Monthly Release Notes - January 2020

Jump to:

Core Security


Core Impact

Version: 19.1.6

Jan 31, 2020

Enhancements
  • New Exploits:
    • Linux PTRACE_TRACEME Local Privilege Escalation Exploit: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). (CVE-2019-13272)

    • Microsoft Windows Win32k xxxMNFindWindowFromPoint Vulnerability Exploit: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0808)

    • Windows Error Reporting Manager Arbitrary File Move Elevation of Privilege Exploit: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles hard links. (CVE-2019-1315)

    • Citrix ADC and Gateway Directory Traversal Vulnerability Exploit: Citrix Application Delivery Controller (ADC) and Citrix Gateway are prone to a directory traversal vulnerability that allows attackers to upload an XML file via newbm.pl and execute system commands. (CVE-2019-19781)

    • Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Vulnerability Exploit: This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory.(CVE-2019-15976)

    • MSI Afterburner RTCore64 Privilege Escalation Exploit: The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. (CVE-2019-16098)

Network Insight

Version: 6.4.4
Other Fixes
  • Fix in the Diagnostics Bandwidth chart (under some conditions the graph could produce spikes due rounding errors). (CAS-0010182239)

  • Reduction of the CPU and bandwidth usage in the diagnostics data generation.

Back to Top

 

Globalscape


EFT Enterprise

Version 8.0.0.38

Jan 13, 2020

New Features

EFT Administration

  • The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)

  • EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)

  • The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)

  • Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)

  • Added a separate control the Request File page/portal URL (TFS 371245)

  • Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)

  • Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)

  • A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)

  • Added SAML assertion map attribute to email field (TFS 369964)

  • Added new Site-Level Counters

    • User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32

    • Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory

    • Templates – number of templates defined for this site. Updated infrequently

    • User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently

    • User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections

    • User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users

    • Workspaces Drop-offs – number of drop-off requests active and not expired

    • Workspaces File Sends – number of file send operations that are active and have not yet expired

    • Workspaces Folders Shared – number of folder shares that are active and have not yet expired

  • Updated the Amazon S3 Region list (TFS 373493)

  • Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)

  • Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)

  • SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)

  • Each site has its own set of SSH keys

  • Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db

  • The SSH creation and management GUIs were changed accordingly

  • OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)

  • Workspaces tabs have been consolidated into the Site > Web tab

Advanced Properties

  • Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).

  • To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)

  • To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)

  • To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)

  • To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)

  • To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)

  • To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)

  • To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)

  • To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)

  • To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)

  • Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)

  • Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)

  • Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)

  • Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)

  • To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)

  • To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)

  • To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)

  • To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)

  • To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)

  • To disable cache for DN Type in Active Directory sites (TFS 367876)

  • Added to skip auditing of:

    • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)

    • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)

    • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)

    • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);

    • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)

    • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)

    • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)

    • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)

    • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)

    • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)

    • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)

    • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete

    • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Auditing and Reporting

  • Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)

    • Provided the ability to control what EFT Audits within the following tables (TFS 369778):

    • tbl_SocketConnections

    • tbl_ProtocolCommands

    • tbl_AS2Transactions

  • Improved error messages logged when failing to connect tOracle databases (TFS 369217)

  • ARM schema tables added:

    • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)

    • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)

    • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)

    • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)

    • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)

    • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)

    • ScanDataAction to contain list of scanned files and scan results (TFS 365254)

    • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)

  • Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)

  • Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)

  • Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)

  • Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)

  • Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)

  • Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)

  • Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)

  • Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)

  • Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)

  • Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

  • Added ARM reports:

    • “Workspaces – Folders Unshared”

    • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)

    • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)

    • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)

    • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)

    • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)

    • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)

    • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)

    • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)

    • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

Workspaces

  • Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)

COM API

  • In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)

  • UTF8Logs property

  • In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)

  • PGP Key properties and methods:

    • CreatePGPKey

    • ExportPGPKey, ImportPGPKey

    • PGPKeys

    • RemovePGPKey

    • Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.

