Common Gateway Updates
Common Gateway - Security Fixes
The following security fix applies to both Classic Gateway and NextGen Gateway.
Known Vulnerability in Google Chrome Package
We have identified and addressed multiple critical vulnerabilities in the embedded Google Chrome browser in OpsRamp Gateway. These are high-risk browser engine bugs that can allow remote code execution or compromise when a user or synthetic probe uses Chrome to open malicious content.
Chrome has been upgraded to the stable version 143.0.7499.40, eliminating known security threats.
Known Vulnerability in Firefox Package
We have identified and addressed security vulnerabilities in Firefox. The previously bundled version was outdated and missing recent Mozilla and Ubuntu fixes, creating risks of remote code execution or data exposure from malicious web content.
Firefox has been upgraded to the stable version 141.0.2 to align with current security standards.
Classic Gateway - Security Fixes
The following security fixes apply to Classic Gateway.
Django Framework Update
We have identified and addressed known vulnerabilities in the Django framework, including risks of SQL injection and denial-of-service that have been fixed.
runC (Container Runtime) Update
We have identified and addressed the vulnerabilities found in the runC container runtime as part of the OS and package refresh.
If you are planning to upgrade to version 20.1.0, no action is required. The patch will automatically update the packages.If you are not upgrading to 20.1.0, you must manually update the packages for Classic Gateway. See the Update Instructions page for more information.
Common Gateway Enhancements
Enhanced Network Path Analysis
OpsRamp Gateway now supports network path analysis between any two devices—not just hosts. You can specify Source and Destination endpoints from both the Add Endpoint page and directly in the Path Analysis interface.
Note
When network-to-network path analysis gets executed and fails at the initial node, the status shows running. This is a known issue and will be fixed in the next release.For more information, see Add Endpoints and Perform Path Analysis.
Added “Follow Redirects” Option for HTTP/HTTPS Configuration
You can now configure the Follow Redirects option when creating HTTP/HTTPS monitors, allowing control over redirect behavior and customization of the maximum number of redirects (1–50).
For more information, see Synthetics.
WLAN Discovery: Duplicate Access Point Issue Fixed
You will no longer encounter duplicate access point entries during WLAN discovery caused by access points without a serial number. The system now ignores discovered access points with empty serial numbers, ensuring accurate and duplicate-free discovery results.
SNMP Subnet Discovery: Network and Broadcast Address Exclusion Fixed
Fixed an issue in SNMP subnet discovery where the network IP address was not consistently excluded when a subnet was specified in the include IP list. The discovery engine now reliably excludes both network and broadcast addresses during SNMP discovery, regardless of include or exclude IP list configuration.
SNMP Trap Handling: Enhanced Support for Japanese Characters
OpsRamp Gateway now correctly processes Japanese characters in SNMP trap alerts, regardless of whether the traps are sent in Shift_JIS or UTF-8 encoding. Alert subjects and descriptions will display Japanese text as intended.
Configuration Backup Support for Viptela vEdge Devices
OpsRamp Gateway now reliably backs up configurations for Viptela vEdge and cEdge routers. The gateway automatically identifies these models and runs the correct commands, ensuring complete backup coverage.
Improved Reliability for DNOS Device Backups
Configuration backups for DNOS switches are now more dependable. If the device is slow to respond to the initial newline (\n), the gateway waits one minute and then retries, ensuring scheduled backups succeed even with delayed device responses.
Enhanced Network Configuration Backup: Retry Support
Network Configuration Backup now automatically retries backups for devices that fail during the initial backup process. You can configure both the number of retries and the interval between each retry attempt. Alerts are generated only after all your configured retry attempts are completed. If any devices remain in a failed state after the final retry, you’ll receive an alert for those devices.
VMware Monitoring Enhancements
VMware VirtualMachine Performance - v12 Template
A new template, VMware VirtualMachine Performance - v12, is now available for all supported VMware versions. This template introduces monitoring for the new metric vmware_cpu_readiness_average, providing deeper insights into virtual machine CPU scheduling and performance.
For more information, see VMware VirtualMachine Performance - v12.
Cluster Host Total Count Metric (Cluster Performance - v8)
A new metric, vmware_cluster_host_total_count, has been added to the VMware Cluster Performance - v8 template. This metric displays the total number of hosts in a VMware cluster.
For more information, see VMware Cluster Performance - v8.
Cluster Availability Metric
A new metric, vmware_cluster_status_by_hosts_availability, has been added to the VMware Cluster Availability template. This enhancement allows users to monitor the status of VMware clusters based on the availability of hosts within each cluster.
For more information, see VMware Cluster Availability.
VMware Host Performance - v11 Template
A new template, VMware Host Performance - v11, has been added to the recommended VMware templates. This template introduces support for the new performance metric vmware_cpu_readiness_average, along with a comprehensive set of host and resource metrics to enhance VMware host monitoring.
For more information, see VMware Host Performance - v11.