Lenovo XClarity Essentials OneCLI (For AnyOS)

Change History

Lenovo XClarity Essentials OneCLI
Change History

For installation instructions, see the Readme file which is provided 
in the downloaded software package.
NOTE: This document is designed to be cumulative. The current version
is appended to the previous version(s).

==========================================================================
Version [3.4.0], Build ID ONECLI01u
Release date:   [12/2021]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkServer SR660 V2/SR668 V2    7D6L
  - Lenovo ThinkServer SR588 V2/SR590 V2    7D53
  - Lenovo ThinkServer DN8848 V2            7D6A,7D8U

New OS Versions Support
  - Red Hat Enterprise Linux 8.5
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2012/2012 R2, Windows 2016 (no Nano), Windows 2019, Windows 2022, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U3)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade openssl from 1.1.1k to 1.1.1l
2. Upgrade curl from 7.77.0 to 7.79.1
3. Upgrade libssh2 from 1.9.10 to 1.10.0

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
None
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Configure VROC RAID on ThinkSystem servers with Intel Xeon Scalable processors
2. Configure RAID within the operating system on ThinkSystem SR635 and SR655
3. Update I/O adapter firmware and device driver within the operating system on ThinkSystem SR635 and SR655
4. Update LXPM within the Linux operating system on ThinkSystem SR635 and SR655
5. Add autocomplete function for all OneCLI commands
6. Enable firmware update from HTTP/HTTPS server

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [3.3.0], Build ID ONECLI01q
Release date:   [8/2021]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkServer SR660 V2	     7D6L
  - Lenovo ThinkServer DN8848 V2     7D6A,7D6H

New OS Versions Support
  - Microsoft Windows Server 2022
  - Red Hat Enterprise Linux 8.4
  - SUSE Linux Enterprise Server 15 SP3
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2012/2012 R2, Windows 2016 (no Nano), Windows 2019, Windows 2022, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U3)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade curl from 7.76.1 to 7.77.0

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
None
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Update BMC/UEFI firmware within the operating system on ThinkSystem SR635 and SR655
2. Collect and configure UEFI and key customer requested BMC settings within the operating system on ThinkSystem SR635 and SR655
3. Parse inventory result XML file generated by all OneCLI versions >= 3.3.0

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [3.2.0], Build ID ONECLI01n
Release date:   [6/2021]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkServer SR590 V2	     7D53
  - Lenovo ThinkAgile VX Series	     7Z62,7Z63
  - Lenovo ThinkAgile HX Series	     7D0W,7D0Y,7D0Z,7D11,7D52,7Z82,7Z84,7Z85
  - Microsoft Azure Edge Device      7D6Q
  - Lenovo DXN2000 Storage           7D5W

New OS Versions Support
  - None
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2012/2012 R2, Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade curl from 7.74.0 to 7.76.1
2. Upgrade openssl from 1.1.1i to 1.1.1k

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. Failures in user creation and SNMPv3 settings with config restore command
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Assert/Deassert Remote Physical Presence (RPP) on ThinkSystem servers with Intel Skylake CPUs
2. Manage power state on multiple servers with a single command
3. Display and configure BMC service port and protocols
4. Display virtual disk information of VROC in hardware inventory

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [3.1.2], Build ID ONECLI01l
Release date:   [5/2021]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem SR630 V2              7Z70,7Z71
  - Lenovo ThinkSystem SR650 V2              7Z72,7Z73
  - Lenovo ThinkSystem ST650 V2/ST658 V2     7Z74,7Z75,7Z76
  - Lenovo ThinkSystem SN550 V2              7Z69
  - Lenovo ThinkSystem SD630 V2              7D1K
  - Lenovo ThinkSystem SD650 V2              7D1M
  - Lenovo ThinkSystem SD650-N V2            7D1N
  - Lenovo ThinkSystem SR670 V2              7Z22,7Z23

New OS Versions Support
  - None
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2012/2012 R2, Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
None
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [3.1.0], Build ID ONECLI02f
Release date:   [3/2021]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkAgile VX Series     7D1Y

New OS Versions Support
  - Red Hat Enterprise Linux 8.3
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade openssl from 1.1.1g to 1.1.1i
2. Upgrade curl from 7.69.1 to 7.74.0

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI does not report clear error message when handling nested batch files 
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Remotely update VPD and save/restore BIOS settings on ThinkSystem SR635 and SR655 
2. Remotely update BMC/UEFI firmware via Redfish API on ThinkSystem SR635 and SR655
3. Collect sanpdump files for Broadcom RAID controllers when available
4. Display HotSpare drive and Strip Size property in storage page
5. Add M.2 drives log collection
6. Retrieve SMART data of drives
7. Run BMU update without requiring external SFTP server
8. Add a command to enable/disable IPMI over LAN
9. Allow user to specify the certificate (PEM) for HTTPS proxy server
10. Add rest port configuration in text based interactive menu
11. Enable PCIe slot bifurcation
12. Add update progress value in update flash status xml 
13. Rename OneCLI log directory name for easy sorting

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
OneCLI could not remotely update BMC/UEFI firmware on ThinkSystem SR635 and SR655 if only TGZ/TAR package is downloaded

==========================================================================
Version [3.0.1], Build ID ONECLI01h
Release date:   [11/2020]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem SR850 V2                     7D31,7D32,7D33
  - Lenovo ThinkSystem SR860 V2                     7Z59,7Z60,7D42
  - Lenovo ThinkServer SR588                        7D4M
  - Lenovo ThinkServer SR860P                       7D5D
  - Lenovo WH5900 Appliance                         7D5V
  - Lenovo ThinkAgile VX Series                     7D43
  - Lenovo ThinkAgile HX Series                     7D46,7D4R,7D5U
  - Lenovo ThinkSystem DX1100U Gateway              7D49
  - Lenovo ThinkSystem DX1100U Performance/Capacity 7D4A