  • SSH Key properties and methods:

    • CreateSSHKeyPair

    • ExportSSHPrivateKey, ImportSSHPrivateKey

    • ExportSSHPublicKey, ImportSSHPublicKey

    • GetSSHKeyForSFTP, SetSSHKeyForSFTP

    • RemoveSSHKey

    • RenameSSHKey

    • SSHKeys

  • Privacy-related changes:

    • GetClientDataField, SetClientDataField

    • GetPrivacyPolicy, SetPrivacyPolicy

    • GetTermsOfService, SetTermsOfService

    • GetGDPRSettings, SetGDPRSettings

  • Workspaces Properties:

    • WorkspacesDomainsToForbidInviteeAddresses

    • WorkspacesEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToLimitInviteeAddresses

    • WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute

  • Content Integrity Control profile management methods and properties

  • GetVirtualFolderList Properties (TFS 368492):

    • Calls with empty parameters work as previous behavior

    • Improvements with data returns of virtual folders that are inside the folder

  • In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId

  • In the ICISSHKeyInfo interface, added HasPrivate property

  • In the ICIManualIPAccessRule interface, added Reason property

  • Interfaces added for new Event Rule Actions:

    • ICICallSubroutineActionParams interface

    • ICIDefineVariableActionParams interface

    • ICIRunPowerShellScriptActionParams interface

    • Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

    • ICIClientDataField interface

    • ICIGDPRSettings Interface

    • ICIPrivacyPolicy interface

    • ICITermsOfService interface

  • Enums:

    • In the AdminAccountType enum, added ADGroupAccount

    • In the AdminPermissionsPolicy enum, added ManagePersonalData

    • In the EventType enum, added EventRuleSubroutine

    • In the EventActionTypeenum, added:

      • DefineVariableAction

      • RunPowerShellScriptAction

      • CallSubroutineAction

    • In the EventProperty enum, added:

      • FileExtension

      • ClientGDPRSubjectStatus

      • ClientGDPRConsentStatus

      • ClientGDPRReason

      • ClientGDPRRightExercised

      • New ClientDataField enum

      • New GDPRTermsofServiceMode enum

      • New GDPRPrivacyPolicyMode enum

      • New GDPRSubjectStatus enum

      • New GDPRPrivacyPolicyConsentStatus enum

      • New GDPRTermsOfServiceConsentStatus enum

    • In UserAccountActionType enum, added:

      • EnableAccount

      • PersonalDataDeleteFields

      • PersonalDataResetToDefaults

      • PersonalDataSetEnabled

      • PersonalDataSetModifiable

      • PersonalDataSetVisible

      • SetEUDataSubjectStatus

      • SetPrivacyPolicyConsent

      • SetTermsOfServiceConsent

EFT Express

Version 8.0.0.38

Jan 19, 2020

New Features

EFT Administration

  • The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)

  • EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)

  • The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)

  • Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)

  • Added a separate control the Request File page/portal URL (TFS 371245)

  • Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)

  • Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)

  • A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)

  • Added SAML assertion map attribute to email field (TFS 369964)

  • Added new Site-Level Counters

    • User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32

    • Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory

    • Templates – number of templates defined for this site. Updated infrequently

    • User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently

    • User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections

    • User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users

    • Workspaces Drop-offs – number of drop-off requests active and not expired

    • Workspaces File Sends – number of file send operations that are active and have not yet expired

    • Workspaces Folders Shared – number of folder shares that are active and have not yet expired

  • Updated the Amazon S3 Region list (TFS 373493)

  • Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)

  • Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)

  • SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)

  • Each site has its own set of SSH keys

  • Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db

  • The SSH creation and management GUIs were changed accordingly

  • OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)

  • Workspaces tabs have been consolidated into the Site > Web tab

Advanced Properties

  • Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).

