--------------------------------------------------- Server Technology --------------------------------------------------- PRO Smart/Switched AC/DC PDU/CDU/UPDU/Inline Meter --------------------------------------------------- Firmware Revision Notes --------------------------------------------------- Version 8.0v April 15, 2021 =============================================================================== Applicable Products =================== PRO firmware only applies to products with an Ethernet NIC serial number that begins with '95' to '103', for example, '9601234'. The Ethernet NIC S/N is displayed on the web 'Configuration->System->About' page and by the 'show system' CLI command. Firmware Revision History ========================= yy-mm-dd Ver. Rev. Filename Description -------- ---- ---- -------- ----------- 21-04-14 8.0v 2731 pro-v80v.bin Twentieth production release Version 8.0v is a maintenance and security-patch release. Update to version 8.0v is recommended for all products. Updated the OpenSSL component to v1.0.2u (December 2019). [Issue ID 76649] Increased the maximum CLI command line length from 64 to 159 characters. [Issue ID 77265] Changed the HTML character set to UTF-8 for HTML5 compliance. [Issue ID 77154] Disabled web browser form data caching by adding autocomplete="off" to all forms. [Issue ID 77086] Improved web server enforcement of the Strong Password policy requirements when submitting a form that modifies a local-user password. Removed the requirement for a special character from the Strong Password policy. [Issue ID 77094] Removed branch/line load shed options on DC products. [Issue ID 76073] Removed CLI commands to set thresholds for metrics that are not supported on DC products. [Issue ID 76686] Removed Cisco EnergyWise support. [Issue ID 76064] Removed SPM Secure Access / SNAP protocol support. [Issue ID 76819] Removed Bluetooth / 'ST Eye' mobile application support. [Issue ID 75559] Updated Server Technology INI Configuration (STIC) support to v2.21. This update removed support for SPM Secure Access / SNAP and Bluetooth / 'ST Eye'. Refer to STIC V2.21 documentation for details. Updated JSON API Web Service (JAWS) support to v1.05. This update removed support for SPM Secure Access / SNAP and Bluetooth / 'ST Eye'. Refer to JAWS V1.05 documentation for details. Fixed regeneration of the self-signed X.509 certificate to not re-use the same serial number. [Issue ID 76797] Fixed cases of new EMTH-2-xx temperature/humidity sensors intermittently cycling between lost and found. [Issue ID 76689] Fixed Smart PDU models with no over-current protectors to derive the outlet state and status from the phase status, versus always having a state of unknown and status of normal. [Issue ID 77218] Fixed the 3-phase out-of-balance percentage metric, which was low by a factor of ten. Warning and alarm notifications may occur that previously did not. If so, the thresholds should be adjusted or the imbalance should be corrected. [Issue ID 77251] Fixed the firmware version upgrade check to allow future 8.1 versions. [Issue ID 76627] Fixed the web UI 'Privacy Policy' link. [Issue ID 76954] Fixed the web Tools->View Log page to not repeat entries when the search filter does not match. [Issue ID 76629] Fixed the Strong Password policy to not apply to SNMPv3 user passwords in the web UI. [Issue ID 77234] Fixed serial non-volatile memory update messages to not flood the debug log. Built with an updated SSL library with a fix for connections when using non-blocking sockets. [Issue ID 76514] 20-12-16 8.0u 2681 pro-v80u.bin Nineteenth production release Version 8.0u is a maintenance and security-patch release. Update to version 8.0u is recommended for all products. Changed the web UI text color from black to green for an outlet state of 'On'. [Issue ID 75733] Removed MS SYNC from the Treck TCP/IP stack to stop security scanners from giving a false positive for Ripple20 vulnerabilities. [Issue ID 76513] Fixed RADIUS login failures for users with an STI-Access-Level other than Admin or Power-User. This broke in v8.0t. [Issue ID CR 75981] Fixed successful console and telnet logins to be logged. This broke in v8.0q. [Issue ID 76015] Fixed the web Tools->Change Password page to display the error for an incorrect password in red instead of green. [Issue ID 75795] Fixed outlets with a wake-up state of 'On' that are preceded by an outlet with a wake-up state of 'Off' to not turn off and back on shortly after completing a power-up boot on DC products. [Issue ID 76546] Fixed a temporary outlet status of 'Power Error' to not occur when turning off an outlet on DC products. [Issue ID 75461] Fixed outlet state mismatch errors that result in 'Power Error' to not flood the debug log. [Issue ID 75991] Fixed the web Tools->View Log page to properly display system log entries after the log is cleared. [Issue ID 76016] 20-08-24 8.0t 2662 pro-v80t.bin Eighteenth production release Version 8.0t is a new-feature, maintenance, and security-patch release. Update to version 8.0t is recommended for all products. Added support to start the TCP/IP stack in an IPv6-only mode. In this mode, a DHCP or Static IPv4 address is not needed for IPv6 to operate. [Issue ID 74251] Using the web interface, the IPv6-only mode is configured by a new 'IPv6 Only' choice in the Network dropdown on the Configuration-> Network->DHCP/IP page. Using the CLI, the IPv6-only mode is configured by the new command keyword: set net { ipv6only } The IPv6-only mode is also configurable by STIC and JAWS. Added support for an intermediate CA certificate. [Issue ID 75164] To upload an intermediate CA certificate, the file must either be named ‘*.ca’ or specifically ‘ca.crt’. File uploads are supported by HTTPS, HTTP, SFTP, and FTP. Using the web interface, an intermediate CA certificate is uploaded, removed, enabled, or disabled by new options on the Configuration-> Network->HTTP/HTTPS page. Using the CLI, an uploaded intermediate CA certificate is enabled or disabled by the new command: set https cacert { enabled | disabled } Intermediate CA certificate options are also configurable by STIC and JAWS. Previous web interface and CLI 'User Certificate' references have been changed to 'Server Certificate', to distinguish between server identity and intermediate CA certificates, which are now both user-uploadable. The previous CLI 'set https usercert' and 'set https userpass' commands have been deprecated in favor of these replacement commands: set https svrcert { enabled | disabled } set https svrpass { passphrase } For existing script compatibility, the deprecated commands are hidden but still supported. Added support to STIC & JAWS to configure server identity and intermediate CA certificate options. [Issue ID 75165] Added support to JAWS to read the SNTP local time and synchronization status. [Issue ID 75340] Added the CLI command ‘set sntp refresh’ to manually re-synchronize local date and time using the current SNTP server settings. Added a Legrand Privacy Policy link to the bottom of the main page of the web interface. [Issue ID 75112] Changed the Strong Passwords feature