New OS Versions Support
  - Red Hat Enterprise Linux 7.9
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI cannot show ThinkSystem 7mm NVMe SSD raw data under Linux OS 
https://datacentersupport.lenovo.com/us/en/solutions/ht511004
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [3.0.0], Build ID ONECLI01s
Release date:   [08/2020]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkServer SR590     7D4M
  - Lenovo ThinkAgile HX Series  7D1Z,7D20,7D2T,7D29
  - Lenovo ThinkAgile MX Series  7D5R,7D5S,7D5T

New OS Versions Support
  - Red Hat Enterprise Linux 8.2
  - SUSE Linux Enterprise Server 15 SP2
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade openssl from 1.1.1d to 1.1.1g

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI reports the error message "BMC download file from sftp failed" 
https://datacentersupport.lenovo.com/us/en/solutions/ht510402
2. OneCLI fails to enable LAN-over-USB on multinode with KCS causing configuration and firmware update fail sometimes
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Configure M.2 hardware RAID within the operating system
2. Provide SATA/SAS SSD lifespan information
3. Retrieve BMC audit logs, maintenance logs and platform logs via the logmgr command and display in inventory report
4. Flash multiple SMMs out-of-band
5. Prompt user to reboot system when it is mandatory for setting changes to take effect
6. Allow force update via the multiflash command even if the firmware level is up-to-date
7. Generate screen_output.txt with scanning results in ASCII table via the multiscan command 

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [2.9.0], Build ID ONECLI01w
Release date:   [05/2020]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkAgile VX Series                    7Z12/7Z13
  - Lenovo ThinkAgile MX Certified Node on SE350   7D2U

New OS Versions Support
  - Red Hat Enterprise Linux 7.8
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade curl from 7.67.0 to 7.69.1

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI does not collect /var/log/dmesg/ when running inventory on RHEL8
https://datacentersupport.lenovo.com/us/en/solutions/ht509982
2. OneCLI shows an incorrect number of USB ports in SLES15 on ThinkSystem SE350
https://datacentersupport.lenovo.com/us/en/solutions/ht509641
3. OneCLI provides incomplete information of supported resolution
https://datacentersupport.lenovo.com/us/en/solutions/ht509977
4. OneCLI failed to collect NVMe device information in SLES 15 on ThinkSystem SE350
https://datacentersupport.lenovo.com/us/en/solutions/ht508957
5. OneCLI does not support secure erase function with broadcom 940 series RAID adapters
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Reset BMC to factory default setting with the possibility of excluding some settings
2. Change the password of a BMC account on first access or the password is expired on XCC-based ThinkSystem servers
3. Retrieve service data from hard drive
4. Collect system health data remotely on multiple servers
5. Configure RAID remotely on multiple servers

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
1. Mellanox adapters raw data could not be collected due to WinMFT removal

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [2.8.0], Build ID ONECLI02a
Release date:   [02/2020]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem SR645   7D2X/7D2Y
  - Lenovo ThinkSystem SR665   7D2V/7D2W
  - Lenovo ThinkAgile MX1021   7D1B

New OS Versions Support
  - Red Hat Enterprise Linux 8.1
  - SUSE Linux Enterprise Server 12 SP5
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no Nano), Windows 2019, Windows version 1709/1803
  - Linux: Rhel 6/7/8, Sles 11/12/15
  - Vmware vSphere Custom Image: 5.5(up to U3)/6.0(up to U3)/6.5(up to U2)/6.7
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade openssl from 1.0.2r to 1.1.1d
2. Upgrade curl from 7.65.3 to 7.67.0

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. Size of "GPT: Microsoft Reserved Partition" being reported when using the DISKPART command and OneCLI is different
   https://datacentersupport.lenovo.com/us/en/solutions/ht509477
2. OneCLI shows mismatched firmware version for M.2 HDD (LITEON CV3-8D128)
   https://datacentersupport.lenovo.com/us/en/solutions/ht509386
3. OneCLI will crash when running inventory getinfor under RHEL8.1 on SR950
   https://datacentersupport.lenovo.com/us/en/solutions/ht509532
4. OneCLI fails without proper messages when installing a driver on a not supported OS.
5. OneCLI "--upload multitool" does not upload logs to Lenovo Systems CARE
   https://datacentersupport.lenovo.com/us/en/solutions/ht509656
6. OneCLI reports segmentation fault when flashing multi-node system even the flash is successful
7. OneCLI fails to download FFDC logs on ThinkSystem SR635 and SR655
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Securely erase hard drives remotely on ThinkSystem servers (not available on SR635/SR655/ST50) and D-series storages
2. Provide a new text based interactive menu for many common functions, eliminating the need to type long command line
3. Configure Broadcom hardware RAID from within the operating system
4. Read password from a user specified file when configuring system settings
5. Add a command to mount/unmount virtual media to BMC
6. Display FRU number of DIMM, system board, riser card and drive backplane
7. Move OneCLI resource files to subdirectory

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
1. End of service for Rhel 5 and Sles 10

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
1. OneCLI shows an incorrect number of USB ports in SLES15 on ThinkSystem SE350
https://datacentersupport.lenovo.com/us/en/solutions/ht509641
2. OneCLI failed to collect NVMe device information in SLES 15 on ThinkSystem SE350
https://datacentersupport.lenovo.com/us/en/solutions/ht508957
3. OneCLI provides incomplete information of supported resolution in SLES15
4. Duplicate disk information for NVME SSD is displayed in Windows
5. Running OneCLI Inventory will result in "(core dumped) Xorg" message in Linux
6. OneCLI "chassis event logs" contain invalid characters
7. OneCLI self-extracting executable editions still collect FFDC logs on ST50 even it does not support
8. BoMC does not support secure erase function with Broadcom 940 series RAID adapters

==========================================================================
Version [2.7.0], Build ID ONECLI01p
Release date:   [11/2019]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem ST50/ST58     7Y48/7Y49/7Y50
  - Lenovo ThinkSystem SR850P        7D2F/7D2G/7D2H
  - Lenovo ThinkSystem SE350         7D27
  - Lenovo ThinkAgile MX 3321        7D1H
  - Lenovo ThinkAgile MX 1221        7D2E
  - Lenovo ThinkAgile VX6520/VX6521  7D2Z

