<<<>>> Trend Micro, Inc. September 1, 2017 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro (TM) Deep Security(TM) 9.0 Deep Security Agent 9.0 Service Pack 1 Patch 5 Hot Fix - Build 5505 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This hot fix was developed as a workaround or solution to a customer-reported problem. As such, this hot fix has received limited testing and has not been certified as an official product update. Consequently, THIS HOT FIX IS PROVIDED "AS IS". TREND MICRO MAKES NO WARRANTY OR PROMISE ABOUT THE OPERATION OR PERFORMANCE OF THIS HOT FIX NOR DOES IT WARRANT THAT THIS HOT FIX IS ERROR FREE. TO THE FULLEST EXTENT PERMITTED BY LAW, TREND MICRO DISCLAIMS ALL IMPLIED AND STATUTORY WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. Contents =================================================================== 1. Hot Fix Release Information 1.1 Issues 1.2 Enhancements 1.3 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation/Uninstallation 4.1 Installation 4.2 Uninstallation 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement =================================================================== 1. Hot Fix Release Information ======================================================================== NOTE: Please install this hot fix before completing any procedures in this section (see "Installation"). 1.1 Issues ===================================================================== This hot fix resolves the following issues: Issue 1: [SEG-10740/DSSEG-1293] A race condition when the ds_agent kernel module was handling TCP connections caused a kernel panic. Solution 1: The issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-342/VRTS-943] The version of OpenSSL used in the Deep Security Agent was subject to security vulnerabilities. Solution 2: The version of OpenSSL used by the Deep Security Agent has been updated to openssl-1.0.2j. 1.2 Enhancements ===================================================================== This hot fix does not add any enhancements. 1.3 Files Included in this Release ===================================================================== A. Files for Current Issue -------------------------------------------------------------------- Filename Build No. ----------------------------------------------------------------- Agent-Solaris_5.11-9.0.0-5505.x86_64.p5p.gz 5505 Agent-Solaris_5.11-9.0.0-5505.sparc.p5p.gz 5505 Agent-Solaris_5.10_U7-9.0.0-5505.sparc.pkg.gz 5505 Agent-Solaris_5.10_U7-9.0.0-5505.x86_64.pkg.gz 5505 2. Documentation Set ======================================================================== In addition to this readme.txt, the documentation set for this product includes the following: o Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you deploy Deep Security smoothly. o User's Guide (UG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o Readme.txt files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent, Virtual Appliance and ESX Filter Driver. o Electronic versions of the documents are available at: http://docs.trendmicro.com/en-us/enterprise/deep-security.aspx o Online help -- Context-sensitive help screens available on the Deep Security Manager that provide guidance for performing a task. o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 3. System Requirements ======================================================================== Refer to the "Installation Guide" or release notes for a complete list of system requirements. 4. Installation/Uninstallation ======================================================================== 4.1 Installation ===================================================================== Refer to the "Installation Guide" on the following web site for the complete installation procedure: http://docs.trendmicro.com/en-us/enterprise/deep-security.aspx 4.2 Uninstallation ===================================================================== Refer to the "Installation Guide" on the following web site for the complete uninstallation procedure: http://docs.trendmicro.com/en-us/enterprise/deep-security.aspx 5. Post-installation Configuration ======================================================================== No post-installation steps are required. 6. Known Issues ======================================================================== There are no known issues for this hot fix release. For other known issues, please refer to the product release notes. 7. Release History ======================================================================== Deep Security Agent 9.0 Service Pack 1 Patch 1 Build 9.0.2404, September 11, 2013 Deep Security Agent 9.0 Service Pack 1 Patch 2 Build 9.0.3044, December 17, 2013 Deep Security Agent 9.0 Service Pack 1 Patch 3 Build 9.0.3500, June 10, 2014 Deep Security Agent 9.0 Service Pack 1 Patch 4 Build 9.0.4002, October 8, 2014 Deep Security Agent 9.0 Service Pack 1 Patch 5 Build 9.0.5001, May 15, 2015 Deep Security Agent 9.0 Service Pack 1 Patch 5 Build 9.0.5409, August 18, 2016 Deep Security Agent 9.0 Service Pack 1 Patch 5 Build 9.0.5434, February 15, 2017 See the following web site for more information about updates to this product: http://www.trendmicro.com/download 7.1 Prior Hot Fixes ==================================================================== NOTE: Only the new hot fix was tested for this release. Prior hot fixes were tested at the time of their release. Hot Fix 5473 (May 18, 2017) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [SEG-1047/DSSEG-1023] SQLITE_BUSY: Database is locked and several other SQLITE ERRORS have been observed in Deep Security Agent's Logs due to certain threads holding si.db database used by the Integrity Monitoring Module of Deep Security, and did not release it due to unfinished transactions. Solution 1: This has been fixed in current release. Hot