News@UnidataUnidata newshttps://www.unidata.ucar.edu/blogs/news/feed/entries/atom2024-03-06T11:18:50-07:00Apache Rollerhttps://www.unidata.ucar.edu/blogs/news/entry/eol-for-tds-4-6EOL for TDS 4.6.xHailey Johnson2022-08-31T05:00:00-06:002022-08-31T16:19:47-06:00<p>Unidata ended support for all TDS versions prior to 5.x on August 31st, 2022. We will no longer be providing support for TDS 4.6.x in any capacity, including security upgrades. All TDS users are encouraged to upgrade to the latest release of TDS 5, which can be obtained from our <a href="https://downloads.unidata.ucar.edu/tds/">downloads page</a>.</p>
<p>For help upgrading to version 5, please refer to the <a href="https://docs.unidata.ucar.edu/tds/current/userguide/upgrade.html">documentation</a>. To get help with issues or report bugs in version 5, contact <a href="support-thredds@unidata.ucar.edu">support-thredds@unidata.ucar.edu</a> or open an issue on our <a href="https://github.com/Unidata/tds">GitHub repository</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/unidata-hosted-tds-servers-upgradingUnidata-hosted TDS Servers Upgrading to Version 5Unidata News2022-08-02T14:15:46-06:002022-08-02T14:15:46-06:00<p>
During the week of August 8, 2022, the Unidata Program Center plans to upgrade
the THREDDS Data Server (TDS) hosted at https://thredds.ucar.edu
to version 5.x of the server software.
</p>
<p>
During the week of August 8, 2022, the Unidata Program Center plans to upgrade
the THREDDS Data Server (TDS) hosted at <a href="https://thredds.ucar.edu">https://thredds.ucar.edu</a>
to version 5.x of the server software.
</p>
<p>
TDS version 5 has been in use at community sites since October 2021, but Unidata's
primary in-house server has continued to run TDS version 4.6.x in order to ensure
continuity for users of data hosted there. In the intervening time, the Unidata
TDS development team worked through the process of ensuring that the two versions
were feature compatible. In addition, the Unidata Program Center has delayed the
changeover of its primary TDS until summer, to minimize any changes needed by
students and educators who access the server via the <a href="https://www.unidata.ucar.edu/software/idv/">Integrated Data Viewer</a> (IDV)
or other technologies as part of their coursework.
</p>
<p>
TDS version 5 includes a large number of enhancements to the 4.x release series.
The configuration catalogs and internal state of the server has been extensively
re-worked to be able to scale to large numbers of catalogs, datasets, and internal
objects without excessive use of memory. In version 5, a running TDS can be triggered to reread
the configuration catalogs without having to restart. It can be configured to
reread only changed catalogs, for fast incremental updates. Other features have
been added to make writing configuration catalogs more maintainable, including the
<catalogScan> element, and default and standard services.
</p>
<p>
In TDS version 5, GridDataset is replaced by
FeatureDatasetCoverage, to better support very large feature collections. The
Coverage API works with coordinate values (not array indices), which solves
various intractable problems that arise when using array index subsetting on large
collections. Additionally, a number of API enhancements have been made to take
advantage of evolution in the Java language, for example try-with-resource and
foreach constructs. The use of these make code simpler and more reliable.
</p>
<p>
For more on the changes between TDS version 4.x and version 5, see
<a href="https://docs.unidata.ucar.edu/tds/5.0/userguide/upgrade.html">Upgrading
to TDS Version 5</a> in the online TDS documentation.
</p>
<p>
The Program Center's plan is to begin redirecting requests to the
<code>thredds.ucar.edu</code>
domain to the TDS instance currently accessible at
<code>threddsrc.ucar.edu</code> early in the week of <span class="highlight_muted">August 8, 2022</span>. There may be
some interruption in service, though we hope it will be minimal. If you have any
questions or encounter any problems, please reach out to us at <a
href="mailto:support-thredds@unidata.ucar.edu">support-thredds@unidata.ucar.edu</a>.
</p>
<p>
Additionally, the Program Center would like to remind TDS administrators that we will be completely
discontinuing our support for TDS 4.6.x at the end of August, 2022. We encourage
4.6 users to upgrade to v5 as soon as possible.
</p>
https://www.unidata.ucar.edu/blogs/news/entry/tds-versions-5-4-andTDS versions 5.4 and 4.6.21 releasedHailey Johnson2022-07-05T13:56:02-06:002022-07-05T13:56:02-06:00<p>The THREDDS Data Server (TDS) version 5.4 release was announced on July 5th, 2022. This release contains a number of fixes for user-reported bugs, as well as security upgrades to third party libraries. It is recommended that all TDS 5.x users upgrade to this version.