New OS Versions Support 
  - Red Hat Enterprise Linux 7.7
  - VMWare ESXi 6.5u3
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no support on Nano), Windows 2019
  - Linux: Rhel 5/6/7/8, Sles 10/11/12/15
  - Vmware vSphere Custom Image: 5/6
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig 

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade libssh2 from 1.8.2 to 1.9.0
2. Upgrade curl from 7.65.1 to 7.65.3

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI rdmount may fail to mount an OS image
2. OneCLI does not support using proxy user name with domain name
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Configure UEFI settings on ThinkSystem SR635/SR655 servers (AMD-based servers)
2. Collect service data (FFDC) on ThinkSystem SR635/SR655 servers (AMD-based servers)
3. Configure multiple M.2 controllers on ThinkSystem SE350 (edge server)
4. Collect hardware inventory on ThinkSystem ST50/ST58 (tower servers)
5. Prompt users to input the passphrase they specified in the previous run to encrypt password (such as BMC password) so that they need not input those password again
6. Set UEFI settings to defaults in the same way as in F1 setup menu
7. Reduce runtime resource consumption during OneCLI multiple scan and compare

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
1. OneCLI chassis event logs show invalid characters when the message contains any symbols in '"<>.

==========================================================================
Version [2.6.0], Build ID ONECLI01r
Release date:   [07/2019]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem SR635    7Y98/7Y99
  - Lenovo ThinkSystem SR655    7Y00/7Z01
  - Lenovo ThinkSystem SE350    7Z46/7D1X

New OS Versions Support 
  - Red Hat Enterprise Linux 8
  - SUSE Linux Enterprise Server 15 SP1
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no support on Nano), Windows 2019
  - Linux: Rhel 5/6/7/8, Sles 10/11/12/15
  - Vmware vSphere Custom Image: 5/6
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig 

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. Upgrade openssl from 1.0.2p to 1.0.2r
2. Upgrade libssh2 from 1.8.0 to 1.8.2
3. Upgrade curl from 7.60.0 to 7.65.1

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. Add a warning message for user to enable USB-LAN during platform update.
   https://datacentersupport.lenovo.com/us/en/solutions/ht508171
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Add system inventory of AMD-based ThinkSystem servers
2. Manage password in an unattended mode using OneCLI
3. Support setting value encryption
4. Display time estimation when updating driver and firmware inband and out-of-band
5. Scan and compare the driver and firmware versions of multiple target systems in one command
6. Update the driver and firmware of remote system installed with Linux OS from another Linux OS
7. Enable remote diagnostics on Intel Optane DC Persistent Memory
8. Provide a standalone RPM package of OneCLI on RHEL

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None

==========================================================================
Version [2.5.0], Build ID ONECLI01V
Release date:   [04/2019]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkAgile VX Series    7Z58

New OS Versions Support 
  None
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no support on Nano), Windows 2019
  - Linux: Rhel 5/6/7, Sles 10/11/12/15
  - Vmware vSphere Custom Image: 5/6
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig 

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. CVE-2018-7643: The display_debug_ranges function in dwarf.c in GNU
Binutils 2.30 allows remote attackers to cause a denial of service
(integer overflow and application crash) or possibly have unspecified
other impact via a crafted ELF file, as demonstrated by objdump.
2. CVE-2018-7642: The swap_std_reloc_in function in aoutx.h in the Binary
File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils
2.30, allows remote attackers to cause a denial of service
(aout_32_swap_std_reloc_out NULL pointer dereference and application crash)
via a crafted ELF file, as demonstrated by objcopy.
3. CVE-2018-7569: dwarf2.c in the Binary File Descriptor (BFD) library
(aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers
to cause a denial of service (integer underflow or overflow, and application
crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
4. CVE-2018-7568: The parse_die function in dwarf1.c in the Binary File
Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30,
allows remote attackers to cause a denial of service (integer overflow and
application crash) via an ELF file with corrupt dwarf1 debug information,
as demonstrated by nm.
5. CVE-2018-7208: In the coff_pointerize_aux function in coffgen.c in the
Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU
Binutils 2.30, an index is not validated, which allows remote attackers to
cause a denial of service (segmentation fault) or possibly have unspecified
other impact via a crafted file, as demonstrated by objcopy of a COFF object.
6. CVE-2018-8945: The bfd_section_from_shdr function in elf.c in the Binary
File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30,
allows remote attackers to cause a denial of service (segmentation fault) via
a large attribute section.
7. CVE-2018-5803: In the Linux Kernel before version 4.15.8, 4.14.25,
4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()"
function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can
be exploited to cause a kernel crash.
8. CVE-2018-1120: A flaw was found affecting the Linux kernel before
version 4.17. By mmap()ing a FUSE-backed file onto a process's memory
containing command line arguments (or environment strings), an attacker
can cause utilities from psutils or procps (such as ps, w) or any other
program which makes a read() call to the /proc/<pid>/cmdline
(or /proc/<pid>/environ) files to block indefinitely (denial of service)
or for some controlled time (as a synchronization primitive for other attacks).
9. CVE-2018-1094: The ext4_fill_super function in fs/ext4/super.c in the
Linux kernel through 4.15.15 does not always initialize the crc32c checksum
driver, which allows attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a
crafted ext4 image.
10. CVE-2018-1092: The ext4_iget function in fs/ext4/inode.c in the Linux
kernel through 4.15.15 mishandles the case of a root directory with a zero
i_links_count, which allows attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted
ext4 image.
11. CVE-2018-10883: A flaw was found in the Linux kernel's ext4 filesystem.
A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(),
a denial of service, and a system crash by mounting and operating on a
crafted ext4 filesystem image.
12. CVE-2018-10877: Linux kernel ext4 filesystem is vulnerable to an
out-of-bound access in the ext4_ext_drop_refs() function when operating on
a crafted ext4 filesystem image.
13. CVE-2018-16658: An issue was discovered in the Linux kernel before 4.18.6.
An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c
could be used by local attackers to read kernel memory because a cast from
unsigned long to int interferes with bounds checking. This is similar to
CVE-2018-10940.
14. CVE-2018-14634: An integer overflow flaw was found in the Linux
kernel's create_elf_tables() function. An unprivileged local user with
access to SUID (or otherwise privileged) binary could use this flaw to
escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x
and 4.14.x are believed to be vulnerable.
15. CVE-2018-14633: A security flaw was found in the chap_server_compute_md5()
function in the ISCSI target code in the Linux kernel in a way an
authentication request from an ISCSI initiator is processed. An
unauthenticated remote attacker can cause a stack buffer overflow and
smash up to 17 bytes of the stack. The attack requires the iSCSI target to
be enabled on the victim host. Depending on how the target's code was built
(i.e. depending on a compiler, compile flags and hardware architecture)
an attack may lead to a system crash and thus to a denial-of-service
or possibly to a non-authorized access to data exported by an iSCSI target.
Due to the nature of the flaw, privilege escalation cannot be fully ruled
out, although we believe it is highly unlikely. Kernel versions 4.18.x,
4.14.x and 3.10.x are believed to be vulnerable.
16. CVE-2018-18559: In the Linux kernel through 4.19, a use-after-free
can occur due to a race condition between fanout_add from setsockopt and
bind on an AF_PACKET socket. This issue exists because of the
15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race
condition. The code mishandles a certain multithreaded case involving
a packet_do_bind unregister action followed by a packet_notifier register
action. Later, packet_release operates on only one of the two applicable
linked lists. The attacker can achieve Program Counter control.
17. CVE-2018-18445: In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x,
and 4.18.x before 4.18.13, faulty computation of numeric bounds in the
BPF verifier permits out-of-bounds memory accesses because
adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit
right shifts.