Fix 5437 (March 29, 2017) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [SEG-2838/DSSEG-819] The allocation of a very large amount of kernel memory by the network filter driver (ds_filter) would cause the system to reboot unexpectedly. This was due to incorrect handling of UDP broadcast and multicast in the filter driver when multiple NICs were installed and connected to the same network segment. Solution 1: This release includes a new network filter driver that fixes the issue. Hot Fix 5434 (February 15, 2017) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [DSSEG-716] When no Firewall or Intrusion Prevention rules were assigned, Deep Security Agent would raise an Agent/Appliance Error event: "Engine command code GET_INTERFACES failed" because the ds_filter driver was not loaded. Solution 1: The issue is fixed in the hotfix. Hot Fix 5422 (December 2, 2016) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT351301/DSSEG-264] Version 9.0 of the Deep Security Agent for Solaris would sometimes fail to upgrade remotely on Solaris 10 because of an improper shutdown order during upgrade. As a result, the Deep Security Agent service would enter maintenance mode and be offline. Solution 1: The Deep Security Agent upgrade logic has been refined to avoid the timing issue during the shutdown process. Issue 2: [TT356718/DSSEG-574] When a user changed the communication direction to "agent-initiated only" on a Solaris 10/11 computer that only had IPv4 support, the Deep Security Agent would enter maintenance mode because it failed to bind the address. Solution 2: This issue is resolved in this release. Hot Fix 5390 (June 1, 2016) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT343997/DSSEG-264] Version 9.0 of the Deep Security Agent for Solaris would sometimes fail to upgrade remotely on Solaris 11 because of an improper shutdown order during upgrade. As a result, the Deep Security Agent service would enter maintenance mode and be offline. Solution 1: The Deep Security Agent upgrade logic has been refined to avoid the timing issue during the shutdown process. Hot Fix 5378 (April 19, 2016) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT341191/DSSEG-213] When a recommendation scan was run on a Solaris machine, the Deep Security Agent collected the installed packages information from pkginfo. The Deep Security Agent logged output in the Agent's log file related to: line arch value = all does not match Intel or Sparc (error 0: Error 0) Solution 1: The logic has been updated to handle this issue and these log messages are no longer appearing in the Deep Security Agent log file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hot Fix 5360 (December 23, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT333425/DSSEG-35] The Integrity Monitoring build baseline function would get stuck when there were more than 256 user accounts. The root cause is a defect in 3rd-party library wxWidget 2.8. Solution 1: The issue is fixed in this hotfix. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [TT336310/DSSEG-37] The Deep Security Agent reported an invalid NIC name to Deep Security Manager, causing a send policy failure. Solution 2: The issue is fixed in this hotfix. Hot Fix 5354 (December 11, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT333621/DSSEG-30] On Solaris platforms, if the ds_filter driver went into maintenance mode for some unknown reason, it would stay in maintenance mode until the status was cleared manually. Solution 1: This fix will clear the service status so the service can be started during machine boot time. Hot Fix 5353 (November 19, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [TT333910/30391] The Solaris server crashed in dsa_filter when the UDP packets with the same IP addresses and ports reached different network interfaces at the same time. Solution 1: The issue is fixed in this hotfix. Hot Fix 5342 (November 12, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [29989] Errors in installed software data extraction for Recommendation Scans and Integrity Monitoring were logged under Solaris 11 due to a change in the Solaris 11 packaging system. Solution 1: This Hot Fix updates the installed software data extraction handling. Hot Fix 5324 (September 28, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: [30221] Deep Security Agent for Solaris SPARC triggers kernel panic due to race condition in Agent's kernel driver. Solution 1: This has been fixed in current release. Hot Fix 5315 (July 13, 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 1: If the URL list contained a dead UDP connection, it stayed there and exhausted kernel memory, preventing any more UDP/TCP connections. Solution 1: The defect in the connection management code has been fixed. 8. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 9. About Trend Micro ======================================================================== As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With over 20 years of experience, Trend Micro provides top-ranked client, server, and cloud-based solutions that stop threats faster and protect data in physical, virtualized, and cloud environments. As new threats and vulnerabilities emerge, Trend Micro remains committed to helping customers secure data, ensure compliance, reduce costs, and safeguard business integrity. For more information, visit: http://www.trendmicro.com Trend Micro, the t-ball logo, and Deep Security are trademarks or registered trademarks of Trend Micro Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright 2016, Trend Micro Incorporated. All rights reserved. 10. License Agreement ======================================================================== More information about your license agreement with Trend Micro and third-party licensing agreements can be found in the release notes.