| Reference Number | Related Article | Found In |
Fixed In |
Issue Description |
| DXL-4375 | SB10307 | DXL 5.0.2 Hotfix 1 |
Issue: DXL Broker service on Windows doesn’t contain a quoted string for a binary path. | |
| DXLM-3845 | SB10287 | DXL 5.0.0 | DXL 5.0.1 Hotfix 4 |
Issue: CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 regarding C |
| 1270387 | SB10258 SB10272 |
DXL 5.0.0 | DXL 5.0.1 Hotfix 2 | Issue: CVE-2019-3598 and CVE-2018-6703 regarding vulnerabilities with McAfee Agent on McAfee Linux Operating System (MLOS). |
| 1259156 | - | DXL 5.0.0 | DXL 5.0.1 |
Issue: CVE-2018-15473 regarding an OpenSSH vulnerability.
|
Data Exchange Layer Broker 5.x Known Issues
Technical Articles ID:
KB90991
Last Modified: 2021-12-02 20:40:44 Etc/GMT
Last Modified: 2021-12-02 20:40:44 Etc/GMT
Environment
Data Exchange Layer (DXL) Broker 5.x
Summary
Recent updates to this article:
Product release information
GA = General Availability
RTS = Released to Support
IMPORTANT:
Click to expand the section you want to view:
n/a = not applicable
Back to top
| Date | Update |
| December 2, 2021 | Clarified that this article now only applies to the DXL Broker. All client DXL 5.0 and later issues are now handled with MA Known Issues articles. |
| February 18, 2020 | Added related article link to DXL-4375 in the Critical DXL Broker known issues section. |
To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
Product release information
| DXL Broker Version | Release Date | Release Notes |
| DXL 5.0.2 Hotfix 1 (GA) | February 11, 2020 | Release Notes |
| DXL 5.0.2 (GA) | September 10, 2019 | Release Notes |
| DXL 5.0.1 Hotfix 3 (GA) | May 7, 2019 | Release Notes |
| DXL 5.0.1 Hotfix 2 (GA) | April 9, 2019 | Release Notes |
| DXL 5.0.1 Hotfix 1 (RTS) 1 | March 12, 2019 | Not available |
| DXL 5.0.1 (GA) | February 26, 2019 | Release Notes |
| DXL 5.0.0 Hotfix 1 (RTS) 1 | December 17, 2018 | Not available |
| DXL 5.0.0 (GA) | November 13, 2018 | Release Notes |
RTS = Released to Support
| 1 | We investigated this issue and a solution is currently available. This solution is currently not generally available, but is in Released to Support (RTS) status. To obtain the RTS build, log on to the ServicePortal and create a Service Request. Include this article number in the Problem Description field.
See KB51560 - On-premises product release cycle for more information. |
Issue resolutions in updates and major releases are cumulative; Technical Support recommends that you install the latest version. To find the most recent release for your product, go to the Product Downloads site.
IMPORTANT:
- This article applies only to the DXL Broker.
- The DXL 5.0.0 client and later is now integrated with MA 5.6.0 and later. It’s no longer a standalone component deployed by DXL.
- All DXL client issues are contained within the McAfee Agent Known Issues articles.
Click to expand the section you want to view:
| Reference Number | Related Article | Found In |
Fixed In |
Issue Description |
| BZ: 272268 DXLM-3804 | - | 5.0 | DXL 5.0.2 |
Issue: The DXL extension reports incorrect time zone. |
| DXLM-3874 | KB91155 | 5.0 | DXL 5.0.2 | Issue: Unable to disable connection attempts by the DXL C++ client to the broker. Resolution: DXL client can now be prevented from connecting to the broker. For more information, see the related article. |
| 1270186 | SB10279 | 5.0.0 | DXL 5.0.1 Hotfix 2 | Issue: Sensitive information is being logged in the MLOS broker. |
| 1266922 | - | 4.1.0 | DXL 5.0.1 Hotfix 1 | Issue: During the ePO certificate migration process, IPE doesn’t connect to the Broker after you restart the service. |
| DXLM-3032 | - | 5.0.0 | DXL 5.0.1 Hotfix 1 | Issue: The DXL upgrade fails when you upgrade from DXL 4.1.2 to DXL 5.0.0 or 5.0.1. The following error messages are recorded in the Platform Upgrade Log
|
| DXLM-3089 | - | 5.0.0 5.0.1 |
DXL 5.0.1 Hotfix 1 | Issue: When calculating the Time to Live (TTL) for an Identity and Access Management (IAM) token, the extension uses the ePO server local time. If the time on the ePO server is set to future, the token is determined as expired. |
| 1266421 | - | 5.0.0 | DXL 5.0.1 | Issue: Agent wake-up call fails when it’s sent to multiple systems over DXL. |
| 1263125 1263124 |
- | 5.6.0 | - | Issue: MA 5.0 installer for Linux contains two identical dxl.zip files. This issue is cosmetic only: 49cf7e65e4cb590144f866bc4bed8ba3b76717fa DXL.zip |
| 1265094 | - | 5.6.0 | - | Issue: DXL 5.0.0 fails to install on systems that had an old version of |
| 1265103 | - | 5.6.0 | - | Issue: DXL fails to upgrade if another product using MSI is installed concurrently. (Windows) |
| 1262367 | - | 5.0.0 | DXL 5.0.1 |
Issue: The broker platform doesn’t successfully restart after an upgrade to DXL 5.0.0 when a custom port is used.
