Monthly Release Notes - May 2021

Jump to:

Agari Alert Logic Automate Beyond Security
Boldon James Bytware CCSS Clearswift
Cobalt Strike Core Security Digital Defense Digital Guardian
Document Management FileCatalyst Fortra Fortra VM
Globalscape GoAnywhere Halcyon HelpSystems One
IBM Partnership Insite InterMapper Outflank Security Tooling
Powertech Robot Safestone Sequel
Showcase Tango/04 TeamQuest Titus  
Vera

 

Alert Logic

Alert Logic Universal Agent

Version 2.20.1

May 27, 2021

Fixes

  • Enabled stricter hostname validation for syslog messages, so that program name, pid or message id no longer ends up in the hostname field.

  • Maximum log message size has been increased from 32/64 to 750 KB to prevent truncation of large messages

  • Fixed inconsistent message truncation for oversize syslog messages

  • Fixed syslog collector occasionally producing oversize batches rejected by lmcollect, due to having only message-count (but not byte-size) limit per batch

  • Fixed uninitialized variable use on certain error conditions when running external processes

Version 2.20.0 (statemonitor component only)

May 6, 2021

New Features

  • Support for agent-based scan tasks.

  • Support for pausing and resuming scheduled tasks and avoid resetting task schedules on config updates.

Alert Logic Extended Endpoint Protection Agent

Version 4.12.0 (Mac Agent)

May 26, 2021

New Features

  • Support for macOS BigSur version 11.x (automatic upgrade of Extended Endpoint Protection on macOS BigSur is not supported. The latest installer needs to be downloaded and installed manually to run Extended Endpoint Protection on BigSur).

Fixes

  • Fixed other minor issues.

Back to Top

 

Beyond Security

beSECURE

Version 21.51

May 1, 2021

Enhancements

  • Added Mass Update to Organization.

  • Events now use use HASH MinMax sorting.

  • Moved more code to client side rendering.

  • Added HelpSystems Intermapper Device Collector.

Fixes

  • Fixed issues with the Risk Assessment report.

  • Fixed issues with the DOM/Crawler selection.

Back to Top

 

Boldon James

Classifier Reporting Console

Version 2.1.0

May 2021

Enhancements
  • The drill-down user interaction on charts has been increased from 3 selectors to 5 selectors. See the Reporting Console Guide for further instructions on increasing to 10 selector values.
  • Updated Reporting Console Guide includes steps on configuring a SQL connection string in the Simple Report Editor.
  • All usernames are displayed in lowercase characters so that if a username contains uppercase characters in some events and lowercase characters in other events, they are not displayed as different users in reports. This only applies to usernames read into the database from Version 2.1.0 onwards.

Classifier Reporting Intelligence Pack

Version 2.1.0

May 2021

Enhancements
  • The drill-down user interaction on charts has been increased from 3 selectors to 5 selectors.
  • The usernames are displayed in lowercase characters so that if a username contains uppercase characters in some events and lowercase characters in other events, they are not displayed as different users in reports. This only applies to usernames read into the database from Version 2.1.0 onwards.

Classifier Reporting Services

Version 2.1.0

May 2021

New Features

  • Support for increasing the number of selectors that can be used in drill-down charts in the Reporting Console has been increased from 3 to 10.

  • Audit labels of '-' are now reported as an empty label at the DATA level and not reported as an error.

  • The amount of information sent to the trace and event logs by the Event Log Service and the Active Directory Service when they cannot get a lock to write to the database has been reduced.

  • Policy settings can configured by the Classifier Reporting Configuration Wizard.

  • Events 3041 (RMS recipient check pass) and 3042 (RMS recipient check failed) are supported.

  • A new Event Forwarding Guide has been added.

  • All user names are displayed in lower case characters so that if a username contains upper case characters in some events and lower case characters in other events, they are not displayed as different users in reports. This only applies to usernames read into the database from Version 2.1.0 onwards.

  • Application locks have been removed from the index creation and rebuilding SQL job (Index creation and reorganizing) to improve processing efficiency.

Back to Top

 

Globalscape

EFT Arcus

Version 8.0.3.22

May 22, 2021

Updates

  • Updated the jQuery library to the current version.

Fixes

  • Fixed a deadlock that caused the administration console to became inaccessible.

  • Fixed an issue where EFT was returning a 401 when RAM agents were checking in.

  • Fixed deadlock in EFT occurring when processing an invalid HTTP login.

  • Fixed an issue where false positives were reported in the PCI compliance report due to RAM agent settings.

  • Fixed intermittent hangs of the administration console due to deadlocks in the folder monitor subsystem.

  • Fixed a problem where EFT administrators were getting an error when specifying SSH keys for event rules.

  • Fixed an issue where terms of service and forced password reset caused WTC access to be denied.

Back to Top

 

GoAnywhere

Version 6.8.2
Enhancements

  • Updated the SFTP server to overwrite files when uploading a zero byte file to the same path.

