Release Information for Natural Version 9.1.4

This document covers the following topics:


Strategy Regarding the Legacy-Unix Platforms

We would like to inform you that, after a detailed analysis & assessment, Software AG has decided to adjust its strategy regarding the Legacy-Unix platforms HP-UX®, AIX® and Solaris®. With many of our customers already departed from or soon planning to depart their Legacy-Unix platforms due to cost and technical reasons, Software AG has decided Linux x86 will be its strategic open systems platform for Adabas & Natural 2050+ going forward. This will allow Software AG to focus more resources on this platform and maximize the overall value to our customer base.

The end-of-maintenance date (EOM) for Software AG support of the Legacy-Unix platforms is December 31, 2024. For the period from December 31, 2024 to December 31, 2025 Software AG will offer options for non-standard sustained support on the Legacy-Unix platforms for customers who are unable to rehost by the regular EOM date. Both dates apply to all Software AG A&N products (excluding CONNX, which will still be available on Legacy-Unix).

This will provide you with more than five (5) years to rehost your Software AG applications from the Legacy-Unix platform to your preferred Linux x86 platform(s). Software AG recommends one of the following rehosting options:

  • RedHat Enterprise Linux®

  • SUSE Linux Enterprise

Please be assured that Software AG is prepared to offer assistance in planning and executing your rehosting from the Legacy-Unix platform to an alternative platform.

Following the principles of our "A&N 2050+ Initiative", your rehosting project will be a high priority to Software AG. Our local Software AG teams will be happy to discuss any rehosting topic with you.

If you have any questions regarding the Adabas & Natural platform roadmap, please do not hesitate to contact Adabas & Natural Product Management (e-mail: AskANProdMgt@softwareag.com).

For the Adabas & Natural products on the Legacy-Unix platforms HP-UX®, AIX® and Solaris® we currently plan the following final versions:

  Final Version (GA) EOM EOSS
Adabas HP-UX® 6.7.0, October 2018 31.12.2024 31.12.2025
Adabas AIX® and Solaris® 7.0, October 2020 31.12.2024 31.12.2025
Natural HP-UX® 9.1.1, October 2018 31.12.2024 31.12.2025
Natural AIX® and Solaris® 9.1.3, April 2021 31.12.2024 31.12.2025

Security

This section covers important security information.

JDOM Vulnerability

The version of JDOM included in Natural for Ajax 9.1.4 contains the following vulnerability:

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

https://nvd.nist.gov/vuln/detail/CVE-2021-33813

Natural for Ajax uses the vulnerable SAXBuilder class only for XML created internally in the Natural and/or Natural for Ajax products. It switches off Entity expansion in all places where possible. Consequentially, the vulnerability does not apply, except for one area that needs to be pointed out:

When a Natural screen is exchanged between the Natural Web I/O server and the Natural for Ajax java framework in the application server, the Natural for Ajax java framework will load the XML with Entity expansion switched on.

However, the loaded XML is created from within the Natural/NWO server internally - it is not an external XML file. The vulnerability is only exposed should it be possible to tamper this XML during the exchange between Natural and Natural for Ajax.

In local environments, i.e. when Natural and Natural for Ajax are running on the same machine, this is not the case. An example, in which the vulnerability would not be exposed, is when running NaturalONE with the local runtime and the local Tomcat server.

When running Natural and Natural for Ajax on different machines we highly recommend securing this Natural screen exchange by setting "Use SSL" in the session configuration. A secure connection is then established between Natural for Ajax and the Natural Web I/O Interface server that prevents attackers from exploiting this vulnerability.

NEWSFEED Control Deprecated

The NEWSFEED control is now deprecated. It requires rome-0.9.jar. The rome-0.9.jar is not packaged with Natural for Ajax anymore. The rome-0.9.jar uses JDOM, which in the current versions has the vulnerability as described in the previous section.

Changes and Enhancements

Adabas Multi-Fetch Mode

The multi-fetch mode has been enhanced with two new Natural profile parameters MFBS and MFMR. For more information see the Programming Guide > Adapting the Multi-Fetch Parameters or Parameter Reference > MFBS , MFMR.

Handling of Numeric Constant Parameters for Helproutines

As of Natural 9.1.3 fix 1, the internal generated format of numeric constants as parameters for helproutines has changed from integer to packed due to compatibility reasons with Natural for Mainframe. If you recatalog a program containing such a constant, a runtime error NAT0936 can occur.

