Ensemble News, Alerts, and Advisories

Receive these Ensemble News, Alerts, and Advisories by E-mail

September 15, 2008 - ECP Recovery Defect

InterSystems has corrected a defect that, in very rare cases, can cause problems with ECP recovery.

This defect exists on all platforms and in all currently released versions of Caché and Ensemble, except for Caché 2007.1.5 and Caché 2008.1.2 where it has been already fixed.

Systems that do not use ECP, or only use ECP for coordination of Caché clustering on VMS are not at risk for this problem.

The defect can occur only within a small interval during server failure and recovery. Operations begun after recovery is complete are unaffected.

There are several potential failure modes:

1) ECP processes on the server may crash during recovery. These events are logged in the cconsole file.

2) $INCREMENT operations may be applied to the wrong database resulting in application level data corruption. Database update operations other than $INCREMENT are not at risk.

3) Other operations such as $ORDER, $GET, and $DATA may retrieve data from the wrong database.

The correction for this defect is identified as GK659. It is available to all customers via an Ad Hoc distribution. It is also included in the upcoming 2008.2 release of Caché and Ensemble.

If you have any questions regarding this, please contact the InterSystems Worldwide Response Center - support@InterSystems.com.

April 1, 2008 – Security Advisory, Programmer Mode Role Modification

InterSystems has corrected a security issue that allows granting of unauthorized roles.

This defect exists in all currently released versions of Caché starting with Caché 5.1 and for all versions of Ensemble. The defect exists on all platforms.

InterSystems believes the risk from this defect is low. The unauthorized granting is only possible from the programmer mode command line, and most systems have already restricted programmer mode access to trusted users.

The correction for this defect is identified as STC1352 and is available from InterSystems as an Ad Hoc distribution.

If you have any questions regarding this, please contact the InterSystems Worldwide Response Center (WRC).

January 7, 2008 – Incorrect Rollback of SET $BIT Operation

InterSystems has corrected several Caché & Ensemble defects that, in rare instances, can cause rollback of SET $BIT operations within transactions to corrupt data.

The use of the SET $BIT operation outside of transactions is not subject to these defects.

These defects exist, to varying degrees, in all currently released versions. Actual database updates are performed correctly. Affected entries in the database are only corrupted by transaction rollback of the SET $BIT operation.

One defect results in the old data value of a SET $BIT operation being incorrectly journalled. This is only of concern when a rollback is necessary since the old value to be restored is incorrect.

The second defect occurs if two transactions affecting the same $BIT value are rolled back concurrently. It is possible for the values to be applied out of order resulting in an incorrect final value.

The corrections for these defects, identified as HYY1359, SJ1831, SJ1929 and SJ2281 will all be included in the upcoming 2008.1 Release. They are also available from InterSystems WRC in an Ad Hoc distribution.

If you have any questions regarding this, please contact the InterSystems Worldwide Response Center (WRC).