PTV xServer 2.26.1 released

The PTV xServer 2.26.1 is released! With this version we provide two important bug fixes for the xRoute service:

  • Bugfix: When the vehicle profile is not supported by the selected emission scenario, a result limitation instead of an exception is returned like in all versions before 2.26.0.
  • Bugfix: When using the ISO 14083 emission calculation together with hybrid vehicles, all following requests provide correct emission values.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

For cloud solutions we provide a test and production system based on this release. The production system of PTV xServer internet will be updated following this schedule:

  • 12.07.22: Productive system hosted in Europe
  • 13.07.22: Productive system hosted in US

Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.

PTV xServer 2.26 released

The new PTV xServer API version 2.26 is available! This is the first release this year with more than 60 (!) changes. And these are the highlights:

  • General
    • Update of several third-party components including Log4j
  • xRoute
    • Simple way to prohibit map segments by specifying intersecting polylines (also xDima)
    • Usage of your own exchange rates for toll prices (also xDima)
    • Support for HBEFA 4.2 emission calculation
    • Support for ISO 14083 emission calculation (experimental)
    • Support for emission calculation with alternative drivetrains like electric or hybrid (experimental)
    • Simple way to compare the travel time with and without live traffic on the same route
  • xTour
    • Support for the US driving time regulation from 2020 (also xRoute)
    • Support for configurable working hours (also xRoute, experimental)
    • Support for multiple quantity scenarios
    • More flexibility to configure once-per-stop service time

If you are interested in the full list of features and improvements, you can check the corresponding release notes here. Please note that the PTV Content Update Service 2.26 is also available including the update of several third-party components.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

For cloud solutions we provide a test and production system based on this release. The PTV World City Map test cluster already contains the PTV xServer API version 2.26 release.

The production system of PTV xServer internet will be updated following this schedule:

  • 17.05.22: Productive system hosted in Europe
  • 18.05.22: Productive system hosted in US
  • 26.05.22: Productive system hosted in Australia

Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.

Deactivation of Transport Layer Security (TLS) 1.0 and 1.1 starts today!

PTV xServer internet will no longer be able to support TLS 1.1 or lower due to security updates in Azure. We informed you about this topic in the following blog post in April 2021.

PTV will start to deactivate the protocols with the upcoming map cluster updates.

Today the test systems of all our map clusters will support access with TLS 1.2 or higher only. We deactivated the access with TLS 1.1 or lower on all test environments for API Version 1 and API Version 2 alike.

Please test the access to the test system of your corresponding map cluster with your application and report any problem immediately.

The upcoming map updates for the map clusters will be announced as always via our PTV Developer Blog. You can subscribe to our blog to stay posted.

Next planned production updates with deactivation TLS 1.0 and 1.1:

08.03.2022 PTV World City Map Cluster (TomTom) with API version 1 (api-eu)
10.03.2022 PTV Europe City Map Cluster (TomTom) with API version 1 (eu-n)
22.03.2022 PTV America City Map Cluster with API version 1 (na-n)
26.04.2022 PTV World City Map Cluster with API version 2 (xserver2-eu)
28.04.2022 PTV World City Map Cluster with API version 2 (xserver2-us)

Your action is required if you are still using TLS 1.0 or 1.1 version, as the requests will not get through to our service after we updated the production environments of our map clusters.

  1. If you still use Java 7 runtime and lower or .NET Framework version 4.5 and lower your action is required.
  2. Update your framework to a newer version to guarantee access to our service after the update on our map clusters.

Why do we do this: Microsoft announced the deactivation of Transport Layer Security 1.0 and 1.1.
Announcement from Microsoft on September 30th, 2020:
Transport Layer Security (TLS) 1.0 and 1.1 are security protocols for establishing encryption channels over computer networks. Microsoft has supported these protocols since Windows XP/Server 2003. However, due to evolving regulatory requirements as well as new security vulnerabilities in TLS 1.0, Microsoft recommends that customers remove TLS 1.0/1.1 dependencies in their environments and disable TLS 1.0 and 1.1 at the operating system level where possible. https://docs.microsoft.com/en-gb/lifecycle/announcements/transport-layer-security-1x-disablement

New year – new log4j Version!

First of all happy new year to everybody out there.
New year – new log4j Version!

On December 28th the new CVE-2021-44832 concerning log4j 2.17.0 has been newly disclosed.

Since we shipped the newest versions of the PTV xServer 1.34.0.3/4 family (see blog post from 22.12.2021) as well as the PTV xServer 2.25.3 (see blog post from 20.12.2021) with Log4j version 2.17.0 just before Christmas, these versions are potentially affected by this new CVE.

Should we be worried about this?

First, when looking at https://logging.apache.org/log4j/2.x/security.html the severity of CVE-2021-44832 is classified as moderate as the attacker must have permissions to modify the log4j configuration file.

After a detailed analysis, we can say that no products hosted by PTV which are vulnerable to CVE-2021-44832 have been identified.

For all customers running PTV products, including the log4j version 2.17.0 on premise, please just make sure that no unauthorized person has write access to the log4j config file of your system. For PTV xServer installations, you can find the log4j config files (logging.xml and logging-module.xml) in the “conf” directory of your PTV xServer installation.

Because we think that the current CVE does not represent a critical problem for PTV products, we expect to update the latest versions of PTV xServer Family 1.34.0.3/4 and PTV xServer 2.25.3 (currently including log4j Version 2.17.0) to the next log4j 2.17.1 not before February 2022.

Of course, we will continue to follow the developments around log4j for you and keep you informed about further news.

Concerning further technical questions, please contact your Product Support.

PTV xServer 2.25.3 with Log4j 2.17.0 released

The same procedure as every week … the PTV xServer 2.25.3 is released! We integrated the latest security update Log4j 2.17.0 and hopefully this is the last one to fix the current security issues in Log4j. And again the same is true for the just released PTV Content Update Service 2.25.3.

We are working on a similar bugfix release of PTV xServer 1.34 to also integrate there Log4j 2.17.0.

Please check the corresponding release notes here. If you do not see the release notes for PTV xServer 2.25.3, please clear your browser cache.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

The cloud solution PTV xServer internet is already patched in the currently used versions. Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.

PTV xServer 2.25.2 with latest Log4j released

The PTV xServer 2.25.2 is released! We now integrated the latest security update Log4j 2.16.0 to fix the additional security risks found in Log4j 2.15.0 (integrated in PTV xServer 2.25.1). And again the same is true for the just released PTV Content Update Service 2.25.2. At the moment there is no further PTV xServer 2 release planned to this topic.

Please check the corresponding release notes here.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

The cloud solution PTV xServer internet is already patched in the currently used versions. Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.