To check if your parameters will cause an error, you can:

  1. Use the compile option COMPOPT PCHECK=ON. If the parameter check fails, an error NAT0936 will be thrown at compile time.

  2. In this case, you must change the parameter definition to the correct packed format or specify the BY VALUE [RESULT] clause.

Example:

A program calls a helproutine in the following way:

INPUT #P1 (HE='HELPR1', 123)

If the program is cataloged and the parameter in the helproutine is defined as:

1 #H1 (I2)

it will receive a runtime error NAT0936.

If the parameter in the helproutine is defined as:

1 #H1 (P3)

or as:

1 #H1 (I2) BY VALUE

the program runs successfully.

For more information see the Programming Guide > sections Passing Parameters to Helproutines and Numeric Constants.

Natural Profiler Utility

The Natural Tools and Utilities in NaturalONE offers a new rich GUI interface for the Natural Profiler. The Natural Profiler page lists all Profiler resources of a given library. For a selected Profiler resource, the properties and statistics of the profiling are displayed. Functions are available for consolidate or evaluate Profiler data, to analyze monitored programs, or to delete a resource file.

For more information, see NaturalONE, available at documentation.softwareag.com. See section Using NaturalONE > Using Natural Tools and Utilities > Rich GUI Interface of the Natural Profiler.

Online Help

The WinHelp (*.hlp) file format is no longer supported in Windows 10 and any existing applications using this format will need to be ported to compiled HTML help (*.chm) if online help should continue to be available. For further information on the change in syntax for specifying the source for HTML pop-up help, see Dialog Component Reference > POPUP-HELP.

Natural Security

The following enhancements are provided with Natural Security Version 9.1.4:

Administrator Services - Maintenance Log Records

The menu for the processing of maintenance log records provides a new option which allows you to list log records in either ascending or descending chronological order. This applies to the log records listed by the functions List Administrator Services Maintenance Logs and List Security Profile Maintenance Logs.

For details, see Natural Security > Administrator Services > Maintenance Log Records.

Authentication Options – Multiple LDAP Security Profiles

For user authentication via an LDAP server, only a single LDAP security profile could be defined for one LDAP server. Now you can define multiple LDAP security profiles for multiple LDAP servers. This allows you more flexibility when switching from one LDAP server to another. In conjunction with this enhancement, the user interface of the Authentication Options section in Administrator Services has been revised and expanded. For details, see Authentication Options.

For details, see Natural Security > Administrator Services > Authentication Options (LDAP).

Support User Names as User IDs

The option to log on with the user name as user ID has already been available in conjunction with user authentication via an LDAP server (see Natural Security > Administrator Services > Authentication Options (LDAP)). Now this is also possible when logging on to the mapped environment in an Eclipse environment in conjunction with NaturalONE accessing a non-mainframe Natural Development Server which uses LDAP (see Natural Security > Protecting the Natural Development Environment in Eclipse).

Application Programming Interfaces (APIs)

Improved Error Information

The return codes returned by several application programming interfaces (in the field PRC) refer to Natural error numbers. In several cases, the same return code / error number was used for different error situations, and the texts of the corresponding error messages were not always specific enough to identify the cause of the error.

This has been rectified: Different new return codes / error numbers have been introduced for different error situations. In addition, the corresponding message texts have been enhanced to provide more specific information on the errors in question.

For details, see Natural Security > Application Programming Interfaces.

New API for Maintenance Log Records

The new application programming interface NSCXLI allows you to display a single maintenance log record.

For details, see Natural Security > Application Programming Interfaces.

Notice of Future Changes

The following will be changed in upcoming releases of Natural:

Objects Cataloged with Versions Below Natural Version 5

As already noticed in the previous release the following will be changed in the next release of Natural:

The execution of Natural objects cataloged with versions below Natural Version 5 will no longer be supported. A recatalog with Natural Version 5 or higher is required.

In order to identify Natural objects cataloged with versions below Natural Version 5, the new Natural system command SYSLVERS may be used. Please refer to the documentation of Natural System commands for further details.

Removed Features

Discontinued Support for Natural Profiler MashApps

The classic MashZone which was used by the Profiler MashApps, is no longer supported by Software AG. Therefore, the Profiler MashApps and the corresponding interfaces are no longer delivered and supported.

The new Profiler Rich GUI can be used to visualize the Profiler data in a graphical, interactive browser interface in a similar way as the previous Profiler MashApps. For more information, see NaturalONE > Using NaturalONE > Using Natural Tools and Utilities > Rich GUI Interface of the Natural Profiler.