Release Notes for Raritan PX3TS Firmware Version 2.6.1
Version: PX2 2.6.1 Build 41229 Release Notes, Version 1
April 11, 2014
This release contains a critical security fix found in OpenSSL (CVE2014-0160, details below in the Release 2.6.1 Contains All
Enhancements and Fixes section below), and it is highly recommended
that all PX3TS customers upgrade to this release immediately.
Raritan will not be liable for any security breaches resulting from
older firmware on a unit.
This firmware release is for General Availability (“GA”) on all existing
PX3TS models only. Units in the field can do a firmware upgrade to this
It is NOT supported on the Raritan iPDUs (PX2-nnnn, PX3-nnnn, PXE, or
the BCM24xx).
There is a new User Guide for PX2.6.0 which should be used with this
release. Some custom engineered models may not be supported by this
release. Please check with Raritan Support if you are unsure of the model
number of your unit; it is typically viewable on the GUI Device
Information page, and is printed on a label on the unit.
Caution: Only Power IQ releases 4.1 and higher are compatible with PX2.6.1.
Due to the critical security fix, and other internal enhancements in PX 2.6.1, you
cannot downgrade from Release 2.6.1 build 41229 to ANY prior release. Please
contact Raritan Support with any questions.
Release Status: General Availability (GA) - see Release compatibility information
section below.
Release 2.6.1 contains all enhancements and fixes which are listed below:
1) The resolution for certain sensors has been increased from two (x.xx) to three
( decimal digits, however, accuracy is still the same as before. The
Raritan SNMP MIB contains a value that provides the resolution, and it must
be used to determine the value of sensor reading. The updated SNMP MIB
can be retrieved from the unit itself using the GUI.
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 1
2) It is now possible to bulk-configure wireless units. [48851]
3) The LCD display will show degrees C or F depending on the default user
preference. Note that the units used for the LCD are determined by the default
user preferences (see User Management -> Default User Preferences), not the
logged in user preferences. [51356]
4) Added an event for detecting a non-Raritan 1-wire device if plugged into the
Sensor port [51795]
5) Default thresholds have been set for the optional external temperature sensors,
per ASHRAE guidelines as follows:
Lower Critical Alert Threshold: 10C/50F
Lower Warning Alert Threshold: 15C/59F
Upper Warning Alert Threshold: 30C/86F
Upper Critical Alert Threshold 35C/95F
6) Support has been added to allow disabling/enabling of the web server http/s.
Caution: JSON-RPC will not work when http(s) is disabled. [53973]
7) Addressed potential XSS vulnerability. [54277]
8) Added Java IDL bindings [52816]
- generated IDL binding classes for pure Java
- added/included JSON and HTTP Java libraries
9) Under some conditions, the failed login count was not getting reset after a
successful login. This has been fixed. [53705]
10) For the optional webcam, the "Location Name", "Location x", "Location y"
and "Location z" should not get restored as part of bulk restoral, these values
were getting restored. This has been fixed. [53276]
11) Plugging and unplugging the Cinterion GSM modem multiple times may have
caused the unit to restart. This has been fixed. [53847]
12) Changing from a CLI console serial port PX connection to a GSM serial port
connection may have caused the GSM modem not to be detected. This has
been fixed. [53966]
13) It is now possible to disable the USB “A” (Host) port on the PX3TS unit via a
firmware option. Please contact Raritan support if you need to use this
capability. [51788]
14) Added support for the DX-D2C6 sensor. [52889]
15) Added display connector type in the GUI. [54150]
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 2
16) Added support for HTTP-to-HTTPS redirection in Python JSON-RPC
bindings. [54176]
17) Fixed Nessus warning of SSH server < 2013.59 multiple vulnerabilities.
18) Changed GUI focus on Restricted Service Agreement (RSA) screen to allow
easier configuration.
19) Firmware upgrade via SCP is now supported.[52505]
20) Added capability to change the number of times the Server Reachability
monitor cycles an outlet. [52507]
21) Capability to add static routes to the PX2 in addition to the default gateway
has been added. This enables the PDU to communicate with devices that are
not reachable via the default route. [52291]
22) Added Single IP address cascading-where one IP address is used for up to
eight (8) USB cascaded iPDUs (exception: the USB cascading feature is not
supported on PXE units), or other supported devices that can run PX2-2.6.1
firmware. See the PX2.6.1 User Guide for details. [52887]
23) Support has been added for an IOS application, with limited functionality,
running on an Apple IPad running IOS 7.1 with a wired connection.
24) MODBUS TCP support has been added. [52537]
25) PX3TS transfer time statistics have been added. Login to CLI, type "show
reliability data". There are three new entries:
a. TS.TS1.TRANSFERCNT is the total number of transfers,
b. TS.TS1.RELAYOPENTIME is the relay open time for the last
transfer, the raw value is in microseconds. The normalized value is
100% when the time is below 2ms and 0% when it is above 6ms. At
50% (4ms) an error will be logged.
