FIRMWARE CHANGE HISTORY ----------------------- Lenovo RackSwitch G7052 Version 8.1.4.0 (Released June 2016) ** changes since release 8.1.3.0 * Enhancements: ------------- NONE Changes: -------- - Enabled the support for SFTP (Secure File Transfer Protocol) protocol on the switch. (48368) Fixes: ------ - "show access-control group " would not include ACL IPV6 128 in the output, even if it were part of the ACL group. (49858) - The switch’s browser based interface (BBI) was susceptible to security vulnerabilities XSS (stored cross-site scripting) and CSRF (cross-site request forgery). The web security policy mechanism HSTS (HTTP Strict Transport Security) has been implemented on BBI. (49409, 49427, 49471) - The switch’s browser based interface (BBI) would fail to honor the “cache-control=no-cache” directive and still cache the pages. The value of the “cache-control” directive has been changed from “no-cache” to “no-store”. (49475) - A crash would occur when the switch is trying to authenticate users using LDAP, where the user group from the LDAP server is wrongly configured with an unsupported object class. (47394) - Switch could crash when enabling HTTPS protocol, while the switch were trying to connect to the VSI Manager. (50435) - If the switch were booted directly from USB the image signature would not be verified. The image signature would also not be verified if the image were copied to the switch flash from USB using the CLI command “usbcopy fromusb” or its equivalent using SNMP or BBI. (55780,54813) - "show ldap-server" command displays secondary server IP for current LDAP server instead of the primary. (55372) - Switch would fail to upload the tech support dump through SNMP with the tftp option. In addition, “Bad file ID 0" messages would be displayed on the console. (51195) ======================================================================================== Lenovo RackSwitch G7052 Version 8.1.3.0 (Released Feb. 2016) ** changes since release 8.1.2.0 ** Enhancements: ------------- NONE Changes: -------- NONE Fixes: ------ - Enable NIST SP -800 131a ,an industry wide security standard that implements strong cryptographic cypher policies. (43603) - The hwMTM variable is added to the SNMP MIB to allow reading of the Machine Type Model of the switch. (44107) - When the reset button is pressed, it could interrupt an I2C transaction and lock up the I2C bus leading to a hang in the desired switch reset. A fix was added to prevent this sequence of events occurring. (43168) - Using Cisco ACS, version 5.3 and above, to authenticate users with TACACS protocol, could lead to the User Interface thread (SSHD,AGR,TNET,CONS) to be suspended forever, thereby denying any further authentication with the TACACS protocol. (LV307694/7383) ======================================================================================== Lenovo RackSwitch G7052 Version 8.1.2.0 (Released Sept. 2015) ** changes since release 8.1.1 ** Enhancements: SLP --- Service Location Protocol (SLP) provides a dynamic configuration mechanism for applications in local area networks. Applications are modeled as clients that need to find servers attached to any of the available networks within an enterprise. Changes: - The output of “show tech-support” now includes the isCLI commands as headers before their respective output. (38125) Fixes: - The SNMP Object hwPartNumber (.1.3.6.1.4.1.20301.2.7.18.1.3.1) would return the MTM instead of the hardware part number. (37948) - If the serial number of the switch was changed, the user was prevented from successfully installing a new image, and the message “image contains invalid signature” would be displayed. (40638) - Extended the ability to support Dual Speed 1/10G MMF SFP+ Transceivers. (LV311542,LV311078,LV312616) - The user is incorrectly prompted for "setup configuration" upon login even though configuration had been applied and saved, and the startup configuration block was set to active. (39158) - A crash could occur when copying startup configuration to running configuration using NETCONF management protocol. (38824) ======================================================================================== Lenovo RackSwitch G7052 Version 8.1.1.0 (Released Sept. 2015) Enhancements: ------------- Log Packet Dropping: This CLI driven feature provides a logging mechanism for dropped packets. Packet drop information is logged periodically. Useful for traffic engineering. MIB Module Identity: MIB Module Identity is added in this release. This feature provides build date, build version in proprietary MIB file that helps to recognise and version control the MIB file. IPV6 ACL Support in MIB: Added this feature in MIB to configure IPV6 ACLs through SNMP. Changes: -------- NONE Fixes: ------ Applicable general L2 fixes are incorporated in this release. ========================================================================================