  • Enhanced the efficiency of the process that applies file/folder permissions to avoid unnecessary lookups.

  • Enhanced LDAP Managed Login Methods sync queries when filtering group/user relationships to run multiple queries instead of a large query based upon an arbitrary threshold.

  • Improved threading usage within Agent transfers.

  • Enhanced SFTP server event processing to not block other clients when event processing occurs.

  • Enhanced the Execute SSH Task to support the alternate proxy host.

Updates

  • Upgraded the Apache Batik libraries version from 1.10 to 1.14.

  • Upgraded the Jasper Reports libraries version from 6.7.0 to 6.16.0.

  • Upgraded the XML Graphics library version from 2.2 to 2.6.

Fixes

  • Fixed an issue with the PeSIT Tasks where the error "Connection was closed unexpectedly" was reported incorrectly.

  • Fixed an issue with the PeSIT Client where threads would not close after performing a transfer.

  • Fixed an issue when sending very large messages to Agents. This was introduced in 6.8.0.

  • Fixed an issue with the isNumber function that would prevent '08' and '09' from returning true as a number.

  • Fixed an issue where failing a Multi-Factor Authentication check would leave a session associated with the user.

  • Fixed issue with the FTPS Resource/Task when configured to use TLS Resumption along with using a Proxy. This was introduced in 6.8.1.

  • Fixed an issue where admin users wouldn't be able to view trigger log details for 'Before' events.

  • Fixed an issue that would prevent Rest API access when Content Type contained more than the media type directive.

  • Fixed an issue with the SOAP builder that was preventing the SOAP wizard from generating WSDLs.

  • Fixed an issue that would prevent secure form submission when the form contained an empty dropdown.

  • Fixed an issue where some some non-English characters were obscured in report headers due to a spacing issue.

GoAnywhere Agents

Version 1.6.2
Enhancements

  • Enhanced the Execute SSH Task to support the alternate proxy host.

Fixes

  • Fixed an issue when sending very large messages to GoAnywhere. This was introduced in 1.6.0.

  • Fixed an issue with the isNumber function that would prevent '08' and '09' from returning true as a number.

Back to Top

 

Halcyon

Advanced Reporting Suite

Version 11.2

May 5, 2021

  • Resolved a data collection issue whereby the last date and time value was incorrectly using a different collection's values. This will mainly affect data collections from devices in various time zones.

Code Uploader

Version 11.2

May 5,2021

Enhancements

  • License codes can now be uploaded to multiple environments on the IBM i when using the Code Uploader utility.

Network Server Suite

Version 11.2

May 5, 2021

Enhancements

  • Enterprise Console: The System Monitor within Enterprise Server Options has been enhanced to make it multi-threaded.

  • Enterprise Console: The Ping Monitor within Enterprise Server Options has been enhanced to make it multi-threaded.

  • CCM: An option has been added to allow the setting of Enterprise Server and CCM Server for all defined agents with a single click.

  • AIX/Linux Agents: Long running actions can now run asynchronously by adding a new command line option (-X) to the /usr/bin/halsum.sh file.

  • Linux Agent: A Linux Agent for Ubuntu has been made available.

Fixes

  • NSS: The copyright information has been updated for all applications.

  • Enterprise Console: Fixed an issue with alerts being closed on the IBM i but remaining open on the Enterprise Console.

  • Enterprise Console: Closing a forwarded alert will now close the alert on the Enterprise Console device which originally sent the alert.

  • Enterprise Console: Users can now purge alerts from UNKNOWN devices that are no longer defined in Device Manager.

  • Enterprise Console: Users can now delete alerts from UNKNOWN devices that are no longer defined in Device Manager.

  • Enterprise Console: Fixed an issue in Enterprise Console where the alert status was not updating.

  • Enterprise Console: A fix has been applied to the System Monitor to send the correct command syntax to Windows and Unix agents.

  • Enterprise Console: Enterprise Console Clients that are disconnected from the server without logging off, no longer receive an access violation when logging back on.

  • CCM: The actions and criteria sequencing for rules didn't load correctly, causing unforeseeable results. This has been fixed in this release.

  • CCM: When defining criteria for a TCP/UDP Generic rule, you were unable to use the 'Execute Command' option due to a form validation issue. This has been fixed.

  • Instant Alert: Instant Alert message processing has been improved to avoid 'Out of Memory' errors.

  • Log Viewer: Users are now able to close multiple log files.

  • Windows Agent: The reading of large event logs no longer fails with an error code of 87.

  • Windows Agent: A new setting has been made available against Windows agents to reset the held and release statuses against a rule on start-up. This is only applicable to rules that were held or released by means of a "Hold Rule" and/or "Release Rule" action.

Back to Top

 

Powertech

BoKS Control Center

Version 8.0.0.2

May 3, 2021

  • Updated Jetty dependency fixing the following reported vulnerabilities: CVE-2021-28165, CVE-2020-27218, CVE-2020-27223, CVE-2020-27216.