For more information, please see the GitHub release <a href="https://github.com/Unidata/tds/releases/tag/v5.3">announcement</a>.
Additionally, version 4.6.21 of the TDS is now available. You can find the full release notes <a href="https://github.com/Unidata/thredds/releases/tag/v4.6.21">here</a>. This is a security release only. TDS 4.6.x is no longer supported by the THREDDS development team, and it is recommended that users upgrade to v5.4. For more information on upgrading, please visit <a href="https://docs.unidata.ucar.edu/tds/5.4/userguide/upgrade.html">https://docs.unidata.ucar.edu/tds/5.4/userguide/upgrade.html</a>.
Note: The TDS downloads page has moved! You can now find TDS (5.x, 4.6.x, and Docker images) at <a href="https://downloads.unidata.ucar.edu/tds/">https://downloads.unidata.ucar.edu/tds/</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/upgrade-tds-5-to-latestUpgrade NOW: TDS 5.4-SNAPSHOT to address Spring4Shell CVEadmin2022-04-04T10:36:53-06:002022-04-04T11:36:05-06:00<p>All releases of TDS 5 prior to the March 31, 2022 TDS 5.4-SNAPSHOT release are vulnerable to the Spring Framework library Spring4Shell exploit [cve-2022-22965].</p>
<p><strong class="highlight_muted">We are aware of active hacking attempts against Internet-based unpatched TDS servers, with one reported successful attempt in the community.</strong> Such attempts occurred as early as Wednesday March 30 before Spring officially announced the existence of the vulnerability. </p>
<p>If you haven't done so already, <strong class="highlight_muted">we strongly encourage 5.x users to upgrade to the latest snapshot immediately</strong>.</p>
<p>All releases of TDS 5 prior to the March 31, 2022 <a href="https://downloads.unidata.ucar.edu/tds/">TDS 5.4-SNAPSHOT release</a> are vulnerable to the Spring Framework library Spring4Shell exploit (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965">cve-2022-22965</a>).</p>
<p><strong>We are aware of active hacking attempts against Internet-based unpatched TDS servers, with one reported successful attempt in the community.</strong> Such attempts occurred as early as Wednesday March 30 before Spring officially announced the existence of the vulnerability. </p>
<p>If you haven't done so already, <strong>we strongly encourage 5.x users to upgrade to the latest snapshot immediately</strong>: <a href="https://downloads.unidata.ucar.edu/tds/">https://downloads.unidata.ucar.edu/tds/</a></p>
<p>We recommend users who have run an unpatched version TDS 5 perform the following steps to determine if someone has attempted to exploit this vulnerability: </p>
<ul>
<li>Look for new subdirectories and <code>jsp</code> files in the Tomcat <code>webapps/</code> directory. <br /></li>
<li>Examine any place in your file system the Tomcat user has access/write permissions for anomalies (new files, changes to files, deletion of files.)</li>
<li>Check your access log files and look for dubious requests (specifically <code>POST</code> requests) and pay attention to the server response codes of such requests. <br /></li>
</ul>
<p>If you note any of the above, please contact your systems administrator and local IT security team.</p>
<p>We also would like to remind everyone of steps to take that may help mitigate application security risks: </p>
<ul>
<li>We remind everyone to run their Tomcat server as an underprivileged user and NOT the root/super user. <br /></li>
<li>Please make sure the Tomcat user has read-only permission to the contents of the <code>conf/</code>, <code>bin/</code>, and <code>lib/</code> directories in <code>$TOMCAT_HOME</code>. <br /></li>
<li>Limit the Tomcat user’s access and permissions to only the needed directories and files.</li>
<li>Uninstall all non-essential web applications in the <code>webapps/</code> directory, including the applications that come with Tomcat. <br /></li>
</ul>
<p>We will continue to monitor the situation and will share pertinent information as it becomes available. If you have any questions or concerns, please contact <a href="mailto:support-thredds@unidata.ucar.edu">support-thredds@unidata.ucar.edu</a>.</p>
<p>Best,
The THREDDS development team</p>
https://www.unidata.ucar.edu/blogs/news/entry/tds-version-4-6-20TDS version 4.6.20 releasedHailey Johnson2022-02-16T17:46:13-07:002022-04-04T11:40:04-06:00<p>The THREDDS development team released version 4.6.20 of the TDS on February 16th, 2022. This release contains various upgrades to third party libraries that address security exploits, as well as a bug fix in the WMS service. You can find the full release notes <a href="https://github.com/Unidata/thredds/releases/tag/v4.6.20">here</a>. </p>
<p><strong>Note:</strong> The TDS downloads page has moved! You can now find TDS jar files at <a href="https://downloads.unidata.ucar.edu/tds/">https://downloads.unidata.ucar.edu/tds/</a></p>
<p>For TDS 5.x users - the 5.4 release will be ready soon, but we are still working to address a number of reported bugs prior to the release date, which remains TBA. In the meantime, please continue to the SNAPSHOT release available on the <a href="https://downloads.unidata.ucar.edu/tds/">TDS downloads page</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/thredds-data-server-stable-netcdfTHREDDS Data Server Version 4.6.18 ReleasedSean Arms2021-12-10T17:15:00-07:002021-12-10T17:15:00-07:00<p>The Unidata THREDDS Development Team released an updated version of the THREDDS Data Server (TDS) (and bundled netCDF-Java/Common Data Model (CDM) library) on December 10th, 2021. This release addresses a severe third party library <a href="https://www.lunasec.io/docs/blog/log4j-zero-day/">security vulnerability</a>. TDS 4.6.x administrators are encouraged to upgrade to version <a href="https://github.com/Unidata/thredds/releases">4.6.18</a>.</p>
<p>The Unidata THREDDS Development Team released an updated version of the THREDDS Data Server (TDS) (and bundled netCDF-Java/Common Data Model (CDM) library) on December 10th, 2021. This release addresses a severe third party library <a href="https://www.lunasec.io/docs/blog/log4j-zero-day/">security vulnerability</a>. TDS 4.6.x administrators are encouraged to upgrade to version <a href="https://github.com/Unidata/thredds/releases">4.6.18</a>.</p>
<h3>Getting this Release</h3>
<p>TDS 4.6.x administrators are encouraged to upgrade to version 4.6.18, which includes an appropriate version of the netCDF-Java library. The v4.6.x maintenance line of the TDS will continue to reside at <a href="https://github.com/Unidata/thredds" title="TDS 4.6.x GitHub Repository">https://github.com/Unidata/thredds</a>. </p>
<p>Since the release of TDS 5.x, TDS 4.6.x is now only supported for security updates. The current stable release of the TDS is version 5.2. For details on TDS 5, and tips on how to migrate from version 4, please visit <a href="https://docs.unidata.ucar.edu/tds/5.2/userguide/upgrade.html">https://docs.unidata.ucar.edu/tds/5.2/userguide/upgrade.html</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/thredds-data-server-version-51THREDDS Data Server version 5.2 ReleasedSean Arms2021-12-10T17:00:00-07:002021-12-10T17:00:00-07:00<p>The THREDDS Data Server (TDS) version 5.2 release was announced on December 10th, 2021. This is a minor release that addresses a severe third party library <a href="https://www.lunasec.io/docs/blog/log4j-zero-day/">security vulnerability</a>.</p>
<p>The THREDDS Data Server (TDS) version 5.2 release was announced on December 10th, 2021. This is a minor release that addresses a severe third party library <a href="https://www.lunasec.io/docs/blog/log4j-zero-day/">security vulnerability</a>; there are no other changes relative to v5.1. It is recommended that all TDS 5.x users upgrade to this version.</p>
<p>You can find the GitHub release at <a href="https://github.com/Unidata/tds/releases/tag/v5.2">https://github.com/Unidata/tds/releases/tag/v5.2</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/tds-users-update-your-configurationTDS Users: Update Your Configuration NowUnidata News2021-10-20T14:41:15-06:002021-10-20T14:41:16-06:00<p>
Users of the THREDDS Data Server (TDS) are <strong>strongly</strong> encouraged to update
the configuration files on their servers as soon as possible, and before they next
restart their servers. Changes
in the UCAR/Unidata web infrastructure will cause Web Map Service (WMS)
features provided by the TDS to behave incorrectly.
</p>
<p>
This change affects all versions of the TDS.
</p>
<p>
Users of the THREDDS Data Server (TDS) are <strong>strongly</strong> encouraged to update
the configuration files on their servers as soon as possible, and before they next
restart their servers. Changes
in the UCAR/Unidata web infrastructure will cause Web Map Service (WMS)
features provided by the TDS to behave incorrectly.
</p>
<p>
This change affects all versions of the TDS.
