Monthly Release Notes - October 2022

Jump to:

 

Cobalt Strike


Version: 4.7.2

October 17, 2022

Fixes
  • Hardening of the client against a RCE security issue within the Java Swing framework's support for HTML in components.

  • Fixed an issue with the example text in the font selection dialog.

  • Added a confirmation dialog for the Spear Phish preview dialog to confirm the user trusts the data used for the Spear Phish.

Back to Top

 

Globalscape


Version 8.1.0.11

October 31, 2022

Fixes

EFT Event Rules

  • Fixed an issue where Timer Event Rules configured for Daily runs would not trigger on Monday.

There are currently no updates.

Back to Top

 

Intermapper


Version: 6.6

October 13, 2022

New Features
  • Added support for new platforms: Windows 2022 Server, Ubuntu 21.04, 22.04, MacOS 11.

  • Added new license type 'Subscription'.

  • Updated icons for devices in Intermapper.

Enhancements
  • Added Advanced Network Mapping Capability (Virtual Network Monitoring for AWS).

  • Included SHA-2 in supported SNMPv3 Auth options.

  • Added functionality to control if interface status change would effect device status changing.

  • Added watermark on maps for 'Trial License Only'.

  • Added TLSv1.3 functionality.

  • Added SystemD for management of Intermapper services for Linux, and updated to conform with the Linux File Systems for packaged applications. Refer to the Installation Guide for further details on updating Linux to 6.6.

Fixes
  • Updated LibPNG related libraries, addressed vulnerability CVE-2019-7317.

  • Resolved Layer-2 scan fails to complete.

  • Resolved IMDC database failure with CheckViolation error.

  • New link alert configuration features work correctly under version skew.

  • Resolved issues with non-default installation locations on Windows, Linux and MacOS.

  • Fixed incorrect disk space check during database migration/upgrade.

  • Fixed port 636 failure caused IM Database to have strings more than 256 chars.

  • Resolved failure in LDAP authentication.

  • Resolved setting a password for Intermapper DataCenter not holding with 6.5.

  • Resolved TCP dropping and server stuck spinning on ETIMEDOUT.

  • Fixed 6.5.2 and higher does not support SNMP community starting with @.

  • Resolved TLS error on HTTPS probe (Inbuilt Probe).

  • Resolved E-mail notifications not sending using external SMTP server.

  • Resolved comment import no-op for file import with .csv.

  • Resolved error when using import and save custom SSL certificate in the IMDC.

Back to Top

 

Powertech


Boks Manager

Version 8.1 (version update)

October 05, 2022

New Features
  • Support is added for BoKS Manager and BoKS Server Agent 8.1 on Red Hat Enterprise Linux 9 on x64.

BoKS Reporting Services

Version 8.1.0.4

October 12, 2022

Fixes
  • Implementation details have been hidden from the general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • A fix has been applied so that the import status is updated when a permission denied error reading the dump file occurs.

  • Upgraded Spring, Spring Boot, jackson-databind, moment.js and Snakeyaml dependencies. (CVE-2022-42003, CVE-2022-42004, CVE-2020-36518, CVE-2022-22950, CVE-2022-38750, CVE-2022-22970, CVE-2022-38751, CVE-2022-25857, CVE-2022-38752, CVE-2022-38752, CVE-2022-24785, CVE-2022-31129).

Version 8.0.0.9

October 12, 2022

Fixes
  • Implementation details have been hidden from the general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Upgraded Spring, Spring Boot, jackson-databind, moment.js and Snakeyaml dependencies. (CVE-2022-42003, CVE-2022-42004, CVE-2020-36518, CVE-2022-22950, CVE-2022-38750, CVE-2022-22970, CVE-2022-38751, CVE-2022-25857, CVE-2022-38752, CVE-2022-38752, CVE-2022-24785, CVE-2022-31129).

Version 7.2.0.9

October 12, 2022

Fixes
  • Implementation details have been hidden from the general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Upgraded Spring, Spring Boot, jackson-databind, moment.js and Snakeyaml dependencies. (CVE-2022-42003, CVE-2022-42004, CVE-2020-36518, CVE-2022-22950, CVE-2022-38750, CVE-2022-22970, CVE-2022-38751, CVE-2022-25857, CVE-2022-38752, CVE-2022-38752, CVE-2022-24785, CVE-2022-31129).

BoKS Control Center

Version 8.1.1.1

October 25, 2022

This release includes the following security fixes:

  • Hide implementation details from general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Changing sudo protection for host via list menu resets home directory to /home.

  • Fixed issue with the host menu causing the home directory to be reset to /home when changing the sudo protection setting in the list without first opening the details row.

  • Upgraded dependencies.

  • Upgraded Spring to 5.3.23.

  • Upgraded Snakeyaml to 1.33.

Version 8.1.0.3

October 25, 2022

This release includes the following security fixes:

  • Hide implementation details from general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Changing sudo protection for host via list menu resets home directory to /home.

  • Fixed issue with the host menu causing the home directory to be reset to /home when changing the sudo protection setting in the list without first opening the details row.

  • Upgraded dependencies.

  • Upgraded Spring to 5.3.23.

  • Upgraded Snakeyaml to 1.33.

Version 8.0.0.6

October 25, 2022

This release includes the following security fixes:

  • Hide implementation details from general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Upgraded dependencies.

  • Upgraded Spring to 5.3.23.