to be enabled by default upon a restart to factory defaults. By default, new passwords will require a minimum of eight characters, including at least one uppercase letter, one lowercase letter, one number, and one symbol. [Issue ID 75113] Increased the maximum length of the Location string from 63 to 80 characters. [Issue ID 75167] Updated Server Technology INI Configuration (STIC) support to v2.20. This update added support for the longer Location string and configuration of the IPv6-only mode and certificate options. Refer to STIC V2.20 documentation for details. Updated JSON API Web Service (JAWS) support to v1.04. This update added support for the longer Location string, SNTP status, and configuration of the IPv6-only mode and certificate options. Refer to JAWS V1.04 documentation for details. Updated the Sentry Network Access Protocol (SNAP) version to 2.0.5. This update added support for the longer Location string and configuration of the IPv6-only mode. Updated the Sentry4 SNMP MIB (Sentry4.mib). This update added support for the longer Location string. Refer to the description in the MIB for details. Fixed RADIUS authentication to operate over IPv6. [Issue ID 75658] Fixed outlet event logging and notifications to occur on DC products. [Issue ID 75439] Fixed the CLI 'set snmp authmode' command to accept all parameters on a single line. [Issue ID 75244] Fixed the Debug Messaging checkbox on the web interface Configuration-> Network->Syslog page to save when unchecked and applied. [Issue ID 75271] Fixed clearing of the inlet power-status microcontroller reset flag to not continuously repeat in the debug log on DC products. [Issue ID 75122] 20-06-08 8.0s 2609 pro-v80s.bin Seventeenth production release Version 8.0s is a critical security-patch, new-feature, and maintenance release. Update to version 8.0s is strongly recommended for all products. Fixed critical TCP/IP stack vulnerabilities. [Issue ID 75197] Server Technology was recently notified that researchers from JSOF (www.jsof-tech.com) found vulnerabilities within the Treck TCPIP, IPv4, IPv6, DHCP, DHCPv6 and DNS products. These third-party libraries provide the network stack in our PRO products. In reviewing these vulnerabilities, US-Cert and Mitre have classified the highest level as a possible "critical" severity (CVSS v3.1 score 10.0) vulnerability, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Some of these vulnerabilities can be triggered remotely without any authentication on the device. The vulnerability can lead to a full remote code execution on the target device. Server Technology strongly recommends that customers immediately review and deploy this latest firmware to eliminate these potential risks. At time of release of this firmware, there is no known in the wild exploit of these vulnerabilities. JSOF and Treck are coordinating a public disclosure of the vulnerabilities that is tentatively set for June 15th, 2020. After disclosure, applicable Mitre CVE and US-Cert VU numbers will be added to these release notes. Update: JSOF has collectively named the vulnerabilities 'Ripple20'. More information is available at: https://www.jsof-tech.com/ripple20/ US-Cert VU number: 257161 Mitre CVE numbers: CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899, CVE-2020-11900, CVE-2020-11901, CVE-2020-11902, CVE-2020-11903, CVE-2020-11904, CVE-2020-11905, CVE-2020-11906, CVE-2020-11907, CVE-2020-11908, CVE-2020-11909, CVE-2020-11910, CVE-2020-11911, CVE-2020-11912, CVE-2020-11913, CVE-2020-11914 Added SNMPv3 SHA authentication and AES privacy. [Issue ID 74395] Using the web interface, the SHA and AES options are configured by new choices in the Authentication Methods dropdown on the Configuration-> Access->SNMPv3 Users pages. Using the CLI, the SHA and AES options are configured by these new command keywords: set snmpuser authmode { md5aes | sha | shaaes | shades } The SHA and AES options are also configurable by STIC and JAWS. Increased the maximum number of repeater object IDs in an SNMP GetBulk operation from 10 to 20. [Issue ID 74543] Fixed the SNMP agent, when using SNMPv3 privacy (encryption), to disallow setting a duplicate value for 'name' objects that require uniqueness. [Issue ID 75060] Fixed the SSH server to timeout and close sessions that never attempt authentication. Sessions are now closed if successful authentication does not complete within 60 seconds. [Issue ID 74706] Fixed the SSH server to display a changed login banner upon the next login. Previously a login banner change would take two new sessions, or a restart, to be displayed, depending upon the SSH authentication method used by the SSH client. [Issue ID 75202] Updated Server Technology INI Configuration (STIC) support to v2.19. This update added support for configuration of SNMPv3 SHA authentication and AES privacy. Refer to STIC V2.19 documentation for details. Updated JSON API Web Service (JAWS) support to v1.03. This update added support for configuration of SNMPv3 SHA authentication and AES privacy. Refer to JAWS V1.03 documentation for details. Updated the Sentry Network Access Protocol (SNAP) version to 2.0.4. This update added support for configuration of SNMPv3 SHA authentication and AES privacy. 20-03-04 8.0r 2588 pro-v80r.bin Sixteenth production release Version 8.0r is a maintenance-only release. Update to version 8.0r is recommended for all products. Fixed the Shutdown Delay to be applied before power actions turn off an outlet. [Issue ID 74245] Fixed cases of missing URL encoding of user-editable string values. This avoids errors upon form submission when the string contains characters that require URL encoding. [Issue ID 74357] Fixed the SNMP agent to increment the snmpEngineBoots value upon each initialization. [Issue ID 74358] Fixed the OCP, Branch, and Outlet status to be "Power Error" instead of "Breaker Tripped" or "Fuse Blown" when the status of an upstream Line is "Power Error". [Issue ID 74504] Fixed Zero-Touch Provisioning (ZTP), which broke in v8.0q. [Issue ID 74545] 19-12-19 8.0q 2576 pro-v80q.bin Fifteenth production release Version 8.0q is a new-feature, maintenance, and security-patch release. Update to version 8.0q is recommended for all products. Added support to detect and report when the NIC in the master unit is running on backup power from the first link unit. When the master power input is off, but the NIC is running from link power, the master unit status now reports 'Power Error' instead of 'No Comm'. Added support to configure the source of the hostname in Syslog messages as either the administrator-defined 'FQDN' string or the internal 'System Name' that was previously always used. When 'System Name' (the default) is selected, the internal name of "Sentry_xxxxxx" (where "xxxxxx" is the last three octets of the MAC address) is used. When 'FQDN' is selected, and the Syslog protocol is set to RFC5424, the entire FQDN string is used as the hostname, otherwise, with the protocol set to RFC3164 (the default), the hostname is the portion of the FQDN string up to the first '.' separator. Using the web interface, the Syslog Hostname Source is