Monthly Release Notes - December 2025

Jump to:

Agari Alert Logic Automate Beyond Security
Boldon James Bytware CCSS Clearswift
Cobalt Strike Core Security Digital Defense Digital Guardian
Document Management FileCatalyst Fortra Fortra Application Hub
Fortra VM Globalscape GoAnywhere Halcyon
IBM Partnership Insite InterMapper Outflank Security Tooling
Powertech Robot Safestone Sequel
Showcase Tango/04 TeamQuest Terranova Security  
Titus Vera

 

Agari

Version 2025.12

December 2025

Updates

  • Sensor 25.11:

    • Support enforcing messages in sub-folders for on-prem EWS enforcement.

    • Enhance attachment detection.

Fixes

  • Various bug fixes and updates.

Back to Top

 

Alert Logic

Managed WAF

Version 5.2.4.2-3170

December 10, 2025

Features

  • Multiple configuration, use, and performance improvements to Client Protection - Page Integrity

  • Custom access log configurations with data anonymization enabled

  • Customizable CAPTCHA pages for built-in challenges

Enhancements

  • HTTP/2 enabled by default on both existing and new websites

  • Added information to 400 Bad Request and 408 Timeout Request that appear in deny logs to help troubleshooting

  • Added option to disable logging of failed/malformed requests

  • Improved policy report

Fixes

  • Restored custom IP lists when importing system settings

  • Recreated data related to API definitions when restoring configuration backups

  • Removed Fortra identifiers from page integrity injected JavaScript

  • Made browser session state in local storage WAF host-specific to avoid collisions in the UI

  • Made DDoS and ICM cluster discovery function with delegated IAM roles

  • Improved proxy settings import to detect template during import and recreate ACL order when required

  • Violation overrides for website global and streaming ACL configurations are now respected

  • Resolved an issue where nginx worker processes did not properly terminate due to unfinished sequences in the WAF core engine

Back to Top

 

Clearswift

Secure Email Gateway

Version 6.2.0

December 10, 2025

IMPORTANT:

We strongly recommend that you visit the Installation Guides before installing or upgrading the Gateway.

The Firewall ports topic in the Online Help has also been updated for this release. Please review your port and protocol settings.

NOTE:

If you are upgrading your Gateway using:

DNF - you are advised to use dnf upgrade --nobest, instead of just dnf upgrade. This applies to all upgrades, both from the ISOs and online repositories.

Cockpit - the process should complete without any issues.

Enhancements

  • The "Clearswift Secure Gateway" product range has been rebranded to the "Fortra Secure Gateway" to unify the Fortra's cyber solutions. In accordance with this, changes have been applied to the Gateway user interface and documentation. This rebranding does not affect the existing product functionalities.

  • Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 9.4 to 9.7.

  • A new malicious URL database, "Fortra Threat Brain" has been added under Policy > Policy References > URL Lists. Along with the existing malicious URL lists, the new list can be used in the Sanitize Document Content and Sanitize Message content rules to detect potentially suspicious URLs or hyperlinks. Note that these lists are not suitable for use in an offline environment.

  • For stronger security, HTTP protocol is no longer supported in certain end-user functionalities, such as the Manage Message token/link in Inform, the Digest Messages in PMM and managing Trusted Senders in PMM. These functionalities require a different IP address from the Gateway's web UI via HTTPS.

    If your existing setup is any of the following, it is likely that you need to add the secondary IP address and configure it after you upgrade to version 6.2.0:

    - Using PMM with Digest only mode

    - Using PMM with Lite mode

    - Using the Manage Message token/link in Inform (regardless of using PMM or not)

    Note that:

    - New installs also require the same configuration.

    - For upgrades, old messages (with HTTP end-user links) delivered before the upgrade will not work anymore. After the upgrade, administrators are advised to configure the secondary IP address and schedule a full distribution of the digest messages at earliest convenience, so that all end-user links will be switched to HTTPS with minimum disruption.

    For more information, see this knowledge article in the Fortra Support Portal.

Fixes

  • The default timeout for Avira scans has been increased to ensure that scanning large files completes without errors.

