Beruflich Dokumente
Kultur Dokumente
Table of Contents
INTRODUCTION
About This Release
Uploading Update Packages to Your Appliance
WHAT'S NEW
Intermixing Oracle Storage Drive Enclosure DEx-24P/C Disk
Shelves
Oracle Storage Drive Enclosure DE3-24P All-Flash
All-Flash Storage Pools
Automatic Firmware Update for Oracle ILOM and BIOS
Oracle Storage Drive Enclosure DE2-24P/C Firmware
Update
Data Deduplication
Deduplicated Replication
HTTP Object Store for Swift
Certificate Management
SMB 3.0 Support
NFS 4.1 Support
Capacity Bytes and Percentage Used Analytic Statistics
OISP Bytes and Operations Analytic Statistics
Meta Device Capacity Bytes and Percentage Used Analytic
Statistics
Resumable Replication
Direct Replication of Raw Disk Blocks
Replication Auto Snapshot Management
Streamlined Replication Schedule Configuration
Replica Lag Alerts
Extended Replication Reverse
Replication Multi-tenant Scripting Enhancements
Increased Number of Simultaneous Replication Streams
Replication Monitoring Improvement for RESTful API
LUN I/O Throttling
SSH Key-Based Authentication
New Replication Actions Unavailable after Rollback to Pre-
OS8.7 Software Release
Support for 800GB and 3.2TB Solid State Disks
RELATED
PRODUCTS Oracle Systems Manager for Oracle ZFS Storage v2.0
SUPPORT NOTICES
Summary of Controller Support
Summary of Disk Shelf Support
Upgrade Paths to This Software Version
Platform Support
Changes to ZFS Storage Appliance Support File Uploads
Support for Sun ZFS Storage 7120
Support for Legacy Browsers
Software Updates Document on My Oracle Support
DEFERRED
UPDATES What are Deferred Updates?
OS8.7.3 (2013.1.7.3) Deferred Update: Windows Compatible
Automated Snapshot Names
OS8.7.0 (2013.1.7.0) Deferred Update: Data Deduplication
v2
OS8.7.0 (2013.1.7.0) Deferred Update: LZ4 Data
Compression
OS8.7.0 (2013.1.7.0) Deferred Update: Asynchronous
Dataset Deletion
OS8.7.0 (2013.1.7.0) Deferred Update: Fast Copy with
Encryption
OS8.7.0 (2013.1.7.0) Deferred Update: RAID Space
Efficiency Improvements
OS8.6.0 (2013.1.6.0) Deferred Update: ACL Passthrough
with Mode Preservation
2013.1.4.0 Deferred Update: NDMP Backup of Target
Replicas
2013.1.2.0 Deferred Update: Sequential Resilver
Performance Improvements
2013.1.1.0 Deferred Update: Support for Large Block/Record
Size
2013.1.0.1 Deferred Update: Support for Multiple Initiator
Groups per LUN
COMPATIBILITY
AND HTTP Clients Used as RESTful API Clients Must Support
INTEROPERABILITY TLS Protocols
Windows Clients Fail to Reconnect Upon Server Upgrade to
SMB 3.0
Enabling the TLSv1.0 Protocol for Administration, WebDAV
or FTP over TLS
FC Workload from Windows Fails When Throttles Set on
LUNs
Prefer reboot to forced cluster takeover
NTLMv2 is recommended as the minimum SMB LAN
Manager authentication level, but is not the default
Kerberos does not support weak encryption types by default
iSCSI clients should not have a too-short session
replacement timeout value
Oracle Linux multipath configuration information
Oracle Linux compatibility with NFSv4 numeric string IDs
Oracle Linux serial baud rate configuration
Data compare error on cluster takeover
Client-side interoperability related notes and issues
KNOWN ISSUES
[RN002] replication fails in zfs_receive: does not match
incremental source
[RN003] stale pool config when failback races with fmd and
sysevent handler
[RN010] zfs needs better pool export semantics
[RN017] I/O to dataset without key inheritance fails if project
level key is deleted
[RN019] Large deletes on dedup enabled shares can cause
I/O stall
[RN021] Fibre channel multipath configuration may fail on
Oracle Linux 5, 6, and 7 after ZFSSA cluster events
[RN025] Rollback with an expanded storage pool may fault
pool
[RN026] Transient messages may appear during disk
replacement or firmware upgrade
[RN028] Compound requests not failing with the same error
code as returned from previous
[RN035] Destroy of initiator group fails on peer with
EAKSH_GENERIC_STMF_BUSY
[RN038] zfs dtl missing data problems entries exists even
after fw upgrade completes
[RN039] Controller fan module failure not indicated in
Maintenance Hardware
[RN040] No chassis fault indicator for system disk failure
[RN041] Service processor might be reset during controller
boot if interaction with GRUB menu
[RN042] I/O Module removal or insertion might not generate
an alert
[RN043] Disk shelf power supply removal not indicated in
Maintenance Hardware
[RN044] Controller service indicator lit for disk shelf disk
failure
[RN045] I/O Module removal not indicated in Maintenance
Hardware
[RN047] FC LUNs discovery from Solaris pauses at
cfgadm:Library error:report LUNs failed
[RN049] Zero NFSv4 I/O using UEK4 Branch 4.1.12-61.* ->
4.12-37.5
[RN050] ddt throttling I/O over a large range of blocksizes
[RN052] Share-level remote replication relationship may be
severed during replication reversal
CLOSED ISSUES
Table of Past Release Note IDs Closed in OS8.7.4
(2013.1.7.4) or an Earlier OS8.x.x Release
SECURITY FIXES
OTHER FIXES
Table of Key Change Requests Fixed in OS8.7.4
Table of Key Change Requests Fixed in OS8.7.0 through
OS8.7.3
LEGAL NOTICES
Copyright Information
Introduction
About This Release
These are the release notes for Oracle ZFS Storage Appliance software version
OS8.7.4 (2013.1.7.4). The 2013.1 release is the latest major release of the appliance
controller software, and OS8.7.4 (2013.1.7.4) is a micro release. Versioning for this
release will be:
2013.1.<minor-version>.<micro-version>
In Maintenance -> System -> Updates the full build version string is reported as:
2013.06.05.<minor-version>.<micro-version>,<external-build-number>
The full version string for OS8.7.4 (2013.1.7.4) is 2013.06.05.7.4,1-1.1.
The [PATCH_ID].zip file available from My Oracle Support cannot be uploaded to the
appliance directly. Instead you must:
Download the [PATCH_ID].zip file to a local filesystem accessible from your desktop.
Unzip the downloaded file, which will create an All_Supported_Platforms directory.
In the newly created directory, locate the software update file with the
[PACKAGE].pkg.gz file name. Update your appliance using that file by following the
instructions in the online help off the current install on the appliance.
What's New
Intermixing Oracle Storage Drive Enclosure DEx-24P/C Disk Shelves
A recent release introduced the Oracle Storage Drive Enclosure DE3-24P All-Flash disk
shelf, which comprises all data SSDs and takes advantage of all-flash storage pools.