configured on the Configuration->Network->Syslog page. Using the CLI, the Syslog Hostname Source is configured by the new command: set syslog hostsrc { sysname | fqdn } The Syslog Hostname Source is also configurable by STIC and JAWS. Implemented security-related changes for compliance with California's new cybersecurity law, Senate Bill 327, that takes effect on January 1, 2020. The changes are generally 1) only secure access is enabled by default, and 2) before granting access to the PDU for the first time, the default password must be changed. Refer to the 'California Senate Bill 327' technical note [303-9999-50] for details. Fixed startup of the network stack to not delay other threads while waiting for network configuration to complete. This change fixes an issue of the backup master starting outlet sequencing during the longer delay of the stack startup on Gigabit Ethernet (GbE) boards. Fixed the web Tools->Change Password page for non-administrator users. Previously, upon pressing the apply button to submit a change, the page would re-prompt for authentication credentials, and would only accept credentials from an administrator. Fixed web and CLI cases of missing or incorrect 'restart required' notifications for SNMPv3 configuration changes. Fixed the TACACS+ web page to have a single encryption-key change box and a single form to apply/cancel. Fixed several minor JSON API Web Service (JAWS) issues. Updated Server Technology INI Configuration (STIC) support to v2.18. This update added support for configuration of the Syslog hostname source. Refer to STIC V2.18 documentation for details. Updated JSON API Web Service (JAWS) support to v1.02. This update added support for configuration of the Syslog hostname source. Refer to JAWS V1.02 documentation for details. 19-07-09 8.0p 2520 pro-v80p.bin Fourteenth production release Version 8.0p is a new-feature, maintenance, and security-patch release. Update to version 8.0p is recommended for all products. Added Link Layer Discovery Protocol (LLDP) transmit mode. When enabled, the PDU periodically advertises its unique identity to the neighboring switch, allowing the switch to determine to which ports specific PDUs are connected. Transmitted information includes: MAC Address, Interface Name, Time-To-Live, System Name, and System Description. LLDP can be enabled (default) or disabled, and the transmit interval can be changed. Using the web interface, LLDP is configured on a new 'LLDP' network configuration page. Using the CLI, LLDP is configured and displayed by these new commands: set lldp { enabled | disabled } set lldp txinterval show lldp LLDP is also configurable by STIC and JAWS. Added support for 'reversible' PDUs that support automatic reversal of outlet and branch numbering when the unit is vertically flipped. Manual override is supported by configuration of the display orientation. Added support for hardware subcomponents that use a tilt switch for orientation sensing. Added support for CPU clock speeds above 75 MHz. Added caching of SYSLOG destination IP addresses from DNS lookups of destinations that are defined as host names. This avoids excessive DNS lookups when many SYSLOG messages are sent in a short period of time. Added forwarding of UPIPS precision frequency measurements to supported POPS IPMs, for increased accuracy of energy accumulation during AC frequency fluctuations. Added status logging of the last STIC upload. The result is written to a non-volatile 'stic.log' file. Removed the weak SSH diffie-hellman-group1-sha1 key exchange method, to eliminate vulnerability to a Logjam attack. Changed default power factor low alarm and low warning thresholds to 0.00. Changed the Smart Load Shedding feature to not require a feature key. It is now automatically installed and available. Changed the EMCU model to 'EMCU-1-1B(C)', to represent that the model can end in 'B' or 'C'. Increased the watchdog timeout to avoid unexpected resets during slow startup of the network stack due to abnormal or obscure switch configurations. Fixed startup of the network stack to avoid timeout errors when a Gigabit Ethernet (GbE) NIC is connected to a 10Base-T port. Fixed SSH sessions to not disconnect if data is input immediately after password entry but before the command prompt. Fixed SFTP sessions to be closed correctly upon timing out. Fixed DNS lookups to not occur periodically for SNMP trap destinations that are defined as host names, instead waiting until a trap is being sent. Fixed the SNMP MIB2 sysDescr object to not incorrectly describe a Switched PDU as a Smart PDU. Fixed SNMP Get operations for leaf node / scalar objects to only succeed when ending in '.0'. Fixed the SNMP st4UnitOutletDisplayOrder object to be skipped when there are no outlets in the unit, such as with an EMCU. Fixed active SNMP error trap repeat timers to reset if the error trap repeat time is changed to a value less than the remaining time. Fixed LDAP logins to fail if multiple user objects are returned by the user search, which indicates an invalid configuration of the user search filter. This prevents an unlikely case of an invalid configuration allowing a successful login. Fixed RADIUS support to not attempt authentication with the secondary server if authentication succeeded with the primary server. Fixed RADIUS support to fallback to local authentication when the access method is set to 'RADIUS Only' and communication fails to both servers. Fixed the STIC 'socket adapter' default value to be 'none' instead of blank for UDOT and Cx outlet socket types. Fixed trending data files to be deleted upon a factory restart. Fixed EMCU temperature/humidity sensor reads when swapping between newer v6 and older v5 EMCUs. Fixed RF Code RFC1 tags to again work with PRO1 products that have no branch status or measurement support. This broke in v8.0m. Updated Server Technology INI Configuration (STIC) support to v2.17. This update added support for LLDP configuration. Refer to STIC V2.17 documentation for details. Updated JSON API Web Service (JAWS) support to v1.01. This update added support for LLDP configuration. Refer to JAWS V1.01 documentation for details. 