Monthly Release Notes - April 2020

Jump to:

Boldon James


Mac Classifier

Version 3.12.3

April 2020

New Featuers
  • Mono version 5.12 or later is required if you will be running Classifier on macOS versions up to and including Mojave. For macOS Catalina, testing with this current Classifier release indicates that Mono version 6.4 is required. Mono can be obtained from https://download.mono-project.com/.

Enhancements
  • Basic status information is shown in the Classifier menu if you hold the Option button while opening it. This menu is now always created on startup, even when Classifier cannot find a valid configuration.

Other Fixes
  • The Classifier button now appears disabled in Excel, Word, or PowerPoint, when Classifier is disabled in the policy.

  • Addresses an issue where Mac Classifier fails to load the configuration from the root folder on some web servers.

  • There was an issue where subject labels may not be formatted correctly if the user did not add a subject to the message, and hence the label was not decoded on delivery. This no longer occurs with recent versions of Outlook – tested on 16.35.

  • Classifier will now display a message on startup if the evaluation license has expired.

  • Some changes to avoid issues encountered when running alongside Adobe Creative Cloud applications.

  • Fixes the case where an evaluation license warning is incorrectly given when using a subscription license.

Back to Top

 

Core Security


Core Impact

Version: 19.1.9

Apl 30, 2020

Enhancements
  • Assorted Improvements for Exploits: This update contains minor improvements and fixes to several exploit modules.
  • Import Output XML Report from OpenVAS: This update add support to import the output from OpenVAS to Core Impact
  • Exploits Maintenance CVE Numbers 22: This update provides modules that were released prior to a CVE number being assigned (typically noted as NOCVE) with the correct CVE number as well as updating modules with invalid CVE numbers.
  • New Exploits:
    • Microsoft Windows Ws2ifsl UaF Local Privilege Escalation Exploit: An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. (CVE-2019-1215)

    • Microsoft Windows SMBv3 SMBGhost Elevation of Privilege Vulnerability Exploit: An unauthenticated attacker can connect to the target system using SMBv3 and sends specially crafted requests to exploit the vulnerability. This module exploits this vulnerability in the local system in order to achieve an elevation of privilege. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2020-0796)

    • Kinetica Admin getLogs Function Remote OS Command Injection Exploit: The Kinetica Admin web application did not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. (CVE-2020-8429)

    • Microsoft Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability Exploit: An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status and take control of an affected system. (CVE-2020-0787)

    • Fuji Electric V-Server Lite VPR File Parsing Overflow Exploit: The specific flaw exists within the processing of VPR files. (CVE-2020-10646)

    • Open-AudIT m_devices.php Remote PHP File Upload Vulnerability Exploit: The sub_resource_create function of class M_devices in m_devices.php of Open-AudIT 3.2.2 allows remote authenticated users to upload arbitrary PHP files, allowing the execution of arbitrary php code in the system. (CVE-2020-11942)

Other Fixes
  • Microsoft Windows SMBv3 CoronaBlue Vulnerability DoS Update: An unauthenticated attacker can connect to the target system using SMBv3 and sends specially crafted requests to exploit the vulnerability. The module exploits this vulnerability in order to generate a Denial of Service This update contains minor fixes to it. (CVE-2020-0796)

Core Network Insight

Version: 7.0.1

Apr 27, 2020

Enhancements
  • Core Security logos have been updated to blue to fit with the HelpSystems brand book.

  • Newly created users can't log in until a second password change.

  • SMTP mail server configuration validation button has been added.

  • Add SSL and TLS/STARTTLS authentication to SMTP server configuration.

  • SSL and TLS/STARTTLS authentication has been added to SMTP server configuration. (CAS-0010192121, CAS-0010184524)

Other Fixes
  • User Permissions prevented from correctly upgrade the product to 7.0. (CAS-0010196258)

  • Software update notifications messages have been corrected to display the correct status of the installation.

  • When creating a new user account, there's a checkbox for forcing the user to change their password upon first logging in that is not being unchecked after the change so the user is requested to change the password after each login. (CAS-0010191716)

  • Corrected a defect where 2 consecutive password resets were needed to allow a new user to log in the product.