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
None
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Configure Intel Optane DC Persistent Memory from local and remote using
OneCLI command.
2. Configure Intel RSTe software RAID on Linux using OneCLI command.
3. Update firmware of multiple target systems in one command.
4. Enable auto-completion of setting names in the ¡®config¡¯ function at
interactive mode.
5. Run the command without parameter will automatically collect inventory
and service data, or double-click the executable file from the file explorer.
6. Upload service data to Lenovo Upload Facility.
7. Improve usability of the firmware update command.
8. Improve command execution return code and message.

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
1. When there is error with FRU data value, OneCLI inventory may not show
the correct FRU information.


==========================================================================
Version [2.4.1], Build ID ONECLI01A (Hotfix for 2.4.0)
Release date:   [11/2018]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
None

New OS Versions Support 
None
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no support on Nano), Windows 2019
  - Linux: Rhel 5/6/7, Sles 10/11/12/15
  - Vmware vSphere Custom Image: 5/6
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig 

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. OneCLI 2.4.0 fails to parse inventory xml report to html format when
M.2 SSD attached to server
   
--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
None
  
==========================================================================
Version [2.4.0], Build ID ONECLI01S
Release date:   [10/2018]
==========================================================================

--------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------
New Systems Support
  - Lenovo ThinkSystem SR150/SR158 7Y54/7Y55
  - Lenovo ThinkSystem SR250/SR258 7Y51/7Y52/7Y53/7Y72/7Y73
  - Lenovo ThinkSystem ST250/ST258 7Y45/7Y46/7Y47
  - Lenovo ThinkAgile HX Series    7Z06/7Z07
  - Lenovo ThinkAgile MX Series    7Z20

New OS Versions Support 
  - Microsoft Windows Server 2019
  - RHEL 6.10
  - VMWare ESXi 6.7 u1
			  
Supported Systems:
  - System X
  - ThinkSystem
  - ThinkServer (inventory only, no system firmware info)
See section "Hardware support scope" in User Guide for details.
                    
Supported OS Versions:
  - Windows: Windows 2008/2012, Windows 2008 R2/2012 R2,
             Windows 2016 (no support on Nano), Windows 2019
  - Linux: Rhel 5/6/7, Sles 10/11/12/15
  - Vmware vSphere Custom Image: 5/6
See section "Supported operating systems" in User Guide for details.

Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig 

--------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
3.0 Security Fixes
--------------------------------------------------------------------------
1. CVE-2017-18208: The madvise_willneed function in mm/madvise.c in the
Linux kernel before 4.14.4 allows local users to cause a denial of service
(infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

2. CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7
allows local users to cause a denial of service (memory consumption) via
many read accesses to files in the /sys/class/sas_phy directory, as
demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

3. CVE-2018-1066: The Linux kernel before version 4.11 is vulnerable to a
NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that
allows an attacker controlling a CIFS server to kernel panic a client that
has this server mounted, because an empty TargetInfo field in an NTLMSSP
setup negotiation response is mishandled during session recovery.

4. CVE-2018-7740: The resv_map_release function in mm/hugetlb.c in the
Linux kernel through 4.15.7 allows local users to cause a denial of
service (BUG) via a crafted application that makes mmap system calls and
has a large pgoff argument to the remap_file_pages system call.

5. CVE-2018-5803: In the Linux Kernel before version 4.15.8, 4.14.25,
4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()"
function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can
be exploited to cause a kernel crash.

6. CVE-2018-12904: In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2,
when nested virtualization is used, local attackers could cause L1 KVM
guests to VMEXIT, potentially allowing privilege escalations and denial
of service attacks due to lack of checking of CPL.

7. CVE-2017-18270: In the Linux kernel before 4.13.5, a local user could
create keyrings for other users via keyctl commands, setting unwanted
defaults or causing a denial of service.

8. CVE-2018-1000199: The Linux Kernel version 3.18 contains a dangerous
feature vulnerability in modify_user_hw_breakpoint() that can result in
crash and possibly memory corruption. This attack appear to be
exploitable via local code execution and the ability to use ptrace. This
vulnerability appears to have been fixed in git commit
f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

9. CVE-2018-10675: The do_get_mempolicy function in mm/mempolicy.c in the
Linux kernel before 4.12.9 allows local users to cause a denial of service
(use-after-free) or possibly have unspecified other impact via crafted
system calls.

