Nodegrid Release Notes 6.0.16

These Release Notes apply to the Nodegrid devices. They list the supported device models, upgrade instructions, software components information, security fixes, new and changed functionalities, and fixed issues in the hardware and software.

You can also find information on how to provide documentation feedback and access product troubleshooting resources.

For detailed information on Nodegrid, see the latest version of the Nodegrid User Guide.

Nodegrid Version 6.0.16

Release October 30, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Patched wpa-supplicant v2.10 (CVE-2024-5290).

• Patched rclone v1.50.2 (CVE-2020-28924).

• Patched Linux Kernel v6.1.111 (CVE-2024-47685).

• Upgraded libsdl2 to v2.30.7 (CVE-2024-24974).

• Upgraded Firefox to v131.0.3 (CVE-2024-9680).

• Upgraded Linux kernel to v6.1.111 (Several CVEs).

• Upgraded dnsmasq to v2.90 (CVE-2023-50387).

• Upgraded tiff to v4.6.0 (CVE-2023-52355, CVE-2023-52356).

• Upgraded yajl-ruby to v1.4.3 (CVE-2022-24795).

New Features and Enhancements

• SSD Microcode upgrade for Nodegrid Serial Console Hardware Platform:

  • Apacer SSD: Upgrade from versions SFMA10A3, SFMA10A4, and SFMA10A5 to SFMA10A6 or SFMA11A6.

Fixed Issues

• Fixed issue that could caused cellular connectivity to stop working in some devices with EM120 wireless modem.

• Fixed invalid management credentials retrieval for managed devices when SSH protocol is disabled.

• Fixed issue that caused some firewall settings to be partially applied while importing with import_settings.

• Fixed incorrect display of power and current in Tracking :: HW Monitor :: Power when PS-1 is off.

• Fixed incorrect display of generated Certificate Signing Request.

• Fixed system hang when the command service --status-all is executed from the root shell.

• ZPE Cloud: Fixed issue where ZPE Cloud status was display Connected - Undefined even when device was enrolled.

• ZPE Cloud: Fixed the issue where the first remote access would take a long time due to the certificate regeneration process.

• ZPE Cloud: Fixed the issue where applying a profile to a device would fail once after a reboot. This issue occurred only when the profile content was encrypted.

Nodegrid Version 6.0.15

Release October 4, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Upgraded krb5 to v1.21.3 (CVE-2024-37371).

• Upgraded expat to v2.6.3 (CVE-2024-45490, CVE-2024-45491, CVE-2024-45492).

• Upgraded Firefox to v130.0 (CVE-2024-8381,CVE-2024-8384,CVE-2024-8385).

• Upgraded sudo to v1.9.15p5 (CVE-2023-22809, CVE-2022-43995, CVE-2023-42465).

• Upgrade python3-urllib3 to v1.26.18 (CVE-2023-45803).

• Upgraded perl to v5.38.2 (CVE-2023-31486, CVE-2023-47039).

• Upgraded grub to v2.12 (CVE-2020-14372, CVE-2020-27779).

• Upgraded tiff to v4.6.0 (CVE-2023-52355, CVE-2023-52356).

• Upgraded TigerVNC to v1.14.0 (CVE-2024-0409, CVE-2023-6478, CVE-2023-6377).

• Patched qtbase v5.15.9 (CVE-2023-32763).

• Patched python3 v3.10.13 (CVE-2024-7592, CVE-2024-6232, CVE-2023-27043).

New Features and Enhancements

• Introduced support for the new hardware model Nodegrid Serial Console Plus - Core Edition.

• Added support for the Nvidia Jetson Orin Nano 8GB card to Nodegrid Gate SR.

• Added ability to specify custom credentials for port discovery for console_server and kvm device types, on Managed Devices :: Devices :: Management :: Protocol :: SSH/Telnet.

• Upgraded Ansible to version v2.17.1.

• ZPE Cloud: Added support for accessing devices through ZPE Cloud using the Nodegrid Forwarder browser extension.

Fixed Issues

• Fixed error preventing upload of iso file from local computer.

• Fixed the issue where uploading an image via the HTTP/S File Repository under Security :: Services showed the message "The requested URL was not found on this server."