  • Memory requirements have been modified to allow a correct functioning on lightweight micro-sensors or vSensors. (CAS-0010195683)

  • Systems and Threat tabs in the GUI are not accessible after scrolling to bottom of the page. (CAS-0010196661)

  • SIEM settings Syslog or Splunk uses UDP irrespective of changes in UI. (CAS-0010198356)

  • Statistics are now saved in multiple files. (CAS-0010198455)

Visual Identity Suite (VIS)

Version: 2.3.2
Other Fixes
  • Fixed browser issues caused by the latest Google Chrome browser release.
  • Additional scaling provided to handle larger numbers of roles.

Back to Top

 

Globalscape


EFT Enterprise

Version 8.0.4.27

Nov 1, 2020

New Features

EFT Administration

  • Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)

  • Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)

  • Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)

  • Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)

  • Added support for break from loop for datasets in Event Rules (TFS 373170)

  • Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)

  • Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)

  • Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)

  • Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)

  • Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)

  • Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)

Advanced Properties

  • Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)

  • Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)

  • Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)

  • Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)

  • Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)

  • Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)

  • Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)

  • Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)

  • Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)

AS2

  • Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)

COM API

  • ICIServer, CreateSSHKey and CreateSSHKeyRemotely; changed nKeyBits to nKeyParams

  • ICISite, CreateSSHKeyPair, changed changed KeyBits to KeyParams

  • Added the following methods to ICISite:

    • AddUploadForm

    • DeleteUploadForm

    • EnableUsers

    • GetUploadForm

    • UpdateUploadForm

  • Added the following properties:

    • EnableMfa

    • MfaType

    • SmsProviderProfile

    • UploadFormsList

    • WebSSORedirectToSsoServiceBypassingLoginPage

    • WorkspacesMfaType

    • WorkspacesOAIMfaType

  • ICIClientSettingInterface, added the following functions:

    • GetRequireMfa

    • SetRequireMfa

    • ICIEventRule, added the AddLoopDatasetStatement method

  • ICIActionStatements, added the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

  • Added the ICILoopDatasetStatement interface, with the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

    • DeleteStatement

    • GetParams and SetParams

    • StatementsCount

    • Statement

  • Added ICICsvExportActionParams and ICICsvImportActionParams

  • Added ICIGetListingActionParams Interface

  • Added ICILoopDatasetStatement Interface

  • Added ICILoopDatasetStatementParams Interface

  • Added ICIUploadForm interface

  • Added ICIUploadFormElement interface

  • Added ICITwilioSmsProviderProfile interface

  • In the ICISimpleCondition interface, added the UseRegex property.

  • Enums added:

    • MFA type to specify whether to use email, SMS or either for second authentication

    • LoopDatasetStatement to EventRuleStatementType enum

    • LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property

    • GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType

    • FileDateFormat

    • UploadFormComType

    • UploadFormElementComType

REST API

  • Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)

  • Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)

  • Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)

  • Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)

  • Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)

  • Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)

  • Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)

  • Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)

  • Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)

  • Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)

  • Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)

  • Added support for REST which allows EFT admins to delete users (TFS 375337)

  • Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)

  • Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)

SAML

  • Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)

SSH/SFTP

  • Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)

  • Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)

  • Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)

  • Added the ability to choose SFTP key type upon creation (TFS 370229)

  • Added backward compatibility for DSS keys (TFS 372452)

  • Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)

Web Transfer Client (WTC) & Workspaces Changes

  • Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)

  • Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)

  • Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)

  • Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)

Enhancements

EFT Administration

  • Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)

  • Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)

  • Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)

  • Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)

  • Modified the 'Variable' action so that it uses only a single line, making it easier to visually parse (TFS 374308)

  • Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)

Advanced Properties

  • Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)

Outlook Add-in (OAI)

  • Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)

REST API

  • Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)

SSH/SFTP

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)

  • Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

  • Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)

  • EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)

  • EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)

  • The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)

  • The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)

  • Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)

  • The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)

  • KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

SSL

  • Updated SSL Library to 1.0.2u (TFS 375029)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