19-01-15 8.0n 2417 pro-v80n.bin Thirteenth production release Version 8.0n is a new-feature, important-maintenance, and security-patch release. Update to version 8.0n is strongly recommended for all products. Added support for console port login without DSR. This avoids the error message 'No DSR -- login is not available with DSR low' when connecting from a serial device that does not support DSR or does not assert DSR high. As in previous versions, sessions started with DSR high will monitor for a DSR loss (a high-to-low transition, for example, by a cable disconnect), upon which the session will automatically logout for security reasons. Sessions started with DSR low will not monitor for a DSR loss, such that a manual session logout or session timeout is required to avoid the security risk of a subsequent console connection starting in an already-authenticated session. Added support for passwords up to 95 characters in length with remote authentication (LDAP, RADIUS, TACACS+). This allows for two-factor and multi-factor authentication methods that combine multiple factors into long passwords, such as with a YubiKey device. Added a branch status table to the dynamic system overview web page. Added watchdog support to reset and recover a non-responsive system. Updated the OpenSSL component to v1.0.2p (August 2018). Refer to the OpenSSL.org change log for details. Improved web cache-busting for updated logos and icons. Fixed system stalls and hangs that could occur with v8.0m when continual HTTP/S requests were received during system boot. Fixed SSH server hangs that could occur with v8.0m when multiple near-simultaneous SSH connection attempts were received. Fixed corruption of an uploaded firmware image that could occur with v8.0m when SSH connection attempts were made during the firmware-update process. Fixed POPS accumulated energy to not jump by phantom amounts upon a warm restart of the NIC. This problem was introduced in v8.0j. To reset accumulated energy baselines, and to resolve inconsistencies between PIPS and POPS accumulated energy, energy counters can now be reset by the web Configuration->Units page or by the new ‘SET UNIT CLEAR ENERGY ’ CLI command. Fixed the web interface login to properly authenticate an entered username and/or password of exactly a 32-character length. Fixed a potential CGI/HTTP crash and automatic restart when an unauthorized user attempts access during multiple simultaneous sessions. Fixed RF Code support to clear queued messages upon tag initialization. This avoids old messages from being sent after a tag disconnect and reconnect. Fixed SNMP getnext operations to Sentry4-MIB non-table (non-indexed) leaf-node objects when '.0' is not included at the end of the object ID in the request. Previously the object returned was one past the correct lexicographically-ordered object. Fixed SNMP IP Restrictions to 'Trap Destinations Only' when the trap destinations are specified by hostnames. Previously the hostnames were not being resolved to IP addresses, resulting in all inbound SNMP traffic being blocked. Fixed DNS lookups to not occur for blank hostnames. Built with an updated TCPIP library with a fix for TCP hangups during SYN flood attacks. 18-07-31 8.0m 2346 pro-v80m.bin Twelfth production release Version 8.0m is a new-feature, maintenance, and security-upgrade release. This release had limited availability, but all changes below are included in future releases. Added JSON API Web Service (JAWS) v1.00 support. JAWS is a customer- oriented API for full configuration, monitoring, and control. JAWS operates securely over HTTPS. Refer to JAWS V1.00 documentation for details. Added support for Universal Per-Inlet Power Sensing (UPIPS) boards. Added support for HDOT, Cx, and UPDU feature icons in the web interface. Added support for three-phase Delta 'Smart Inline Meter' products. Added support for a StartUp Stick to update factory profiles in link units that have the same enclosure part number as the master unit. Added the version of uploaded firmware to the system log message. Changed web page branding to reflect that Server Technology is now a brand of Legrand. This consists of a new company logo and favorite icon. Upgraded the Secure Shell (SSH) server. The SSHv2 server now supports: HMAC: hmac-sha2-256 Kex: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1 Host Key: ssh-rsa Ciphers: aes256-ctr, aes192-ctr, aes128-ctr Products that ship from the factory with v8.0m will have RSA 2048-bit keys. Products updated in the field to v8.0m will run with existing DSA/DSS 640-bit keys. To change to RSA 2048-bit keys, perform a restart with the option to generate new SSH keys. Updated the OpenSSL component to v1.0.2o (March 2018), which is the latest release of the Long Term Support (LTS) version. Updated Server Technology INI Configuration (STIC) support to v2.16. This update added support for JAWS and outlet socket adapters. Refer to STIC V2.16 documentation for details. Updated support for RF Code 'STIPRO' tags, including several changes and fixes. These tags are now supported by all PRO2 products, and have been fully tested with new RF Code CenterScape software. These tags are also supported by select PRO1 products. Fixed RF Code support to average metric values over the reporting period. SNMP agent fixes: - Changed st4OutletSocketAdapter to only be supported for UDOT and Cx outlet sockets types. - Fixed st4OutletSocketAdapter set operations, which were always returning a noSuchName error. - Fixed st4OutletWakeupState set operations to not allow an invalid value of 3. - Fixed changes by successful set operations to mib-2 system objects (sysContact, sysName, and sysLocation) to be persistent across restarts. Fixed temperature sensor hysteresis configuration changes to be persistent across restarts. This has been broken in all versions. Fixed outlet socket adapter configuration by the CLI. Fixed a potential CGI crosstalk issue with the HTTP server. Fixed UPS SNMP polling. This has been broken in all versions. Fixed a potential crash and automatic restart due a stack overflow in the FTP server after an FTP login using LDAPS and local authentication. Fixed minor system log message inconsistencies. Built with an updated TCPIP library with a fix that avoids malformed DNS responses from potentially provoking crashes and unexpected behavior. 18-02-12 8.0k 2215 pro-v80k.bin Eleventh production release Version 8.0k is a new-feature, important-maintenance, and security-patch release. Update to version 8.0k is strongly recommended for all products. Added support to attempt recovery from a Static IPv4 Address Conflict condition. Recovery is attempted upon a link integrity loss and recovery, and by periodic retries (starting shortly after detecting the condition, and repeating hourly). Added support for products with 100A PIPS input metering. Added a Socket Adapter column to the Groups monitoring web page. Added fan sensor status to the dynamic System Overview web page, when a fan sensor is present. Added support for legacy RF Code 'STIRCK' tags. Updated support for RF Code 'STIPRO' tags, including several changes and fixes. These tags will be fully supported in an upcoming release of RF Code CenterScape software. Changed the maximum length of the LDAP Search Bind Password from 20 to 32 characters. Changed to ISO-8601 international date format and 24-hour time format for date/time stamps of files shown on the Files web page. This fixed a 12-hour time format bug in which '00:nn AM' was shown. Changed StartUp Stick support to log usage attempts when disabled, and to log status messages as an EVENT type, not CONFIG. Updated Server Technology INI Configuration (STIC) support to v2.15. This update supports the increased length of the LDAP Search Bind Password. Refer to STIC V2.15 documentation for details. Updated the Sentry Network Access Protocol (SNAP) version to 2.0.3. This update supports the increased length of the LDAP Search Bind Password. Updated the OpenSSL component to v1.0.2n (Dec 2017), which is the latest release of the Long Term Support (LTS) version. Fixed