• Fixed API endpoint devices/discovery/rules not updating fields appliance_identifier and lookup_pattern.

• Fixed bootloader password protection feature for systems in UEFI mode.

• Fixed some API calls such as PUT devices/table/ not working due to incorrect mapping of some combo box fields.

• Fixed the issue that allowed locking the last admin user.

• Fixed the issue VTI IPSEC interface underlying IP is not changed when the second SIM card becomes active.

• Fixed race condition between libvirtd init and second disk mounting that could cause VMs to fail to auto-start.

• Fixed some network event dispatchers getting locked when DNS requests are blocked.

Nodegrid Version 6.0.13

Release August 28, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Patched Linux Kernel v6.1.82 (CVE-2024-42154).

• Patched FRR v9.1 (CVE-2024-44070).

• Upgraded DHCP to v4.4.3-P1 (CVE-2022-2928, CVE-2022-2929).

• Upgraded wget to v1.24.5 and patched (CVE-2024-38428).

• Upgrade apache2 to v2.4.62 (CVE-2024-38474, CVE-2024-38476)

• Upgraded Firefox to v129.0.1 (CVE-2024-7519).

• Upgraded vim to v9.1.0648 (CVE-2024-41957, CVE-2024-41965).

New Features and Enhancements

• SSD Microcode upgrade for Nodegrid Serial Console Hardware Platform:

  • InnoDisk SSD: Upgrade from version S17411i to S21804i.

• Multiple enhancements have been made to the Certificates table in the Nodegrid Security section.

Bug Fixes

• Fixed the issue where the webforwarder browser extension was not working for some types of target devices.

• Fix pdu_servertech SSH discovery of outlets with a dot in the name.

• Fixed WiFi client connection to WPA1 and TKIP wireless networks.

Nodegrid Version 6.0.12

Release July 26, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Upgraded libarchive to v3.7.4 (CVE-2024-37407).

• Upgraded OpenSSH to v9.8p1 (CVE-2024-6387).

New Features and Enhancements

• Added support to Legrand Bi-Directional SFPs, Approved Networks OP-SFP-BX34-20 and OP-SFP-BX43-20.

• Added support for new managed device for PDU HPE G2 Series Metered with type pdu_hpe_g2.

Bug Fixes

• Fixed SFP bonding connection not detecting link partner down by enabling auto-negotiation by default.

• Added missing Apparmor profiles that can be required by some Docker containers such as ThousandEyes.

• Fixed issue with export_settings where --plain-password not showing some password fields.

• Fixed forced speeds on switch ports of Gate SR and Bold SR.

• Fixed issues with import_settings of hostname detection probes.

• Fixed port enumeration issues in Net SR with Quad-USB adapter.

• Fixed applying imported certificates from the certificates table when FIPS mode is enabled.

• Enforce IPv4/IPv6 only in the LTE attach phase when the cellular connection has only one mode configured.

Nodegrid Version 6.0.11

Release June 28, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Upgraded git to v2.39.4 (CVE-2024-32002).

New Features and Enhancements

• Automatically detect and create network connections for eth2 and eth3 interfaces on xSR and Nodegrid Manager.

Bug Fixes

• Fixed SIM missing error on some versions of the M.2 expansion card hardware.

• Fixed cluster peer Web access stuck in blue screen in some cases.

• Fixed the issue where the unit would become unresponsive on the first boot after upgrading from version 5.6 or lower. This was caused by OpenSearch failing to initialize on IPv6-only networks.

• Fixed case where switch-related processes show high CPU usage when network card is not present in NSR front slot.

• Fixed failover changing the active SIM card when the modem is not in failover.

• Fixed config checksum not showing changes when new files are created in a directory.

• Added Mellanox network driver to enhance support for Equinix Metal instances.

• Fixed cluster coordinator leasing excess licenses to peers.

• Fixed minor issues in the failover tracking page.

• Fixed BGP IPv6 prefixes being announced with IPv4-mapped IPv6 next hop after network configuration.

• Fixed apply_settings handling the number of built-in USB ports incorrectly.

• Configuring 5GHz WiFi with Region 00 is now disallowed.

