We are pleased to announce the eleventh generation of our industry leading software! You can now experience all the latest innovations designed to provide you with a business advantage.
In addition to the new software features and usability enhancements in this release, we have rearchitected the core of our software. This includes the following:
- The Security layer for greater access control and flexibility, and to address the needs of mobile users.
- The Networking layer to support new transport modes, and provide greater speeds and better scaling.
- The Database layer which has been simplified to eliminate potential bottlenecks.
- The Indexing layer to support multiple databases as well as live edit capabilities.
- Deduplication to use an in-memory database to support high availability.
Refer to the New Features list, which highlights the major new features and capabilities of our software, including a description, applicable agents, use cases, and license information. Other topics provide more information about the changes in this version of the Commvault software. For information, see Cumulative Information for Version 11.
To see new features and changes for recent service packs, go to the service pack documentation listed under What's New.
In Feature Release 19, release versioning terms and numbering conventions were changed.
The following release versioning terms were changed:
- "Version" was changed to "platform release".
- "Service pack" was changed to "feature release".
- "Hotfix pack" was changed to "maintenance release".
The release versioning numbering convention was also changed. In Service Pack 18 and older service packs, the version of the software was referred to as "Version 11" or "V11", and the service pack was referred to as "Service Pack 18" or "SP18". In Feature Release 19 and newer releases, the release version is expressed as a combination of the platform release, the feature release, and the maintenance release. For example, a release version of 11.19.5 refers to Platform Release 11, Feature Release 19, and Maintenance Release 5.
Feature Release 19 Automatic Downloads Available on May 15, 2020
Feature Release 19 will be available for automatic downloads. Customers who would like to get the feature release immediately may download it manually using the instructions linked from Running Feature Release Installations Manually. For customers that use the default schedules, the software automatically downloads on or after May 15, 2020.
End of Support for Windows 2008 and Windows 2008 R2
Newer versions of Windows include important performance, stability, and reliability improvements. Therefore, new installations on Windows 2008 and Windows 2008 R2 are not supported for the following Commvault platforms:
- Web Console
- Web Server
- Metrics Report
- Search Engine and Analytics
Support for existing deployments is now discontinued. You should plan to upgrade the operating system in the near future, to maintain supportability and to take advantage of the improvements offered with newer versions of Windows.
The Web-Based CommCell Console Will Stop Working When Oracle Removes the Support for Java Web Start
As described in the Oracle Java SE Support Roadmap web page, Oracle will continue to provide public updates and auto updates of Java "until at least the end of January 2019 for Commercial Users". After that time, Java Web Start and the Java Plug-in will be removed and Commvault users will no longer be able to access the CommCell Console as a Java Web Start application.
Commvault users will be able to access the CommCell Console using the Java Web Start application up until the end of January 2019, and the Java deprecation warning will appear during that time. After January 2019, Commvault users will not be able to access the CommCell Console using the Java Web Start application.
After January 2019, Commvault users can access the CommCell Console only by using one of the following methods:
CommServe Server and MediaAgents Can Be a Virtual Machine
You can use virtual machines instead of physical clients for the CommServe server and MediaAgents. Virtual machines must meet the same hardware specifications as physical clients, such as CPU, RAM, IOPs, and network requirements.
We recommend that you manage extra-large backend data (up to 400 TB) with a single extra-large MediaAgent using two DDB (deduplication database) partitions. For more information, see Deduplication Mode.
For other information about CommServe server and MediaAgent sizing, see the following topics:
- Hardware Specifications for the CommServe Server
- Deduplication Mode
- Hardware Specifications for Non-Deduplication Mode
- Indexing Requirements
For VMware using ESXi 6.0 EP6 (build 3825889), incremental backups that use application quiescing are equivalent to Full Backups
A known issue with VMware ESXi 6.0 EP6 (build 3825889) caused Changed Block Tracking (CBT) to return all blocks for a virtual disk, resulting in backups that were the total size of the virtual disk. This affected backup applications, including Commvault, when incremental backups were run using application consistent quiescing with CBT, for guest virtual machines running Windows 2008 or later.
Note: This issue did not result in data loss, but did increase the size and running time of incremental backups.
You can resolve this issue by applying the patch that was provided by VMware in VMware ESXi 6.0, Patch ESXi-6.0.0-20160804001-standard (2145667).
For more information, see the VMware KB article After upgrading to ESXi 6.0 Build 3825889, incremental virtual machine backups effectively run as full backups when application consistent quiescing is enabled (2145895).
Security Vulnerability with Viewing Log files
The following hotfix packs, dated March 12, 2020, contain a fix for a security vulnerability that is related to viewing log files in the CommCell environment. With this fix, viewing log files is limited to the log files folder only.