the Login Banner configuration web page to not truncate banner text to 255 characters. This problem was introduced in v8.0h. Fixed the Group Control web page to accept form submissions by non- administrator users that have group access rights. Previously the user was forced to re-authenticate, with the action not occurring. Fixed the SNMP agent to not skip the st4InputCordPowerCapacity object on products without PIPS input metering. Fixed scaling of Amp values in trending data files (*.csv). Amp values were being reported 10x high when the maximum value was at/over 10A. Fixed power factor graphical linear gauges on monitoring web pages to not be auto-scaled. Fixed STIC handling to avoid random crashes from improper/unknown sections. Fixed STIC to use signed values for Bluetooth 'transmission power'. Values of -1 to -6 will now be displayed and accepted, instead of 4294967295 to 4294967290. Fixed CLI commands that set thresholds to not allow low warning threshold values to be set below low alarm threshold values. Fixed threshold configuration web pages to not allow all four thresholds (low alarm, low warning, high warning, high alarm) to be set to the same value. Previously this was allowed, but resulted in the thresholds reverting to factory defaults, which was not apparent until refreshing or re-visiting the page. Note: web browser cache clearing may be needed for this change to take effect. Fixed detection of installed fan sensors. Fixed the All/None links on the Sensors web configuration page to also apply to fan sensors. Fixed the CLI 'show sensors' command to properly display five-digit threshold values for fan sensors. Built with an updated SNMP library with a minor memory-overwrite fix. 17-10-04 8.0j 2078 pro-v80j.bin Tenth production release Version 8.0j is a new-feature and maintenance release. This release had limited availability (for UPDU products only), but all changes below are included in future releases. Added support for up to eight SNMP v3 users, instead of just one fixed read-only user and one read-write user. SNMPv3 users are now created, removed, and assigned an access level, an authentication mode, an authentication password, and a privacy password. Using the web interface, SNMPv3 users are configured on a new 'SNMPv3 Users' configuration page. Using the CLI, SNMPv3 users are configured and displayed by these new commands: create snmpuser remove snmpuser set snmpuser { access | authmode | authpass | privpass } list snmpuser list snmpusers Previous CLI commands for SNMPv3 users are now deprecated and hidden, but are still supported. If more than two users are needed, then only the new commands should be used. Upon update, the previous read-only SNMPv3 user becomes the first user in the new SNMPv3 user table, and the read-write user becomes the second user. Added support for three-phase Wye and single-phase 'Smart Inline Meter' products. Added support for -48V 'Switched DC PDU' products. Added initial support for 'Universal Power Distribution Unit' (UPDU) products. These products have UDOT outlets that currently support basic adapters to C13 or C19 sockets. Future firmware updates will add support for smart adapters that are communicated to over a wireless infrared (IR) link. Added support for UDOT and Cx outlet socket types. These socket types support a user-selection of a socket adapter to a C13 or C19. Updated Server Technology INI Configuration (STIC) support to v2.14. This update added support for the extended SNMP v3 users described above. Refer to STIC V2.14 documentation for details. Updated the Sentry4 SNMP MIB (Sentry4.mib). This update added support for the new products described above. Refer to the description in the MIB for details. Fixed an encryption bug that caused certain AES256-encrypted configuration strings beyond a specific length to not be properly restored after a restart. The affected strings and lengths were: - SNMPv3 Authentication Password, when 32 characters or longer - SNMPv3 Privacy Password, when 16 characters or longer - LDAP Search Bind Password, when 16 characters or longer - TACACS+ Encryption Key, when 48 characters or longer - SSL User Certificate Passphrase, when 48 characters or longer - WLAN Key, when 48 characters or longer Fixed SNMPv3 set operations to writable Sentry4-MIB string objects when using MD5 authentication and DES privacy. Previously the operations would succeed, but the changes were not applied. Fixed active Low Warning and Low Alarm conditions to be cleared when the corresponding thresholds are set to zero. 17-06-28 8.0i 1983 pro-v80i.bin Ninth production release Version 8.0i is a minor maintenance release. Update to version 8.0i is recommended for all products. Updated the OpenSSL component to v1.0.2l (May 2017), which is the latest release of the Long Term Support (LTS) version. This includes various bug fixes, but no security fixes. Removed unnecessary logging of RF Code debugging messages, which were flooding the debug log. Fixed the Sensors configuration web page to accept changes instead of displaying the error message "Number of sensors has changed -- Action ignored". This problem was introduced in v8.0h with the initial fan sensor support. Fixed RF Code support to report the product series, PRO1 or PRO2. 17-06-15 8.0h 1973 pro-v80h.bin Eighth production release Version 8.0h is a new-feature, maintenance, and security-patch release. Update to version 8.0h is recommended for all products. Added Gigabit Ethernet (GbE) support. Added initial support for RF Code 'STIPRO' tags. Added fan sensor support. Added configuration of the outlet display order, per unit. Added support for Zero-Touch Provisioning (ZTP) to re-provision on a schedule. Added support to switched products for a web and CLI message to inform users that outlets will not change state upon a restart. Added daily CSV reports to trend file email attachments. Added support for a Japanese outlet-control enable/acceptance page, for PSE compliance. Changed the default power factor low alarm threshold to 0.3 and the low warning threshold to 0.4. Fixed the web server to no longer be vulnerable to the “Misfortune Cookie” security flaw (CVE-2014-9222). Fixed the web server to no longer be vulnerable to the "Digest Buffer Overflow Vulnerability" security flaw (CVE-2014-9223). Fixed orientation sensor reads after offline-online transitions. Updated Server Technology INI Configuration (STIC) support to v2.13. Refer to STIC V2.13 documentation for details. Updated the Sentry4 SNMP MIB (Sentry4.mib). Refer to the description in the MIB for details. 