WTC/Workspaces

  • Updated jQuery to v3.5.1 (TFS 376501, Case 80133)

Fixes

EFT Administration

  • Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)

  • Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)

  • Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)

  • Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)

  • Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)

  • Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)

  • Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)

  • Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)

  • Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)

  • Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)

  • Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)

  • Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)

  • Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)

  • Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)

  • Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)

  • Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)

ARM

  • Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)

  • Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)

  • Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)

AWE

  • Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)

  • Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)

COM API

  • Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)

Event Rules

  • Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)

  • Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)

HA (High Availability)

  • Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)

ICAP/CIC

  • Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)

Installer

  • Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)

Logging

  • Changed log level to ERROR for AML export errors (TFS 376480)

  • Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)

Outlook Add-in

  • Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)

PCI DSS

  • Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)

Remote Agent (RAM)

  • Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)

SAML SSO

  • Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)

  • Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)

  • Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)

SSH/SFTP

  • Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)

VFS

  • Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)

  • Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)

  • Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)

  • Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)

  • Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)

  • Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)

  • Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)

  • Fixed an issue where default datetime format was not defaulted to US (TFS 376870)

  • Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)

  • Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)

  • Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)

  • Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)

  • Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)

  • Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)

  • Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)

EFT Express

Version 8.0.0.38

Jan 19, 2020

New Features

EFT Administration

  • The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)

  • EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)

  • The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)

  • Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)

  • Added a separate control the Request File page/portal URL (TFS 371245)

  • Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)

  • Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)

  • A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)

  • Added SAML assertion map attribute to email field (TFS 369964)

  • Added new Site-Level Counters

    • User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32

    • Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory

    • Templates – number of templates defined for this site. Updated infrequently

    • User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently

    • User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections

    • User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users

    • Workspaces Drop-offs – number of drop-off requests active and not expired

    • Workspaces File Sends – number of file send operations that are active and have not yet expired

    • Workspaces Folders Shared – number of folder shares that are active and have not yet expired

  • Updated the Amazon S3 Region list (TFS 373493)

  • Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)

  • Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)

  • SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)

  • Each site has its own set of SSH keys

  • Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db

  • The SSH creation and management GUIs were changed accordingly

  • OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)

  • Workspaces tabs have been consolidated into the Site > Web tab

Advanced Properties

  • Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).

  • To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)

  • To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)

  • To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)

  • To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)

  • To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)

  • To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)

  • To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)

  • To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)

  • To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)

  • Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)

  • Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)

  • Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)

  • Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)

  • To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)

  • To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)

  • To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)

  • To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)

  • To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)

  • To disable cache for DN Type in Active Directory sites (TFS 367876)

  • Added to skip auditing of:

    • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)

    • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)

    • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)

    • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);

    • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)

    • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)

    • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)

    • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)

    • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)

    • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)

    • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)

    • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete

    • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Auditing and Reporting

  • Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)

    • Provided the ability to control what EFT Audits within the following tables (TFS 369778):

    • tbl_SocketConnections

    • tbl_ProtocolCommands

    • tbl_AS2Transactions

  • Improved error messages logged when failing to connect tOracle databases (TFS 369217)

  • ARM schema tables added:

    • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)

    • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)

    • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)

    • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)

    • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)

    • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)

    • ScanDataAction to contain list of scanned files and scan results (TFS 365254)

    • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)

  • Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)

  • Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)

  • Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)

  • Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)

  • Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)

  • Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)

  • Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)

  • Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)

  • Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)

  • Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

  • Added ARM reports:

    • “Workspaces – Folders Unshared”

    • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)

    • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)

    • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)

    • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)

    • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)

    • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)

    • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)

    • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)

    • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

Workspaces

  • Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)

COM API

  • In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)

  • UTF8Logs property

  • In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)

  • PGP Key properties and methods:

    • CreatePGPKey

    • ExportPGPKey, ImportPGPKey

    • PGPKeys

    • RemovePGPKey

    • Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.