This disk shelf delivers the maximum storage performance for your system, and is used
in conjunction with controller SAS-3 HBAs in Oracle ZFS Storage ZS5-4, ZS5-2, and
ZS4-4. SAS-3 HBAs support high data transfer speeds, and SSDs provide significantly
faster throughput than HDDs. This increased workload performance and decreased
latency appreciably increases operational efficiency for a variety of tasks. Performance
configuration recommendations are provided in the online help or in the Oracle ZFS
Storage Appliance Cabling Guide for Release OS8.7.0 or later, and threshold alerts can
be configured to monitor the remaining lifetime of SSDs.
A recent release introduced the all-flash storage pool, which utilizes SSDs as data
devices, and does not contain read cache or meta devices. As such, an all-flash
storage pool is ideal for transactional data workloads. All-flash storage pools are
presently supported on Oracle ZFS Storage ZS5-4, ZS5-2, and ZS4-4. Contact your
Oracle sales representative for the latest list of platforms that support specific features.
The automatic firmware update is available for the following platforms and associated
minimum required Oracle ILOM versions. Contact Oracle Service if your supported
platform does not meet the minimum requirement.
Software release OS8.7.0 or later contains a firmware update for Oracle Storage Drive
Enclosure DE2-24P/C disk shelves. The firmware remediates several issues and
ensures high availability and full functionality of the disk shelves. During a rolling
upgrade, it is important to postpone administrative operations such as reboot, power
down or cluster failback until the system has automatically updated all device firmware.
For more information on firmware updates and information on how to monitor them
following the first boot after a software update, refer to the Firmware Updates section of
the Customer Service Manual or online help.
Data Deduplication
The data deduplication property for projects and shares controls whether duplicate
copies of data are eliminated. Using deduplication saves space by storing only one
copy of a given block, regardless of how many times it occurs. Therefore, it reduces
storage pool space consumption. Deduplication can only occur between blocks of the
same size, data written with the same record size, and a minimum record size of 128
kilobytes. For best results, set the record size to that of the application using the data;
for streaming workloads, use a large record size.
Data deduplication, which uses the cryptographically strong SHA-256 checksum, has
an increased CPU usage and increased memory overhead cost, so it is more efficient
when there is more duplicate data. Because the effectiveness of deduplication is highly
data dependent, it is strongly recommended to verify the deduplication savings with
representative datasets prior to using this feature in a production environment. To
determine if performance has been adversely affected by deduplication, enable
advanced analytic "ZFS DMU Operations" and break down the results by the Data
Management Unit (DMU) object type.
In software release OS8.7.0 or later, two new analytic statistics monitor meta device
capacity, providing trending data for meta device usage, and alerts when meta device
capacity reaches a specific threshold.
Deduplication has no effect on the calculated size of a share, but does affect the
amount of space used for the storage pool. For example, if two shares contain the
same 1 GB file, each appears to be 1 GB in size, and the total for the pool is 1 GB, with
a deduplication ratio of 2x.
Several interoperability considerations can arise when using the remote replication
facility to replicate deduplicated projects or shares. When replication is involved,
consideration must be given to the differing data deduplication capabilities of the
replication source and the replication target.
During replication, the full benefit of the improved Data Deduplication feature is
achieved when both the source pool and the target pool meet the requirements for
enabling improved data deduplication. When replicating a deduplicated source share to
an OS8.7.0 or later target pool that does not meet these requirements, the
deduplication property of the replica share on the target is disabled. If the target pool is
later upgraded by, for example, adding a meta cache device to the pool, the replication
target then allows the administrator to set the deduplication property for projects and
shares within existing replication packages. Any new replication packages created in
the upgraded target pool will retain the deduplication settings of the source projects and
shares.
When upgrading replication sources and targets from a pre-OS8.7.0 software release to
the OS8.7.0 or later software release, special consideration must be taken if data
deduplication was enabled for replicated projects or shares before the upgrade. To
preserve full replication compatibility if the pre-OS8.7.0 version of deduplication was in
use, do not accept OS8.7.0 or later deferred updates, including the Data Deduplication
v2 deferred update, on either sources or targets until OS8.7.0 or later has been
installed on all. After both the sources and targets have been upgraded to OS8.7.0 or
later, all OS8.7.0 or later deferred updates can be accepted.
Deduplicated Replication
Replication source and targets have upgraded to software release OS8.7.0 (2013.1.7.0)
or later
Deduplication has been enabled for replication actions
Data to be deduplicated meets the following requirements: 1) Blocks are of the same
size; 2) Data is written with the same record size; and 3) Blocks were stored with the
same checksum algorithm.
Data being replicated was stored on disk using strong crypto-quality checksums: SHA-
256 or SHA-256-MAC. This is required for good performance.
The block size is 128 kilobytes or larger (preferred).
If encrypted data is being replicated, it was stored on disk with the Data Deduplication
property enabled and with encryption set to aes-128-ccm, aes-192-ccm, or aes-256-
ccm.
The number of unique blocks in the project or share being replicated remains below
approximately 400M to avoid deduplication table congestion.
The Data Deduplication feature can be used with or without the Deduplicated
Replication feature because the two features are independent, and Deduplicated
Replication does not require meta devices. The Data Deduplication feature is enabled
at the project or share level and affects storage pool space consumption. The
Deduplicated Replication feature is enabled at the replication action level and affects
the number of bytes that are transmitted from the source to the target during a
replication update. The replication of encrypted data is a special case in which
Deduplicated Replication relies on the data having been originally written to disk using
Data Deduplication.
A recent release introduced the HTTP Object Store feature, which enables Oracle ZFS
Storage Appliance to save data as storage objects into the Oracle ZFS filesystem
through the Swift Object Store protocol. After enabling the Object Store property for the
HTTP service and configuring HTTP Object Store, enable the feature on individual
filesystems.
This feature does not support changes to the root user on the parent share. Any root
user changes will not change the object store's account owner, and may cause
subsequent authentication requests to fail.
Certificate Management
System Certificate management, including the list of certificates and the selection of the
system default certificate, has recently moved from Configuration > Services > System
Identity to Configuration > Settings > Certificates. Also, Trusted Certificates has recently
been introduced to allow managing which certificates are trusted to authenticate remote
systems, and can be used to assign certificates to a specific service (currently only
LDAP).
Observe normal operating procedures when deleting a certificate from the System
Certificate list. Ensure that the certificate is not in use, and that multiple appliance
sessions are not open. Oftentimes, reloading the browser page can resolve conflicts.
Previously, the software supported SMB 1, SMB 2.0, and SMB 2.1. A recent release
introduced additional support for SMB 3.0, and specifically these SMB 3.0 features:
transparent failover (continuously available shares), and multichannel.
It is strongly advised to upgrade clients from SMB 1 to at least SMB 2.0 because SMB 1
has known security and performance issues that are resolved in later SMB versions.
SMB 1 will be disabled by default in a future software release.
Previously, the software supported NFS 2, NFS 3, and NFS 4.0. A recent release
introduced additional support for NFS 4.1.
