Monthly Release Notes - March 2022

Jump to:

 

Digital Defense


Frontline Agent

Version 1.37.2

March 28, 2022

Enhancements
  • Frontline Agent contains the following new vulnerability checks:
    • 148145 Apple Security Update: 2022-003 Catalina (High) - Mac

    • 148147 Apple Security Update: macOS Big Sur 11.6.5 (High) - Mac

    • 148148 Apple Security Update: macOS Monterey 12.3 (Medium) - Mac

    • 148146 Apple Security Update: Safari 15.4 (High) - Mac

    • 148144 Apple Security Update: Xcode 13.3 (High) - Mac

    • 148134 Google Chrome: Multiple Vulnerabilities in Versions Less Than 99.0.4844.74 (High) - Windows, Mac

    • 148040 Mozilla Thunderbird: Multiple Vulnerabilities in Versions Less Than Thunderbird 91.7 (High) - Windows

    • 148038 MS22-MAR: Microsoft Office Security Update (High) - Mac

NIRV Scanner

Version 3.0.95.2

March 28, 2022

Enhancements
  • Updated authenticated scanning checks and network explicit checks listed:
    • 148062 Amazon Linux 2 Security Advisory: ALAS-2022-1755 (Medium)

    • 148065 Amazon Linux 2 Security Advisory: ALAS-2022-1757 (Medium)

    • 148059 Amazon Linux 2 Security Advisory: ALAS-2022-1758 (Medium)

    • 148060 Amazon Linux 2 Security Advisory: ALAS-2022-1759 (High)

    • 148061 Amazon Linux 2 Security Advisory: ALAS-2022-1761 (High)

    • 148066 Amazon Linux 2 Security Advisory: ALAS-2022-1762 (Medium)

    • 148064 Amazon Linux 2 Security Advisory: ALAS-2022-1763 (Low)

    • 148068 Amazon Linux 2 Security Advisory: ALAS-2022-1764 (High)

    • 148063 Amazon Linux 2 Security Advisory: ALAS-2022-1766 (Low)

    • 148058 Amazon Linux Security Advisory: ALAS-2022-1568 (Medium)

    • 148052 Amazon Linux Security Advisory: ALAS-2022-1569 (High)

    • 148054 Amazon Linux Security Advisory: ALAS-2022-1570 (High)

    • 148057 Amazon Linux Security Advisory: ALAS-2022-1571 (High)

    • 148053 Amazon Linux Security Advisory: ALAS-2022-1572 (Medium)

    • 148051 Amazon Linux Security Advisory: ALAS-2022-1573 (High)

    • 148056 Amazon Linux Security Advisory: ALAS-2022-1574 (Medium)

    • 148055 Amazon Linux Security Advisory: ALAS-2022-1575 (Low)

    • 148136 Citrix Security Advisory: CTX322787 (Medium)

    • 148141 Citrix Security Advisory: CTX325319 (Medium)

    • 148140 Citrix Security Advisory: CTX328123 (High)

    • 148138 Citrix Security Advisory: CTX335432 (Medium)

    • 148135 Citrix Security Advisory: CTX337526 (Medium)

    • 148142 Citrix Security Advisory: CTX338435 (Medium)

    • 148137 Citrix Security Advisory: CTX341586 (Medium)

    • 148139 Citrix Security Advisory: CTX341587 (Low)

    • 148046 Debian Security Advisory: DLA-2817-1 (Medium)

    • 148050 Debian Security Advisory: DLA-2938-1 (Medium)

    • 148047 Debian Security Advisory: DSA-5006-1 (Medium)

    • 148048 Debian Security Advisory: DSA-5007-1 (Medium)

    • 148044 Debian Security Advisory: DSA-5025-1 (Medium)

    • 148045 Debian Security Advisory: DSA-5081-1 (High)

    • 148049 Debian Security Advisory: DSA-5091-1 (Medium)

    • 148042 DNS CAA Record Not Found (Low)

    • 148131 ELSA-2022-0496: .NET 6.0 security and bugfix update (Medium)

    • 148119 ELSA-2022-0672-1: ruby:2.5 security update (Medium)

    • 148111 ELSA-2022-0818: firefox security update (High)

    • 148110 ELSA-2022-0824: firefox security and bug fix update (High)

    • 148108 ELSA-2022-0825: kernel security, bug fix, and enhancement update (High)

    • 148114 ELSA-2022-0826: .NET 6.0 security and bugfix update (Medium)

    • 148122 ELSA-2022-0827: .NET Core 3.1 security and bugfix update (Medium)

    • 148118 ELSA-2022-0830: .NET 5.0 security and bugfix update (Medium)

    • 148123 ELSA-2022-0845: thunderbird security update (High)

    • 148107 ELSA-2022-0850: thunderbird security update (High)

    • 148130 ELSA-2022-0886: virt:ol and virt-devel:rhel security update (Low)

    • 148109 ELSA-2022-0889: 389-ds:1.4 security and bug fix update (Medium)

    • 148129 ELSA-2022-0891: httpd:2.4 security update (High)

    • 148106 ELSA-2022-0892: libarchive security update (Low)

    • 148113 ELSA-2022-0894: vim security update (High)

    • 148112 ELSA-2022-0896: glibc security update (High)

    • 148128 ELSA-2022-0899: libxml2 security update (Medium)

    • 148105 ELSA-2022-0951: expat security update (High)

    • 148103 ELSA-2022-9198: Unbreakable Enterprise kernel security update (Medium)

    • 148115 ELSA-2022-9201: Unbreakable Enterprise kernel-container security update (Medium)

    • 148125 ELSA-2022-9204: python-pip security update (Medium)

    • 148117 ELSA-2022-9210: Unbreakable Enterprise kernel security update (High)

    • 148104 ELSA-2022-9211: Unbreakable Enterprise kernel security update (High)

    • 148127 ELSA-2022-9212: Unbreakable Enterprise kernel-container security update (High)

    • 148132 ELSA-2022-9213: Unbreakable Enterprise kernel-container security update (High)

    • 148126 ELSA-2022-9221: gnutls security update (High)

    • 148116 ELSA-2022-9224: openssl security update (Medium)

    • 148120 ELSA-2022-9227: expat security update (High)

    • 148121 ELSA-2022-9228: cri-o security update (Medium)

    • 148124 ELSA-2022-9229: cri-o security update (Medium)

    • 148133 ELSA-2022-9232: expat security update (High)

    • 148134 Google Chrome: Multiple Vulnerabilities in Versions Less Than 99.0.4844.74 (High)

    • 148041 Netgear Device Detected (Info)

    • 148069 Palo Alto PAN-OS Security Advisory: PAN-127479 (Medium)

    • 148077 RHSA-2022:0780: cyrus-sasl security update (Medium)

    • 148072 RHSA-2022:0818: firefox security update (High)

    • 148078 RHSA-2022:0819: kernel-rt security and bug fix update (Medium)

    • 148087 RHSA-2022:0824: firefox security and bug fix update (High)

    • 148076 RHSA-2022:0825: kernel security, bug fix, and enhancement update (Medium)

    • 148073 RHSA-2022:0826: .NET 6.0 security and bugfix update (Medium)

    • 148074 RHSA-2022:0827: .NET Core 3.1 security and bugfix update (Medium)

    • 148084 RHSA-2022:0830: .NET 5.0 security and bugfix update (Medium)

    • 148085 RHSA-2022:0845: thunderbird security update (Medium)

    • 148083 RHSA-2022:0849: kpatch-patch security update (Medium)

    • 148088 RHSA-2022:0850: thunderbird security update (Medium)

    • 148081 RHSA-2022:0886: virt:rhel and virt-devel:rhel security update (Low)

    • 148079 RHSA-2022:0889: 389-ds:1.4 security and bug fix update (Low)

    • 148071 RHSA-2022:0891: httpd:2.4 security update (Low)

    • 148082 RHSA-2022:0892: libarchive security update (Low)

    • 148075 RHSA-2022:0894: vim security update (Low)

    • 148070 RHSA-2022:0896: glibc security update (Low)

    • 148086 RHSA-2022:0899: libxml2 security update (Low)

    • 148080 RHSA-2022:0951: expat security update (Medium)

    • 148089 [USN-5317-1] Linux kernel vulnerabilities (Medium)

    • 148090 [USN-5318-1] Linux kernel vulnerabilities (Medium)

    • 148091 [USN-5319-1] Linux kernel vulnerabilities (Medium)

    • 148092 [USN-5320-1] Expat vulnerabilities and regression (Medium)

    • 148093 [USN-5322-1] Subversion vulnerability (Medium)

    • 148094 [USN-5323-1] NBD vulnerabilities (Medium)

    • 148095 [USN-5324-1] libxml2 vulnerability (Medium)

    • 148096 [USN-5328-1] OpenSSL vulnerability (Medium)

    • 148097 [USN-5328-2] OpenSSL vulnerability (Medium)

    • 148098 [USN-5330-1] LibreOffice vulnerability (Medium)

    • 148100 [USN-5332-1] Bind vulnerabilities (Medium)

    • 148101 [USN-5332-2] Bind vulnerability (Medium)

    • 148099 [USN-5333-1] Apache HTTP Server vulnerabilities (Medium)

    • 148102 [USN-5333-2] Apache HTTP Server vulnerabilities (Medium)

Fixes
  • Updated Vulnerability Descriptions:
    • 123908 EMC RecoverPoint Default Credentials (Critical)
    • 148040 Mozilla Thunderbird: Multiple Vulnerabilities in Versions Less Than Thunderbird 91.7 (High)
    • 148038 MS22-MAR: Microsoft Office Security Update (High)
    • 147949 WordPress 5.8.3 Security Release (Medium)

WAS Scanner

Version 1.0.34.1

March 10, 2022

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 144776 Drupal Core Security Advisory SA-CORE-2021-002 (Medium)
    • 145502 Drupal Core Security Advisory SA-CORE-2021-003 (Medium)
    • 145633 Drupal Core Security Advisory SA-CORE-2021-004 (Medium)
    • 146102 Drupal Core Security Advisory SA-CORE-2021-005 (High)
    • 146407 Drupal Core Security Advisory SA-CORE-2021-006 (Low)
    • 146408 Drupal Core Security Advisory SA-CORE-2021-007 (Medium)
    • 146409 Drupal Core Security Advisory SA-CORE-2021-008 (Medium)
    • 146410 Drupal Core Security Advisory SA-CORE-2021-009 (Medium)
    • 146958 Drupal Core Security Advisory SA-CORE-2021-010 (Medium)
    • 147294 Drupal Core Security Advisory SA-CORE-2021-011 (Medium)
    • 116819 Drupal Core Security Advisory SA-CORE-2014-005 (High)
    • 124294 Drupal Core Security Advisory SA-CORE-2018-002 (Critical)
    • 127847 Drupal Core Security Advisory SA-CORE-2019-001 (Medium)
    • 127869 Drupal Core Security Advisory SA-CORE-2019-002 (High)
    • 127886 Drupal Core Security Advisory SA-CORE-2019-003 (Medium)
    • 128452 Drupal Core Security Advisory SA-CORE-2019-004 (Low)
    • 128685 Drupal Core Security Advisory SA-CORE-2019-006 (Medium)
    • 129038 Drupal Core Security Advisory SA-CORE-2019-007 (High)

Back to Top

 

Globalscape


DMZ Gateway

Version 3.5.0.35

March 18, 2022

Updates
  • Updated Log4j to v2.17 (TFS 383247)

  • Updated DMZ graphics to include HelpSystems branding (TFS 383503)

Back to Top

 

Powertech


Powertech Antivirus for IBM i

Version 8.06

Mar 28, 2022

  • Fixed issue with scheduled scans ending prematurely.

