined, the default value is "False".
MFCC-3077
The Silent MFT installation did not show an error message when an invalid hotfix
parameter was provided in the command line.
================================================================================
Closed Issues in 8.0.1_HF-003
The following issues have been closed in this release:
MFCC-3259
Alert Action Run Command did not resolve tokens.
MFCC-3251
Command Center initiated Internet Transfer upload or download with
PGP Encryption could result in corrupted files.
MFCC-3247
The SCP command could report a failure while the MFT Audit record could show
a success.
MFCC-3244
Retrieve Diagnostics failed when retrieving diagnostics from a remote server
and the remote server web.xml DBConn parameter contained an ampersand "&".
MFCC-3240
Special character "+" was not allowed in Virtual Alias.
MFCC-3239
Jobs Scheduled by Hour ran only during business hours (9 a.m. - 5 p.m.).
MFCC-3236
SFTP/SCP Upload transfers waited for three seconds after a successful upload.
MFCC-3233
Alert Detail messages were written to Catalina.out, and the summary was
shown as the summary error.
MFCC-3232
Servers with a Server type of "Internet Server" were incorrectly included in the
Server Name drop-down box on Add/Update Transfer pages.
MFCC-3230
Expired FTP/SSH/PS keys were retrieved.
MFCC-3222
Received Null Pointer Exception when the PS protocol attempted to download a file
for *LOCAL and the file did not exist.
MFCC-3221
The TransferStatus filed for Wait for Platform Server Completion in BW
returned a message which was difficult to parse, that is, "Failed: Network Error"
and not a simple "Success" or "Failed" message.
MFCC-3215
Could not update some transfers. The Update button displayed an error,
"-1 is an invalid value for PGP encryption algorithm."
MFCC-3165
When using SFTP, there was intermittent high CPU utilization.
================================================================================
Closed Issues in 8.0.1_HF-002
The following issues were closed in the 8.0.1_HF-002 release:
MFCC-3229
Hotfix installation failed when MFT Server was configured to accept only
TLSv1.1 or TLSv1.2.
MFCC-3224
DB Connections could fail when a Fault Tolerant database failover occurred.
Added a new web.xml parameter "validationQueryTimeout" to time out
DB Connection validation requests.
MFCC-3220
When executing an SSH client download from MFTIS to a back-end Platform Server,
the stream could be closed unexpectedly and the thread could loop.
MFCC-3219
Vulnerabilities were found in Apache Commons File Upload 1.3. Upgraded Apache
Commons File Upload to version 1.3.2.
MFCC-3218
Vulnerabilities were found in Tomcat 8.0.33. Upgraded Tomcat to 8.0.39.
MFCC-3212
The Internet Transfer Alert functionality was not working after the upgrade
from V7.2 or lower when "Alert Trigger Criteria:Transfer Description"
was defined.
MFCC-3211
The same audit record triggered duplicate alerts.
MFCC-3206
The Internet Transfer Send File functionality created a zero byte file on the
destination when the source file was not found.
MFCC-3205
The Admin could not create a File Share transfer unless the admin user was a
File Share user.
MFCC-3201
A server did not collect data if another server with the same interval hung.
Added Server definition Collection option "Running In Separate Threads".
MFCC-3200
Transfers sent to a target FTP Server received a Null Pointer Exception when
FTP pooling was turned on and a previous connection request failed.
MFCC-3196
The SOAP API call for retrieveAllTransferFromBank executed through BW failed.
MFCC-3187
When "All System Tracing" was turned on for an IS Instance, the PS Service
continued to trace even after tracing was turned off and the PS Service
was restarted.
MFCC-3183
A compatibility issue with the external PGP software occurred when RSA keys
were used.
MFCC-3056
When an SFTP Client downloaded a zero byte file from a Platform Server
for Windows, the transfer did not complete and the client hung.
================================================================================
Closed Issues in 8.0.1_HF-001
The following issues were closed in the 8.0.1_HF-001 release:
MFCC-3193
Directory Receives initiated by a Platform Server could fail if
there were many files to be received (> 300).
MFCC-3191
When updating an LDAP user created in MFT V7.3.1 or below,
the error "Update failed. LDAP managed fields
cannot be modified: PwdExpiresFlag." could occur.
MFCC-3174
Received NullPointerException when ServerStatus was enabled and the
email recipient was not defined.
MFCC-3173
When many (10,000+) transfers were defined for a user, it took up to
six minutes for an SFTP Client to connect to MFT and list the
virtual aliases.
MFCC-3171
Transfers definition with an “&” in the Virtual Alias field encountered
an error: "Cannot access the directory". Also changed admin code
allowed "&" in the Update Transfer page, but restricted the admin from
entering "&" in the Add Transfer page.
MFCC-3170
When there was a token in the Server File Name, the FTP MDTM command failed.
MFCC-3158
BW received an exception when executing the LDAPSyncUser SOAP call.
Added a new SOAP call that can be used by BW: LDAPSyncUserBW.
Also added the ability to sync individual LDAP authenticators by
setting the second SOAP parameter to the Authenticator name.
MFCC-3156
When the MFT FTPS Client connected to an FTPS Server to validate the
FTPS Server certificate, Trusted Certificates were not checked.
MFCC-3154
When there were multiple SSH keys defined for a user that connected to
the MFT SSH Server, SSH Key Authentication could fail.
MFCC-3152
When updating a public key, the key's fingerprint was not updated,
causing failures during FTPS/SSH/CF certificate authentication.
MFCC-3137
When using a case-sensitive database, logon to MFT through an LDAP
authenticator required the user to enter the Authenticator name.
Note: Customers should use a case-insensitive database.
Other issues may occur if you use a case-sensitive database.
MFCC-3125
On incoming FTPS connections, the MFT FTPS Server failed to check
the client certificate expiration date.
MFCC-3104
The Send Mail requests showed incorrectly in the browser Transfer
page and in all other IS Clients.
MFCC-3055
The Client FTPS to IS encountered an error, "Internet Server Error:
VirtualDirectoryManager.updateVirtualDirectoryStructure --
Exception building VDS java.lang.NullPointerException".
MFCC-3050
When using an FTP Client or an SFTP Client to download files
from a target Platform Server, CKPT failed to restart.
Note: The target Platform Server fix is also required to resolve
this issue. V7.2.0 or higher is required when the target is
Platform Server for Windows, and V7.2.0 HF-003 or higher is required
when the target is Platform Server for Unix.
MFCC-3038
When the upload transfer definition had delete/rename client permission
and used ftp/ssh client to delete/rename sub-files/sub-folders, the
Transfer Status Msg Id shown in the audit records was incorrect.
MFCC-3014
When a user used the "SAML Sign Key" then selected "Use SAML encrypt key"
from the dropdown list and chose the "No Authenticators" option,
MFT still checked all Authenticators.
MFCC-2968
Log in to the File Share Client through key authentication failed.
MFCC-2672
When the MFT FTPS Client performed a transfer, the Audit record incorrectly
set this to an FTP transfer; it should be an FTPS transfer.
You will need to provide your TIBCO Support Portal credentials. Once logged in you can download the hotfix by selecting the “Downloads” -> “Hotfixes” option. Then go to “/AvailableDownloads/MFT/CommandCenter-InternetServer/8.0.1/” to download the hotfix.
The .zip file has the Readme file inside. Please unzip the file and review the Readme file for instructions on how to apply the hotfix.
Introduction
Hotfixes are cumulative. This is the fourth hotfix for TIBCO Managed File
Transfer Command Center 8.0.1 and TIBCO Managed File Transfer Internet
Server 8.0.1.
================================================================================
Closed Issues in 8.0.1_HF-004 (This Release)
Note: The Desktop Client must be re-installed to activate the Desktop Client
fixes in this hotfix. Refer to the "TIBCO(R) Managed File Transfer
Internet Server Installation" manual for more information on installing
the Desktop Client.
The following issues have been closed in this release:
MFCC-3352
The FTP data channel opened slowly because the DNS Server timed out on a
reverse DNS lookup.
MFCC-3350
SFTP logon requests received without a password were considered failed
logon attempts and could trigger lockouts.
MFCC-3349
If the file size written to a JMS queue was an exact multiple of the
transfer definition "Max Message Size", an extra empty message was written to
the JMS queue.
MFCC-3346
The SSH server did not perform a simple path resolve. For example, from
SSH client: put a.txt /a/b/../b.txt caused an error.
MFCC-3340
The MFT SSH service startup failed when using the "diffie-hellman-group-
exchange-sha256" key exchange algorithm.
MFCC-3338
As part of the regular update, Apache STRUTS was updated to 2.3.32.
MFCC-3337
On the JMS Platform Transfer Completion message, the header property
"ReturnCode" showed successful for a failed transfer when the transfer
terminated with a network error.
MFCC-3329
The desktop client could not create a TLS connection when the MFT server
deactivated "tlsv1".
MFCC-3316
The browser client received the error, "The public key you entered is not
a valid public SSH key" when adding an SSH Public key.