Capacity Bytes and Percentage Used Analytic Statistics
Two "trendable" analytic statistics have been recently introduced to monitor storage
usage in bytes or percentage. These datasets are graphically rendered in the BUI, and
display the trends over the full time span of the datasets in the worksheet. The trend
graphs can be both viewed and manipulated. The first statistic displays the trends for
used bytes, in Gigabyte units, for storage capacity, and is broken down by storage
pools. The second statistic shows the trends for used percentage for storage capacity,
and is also broken down by storage pools.
In addition, you can use the CLI to set a threshold alert for capacity usage by bytes or
by percentage.
Two analytic statistics have been recently introduced for Oracle Intelligent Storage
Protocol (OISP). The first displays OISP bytes/sec transferred between OISP clients
and the appliance. Bytes statistics can be broken down by client, filename, database
name, database filetype, database function, share, and project. The second statistic
displays OISP operations/sec requested by clients to the appliance. Operations
statistics can be broken down by client, filename, database name, database filetype,
database function, share, project, latency, size, and offset.
Two "trendable" analytic statistics have been recently added to monitor meta device
storage usage in bytes or percentage. These statistics can only be used with meta
devices configured for data deduplication. The datasets are graphically rendered in the
BUI, and display the trends over the full time span of the datasets in the worksheet. The
trend graphs can be both viewed and manipulated. The first statistic displays the trends
for used bytes, in Gigabyte units, for meta device storage capacity, and is broken down
by storage pools. The second statistic shows the trends for used percentage for meta
device storage capacity, and is also broken down by storage pools.
In addition, you can use the CLI to set a threshold alert for capacity usage by bytes or
by percentage.
Resumable Replication
Previously, if a replication update was interrupted by, for example, a network outage,
the retry of the replication update would re-transmit the entire replication data stream.
As of a recent release, the retry of the replication update will now resume from the point
where the prior attempt stopped. This saves a significant amount of time, especially
when an initial replication update fails after having transmitted a large amount of data to
the replication target.
Direct Replication of Raw Disk Blocks
As of a recent release, when compressed shares are replicated, the data is no longer
decompressed at the source appliance and re-compressed at the target appliance.
Instead, the compressed data is replicated directly, saving CPU time on both the
replication source and target.
As of a recent release, there are now additional replication update intervals available: 5,
10, 15 and 20 minutes and 2, 4, 8 and 12 hours. In addition, a recent release made it
easier to create replication schedules that distribute the replication updates from
multiple actions across time. Previously, it has been the responsibility of the
administrator to select a replication update start time for each schedule that minimizes
the number of replication updates that start at the same time, reducing resource
contention. Now, the administrator can tell the appliance to select the start time for a
new replication schedule. The appliance examines the start times of existing replication
action schedules and chooses a start time for the new schedule that is separated from
other actions' start times.
The remote replication facility has a limited number of data stream processing threads.
One of these threads is required for each outgoing replication update and for each
incoming replication update. Previously, the limit of simultaneous outgoing+incoming
updates was 30. As of a recent release, there can be as many as 120 simultaneous
replication updates. For outgoing replication updates that employ the Deduplicated
Replication feature, memory usage considerations further limit the number of
deduplicated replication updates that will be performed simultaneously.
As of a recent release, the get replication action status command for the RESTful API
now returns an additional state_description property with the following possible
values:
A recent release introduced I/O Throttling properties for LUNs that set the maximum
bytes per second that can be written to or read from a disk. These properties can be set
for each LUN.
In prior releases, both RSA and DSA/DSS public keys were supported for SSH
authentication. In line with industry best practices, support for the DSA/DSS public key
method (now considered weak) has been permanently removed from a recent release
and future versions of the product. Users requiring key-based authentication must use
RSA keys.
In prior releases, rolling back to a previous release of the software retained replication
actions created in the newly upgraded software release. However, due to the new
replication action format introduced in release OS8.7, replication actions created in
OS8.7 are not available after rolling back to a pre-OS8.7 release. Although replication
snapshots used by these unavailable actions are visible and can be destroyed after the
rollback, destruction of these replication snapshots is not recommended. When the
software is upgraded to release OS8.7 or later, the replication actions become available
again and will be associated with their replication snapshots created in OS8.7. Any
replication action without a corresponding replication snapshot is unusable.
As of a recent release, the appliance now supports 800GB and 3.2TB solid state drives
for all-flash storage pools within Oracle Storage DE3-24P disk enclosures. The 3.2TB
device is also supported as a read cache and deduplication meta device in Oracle
Storage DE3-24P and DE3-24C disk enclosures. See Summary of Disk Shelf Support
for platforms that support meta devices and/or read cache devices in disk shelves.
Contact your Oracle sales representative for the latest list of platforms that support
specific devices.
Related Products
Oracle Systems Manager for Oracle ZFS Storage v2.0
Oracle Systems Manager for Oracle ZFS Storage v2.0 enables efficient storage
infrastructure management, bringing in visibility of multiple Oracle ZFS Storage
Appliance systems to a single pane of glass. Built to support clustered systems, Oracle
Systems Manager for Oracle ZFS Storage v2.0 provides administrators with the ability
to obtain data summaries per storage system rather than per individual storage
controller. The dashboard offers an at-a-glance view of:
Storage inventory, including data layout, storage OS distribution, and active problems
Capacity projection with predictive analytics, including current storage utilization and list
of systems approaching 100 percent utilization
Data movement, with a status summary of replication actions
Storage system health, with health check results and availability of monitored storage
targets
The pre-GA release of Oracle Systems Manager for Oracle ZFS Storage is available for
download at Oracle Technology Network.
Support Notices
Contact your Oracle sales representative for the latest list of platforms that support
specific features and devices.
The following table summarizes the disk shelves supported in this release:
The minimum software version from which you can upgrade to OS8.7.4 (2013.1.7.4) is
2013.1.2.0. If a system is running an earlier software version and OS8.7.4 (2013.1.7.4)
update packages are uploaded, they will be listed as "unavailable" for upgrade until
such time as the system is first upgraded to 2013.1.2.0 or later.
A 2013.1.2.0 system reports version string 2013.06.05.2.0,1-1.10 in Maintenance ->
System -> Updates.
The following upgrade paths to software version OS8.7.4 (2013.1.7.4) are the minimum
supported:
Platform Support
The 2013.1.0.1 release is the minimum release required for the Oracle ZFS Storage
Appliance ZS3 family, including the ZS3-2 and ZS3-4. The 2013.1.3.0 release is the
minimum release required for the Oracle ZFS Storage Appliance ZS4 family, including
the ZS4-4. The OS8.6.5 (2013.1.6.5) release is the minimum release required for the
Oracle ZFS Storage Appliance ZS5 family, including the ZS5-2 and ZS5-4. The
OS8.7.0 (2013.1.7.0) release is the minimum release required for Oracle Storage Drive
Enclosure DE3-24P All-Flash.
Beginning with the 2013.1.1.6 micro release, Oracle Support established a new file
upload service at https://transport.oracle.com that provides greater upload speed and
security. ZFS Storage Appliances upgrading to this release will automatically use the
new service to upload support bundles and worksheet bundles.
You must register your ZFS Storage Appliance with the Phone Home service before
uploading files. The account you use to register the appliance must have Service
Request (SR) Create/Update privileges on at least one CSI in your organization. Refer
to MOS Document IDs 1070936.1 and 1329200.1 for further instructions.
You must provide an SR number when uploading support bundles or worksheet
bundles via the browser user interface (BUI) or command line interface (CLI).
The Sun ZFS Storage 7120 system may not be supported in a future major release. If
you have 7120 systems, please contact your support representative for transition
options and additional information.
Support for Legacy Browsers
Support for legacy browsers has been reduced. For full functionality of the BUI and
online help (OLH), it is recommended that users upgrade to newer browsers that
support more advanced features. Browsers listed in the Tier 1 group below are fully
supported and have support for features integrated in these releases. Tier 2 browsers
may encounter issues or cannot support some features in the BUI or OLH.
Oracle ZFS Storage Appliance software updates are available on My Oracle Support at
the following location:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2021771.1
This document includes software download instructions and links, release notes, and
other applicable links, such as to the appliance simulator, customer documentation
including white papers and solution briefs, and documents for interoperability and
replication compatibility. This document replaces similar content on wikis.oracle.com,
which is decommissioned. Please be sure to update your bookmarks to this new
location.
Deferred Updates
What are Deferred Updates?
When upgrading appliance software from one release to another, some features of the
new release can be delivered as "deferred updates" meaning that they will not be
available until such time as the administrator applies all deferred updates that are
unapplied. Features delivered in this way are those that have some impact on
compatibility, or on the ability to rollback to previously active appliance software.
Once deferred updates are applied, you cannot easily rollback to previously active
appliance software. For example, some deferred updates will progress the ZFS pool
version beyond what the previous software understands and the pool will fail to import
after rollback. The appliance software does not block an attempt to rollback, but in most
cases (e.g., unless you have unconfigured the pool) rollback will fail. You cannot select
between deferred updates that are unapplied - you either leave all unapplied, or apply
all those that are outstanding. Deferred updates accumulate as appliance software
updates are performed; for example, a system upgraded to 2013.1.0.1 from a 2011.1
release may have unapplied deferred updates as delivered in the 2011.1 releases.
Note that factory installed systems have all features active - no unapplied deferred
updates. Similarly, creating new pools on an existing system or upgrading a system and
subsequently performing a factory reset will both result in a system with all deferred
update features active.
Before applying any deferred update, see the documentation or online help for more
details. On the BUI Maintenance > System page, click the "More info" link for any
deferred update for further details, including online help links to important information.
Important: Due to changes in the system pool version and other underlying
mechanisms, software release OS8.7.0 (2013.1.7.0) or later can be rolled back up to
and including OS8.2.0 (2013.1.2.0). Rolling back to an earlier software release than
OS8.2.0 will result in unpredictable behavior.
This deferred update changes the time stamp in automated snapshot names to be
compatible with Windows clients by removing the ":" (colon) character. Applying this
deferred update changes all existing automated snapshots to use the new time stamp
format. This change is not propagated into replication packages until the packages
have been reversed or severed.
This deferred update, in conjunction with software release OS8.7.0 or later, significantly
enhances on-disk deduplication. Designate SSD meta cache devices for a new or
existing storage pool that will use deduplication, so the meta devices can hold
deduplication metadata tables, as well as other metadata. Shares and projects within
the storage pool that are already configured for deduplication will be automatically and
non-disruptively migrated in the background.
Several interoperability considerations can arise when using the remote replication
facility to replicate deduplicated projects or shares. When replication is involved,
consideration must be given to the differing data deduplication capabilities of the
replication source and the replication target.
During replication, the full benefit of the improved Data Deduplication feature is
achieved when both the source pool and the target pool meet the requirements for
enabling improved data deduplication. When replicating a deduplicated source share to
an OS8.7.0 target pool that does not meet these requirements, the deduplication
property of the replica share on the target is disabled. If the target pool is later upgraded
by, for example, adding a meta cache device to the pool, the replication target then
allows the administrator to set the deduplication property for projects and shares within
existing replication packages. Any new replication packages created in the upgraded
target pool will retain the deduplication settings of the source projects and shares.
When upgrading replication sources and targets from a pre-OS8.7.0 software release to
the OS8.7.0 software release, special consideration must be taken if data deduplication
was enabled for replicated projects or shares before the upgrade. To preserve full
replication compatibility if the pre-OS8.7.0 version of deduplication was in use, do not
accept OS8.7.0 deferred updates, including the Data Deduplication v2 deferred update,
on either sources or targets until OS8.7.0 has been installed on all. After both the
sources and targets have been upgraded to OS8.7.0, all OS8.7.0 deferred updates can
be accepted.
This deferred update supports the LZ4 compression option for projects and shares. LZ4
compression is a data compression algorithm that compresses data using adaptive
Lempel-Ziv coding. The LZ4 compression algorithm typically consumes less CPU than
GZIP-2, but compresses better than LZJB, depending on the data that is compressed.
When LZ4 compression is set for projects and shares, replication to a target will fail if
the target appliance does not support LZ4 compression. The LZ4 compression deferred
update must be applied to both source and target appliances.
The fast copy with encryption feature is used for certain VMware appliance plug-ins.
The plug-ins use the fast file cloning feature to offload the VM cloning operations to the
appliance. This deferred update frees up NFS network bandwidth and improves VM
cloning performance. Install this deferred update to support these appliance plug-ins:
Oracle ZFS Storage Appliance Plug-in for VMware Storage APIs for
Array Integration
Oracle ZFS Storage Appliance Provider for VMware vSphere APIs for
Storage Awareness (VASA)
OS8.7.0 (2013.1.7.0) Deferred Update: RAID Space Efficiency Improvements
This deferred update significantly reduces the storage overhead for pools using the
single-parity RAID data profile, thus increasing storage capacity.
This OS8.6.0 (2013.1.6.0) release includes a single new deferred update feature: ACL
Passthrough with Mode Preservation.
This deferred update improves interoperability between ZFS, NFS, and SMB sharing
when using the new option passthrough-mode-preserve. This option allows
inheritable ACL entries to be inherited while preserving the creation mode specified by
the application. This preserves the inheritance bits so SMB creates ACLs that
interoperate well with shares accessed over NFS and SMB simultaneously.
This 2013.1.4.0 release includes a single new deferred update feature: NDMP Backup
of Target Replicas.
With this update, NDMP zfs backups can be performed directly within target appliance
replication packages. Additionally, ongoing replication will no longer cause pending tar
and dump backups of replication snapshots to fail.
The 2013.1.2.0 release includes a single new deferred update feature: Sequential
Resilver Performance Improvements.
This deferred update implements a new resilvering algorithm that uses a two-step
process to sort and resilver blocks in LBA order. The impact of this algorithm depends
on how pool data is laid out. While sequentially written data on a mirrored pool shows
no improvement, randomly written data or sequentially written data on RAID-Z improves
significantly. In such cases, resilvering time can be reduced by 25 to 50 percent.