Download and install the hotfix pack, dated March 12, 2020(or later), for your service pack level on all the clients in the CommCell environment.
The security vulnerability does not exist in Feature release 11.19 and later releases.
Hotfix Pack Number
Commvault Ransomware Protection Is Safe from RIPlace
The Commvault ransomware protection feature is not affected by the RIPlace bypass technique that was recently reported about in the news. For more information about RIPlace and Commvault, see Commvault’s Ransomware Protection Is Safe From RIPlace.
For more information about the Commvault ransomware protection feature, see Ransomware Protection.
Security Vulnerability With MongoDB Versions
Commvault has reviewed the security concerns with MongoDB versions as reported in CVE-2016-6494, and recommends that you upgrade the MongoDB instance installed by the Commvault software as described in the KB article SEC0019:Security Vulnerability Issues with MongoDB Versions.
Vulnerability in 7-Zip (CVE-2018-10115 )
Our engineering team has reviewed the MS-ISAC Advisory number 2018-049 and CVE-2018-10115 reports regarding the vulnerability in 7-Zip. Based on our review, we can report that Commvault software does not use RAR compression and does not allow remote execution of the 7-Zip binaries. All versions of V10 and V11 Commvault software are unaffected by this potential vulnerability.
For more information, see KB article SEC0015: A Vulnerability in 7-Zip Could Allow for Arbitrary Code Execution (CVE-2018-10115).
Apache Tomcat Vulnerability Posted by NVD
Our engineering team has reviewed the NVD posting regarding the CVE-2017-12617 vulnerability in Apache Tomcat software, as well as the response by Apache. Based on our review, we can report that the configuration used by Commvault Tomcat installations does not include the WebDav servlet and does not alter the default value of "true" for default servlet init-param "readonly". All versions of V10 and V11 Commvault software are unaffected by this potential vulnerability.
Installing Windows Updates on All Clients in a Client Computer Group
To keep your CommCell environment secure, you must stay up-to-date with all Windows operating system updates. You can use the Install Windows Updates workflow to download and install Microsoft updates on all client computers in a client computer group. Download the Install Windows Updates workflow from Commvault Store. For instructions, see Download Workflows from Commvault Store. For details about the Install Windows Updates workflow, see Install Windows Updates Workflow.
MongoDB Security Implementation
Commvault software uses the MongoDB database program to store and to retrieve comments and replies associated with Edge Drive objects. During the installation of MongoDB, Commvault enables authentication mode and updates the default user credentials with a random password. For more information about Commvault and MongoDB, see KB article SEC0012: MongoDB Security, Usage, Installation, and De-installation.
Linux Kernel Vulnerability Posted by NVD
Our engineering team has reviewed the NVD posting regarding a potential vulnerability in the Linux kernel before 4.4.1, as well as the response by RedHat. Based on our review, we can report that Commvault does not use this API in our backup and recovery code, and our File Recovery Enabler for Linux uses Centos 6.x kernels, and thus our software is not vulnerable to this potential threat.
Vulnerability Posted by Software Engineering Institute – CERT Division
Commvault acts swiftly on all security risks to verify the authenticity of the risk and any required resolution of that risk for all supported versions of our software. Our engineering team has reviewed the CERT posting and we have identified a potential security vulnerability in the Web Console through our own testing. At this time, there have been no customer reports of this issue.
This vulnerability is addressed in Version 11 SP1. It is not necessary to download or install any separate Maintenance Release to address it.
Stack-Based Buffer Overflow Vulnerability
Our engineering team has reviewed the CERT posting on the stack-based buffer overflow vulnerability for Commvault Edge and have addressed this issue in Version 11 Service Pack 7.
For more information, see KB article SEC0013: Stack-based buffer overflow vulnerability.
Deprecation and End-of-Life
Infinishare for SharePoint Support Is Ending
Beginning in Service Pack 14, the SharePoint Server Agent will not support Infinishare for SharePoint.
Microsoft SharePoint Storage Manager Support Is Ending
Beginning in Service Pack 14, the SharePoint Server Agent will not support Microsoft SharePoint Storage Manager.
Microsoft SharePoint Server 2007 Support Has Ended
Beginning in Service Pack 13, the SharePoint Server Agent does not support Microsoft SharePoint Server 2007.
SharePoint Server Agent Direct Database Access Support Has Ended
Beginning in Service Pack 13, the SharePoint Server Agent does not support the direct database access option.
Support for the memdb Option with the SIDB2 Tool Has Ended
Beginning in Feature Release 19, the SIDB2 tool does not support the use of the memdb option that can convert a deduplication database to a transactional deduplication database.
Last modified: 4/7/2020 3:45:34 PM