  • Upgraded Snakeyaml to 1.33

Version 7.2.0.5

October 25, 2022

This release includes the following security fixes:

  • Hide implementation details from general error page.

  • A bad request can result in a general error page. This page revealed application implementation specifics, such as an application stack trace. This information has been removed from the error page.

  • Upgraded dependencies.

  • Upgraded Spring to 5.3.23.

  • Upgraded Snakeyaml to 1.33.

Back to Top

Titus


Illuminate

Version 2022.1

October 24, 2022

New Features
  • Illuminate can now scan files and folders with Microsoft sensitivity labels in Microsoft Office 365. You can map Microsoft sensitivity labels to Titus fields and values, so that Titus’s users can process documents and emails from Microsoft users. Illuminate Scanning UI now contains a Propagate label feature to apply the contents and formatting of Microsoft labels to Titus labels and vice versa.

Enhancements
  • Illuminate can now scan files referenced in symbolic links.

  • Support for Office 365 authentication. If you are using an Office 365 authentication URL (such as GCC high), you can configure that URL in the commonappsettings.config file.

  • Using a Custom Action, you can populate the value of a new custom document property with the value of an existing document property (for example, last modified date) plus a time offset.

Fixes
  • Illuminate does not show Original Document Classification for documents that are already classified

  • Error appears when upgrading Illuminate from a previous version. See the Titus Illuminate Deployment Guide for a workaround.

  • Cannot generate a SharePoint Online/OneDrive token to authorize a cloud provider.

Policy Manager

Version 2022.10

October 21, 2022

New Features
  • Can now configure Schemas, Policies, App Settings, and Configurations and publish a TCPG file for Titus Classification for Windows using Policy Manager

  • Users can use their own custom image in the Ribbon and Classification Select dialog

  • Added Templates to Policy Manager so users can start configuring faster (supported in Titus Classification Suite for Windows only)

Enhancements
  • Improved messages in error dialogs and improved tooltips for Action parameters
  • Renamed Event Logging in App Settings to Event Logging for Email and Event Logging for Documents
  • Moved ability to set the Solution and Event to the same area in the UI as naming a Policy
Fixes
  • App Setting Event Logging throws error when selected value is being changed

  • Schema field name maximal value is being trimmed in unique name from 800 to 400 symbols

  • Unexpected Error when trying to create new policy with 800 digit name

  • Policy name: "Unexpected error" is shown when special characters <>&*|,;[] are used

Titus Console

Version 2022.10

October 12, 2022

Enhancements
  • Removed Analytic Dashboard from Titus Console.

Titus Data Detection Engine

Version 2022.10

October 12, 2022

Enhancements
  • Removed Analytic Dashboard from Titus Console.

Titus Classification for Google Workspace

Version 2022.12 HF1

December 16, 2022

Fixes
  • Fixed bug that prevented users from editing and saving a Google Calendar meeting event.

Back to Top

Vera


Version 3.21.0

October 2022

New Features
  • Vera allows you to secure files based on classification labels and tags. For each classification tag, you can apply rules based on auto-selected folder membership access or group-based membership access for files that are manually or automatically classified. The Classification Rules tab replaces the combined functionalities of the Partner Policy Mapping and Partner Policy Share Mapping tabs.

Updates
  • Vera provides an option to their customers to copy Vera events from an AWS S3 bucket, without the need to open inbound ports to their environment or set up a Syslog server.

  • The Vera agent may be unstable if the endpoint user installs Vera software first and then an administrator installs System Center Configuration Manager (SCCM). Vera’s installation procedures have been updated to remove user-based installation when Vera is deployed by an administrator via SCCM installation. Vera recommends rebooting the endpoint after the administrator installation.

  • Vera has integrated the Titus C++ SDK into the Vera SDK, so when the Netskope discovery scans the file and identifies the partner policy tag, Vera can internally call the Titus SDK to write the Titus data classification tag on the file in Titus readable format and then encrypt the file.

  • Vera announces the end of support for macOS Mojave in this release.

  • SharePoint support for rendering all VIB-supported files on the browser if the supported application is not present on the desktop.

  • Kerberos Single Sign-On Integration - Logs a user into the Vera client automatically if the user signs into Windows via Active Directory.

Fixes
  • Fixed an issue where the access request emails were not sent.

  • Fixed the low-risk vulnerabilities that were identified by Capital One's internal team.

  • Fixed an issue where the SDK third-party authentication OAuth token expires.

  • Fixed an issue where user’s session credentials are passed through the URL instead of a cookie.

  • Fixed an issue where the application was allowing the client to specify a cipher suite that uses insecure encryption and/or hashing algorithms.

  • Fixed an issue where the user export report and the dashboard count do not agree.

  • Fixed an issue by creating an API that returns the tenant's correct number of TAD sync-able documents.

  • Fixed a security issue with SAML authentication which allowed the user to log in via SAML into the Vera portal even though they were not whitelisted in the authentication settings.

  • Fixed an issue where all the file copies were not displayed on the File Details window.

  • Fixed an issue where a time-bomb error was reported when the files were opened in the browser.

  • Upgraded all the Vera connectors to 3.19.1, allowing the security teams to rescan vulnerabilities.

  • Fixed an issue where the watermark is missing when printing a TIFF file to paper from the Windows Photo Viewer.

  • Fixed an issue where the multi-install fix is not working when the user is not signed out from the machine.

Back to Top