  • The character limit of the Login Page Text setting under System > Gateway Branding has been increased to 4,096 characters, allowing relatively long content, such as legal disclaimers, to be fully displayed on the page.

  • Resolved an issue where the entire message was recorded in the SMTP log if all log levels are set to "Info" under System > SMTP Settings > General Settings > Log Levels.

  • Resolved an issue where the cs-gw-mailshell-service process was consuming 75% of memory. It has been updated to use a newer version of gRPC which should reduce the memory usage.

  • Resolved an issue with downloading Rspamd updates.

  • Addressed SELinux warnings for specific components when running the product on RHEL 9.4 or 9.6.

  • Addressed SELinux errors when joining a domain on RHEL 9.6.

Secure Exchange Gateway

Version 6.2.0

December 10, 2025

IMPORTANT:

We strongly recommend that you visit the Installation Guides before installing or upgrading the Gateway.

The Firewall ports topic in the Online Help has also been updated for this release. Please review your port and protocol settings.

NOTE:

If you are upgrading your Gateway using:

DNF - you are advised to use dnf upgrade --nobest, instead of just dnf upgrade. This applies to all upgrades, both from the ISOs and online repositories.

Cockpit - the process should complete without any issues.

Enhancements

  • The "Clearswift Secure Gateway" product range has been rebranded to the "Fortra Secure Gateway" to unify the Fortra's cyber solutions. In accordance with this, changes have been applied to the Gateway user interface and documentation. This rebranding does not affect the existing product functionalities.

  • Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 9.4 to 9.7.

  • For stronger security, HTTP protocol is no longer supported in certain end-user functionalities, such as the Manage Message token/link in Inform, the Digest Messages in PMM and managing Trusted Senders in PMM. These functionalities require a different IP address from the Gateway's web UI via HTTPS.

    If your existing setup is any of the following, it is likely that you need to add the secondary IP address and configure it after you upgrade to version 6.2.0:

    - Using PMM with Digest only mode

    - Using PMM with Lite mode

    - Using the Manage Message token/link in Inform (regardless of using PMM or not)

    Note that:

    - New installs also require the same configuration.

    - For upgrades, old messages (with HTTP end-user links) delivered before the upgrade will not work anymore. After the upgrade, administrators are advised to configure the secondary IP address and schedule a full distribution of the digest messages at earliest convenience, so that all end-user links will be switched to HTTPS with minimum disruption.

    For more information, see this knowledge article in the Fortra Support Portal.

Fixes

  • The default timeout for Avira scans has been increased to ensure that scanning large files completes without errors.

  • The character limit of the Login Page Text setting under System > Gateway Branding has been increased to 4,096 characters, allowing relatively long content, such as legal disclaimers, to be fully displayed on the page.

  • Addressed SELinux warnings for specific components when running the product on RHEL 9.4 or 9.6.

  • Addressed SELinux errors when joining a domain on RHEL 9.6.

Secure ICAP Gateway

Version 6.2.0

December 10, 2025

IMPORTANT:

We strongly recommend that you visit the Installation Guides before installing or upgrading the Gateway.

The Firewall ports topic in the Online Help has also been updated for this release. Please review your port and protocol settings.

NOTE:

If you are upgrading your Gateway using:

DNF - you are advised to use dnf upgrade --nobest, instead of just dnf upgrade. This applies to all upgrades, both from the ISOs and online repositories.

Cockpit - the process should complete without any issues.

Enhancements

  • The "Clearswift Secure Gateway" product range has been rebranded to the "Fortra Secure Gateway" to unify the Fortra's cyber solutions. In accordance with this, changes have been applied to the Gateway user interface and documentation. This rebranding does not affect the existing product functionalities.

  • Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 9.4 to 9.7.

Fixes

  • The default timeout for Avira scans has been increased to ensure that scanning large files completes without errors.

  • The character limit of the Login Page Text setting under System > Gateway Branding has been increased to 4,096 characters, allowing relatively long content, such as legal disclaimers, to be fully displayed on the page.

  • Addressed SELinux warnings for specific components when running the product on RHEL 9.4 or 9.6.

Secure Web Gateway

Version 6.2.0

December 10, 2025

IMPORTANT:

We strongly recommend that you visit the Installation Guides before installing or upgrading the Gateway.