</p>
<h3>Background</h3>
<p>
As part of a UCAR-wide web infrastructure modernization project, Unidata will be
transitioning its primary web site in the coming months. As a result of this
transition, web-based resources used by the TDS will be relocated to
new online locations. While Unidata is working to ensure that requests for the
resources are directed to the new location automatically, a third-party
package included in the TDS does not handle these redirects gracefully. Updating a
single configuration file will ensure proper operation.
</p>
<p>
The specific resource involved is the <code>wmsConfig.dtd</code> file, which can no
longer be loaded from the previous default location. If the configuration cannot be
loaded, no custom configurations to WMS (such as colormaps or per dataset or variable
max/min values, for example) will work.
</p>
<p>
This issue will manifest itself by displaying a parsing error in the
<code>$tds.content.root.path/thredds/logs/serverStartup.log</code>
that looks like:
</p>
<pre>2021-10-15T20:08:43.781-0600 [ 23923][ ] WARN serverStartup: Cannot parse wmsConfig.xml:
2021-10-15T20:08:43.782-0600 [ 23924][ ] WARN serverStartup: Error on line 1 of document
http://www.unidata.ucar.edu/schemas/thredds/dtd/ncwms/wmsConfig.dtd: The markup declarations contained
or pointed to by the document type declaration must be well-formed.</pre>
<p>Note that this configuration is loaded when the TDS
starts, so servers that have not been restarted after October 11, 2021 will not yet display
the errors.</p>
<p>This issue will be corrected in future TDS installation packages.</p>
<h3>What to Do</h3>
<p>You will need to do the following:</p>
<h5>Step 1: Modify the wmsConfig.xml File</h5>
<p>Change the <code><!DOCTYPE></code> declaration in the
<code>$tds.content.root.path/thredds/wmsConfig.xml</code>
file of your TDS installation to replace the following string:
</p>
<pre>http://www.unidata.ucar.edu/schemas/thredds/dtd/ncwms/wmsConfig.dtd</pre>
<p>with:</p>
<pre>https://schemas.unidata.ucar.edu/thredds/dtd/ncwms/wmsConfig.dtd</pre>
<p>The new <code>DOCTYPE</code> declaration looks like:</p>
<pre><!DOCTYPE wmsConfig SYSTEM "https://schemas.unidata.ucar.edu/thredds/dtd/ncwms/wmsConfig.dtd"></pre>
<p>
Information about the <code>wmsConfig.xml</code> file can be found in
<a href="https://docs.unidata.ucar.edu/tds/current/userguide/adding_wms.html#wms-configuration">WMS Configuration</a>.
</p>
<p></p></p>
<h5>Step 2: Restart the Servlet Container</h5>
<p>After making the above change, you <strong>must</strong> restart your servlet container as described in
<a href="https://docs.unidata.ucar.edu/tds/current/userguide/running_tomcat.html">Running Tomcat</a>.
</p>
<h3>If You Have Questions</h3>
<p>If you have questions about this configuration change, please contact<br>
<a href="mailto:support-thredds@unidata.ucar.edu">support-thredds@unidata.ucar.edu</a>
</p>
https://www.unidata.ucar.edu/blogs/news/entry/tds-netcdf-java-version-4THREDDS Data Server (stable) / netCDF-Java (TDS Support) Version 4.6.16.1 ReleasedSean Arms2021-02-24T13:25:26-07:002021-02-24T13:25:26-07:00<p>The Unidata THREDDS Development Team released an updated version of the THREDDS Data Server (TDS) (and bundled netCDF-Java/Common Data Model (CDM) library) on February 23rd, 2021. This release contains a variety of bug fixes, as well as updates to third-party libraries, including security updates. A summary of changes, download links, and links to Docker Images can be found on the <a href="https://github.com/Unidata/thredds/releases/tag/v4.6.16.1" title="TDS 4.6.16.1 GitHub Release Page">4.6.16.1 GitHub release page</a>.</p>
<p>The Unidata THREDDS Development Team released an updated version of the THREDDS Data Server (TDS) (and bundled netCDF-Java/Common Data Model (CDM) library) on February 23rd, 2021. This release contains a variety of bug fixes, as well as updates to third-party libraries, including security updates. Version 4.6.16.1 of the TDS is the current stable release, and as such we recommend anyone running a TDS to upgrade to this version. Version 4.6.16.1 of netCDF-Java has been updated only in support of the TDS - the current stable and supported release of netCDF-Java is version 5.4.1, and we encourage users to migrate to the current stable version for future support.</p>
<h3>Getting this Release</h3>
