On February 19, 2021, we released a new version of Apigee Edge for Private Cloud.
Updating this release will update the components in the following list of RPMs:
You can check the RPM versions you currently have installed, to see if they need to be updated, by entering:
To update your installation, perform the following procedure on the Edge nodes:
On all Edge nodes:
- Clean the Yum repos:
sudo yum clean all
- Download the latest Edge 4.50.00
curl https://software.apigee.com/bootstrap_4.50.00.sh -o /tmp/bootstrap_4.50.00.sh
- Install the Edge 4.50.00
apigee-serviceutility and dependencies:
sudo bash /tmp/bootstrap_4.50.00.sh apigeeuser=uName apigeepassword=pWord
where uName:pWord are the username and password you received from Apigee. If you omit pWord, you will be prompted to enter it.
- Update the
sudo /opt/apigee/apigee-service/bin/apigee-service apigee-setup update
- Use the
sourcecommand to execute the
- Clean the Yum repos:
Update all Cassandra nodes:
/opt/apigee/apigee-setup/bin/update.sh -c cs -f configFile
where configFile specifies the configuration file that you used to install Apigee Edge for Private Cloud. For example,
- On all Edge nodes, execute the
update.shscript for the
edgeprocess. To do this, execute the following command on each node:
/opt/apigee/apigee-setup/bin/update.sh -c edge -f configFile
- Execute the
update.shscript for SSO on all nodes. On each node, execute the following command:
/opt/apigee/apigee-setup/bin/update.sh -c sso -f configFile
Changes to supported software
Tomcat has been upgraded to version 7.0.105 in this release.
Deprecations and retirements
There are no new deprecations or retirements in this release.
This release introduces the following new features:
- Apigee now supports setting connection timeouts with LDAP resources. By default, there is no timeout. See Managing LDAP Resorces.
- Added support for JMX with SSL for Cassandra authentication, which provides additional security and encryption.
The following table lists the bugs fixed in this release:
|166766984||Apache Tomcat has been upgraded to version 7.0.105.|
|165843063||Management server was listening on the wrong port (8080) in response to the
Custom variables were sometimes not shown in UI reports.
This process has been improved and made more robust.
Empty messages to the MessageLogging policy were causing it to flood logs with warnings.
Empty messages are now handled correctly.
Some incorrect directory permissions in
Some silent variables were misspelled.
The silent install variable
It wasn't possible to configure a read timeout for the LDAP policy.
A feature has been added to support I/O connection timeout with LDAP resource in case of JNDI. The default is that there is no timeout.
Configuring cipher suites when enabling TLS for Management API was not working correctly.
Message processors were sending unused fields to Analytics by default.
Security issues fixed
The following is a list of known security issues that have been fixed in this release. To avoid these issues, install the latest version of Edge Private Cloud.
The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
Affected Versions: Apache Tomcat 10.0.0-M1 to 10.0.0-M6, Apache Tomcat 9.0.0.M1 to 9.0.36, Apache Tomcat 8.5.0 to 8.5.56, and Apache Tomcat 7.0.27 to 7.0.104.
Assertions that are used to validate HTTP responses were not required to be signed, leading to a potential security issue.
Assertions are now required to be signed.