The Firewall ports topic in the Online Help has also been updated for this release. Please review your port and protocol settings.

NOTE:

If you are upgrading your Gateway using:

DNF - you are advised to use dnf upgrade --nobest, instead of just dnf upgrade. This applies to all upgrades, both from the ISOs and online repositories.

Cockpit - the process should complete without any issues.

Enhancements

  • The "Clearswift Secure Gateway" product range has been rebranded to the "Fortra Secure Gateway" to unify the Fortra's cyber solutions. In accordance with this, changes have been applied to the Gateway user interface and documentation. This rebranding does not affect the existing product functionalities.

  • Product’s platform, Red Hat Enterprise Linux (RHEL), has been updated from version 9.4 to 9.7.

Fixes

  • The default timeout for Avira scans has been increased to ensure that scanning large files completes without errors.

  • The character limit of the Login Page Text setting under System > Gateway Branding has been increased to 4,096 characters, allowing relatively long content, such as legal disclaimers, to be fully displayed on the page.

  • Addressed SELinux warnings for specific components when running the product on RHEL 9.4 or 9.6.

  • Addressed SELinux errors when joining a domain on RHEL 9.6.

Back to Top

 

Core Security

Core Impact

Version: 21.8

December 8, 2025

New Features

  • Added OSCI Agent entity in WebApps and Network, configured by exploits leveraging Command Injection vulnerabilities.

  • Support Agent generation mapped in RX memory pages.

    • Does not apply if "ENCRYPT CODE" is enabled.

  • Added the ability to export workspace information in Syslog CEF format. Module: "Export results into Syslog (CEF formatted)"

Enhancements

  • Added handling for SQL Server Express 10GB limitations. Core Impact is now stopped if it reaches 95% (9.5 GB) of the 10 GB limit, allowing for workspace cleanup.

  • A host can now be added by IP address and name.

  • Exploits / Checkers execution has been removed from the Information Gathering RPT wizard.

  • Added the ability to spawn a WebServer used by the UI in HTTP/HTTPS ("Core Impact Web Server Service" service)

  • Enhanced the Privilege Escalation Exploit's successful check. Now checked by SID.

  • Enhanced the WebView2 Runtime dependency installation.

Fixes

  • Support integration with latest Metasploit framework version.

  • Information Gathering can now be re-executed over created hosts.

  • Jitter parameters added to Identity Verifiers.

  • Exception handling for deleting workspaces from the Dashboard.

  • Fixed an exception in the "AD Information Gathering from BloodHound" module when the number of paths was high.

  • Fixed the OS parameter in the shellcode callback of the Agent Transformations feature.

  • Fixed an issue where Scheduled Tasks would not load, and their output would appear in another task.

  • Fixed an issue when setting Reconnection Timeout to a value higher than 14 days.

  • Fixed an issue when opening a workspace whose property contained symbols.

  • Fixed the Quick Information panel of exploited website-entities.

Back to Top

 

Digital Guardian

Agent for Linux

Version: 11.2.0

December 2025

New Features

  • Certification for Additional Kernels

    This table lists the additional certified Linux kernels for Red Hat Enterprise Linux (RHEL) and Ubuntu in this release. Refer to the Agent for Linux User's Guide for details about the packages required to support the new kernel versions for the Agent. Refer to Agent_for_Linux_v11.x.x_and_Later_RHEL_Certified_Environments and Agent_for_Linux_v11.x.x_and_Later_Ubuntu_Certified_Environments for the complete lists of supported RHEL and Ubuntu kernels.