<p>TDS administrators are encouraged to upgrade to version 4.6.16.1, which includes an appropriate version of the netCDF-Java library. The v4.6.x maintenance line of the TDS will continue to reside at <a href="https://github.com/Unidata/thredds" title="TDS 4.6.x GitHub Repository">https://github.com/Unidata/thredds</a>. A summary of changes, download links, and links to Docker Images can be found on the <a href="https://github.com/Unidata/thredds/releases/tag/v4.6.16.1" title="TDS 4.6.16.1 GitHub Release Page">4.6.16.1 GitHub release page</a>.</p>
https://www.unidata.ucar.edu/blogs/news/entry/tds-version-4-6-15TDS version 4.6.15 and netCDF-Java library versions 4.6.15 and 5.3.3 ReleasedUnidata News2020-06-18T07:31:24-06:002020-08-03T11:58:46-06:00<p>The Unidata THREDDS Development Team released updated versions of the THREDDS Data Server (TDS) and netCDF-Java/Common Data Model (CDM) library on June 17, 2020. In addition to feature enhancements, these releases contain a variety of updates to third-party libraries, including security updates. They also address a problem in previous versions that could lead to data returned by some NetcdfSubsetService (NCSS) requests being corrupted. While the circumstances under which the problem occurs are very specific (and rare), because the possibility of data corruption exists <strong>the development team strongly recommends these upgrades to anyone using netCDF-Java/CDM or TDS</strong>. TDS administrators who are not able to upgrade immediately should disable the NetcdfSubsetService until it is possible to do so.</p>
<p>The Unidata THREDDS Development Team released updated versions of the THREDDS Data Server (TDS) and netCDF-Java/Common Data Model (CDM) library on June 17, 2020. In addition to feature enhancements, these releases contain a variety of updates to third-party libraries, including security updates. They also address a problem in previous versions that could lead to data returned by some NetcdfSubsetService (NCSS) requests being corrupted. While the circumstances under which the problem occurs are very specific (and rare), because the possibility of data corruption exists <strong>the development team strongly recommends these upgrades to anyone using netCDF-Java/CDM or TDS</strong>. TDS administrators who are not able to upgrade immediately should disable the NetcdfSubsetService until it is possible to do so.</p>
<p>Note that there are releases for both the 4.6.x branch of the TDS, which includes an associated version of the netCDF-Java library, and for version 5.x, for which the TDS and netCDF-Java code bases are separate. This release includes version 5.3.3 of the netCDF-Java library (supported release) and version 5.0.0-beta8 of the TDS (beta-test release). </p>
<h3>Background</h3>
<p>The problem addressed by these releases affects responses returned by the NetcdfSubsetService (NCSS) of the TDS when two very similar requests arrive simultaneously. Specifically:</p>
<ol>
<li>The two NCSS requests must be either grid subsets, grid-as-point subsets, or NCSS subsets on point collections. Both requests must be the same type.</li>
<li>Both requests must be asking for netCDF3/netCDF4 files in return. (The problem does not occur with other return types, like xml or csv).</li>
<li>The requests must be received nearly simultaneously, such that the associated temporary files are requested within the same millisecond.</li>
</ol>
<p>Those interested in additional technical information can read the detailed description contained in <a href="https://www.unidata.ucar.edu/blogs/developer/entry/diskcache2-issue-in-netcdf-java">DiskCache2 Issue in netCDF-Java Library</a> in the Developers@Unidata blog.</p>
<h3>Getting this Release</h3>
<p>Users of the current supported version of the TDS are encouraged to upgrade to version 4.6.15, which includes an appropriate version of the netCDF-Java library. The v4.6.x maintenance line will continue to reside at <a href="https://github.com/Unidata/thredds">https://github.com/Unidata/thredds</a>. The Unidata managed TDS Docker container for this release can be found at <a href="https://github.com/Unidata/thredds-docker">https://github.com/Unidata/thredds-docker</a>.</p>
<p>Users of the netCDF-Java library are encouraged to upgrade to version 5.3.3 of netCDF-Java, located at <a href="https://github.com/Unidata/netcdf-java">https://github.com/Unidata/netcdf-java</a>.</p>
<p>Users of the beta-test version of the TDS are encouraged to upgrade to version 5.0.0-beta8, available at <a href="https://www.unidata.ucar.edu/downloads/tds/">https://www.unidata.ucar.edu/downloads/tds/</a>, (Docker container at <a href="https://github.com/Unidata/thredds-docker">https://github.com/Unidata/thredds-docker</a>) alongside the upgrade to netCDF-Java version 5.3.3.</p>