  • SSH Key properties and methods:

    • CreateSSHKeyPair

    • ExportSSHPrivateKey, ImportSSHPrivateKey

    • ExportSSHPublicKey, ImportSSHPublicKey

    • GetSSHKeyForSFTP, SetSSHKeyForSFTP

    • RemoveSSHKey

    • RenameSSHKey

    • SSHKeys

  • Privacy-related changes:

    • GetClientDataField, SetClientDataField

    • GetPrivacyPolicy, SetPrivacyPolicy

    • GetTermsOfService, SetTermsOfService

    • GetGDPRSettings, SetGDPRSettings

  • Workspaces Properties:

    • WorkspacesDomainsToForbidInviteeAddresses

    • WorkspacesEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToLimitInviteeAddresses

    • WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute

  • Content Integrity Control profile management methods and properties

  • GetVirtualFolderList Properties (TFS 368492):

    • Calls with empty parameters work as previous behavior

    • Improvements with data returns of virtual folders that are inside the folder

  • In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId

  • In the ICISSHKeyInfo interface, added HasPrivate property

  • In the ICIManualIPAccessRule interface, added Reason property

  • Interfaces added for new Event Rule Actions:

    • ICICallSubroutineActionParams interface

    • ICIDefineVariableActionParams interface

    • ICIRunPowerShellScriptActionParams interface

    • Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

    • ICIClientDataField interface

    • ICIGDPRSettings Interface

    • ICIPrivacyPolicy interface

    • ICITermsOfService interface

  • Enums:

    • In the AdminAccountType enum, added ADGroupAccount

    • In the AdminPermissionsPolicy enum, added ManagePersonalData

    • In the EventType enum, added EventRuleSubroutine

    • In the EventActionTypeenum, added:

      • DefineVariableAction

      • RunPowerShellScriptAction

      • CallSubroutineAction

    • In the EventProperty enum, added:

      • FileExtension

      • ClientGDPRSubjectStatus

      • ClientGDPRConsentStatus

      • ClientGDPRReason

      • ClientGDPRRightExercised

      • New ClientDataField enum

      • New GDPRTermsofServiceMode enum

      • New GDPRPrivacyPolicyMode enum

      • New GDPRSubjectStatus enum

      • New GDPRPrivacyPolicyConsentStatus enum

      • New GDPRTermsOfServiceConsentStatus enum

    • In UserAccountActionType enum, added:

      • EnableAccount

      • PersonalDataDeleteFields

      • PersonalDataResetToDefaults

      • PersonalDataSetEnabled

      • PersonalDataSetModifiable

      • PersonalDataSetVisible

      • SetEUDataSubjectStatus

      • SetPrivacyPolicyConsent

      • SetTermsOfServiceConsent

Version 8.0.1.4

Feb 09, 2020

New Features
  • Added a "Secrets module" under the Security tab, which provides the ability to encrypt certain EFT passwords locally or via Azure's Key Vault (AKV) (TFS 372081)

  • Added support for Azure's Data Lake Storage Gen2 (ADLSg2) (TFS 372082)

  • Added ability to override VFS credentials (TFS 372229)

  • Added supports REST API for Event Rules (TFS 372230)

Fixes

EFT Admin GUI

  • Fixed an issue where an LDAP site failed to pull users in the UI but would allow authentication (TFS 369709)

  • Fixed an issue where the Admin GUI would truncate virtual folder paths larger than 260 characters (TFS 371035)

  • Fixed an issue where the Admin GUI did not properly apply the certificate to the Administration Service (TFS 373685)

  • Fixed an issue where the EFT Site Wizard UI would not follow the proper flow after pressing the back button (TFS 373735)

  • Fixed an issue where user login authentications may fail after SSL options at the user level are modified (TFS 374027)

  • Fixed an issue where the Admin GUI displayed the wrong CIC profile when editing an event rule for a SCAN file action (TFS 374051)

  • Fixed an issue where the EFT Admin GUI could crash when pressing refresh while viewing a report (TFS 374089)

Auth AD

  • Fixed where EFT was unable to authenticate an AD user (with UPN) on EFT Express (TFS 373552)

AWE

  • Fixed an issue where concurrent EFT Admins may use the same tmp file for editing AWE tasks (TFS 373762)

