In the last few months, our development team has been hard at work building the new release of Zmanda 3.6. We are incredibly excited to be sharing this with you!
With newly added features, we are making backup easier and more reliable than ever before.
Some of Zmanda 3.6 new features and enhancements include;
- Zmanda Backup Appliance upgraded to CentOS 7
- An operating image with Amanda enterprise setup available for trial
- Improved Zmanda Windows Client to avoid memory leaks
- Reports made more legible
- The ability to remove the tape automatically from the drive, once the backup is complete
The features that stand out in this version are:
- Customers can now choose the type of notifications they wish to receive.
2. Enhancements to the scheduling system have been made, where customers can choose the days when they want an incremental/ full backup.
The release comprises of the following but not limited to defect fixes for Amanda Enterprise.
- Updating configuration made easy: The customer can now update the auto label property in the YAML file, which in turn updates the Amanda configuration file with a proper format without overwriting.
- More legible reports: Custom page in reports section has been enhanced to display Backup Duration time in hh:mm:ss format which was empty earlier.
- Pagination issue fixed: The pagination issue for Backup -> Media page has been resolved now for Tape backups.
- Successful restoration with custom algorithm: Restore is successful now for Custom Server-side.
- ‘No’ capital letters: Capital letters were not allowed for creating users in Admin -> Create Users Tab.
- Custom encryption restoration: Restore with custom encryption algorithm failed is now fixed.
- Encryption for windows machine: Restore with custom server-side encryption for Windows backups failed.
- Change in password fixed for Windows client: Restart of Zmanda Windows Client service was failing after changing service password.
- Report generation fixed for windows: Windows DLE reports were not visible.
- Report page fixed missing data issue: Backup duration field was previously not getting filled with data.
- Aimed at NDMP backup, the DLE names support whitespace: NDMP backup crashed when the NDMP DLE name had white spaces.
- Option fixed for tape media: Archive, Recycle and Drop for Tape media was failing.
- Windows level 1 backup fixed for restoration: Level-1 backup media was not getting recognized during restore for windows applications.
- Listing for tape drives fixed: Tape drives were not listed in Backup -> Where page if the Tape is not loaded in the drive.
The Advanced tab is removed from Amanda Enterprise 3.6 to prevent security flaws.
Let’s have a look at the Security issues that are fixed in Amanda Community for this release:
- The patch for CVE-2016-10729 issue used WHITELIST approach to filter the tar arguments for runtar During the same time options filtering implementation was done for amgtar, amstar, and ambsdtar. But those changes were done using the BLACKLIST approach. And hence option “-F” for amgtar application can be used to get the data that should only be allowed by the root user. The similar issue was present with amstar application.
- Fixes added to filter the WHITELIST options for amgtar and amstar
- Filtered star arguments with WHITELIST approach.
- Filtered dump and xfsdump arguments with WHITELIST approach.
- The same approach was taken with “rundump” application for exploiting the security issue, “rundump” application was not doing any option filtering.
- Fixes added to filter command argument with WHITELIST approach.
- Using getopt() to check the command option, failed to check the blacklist option if the command arguments are provided at the end. For example:
- In command below, “-F” is a blacklisted option. But providing command option like specified below was not filtering the options.
/usr/lib/amanda/rundump NOCONFIG xfsdump -0f /dev/null /sys -F “echo test”
It was working fine when the command was provided like mentioned:
/usr/lib/amanda/rundump NOCONFIG xfsdump -0f /dev/null -F “echo test” /sys
To get the best performance from the product, please upgrade today.