• ZPE Cloud: Fixed the issue where the device failed to reconnect to ZPE Cloud once the connection was closed from the server side.

• ZPE Cloud: Fixed an issue where some features from ZPE Cloud might fail if certain services on Nodegrid were restarted (CCM).

• ZPE Cloud: Fixed known issue from v6.0.10: ZPE Cloud: DASHBOARD :: CELLULAR DATA screen does not report any cellular data usage.

• ZPE Cloud: Fixed the issue related to connection to Nodegrid configuration manager, preventing the collection of configurations from the Nodegrid in case the Nodegrid configuration manager is restarted.

• ZPE Cloud: Fixed an issue from v6.0.10 preventing the device from reconnecting to ZPE Cloud EU after downgrading to a version older than v6.0.10 and then upgrading back to v6.0.10.

• ZPE Cloud: Fixed an issue where the tracking page from ZPE Cloud sometimes displayed the device as unlicensed, even when it was licensed.

• ZPE Cloud: Fixed the issue where the screen would freeze and show an error when accessing the tracking page from ZPE Cloud.

Nodegrid Version 6.0.10

Release May 31, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older. Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in the /var directory.

Software Components Information

Security Fixes

• Upgraded several base open source packages, reducing outstanding CVEs by 105 (6 Low, 81 Medium, 18 High)

• Main open source package versions:

New Features and Enhancements

• Full refactor of Network Failover. It now supports up to 10 levels, has a new configuration UI, tracking page, and a new backend. The configuration page has moved to Network :: Failover, but import_settings from other versions still works

• New UI for configuring Border Gateway Protocol (BGP) on Network :: Routing

• Browser buttons “back” and “forward” now work on the WebUI. Actions that log out, such as “refresh” button, now show a confirmation prompt

• In a multi-cluster setup, the search functionality now allows searching across peers even without direct connectivity between peer and Super Coordinator

• Central Management feature is now not limited to cluster peers, and can be used to run Ansible playbooks against any hosts in the Ansible inventory

• Support for MAC filtering in the Firewall configuration

• The system now scans for expired certificates and generates Event ID 171 and an alert header on the UI when it detects certificates close to expiring

• Gateway profile factory settings changes: 1. Enable cellular connection GPS, health and data monitoring. 2. Block ICMP packets in WAN connections. 3. Disable many OOB-related services from Security :: Services.

• Devices in OOB profile now automatically create cellular connections when cellular cards are available.

Bug Fixes

• Fixed network connections page occasionally showing all connections as “Down”

• Fixed admin user unable to login via console when “Fall back if Denied” is not selected for Kerberos Authentication

• Fixed known issue from v6.0.5: “ZPE Cloud: On devices with TPM 1.2, if the "Remote Access" function is disabled, some ZPE Cloud functions such as "Upload Backup" will not work”

• Fixed Managed devices permissions screen not showing disabled devices

• Fixed auto APN selection for UK Vodafone APN

• Fixed discovery rules failures on ACS6000 and ACS8000 managed devices

• Fixed case where switch related processes show high CPU usage when network card is present in NSR back slot.

Known Issues

• ZPE Cloud: DASHBOARD :: CELLULAR DATA screen does not report any cellular data usage.

• Downgrading your Nodegrid device to a version below 6.0.10 will result in the device losing access to the ZPE Cloud. This issue affects devices enrolled in the non-US ZPE Cloud servers, such as EU ZPE Cloud. Workaround: Unenroll the device from the non-US ZPE Cloud server and then re-enroll it.

Nodegrid Version 6.0.5

Release April 26, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled before downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

Software Components Information

New Features and Enhancements

Add MTU configuration to Ethernet network connection UI

Bug Fixes

• Fixed failover between multiple IPSec tunnels

• Fixed default FRR configuration overwriting “Enable IPv4 IP Forward” setting

• Fixed manually restarting NetworkManager process

• Disabled some ZPE Cloud processes that ran in the background when ZPE Cloud is disabled

• Fixed missing SFP statistics

• Fixed issues with export/import settings on managed device types

• Fixed issues with Verizon APN registration

• Fixed diagnostic data failing when LDAP authentication server is configured

• Fixed usb_serial (FTDI) devices being wrongly detected as usb_sensor. Air Flow/Temperature and Dust devices will not be automatically detected and need to be manually configured