Event Rules

  • Fixed an issue where the focus in the Admin GUI was lost when adding variables to the subject field in an email action (TFS 374065)

  • Fixed an issue where the Event Rules "Stop Processing Rule" was always enabled (TFS 373879)

  • Fixed an issue where EFT would change the date modified timestamp in copy/move action changes on the destination file (TFS 373600)

FTP

  • Fixed an issue where the EFT service could crash via FTP (TFS 373856)

  • Fixed an issue where EFT failed to connect in FTP PASV mode when using DMZ as a proxy (TFS 371118)

GDPR

  • Fixed an issue where GDPR Article 32:(4) would not follow proper logic (TFS 373712)

  • Fixed an issue where DPIA Report logic for Article 32:(4) would not follow proper logic (TFS 374063)

Installer

  • Fixed an issue where some upgrades to EFT 8.0 would fail when upgrading from a large FTP.cfg file (TFS 373712)

  • Fixed an issue where some upgrades to EFT 8.0 would fail when certain EFT admins had misconfigured permissions (TFS 374116)

SFTP

  • Fixed an issue where the EFT could be flooded by network connections (TFS 373683)

Web Transfer Client (WTC)

  • Fixed an issue where the PowerShell script to customize WTC failed to run (TFS 37458)

  • Fixed an issue where the EFT would report a status code of 200 when failing to log on (TFS 373101)

COM API

  • Added enums, properties, and methods to support the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality in EFT. (For details of the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality, please refer to the EFT administration help contents.)

    • SecretsModuleType

    • CloudProviderType_AzureDataLakeStorageGen2

    • Properties in ICISiteInterface:

    • OverrideVFSCredentialsEnable

    • OverrideVFSCredentialsLogin

    • OverrideVFSCredentialsPassword

    • SecretsModuleClientID

    • SecretsModuleClientSecret

    • SecretsModuleType

    • SecretsModuleURL

    • Methods in ICICloudStorageMonitorEventRuleParams:

    • GetAzureDLSgen2GeneralParams

    • SetAzureDLSgen2GeneralParams

Version 8.0.2.10

Mar 25, 2020

New Features

EFT Administration

  • New option to schedule FACT table updates (TFS 373489)

Advanced Properties

  • By default, EFT uses non-exclusive file-sharing mode when processing file uploads. With this advanced property (UseExclusiveSharingModeForUploads) (TFS 374129), EFT can be configured to use exclusive sharing mode for uploads (i.e., file locking)

COM API

  • Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)

  • WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.

Web Transfer Client (WTC) & Workspaces Chages

  • Ability to Secure Send without attachment (Send portal and Outlook Add-in) (TFS 370270)

  • Ability to request passcode for file pick-up (TFS 361146)

  • Ability to redirect to login page instead of registration page for internal domains (TFS 373043)

Enhancements

  • Removed our legacy Jument WTC from the EFT installer (TFS 374773)

  • Ground-up rewrite of the various portals: Request file, Drop-off, Send, and Pick-up resulting in tremendous performance gains (TFS 373849)

Fixes

EFT Admin GUI

  • EFT would not respect server-level permissions (TFS 374330)

  • Admin GUI may crash due to nested workspaces (TFS 374281)

  • Enabling Encryption folders would cause open windows on the background to be displayed in the forefront (TFS 374831)

  • Remote admin GUI would fail to display the GDPR report (TFS 374567)

  • Memory leak in SSL_AES256_CBC_Encrypt (TFS 374865)

ARM

  • Report "Traffic-Average Transfer Rates by User "would report groups by protocol instead of site (TFS 374441)

  • Report "Activity - File Scanned Data Results" was missing in EFT Express (TFS 374150)

Event Rules

  • GUI may not display Else condition after saving and refreshing an event rule (TFS 374154)

  • Virtual Path condition may not work properly (TFS 374139)

  • EFT service may crash when trying to delete user while "On User Account Deleted" event rule is active (TFS 370599)

  • Event Scheduler may crash on service stop (TFS 371951)

Installer

  • Some upgrades to EFT 8.0 would fail during the copy serialization (TFS 374421)