17-03-24 8.0g 1866 pro-v80g.bin Seventh production release Version 8.0g is a major security-upgrade and maintenance release. Update to version 8.0g is recommended for all products. Upgraded Transport Layer Security (TLS) to version 1.2 (RFC 5246). This support is based on OpenSSL v1.0.2k (January 2017), which is the latest release of the Long Term Support (LTS) version. Supported ciphers: TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA Removed TLS1.0 support and the 3DES (TLS_RSA_WITH_3DES_EDE_CBC_SHA) cipher. Only TLS1.2 is supported. Security upgrade notes and requirements: TLS1.2 support affects HTTPS, LDAPS, and SNAP. HTTPS (secure web server): A modern web browser with TLS1.2 support is required. Current versions of IE, Firefox, Chrome, Opera, and Safari have been tested and are supported. The HTTPS server uses the first matching cipher from the client preference list. LDAPS (secure LDAP client over TLS): LDAPS support requires a modern directory service with TLS1.2 support. Active Directory support has been tested with Windows Server 2012 R2. OpenLDAP support has been tested with v2.4.42. SNAP (secure access by Sentry Power Manager (SPM) software): SPM version 6.0.9 or later is required to support TLS1.2 for SNAP operations. Changed regenerated self-signed X.509 certificates to use a 2048-bit key and SHA256 as the signature hash algorithm, to comply with current minimum security standards. It is highly recommended (and may be required by some browsers) that old weaker self-signed certificates be removed from certificate stores and new stronger certificates be regenerated and accepted into certificate stores. Changed the LDAP Bind Type choice of 'TLS/SSL' to just 'TLS' on the LDAP configuration web page. Added Zero-Touch Provisioning (ZTP) support. Refer to the 'Zero Touch Provisioning (ZTP)' technical note [303-9999-44] for details. Added support for an updated StartUp Stick to reverse the factory ordering of branch and outlet numbering on a PDU. This feature is for use by system integrators with custom model numbers. Added dynamic adjustment of the default port number on the LDAP configuration web page when the Bind Type is changed. Added form submission by the Enter key on the Features configuration web page, and the Ping and View Log tools web pages. Added Log Filter persistence when changing between System and Debug log message lists on the View Log tools web page. Added support to store and present a per-unit product manufacture date, in YYYY-MM-DD (ISO 8601 format). The product manufacture date is shown on the Units configuration web page, by the 'show units' CLI command, and by the new SNMP st4UnitProductMfrDate object. Changed the behavior of the Files configuration web page to restart immediately upon successful upload of a valid firmware image, if different from the current image. Updated Server Technology INI Configuration (STIC) support to v2.12. Version 2.12 adds control of restart behavior upon upload, and adds support for Zero-Touch Provisioning (ZTP) configuration. Refer to STIC V2.12 documentation for details. Updated the Sentry4 SNMP MIB (Sentry4.mib): - Added the st4UnitProductMfrDate object. - Adjusted the upper limit of voltage objects to 600 Volts. - Fixed the st4InputCordOutOfBalanceEvent notification definition to include the correct objects. Updated the Sentry4 SNMP MIB object-ID tree (Sentry4OIDTree.txt): - Fixed the st4PhasePowerFactorHysteresis object number. - Fixed the st4WaterSensorStatusEvent trap number. SNMP agent fixes: - Fixed the st4OcpStatusEvent trap to include OCP objects, instead of incorrect branch objects. - Fixed the variable bindings of the st4WaterSensorStatusEvent objects to not be missing the st4WaterSensorIndex value. - Fixed the variable bindings of the st4AdcSensorEvent objects to not be missing the st4AdcSensorIndex value. - Fixed some SNMP traps not getting sent when many traps are generated in a short period of time. - Fixed unnecessary delays between sending SNMP traps when many traps are sent in a short period of time. - Fixed the agent to respond (per RFC 3414) with a wrong timeliness report to an SNMPv3 request with the authentication bit set, the privacy bit clear, the engine boots set to 0, and engine time set to 0, instead of an encryption failure. Fixed configuration changes to SNMP community strings, SNMP v3 users, and the SNMP trap format to indicate that a restart is required. Fixed SNMP IP Restrictions to not be presented as a trap sub-option in the web and CLI. Fixed the DHCP FQDN option to work with Microsoft DHCP servers by changing from binary encoding to ASCII encoding of the FQDN string in the DHCP option 81 packet. Although RFC 4702 (October 2006) deprecated ASCII encoding in section 2.3.1, Microsoft DHCP servers don't support binary encoding. Fixed some cases of slow off/on-line transitions of temperature/humidity sensors on master units. Fixed over-current protection device (OCPD) and branch drivers to support units with more than six OCPDs/branches. Fixed multiple changes to the Log Filter on the View Log tools web page to not indefinitely hang the web server. Fixed the CLI 'set ipv4 subnet' command to disallow '255.255.255.254' (a P2P link), which caused a network monitor thread crash and automatic restart upon startup. Fixed an ‘Invalid network configuration!’ error that was being sent out the console port upon startup when connected to a non-auto-negotiating switch/hub, despite subsequent proper network operation. Fixed a unit asset tag value to be cleared upon a purge of a disconnected unit. Fixed the wrong product name being displayed on the login failure web page. Fixed inconsistent font sizing and formatting on login, logout, restarting, and error web pages. Fixed login, logout, restarting, and error web pages to provide return links that don't bypass the login banner page. 16-08-25 8.0f 1693 pro-v80f.bin Sixth production release Version 8.0f is a maintenance-only release. Update to version 8.0f is recommended for all products. Added support for additional PRO1 models. Added a ping of the gateway address every two minutes as an access-point keep-alive when WLAN is enabled on WLAN-capable NIC hardware. Fixed Environmental Monitor Control Unit (EMCU) support, which broke in v8.0e. Fixed incorrect calculation of the Cord Power Capacity in delta products. Fixed a possible crash and automatic restart of the root thread due to a stack overflow resulting from constantly repeating SSH sessions. Fixed the web UI to allow outlet configuration changes when the unit name is blank. Fixed a minor formatting issue in the SHOW SMTP output. 