  • To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)

  • To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)

  • To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)

  • To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)

  • To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)

  • To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)

  • To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)

  • To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)

  • To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)

  • Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)

  • Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)

  • Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)

  • Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)

  • To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)

  • To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)

  • To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)

  • To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)

  • To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)

  • To disable cache for DN Type in Active Directory sites (TFS 367876)

  • Added to skip auditing of:

    • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)

    • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)

    • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)

    • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);

    • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)

    • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)

    • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)

    • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)

    • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)

    • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)

    • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)

    • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete

    • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Auditing and Reporting

  • Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)

    • Provided the ability to control what EFT Audits within the following tables (TFS 369778):

    • tbl_SocketConnections

    • tbl_ProtocolCommands

    • tbl_AS2Transactions

  • Improved error messages logged when failing to connect tOracle databases (TFS 369217)

  • ARM schema tables added:

    • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)

    • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)

    • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)

    • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)

    • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)

    • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)

    • ScanDataAction to contain list of scanned files and scan results (TFS 365254)

    • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)

  • Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)

  • Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)

  • Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)

  • Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)

  • Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)

  • Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)

  • Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)

  • Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)

  • Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)

  • Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

  • Added ARM reports:

    • “Workspaces – Folders Unshared”

    • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)

    • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)

    • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)

    • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)

    • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)

    • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)

    • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)

    • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)

    • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

Workspaces

  • Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)

COM API

  • In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)

  • UTF8Logs property

  • In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)

  • PGP Key properties and methods:

    • CreatePGPKey

    • ExportPGPKey, ImportPGPKey

    • PGPKeys

    • RemovePGPKey

    • Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.

  • SSH Key properties and methods:

    • CreateSSHKeyPair

    • ExportSSHPrivateKey, ImportSSHPrivateKey

    • ExportSSHPublicKey, ImportSSHPublicKey

    • GetSSHKeyForSFTP, SetSSHKeyForSFTP

    • RemoveSSHKey

    • RenameSSHKey

    • SSHKeys

  • Privacy-related changes:

    • GetClientDataField, SetClientDataField

    • GetPrivacyPolicy, SetPrivacyPolicy

    • GetTermsOfService, SetTermsOfService

    • GetGDPRSettings, SetGDPRSettings

  • Workspaces Properties:

    • WorkspacesDomainsToForbidInviteeAddresses

    • WorkspacesEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToLimitInviteeAddresses

    • WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute

  • Content Integrity Control profile management methods and properties

  • GetVirtualFolderList Properties (TFS 368492):

    • Calls with empty parameters work as previous behavior

    • Improvements with data returns of virtual folders that are inside the folder

  • In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId

  • In the ICISSHKeyInfo interface, added HasPrivate property

  • In the ICIManualIPAccessRule interface, added Reason property

  • Interfaces added for new Event Rule Actions:

    • ICICallSubroutineActionParams interface

    • ICIDefineVariableActionParams interface

    • ICIRunPowerShellScriptActionParams interface

    • Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

    • ICIClientDataField interface

    • ICIGDPRSettings Interface

    • ICIPrivacyPolicy interface

    • ICITermsOfService interface

  • Enums:

    • In the AdminAccountType enum, added ADGroupAccount

    • In the AdminPermissionsPolicy enum, added ManagePersonalData

    • In the EventType enum, added EventRuleSubroutine

    • In the EventActionTypeenum, added:

      • DefineVariableAction

      • RunPowerShellScriptAction

      • CallSubroutineAction

    • In the EventProperty enum, added:

      • FileExtension

      • ClientGDPRSubjectStatus

      • ClientGDPRConsentStatus

      • ClientGDPRReason

      • ClientGDPRRightExercised

      • New ClientDataField enum

      • New GDPRTermsofServiceMode enum

      • New GDPRPrivacyPolicyMode enum

      • New GDPRSubjectStatus enum

      • New GDPRPrivacyPolicyConsentStatus enum

      • New GDPRTermsOfServiceConsentStatus enum

    • In UserAccountActionType enum, added:

      • EnableAccount

      • PersonalDataDeleteFields

      • PersonalDataResetToDefaults

      • PersonalDataSetEnabled

      • PersonalDataSetModifiable

      • PersonalDataSetVisible

      • SetEUDataSubjectStatus

      • SetPrivacyPolicyConsent

      • SetTermsOfServiceConsent

EFT Insight

Version 1.0.7

Jan 19, 2020

New Features:
  • Desktop icon is now being generated

  • Added support for Oracle 12c Release 2 or 18c database

  • Ability to use SQL or Oracle database

  • Added alternate connection method selection (EFT Insight versions prior to v1.0.7 used "MSXMS2.ServerXMLHTTP" to connect to EFT Enterprise. EFT Insight v1.0.7 uses an alternate .NET method.)

  • Allowing the Insight database user to provide a user name that will access the database. This will allow EFT Insight to be removed, if needed, and then can be reinstalled and continue to access the same database.

  • Added file logging for "Globalscape.BI.ProcessingEngine.Service.exe.sml" and for the web site. By default, this logging is turned off. It should be enabled for troubleshooting, and then turned off once information has been gathered.

  • Added password complexity check

  • Added installer prompt for credentials

  • Added ability to register EFT Insight offline

Enhancements
  • Improved installer usability

  • Updated OLE DB driver for SQL Server database to use stronger protocols (TLS 1.1 and 1.2)

Fixes
  • Fixed PCI widget in the Summary Tab data loading error

Back to Top

 

GoAnywhere


GoAnywhere Gateway

Version 2.7.0
  • Added online license capabilities, which include activating a license programmatically using the online activator from the GoAnywhere Customer Portal.
  • Updated the Netty network application framework library from 3.10.4 to 4.1.44.
  • Updated Log4j from version 1.2.14 to 2.10.
  • Fixed an issue that would cause an error in the log when disconnecting from GoAnywhere MFT.
  • Fixed an issue where UDP Ports where not getting closed after a transfer.
  • Fixed an issue that could cause Gateway to disconnect from GoAnywhere MFT if the Gateway UDP configuration was incorrect.

GoAnywhere MFT

Version 6.3.4
  • Fixed an issue where MFT would fail to proxy communication to Agents that are connected to other MFT nodes.
  • Fixed an issue where IP blacklist messages would fail to notify other nodes in a cluster.
  • Fixed an issue with saving syslog setup with structured data.
Version 6.3.3
  • Fixed an issue where database index name was too long for Oracle 12c R1.
  • Fixed an issue where not specifying a FTPS Resource server certificate key store resulted in a null pointer exception.
  • Fixed an issue with the upgrade process where the Key Store and Trust Store Type field were not properly set upon upgrade.
  • Fixed an issue where admin ldap users weren't automatically created.

GoAnywhere Agents

Version 1.3.2
  • Added an option to configure the max threads for the Agent Project runtime.
  • Added an option to configure the max threads for the Agent Monitor runtime.

Back to Top

 

IBM Partnership


Backup, Recovery, and Media Services (BRMS)

Version: PTF 7.4 SI71876, 7.3 SI71875, 7.2 SI71874
Enhancements

In version 7.2 and later:

  • BRMS enhanced the INZBRM OPTION(*FLASHCOPY) STATE(*STRPRC) processing to end the BRMS Enterprise subsystem named Q1ABRMENT.
  • BRMS now provides a Reclaim Media (Q1ARCLMED) API to reclaim a single tape volume.
  • Improved the IFS backup outfile processing performance.
  • To display the cloud retain media retention period the following command can be run:
    CALL PGM(QBRM/Q1AOLD) PARM('CLOUD ' 'RETAINDATA' 'S' 'mmmmmmmmmm' '*DSP')
    where 'mmmmmmmmmm' is the move policy name.
Other Fixes