A restriction applies with regard to replication compatibility in the presence of the "Large
Block/Recordsize Update" feature:
If the source system both has the update applied and a large block- size or
recordsize has been selected, then the target appliance for replication must also
have this deferred update applied. Other combinations are not subject to this
restriction (for example where the deferred update is applied and large block or
recordsize is not actually selected, or where only the target system has the feature
enabled and not the source).
When a source system with this feature enabled attempts to replicate to a "down-rev"
system without the feature enabled, replication will fail with an alert as follows:
"Replication of <project[/share]> failed because the target system's software does not
support replication updates from this system. Check the replication documentation for
details."
2013.1.0.1 Deferred Update: Support for Multiple Initiator Groups per LUN
The 2013.1.0.1 release included a single new deferred update feature: support for
associating multiple initiator groups with a LUN.
If the source system both has LUNs for replication and has the "multiple initiator
groups per LUN" feature enabled, then the target appliance for replication must
also have the feature enabled. Other combinations are not subject to this restriction
(for example where no LUNs are being replicated, or where only the target system
has the feature enabled and not the source).
The "multiple initiator groups per LUN" feature is delivered in both 2011.1.1.8 and
2013.1.0.1 releases. In both cases it is the subject of a deferred update, meaning that a
system that is upgraded to one of those releases (or later) will not enable the feature
until such time as the administrator requests the application of all deferred updates. A
system whose initial install was of 2011.1.1.8 or 2013.1.0.1, or which was upgraded to
one of these releases (or later) and subsequently factory-reset, will have the feature
enabled.
When a source system with this feature enabled attempts to replicate to a "down-rev"
system without the feature enabled, replication will fail with an alert as follows:
"Replication of <project[/share]> failed because the target system's software does not
support replication updates from this system. Check the replication documentation for
details."
Compatibility and Interoperability
HTTP Clients Used as RESTful API Clients Must Support TLS Protocols
While any HTTP client can be used as a RESTful API client, the client must use a TLS
protocol because the SSLv2/3 protocols are no longer supported. Curl clients must use
curl version 7.34.0 or higher.
Windows 8 and Windows 2012 clients may not reconnect to the SMB server when the
server is upgraded from SMB 2.x to SMB 3.x dialect while the client holds a mapped
share. Oracle ZFS Storage Appliance software version OS8.7.0 (2013.1.7.0) and later
support SMB 3.0.
To try to resolve the issue, either reboot the client, or unmap the share (and wait
approximately 20 seconds for the client to clean up data related to the connection), and
then remap it again.
For more information about the issue, refer to Microsoft knowledge base article
2756452 - Windows 8: SMB reconnections fail with "Invalid Signature" upon server
upgrade to SMB 3.0.
Enabling the TLSv1.0 Protocol for Administration, WebDAV or FTP over TLS
The default protocol for the administrative BUI and CLI, as well as for HTTP extension
WebDAV, and FTP over TLS, no longer accepts TLSv1.0 connections. If connections
using that protocol are deemed acceptable and necessary by an administrator, they can
be enabled at the HTTPS, HTTP or FTP configuration pages in the BUI or similarly
using the CLI.
When setting I/O throttle limits on LUN(s) accessed from a Windows 2012R2 host
system via fiber channel, I/O device errors can occur (Windows error 1117) if the I/O
throughput rate exceeds the throttle limit set on the LUN(s).
In a cluster, a "takeover" operation initiated on head B using Configuration -> Cluster ->
Takeover to takeover from head A is considered a forced takeover operation. In routine
service procedures, such as in rolling cluster upgrade, it is preferable to reboot (or
power-off, if that is what is required) head A via the UI on head A - head B will takeover
automatically, anyway. Such a co-operative takeover both completes a little quicker and
allows features such as planned GRACE-less recovery for NFSv4 to operate.
Support for weak encryption types in Kerberos is disabled by default in the 2013.1.0.1
release. The weak types are arcfour-hmac-md5-exp, des-cbc-md5, and des-cbc-crc. If
your environment is using one of these weak ciphers, then until such time as your
infrastructure adopts stronger ciphers you can enable support for the weak encryption
types by navigating to Configuration->Services->Kerberos and checking "Allow weak
encryption types" in the BUI, or 'set krb5_allow_weak_crypto=true' and 'commit' at the
CLI.
iSCSI clients should not have a too-short session replacement timeout value
Improper configuration of Oracle Linux multipath settings can result in I/O failure during
system takeover, slow performance on client side reboots, and failed or non-recovered
paths. This applies to both FC and iSCSI connected LUNs. Refer to MOS Doc ID
1628999.1 for configuration instructions.
The 2013.1.5.0 release introduces a new property for NFSv4 numeric string IDs. If
these string IDs are enabled for an appliance with Oracle Linux clients running kernels
older than UEKr2 (2.6.39.x), file permissions are not properly reflected, and ownership
is changed to nobody:nobody.
Upgrade Oracle Linux clients to a kernel later than UEKr2 (2.6.39.x) for permissions to
appear correctly. If you are unable to upgrade these clients and must use NFSv4,
ensure that the numeric string IDs property is not enabled by navigating to the BUI
Configuration > Services > NFS view or the CLI configuration services nfs
context.
The default baud rate for serial connection under Oracle Linux can be too low, resulting
in soft lockup messages and a potential failure to boot. Increase the serial baud rate to
a higher value, 115200 is recommended, to alleviate this issue.
In cluster takeover and failback operations with client-side caching enabled, data
compare errors have been seen with NFSv4.0 and IBM AIX 6.1 and 7.1 operating
system versions. This is a client-side problem. To avoid this, disable client-side caching
by mounting with dio (direct I/O). First seen in release 2013.1.2.0.
Please see the Known Issues section for client-side interoperability related notes and
issues.
Known Issues
Each known issue is identified with a label of the form "RNnnn". Known issues are
tracked in subsequent minor/micro release notes using the same identifier label. These
labels are unique across all 2013.1 releases; when an issue is resolved, the identifier
label will not subsequently be reused to track another issue.
If a running replication send is cancelled and then restarted and some snapshots
within the replication action are deleted while the restarted replication send is
running, then in some cases the replication may fail. The source and target alert
logs do not include a specific failure reason for this case, and a service
representative would have to confirm an instance of this issue.
Retry the replication, and do not delete snapshots while it runs. This will clean up
the snapshot discrepancies and allow the replication to complete successfully. If
the repeated replication attempt fails then it is not this problem that is being
encountered. Log a service call if problems persist.
[RN003] stale pool config when failback races with fmd and sysevent handler
If a pool configuration is modified from the non-owner head and the pool
immediately passed back to the designated owner via a failback operation, there is
a small chance that import on the designated owner can fail:
Workaround
Perform such pool modification operations from the head that should own the pool.
If you do modify pool configuration from the non-owner head, wait at least 3
minutes after the operation before attempting failback.