    Distribution

    Version

    Architecture

    Kernel
    RHEL 10.0 64-Bit kernel-6.12.0-55.45.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.43.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.42.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.41.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.40.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.39.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.38.1.el10_0
    RHEL 10.0 64-Bit kernel-6.12.0-55.37.1.el10_0
    RHEL 9.6 64-Bit kernel-5.14.0-570.64.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.62.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.60.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.58.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.55.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.52.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.51.1.el9_6
    RHEL 9.6 64-Bit kernel-5.14.0-570.49.1.el9_6
    RHEL 9.4 64-Bit kernel-5.14.0-427.100.1.el9_4
    RHEL 9.4 64-Bit kernel-5.14.0-427.97.1.el9_4
    RHEL 9.4 64-Bit kernel-5.14.0-427.96.1.el9_4
    RHEL 9.4 64-Bit kernel-5.14.0-427.94.1.el9_4
    RHEL 9.4 64-Bit kernel-5.14.0-427.92.1.el9_4
    RHEL 9.4 64-Bit kernel-5.14.0-427.91.1.el9_4
    RHEL 8.10 64-Bit kernel-4.18.0-553.84.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.83.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.82.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.81.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.80.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.79.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.78.1.el8_10
    RHEL 8.10 64-Bit kernel-4.18.0-553.77.1.el8_10
    Ubuntu 24.04 64-Bit linux-image-6.14.0-35-generic
    Ubuntu 24.04 64-Bit linux-image-6.14.0-34-generic
    Ubuntu 24.04 64-Bit linux-image-6.14.0-33-generic
    Ubuntu 24.04 64-Bit linux-image-6.8.0-87-generic
    Ubuntu 24.04 64-Bit linux-image-6.8.0-86-generic
    Ubuntu 24.04 64-Bit linux-image-6.8.0-85-generic
    Ubuntu 22.04 64-Bit linux-image-6.8.0-87-generic
    Ubuntu 22.04 64-Bit linux-image-6.8.0-86-generic
    Ubuntu 22.04 64-Bit linux-image-6.8.0-85-generic
    Ubuntu 22.04 64-Bit linux-image-5.15.0-161-generic
    Ubuntu 22.04 64-Bit linux-image-5.15.0-160-generic
    Ubuntu 22.04 64-Bit linux-image-5.15.0-157-generic

Back to Top

 

Document Management (RJS)

IBM i Office Integrator

Version 1.35.2

December 11, 2025

Enhancements

  • Added installer support for IBM i 7.6 and 7.5 with password level 3 or 4, and/or with the built in MFA option enabled.

iForms Library

Version 2.01.3

December 11, 2025

Enhancements

  • Added installer support for IBM i 7.6 and 7.5 with password level 3 or 4, and/or with the built in MFA option enabled.

PCL to PDF Converter/400

Version 6.01.3

December 11, 2025

Enhancements

  • Added installer support for IBM i 7.6 and 7.5 with password level 3 or 4, and/or with the built in MFA option enabled.

Report Splitter

Version 4.71.5

December 11, 2025

Enhancements

  • Added installer support for IBM i 7.6 and 7.5 with password level 3 or 4, and/or with the built in MFA option enabled.

RPG2SQL Integrator

Version 1.58.1

December 11, 2025

Enhancements

  • Added installer support for IBM i 7.6 and 7.5 with password level 3 or 4, and/or with the built in MFA option enabled.

Back to Top

 

Fortra

Endpoint Manager

December 4, 2025
Enhancements

  • Updated EDR and DLP Modules.

Fixes

  • Fixed issue with Edit Module drawer triggering validation errors when saving.

  • Improved styling on the Add/Edit Group drawers and Endpoint Details drawer.

  • Improved styling, search, and filters on the Edit Endpoints page.

  • Resolved security vulnerabilities and minor bug fixes.

Fortra platform

December 5, 2025
Enhancements

  • Combined System and Settings navigation menus.

Fixes

  • Improved styling of login options table.

  • Fixed permission issue with account filter.

  • Fixed issue where adding an account from the second page would redirect back to first page.

  • Fixed issue with insufficient permission error when clicking add or edit user.

  • Resolved security vulnerabilities and minor bug fixes.

Back to Top

 

Fortra Application Hub

Version 1.4.1 (Windows)

December 9, 2025

IMPORTANT: In order to improve product security, the Fortra Application Hub directories can only be accessed by Administrators and the Local Service account. This means that if you try to browse into the directory as an Administrator but not the built-in Administrator account you will get an access denied error message from Windows Explorer. An elevated command prompt or running a tool such as notepad “As Administrator” will not incur such a warning.
New Features

  • Fortra Application Hub is now supported on Microsoft Windows

Fixes

  • The restore PowerShell script shipped with the Windows version contains a error that will prevent data for being restored correctly. Please contact support for an updated version.