In version 7.2 and later:

  • RSTBRM may fail with MSGBRM1688.
  • ANZLIBBRM may incorrectly report MSGCD3105 and MSGCPF9899.
  • RSTLICPGM LICPGM(5770BR1) may fail with MSGCPF3D95.
  • STRMNTBRM may fail MSGCPF501B.
  • The GUI Web Enterprise Feature and INZBRM *VFYSYS may incorrectly report connection failures when using secured DDM with mixed case passwords.
  • BRMS restores running longer with the job in MSGW and the call stack ending with Q1AMS and QMHRCVPM.
  • DUPMEDBRM with the parameter TOENDOPT(*UNLOAD) may not unload all of the target volumes.
  • Restoring *SAVSECDTA from a cloud backup using STRRCYBRM or WRKMEDIBRM appears to be in a loop as it repeats the restore 99 times.
  • In 7.2 and later, changes were made in BRMS to address potential security concerns. Existing user profiles used to perform BRMSoperations may require changes to allow proper access by using the SETUSRBRM command with the USAGE(*AUT) parameter. Note: *SECADM authority is required to use the SETUSRBRM command.

In version 7.4:

  • Upgrades with DSLO media may fail with MSGCPD377C causing 5770SS1 option 3 to go into an *ERROR state.

Back to Top

 

JAMS


Version: 6.5.87

Jan 7, 2020

General Updates
  • Resolved an issue where the JAMS Scheduler could fail when cleaning up Jobs within a Setup that had missed its schedule window.

Back to Top

Powertech


BoKS Control Center

Version 8.0.0.1
  • Fixed issues when running with Java 11. Expandable rows for user and host listings could not be opened. Also User SSH public keys section for a user object did not function as expected.

Back to Top

 

Robot

Robot Autotune

Version 8.25

Jan 29, 2020

  • Fixed issue with very large memory size resulted in MCH1210 at AT124S.

Robot HA

Version 12.08

Jan 29, 2020

  • User Profile and other System Sync Attributes now allow up to 300 omits or includes.
  • The remote journal apply job will now be a unique name that coordinates with the sync job. The job name will start with J_.
  • Role swap and audit now correctly report if library is missing on backup.
  • For libraries with multiple sets, a unique journal and remote journal are now required for each set.
  • The sync job default name is not editable after creation.

Robot Save

Version 13.00

Jan 27, 2020

  • DDM is now used to send data center information.

Robot Space

Version 3.46

Jan 16, 2020

  • Compatible with IBM i 7.2, 7.3, and 7.4.
  • Fixed issue with IFS reports API returning false data.
  • Fixed issue with History Purge receiving error CPF5032 - member already locked to this job.

Back to Top

 

Sequel


Viewpoint 11

Version: 11.19.356
Other Fixes
  • View Builder has improved handling of joins including:

    • Ability to use more than one pair of fields to join on.
    • Default join type changed to inner join.
    • Complex mode added to allow join on derived field in native syntax in an Expression Editor.
    • Cancel button added with warning message about saving changes.
    • Full Exception removed from list of join types.
    • File Edit button now works.
    • Using the same file twice will now work.
  • View Builder with a non-*SEQUEL connections showed two alias columns instead of one for Name As.

  • In View Designer using native syntax a join condition found on the WHERE clause will remain on the WHERE clause when going to Files & Fields tab.

  • In View Designer, complex views that won’t open on the Files & Fields tab will now allow access to the Variables tab.

  • View Designer drag/drop JOIN on multiple fields builds SQL inconsistently.

  • EXPR type variable with a value that is 1 character causes ViewPoint to not display results.

  • View Designer WHERE Expression Editor in *LOCALSYS *SERVER gives error when using Variable ‘An error was encountered trying to update the SQL statement’.

  • From View Designer, the WHERE clause dropped if CANCEL is clicked when using Expression Editor.