16-05-20 8.0e 1672 pro-v80e.bin Fifth production release Version 8.0e is a maintenance and security-patch release. Update to version 8.0e is strongly recommended for all products. Added PRO1 support. PRO1 products are factory conversions/upgrades of legacy products that include a subset of the hardware features that are inherent in PRO2 products, yet provide the substantial benefits of the PRO2 enhanced NIC card, new product architecture, and firmware feature set. Added identification of the system product series (PRO1 or PRO2) to the Web, CLI, and SNMP agent. Added support to remove the last local administrator account when remote authentication (LDAP, TACACS+, or RADIUS) is in use. This is achieved by a new system configuration option called 'Local Administrator Account', which can be set to either ‘Required’ (the default) or ‘Optional’. Setting 'Local Administrator Account' to 'Optional' disables the restriction to remove the last local administrator. This also forces the configuration reset button to be enabled. Setting the configuration reset button to disabled forces 'Local Administrator Account' to be 'Required'. If no local administrator accounts are present when this occurs, then the configuration reset button is forced back to enabled. Only a remotely-authenticated administrator can remove the last local administrator account. The ‘Local Administrator Account’ option is configured by the web ‘Access’ page, the 'set access localadmin’ CLI command, SNAP, or STIC. Added a 24-hour history graph of cord power to the web Overview page, when trending is enabled. Added support for units with hardware input-feed failsafe support. Added alphanumeric sorting of local users, LDAP groups, and outlet groups. Added system status and flash information to DEBUG SUPPORT. Replaced the default SNTP servers (2.pool.ntp.org and 1.pool.ntp.org) with newly-registered Server Technology NTP pool servers (2.servertech.pool.ntp.org and 1.servertech.pool.ntp.org). Changed the product name to include 'PDU' (Power Distribution Unit) instead of 'CDU' (Cabinet Distribution Unit). Changed the product name in regenerated self-signed X.509 certificates to 'ServerTech Pro PDU' from 'ServerTech Pro2 PDU', to be common for either the PRO1 or PRO2 product series. Changed FTP server GET failure responses to distinguish between 'File Not Found' and 'Permission Denied'. Changed the system boot behavior to not complete the boot until all connected units have been brought online. This prevents logins, configuration changes, and control actions until the system is ready to successfully complete all operations. Changed DHCP static fallback to not apply when WLAN is enabled. Modified the CLI delete key behavior for increased compatibility with terminal programs, and consistency with editing environments. Modified UPS configuration to include a configurable name, for better identification and consistency. UPS lists are now sorted alphanumerically by name. Updated the SNMP Sentry4 MIB. This MIB added objects to support the PRO1 product series and corrected limits of various object. See the MIB revision description for details. Updated Server Technology INI Configuration (STIC) support to v2.11. Version 2.11 added 16 new sections with 82 read-write properties, changed 29 properties to read-write, fixed two issues, and improved validation and logging. Refer to STIC V2.11 documentation for details. Updated the Sentry Network Access Protocol (SNAP) version to 2.0.2. This version added support for the new 'Local Administrator Account' required/optional feature. Fixed a security issue with SNMP v1/v2c community strings. Fixed changes to the SNMP SysName, SysContact, and SysLocation strings to not require a restart to take effect. Fixed missing SNMP objects for products with multiple input cords in one unit. Fixed a race condition on a non-volatile memory flush flag that could result in some configuration changes not being written at the end of a series of rapid mass-configuration changes. Fixed a web upload of config.bak in a near-factory-default state (no added or modified users, LDAP groups, or TACACS+ privilege levels) to not result in the default administrator account being lost until a restart. Fixed cases of Temperature/Humidity sensors being slow to transition between online and offline states, or never transitioning. Fixed a restart to factory defaults to purge cached unit profiles, so that units which are no longer present in the system are not persistent. Fixed EVENTS to be sent to SYSLOG servers. Fixed missing serial input when using the CONNECT command. Fixed the default email Subject ID to be "Sentry_xxxxxx" (where "xxxxxx" is the last three octets of the MAC address) instead of the product name (e.g. "Sentry Switched CDU"). Fixed outlet voltage to read zero when the outlet is off. Fixed a change of the Temperature Scale from Celsius to Fahrenheit to not result in an invalid minimum temperature threshold value of 216. Fixed automatic adjustment of metric thresholds when a new unit is connected to not reset to default any previously-configured thresholds that are within the valid range of the new unit. Fixed outlet state change logging to not apply to Smart units. Fixed removal of a local LDAP group with the same name as a local user account to not logout an active user of that local account. Fixed several minor CLI and Web UI formatting, consistency, and display issues. Fixed several minor log message formatting issues. Removed insecure DES cipher support from the LDAPS client. 15-12-02 8.0d 1543 pro2-v80d.bin Fourth production release Version 8.0d is a maintenance-only release. Update to version 8.0d is recommended for all products. Fixed LDAP login failures. Previously, even with proper configuration, LDAP logins would only succeed if the optional 'Group Search' was enabled and succeeded. Fixed StartUp Stick support to perform an automatic restart after successfully applying one-or-more changes that require a restart. Fixed WLAN/Wi-Fi support to avoid UI options disappearing. Fixed the SNMP agent to only accept an integer data type in set operations of st4OutletControlAction, st4OutletQueueControl, and st4TempSensorScale objects. Fixed the web interface to display system alert messages. Fixed rare cases of slow-to-respond outlet state-change actions. Fixed rare cases of outlets failing to sequence ON after initial power-up. Fixed STIC support to enforce a minimum bluetooth name length of 1, and to not reset the SPM password when 'no' is specified. Fixed UPS line load shedding to include link units. Fixed several minor formatting issues with log messages. Rebuilt the SSL, SSH, LDAP, Directory Services, and Energywise libraries, to accommodate updated dependencies. 15-08-06 8.0c 1366 pro2-v80c.bin Third production release Version 8.0c is a new-feature, maintenance, and security-patch release. Update to version 8.0c is recommended for all products. Added StartUp Stick support. The StartUp Stick is a tool for quick and easy mass-configuration of operating parameters. See https://www.servertech.com/products/accessories/startup-stick for further information. Added wireless local area network (WLAN) support for new Wi-Fi IEEE 802.11 b/g/n NIC hardware. Added support for Load Shedding due to humidity-sensor high-threshold events. Outlet actions (on or off) can now be configured to occur automatically when a humidity measurement crosses a high threshold, with optional reverse action upon recovery (with hysteresis). Related changes include: - Added SET LOADSHED SENSOR HUMID. - Added SET OUTLET HUMIDEVENT. - Updated the SHOW LOADSHED command to display the humidity load-shedding configuration. - Updated the web Load Shedding pages to configure and display the humidity load-shedding configuration. Enabled support for ongoing IPv4 address conflict detection (ACD). Previously only initial IPv4 ACD was enabled. Added drivers for new hardware sources of over-current protection device (OCPD) and branch status. Added support for CTRL-C to abort CLI operations, where applicable. Updated Server Technology INI Configuration (STIC) support to v2.10. Version 2.10 added 16 new sections, 46 read-write properties, 