MFCC-3313
The Hotfix install failed on the GENSTUBS step when "CONFIDENTIAL" was set in the
web.xml.
MFCC-3306
An exception was received on the Manage Users page when the selection criterion
"To Expiration Date" was specified.
MFCC-3273
When executing the MFT API application for transferring files using an HTTPS
request initiated from the client machine to the MFT v7.3.0 server, the
following error message was incorrectly displayed:
"HTTPClientTrustManager.getAcceptedIssuers – Called. Always returns null."
MFCC-3270
Transfers hung when FTP or SSH pooling was enabled for a server.
MFCC-3265
When the password included a "+" sign, it resulted in an authentication problem.
MFCC-3254
Client connections to MFT SSH server using HMAC-SHA-512 failed.
MFCC-3253
All view rights did not allow you to view the server details. The following error
occurred, "Error trying to search keys through Admin Service: You are not authorized
to search keys".
MFCC-3225
When a Platform Server had a node defined as "TLS Tunnel", the CC node inquiry
failed with an error.
MFCC-3194
Changes to authenticators did not take effect until restarting MFT.
MFCC-3185
When the user was an LDAP user, the authentication failed if the user id was not
defined with the authenticator in the correct case.
MFCC-3087
The MFT FTPS Server did not send a list of trusted certificates when an
FTPS client connected using certificate authentication.
A new web.xml Parameter was added to address this issue:
<context-param>
<param-name>SendMFTTrustedCerts</param-name>
<param-value/>
</context-param>
Valid Values: True and False
True: When an FTPS client connects to the MFT FTPS Server, MFT will return a list of
certificates that are defined to MFT as "Trusted Certificates".
False: MFT will not send any trusted certificates to the FTPS Client.
If not defined, the default value is "False".
MFCC-3077
The Silent MFT installation did not show an error message when an invalid hotfix
parameter was provided in the command line.
================================================================================
Closed Issues in 8.0.1_HF-003
The following issues have been closed in this release:
MFCC-3259
Alert Action Run Command did not resolve tokens.
MFCC-3251
Command Center initiated Internet Transfer upload or download with
PGP Encryption could result in corrupted files.
MFCC-3247
The SCP command could report a failure while the MFT Audit record could show
a success.
MFCC-3244
Retrieve Diagnostics failed when retrieving diagnostics from a remote server
and the remote server web.xml DBConn parameter contained an ampersand "&".
MFCC-3240
Special character "+" was not allowed in Virtual Alias.
MFCC-3239
Jobs Scheduled by Hour ran only during business hours (9 a.m. - 5 p.m.).
MFCC-3236
SFTP/SCP Upload transfers waited for three seconds after a successful upload.
MFCC-3233
Alert Detail messages were written to Catalina.out, and the summary was
shown as the summary error.
MFCC-3232
Servers with a Server type of "Internet Server" were incorrectly included in the
Server Name drop-down box on Add/Update Transfer pages.
MFCC-3230
Expired FTP/SSH/PS keys were retrieved.
MFCC-3222
Received Null Pointer Exception when the PS protocol attempted to download a file
for *LOCAL and the file did not exist.
MFCC-3221
The TransferStatus filed for Wait for Platform Server Completion in BW
returned a message which was difficult to parse, that is, "Failed: Network Error"
and not a simple "Success" or "Failed" message.
MFCC-3215
Could not update some transfers. The Update button displayed an error,
"-1 is an invalid value for PGP encryption algorithm."
MFCC-3165
When using SFTP, there was intermittent high CPU utilization.
================================================================================
Closed Issues in 8.0.1_HF-002
The following issues were closed in the 8.0.1_HF-002 release:
MFCC-3229
Hotfix installation failed when MFT Server was configured to accept only
TLSv1.1 or TLSv1.2.
MFCC-3224
DB Connections could fail when a Fault Tolerant database failover occurred.
Added a new web.xml parameter "validationQueryTimeout" to time out
DB Connection validation requests.
MFCC-3220
When executing an SSH client download from MFTIS to a back-end Platform Server,
the stream could be closed unexpectedly and the thread could loop.
MFCC-3219
Vulnerabilities were found in Apache Commons File Upload 1.3. Upgraded Apache
Commons File Upload to version 1.3.2.
MFCC-3218
Vulnerabilities were found in Tomcat 8.0.33. Upgraded Tomcat to 8.0.39.
MFCC-3212
The Internet Transfer Alert functionality was not working after the upgrade
from V7.2 or lower when "Alert Trigger Criteria:Transfer Description"
was defined.