Back to Top

 

Showcase


Viewpoint 10

Version: 10.19.356
Other Fixes
  • View Builder has improved handling of joins including:

    • Ability to use more than one pair of fields to join on.
    • Default join type changed to inner join.
    • Complex mode added to allow join on derived field in native syntax in an Expression Editor.
    • Cancel button added with warning message about saving changes.
    • Full Exception removed from list of join types.
    • File Edit button now works.
    • Using the same file twice will now work.
  • View Builder with a non-*SEQUEL connections showed two alias columns instead of one for Name As.

  • In View Designer using native syntax a join condition found on the WHERE clause will remain on the WHERE clause when going to Files & Fields tab.

  • In View Designer, complex views that won’t open on the Files & Fields tab will now allow access to the Variables tab.

  • View Designer drag/drop JOIN on multiple fields builds SQL inconsistently

  • EXPR type variable with a value that is 1 character causes ViewPoint to not display results.

  • View Designer WHERE Expression Editor in *LOCALSYS *SERVER gives error when using Variable ‘An error was encountered trying to update the SQL statement’.

  • From View Designer, the WHERE clause dropped if CANCEL is clicked when using Expression Editor.

C&DS Migration Utility

Version: 10.19.356
Other Fixes
  • DBQ migration using an ADS connection failed to migrate when custom column editing existed.
  • Importing SC9 DBQ's in ViewPoint shows all repository folders even if some are excluded Item 1.

Back to Top

 

TeamQuest


Automated Analytics

Version 11.3.22

Jan 28, 2020

Features
  • (CAS-0010178577) Added support for Hewlett Packard HP-UX to Performance Monitor.

  • (CAS-0010179483) Added support for Day over Day (dod), Week over Week (wow), and Month over Month (mom) functionality to interactive charts.

Other Fixes
  • (CAS-0010179387) Updated the Time Summarization Property "type" value "all" to correctly show a value.

  • (CAS-0010117553) Added a closing parenthesis to the Config/VMware/Resource Allocation/vCPU metric in the TeamQuest module.

  • (CAS-0010176824) Updated job reports to no longer show the Category as unsaved when you run a view in the End User Interface.

  • (CAS-0010179031) Updated KPI I/O Health calculation to use the disk with the worst health score instead of the last disk.

PostgreSQL

Version 11.6

Jan 28, 2020

Enhancements
  • Added support for PostgreSQL level 11.6.

Vityl Capacity Management

Version 2.6.0

Jan 28, 2020

Features
  • Added the Dashboards component.
  • Added alerting.

  • Added the ability to create a capacity plan from the Demand Calendar.
  • Added a growth calculator to Capacity Plans.
  • Added the ability to select a baseline for all systems in a group to Capacity Plans.
  • Added single value charts to Capacity Plans.
  • Added the ability to save a Key Performance Indicator (KPI) selection.
  • Added the ability to control when data is streamed.
  • Added support for Kubernetes pods.

Back to Top

Titus


Titus Classification Suite for Windows

Version 2020.0 SP1

January 2020

Other Fixes
  • Classifying an encrypted and password-protected PDF file using Titus Classification for Desktop 2019.1 SP1 or 2020.0 may corrupt the file. The corrupted PDF file appears blank when opened.

  • When updates are applied to systems running 2016 Office Components (specifically Microsoft Visio and Microsoft Access) Microsoft leaves an incomplete registry entry that causes Outlook 2013 to crash on launch if TITUS Message Classification is installed.

  • When a meeting is forwarded it can be downgraded even if the Downgrade Prevention setting is enabled in the Configuration.

  • Titus Classification for Desktop is unable to read Titus metadata from .msg files when the metadata contains a line break.

  • Long or multi-line Field and Value tooltips were not displayed correctly in the Titus Select dialog.

  • When text is extracted from .docx attachments in Titus Message Classification or .docx files in Titus Classification for Desktop, unnecessary separators may be introduced causing sensitive data to go undetected.

Back to Top