PTV xServer 2.26.1 released

The PTV xServer 2.26.1 is released! With this version we provide two important bug fixes for the xRoute service:

  • Bugfix: When the vehicle profile is not supported by the selected emission scenario, a result limitation instead of an exception is returned like in all versions before 2.26.0.
  • Bugfix: When using the ISO 14083 emission calculation together with hybrid vehicles, all following requests provide correct emission values.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

For cloud solutions we provide a test and production system based on this release. The production system of PTV xServer internet will be updated following this schedule:

  • 12.07.22: Productive system hosted in Europe
  • 13.07.22: Productive system hosted in US

Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.

PTV xServer 2.26 released

The new PTV xServer API version 2.26 is available! This is the first release this year with more than 60 (!) changes. And these are the highlights:

  • General
    • Update of several third-party components including Log4j
  • xRoute
    • Simple way to prohibit map segments by specifying intersecting polylines (also xDima)
    • Usage of your own exchange rates for toll prices (also xDima)
    • Support for HBEFA 4.2 emission calculation
    • Support for ISO 14083 emission calculation (experimental)
    • Support for emission calculation with alternative drivetrains like electric or hybrid (experimental)
    • Simple way to compare the travel time with and without live traffic on the same route
  • xTour
    • Support for the US driving time regulation from 2020 (also xRoute)
    • Support for configurable working hours (also xRoute, experimental)
    • Support for multiple quantity scenarios
    • More flexibility to configure once-per-stop service time

If you are interested in the full list of features and improvements, you can check the corresponding release notes here. Please note that the PTV Content Update Service 2.26 is also available including the update of several third-party components.

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

For cloud solutions we provide a test and production system based on this release. The PTV World City Map test cluster already contains the PTV xServer API version 2.26 release.

The production system of PTV xServer internet will be updated following this schedule:

  • 17.05.22: Productive system hosted in Europe
  • 18.05.22: Productive system hosted in US
  • 26.05.22: Productive system hosted in Australia

Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.

PTV xServer 1.36 released

The new PTV xServer API version 1.36 is available. As always, we recommend using the new version as soon as possible. And these are the main topics:

  • Updated several third-party components to recent versions
  • Added the possibility to log only requests which cause a fatal exception
  • Fixed the request logging

If you are interested in the full list of changes, you can check the corresponding release notes here.

You can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

Zero-day “Spring4Shell”

Since this week there is a new zero-day vulnerability in the Spring framework. Please note that we are aware of this and currently analyzing how far the PTV xServer is affected.
 
 
We like to share the current state of our analysis with you.
The essential requirement for exploiting the vulnerability is a JDK9. We are still running JDK8 on all PTV xServer API versions.
Thus, the PTV xServer is not affected by CVE-2022-22965 (according to the current status).
 
Of course, there may be new findings, so we will continue to investigate this issue. We will inform you as soon as there are further findings. To stay tuned subscribe to our blog.
 
 
 

New year – new log4j Version!

First of all happy new year to everybody out there.
New year – new log4j Version!

On December 28th the new CVE-2021-44832 concerning log4j 2.17.0 has been newly disclosed.

Since we shipped the newest versions of the PTV xServer 1.34.0.3/4 family (see blog post from 22.12.2021) as well as the PTV xServer 2.25.3 (see blog post from 20.12.2021) with Log4j version 2.17.0 just before Christmas, these versions are potentially affected by this new CVE.

Should we be worried about this?

First, when looking at https://logging.apache.org/log4j/2.x/security.html the severity of CVE-2021-44832 is classified as moderate as the attacker must have permissions to modify the log4j configuration file.

After a detailed analysis, we can say that no products hosted by PTV which are vulnerable to CVE-2021-44832 have been identified.

For all customers running PTV products, including the log4j version 2.17.0 on premise, please just make sure that no unauthorized person has write access to the log4j config file of your system. For PTV xServer installations, you can find the log4j config files (logging.xml and logging-module.xml) in the “conf” directory of your PTV xServer installation.

Because we think that the current CVE does not represent a critical problem for PTV products, we expect to update the latest versions of PTV xServer Family 1.34.0.3/4 and PTV xServer 2.25.3 (currently including log4j Version 2.17.0) to the next log4j 2.17.1 not before February 2022.

Of course, we will continue to follow the developments around log4j for you and keep you informed about further news.

Concerning further technical questions, please contact your Product Support.

PTV xServer 1.34 with Log4j 2.17.0 released

Groundhog day! The next release of PTV xServer 1.34 is available. Like in PTV xServer 2 we now integrated the latest security update Log4j 2.17.0. Keep fingers crossed that this finally solves the current security issues in Log4j.

  • PTV xCluster Server 1.34.0.3
  • PTV xDima Server 1.34.0.4
  • PTV xLoad Server 1.34.0.3
  • PTV xLocate Server 1.34.0.4
  • PTV xMap Server 1.34.0.4
  • PTV xMapmatch Server 1.34.0.3
  • PTV xRoute Server 1.34.0.4
  • PTV xTerritory Server 1.34.0.4
  • PTV xTour Server 1.34.0.4
  • PTV xServer bundle 1.34.0.4

For on-premise solutions you can download the latest version from the PTV xServer Customer Area: https://www.ptvgroup.com/en/solutions/products/ptv-xserver/customer-area/ (login and license required)

The cloud solution PTV xServer internet using PTV xServer 1.34 is already patched. Check the Cluster Overview page to get more information about existing PTV xServer internet deployments.