SQL Sentry 2024.2 release notes
Release date: April 17, 2024
Here's what's new in SQL Sentry 2024.2.
Learn more
- See the SQL Sentry 2024.2 system requirements.
- For information about working with SQL Sentry, see the SQL Sentry 2024.2 Administrator guide.
New features and improvements in SQL Sentry
SQL Sentry Portal Environment Health Overview Weekly Vitals
In Version 2024.2 the Environment Health Overview can be toggled between a 24 hour view and 1 week view. View weekly health scores to see where your servers can be optimized.
Top SQL Percentage Change
View the percentage of change in query consumption for all events in Top SQL for SQL Sentry Portal across a 24 hour period in the % change column. The % Change column and Avg Duration column display on SQL Sentry Portal Top SQL tabs by default.
Copy and paste deadlock xml
Copy and paste raw deadlock xml into new deadlock file sessions. Use CTRL + V or right-click + paste to paste your deadlock xml into a new deadlock file session. See Plan Explorer Deadlock files.
Deadlock diagram and xml tabs
The Deadlock diagram and raw dead lock xml have been separated into two independent tabs on the bottom of the screen for deadlock sessions. Jump between the deadlock diagram to see a visualization of how the deadlock occurred, and the raw xml to dig deeper into the deadlock.
Other improvements
- Support for using a gMSA account for the SQL Sentry Portal service account.
Fixes
| Case number | Description |
|---|---|
| SQLS-189 | SSAS 2022 error: Performance Data Collection Failed: The method or operation is not implemented |
| SQLS-184 | SQLS-Cannot select Azure SQL DB for the Execute SQL action |
| SQLS-119 | SqlServerDataCollector -SetFileUsedSize: Invalid column name 'is_primary_replica' error |
| PORTAL-301 | Portal: Storage: Error when database file autogrowth % value is greater than 100 |
| PORTAL-296 | EHO: Score Sheet/Vitals: Error trying to resolve field 'targetHealth'. |
| PORTAL-264 | Portal: Top SQL: Trace Event Waits chart attempts to query with wrong date format |
CVEs
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability title | Description | Severity |
|---|---|---|---|
| CVE-2023-3618 | Denial of Service Vulnerability | A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | 6.5 Medium |
| CVE-2023-3316 | NULL pointer dereference Vulnerability | A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. | 6.5 Medium |
| CVE-2023-2908 | Retrieving data. Wait a few seconds and try to cut or copy again. | A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service. | 5.5 Medium |
| CVE-2023-2731 | NULL pointer dereference Vulnerability | A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. | 5.5 Medium |
| CVE-2023-26966 | Buffer Overflow Vulnerability | libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | 5.5 Medium |
Legal notices
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.