MFCC-3211
The same audit record triggered duplicate alerts.
MFCC-3206
The Internet Transfer Send File functionality created a zero byte file on the
destination when the source file was not found.
MFCC-3205
The Admin could not create a File Share transfer unless the admin user was a
File Share user.
MFCC-3201
A server did not collect data if another server with the same interval hung.
Added Server definition Collection option "Running In Separate Threads".
MFCC-3200
Transfers sent to a target FTP Server received a Null Pointer Exception when
FTP pooling was turned on and a previous connection request failed.
MFCC-3196
The SOAP API call for retrieveAllTransferFromBank executed through BW failed.
MFCC-3187
When "All System Tracing" was turned on for an IS Instance, the PS Service
continued to trace even after tracing was turned off and the PS Service
was restarted.
MFCC-3183
A compatibility issue with the external PGP software occurred when RSA keys
were used.
MFCC-3056
When an SFTP Client downloaded a zero byte file from a Platform Server
for Windows, the transfer did not complete and the client hung.
================================================================================
Closed Issues in 8.0.1_HF-001
The following issues were closed in the 8.0.1_HF-001 release:
MFCC-3193
Directory Receives initiated by a Platform Server could fail if
there were many files to be received (> 300).
MFCC-3191
When updating an LDAP user created in MFT V7.3.1 or below,
the error "Update failed. LDAP managed fields
cannot be modified: PwdExpiresFlag." could occur.
MFCC-3174
Received NullPointerException when ServerStatus was enabled and the
email recipient was not defined.
MFCC-3173
When many (10,000+) transfers were defined for a user, it took up to
six minutes for an SFTP Client to connect to MFT and list the
virtual aliases.
MFCC-3171
Transfers definition with an “&” in the Virtual Alias field encountered
an error: "Cannot access the directory". Also changed admin code
allowed "&" in the Update Transfer page, but restricted the admin from
entering "&" in the Add Transfer page.
MFCC-3170
When there was a token in the Server File Name, the FTP MDTM command failed.
MFCC-3158
BW received an exception when executing the LDAPSyncUser SOAP call.
Added a new SOAP call that can be used by BW: LDAPSyncUserBW.
Also added the ability to sync individual LDAP authenticators by
setting the second SOAP parameter to the Authenticator name.
MFCC-3156
When the MFT FTPS Client connected to an FTPS Server to validate the
FTPS Server certificate, Trusted Certificates were not checked.
MFCC-3154
When there were multiple SSH keys defined for a user that connected to
the MFT SSH Server, SSH Key Authentication could fail.
MFCC-3152
When updating a public key, the key's fingerprint was not updated,
causing failures during FTPS/SSH/CF certificate authentication.
MFCC-3137
When using a case-sensitive database, logon to MFT through an LDAP
authenticator required the user to enter the Authenticator name.
Note: Customers should use a case-insensitive database.
Other issues may occur if you use a case-sensitive database.
MFCC-3125
On incoming FTPS connections, the MFT FTPS Server failed to check
the client certificate expiration date.
MFCC-3104
The Send Mail requests showed incorrectly in the browser Transfer
page and in all other IS Clients.
MFCC-3055
The Client FTPS to IS encountered an error, "Internet Server Error:
VirtualDirectoryManager.updateVirtualDirectoryStructure --
Exception building VDS java.lang.NullPointerException".
MFCC-3050
When using an FTP Client or an SFTP Client to download files
from a target Platform Server, CKPT failed to restart.
Note: The target Platform Server fix is also required to resolve
this issue. V7.2.0 or higher is required when the target is
Platform Server for Windows, and V7.2.0 HF-003 or higher is required
when the target is Platform Server for Unix.
MFCC-3038
When the upload transfer definition had delete/rename client permission
and used ftp/ssh client to delete/rename sub-files/sub-folders, the
Transfer Status Msg Id shown in the audit records was incorrect.
MFCC-3014
When a user used the "SAML Sign Key" then selected "Use SAML encrypt key"
from the dropdown list and chose the "No Authenticators" option,
MFT still checked all Authenticators.
MFCC-2968
Log in to the File Share Client through key authentication failed.
MFCC-2672
When the MFT FTPS Client performed a transfer, the Audit record incorrectly
set this to an FTP transfer; it should be an FTPS transfer.
Issue/Introduction
TIBCO Managed File Transfer Command Center/Internet Server 8.0.1 hotfix HF-004 is now available
Environment
All supported environments
Feedback
Yes
No
Powered by
