Monthly Release Notes - November 2024
Agari
DMARC Protection
Version 2024.11
November 2024
Enhancements
- Updated Senders page.
- Updated Custom Sender page.
Fixes
-
Various bug fixes.
-
Various dependency updates.
Cloud Email Protection
Version 2024.11
November 2024
Updates
-
Updates Senders table style and fields.
-
CDR upgrades to improve event publishing performance.
Fixes
-
Various bug fixes.
-
Various dependency updates.
Boldon James
Classifier Administration Server
Version 3.21
November 11, 2024
Enhancements
-
Improved session timeout management to meet information security use case requirements.
Fixes
-
Fixed Marking Library editor so marking definitions will not be deleted when editing the content.
Classifier Mail Add-in
Version 3.13.3
November 11, 2024
Enhancements
-
Confirmed support for Windows Server 2022.
Fixes
-
Added AppDomains elements to the ClassifierMail.xml manifest file that points to your Classifier Mail Add-in website. If you see an error in the console logs that the domain is not trusted, you must update and re-deploy the manifest file that has your AppDomains values.
Classifier Management Agent
Version 3.10
November 11, 2024
Enhancements
-
Added support for TLS 1.3 when downloading web configurations.
Data Classification Reporting Server
Version 2.1
November 11, 2024
New Features
-
Added the option to copy dashboards and reports. For instructions, see the Data Classification Reporting Server Deployment Guide.
Enhancements
-
Confirmed support for Windows Server 2022.
-
Updated to .NET 8.0 for software requirement.
-
Updated product icon.
Fixes
-
Fixed issue with reports not being exported when selecting the button to export.
Email and Office Classifier
Version 3.21
November 11, 2024
Enhancements
-
Improved integrity checks for the label when reading emails.
-
Improved integrity checks for the label when opening documents.
-
Improved integrity checks for the classification history of documents.
-
Added support for Simplified Ribbon in Microsoft Outlook.
-
The description.txt configuration file is no longer stored in users local cached configuration.
-
Confirmed support for Microsoft Office 2024 (32-bit and 64-bit).
Fixes
-
Fixed issue in Office Classifier where bullet points were being added to header and footer visual markings in Microsoft Word.
-
Fixed issue in Office Classifier where the label summary information bar was not appearing when starting a Microsoft Office application.
-
Fixed issue in Office Classifier where Microsoft Excel was crashing when performing a content check on an Excel workbook.
-
Fixed issue in Office Classifier where a Microsoft Word document protected with Azure Information Protection (AIP) could not be saved as a PDF.
-
Fixed issue in Email Classifier where the unlabeled attachment check was detecting embedded images even when the setting to ignore embedded images was enabled.
-
Fixed issue where the content check progress dialog appears multiple times when performing checks.
Exchange Classifier 2016
Version 3.2.0
November 11, 2024
Fixes
- Fixed issue where Exchange Classifier 2016 was slow in processing emails with large attachments.
File Classifier
Version 3.17.3
November 11, 2024
Fixes
-
Updated File Classifier error messages to provide more specific information.
Mac Classifier
Version 3.12.9
November 11, 2024
Enhancements
- Confirmed support for Sequoia (macOS 15).
Fixes
-
Fixed issue where users were unable to open classified Microsoft PowerPoint and Microsoft Word documents. This issue was reported in Sonoma (macOS 14).
-
Fixed issue where users were unable to open the label selection dialog or apply mandatory selector labels when saving documents. This issue was reported in Sonoma (macOS 14).
Power Classifier for Files
Version 3.16.0
November 11, 2024
New Features
-
Added support for the following new auditing event messages:
Event ID Severity Description Category (Task ID) 10000 Info Label file Power Classifier for Files Auditing (79) 10001 Info Label folder 10002 Severity Failed to label file
SharePoint Classifier
Version 3.11.2
November 11, 2024
Enhancements
-
Confirmed support for Windows Server 2022.
-
Confirmed support for SharePoint Server Subscription Edition.
Clearswift
Secure Email Gateway
Version 6.0.0
November 29, 2024
-
6.0.0 is a major version and there are functionalities and procedures which are different from version 5.x. We strongly recommend that you visit the Installation Guides first to familiarize yourself with these changes.
-
In Red Hat Enterprise Linux (RHEL) 9, as per Red Hat Documentation, the default system-wide cryptographic policy level offers secure settings for current threat models. It allows the TLS 1.2 and TLS 1.3 protocols, as well as the IKEv2 and SSH2 protocols. The RSA keys and Diffie-Hellman parameters are accepted if they are at least 2048 bits long. This also means that certificates which use the SHA1 as TLS hash, signature, and algorithm are not accepted. Note that this is the "default" policy, and it is possible to change the system to the "legacy" policy.
-
TLS 1.0 and TLS 1.1 encryption protocols are deprecated and disabled by default. These protocols can be enabled by changing the system-wide crypto policy to “legacy” mode. However, this needs to be handled with great caution as it can lower the security level of the product.
Enhancements
-
Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 7.9 to version 9.4.
-
The RHEL 9 administrative interface, Cockpit, has been updated, including improved SELinux support and various user interface fixes.
-
Support for FIPS-mode compliance has been enhanced in RHEL 9.4, providing more secure cryptographic standards. (The entire system must be enabled for FIPS mode before FIPS can be enabled within the Gateway.)
-
STIG compliance has been enhanced, using the latest RHEL 9 DISA profiles.
-
Enhancements have been made to improve encryption, certificate management and TLS compatibility for secure connections.
-
Support has been added to reduce false positives when detecting Canadian Social Insurance Numbers (SIN), by adopting a validation using the Luhn algorithm.
-
The dependency on the %EMAIL% token for key server queries for S/MIME certificates has been removed. This enables some additional key server providers to be used, by adding support for the %LOCAL% and %DOMAIN% tokens.
-
Postfix has been updated from version 3.8 to version 3.9. Amongst other improvements, this also provides a long-term fix to mitigate an SMTP smuggling vulnerability in Postfix that could allow malicious messages to bypass DMARC and other spam checks.
-
The encryption engine has been updated for RHEL 9, including multiple fixes and enhancements.
-
Mailshell SDK has been updated from version 8.2.4 to version 9.3.0, including multiple enhancements for the anti-spam engine.
-
Java has been upgraded to version 21, for improved compatibility and performance.
Fixes
-
A critical vulnerability found in the previous release (CVE-2023-26136) has been fixed through the upgrade of Cockpit to a later version, including its dependent libraries.
-
Resolved a long-standing issue, requiring a restart of NetworkManager after configuring an SNMP server in Cockpit.
-
Resolved an issue where updates to FileZilla version 1.8.2 disrupted the FTP backup process for the product.
-
Resolved a license validation issue on the Japanese systems.
-
Resolved a crash in the DCI (Deep Content Inspection) Engine caused by processing PDF files that contain circular references in their outline.
-
Corrected the DCI Engine's handling of Text Views in XML DFC, which caused the failure in detecting the "Social Security number" text entities in XML document search.
-
Addressed failures in message processing through Sophos Sandbox caused by changes in the HTML report format.
-
The configuration of Trust Center has been enhanced to allow special characters in Trust Center account names.
-
Resolved an issue where the download manager failed to close files when retrieving download update times.
-
Resolved an intermittent synchronization issue with LDAPS that prevented regular updates of address lists.
-
S/MIME key server queries are now supported over LDAPS connections.
Secure ICAP Gateway
Version 6.0.0
November 29, 2024
-
6.0.0 is a major version and there are functionalities and procedures which are different from version 5.x. We strongly recommend that you visit the Installation Guides first to familiarize yourself with these changes.
-
In Red Hat Enterprise Linux (RHEL) 9, as per Red Hat Documentation, the default system-wide cryptographic policy level offers secure settings for current threat models. It allows the TLS 1.2 and TLS 1.3 protocols, as well as the IKEv2 and SSH2 protocols. The RSA keys and Diffie-Hellman parameters are accepted if they are at least 2048 bits long. This also means that certificates which use the SHA1 as TLS hash, signature, and algorithm are not accepted.
-
TLS 1.0 and TLS 1.1 encryption protocols are deprecated and disabled by default.
Enhancements
-
Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 7.9 to version 9.4.
-
The RHEL 9 administrative interface, Cockpit, has been updated, including improved SELinux support and various user interface fixes.
-
STIG compliance has been enhanced, using the latest RHEL 9 DISA profiles.
-
Enhancements have been made to improve encryption, certificate management and TLS compatibility for secure connections.
-
Support has been added to reduce false positives when detecting Canadian Social Insurance Numbers (SIN), by adopting a validation using the Luhn algorithm.
-
Java has been upgraded to version 21, for improved compatibility and performance.
Fixes
-
A critical vulnerability found in the previous release (CVE-2023-26136) has been fixed through the upgrade of Cockpit to a later version, including its dependent libraries.
-
Resolved a long-standing issue, requiring a restart of NetworkManager after configuring an SNMP server in Cockpit.
-
Resolved an issue where updates to FileZilla version 1.8.2 disrupted the FTP backup process for the product.
-
Resolved a license validation issue on the Japanese systems.
-
Resolved a crash in the DCI (Deep Content Inspection) Engine caused by processing PDF files that contain circular references in their outline.
-
Corrected the DCI Engine's handling of Text Views in XML DFC, which caused the failure in detecting the "Social Security number" text entities in XML document search.
Secure Web Gateway
Version 6.0.0
November 29, 2024
-
6.0.0 is a major version and there are functionalities and procedures which are different from version 5.x. We strongly recommend that you visit the Installation Guides first to familiarize yourself with these changes.
-
In Red Hat Enterprise Linux (RHEL) 9, as per Red Hat Documentation, the default system-wide cryptographic policy level offers secure settings for current threat models. It allows the TLS 1.2 and TLS 1.3 protocols, as well as the IKEv2 and SSH2 protocols. The RSA keys and Diffie-Hellman parameters are accepted if they are at least 2048 bits long. This also means that certificates which use the SHA1 as TLS hash, signature, and algorithm are not accepted. Note that this is the "default" policy, and it is possible to change the system to the "legacy" policy.
-
TLS 1.0 and TLS 1.1 encryption protocols are deprecated and disabled by default. These protocols can be enabled by changing the system-wide crypto policy to “legacy” mode. However, this needs to be handled with great caution as it can lower the security level of the product.
Enhancements
-
Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 7.9 to version 9.4.
-
The RHEL 9 administrative interface, Cockpit, has been updated, including improved SELinux support and various user interface fixes.
-
STIG compliance has been enhanced, using the latest RHEL 9 DISA profiles.
-
Enhancements have been made to improve encryption, certificate management and TLS compatibility for secure connections.
-
Support has been added to reduce false positives when detecting Canadian Social Insurance Numbers (SIN), by adopting a validation using the Luhn algorithm.
-
The Internet categorization component has been updated, for improved compatibility and performance.
-
Apache Traffic Server (ATS) has been updated to version 9.2.5, addressing critical vulnerabilities (CVE-2023-38522, CVE-2024-35161, CVE-2024-35296) as well as enhancing system security and stability.
-
Java has been upgraded to version 21, for improved compatibility and performance.
Fixes
-
A critical vulnerability found in the previous release (CVE-2023-26136) has been fixed through the upgrade of Cockpit to a later version, including its dependent libraries.
-
Resolved a long-standing issue, requiring a restart of NetworkManager after configuring an SNMP server in Cockpit.
-
Resolved an issue where updates to FileZilla version 1.8.2 disrupted the FTP backup process for the product.
-
Resolved a license validation issue on the Japanese systems.
-
Resolved a crash in the DCI (Deep Content Inspection) Engine caused by processing PDF files that contain circular references in their outline.
-
Corrected the DCI Engine's handling of Text Views in XML DFC, which caused the failure in detecting the "Social Security number" text entities in XML document search.
-
Resolved an issue where requests through an upstream proxy were incorrectly routed to the wrong website when navigating from an IP address to a hostname.
-
Corrected a bug that caused the web proxy to crash randomly due to double configuration upon restart.
-
Resolved an issue introduced with the latest web proxy where it may have become unresponsive under high load conditions.
Digital Guardian
Agent for Windows
Version: 8.2.0
November, 2024
New Features and Enhancements
-
Certified the Agent to run on Microsoft Windows 11 24H2 OS.
-
To better support email DG X-Headers, DG changed the default for Agent configuration setting sendMailDGxheaderControl from 1 to 2. This changes the behavior so that the Agent sends classification data in multiple X-Headers. Refer to Management Console Users Guide for details.
Added a new agent configuration setting, `<dgxheaderOn>`, which allows enabling or disabling the use of DG X-Header email properties. When enabled, a maximum of 50 DG X-Header email properties can be used.
Values for `<dgxheaderOn>`:
-
l `0` – Disables the use of DG X-Header email properties.
-
l `1` – Enables the use of DG X-Header email properties.
For more information, please refer to "Configuring DG X-Header Email Properties" under Critical Notices section in DigitalGuardian_Agent_for_Windows_8.2.0_Release_Notes.
-
-
Starting with this release, the default setting for dgxheaderOn is changed to 0 from 1. The result is the Agent does not process x-headers. It does not add x-headers to emails and it does not read x-headers in email. Classification data is not sent or received.
-
In this release, the Windows Agent installer has been enhanced to prevent the installation or upgrade if an existing agent is in a pending reboot state. The Agent installer will check the status of the DGUpdate service to see if an agent is waiting for a reboot indicating an install/upgrade already in progress before allowing another installation or upgrade to continue. This approach reduces the risk of incomplete installations ensuring a smoother upgrade process.
Fixes
-
Resolved a problem where the Agent was not uploading Digital Guardian Agent Diagnostic (DG Diag) artifacts to the Server when requested.
-
Resolved an egress vulnerability to devices protected by RME. Refer to CVE-2024-3334 and consult this knowledge base article. Contact Fortra support for more details.
-
Resolved a problem where memory management by the Agent caused random application crashes on Microsoft Windows 10 when the Agent and Check Point Software Checkpoint are running.
-
Resolved a problem at a customer site in which SQL queries performed on behalf of local users with usernames that had $ appended caused the nightly SQL jobs to run excessively long.
Analytics & Reporting Cloud
Version: 5.0.0
November, 2024
New Features
-
This release introduces UI theme customization, allowing users to switch between light and dark modes in their preferences. With dark mode becoming increasingly popular for its benefits like reduced eye strain, improved readability, and enhanced accessibility, this feature enhances usability and caters to individual preferences, providing a more personalized user experience.
-
In this release, updates have been made to enhance user experience and streamline workspace management for customers.
-
"Workspace Manager" renamed to "All Workspaces," displaying workspace tabs on the dock for a more organized view.
-
Home sign removed from the workspace tile; the first tab is now set as the Home tab by default.
-
Pin/unpin icon removed; users can now pin or unpin workspaces by right-clicking on the workspace tab.
-
Workspace time fields UI updated.
-
Enhancements to the application toolbar, streamlining navigation and workspace management.
-
Fixes
-
Resolved an issue where the federated users were unable to download CSV files from ARC workspaces. Adjustments were made to the permissions for these users, allowing successful downloads.
-
Resolved an issue where Mac users with usernames starting with an underscore (_) were being added to the ARC computer inventory, similar to a previous issue with Windows users. A filter has been added to prevent this.
-
Resolved an issue where the event details section under incident details was inaccessible for customers, with the fields appearing greyed-out.
Fortra
Endpoint Manager
November 14, 2024
Enhancements
-
Improved service shutdown on macOS.
-
Count on Endpoint table now updates when the table is refreshed.
Fixes
-
Resolved security vulnerabilities and minor bug fixes.
Fortra platform
November 14, 2024
New Features
-
Oauth Clients can now be created to be used for calling Fortra APIs.
-
Users can now receive an OTP code via email instead of using an authenticator app.
Enhancements
-
Role permissions now have descriptions.
-
All Users group now displays user count in Groups table.
Fixes
-
Roles are now correctly applied to a top-level account as well as the selected accounts.
-
The app switcher now correctly shows the product apps that the current tenant is entitled to.
Fortra VM
Version 7.0.4.0
November 6, 2024
New Features
-
Enhanced vulnerability details for PCI assessments
-
This release brings more comprehensive coverage and faster detection of CPE-based potential vulnerabilities. These vulnerabilities are identifiable by their titles, which begin with their CVE number, and their instance data, which indicates addition based on detected CPE.
-
Enhancements
-
PCI Self Service:
-
Auto-generate AOC report by default if scope is completed
-
-
Added CPE information to the data section for CPE detected potential vulnerabilities
-
Imported descriptions from Alert Logic vulnerability library into the Fortra VM vulnerability dictionary
-
Updated link to help site to reflect new directory
-
Added ability to suppress specific CVEs from CPE based auditing to avoid false positives
Fixes
-
Site footer not showing version
-
Block vulnerability assessment in scan group if blocked in single scan
-
Typo - Misspelling on Scan Policy page in FVM for CIS Benchmark policy
-
Block themes without a virtual hostname (subdomain) from saving
-
Vuln Dictionary "View Asset Instances" not working in platform
-
WAS scan launched without a scan block ID
-
Multi-account user gets locked out of all accounts if 1 has an expired trial
-
Letter missing in Annual Revenue section of Insight Classifications
-
Cannot select a template in Build a Report modal
-
RNA Activation Failure - Unable to verify activation token
-
Spelling error in New Password page
-
Theme manager not allowing saves
-
Extra users to email disappear from scheduled cumulative report
-
User with expired password stuck in login-password reset-login loop when skipping Fortra IDP prompt
Powertech
Antivirus
Version 6.3 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)
November 6, 2024
New Features
-
The Insite migration tools have been removed from the install package. They are now available from the Powertech Antivirus Server download page on the Fortra Support portal.
-
The install package is now self-contained and the need to download PostgreSQL and Java from the Fortra Support portal during installation has been removed. This also removes the need for air-gapped installation steps.
-
The PTAV Server now permits compatible endpoints (version 6.3.0 and above) to pass tags during the registration process. The tag names are case-insensitive and missing tags are created upon registration.
-
Scheduled scans and reports can now be targeted at a subset of endpoints based on individual endpoint tag names. You can preview the endpoints that the chosen filter (both endpoint names and tags) targets.
-
When attempting to set up an SMTP email connection, additional logging is enabled when the “Validate Email Connection” button is pressed. This will assist in diagnosing connection problems. The logging is directed into the file ptavws.log.
-
A new report type "Endpoint Status" has been added. This report can be tailored to include various fields representing the current state of an endpoint.
-
The reports table can be filtered based upon the type of report.
Enhancements
-
The PTAV User Interface has been updated to give it a more modern look and feel.
-
Installer refinements have been made to simplify the output and reduce the number of prompts presented to the user.
-
The Java runtime environment has been upgraded to 11.0.24.
-
PostgreSQL has been upgraded to 13.16.
-
Apache Tomcat has been upgraded to 9.0.91.
-
Flyway database migration tool is upgraded to 9.22.3.
-
Other various library upgrades have been made to address vulnerabilities.
Fixes
-
If an antivirus scan fails abnormally the update message sent to the PTAV server is now processed as expected.
Notes
-
This will be the last PTAV Server release that supports Red Hat 7. Red Hat 9 support will follow in the next release.
Robot
Robot Save
Version 13.05
November 19, 2024
Enhancements
-
RBSRSTOBJ and RBSRSTLIB can now use a defined AML.
Fixes
-
Fixed issue with some monitor jobs ending abnormally when running RSU and RSLSHUTDWN.
-
Updated formatting of the SAVACTMSGQ command so that it is fully qualified.
-
Either PTF SI76775 or CUME C2125740 are now required.
-
Updated the list of valid tape drive models to include IBM 3580 / 007.
-
Added additional clean up in post-FlashCopy processing to ensure that Objects in RBSTMPLIB do not cause other functions to fail.
Sequel
Sequel Data Warehouse Server
Version: 8.3.05
November 25, 2024
Fixes
-
Big Integer column in a Local Cache Table could be incorrectly defined as Character(20) in some circumstances. See Note 6.
-
An authority error could occur on Data Set Import if user is in a Class
-
A data set build error could occur if the method of implementing the dimensions is changed from Primary Index to Primary Key. See Note 1.
-
Legacy dates in character columns were not always handled correctly for conversion to real dates in extracts. See Note 2.
-
Where a date/time virtual element in an extract was specified to initialize to default value, the initialization did not always reset correctly to the default value for each row processed. See Note 2.
-
An extract build failure occurred where the definition for a CDC-DTAQ data source included the RUNID column as part of the key. See Note 2.
-
An extract build failure occurred when a Level Break Counter field was defined. See Note 2.
-
An extract build failure could occur when the Transaction Data Source is a logical file. See Note 2.
-
Incorrect code was generated for a source table using join type Get next record by partial key (Note: this issue did not occur with the much more commonly used join type Get next matching record by full or partial key). See Note 2.
-
The APYRDNPCH command did not reset the library list correctly after completion.
Sequel Data Warehouse Client
Version: 8.3.2905
November 25, 2024
Fixes
-
An extract build error occurred when a numeric virtual element was initially defined as Decimal, and then changed to Integer. See Note 2.
-
When switching between different environments in the client, in rare circumstances the client could update the metadata in the wrong environment.
Viewpoint 11
Version: 10.24.275
November 22, 2024
Fixes
-
A fix has been made to the "Save as PC File" dialog box to ensure it shows the number of records processed.
-
A fix has been made to the Viewpoint Administrator Database Security function to prevent the error 'This item's control has been deleted'.
Showcase
Viewpoint 10
Version: 10.24.275
November 22, 2024
Fixes
-
A fix has been made to the "Save as PC File" dialog box to ensure it shows the number of records processed.
-
A fix has been made to the Viewpoint Administrator Database Security function to prevent the error 'This item's control has been deleted'.
C&DS Migration Utility
Version: 10.24.275
November 22, 2024
-
No changes for this release.
Titus
Data Classification Reporting Server
Version 2.1
November 11, 2024
New Features
-
Added the option to copy dashboards and reports. For instructions, see the Data Classification Reporting Server Deployment Guide.
Enhancements
-
Confirmed support for Windows Server 2022.
-
Updated to .NET 8.0 for software requirement.
-
Updated product icon.
Fixes
-
Fixed issue with reports not being exported when selecting the button to export.
DCS Policy Manager (Cloud)
Version 2024.10 HF1
November 29, 2024
Fixes
-
Completed maintenance for version 2024.10; no new features or functionality
TCS for Mac
Version 2023.0 SP2
November 5, 2024
New Features
-
Added support for configuring multiple selection Schema Fields in the Administration Console.
-
Added new “UseAdminInstalledAddin” setting in the TCSInstallIOptions.plist file. See the Titus Classification Suite for Mac Installation Guide for more information.
Enhancements
-
Confirmed support for Sequoia (macOS 15).