Workaround
I/O will be interrupted to an encrypted share or LUN that does not share the same
encryption key as its parent project, when the project level key is deleted. Access
to the share or LUN is not lost, but I/O will be disrupted and will need to be
restarted from the client.
Workaround
[RN019] Large deletes on dedup enabled shares can cause I/O stall
When a large delete occurs on a share with deduplication enabled, NFS I/O can
stall to other shares contained within the same pool that also have deduplication
enabled. I/O will recover, but throughput will drop considerably until the delete
finishes.
Workaround
During cluster node reboots, takeovers, and failbacks, fibre channel paths will
become disabled with Oracle Linux 5, 6, and 7. Multipath rescans, and client
reboots will not fully restore lost paths.
Workaround
Workaround
Workaround
These messages can be safely ignored unless they persist after the operation is
complete, including resilvering if replacing a disk. Contact Oracle Service to resolve
the problem.
[RN028] Compound requests not failing with the same error code as returned
from previous
Due to the way the SMB server processes a compound request when opening a
file, Windows SMB clients can disconnect from the SMB shares. If a compound
request has create and read requests sent for processing by a Windows SMB
client, and if there is an error returned from the create request, the same error is
not returned for the read request.
Workaround
An issue may arise when an initiator (or target) group destroy is immediately
preceded by a LUN destroy, where the initiator group being destroyed is
associated with the destroyed LUN. When this condition occurs, the following CLI
message is observed:
Workaround
When scripting with the CLI or using the RESTful API to destroy an initiator group
immediately preceded by destroy of the LUN associated with the initiator group, a
minimum 1-second delay should be used after the LUN destroy and before the
initiator group destroy. To cleanup from this condition, the initiator group can be
destroyed from the cluster peer where the destroy failed.
For only the Oracle ZFS Storage Appliance ZS5 family, a controller fan module
failure is not indicated as a fault condition in BUI screen Maintenance > Hardware
> Fan, or in CLI context maintenance hardware select fan show. Also, the
following alert message is displayed:
Workaround
For only Oracle ZFS Storage ZS5-4, a controller system disk failure is not indicated
with a lit chassis Service Action Required indicator.
Workaround
Although the chassis fault indicator is not lit, the amber fault indicator on the
system disk, itself, is lit. Additionally, the faulted system disk can be identified in the
software.
For only Oracle ZFS Storage ZS5-4, the service processor might be reset if there is
interaction with the GRUB menu during controller boot. When monitoring a
controller power-on or reset operation using a serial console, the GRUB menu is
displayed. Some GRUB menu navigation actions, such as pressing ?e? to edit or
pressing arrow keys to scroll, cause the service processor to reset repeatedly,
which then prevents the controller from booting.
Workaround
If the controller does not boot, perform an AC power cycle to recover the service
processor. Power cycle the controller by either: 1) disconnecting the AC power
cords from the controller and then connecting them again; or 2) removing AC
power to the controller at its source and then applying it again.
To roll back the software, use the BUI or CLI instead of the GRUB menu. To
perform a factory reset operation, contact Oracle Service.
For only the Oracle ZFS Storage Appliance ZS5 family, removing or inserting an
I/O Module for an Oracle Storage DE3-24x disk shelf might not generate an alert.
However, the BUI and CLI correctly show I/O Module status, and the Fault indicator
is lit amber on the I/O Module.
First published in release notes of OS8.6.8 (2013.1.6.8)
Related bug IDs: 23237886
Workaround
Do not rely solely on alerts for I/O Module removal and insertion. To check the
status of an I/O Module, use the BUI Maintenance > Hardware screen, select a
disk shelf, and choose the Slot option. For the CLI, navigate to context
maintenance hardware and use the show command to view the status of each
system component.
Main BUI screen Hardware > Maintenance does not display an amber icon next to
an Oracle Storage DEx-24x disk shelf when a power supply has been removed.
However, the System Power indicator is lit amber on the physical disk shelf.
Workaround
Although the disk shelf icon is not amber in the main BUI Hardware > Maintenance
screen, you can select a disk shelf in this screen, and choose the PSU option to
display an accurate status for each power supply. For the CLI, navigate to context
maintenance hardware and use the show command to view the status of each
system component.
[RN044] Controller service indicator lit for disk shelf disk failure
For only the Oracle ZFS Storage Appliance ZS5 family, a faulted disk in an Oracle
Storage DE3-24x disk shelf incorrectly lights the controller's Service Action
Required indicator.
Workaround
Use the BUI or CLI to check the status of system components. For the BUI, use the
Maintenance > Hardware screen, select a disk shelf, and look for an amber disk
icon. For the CLI, navigate to context maintenance hardware and use the show
command to view the status of each system component.
[RN045] I/O Module removal not indicated in Maintenance Hardware
Main BUI screen Hardware > Maintenance does not display an amber icon next to
an Oracle Storage DEx-24x disk shelf when an I/O Module has been removed.
However, the Fault indicator is lit amber on the physical I/O Module.
Workaround
Although the disk shelf icon is not amber in the main BUI Hardware > Maintenance
screen, you can select a disk shelf in this screen, and choose the Slot option to
display an accurate status for each I/O Module. For the CLI, navigate to context
maintenance hardware and use the show command to view the status of each
system component.
Fiber channel LUN discover via cfgadm may fail using (cfgadm -c configure
cX) with the following error:
Workaround
Retry multiple times using the same command (# cfgadm -c configure cX).
[RN049] Zero NFSv4 I/O using UEK4 Branch 4.1.12-61.* -> 4.12-37.5
Workaround
Deduplication write workloads that mix large and small blocksize I/O can cause
degraded I/O throttling, and larger transactional syncing times could be observed.
Workaround
This failure to create the replication action needed to complete the share-level
replication reversal may arise when initiating the replication reversal via one of the
following methods:
The following methods can be used to ensure that the reverse process creates the
replication action that is required for sending incremental updates from the new
source to the old source following the reversal:
If the reverse operation fails to create the replication action, there is no way for the
new source to send incremental updates back to the old source. The only way to
reestablish replication of the reversed (actually severed) share is to create a new
replication action at the new source. This replication action will have to create a
new replication package on the old source and send a full update of the entire
share to the old source. It will not be possible to use the original replication
package at the old source for further replication updates .
First published in release notes of OS8.7.0 (2013.1.7.0)
Related bug IDs: 25789340
Workaround
For share-level replication, do not use the BUI to initiate replication reversal, and
avoid the pkgreverse command in the CLI or the RESTful API. Use reverse
instead.
Closed Issues
Table of Past Release Note IDs Closed in OS8.7.4 (2013.1.7.4) or an Earlier
OS8.x.x Release
The following table details known issues first noted in release notes of an earlier 2013.1
(OS8.1.0) release that are fixed in this release or an earlier OS8.x.x release:
First published
ID Synopsis in release notes
of ...
