ScaleArc - Release Notes & Known Issues – ScaleArc Support

The latest release as of November 2021 is ScaleArc 2021.1.

Defects Resolved

Key	Description
SCALEARC-20795	Problem: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. See CVE-2018-15686. Fix: Update to systemd-241 or higher.
SCALEARC-20795	Problem: An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. Affects samba versions upto and including 4.12.6. See CVE-2020-1472 Fix: Update to samba 4.12.7 or higher.
SCALEARC-20957	Problem: ScaleArc clusters not closing config replication connections causing a connection starvation situation. Fix: Correct the high availability configuration process.
SCALEARC-21094	Problem: For PostgreSQL DB servers, during prepared statement executions, ScaleArc would consider the errors that happened during the preparation phase as internal errors and would close the connection without sending the error response received from the DB server to the client. Fix: do not close the connections in the case of DB errors in the preparation phase, and send the error response sent by the database server to the client.

Note: Release Notes for older versions can be obtained from the Release Portal.

Note: This table will be gradually updated from customer tickets as known issues get identified.

Issue Description	Jira Case ID	Fixed-In Version