  • Some upgrades to EFT 8.0 would fail when custom calendar selectors contained duplicated case sensitive entries (TFS 374565)

  • Upgrade from EFT Express to EFT Enterprise while changing the configuration path would lead to duplicate config and binaries of EFT folders (TFS 368531)

  • Upon upgrade to EFT 8.0 poor loading performance was experienced on the FileAudit.db (TFS 374194)

  • Upgrade to EFT 8.0 could fail due to a deleted workspace (TFS 374280)

  • Upgrade to EFT 8.0 could fail when a Remote Agent template is in the Awaiting Approval state (TFS 374258)

  • On an HA install, selecting Modify and changing the ARM server to a different SQL server was not saved (TFS 374238)

  • An upgrade to EFT 8.0 could fail when incorrect values exist in Client IP access (TFS 374846)

  • An upgrade to EFT 8.0 could fail when an incorrect participation value exists in the workspaces.db (TFS 374845)

Outlook Add-in

  • Outlook Add-in was treated as an untrusted publisher (TFS 374635)

  • Files sent via the OAI (Outlook Add-in) that contain # in the filename were not available in the pick-up portal (TFS 374077)

  • Emails can become stuck in the outbox when the Outlook Add-in is configured with Zedmail add-in (TFS 374053)

  • Copyright dates on the Outlook Add-in UI were out of date (TFS 372700)

PCI DSS

  • Some users may be disabled every night on a PCI site (TFS 374577)

  • Server admins were not required to use complex passwords when PCI is enabled (TFS 374807)

REST API

  • EFT Express would allow folder creation via REST (TFS 374113)

SAML

  • SAML JIT password fail password complexity when enabled(TFS 374357)

Web Services

  • InvokeWebService action works wrong with Location Header (TFS 373928)

Web Transfer Client (WTC) & Workspaces

  • Sharing a workspace with # the recipient could not register for access (TFS 373156)

  • An expected error message that should be presented when trying to share a workspace with an external user is not being presented (TFS 374100)

  • Authenticated external users were unable to reply to send requests without access to their home folder (TFS 374777)

  • TOS (Terms of Service) and Privacy policy prompts were not working on the various portals (TFS 371808)

  • Fixed an issue where workspaces fails to redirect new external participants to their workspace when taking less than 60 minutes between registration and verification (TFS 371972)

Version 8.0.2.19

May 10, 2020

New Features

Advanced Properties

  • EFT now provides the ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (e.g., 4443) and differs from the site port (i.e., 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride) (TFS 371388)

  • Ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB) (TFS 373650)

    Ability to cache WTC reserved files/folders located under .../EFT Server Enterprise/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles) (TFS 373650)

Fixes

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where the WTC page failed to load for external domains when EFT is configured with both Internal (with SAML SSO) and External domains (TFS 375093)

  • Fixed an issue where WTC customization failed when configured with multiple sites (TFS 375253)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of duplicated workspaces (TFS 375535)

  • Fixed an issue where EFT may crash on rare instances when configured with AD and authenticating with Internal/External workspace users (TFS 375040)

  • Fixed an issue where upgrades to EFT Express 8.0 could fail due to incorrect data in the local db files (TFS 375555)

  • Fixed an issue where ignored logging to the authentication and protocols tables were not being honored (TFS 375543)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of non-existing workspaces (TFS 375497)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of missing permissions or non-unique connection profiles (TFS 375683)

  • Fixed an issue where upgrades to EFT 8.0.2 could cause Remote Agents Event Rule downloads to fail (TFS 375750)

Version 8.0.2.23

jun 14, 2020

New Features
  • Added subscription licensing for EFT and most modules

  • Restored ability to customize default values for Workspaces permissions (TFS 376117, Case 78957)

  • Restored ability to customize default values for Workspaces participant limits (TFS 376121, Case 78957)

Version 8.0.4.27

Nov 01, 2020

New Features

Administration

  • Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)

  • Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)

  • Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)

  • Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)

  • Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)

  • Added support for break from loop for datasets in Event Rules (TFS 373170)

  • Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)

  • Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)

  • Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)

  • Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)

  • Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)

  • Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)

Advanced Properties

  • Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)

  • Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)

  • Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)

  • Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)

  • Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)

  • Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)

  • Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)

  • Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)

  • Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)

AS2

  • Added functionality

  • Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)

COM API

  • Added the following ICISite methods:

    • AddUploadForm

    • DeleteUploadForm

    • EnableUsers

    • GetUploadForm

    • UpdateUploadForm

  • Added the following ICISite properties:

    • EnableMfa

    • MfaType

    • SmsProviderProfile

    • UploadFormsList

    • WebSSORedirectToSsoServiceBypassingLoginPage

    • WorkspacesMfaType

    • WorkspacesOAIMfaType

  • ICIClientSettingInterface, added the following functions:

    • GetRequireMfa

    • SetRequireMfa

  • ICIEventRule, added the AddLoopDatasetStatement method

  • ICIActionStatements, added the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

  • Added the ICILoopDatasetStatement interface, with the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

    • DeleteStatement

    • GetParams and SetParams

    • StatementsCount

    • Statement

  • Added ICICsvExportActionParams and ICICsvImportActionParams

  • Added ICIGetListingActionParams Interface

  • Added ICILoopDatasetStatement Interface

  • Added ICILoopDatasetStatementParams Interface

  • Added ICIUploadForm interface

  • Added ICIUploadFormElement interface

  • Added ICITwilioSmsProviderProfile interface

  • In the ICISimpleCondition interface, added the UseRegex property.

  • Enums added:

    • MFA type to specify whether to use email, SMS or either for second authentication

    • LoopDatasetStatement to EventRuleStatementType enum

    • LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property

    • GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType

    • FileDateFormat

    • UploadFormComType

    • UploadFormElementComType

REST API

  • Added functionality

  • Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)

  • Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)

  • Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)

  • Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)

  • Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)

  • Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)

  • Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)

  • Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)

  • Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)

  • Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)

  • Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)

  • Added support for REST which allows EFT admins to delete users (TFS 375337)

  • Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)

  • Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)

SAML

  • Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)

SSH/SFTP

  • Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)

  • Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)

  • Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)

  • EFT now provides the ability to choose SFTP key type upon creation (TFS 370229)

  • EFT now supports backwards compatibility for DSS keys (TFS 372452)

  • Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)

Web Transfer Client (WTC) & Workspaces Changes

  • Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)

  • Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)

  • Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)

  • Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)

Enhancements

EFT Administration

  • Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)

  • Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)

  • Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)

  • Modified the 'Variable' action so that it utilized only a single line, making it easier to visually parse (TFS 374308)

  • Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)

Advanced Properties

  • Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)

REST API

  • Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)

SSH/SFTP

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)

  • Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

  • Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)

  • EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)

  • EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)

  • The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)

  • The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)

  • Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)

  • The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)

  • KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

SSL

  • Updated SSL Library to 1.0.2u (TFS 375029)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

Web Transfer Client (WTC) & Workspaces

  • Updated jQuery to v3.5.1 (TFS 376501, Case 80133)

Outlook Add-in (OAI)

  • Modified functionality

  • Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)

COM API

  • Changed nKeyBits to nKeyParams in ICIServer CreateSSHKey and CreateSSHKeyRemotely

  • Changed nKeyBits to nKeyParams inICISite CreateSSHKeyPair

Fixes

EFT Administration

  • Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)

  • Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)

  • Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)

  • Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)

  • Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)

  • Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)

  • Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)

  • Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)

  • Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)

  • Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)

  • Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)

  • Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)

  • Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)

  • Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)

  • Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)

  • Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)

ARM

  • Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)

  • Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)

  • Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)

AWE

  • Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)

  • Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)

COM API

  • Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)

Event Rules

  • Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)

  • Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)

HA (High Availability)

  • Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)

ICAP/CIC

  • Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)

Installer

  • Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)

Logging

  • Changed log level to ERROR for AML export errors (TFS 376480)

  • Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)

Outlook Add-in

  • Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)

PCI

  • Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)

  • Remote Agent (RAM)

  • Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)

SAML

  • Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)

  • Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)

  • Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)

SSH/SFTP

  • Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)

VFS

  • Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)

  • Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)

  • Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)

  • Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)

  • Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)

  • Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)

  • Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)

  • Fixed an issue where default datetime format was not defaulted to US (TFS 376870)

  • Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)

  • Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)

  • Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)

  • Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)

  • Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)

  • Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)

  • Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)

EFT Arcus

Version 8.0.3.9

May 10, 2020

New Features
  • Basic Tier clients can now create one Remote Agent (additional fee applies)

  • BulkUserExport: Upload a JSON file named "ExportUsersSettings.json" into the BulkUserExport folder to dump the user list for a specific site (or all sites if the value is empty).