RN001 nas replication: can't clone project shared via CIFS 2013.1.0.1
(Bug ID 15615612)
RN004 data disk FW revision not updated on non-owner head 2013.1.0.1
(Bug ID 15797556)
RN005 During ZFSSA node takeover clients will intermittently 2013.1.1.0
experience Error 16: EBUSY (Bug ID 17518422)
RN006 I/Os fail after 3 mins during connection retry (Bug ID 2013.1.1.6
17822095)
RN007 Read I/O fails with heavy large blocksize load (Bug ID 2013.1.2.0
17959830)
RN009 Chown On NFSv4 Mounted Share Returns "Invalid 2013.1.2.0
Argument" (Bug ID 18763751)
RN014 Solaris 11.1 running as a VM intermittently fails with 2013.1.3.0
data compare errors (Bug ID 17771319)
RN015 NFSv4 I/O failure during Cluster rolling upgrade (Bug 2013.1.2.9
ID 19896493)
RN016 List dependents operation fails if cluster peer has 2013.1.3.0
numerous dependent datasets (Bug ID 20108934)
RN022 Replication package needs to update source 2013.1.4.0
properties after reversal (Bug ID 20803100)
First published
ID Synopsis in release notes
of ...
RN023 ZFS global hot spare state change needs to be 2013.1.4.2
reflected equally amongst all pools (Bug ID
15706407)
RN024 Pool configuration operations may conflict with disk 2013.1.5.0
firmware upgrades (Bug ID 19298066)
RN027 Long boot time on ZS3-2 product in excess of 7 OS8.6.0
minutes (Bug ID 22902327) (2013.1.6.0)
RN029 Insufficient space in /var for kernel core files (Bug ID OS8.6.0
16263417) (2013.1.6.0)
RN030 ClearCase usage via SMB fails with bad file descriptor OS8.6.0
(Bug ID 22721504) (2013.1.6.0)
RN031 Need to unretire stale retire_store entries (Bug ID OS8.6.0
22093669) (2013.1.6.0)
RN032 Multiple hangs on ZS4-4 due to rwlock contention OS8.6.0
(Bug ID 23278961) (2013.1.6.0)
RN033 asn reset during fw upgrade on simulator causes OS8.6.0
replication issues (Bug ID 23762075) (2013.1.6.0)
RN034 Extreme latency outliers can affect stability of client OS8.6.0
applications (Bug ID 22708002) (2013.1.6.0)
RN036 Unrecoverable USB Hardware Error reported on OS8.6.0
internal USB (Bug ID 20957047) (2013.1.6.0)
RN037 System hangs shortly after printing kernel banner; OS8.6.0
unresponsive to NMI (Bug ID 21905967) (2013.1.6.0)
RN038 zfs dtl missing data problems entries exists even after OS8.6.0
fw upgrade completes (Bug ID 21961912) (2013.1.6.0)
RN046 Rollback from OS8.7.0+ to pre-8.5.6 triggers panic at OS8.7.0
pmcs_flush_all_tgts_queues() (Bug ID 25357526) (2013.1.7.0)
RN048 ZFSSA snmpv3 traps with engineboots value zero OS8.7.0
(Bug ID 23294247) (2013.1.7.0)
RN051 Changing an auto-snapshot schedule can cause the OS8.7.0
replication target to stop destroying auto snapshots in (2013.1.7.0)
the replica (Bug ID 25770800)
Security Fixes
The following security-related change request IDs were fixed in release OS8.7.0 and
later:
Base CR ID Synopsis
15207695 Fix for CVE-2004-0230
Base CR ID Synopsis
15443267 Problem in KERNEL/IO-MULTIPATH
15547553 Problem in FILESYSTEM/GENERIC
15613524 Fix for CVE-2010-3508
15661139 Problem in LEGACY/TCP-IP
15667862 Problem in KERNEL/RCTL
15769690 Problem in UTILITY/SMF
15785338 Problem in KERNEL/PRIVILEGE
15790488 Problem in SERVICE/NETWORK-CONFIG
15806373 Problem in UTILITY/SECURITY
15810352 Problem in KERNEL/DEVNAME
16194812 Problem in KERNEL/SYSCALL
16436833 Problem in UTILITY/SECURITY
16489633 Problem in FILESYSTEM/DEVFS
16508625 Fix for CVE-2013-4242
16667792 Problem in DRIVER/USB-HUBD
17183461 Problem in UTILITY/OTHER
17222828 Fix for CVE-2013-4242
17245181 Problem in LEGACY/TCP-IP
17251536 Problem in UTILITY/AUDIT
17399539 Problem with KERNEL/IPFILTER
17839385 Problem with FILESYSTEM/SOCKFS
18045743 Problem in FILESYSTEM/GENERIC
18663517 Problem in SERVICE/NETWORK-CONFIG
18720455 Problem in SERVICE/NETWORK-CONFIG
18720507 Problem in SERVICE/NETWORK-CONFIG
18720560 Problem in SERVICE/NETWORK-CONFIG
18726230 Problem in SERVICE/NETWORK-CONFIG
19065821 Problem in FILESYSTEM/SOCKFS
19490618 Fix for CVE-2014-9491
19535331 Fix for CVE-2014-5461
20096295 Problem in LIBRARY/LIBELFSIGN
20537510 Problem in UTILITY/SMF
20538014 Problem in KERNEL/CRYPTO-ALGS
20801901 Fix for CVE-2015-2806
20859386 Problem in LIBRARY/LIBELFSIG
20997055 Problem in KERNEL/SYSCALL
21345691 Fix for CVE-2015-2059
21394653 Fix for CVE-2003-1418
21514375 Problem in SERVICE/FTP-SERVER
Base CR ID Synopsis
21538687 Problem in API/REST
21544351 Fix for CVE-2015-5621
21549712 Problem in LIBRARY/NSSWITCH-LDAP
21930954 Problem in KERNEL/DTRACE
22231801 Fix for CVE-2015-8241
22256466 Fix for CVE-2015-8317
22503897 Fix for CVE-2015-8540
22563690 Fix for CVE-2015-8126
22575858 Fix for CVE-2016-0737, CVE-2016-0738
22600751 Fix for CVE-2015-8472
22633305 Fix for CVE-2015-7981
22829425 Fix for CVE-2016-0702, CVE-2015-3195, CVE-2016-0797, CVE-2016-
0799
22870289 Problem in UTILITY/SMB
22879627 Fix for CVE-2016-2774
22919363 Problem in SERVICE/PROFTPD
23133372 Fix for CVE-2016-0787
23133401 Fix for CVE-2015-1782
23182028 Fix for CVE-2016-4076, CVE-2016-4077, CVE-2016-4083, CVE-2016-
4084
23182065 Fix for CVE-2016-4085
23182108 Fix for CVE-2016-4078-4081, CVE-2016-4006, CVE-2016-4082, CVE-
2016-4078, CVE-2016-4079, CVE-2016-4080
23196506 Fix for CVE-2016-3627
23215304 Problem in KERNEL/ARCH-X86
23216678 Problem in SERVICE/NTP
23226057 Fix for CVE-2016-4483
23255128 Problem in RAS/PHONEHOME
23261359 Problem in RAS/PHONEHOME
23303853 Fix for CVE-2016-0718
23305021 Fix for CVE-2015-1283
23313908 Fix for CVE-2016-2335
23313942 Fix for CVE-2016-2334
23345233 Fix for CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-
1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-
3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449
23477166 Fix for CVE-2015-8853
23478655 Problem in KERNEL/SYSCALL
23522196 Fix for CVE-2016-4957
23522207 Fix for CVE-2016-4953
Base CR ID Synopsis
23522211 Fix for CVE-2016-4954
23522221 Fix for CVE-2016-4955
23522226 Fix for CVE-2016-4956
23553239 Fix for CVE-2016-5350, CVE-2016-5351, CVE-2016-5352, CVE-2016-
5353, CVE-2016-5354, CVE-2016-5355, CVE-2016-5356, CVE-2016-