10. CVE-2018-1087: kernel KVM before versions kernel 4.16, kernel
4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is
vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled
exceptions delivered after a stack switch operation via Mov SS or Pop SS
instructions. During the stack switch operation, the processor did not
deliver interrupts and exceptions, rather they are delivered once the
first instruction after the stack switch is executed. An unprivileged KVM
guest user could use this flaw to crash the guest or, potentially,
escalate their privileges in the guest.

11. CVE-2017-18270: In the Linux kernel before 4.13.5, a local user could
create keyrings for other users via keyctl commands, setting unwanted
defaults or causing a denial of service.

12. CVE-2018-1130: Linux kernel before version 4.16-rc7 is vulnerable to a
null pointer dereference in dccp_write_xmit() function in net/dccp/output.c
in that allows a local user to cause a denial of service by a number of
certain crafted system calls.

13. CVE-2018-10940: The cdrom_ioctl_media_changed function in
drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory.

14. CVE-2018-3620: Systems with microprocessors utilizing speculative
execution and address translations may allow unauthorized disclosure
of information residing in the L1 data cache to an attacker with local
user access via a terminal page fault and a side-channel analysis.

15. CVE-2018-3646: Systems with microprocessors utilizing speculative
execution and address translations may allow unauthorized disclosure of
information residing in the L1 data cache to an attacker with local user
access with guest OS privilege via a terminal page fault and a side-channel
analysis.

--------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------
1. LXCE OneCLI does not work if users set LANG to C.UTF-8 in the Linux operating system.
   https://datacentersupport.lenovo.com/us/en/solutions/ht506852
2. OneCli: Network Settings-Route Information is absent on SLES 15.
   https://datacentersupport.lenovo.com/us/en/solutions/ht506797
3. OneCLI: Network settings-route information, hardware inventory-video controllers, 
   hardware inventory-video head are absent on Sles 15.
4. OneCLI: Inventory of device drivers cannot show correct driver version on Windows.

--------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------
1. Return codes refinement (See Table 96 in Section "Return codes" of User
Guide for more details)
2. Remote (Out-Of-Band) M.2 RAID setup support on ThinkSystem
3. Fast initialization on RAID config
4. PSU firmware update on ThinkSystem and SMM
5. Screen output message refinement
   * Table-like format of update scanning/compare/flash result
   * Add progress indicator during update
   * Enhance package update result report by adding result item for each adapter
6. NIC FRU part number displayed on inventory
7. Enhance the algorithm of determining the prerequisite level for UEFI &
IMM & XCC update packages.

--------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------
None

--------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------
1. Class "Vmware_Privilege" has been removed from Vmware official
namespace "root/cimv2" in ESXi 6.7.
2. RHEL7 X11 server crashes when OneCLI collects inventory.
  
==========================================================================
Version 2.3.0 Build ID ONECLI01P
Release Date: [06/29/2018]
  o New Features
    - Restart SMM
    - Restore the SMM update progress
    - Enable/Disable SMM LAN
    - SMM Inventory
    - SMM Config
    - Virtual Reseat the blades on CMM
    - Virtual Reseat CMM
    - Virtual Reseat the switch on CMM
    - Switch over CMM
    - Restore the BMU status on BMC
    - Config the front panel USB port
    - Collect/ View the system health information
    - Add makejbod command for raid configuration
    - Return code refinement
    
  o New System Support
    - Lenovo ThinkAgile HX Series 7Z02/7Z03/7Z04/7Z05/7Z08/7Z09/7Y87/7Y88/7Y89/7Y90/7Y95/7Y96/
    - Lenovo ThinkAgile VX Series 7Y91/7Y92/7Y93/7Y94/7Z12/7Z13
    - Lenovo ThinkSystem SR670 7Y36/7Y37/7Y38 (supported on 9/14/2018)


  o New Operating System support 
    - Microsoft Windows Server, version 1803 (x64)
    - Red Hat Enterprise Linux 7 Server (x64) Editions (U5)
    - SUSE Linux Enterprise Server 15 (x64)
    - ESXi 6.7
    - ESXi 6.5 (U2)

  o Dropped System
    N/A 
   
  o Dropped Operating System
    N/A

  o Problem(s) Fixed
    Field Issues:
    N/A
    Deferred Issues:
    1. OneCLI cannot compare Intel driver pack version for non-ThinkSystem machines.
    2. OneCLI might fail to update M.2 & NVME adapter firmware flash in
       host if the server' XCC firmware is not the latest.

  o Security fix:
  1. CVE-2014-8171 The memory resource controller (aka memcg) in the Linux kernel
  allows local users to cause a denial of service (deadlock) by spawning new
  processes within a memory-constrained cgroup.
  2. CVE-2017-17558 The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core
  subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations
  and interfaces before attempting to release resources, which allows local users to cause a denial of
  service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.
  3. CVE-2017-15126 A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6.
  The issue is related to the handling of fork failure when dealing with event messages. Failure to fork
  correctly can lead to a situation where a fork event will be removed from an already freed list of
  events with userfaultfd_ctx_put().
  4. CVE-2018-1000004 In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition
  vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
  5. CVE-2017-15127 A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the
  Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could
  trigger a local denial of service (BUG).
  6. CVE-2017-15129 A use-after-free vulnerability was found in network namespaces code affecting the
  Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check
  for the net::count value after it has found a peer network in netns_ids idr, which could lead to double
  free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel
  memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation
  cannot be fully ruled out, although it is thought to be unlikely.
  7. CVE-2018-5750 The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through
  4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

  o Limitations
  1. Flex Switch or CMM Firmware Update Fails Through OneCLI when SFTP
  Server' Password Contains Special Characters.
  2. ONECLI-Inventory: NETWORK SETTINGS-ROUTE INFORMATION IS ABSENT ON SLES 15.
  3. ONECLI-Inventory: "INIT CONFIGURATION" ITEM IS BLANK IN INVENTORY
  LOG ON SLES 12 AND 15.
  4. ONECLI-Inventory: NETWORK SETTINGS-ROUTE INFORMATION, HARDWARE
  INVENTORY-VIDEO CONTROLLERS, HARDWARE INVENTORY-VIDEO HEAD ARE ABSENT ON SLES 15.
  5. ONECLI-Inventory: UNABLE TO GET COMPLETE INSTALLED FIRMWARE VERSION
  OF HDD/SSD DIRECTLY CONNECTED TO SYSTEM BOARD.
  6. ONECLI-Inventory: ONECLI 2.3.0 CANNOT SHOW APPLICATION EVENT/SYSTEM
  EVENT/SECURITY EVENT HTML PAGES WHEN FORMAT THE WINDOWS XML REPORT
  GENERATED BY THE EARILER RELEASE.
  