Known Issues

• ZPE Cloud: On devices with TPM 1.2, if the "Remote Access" function is disabled, some ZPE Cloud functions such as "Upload Backup" will not work

Nodegrid Version 6.0.4

Release April 3, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled prior to downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

• Software Components Information

Security Fixes

• Upgraded lighttpd to v1.4.74 (CVE-2023-44487)

• Upgraded nghttp2 to v1.60.0 (CVE-2023-44487)

• Upgraded Firefox to v124.0.1 (CVE-2024-29943)

• Upgraded bind to v9.18.24 (CVE-2023-50387)

New Features and Enhancements

• Support for IP Passthrough for WiFi interfaces

• Support for "COM Port Control" protocol (RFC-2217)

• Enable USB Attached SCSI (UAS) support in kernel

Bug Fixes

• Fixed PPPoE connections not working

• Erase BIOS/bootloader password when upgrading with “format partitions” option

• Fixed issues with IP Passthrough

• Fixed LLDP sometimes not starting in switch interfaces after boot

• Fixed segmentation fault error on manual restart of Network Manager process

• Added 13388.mcs ATT APN to APNs DB

• Fixed failure to read wireless modem information in some cases

• Fixed misleading events 160 and 161 generated on boot (“Search is unavailable” and “Search has been restored”)

• Do not restart network connections upon reconfiguration of another connection

• Fixed non-admin users unable to access MKS session of VM

• Fixed WAN/LAN interfaces information in Access :: Overview page

Nodegrid Version 6.0.3

Release February 23, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled prior to downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

Software Components Information

Security Fixes

• Upgraded linux-kernel to v6.1.75 (CVE-2024-0646, CVE-2024-0565, CVE-2023-5717)

• Upgraded xserver-xorg to v21.1.11 and xorgproto to v2023.2 (CVE-2023-6816)

• Upgraded libuv to v1.48.0 (CVE-2024-24806)

• Patched FreeRDP v2.11.0 (CVE-2024-22211)

New Features and Enhancements

• The VRRP keepalive file is now covered by Save Settings

• Added support to Static LAG for NSR Compute module's backplane ports

Bug Fixes

• Upgraded InnoDisk SSD microcode from version S17411i to version S21804i, fixing issues in the handling of block information

• Fixed the less and more commands being unable to exit or navigate from a shell session started by CLI

• Fixed editing IPsec Tunnel validation for pre-shared-key

• Added Dashboard logs size control when Search Engine is irresponsive

• Fixed OCP Menu opening on non-USB serial ports

• Fixed API toolkit/files/execute issue when invalid executable is requested

• PDU Austin Hughes: Fixed managing multiple outlets using SNMP protocol

• ZPE Cloud: Resolved supervisor errors causing false positive logs

Nodegrid Version 6.0.2

Release January 26, 2024

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled prior to downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

Software Components Information

Security Fixes

• Upgraded OpenSSH to v9.6p1 (CVE-2023-51385, CVE-2023-48795, CVE-2023-51384)

• Upgraded Apache2 to v2.4.58 (CVE-2023-31122, CVE-2023-43622)

• Upgraded qatzip to v1.1.2 (CVE-2022-36369)

• Upgraded dnsmasq to v2.89 (CVE-2022-0934, CVE-2023-28450)

• Upgraded libmodbus to v3.1.10 (CVE-2022-0367)

• Upgraded xserver-xorg to v21.1.9 (CVE-2023-5367, CVE-2023-5574)

• Upgraded sqlite to v3.44.2 (CVE-2023-7104)

• Upgraded nghttp2 to v1.57.0 (CVE-2023-44487)

• Upgraded libx11 to v1.8.7 (CVE-2023-43787)

• Upgraded ffmpeg v6.1 (CVE-2023-47470)

• Upgraded libsndfile1 to v1.2.2 (CVE-2022-33065)

• Patched linux-kernel v6.1.57 (CVE-2023-5178)

• Patched grub v2.06 (CVE-2023-4692)