5357, CVE-2016-5358
23554695 Fix for CVE-2016-5300
23571894 Fix for CVE-2016-5636
23586950 Fix for CVE-2016-0772
23602808 Fix for CVE-2016-5699
23640789 Problem in UI/BUI
23640822 Problem in UI/BUI
23642081 Problem in UI/BUI
23717724 Problem in CORE/FTP
23856628 Fix for CVE-2016-6185
23857028 Fix for CVE-2016-6185
24301677 Problem in FILESYSTEM/ZFS
24311941 Fix for CVE-2016-5387, CVE-2016-1000104
24313809 Problem in RAS/PHONEHOME
24313997 Problem in RAS/PHONEHOME
24320031 Fix for CVE-2016-6210
24334616 Fix for CVE-2016-6261, CVE-2016-6262, CVE-2016-6263, CVE-2015-
8948
24372928 Fix for CVE-2016-6503, CVE-2016-6504, CVE-2016-6505, CVE-2016-
6506, CVE-2016-6507, CVE-2016-6508, CVE-2016-6509, CVE-2016-
6510, CVE-2016-6511, CVE-2016-6512, CVE-2016-6513
24380574 Problem in CORE/TLS
24409702 Fix for CVE-2016-3739
24409713 Fix for CVE-2016-5419
24409726 Fix for CVE-2016-5420
24409740 Fix for CVE-2016-5421
24426788 Problem in UI/BUI
24461706 Fix for CVE-2015-8325
24624910 Fix for CVE-2016-7175
24624911 Fix for CVE-2016-7175
24625006 Fix for CVE-2016-7176
24625008 Fix for CVE-2016-7177
24625010 Fix for CVE-2016-7178
24625014 Fix for CVE-2016-7179
24625024 Fix for CVE-2016-7180
Base CR ID Synopsis
24625025 Fix for CVE-2016-7176
24625026 Fix for CVE-2016-7177
24625027 Fix for CVE-2016-7178
24625028 Fix for CVE-2016-7179
24625029 Fix for CVE-2016-7180
24681876 Fix for CVE-2016-2776
24823869 Problem in FMA/CORE
24832800 Fix for CVE-2016-7167
24923674 Fix for CVE-2016-8858
24937255 Fix for CVE-2016-8864
25052021 Fix for CVE-2016-9190
25116776 Fix for CVE-2016-9372
25116782 Fix for CVE-2016-9373
25116787 Fix for CVE-2016-9374
25116788 Fix for CVE-2016-9375
25116790 Fix for CVE-2016-9376
25129656 Fix for CVE-2016-9311, CVE-2016-9310, CVE-2016-7427, CVE-2016-
7428, CVE-2016-9312, CVE-2016-7431, CVE-2016-7434, CVE-2016-
7429, CVE-2016-7426, CVE-2016-7433
25139575 Fix for CVE-2016-8704, CVE-2016-8705, CVE-2016-8706
25211003 Fix for CVE-2016-3191
25217101 Problem in HTTP/OBJSTORE
25299312 Problem in KERNEL/NFSV4
25471657 Problem in UI/BUI
Other Fixes
Table of Key Change Requests Fixed in OS8.7.4
The following non-security-related change request IDs were fixed in this release:
The following non-security-related change request IDs were fixed in this release:
Legal Notices
Copyright Information
This software and related documentation are provided under a license agreement
containing restrictions on use and disclosure and are protected by intellectual property
laws. Except as expressly permitted in your license agreement or allowed by law, you
may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute,
exhibit, perform, publish, or display any part, in any form, or by any means. Reverse
engineering, disassembly, or decompilation of this software, unless required by law for
interoperability, is prohibited.
The information contained herein is subject to change without notice and is not
warranted to be error-free. If you find any errors, please report them to us in writing.
U.S. GOVERNMENT END USERS. Oracle programs, including any operating system,
integrated software, any programs installed on the hardware, and/or documentation,
delivered to U.S. Government end users are "commercial computer software" pursuant
to the applicable Federal Acquisition Regulation and agency-specific supplemental
regulations. As such, use, duplication, disclosure, modification, and adaptation of the
programs, including any operating system, integrated software, any programs installed
on the hardware, and/or documentation, shall be subject to license terms and license
restrictions applicable to the programs. No other rights are granted to the U.S.
Government.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names
may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All
SPARC trademarks are used under license and are trademarks or registered
trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD
Opteron logo are trademarks or registered trademarks of Advanced Micro Devices.
UNIX is a registered trademark of The Open Group.
Ce logiciel et la documentation qui l'accompagne sont protgs par les lois sur la
proprit intellectuelle. Ils sont concds sous licence et soumis des restrictions
d'utilisation et de divulgation. Sauf disposition de votre contrat de licence ou de la loi,
vous ne pouvez pas copier, reproduire, traduire, diffuser, modifier, breveter,
transmettre, distribuer, exposer, excuter, publier ou afficher le logiciel, mme
partiellement, sous quelque forme et par quelque procd que ce soit. Par ailleurs, il
est interdit de procder toute ingnierie inverse du logiciel, de le dsassembler ou de
le dcompiler, except des fins d'interoprabilit avec des logiciels tiers ou tel que
prescrit par la loi.
U.S. GOVERNMENT END USERS. Oracle programs, including any operating system,
integrated software, any programs installed on the hardware, and/or documentation,
delivered to U.S. Government end users are "commercial computer software" pursuant
to the applicable Federal Acquisition Regulation and agency-specific supplemental
regulations. As such, use, duplication, disclosure, modification, and adaptation of the
programs, including any operating system, integrated software, any programs installed
on the hardware, and/or documentation, shall be subject to license terms and license
restrictions applicable to the programs. No other rights are granted to the U.S.
Government.
Oracle et Java sont des marques dposes d'Oracle Corporation et/ou de ses affilis.
Tout autre nom mentionn peut correspondre des marques appartenant d'autres
propritaires qu'Oracle.
Intel et Intel Xeon sont des marques ou des marques dposes d'Intel Corporation.
Toutes les marques SPARC sont utilises sous licence et sont des marques ou des
marques dposes de SPARC International, Inc. AMD, Opteron, le logo AMD et le logo
AMD Opteron sont des marques ou des marques dposes d'Advanced Micro Devices.
UNIX est une marque dpose d'The Open Group.