amit rotem

Explaining Service Packs, Patches and Hotfixes for Security Analytics

Blog Post created by amit rotem Employee on May 18, 2016

The Security Analytics Engineering team emphasizes heavily on the quality of the product while providing a quick response to our customers. To ensure high quality and timely delivery of product feature requests, security updates and fixes we release patches and service packs on a regular cadence.

 

Service Packs

Service packs are usually released quarterly for the latest and previous release 'streams' (for example 10.6 and 10.5 as of 2016). They would normally include fixes for customer-found issues as well as fixes for issues found by the SA Engineering team. In addition, service packs include updates to common libraries used in the product such as Java or newer CentOS kernel versions (mostly as means for addressing security vulnerabilities in these libraries). For the latest SA release stream a service pack will likely include also new features and additional enhancements to existing features.

 

Normally, a service pack will support a direct upgrade from every supported and active stream. For example, service packs 10.5.2 supports a direct upgrade from 10.5.0, 10.5.1 and all 10.5.x patches, as well as from 10.4.1.5 and 10.3.5.

 

Patches

In late 2015 we introduced a new patch program for Security Analytics, releasing patches at a regular cadence for the latest and previous release streams. Patches mainly include fixes for customer-found issues and on occasion also fixes to issues found by the SA Engineering team. Most often, patches will include fixes for security issues, sometimes in the form of a library upgrade, depending on the urgency of the issue.

 

Patches support a direct upgrade only from their base version or from a previous patch released over the same base version (for example, upgrade to 10.5.1.2 is supported from 10.5.1 and 10.5.1.1 but not from 10.5.0.1).

 

Hotfixes

Hotfixes are point fixes released to specific customers for critical issues that could not be delivered in a patch due to their urgent nature. These fixes will be included in the following patch on the same code stream and customers are encouraged to install the full patch when it becomes available.

 

Hotfixes are made for a specific SA version that the targeted customer is running and are not supported over any other version (unless explicitly certified by SA Engineering for use over a different SA version).

 

Security Updates

Starting in 2016, we no longer release out-of-band security updates but rather provide them as part of new Security Analytics versions. Normally, security updates will be included on a quarterly basis with service packs for the current and previous release streams. In case of more urgent security issues, fixes might be included in earlier patches. For earlier code streams, security updates will be released as needed, depending on their urgency, in the form of a patch or a hotfix.

 

For any questions please feel free to reach out to me at amit.rotem@rsa.com. Please reach out to SA Product Management for any questions on the schedule of major/minor SA releases. 

Outcomes