• Patched qtbase v5.15 (CVE-2023-51714)

New Features and Enhancements

• Additional support for locking user accounts after failed login attempts

• Allow disabling console access to the Nodegrid device

• Support for IPSec with X.509 certificates

• New table to manage system certificates on Security :: Certificates

• LLDP support for bridge connections

Bug Fixes

• Fixed LTE Modem not connecting when using Verizon SIM card

• Fixed creation of bridge between one ethernet interface and one VLAN over bonding connection

• Fixed some API queries for DHCP returning error 500

• Fixed API endpoint system/toolkit/files/execute failing to execute CLI commands

• Generate event device up/down after reconfiguration of mode from on-demand to enabled

Known Issues

• ZPE Cloud: After a system boot, the first application of a profile fails if “File Encryption” or “File Protection” is used.

Nodegrid Version 6.0.1

Release December 20, 2023

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled prior to downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

Software Components Information

Security Fixes

• Upgraded FRR to v9.1 (CVE-2023-38406, CVE-2023-41361, CVE-2023-41360, CVE-2022-37032, CVE-2023-41359, CVE-2023-3748, CVE-2023-38407, CVE-2023-47235, CVE-2023-47234, CVE-2023-41909, CVE-2023-38802, CVE-2023-41358)

• Upgraded OpenVPN to v2.6.8 (CVE-2023-46850)

• Upgraded perl to v5.38.2 and perl-cross to v1.5.2 (CVE-2023-47100)

• Upgraded vim to v9.0.2130 (CVE-2023-5535)

• Upgraded Firefox to v121.0b5 (CVE-2023-49060)

• Upgraded binutils to v2.41 (CVE-2023-25584, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696)

Bug Fixes

• Fixed problems resulting from incomplete installation in some Nodegrid Managers (VMs) due to network card not recognized in early installation process

• Fixed USB sensor devices not being updated correctly when unplugging from a USB hub

• Fixed running a playbook via API in Central management

• Fixed “Interface” in VLAN connection being read-only

• Fixed LLDP settings being ignored when creating a bond interface

• Improved device reconnection to ZPE Cloud in case of network changes

• ZPE Cloud: Fixed IP address and Interface information not displayed on Device Details

Nodegrid Version 6.0.0

Beta Release November 30, 2023

Supported Products

Upgrading Instructions

• Upgrade methods from Web Interface, CLI, USB, and Network Boot are supported.

• UEFI mode and Secure Boot must be disabled prior to downgrading to v5.0 or older.

• Upgrade from v4.x versions is only supported starting at v4.2.4.

• Upgrade from v3 versions is only supported for NSC devices at v3.2.54 and will erase existing data in /var directory.

Software Components Information

Breaking Changes

• Remote access to cluster devices will only work between cluster nodes with Nodegrid OS version v6.0.0 or later

• Removed packages: python2, polkit, cups

Security Fixes

• Upgraded hundreds of base open source packages, reducing outstanding CVEs by 304 (4 Low, 136 Medium, 164 High)

• Main open source package versions:

New Features and Enhancements

• Remote cluster device access now proxies through cluster peers (including multi-cluster), being able to reach isolated subnetworks

• Integrated UI support for FRR configuration

• Improved UI for wireless modem diagnostics, adding capability to run advanced troubleshooting commands from the UI

• System will drop old sessions and generate events in case the session table becomes full, preventing lock-out

• Masking of possibly sensitive data on Diagnostic Data is now optional

• User is automatically logged-out of WebUI when session expires

• Added progress bar and improved disk space check for file downloads greater than 1MB from “Local Computer”, such as in software upgrade

• Any interface is now selectable on Firewall Rule UI

• Support for changing Docker data-root location to a different disk or partition in Security :: Services

• Improved “Save Settings” UI to show a list of available backups. Backups are now also accessible via File Manager

Documentation Feedback

You can share your feedback on ZPE product documentation using the feedback option at the end of each article. After submitting your feedback, you can optionally provide your email address if you wish to be notified when the changes are made.

Troubleshooting

For the latest and detailed troubleshooting information, see the ZPE Knowledge Base site. You can also reach out to the support team via the email ID support@zpesystems.com.