=========================================================================
Version 2.2.3 Build ID ONECLI01A (Hotfix for 2.2.0)
Release Date: [4/12/2018]
  o Problem(s) Fixed
    Field Issues:
    1. OneCLI Linux version Failed to Download Systems Update packages
	from IBM FixCentral.

Version 2.2.0 Build ID ONECLI01T
Release Date: [3/16/2018]
  o New Features
    - SMM FW update in OOB mode
    - "Platform" update by using an OS irrelevant Platform UXSP to update
	whole FW set remotely
    - RAID config for OOB mode
    
  o New System Support
    - Lenovo ThinkSystem SD650 DWC 7X58
    - Lenovo ThinkAgile VX Series 7Y12

  o New Operating System support 
    - Microsoft Windows Server, version 1709

  o Dropped System
    N/A 
   
  o Dropped Operating System
    - 32-bit Operating Systems

  o Problem(s) Fixed
    Field Issues:
    1. OneCLI Installs Unnecessary Packages/Drivers on ThinkSystem servers.
    Deferred Issues:
    1. Have to specify extra SFTP server when updating FWs for ThinkSystem.
       https://datacentersupport.lenovo.com/solutions/HT505653
    2. OneCLI "restore" command sometimes reports succeed but some specific
	settings actually failed to be restored.
       https://datacentersupport.lenovo.com/us/en/solutions/ht504592
    3. lnvgy_dd_nvmeswitch_1.0.0.0-1_windows_x86-64: Current installed
	version is not detectable.
       https://datacentersupport.lenovo.com/us/en/solutions/ht505578
    4. For ThinkSystem, can¡¯t do BMU update again once there is a BMU
	failure happened. OneCLI will report ¡°Connect to Maintenance Mode OS failed."
       https://datacentersupport.lenovo.com/us/en/solutions/ht505963
    5. OneCLI does not have the option to specify KCS interface.
       https://datacentersupport.lenovo.com/us/en/solutions/ht504856
	
  o Security fix:
    1. Upgraded curl to 7.57.0 to resolve CVE-2017-1000257: libcurl
	contains a buffer overrun flaw in the IMAP handler. 
    2. Upgraded openssl to 1.0.2n to resolve CVE-2017-3737: OpenSSL 1.0.2
	(starting from version 1.0.2b) introduced an "error state" mechanism. 
    3. Upgraded openssl to 1.0.2n to resolve CVE-2017-3738: An overflow
	bug in the AVX2 Montgomery multiplication procedure.

  o Limitations
    1. OneCLI inventory execution shows "Xorg -configure" aborted
	messages under RHEL 7.3
       https://datacentersupport.lenovo.com/us/en/solutions/ht505799
    2. The Optical Device Capabilities of hardware inventory do not
	shown in web page
       https://datacentersupport.lenovo.com/solutions/HT506185
    3. OneCLI load default succeeds but settings with default values
	cannot be listed in windows 2016 RS3
       https://datacentersupport.lenovo.com/us/zh/solutions/ht506169
    4. The "devices"/"bridges" information in OneCLI html page are lost
	when running OneCLI in EXSi_6.5.0
       https://datacentersupport.lenovo.com/us/en/solutions/ht506325
    5. OneCLI might fail to update M.2 & NVME Adapter firmware flash
	in host if the server XCC firmware is not the latest.
    6. OneCLI can not update the core firmware in host when the IP
	address in network conflicts with the local USB LAN IP (default IP: 169.254.95.118).
	
	
Version 2.1.0 Build ID ONECLI02C
Release Date: [11/27/2017]
  o New System Support
    - Lenovo ThinkSystem SR570 Server
    - Lenovo ThinkSystem SR590 Server
    - Lenovo ThinkAgile VX5520, VX7520, VX3520-G,VX7520-N Server
    - Lenovo ThinkAgile VX3320, VX2320 Server
    - Lenovo ThinkSystem SR860 Server
    - Lenovo ThinkAgile HX Series

  o New Operating System support 
    - SUSE Linux Enterprise Server 12 (x64) (SP3)
    - Red Hat Enterprise Linux 7 Server (x64) Editions (U4)
    - Red Hat Enterprise Linux 6 Server (x64) Editions (U9)
    - ESXi 6.5 (U1)

  o New Features
    - OneCLI OOB update with XCC's internal sftp server for ThinkSystem.
    - OneCLI add M.2 & PCIe Switch Adapter Update in IB for ThinkSystem.
    - OneCLI add "--checkdevice" parameter to check the physical device driver list.
    - OneCLI add "--bmc-username" & "--bmc-password" & "--bmc-cimport" in IB case.
    - OneCLI Support BMU update for Lenovo System X.
    - OneCLI add Intel LOM Update support.
    - OneCLI add "misc ffdc" to get bmc ffdc log in a single cmd.
    - OneCLI add FoD support.
    
  o Dropped System
    N/A 
   
  o Dropped Operating System
    N/A

  o Problem(s) Fixed
    Field Issues:
    1. Refine OneCLI's output in the same directory, by default(./logs/xxx).
    2. Fix a acquire segmentation issue when specify the "--dir" with relative path for IBM brand system.
    3. OneCLI should report proper error of non-root user but not permmision denied error.
    4. OneCLI show more detail connection info like KCS or IPMI LAN or CIM LAN.
  