  • Fixed issue with AVSVR failing with error CPFB9C6 on systems running older versions of POWER processor.

BoKS Control Center

Version: 8.1.1

Mar 4, 2022

New Features
  • Certificate authentication is added for login to BCC.
Fixes
  • The web server listens to an extra port for certificate login (default 8444).
  • The "SSH certificate" authenticator is renamed to "Certificate". When configuration Access Rules, "Optional SSH certificate" is renamed to "Optional certificate", and the authentication methods "ssh_cert", "hard_ssh_cert" and "optional_ssh_cert" are renamed to "cert", "hardcert" and "optional_cert".

BoKS Manager

Version: 8.1.1

Updated: Mar 4, 2022

Note that BoKS Server Agent 8.1.1 requires Master / Replicas to run BoKS Manager 7.2 or later.

New Features
  • Certificate authentication is extended from SSH to other access methods in BoKS. The access methods that now support certificate authentication are: BCCAS, PWMGR, SU, SUEXEC, EDIT, SSH, SUDO, SUDOEDIT and SUDOLIST access methods. The ssh_cert, hard_ssh_cert and optional_ssh_cert authenticators and Access Rule modifiers are renamed to cert, hardcert and optional_cert.
  • Certificates from local smart cards can be used via PKCS#11 plugin modules.

Enhancements
  • A new boksconfig parameter 'authentication/cert/pkcs11-provider' is added that can be used to configure the PKCS provider for certificate authentication. This parameter overrides the PKCS11Provider parameter in $BOKS_etc/ssh/ssh_config or $HOME/.ssh/config.

  • New boksconfig parameter 'authentication/cert/pkcs11-provider-allowed' is added.

    The PKCS#11 provider library used in certificate authentication for access methods SU, SUEXEC, EDIT, SUDO, SUDOEDIT and SUDOLIST can be configured in either boksconfig 'authentication/cert/pkcs11-provider', $HOME/.ssh/config or $BOKS_etc/ssh/ssh_config. The authentication process for the above methods runs with elevated privileges and if the PKCS#11 provider library configuration is taken from $HOME/.ssh/config the path specified must match a path in the 'authentication/cert/pkcs11-provider-allowed' settings.

  • A new CLI program named boksmkcrl is added that can read revoked certificates and generate a CRL file.

  • Log messages have changed. By using the new log API Server Agents can now take full advantage of the syslog format. Optional parameters like Rule ID and keystroke log ID are now moved from the "message" part of the log to the "structured data" part, making it easier to machine parse the log.

Fixes
  • In some cases after upgrading from 7.x to 8.x, batch messages from the old version are put into the batch queue of the new version. Since the format of the messages has changed, these messages are rejected by the remote server. To avoid having these messages blocking the batch queue processing, they are dropped and a warning to this effect is written to boks_errlog.

  • If a user failed to change password, a field in the BoKS database was updated with the time, and a password update request was sent to all hosts the user existed on. If this was an account used by an automated process, this could cause a lot of updates to be queued. As this information was only used by HP-UX platforms running Trusted Computing Base (TCB), it has been decided to disable this functionality.

  • The BoKS configuration parameter sshd/log-certificate is no longer available, as certificate information is now always logged.

  • The boks-selinux policy is updated and you must ensure you are using the latest version of the policy when installing BoKS Manager 8.1.1.

  • Certificate authentication now supports certificates with SHA512 signatures. Earlier certificate authentication in SSH supported SHA1 and SHA256 only. Authentication with SHA1 signed certificates is deprecated and support for SHA1 signed certificates may be removed in future BoKS versions.

  • The certadm -s listing can now use option -n issuer to only list revoked certificates for a specific issuer CA.

  • External authentication programs moved from $BOKS_lib/ directory to $BOKS_lib/extauth/.

  • The default value for the BoKS SSHD configuration parameter MaxAuthTries is increased from 6 to 12 when BoKS protection is activated.

Back to Top