32 write-only properties, 1 special repeat property (banner), and user management operations (create, delete, update). Refer to STIC V2.10 documentation for details. Changed the minimum Shutdown Delay from 30 seconds to 1 second. Changed regenerated self-signed X.509 certificates to use SHA-1 as the signature hash algorithm, instead of weak MD5. Removed weak MD5 HMAC algorithm support from the SSH server. Removed a requirement for network startup to complete before internal event logging starts. Fixed Load Shedding to not require a network connection, except for UPS shedding, which requires a network connection for SNMP polling of a UPS. Fixed Load Shedding to not stall during the sequencing of multiple outlets with 'On' shedding actions. Fixed the web Load Shedding configuration page to display a missing '--All--' dropdown box for global configuration of the On-Battery Shedding option. Fixed web group monitoring and control pages to always sort groups alphanumerically. Fixed driver handling of sensed power states for outlets with no relays. This problem caused Smart units to invert reported outlet states. Fixed a failure to sequence relays ON after asynchronous microcontroller resets on relay control boards. Fixed the Email/SMTP web page to not allow spaces in the authentication username. Fixed minor UI issues. 15-05-21 8.0b 1246 pro2-v80b.bin Second production release Version 8.0b is a new-feature, maintenance, and security-patch release. Update to version 8.0b is recommended for all products. Added support for bootloader firmware updates by the same methods as application firmware updates. This addition was made to support customer/field updates to bootloader version 4.0g, which addresses a critical issue with the redundant network power feature (see nim2-blt-history.txt). After update to v8.0b application firmware, update to v4.0g bootloader firmware (nim2-blt-v40g.bin) is recommended for all products. Added persistence of link units across restarts. Link units that have been added to the system will no longer 'disappear' if the master-unit NIC is restarted while the link unit is powered down or disconnected. This allows for alerts to continue after a restart for link units that are errantly missing (for example, by an accidentally-disconnected cable) or in an error condition (for example, lost power). Link units that are intentionally removed from the system must now be 'purged' to avoid alerts. Added support for the GMT offset to be set in minutes, to accommodate partial-hour time zones. All standard international time zones from -12:59 to +14:59 are now supported. The GMT offset in minutes can be configured via web, CLI, STIC, and SPM Secure Access. Added support to upload/restore 'config.bak' through the web 'Files' page. Added support for FTP MGET operations. Support is strictly limited to 'mget *' and 'mget *.*' wild-card handling on local paths. Added Server Technology INI Configuration (STIC) v2.00 support. STIC provides the ability to read and write configuration changes through a text file, config.ini. This file may be read, modified, and written via HTTP/S and S/FTP. Refer to STIC V2.00 documentation for details. Removed support for legacy ftp.ini, sntp.ini and network.ini configuration files. The configuration settings in these files are now included in config.ini. Removed the ALL keyword as a target option for the SET PORT command. SSH server changes and fixes: - Removed insecure 96-bit digest HMAC algorithm support. - Removed blowfish cipher support. - Fixed sessions to not hang after receiving 1000 characters. - Fixed support for newer SSH clients with long HMAC algorithm lists. - Fixed the server to not send a 'window adjust' packet for every received character. - Increased the maximum packet and windows size. - Added sending an exit-status value of 0 to a session close. - Fixed a session close to send the final 'Session Ended' message before disconnecting. - Removed an extra newline after the 'Session Ended' message. - Substantially improved the SFTP server speed of a file upload. A firmware upload now takes a bit over a minute, versus about five minutes previously. - Fixed the SFTP server to refresh the session timeout on any session operation. Updated the Sentry Network Access Protocol (SNAP) version to 2.0.1. This version added support for GMT offsets and fixed the 'User Add' command to correctly set local user passwords. Updated the SNMP Sentry4 MIB. This MIB corrected the UNITS and value range of temperature sensor threshold objects. Fixed setting the display orientation and outlet sequence order via SNMP using the 'st4UnitDisplayOrientation' and 'st4UnitOutletSequenceOrder' Sentry4 MIB objects. Fixed the SNMP object 'st4TempSensorValue' in a 'st4TempSensorEvent' trap to return a value of -410 instead of -1 when a reading is invalid or not available. Improved the robustness of NVM updates and reads during link unit connections and disconnections. This fixes spurious NVM failures and the potential for a stale serial number when link units are changed quickly. Fixed spurious boot-time off/on-line errors from temperature/humidity sensors on master units. Fixed spurious over-current protector device off/on-line errors on certain models during boot or connection of a link unit. Fixed transient phase and outlet power factor warnings/alarms during load additions/removals and outlet relay state changes. Fixed cases of the TCP/IP stack 'up' event occurring prior to final acquisition of a static IPv4 address. This fixes the SNMPv3 Engine ID being wrong (ending with zeros) when the Ethernet cable is plugged in after the boot completes. Fixed a potential memory overrun in the cryptography library. Fixed the default display orientation and outlet sequence order to be determined by the factory-loaded product profile. Fixed the 'DHCP Static Address Fallback' feature to default to enabled. Note, this fix requires bootloader v4.0f or later. Fixed low-heap detection, increased low-heap thresholds, and expanded the network heap. Fixed presentation of fused units as having fuses, not breakers. Fixed configuration of the SMTP authentication username to not allow spaces. Fixed the CLI 'set ldapgroup sysmon' and 'set tacpriv sysmon' commands to properly set 'System Monitor' access rights for users remotely- authenticated by LDAP or TACACS+. Fixed the CLI to allow removal of the last LDAP group when access is 'Remote Only'. Fixed potential logouts and hangs by some internal DEBUG commands. Changed displays of the Ethernet MAC address to show dashes instead of colons. Several cosmetic fixes. 15-01-21 8.0a 1094 pro2-v80a.bin First production release This is the initial release of firmware for the PRO2 product family. This includes the PRO2 series of Smart and Switched Cabinet Distribution Unit (CDU) and Power Distribution Unit (PDU) products. A new 'PRO2 User Guide' for 'Firmware Version 8.0' accompanies this release. Please refer to this manual for complete configuration and operation instructions. =============================================================================== Copyright (C) 2021 Server Technology