  o Enhancements
    3rd-party utility:
    No change from 2.0.0
      
    Security fix:
    N/A
     
    Performance Enhancements:
    No change from 2.0.0

  o Limitations
    1. OneCLI can not flash xfw for IMM2 system in an host OS when the host¡¯s ipmi service is not available.
    2. If ¡°IMM.LanOverUsb¡± has been set to ¡°Diabled¡±,OneCLI can not perform IB xfw update
	because OneCLi need to flash the xfw trhough USB LAN device.
    3. To be able to download packages from IBM website through proxy, user need to make sure proxy
	server can access domain ¡°www.ibm.com  ¡° & ¡°www-03.ibm.com¡± if windows OS installed and access
	releate ip ¡°207.25.252.197¡± & ¡°129.42.160.51¡±
	if linux OS installed.
    4. OneCLI doesn¡¯t support SNMP v3 for FoD key management for switches on Windows.
    5. OneCLI can not compare Matrox video driver.
    6. OneCLI remove inventory support for ThinkServer on 32bit linux OS.


Version 2.0.0 Build ID TCLI01R
Release Date: [9/28/2017]
  o New System Support
    - Lenovo ThinkSystem ST558 Server

Release Date: [8/28/2017]
  o New System Support
    - Lenovo ThinkSystem SR530 Server
    - Lenovo ThinkSystem SR550 Server
    - Lenovo ThinkSystem SR630 Server
    - Lenovo ThinkSystem SR650 Server
    - Lenovo ThinkSystem ST550 Server
    - Lenovo ThinkSystem SN550 Server
    - Lenovo ThinkSystem SN850 Server
    - Lenovo ThinkSystem SR850 Server
    - Lenovo ThinkSystem SR950 Server
    - Lenovo ThinkSystem SD530 Server
    - Lenovo ThinkSystem D2 Enclosure

  o New Operating System support
    N/A 

  o New Features
    - Support remote bare-metal update (BMU) for ThinkSystem platform components in an Agentless mode with
	no need to access host OS.
    - Add a bunch of samples on how to use XClarity Essentials OneCLI for major management scenarios under
	the folder ¡°sample¡± as a quick start reference.
   
  o Dropped System
    N/A 
   
  o Dropped Operating System
    N/A

  o Problem(s) Fixed
    Field Issues:
    1. OneCLI returns 0 when it fails to acquire or flash part of the update packages
    Deferred Issues:
    1. OneCLI 1.4.0 Gives Incorrect Compare Result for Certain Format FW or DD Version (e.g, 2.4.3C IS
	FALSELY SHOWN AS NEWER THAN VERSION 17.4.4.7A)

  o Enhancements
    3rd-party utility:
    No change from 1.4.0
    	
    Security fix:
    N/A
	
    3rd-party library:
    No change from 1.4.0
    	
    Performance Enhancements:
    No change from 1.4.0

  o Limitations
    1. ESXi 6.5: IMM is unresponsive after updating firmware using OneCLI
       https://datacentersupport.lenovo.com/us/en/solutions/ht503875
    2. OneCLI "restore" command sometimes succeeds with some specific settings failed to be restored as expected
       https://datacentersupport.lenovo.com/us/en/solutions/ht504592
    3. ONECLI FAILS TO DETECT AND UPDATE 11.2.1193.12-3 FCOE DRIVER BY DEFAULT
    4. Comparison result incorrect when OneCLI updates drives for non-existing devices
       https://datacentersupport.lenovo.com/us/en/solutions/ht504452
    5. OneCLI 1.3.0 Does Not Support Configuring FoD FOD Feature
    6. ONCECLI: "NO USB DEVICE FOUND" ERROR REPORTED WHEN RUNNING IN LINUX

Version 1.4.0 Build ID TCLI12J
Release Date: [5/5/2017]
  o New System Support
    N/A

  o New Operating System support
    Red Hat Enterprise Linux 7.3 Server (x64)
    Vmware vSphere 6.5 customized image
    Vmware vSphere 6.0u3 customized image
 
  o New Features
    1. ESXi PLDM Adapter update, OneCLI add the PLDM enabled adapter support for ESXi case.
    2. ESXi Inventory with Agentless.
    3. Collect FFDC in VMWare ESXi case.
    4. Add optional parameters ¡°--group¡± and ¡°--excbackupctl¡± about the save command.
   
  o Dropped System
    N/A 
   
  o Dropped Operating System
    N/A
 
  o Problem(s) Fixed
    Field Issues:
    1. XClarity Essentials OneCLI 1.3.1 fail to run the misc cmd if customer run OneCLI in relative path mode.
    2. XClarity Essentials OneCLI 1.3.1 should not check the pre-requisite package which does not
	support current MT and has the down level version.
    3. XClarity Essentials OneCLI 1.3.1 cannot format logs. SF#02717986. 
    4. Make the performance better about the reboot bmc function.
    Deferred Issues:
    1. When some packages have bmc fw to be the pre-requisite package, XClarity Essentials OneCLI
	1.3.1 would fail to flash all the packages after this pre-requisite bmc package been flashed.
    2. XClarity Essentials OneCLI 1.3.0 FAILS TO RUN AT RELATED DIRECTORY.
       https://datacentersupport.lenovo.com/solutions/HT503764
    3. ONECLI FAILS TO FLASH XFW IF THERE IS A HDD OF NON-UTF8 ENCODED FW FOR SERVERAID M1210E
       https://datacentersupport.lenovo.com/solutions/HT503319 
    4. ONECLI "FAILED TO RUN FLASH COMMAND" ERROR.
       https://datacentersupport.lenovo.com/solutions/HT503122
    5. XClarity Essentials OneCLI 1.3.0 Cannot Update Several Adapters' Firmware in ESXi.
       https://datacentersupport.lenovo.com/solutions/ht503339
    6. XClarity Essentials OneCLI 1.3.1 can not report third party error message in xml report.
    7. FW VERSION OF NEW DISK IS EMPTY IN RAIDLINK DEVICE.
       https://datacentersupport.lenovo.com/solutions/ht503548
    8. ONECLI 1.3.0 DOES NOT CONVERT ALL DATA COLLECTED BY ONECLI 1.1.0
       https://datacentersupport.lenovo.com/solutions/ht503332
    9. XClarity Essentials OneCLI CANNOT COLLECT SOME INFORMATION VIA IPMI INTERFACE ON FLEX SYSTEM
       https://datacentersupport.lenovo.com/solutions/ht502699
 