Resolution: DXL 5.0.1 supersedes 5.0 Hotfix 1.
|
| 1260833 | - | 5.0.0 | DXL 5.0.1 | Issue: The broker platform upgrade doesn’t successfully upgrade the DXL 4.1.1 and 4.1.2 MLOS platforms to DXL 5.0.0. |
| 1261449 | - | 5.0.0 | DXL 5.0.1 |
Issue: The Java client connection status isn’t included in the DXL Connection Status queries and reports. |
| 1263569 | - | EPR Tool |
- | Issue: Endpoint Product Removal (EPR) tool doesn’t remove all versions of Data Exchange Layer. The EPR tool is a utility customers might use to uninstall all McAfee endpoint products. Because the tool might not fully remove all components and registry items related to a product, customers might experience install or upgrade issues after they use the EPR tool. (References to their product or components, such as Always make sure that you use the latest EPR Tool release. |
| 1260610 | - | 5.0.0 | - | Issue: When you install DXL on macOS systems, the installer doesn’t detect if a newer version of DXL is installed. The older version is installed even if there’s a newer version present. This result occurs on all versions of DXL that support macOS. |
| 1256248 | - | 5.0.0 | - | Issue: DXL doesn’t receive the Orion Event notification when a user is enabled or disabled because of an ePO 5.10 open issue. Background details: After a user is created in ePO, it generates a DXL command authorization using that user, and sends a sync request using that authorization. Then the user is added to an LRU cache of users, which is valid for one day. So, when a sync request is executed, it then disables the user for that authorization, and again executes the sync request. They might still execute the sync request successfully and get the response. From the DXL side, there’s the logic of listening to the 'userModified' and 'userUpdated' Orion events and clearing the cache. But, because DXL doesn’t receive notification from ePO, cache isn’t cleared and a disabled user can incorrectly still get a successful response on a sync request. Workarounds:
|
| 1256928 | - | 5.0.0 | - | Issue: DXL Command Authorization doesn’t update the User Interface when you revoke the ePO Managed Client Certificates. On the DXL 'Commands page', the restrictions column shows 1 certificate. Workaround: Wait 24 hours for the cache to be cleared. |
| 1251244 | - | 5.0.0 | - | Issue: When an incoming Broker bridge is removed with the Broker Management topology functions, it still shows as bridged in the fabric visualization page. Workaround: Wait until the Broker connection TTL expires and the fabric visualization page is updated. (The expiration usually occurs after 30 minutes.) |
| 1236251 | KB90036 | 4.1 | n/a | Issue: The DXL platform.zip fails to check in to ePO. Cause: The platform.zip size has increased to 269 MB because the largest packages were added to address the Resolution: Edit the |
| 1107302 | KB86114 | 2.0.1 | n/a | Issue: DXL fails to install on Windows Server 2008. The DXL Failed to open access handle : A certificate chain could not be built to a trusted root authority. |
| 1082794 | - | 2.0.0 | n/a | Issue: The Clients Connected count on the DXL Fabric Visualization page shows the number of connected clients and the number of incoming bridges. |
| 1026559 | - | 2.0.0 | n/a | Issue: Bridges can be overlapped on the DXL Fabric Visualization page. |
| 1003419 | - | 1.0.1 | n/a |
Issue: When a user adds a system to a Tag used in the DXL Topic Authorization, the system doesn’t appear in DXL until the Manager DXL Brokers server task runs. This action occurs once per day by default.
Workaround: To see the system in the Tags, manually run the server task Manager DXL Brokers. |
| 973129 | 1.0.1 | n/a |
Issue: The following OpenSSL error message displays in the DXL log file:
SSL3_READ_BYTES:ssl handshake failure |
Back to top
Related Information
To obtain an RTS hotfix, log on to the ServicePortal and create a Service Request at: https://supportm.trellix.com/ServicePortal/faces/serviceRequests/createSR. Include this article number in the Problem Description field.
See KB51560 for detailed information about release cycles.
See KB51560 for detailed information about release cycles.
Affected Products
Languages:
This article is available in the following languages:
