Monthly Release Notes - January 2025

Jump to:

Agari	Alert Logic	Automate	Beyond Security
Boldon James	Bytware	CCSS	Clearswift
Cobalt Strike	Core Security	Digital Defense	Digital Guardian
Document Management	FileCatalyst	Fortra	Fortra VM
Globalscape	GoAnywhere	Halcyon	HelpSystems One
IBM Partnership	Insite	InterMapper	JAMS
Outflank Security Tooling	Powertech	Robot	Safestone
Sequel	Showcase	Tango/04	TeamQuest
Titus	Vera

Intermapper

Version 6.6.3

January 6, 2025

Enhancements

Upgraded the jQuery library from v1.10.2 to v3.6.0 for the web server.
Added support for Mac OS 13/14 Intel.

Fixes

Resolved cross-site scripting vulnerabilities.
Updated OpenSSL to 1.1.1 to address vulnerabilities.
Resolved option to delete reports in Reports server.
Resolved an issue where a "maintenance contract has lapsed" message may appear when you have a valid license.
Resolved MacOS unsupported version message.
Display Intermapper version.
Updated the Reports option to avoid including an extra "b" in each string when exporting to a CSV.
The Intermapper service has been improved to handle exceptions that had resulted in a crash.
Resolved an issue where the NT Services & WMI screen displayed LONG_WMI_DESC instead of the proper text at top of window.
Updated to ensure long Japanese text fits in the Layer 2 settings window.
Resolved an issue where the database would not update properly and had a psycopg2.errors.NotNullViolation error.
Resolved a server-crash issue related to an equality test.
Resolved an issue where the Intermapper service may crash with a XExitProcess(11): Segmentation violation error.
Updated to ensure the Check Now and Automatically check buttons only check for updates when on an older version.
Updated the Intermapper Data Settings to allow email addresses with domains containing two periods.
Resolved server crash issues related to packet count and IPMI router.
Updated the More Probes button to ensure it opens the correct page.
Check for Updates feature was resolved for Remote Access.

Powertech

BoKS Manager

Version 8.1 (version update)

January 13, 2025

Server s-8.1.0.14

New Features

Added soft dependency checking.
Option to start boks_sshd even when the native sshd service is running on a different port.

Fixes

Fixed potential deadlock when reading/writing configuration data.
autoblockusers blocks functional accounts.
Host group modification time is not updated when a host is removed.
kslog files in "maxage" directory are not parsed.
Misleading warnings when restoring pre-8.1 backups.

Version 8.1 (version update)

January 13, 2025

Client c-8.1.0.20

New Features

Added soft dependency checking.
Check SELinux boolean value "authlogin_nsswitch_use_ldap".
Increased timeout waiting for servm queue when Replicas start.
New option 'log_login_module' added to bokspam.conf.
Option to start boks_sshd even when the native sshd service is running on a different port.
boksinfo now lists only local file system information.

Fixes

Fixed potential deadlock when reading/writing configuration data.
Fixed incorrect parameter details in Boot man page.
BoKS sudo should not allow users to use '-s' if sudo_touserenv is set.
kslog files in "maxage" directory are not parsed.

Antivirus

Version 6.3 (6.3.0 Powertech Antivirus Unix/Linux Endpoints)

January 8, 2025

IMPORTANT: Support for the following operating system/platform combinations is provided on a best-effort basis: Ubuntu Server 20 for s390x, SUSE Linux Enterprise Server 12 for s390x.
Support for the following operating system/platform combinations will be removed in a future version: Red Hat Enterprise Linux 7 big-endian for Power Systems servers, Ubuntu Linux 16 for x86_64. Customers who are using those operating systems should plan to migrate to newer operating system versions.

New Features

The on-demand scanner now supports multi-threaded scanning. On logical partitions and VMs with more than a single logical processor, this can lead to a pronounced reduction in scanning time. The number of scanning threads can be specified with the --scanthreads parameter, as well as by the corresponding setting in the Powertech Antivirus Server GUI (requires Powertech Antivirus Server version 6.3 or higher). By default, a single scanning thread is used, mimicking the behavior of the older versions. For more information, please see Knowledge Article: Multi-Threaded On-Demand Scans.
Powertech Antivirus now uses the latest Trellix anti-malware engine, version 6700. New and improved functionality in the 6700 engine includes: normalization support for PowerShell scripts, increased coverage of MIME samples, performance improvements and vulnerability fixes, multiple bug fixes, as well as other minor feature enhancements.
Reasons for skipping files are now presented in program output and scan summary.
An option to enhance quiet output to include errors, skips and timeouts has been added.

Enhancements

Tags for an endpoint can now be set when the endpoint is registered with Powertech Antivirus Server (requires Powertech Antivirus Server 6.3 or higher). To do so, specify the tags with the -t or --tags parameters when executing the registration script. Enclose the tags in single quotes, separating the tags with semicolons. Example: ./register.sh <other parameters> -t ’tag1;tag2;tag3’.
On-access filesystem cache performance has been improved for the default case, where pruning is disabled.
Performance was optimized for on-demand scanning on AIX in scenarios where on-access scanning is also being used.
The avsvccfg command, which was used to configure the on-access scanning and which has been superseded by the more powerful avconfig command, has been removed.
Security for the zlog component that is shipped with Powertech Antivirus has been hardened. Previously, a world-writable file, /tmp/zlog.lock, was used as a lock file for log file rotation. Now, the zlog.conf file is instead used. File permissions for log files have also been tightened. Note that for product upgrades to take advantage of these changes, it may be necessary to make manual updates to zlog.conf and zlog-avsvc.conf. For details, please see the Upgrading section of the product README.
The delivery of scan termination events to Powertech Antivirus Server has been improved.
Improvements have been made for memory management during archive scanning.
Improvements have been made to the on-access scan queue and reconfiguration stability.
Improvements have been made to signal handling in on-access service threads.
The Fortra license agreement has been updated.
The help text for the avconfig command now provides detailed information about how to specify the configuration file section and the configuration setting.

Fixes

On-access service no longer outputs failure messages when a file scheduled for scanning is no longer available at scan time.
On-access service shutdown and reconfiguration events are now logged at NOTICE level, which would go to syslog local5.notice with default configuration.
On-access path validation for avconfig and avsvc has been improved for the case where a path does not currently exist. Unacceptable paths are now noted by avconfig , and logged by avsvc.
Quarantine security has been improved for on-demand scans that are run under a non-root user.
Invalid paths are now shown as errors in on-demand scan output.
When the avupdate command is run on AIX and requires the curl or wget tool, it now additionally searches directory /opt/freeware/bin for those tools.
The file transfer logs for the avupdate command are now created with more secure file permissions. The avscan and avupdate commands now inherit the system umask.
The Linux on-access scanner will no longer inspect empty files encountered during file access interception.
The zlog third-party component has been updated to include a fix for security vulnerability CVE-2024-22857.

Exit Point Manager

Version 8.03

January 13, 2025

Fixes

If the FTP server exit point encountered an invalid *MEMOBJ rule, it failed to process any other rules correctly. This has been corrected.
An error will occur in Exit Point Manager if a user-profile does not have both ADD and READ authority to itself. IBM documentation states that these authorities are required for normal system operations, and therefore Administrators should not remove these authorities. Exit Point processing will now detect if these authorities have been removed and issue an appropriate error message to QSYSOPR. The documentation has been updated to note this requirement.
Collection of data for the Insite Good Morning Dashboard no longer uses a semaphore (a system level object) to ensure sequential processing. This may improve performance and stability.
Certain non-printable characters (for example, the copyright symbol ©) were not handled correctly in text strings in SQL statements if the system locale was not set. This has been corrected.
A correction has been made to the text for message LNS0702.

Vera

Version 3.24.0

January 2025

New Features

Mac Client
- Digital Guardian Secure Collaboration (Vera) announces support for macOS Sequoia.

SaaS
- Multiple users can co-edit the SharePoint or OneDrive-hosted secured files using the OnlyOffice editor and push the edited secured files back to SharePoint or OneDrive.
- Digital Guardian Secure Collaboration (Vera) announces support for the SMB3 protocol with the 3.24.0 release.
NOTE: To use the SMB3 protocol, users must upgrade their existing connectors.

Fixes

Fixed an issue where the Digital Guardian Secure Collaboration (Vera) tenant Graphical User Interface (GUI) failed to update the correct SharePoint credentials for SharePoint shares.
Improved the security fixes.

End of Support

Digital Guardian Secure Collaboration (Vera) announces the end of support for 3.22 with the 3.24.0 release. Users are recommended to update their clients to ensure smooth operations.
Digital Guardian Secure Collaboration (Vera) announces the end of support for macOS Monterey for the Mac client by the 3.25.0 release.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Last Published: 202501131023