  • Strict-Transport-Security header included in root redirect page (enforce strict transport security).

  • Added enhanced protections to prevent the ability to download certificates from BCC without an active session (enhanced access control).

  • Added replacement of session ID every time a user logs in and deletion of old session IDs to provide enhanced security (session fixation).

  • Added response header "X-Content-Type-Options: nosniff" for enhanced security (content sniffing not disabled).

  • Updated the default session ID name to "id" to provide enhanced security (session ID fingerprinted).

  • Removed cache for downloadable resources (host and ca certificates) to provide enhanced security (cacheable HTTPS response).

Version 7.2.0.1

May 3, 2021

  • Fixed problem where some GUI operations (for example managing "User SSH Public Keys") not working when running the server with Java 1.8.0 update 282 or later.

  • Updated Jetty dependency fixing the following reported vulnerabilities: CVE-2021-28165, CVE-2020-27218, CVE-2020-27223, CVE-2020-27216.

  • Strict-Transport-Security header included in root redirect page (enforce strict transport security).

  • Added enhanced protections to prevent the ability to download certificates from BCC without an active session (enhanced access control).

  • Added replacement of session ID every time a user logs in and deletion of old session IDs to provide enhanced security (session fixation).

  • Added response header "X-Content-Type-Options: nosniff" for enhanced security (content sniffing not disabled).

  • Updated the default session ID name to "id" to provide enhanced security (session ID fingerprinted).

  • Removed cache for downloadable resources (host and ca certificates) to provide enhanced security (cacheable HTTPS response).

Powertech Antivirus for IBM i

Version 8.04

May 18, 2021

Enhancements
  • Powertech Antivirus now uses the McAfee 6200 Anti-Malware Engine, which includes the following new features:
    (from McAfee)
    • Enhanced threat landscape with added support for MSIL and AutoIT based malware.
    • Extended coverage for PDF and ISO file types.
    • Added provision to author better content with decoding support for ADC and LZFSE.
    • Introduced better handling capability for Linux threats.
    • Multiple features for better driver handling which improves the detection effectiveness.
    • Several bug fixes and performance improvements.
Fixes
  • DAT file version numbers over four digits are now supported.
  • An issue that caused AVRUNTSK to fail with error "Lost connection with AVSVR (socket closed)" has been resolved.
  • An issue that caused the job log to report "No job log information" when initiating AVSVR has been resolved.
Version 8.03b

May 18, 2021

  • An issue that caused a virus definition update to remove the IFS Encryption exit program and replace it with the Powertech Antivirus exit program has been resolved.
  • An issue that could cause the scan task to end with error "Qp0lProcessSubtree API failed with error code -1 (socket closed.)" has been resolved.
Version 8.03a

May 18, 2021

  • Object ownership issues upon installation have been resolved.

Back to Top

 

Robot

RBTSYSLIB

Version 2.04 (210416)

May 14, 2021

  • Updated RSLSHUTDWN command.

Robot HA

Version 13.02

May 4, 2021

New Features

  • Reduced impact from Robot HA on the production system performance when processing private authorities.

  • Increased success and confidence in role swaps with improved visibility and simplified recovery for authority related errors.

  • A new system type sync attribute has been added. *PVTAUT will be used to sync authorities.

  • New Private Authority Status Report provides a way to see the status of authorities being synchronized.

Enhancements

  • Updated license agreement.

  • QSYS* libraries can no longer be synchronized.

  • INZRSFHA command has been changed to no longer have the CLNDIRRSF command run by default.

  • When new sync attributes are created, the parameter “Sync Authorities” has been changed to default to *YES.

Fixes

  • Fixed *file object refresh issue when journal images parameter is changed.

  • Fixed issue with sync attribute parameter "SAVACT record change wait" changing from *NOCMTBDY to *NOCMTBOD.

  • Elevated authority issue resolved when an IFS sync attribute fails to be deleted.

  • When creating a new IFS directory sync attribute, the job name correctly shows as the directory name and does not include _IFS.

  • Fixed issue with SETICOLRSF command failing when there is a file with no member.

  • Fixed issue with Audit History Report submission.

  • Fixed issue with cursor placement on RHA3005.

  • SAVDTAQRSF, RSTDTAQRSF, and CPYSYSRSF commands will no longer be available in future releases. Any existing CL programs that use these commands may require modification

Robot Reports

Version 7.73

May 10, 2021

  • Updated license agreement.

Robot Schedule

Version 13.10

May 12, 2021

  • Fixed issue with RBTCLNUP using high CPU %.

  • Fixed issue with normally completed job showing a T completion code instead of a C.

  • Schedule environment successfully able to import with initial ASP group of *NONE.

  • Fixed issue with GUI not seeing valid job queue.

  • iASP no longer locked when using RSLSHUTDWN.

  • Fixed issue with GUI unable to connect to database.


Back to Top