WHD 12.8.1 release notes

Release date: January 17, 2024
Updated: January 18, 2024

Here's what's new in Web Help Desk 12.8.1.

New features and improvements in WHD

Return to top

Fixes

Case number	Description
90218	Resolved sync failure due to Error: c.s.d.l.JMSResultMessageListener - Cannot handle the received JMS result message: com.solarwinds.discovery_jms.listeners.JMSMessageHandlingException: Cannot handle a JMS message with the discovery result.
102445, 104127	Resolved issue with inability to create new Help Desk account. ERROR whd.helpdesk.com.macsdesign.whd.ui - Problem inserting new client er.extensions.validation. ERXValidationException: The value entered for Authentication Key exceeds the length of 80.
89300, 103923	Resolved issues with inoperability of date sort on Ticket History tab of Asset records.
104005, 104336	Resolved issue with error: Unauthorized Request for download attachment file for clients cc'd while creating a ticket.
104369	Resolved issue with User logging out with unexpected error while configuring incoming mail account due to a long password on the incoming mail account.
103474, 103526, 104280	Resolved issue where application crashes if there is an existing date and user blanks out the date under Status & Schedule / Scheduled Date.
None	Resolved issue of purchase order export not working as expected because of page size.
None	Resolved issue with error 127: Unable to initiate backup while taking backup from embedded database on Linux machine.
90218	Resolved issue with WMI Asset discovery scheduler - scheduled sync not working.
10459, 10498, 10518, 105125, 105182	Resolved issue where users could not add attachments in Note section on already created ticket in Client UI.
104626, 104697, 104838, 105079, 105264	Resolved issue where WHD crashed while user was creating/updating client/tech information.

CVEs

CVE-ID	Vulnerability Title	Description	Severity
CVE-2023-5869	Arbitrary Code Execution Vulnerability	A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.	8.8 High
*CVE-2023-44487	HTTP/2 Rapid Reset Vulnerability	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	7.5 High
* Please review the SolarWinds Mitigation Document for CVE-2023-44487 here: https://solarwindscore.my.site.com/SuccessCenter/s/article/Mitigation-for-HTTP-2-Rapid-Reset-Vulnerability-for-Tomcat-CVE-2023-44487-in-Web-Help-Desk?language=en_US

Return to top

Before you upgrade!

If you are upgrading from a previous version, determine the upgrade path for your WHD deployment.

Upgrade your embedded PostgreSQL database

If you are running version 12.7.8 with the embedded PostgreSQL 13.3 database, follow the instructions in the WHD Installation and Upgrade Guide to upgrade your deployment to version 12.8.1.

If you are running version 12.7.6 or earlier with the embedded PostgreSQL 9.x.x database, upgrade to 12.7.7 with PostgreSQL 13.9 first. See How to upgrade Web Help Desk to version 12.7.7 using PostgreSQL as the database for details. When you are finished, follow the instructions in the WHD Installation and Upgrade Guide to upgrade your deployment to version 12.8.1.

Install the MySQL JDBC driver

Beginning with WHD 12.7.1, Oracle Java was replaced with the OpenJDK. This update modifies the directory structure where the MySQL Java Database Connectivity (JDBC) driver is installed. To prevent errors after the upgrade, install the driver on your host server in the new location to prevent errors in the application after the upgrade.

See Install the MySQL JDBC Driver in the WHD Administrator Guide for installation instructions.

Upgrade Your Apache Tomcat software

The software installer includes Apache Tomcat 9.0.82, which provides enhanced security and is required for this release.

When you upgrade your WHD software, the upgrade procedure replaces the <WebHelpDesk>\conf\tomcat_web_template.xml file with an updated file including the Tomcat 9.0.82 settings.

Before you upgrade, back up your current tomcat_web_template.xml file to an external directory. When the upgrade is completed, add your personal settings to the updated file from your backup file.

Return to top

Installation or upgrade

For new installations, you can download the installer from the SolarWinds website or from the Customer Portal. For more information, see the WHD Installation and Upgrade Guide.

After you complete the installation, see the WHD Getting Started Guide. This guide picks up right after the installation process and walks you through the initial steps you need to take to start using the application.

WHD supports Windows Server 2019 and 2022 for production environments and Windows 11 for trial evaluations. These operating system require additional setup to install. See the WHD Installation and Upgrade Guide for instructions.

To install WHD and enable FIPS, see Enable FIPS in a new deployment in the WHD Administrator Guide.

WHD no longer includes the additional configuration files required to enable Federal Information Processing Standards (FIPS) mode in the application. To install WHD and enable FIPS, see Enable FIPS in a new deployment in the WHD Administrator Guide.

If you are installing WHD 12.7.12 with FIPS mode disabled, make sure version 12.7.9 is running on the host server before you install. When the installation is completed, enable FIPS mode.

For upgrades, use the WHD Installation and Upgrade Guide to plan and execute your upgrade. When you are ready, download the upgrade package from the SolarWinds Customer Portal.

Return to top

Legal notices

© 2024 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.