26) Fixed severe issue identified in CVE-2014-0160 which was found in
OpenSSL 1.0.1:
More information is available here:
In short:
"The Heartbleed bug allows anyone on the Internet to read the memory of the
systems protected by the vulnerable versions of the OpenSSL software. This
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 3
compromises the secret keys used to identify the service providers and to
encrypt the traffic, the names and passwords of the users and the actual
content. This allows attackers to eavesdrop communications, steal data
directly from the services and users and to impersonate services and users."
To fix this, the OpenSSL library has been updated to the newest version in
PX2.6.1, in which this vulnerability is resolved.
Since private keys could have leaked already customers should revoke any
SSL certificates installed on the affected devices and replace them with new
ones. [55971]
Caution: Only Power IQ releases 4.1 and higher are compatible with
Support for new or revised models; see Release compatibility
information section below.
Consult the PX2.6.0 User Guide for more information on these firmware
Raritan PX Documentation:
The User Guide for PX3TS for 2.6.0 (PDF format) should be used with this
release. The SNMP MIBs- PDU, Asset Management Sensor (AMS) - are
retrievable from the unit itself. An updated USB serial driver (v2.0) is posted on
the Raritan website under Support-Other Files (scroll down to see the Other
Not Supported with PX 2.6.1:
Raritan iPDUs are NOT supported with this release; these are supported in
release: PX2.5.30.
If you are unsure that your model is supported by this firmware, please
contact Raritan Support.
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 4
Caution: Only Power IQ releases 4.1 and higher are compatible with
Upgrade Matrix (path for upgrades):
This release is intended for factory shipments on all PX3TS models, as well as
PX3TS models in the field. See specific model list below.
Release compatibility information:
Important Notes and Information:
Enable Javascript in your browser before logging into the unit to start the upgrade
Known Issues with this Release:
Caution: Only Power IQ releases 4.1 and higher are compatible with PX2.6.1.
1) The range for the power sensors of the metered outlets are calculated using the
ranges of the current and voltage ranges, although the user can enter up to
35000W/VA, which is incorrect. [55449]
2) Unacknowledged Alarms are not persistent in the Alarms section on the
Dashboard page, they are not retained after a unit reset, hardware reset, or power
cycle is performed on any unit running PX2 firmware. [55395]
3) This firmware is not intended to be used with Schroff LHX20/40 and SHX30
water coolers-unless specifically recommended by Schroff. Please contact Schroff
4) According to industry standards set by the Certification Authority/Browser
(CA/B) Forum, certificates issued after January 1, 2014 must be at least 2048 bits.
Some browser SSL implementations may reject keys less than 2048 bits after
January 1, 2014. Additionally, some SSL certificate vendors may revoke
certificates less than 2048 bits issued before January 1, 2014. To comply with this
standard, please note that Raritan will REMOVE the 1024-bit option in the next
firmware release. This is advanced notice of this upcoming change. [54719]
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 5
5) This firmware release has not been tested with Cisco EnergyWise. Please contact
Support if this is required for your application. [51731]
6) The PX3TS prefix in the part number indicates that there is an RJ45 Feature port.
Do NOT plug in the Ethernet cable from an Ethernet switch/router into this port
as it will damage the hardware in the PX3TS, and the unit will not boot-up. This
is because the Raritan Feature port carries power on one of the pins that is used to
power certain sensors like the Raritan AMS. [53930]
Release Package Details:
The Release 2.6.1 package has the following components. It is a GA release, and
will be posted on the Raritan website.
Some releases (“LA”, for limited availability, meaning not tested on all products
like GA releases are) are not posted on the website, and are intended for specific
old or new models only. If posted, the file is zipped and must be unzipped before
it can be installed on the Raritan unit:
“PX3TS ReleaseNotes2_6_1v1” – this file
A firmware release (binary):
Firmware Upgrade Pre-requisites:
Please read the entire instructions (this document) before proceeding.
If you have any questions, or cannot follow the instructions in the User Guide,
please STOP and contact Raritan Technical Support for further instructions.
General Upgrade Instructions (standalone upgrade from the browser based user
interface): Follow instructions in the User Guide.
This note is intended for Raritan customers only; its use, in whole or part, for any other purpose without the
express written permission from Raritan, Inc. is prohibited.
Copyright ©2014 Raritan, Inc. CommandCenter, Dominion, and the Raritan company logo are trademarks
or registered trademarks of Raritan, Inc. All rights reserved. Solaris and Java are trademarks of Oracle.
Windows and Windows Vista are trademarks or registered trademarks of Microsoft Corporation. MAC and
Safari are trademarks or registered trademarks of Apple, Inc. All other marks are the property of their
respective owners.
PX 2.6.1 Build 41229
Release Notes, Revision V1
For Raritan PX3TS Customers Only
April 11, 2014
Page 6