  • Steps for setting up a Tomcat certificate on Windows can be found in the online help at Setting up a Trusted Certificate but are not currently available in the product.

Back to Top

 

Terranova Security

Version: 1.118.1

December 11, 2025

Enhancements

  • A new yellow banner is now displayed under the Schedule tab when a large number of recipients are added to a phishing simulation. This banner notifies users that the recipient list creation process is in progress in the background.

 

Fixes

  • A phishing simulation created for a large number of recipients initially displayed a recipient count of 0 on the simulation details page, rather than the actual number. Additionally, launching the simulation displayed an unexpected error message. Both issues have been resolved.

  • Launching a scheduled phishing simulation sometimes resulted in timeouts, requiring clients to reschedule multiple times before it could start successfully. This issue has been resolved.

Back to Top

 

Titus

DCS Policy Manager (Customer-hosted)

Version 5.2

December 1, 2025

New Features

  • For DCS for Windows, DCS for DaR, and DCS One:

    • Added support for importing customer-defined custom condition JSON files.

    • Added support for “Apply custom action”.

  • For DCS for Windows and DCS One:

    • Added support for the Portion Marking feature, which is only available in the Ultra product edition. Only DCS for Windows will support the policy event and action for documents. Both will support App Settings for email and documents, with DCS Windows supporting a few more settings than DCS One due to technical limitations.

    • Changed the “Warn” parameter to “Severity” for the “Alert”, “Alert – attachment classification”, “Alert – recipient”, and “Set classification” actions. The “Deny” action has also been removed because you can set “Severity” to “Prevent”.

    • Added a new “Information” option for the “Severity” parameter for the “Alert”, “Alert – attachment classification”, “Alert – recipient” actions. You could use this type of alert to notify the user that they are not following best practices.

  • For DCS for Windows:

    • Added “Email > On open” event that occurs when a user opens a received message or calendar item.

    • Added “Email > On check policy” event that occurs when a user clicks the “Check Policy” button in a message or calendar item. To use this feature, you must enable two different App Settings. You must enable the button in the “Check Policy Settings” group, and you must enable the Options Ribbon in the “Ribbon Settings” group.

    • Added “Enable justification” setting for Schema Fields in the “Field behavior” tab. Enable this setting if you want users to justify why they are updating classification values.

    • Added “Retain fields” parameter for the “Apply advanced header or footer” action. This feature allows you to retain selected Microsoft Word fields if you enabled the “Remove markings” parameter.

    • Added “SharePoint Interoperability” App Settings under “Office Add-in Settings” group. Classifying documents with DCS for Windows adds custom document properties. Classifying documents in SharePoint adds document server properties. If your organization has classified Microsoft Office documents in SharePoint and other repositories, use this feature to warn users and resolve metadata conflicts if the DCS custom document properties differ from the SharePoint document server properties.

    • Added “Attachment.Metadata” audit properties selection option under the “DCS Audit Settings” App Settings group.

    • Added new App Settings that allows users to reset classification to the default state (under Classification Selection UI).

    • Added new App Settings for Microsoft Sensitivity Label Interoperability (under User Settings).

  • For DCS for DaR:

    • Added “Set custom property” action. This feature allows you to add or modify a custom property for files during a DCS for DaR scan.

    • Added “DaRImport” Schema Mapping Namespace selection option for a DCS for DaR Import Scan.

Enhancements
  • Updated the “Apply subject label” action to also support the “Email > on classification change” event.
  • Updated the display names of the Data Detection Engine custom conditions to change the cloud term to “SaaS” and the on-premises term to “customer-hosted.”
  • Updated HTML Editor alignment formatting to fix visual markings issue.
  • Updated the “Company” value in published TCPG files to display the customer domain instead of “HelpSystems”.
  • Improved certificate filtering functionality during the installation.
  • Updated the “Documentation” page to open in a new tab.
  • Improved “Documentation” page access in internet-isolated environments.

DCS Services Layer (Customer-hosted)

Version 5.1

December 1, 2025

New Features
  • Added support for the Ultra product edition in licenses. This update is for customers who want to configure Portion Marking in DCS Policy Manager.

Back to Top