  o Enhancements
    3rd utilities latest version:
    1. cfggen 1.16.00.04
    2. ddcli  109.00.00.00
    3. storcli 1.18.11
    4. sas2ircu 20.00.00.00
    5. sas3ircu 02.00.01.00
    6. rdmount 10.1 90C
    7. rdumount 10.1 90C
    8. flint 4.6.0.50
    9. qccli qaucli 2.1.0.22
    Security fix:
    1. Resolved CVE-2016-2183: SWEET32 Attack on 3DES and Blowfish.
    2. Resolved CVE-2016-8624: invalid URL parsing with '#'.
    3. Support TLS 1.2 by default and disable TLS 1.0/1.1 by default.
    3rd library latest version:
    1. boost 1.630
    2. libcurl 7.51.0
    3. libssh2 1.7.0
    4. openssl 1.0.2k
    5. zlib 1.2.7
    Performance Enhancements:
    N/A

  o Limitations
    1. XClarity Essentials OneCLI shows subsystem manufacturer ID when running out-of-band.
       https://datacentersupport.lenovo.com/solutions/HT503645
    2. It is recommended not to use XClarity Essentials OneCLI config on configuration on LSI
	adapters since it's difficult to do setting on LSI adapters and it may impact RAID controller.
    3. OneCLI does not support some flash cases where the account/password contains reserved characters.
    4. OneCLI 1.4.0 Gives Incorrect Compare Result for Certain Format FW or DD Version Like
	(2.4.3C IS FALSELY TO SHOW NEWER THAN VERSION 17.4.4.7A).


v1.3.1 (TCLI08R) - Dec 12, 2016.
  o New Features
    1. Mount local iso/img/disk/usb to remote IMM-based system

  o Problem(s) Fixed
    Field Issues:
    1. OneCLI Windows 1.0.0 Inventory miss some information. SF#01910302.
    2. OneCLI returns ERROR when downloads packages from both Lenovo and IBM website. SF#02528605.
    Deferred Issues:
    1. ONECLI INVENTORY ONLY SHOW ONBOARD INFORMATION ON PCI INFORMATION PAGE
    2. ONECLI CANNOT DETECT OR FLASH FIRMWARE FOR SOME ADAPTERS IN ESXI
    3. ONECLI Shows Volume Layout and Status as Unknown On Windows 2012
    4. All Windows Server 2012 Inventory Page Show the Same Suite Type ¨C "Standard Edition¡±
    5. ONECLI 1.2 CANNOT SCAN CMM, OR FLASH OR REBOOT IO MODULE WHEN CMM USES IPV6
    6. ONECLI INVENTORY LOG MISSING SANDISK IOMEMORY INFORMATION IN WINDOWS

  o Enhancements
    1. openssl upgrade to 1.0.2j
    2. libcurl upgrade to 7.51.0


v1.2.0 (TCLI06S) - Aug 4, 2016.
  o New Features
    1. Windows 2016 support (no support on Nano)
    2. eSupport enablement
    3. Update -- Option FW OOB update (PLDM update) (non ESXi)
    4. Inventory -- Inventory on Think Server
  o Problem(s) Fixed
    Field Issues:
    1. XCLARITY ESSENTIALS ONECLI log is incomplete if connecting to IMM too long
    2. Incorrect information for formatlog command parameters in OneCLI UsersGuide 1.0.0
    Deferred Issues:
    1. TOOSCENTER SUITE CLI 1.0 FAILS TO INVOKE LEGACY TOOL FOR IMMV1 SYSTEM
    2. ONECLI HAS PATH HARDCODED TO CURRENT DIRECTORY WHEN CALLING AS ASU
    3. ONECLI INVENTORY ONLY SHOW ONBOARD INFORMATION ON PCI INFORMATION PAGE
    4. OneCLI Running on RHEL6.7 Fails to Run Firmware Update for Remote VMWare ESXi
    5. XCLARITY ESSENTIALS ONECLI SUCCEEDS TO LOAD DEFAULT BUT FAILS TO SHOW THE SETTING ON SLES 12
    6. OneCLI Might Spend 35 Minutes with Special IMM Configuration for Updates
    7. XCLARITY ESSENTIALS ONECLI MAY NOT RESTORE THE USB LAN DEVICE (USB0/USB1) IP AFTER RUNNING UPDATE OR INVENTORY
    8. INCORRECT MEMORY TYPE INFO IN HARDWARE PAGE->MEMORY MODULE
    9. IMM BACKUP BUILD DATE IS NULL IN ONECLI INVENTORY LOG WEBPAGE


v1.1.0 (TCLI04Y) - Apr 8, 2016. 
  Inventory -- Add Agentless Inventory support and remove the IHV inventory function.
  Update -- First Release with update function
            Use Agentless SoftwareID to compare with SUP Packages instead of Legacy CIM SoftwareID 
    
v1.0.1 (TCLI02K) - Mar 24, 2016.
  Fixing some defects & update version
    
v1.0.0 (TCLI01F) - Nov 7, 2015 - Initial release.
Supported Applications:
  config -- firmware configurations
  inventory -- system inventory
  usblan -- USBLAN configuration
  rebootcmm -- reboot the CMM device in Flex system
  rebootiom -- reboot the IOM(switch) in Flex system
  rebootimm -- reboot IMM for system x and flex computer nodes
  ospower -- turn on/off host os of the system
  logmgr -- show/clear the system event log and IMM log