  • PGP keys, SSH keys, and SSL certificates can be imported into EFT Arcus through the Arcus Management Template

  • Added ability to use the SAML assertion map attribute Email field in JIT or LDAP after an IDP- or SP-initiated login to create an account in EFT

  • OpenPGP key pairs are defined and managed on a Site instead of the Server

  • Added privacy and other GDPR-related features:

    • User agreements and consent options on the General Tab of a User Node

    • Privacy options on the User Account Action in Event Rules

    • Privacy options for EFT on the Site > Web tab and in the WTC

    • Terms of Service agreement options for EFT web portal on the Site > Web tab

    • User Account Details Template on Site > Security tab to apply GDPR-related privacy settings to all user accounts on a Site

    • Optional permission on Server > Administration tab to give administrator accounts permission to manage personal data for users

    • GDPR-related event, context variables, and user conditions

    • Personally identifiable information (PII) / personal data is encrypted by default (beyond normal Arcus disk encryption)

    • Removed email address from User > General tab

  • ARM reports:

    • Privacy-related, pre-defined ARM reports

    • More performant ARM reporting functions

  • New Event Rule features:

    • Create or set variable Action

    • Call (GoTo) Event Rule Subroutine Action

    • Ability to scan metadata with Content Integrity Control Action

    • "Enable this account" option in the User Account Action. (Refer to Workspaces Invitations for an example of using the User Account Action to enable an expired Guest account.)

    • Context variable to take anything after the last dot (before the extension) and place it into this context variable

    • New context variables for date and time stamps in ISO8601 format

    • Event Rules are now saved in JSON (instead of XML) for import/export

  • Workspaces changes:

    • Site > Web tab to configure web portals and their features. (Replaces Workspaces tabs.)

    • Now support moving files between Workspaces

    • Ability to retain Workspaces files on disk after link has expired

    • Password-protected pickup - Allow or require senders to require recipients to provide a, out-of-band passcode before accessing files

    • Securely send an email without an attachment (applies to browser-based sends and the Outlook Add-In)

Updates
  • Updated PGP library to IP*Works! OpenPGP 2016

  • Updated to Advanced Workflow Engine version that includes several bug fixes

DMZ Gateway

Version 3.5.0

March 25, 2020

Updates
  • Updated build with EFT v8.0.2-compatible DEI library

Back to Top

 

GoAnywhere


GoAnywhere MFT

Version 6.4.3
  • Updated Gateway Manager to support SSL termination and SSL rewrap for GoAnywhere Gateway version 2.8.0.
  • Upgraded the Netty library from version 4.1.42 to version 4.1.48.
  • Fixed an issue where an input stream was left open causing Agent server threads to get hung up.

GoAnywhere Gateway

Version 2.8.1
  • Fixed an issue where the key store type was not defaulting to JKS when not supplied for configurations using Control SSL or SSL Termination.
Version 2.8.0
  • Added support for SSL Termination and SSL ReWrapping.
  • Fixed an issue where an extra line feed or carriage return would cause a license to be invalid.
  • Upgraded Apache Commons-Collections from 3.2 to 3.2.2.
  • Upgraded the Netty library from 4.1.33 to 4.1.48.

GoAnywhere Desktop Client for Windows

Version 3.1.0
  • Added a new feature to navigate directly to a folder path within the Web User's Secure Folders.
  • Added a timestamp to notifications for GoDrive events.
  • Added the ability to enabled or disable Windows Authentication for existing device accounts.
  • Upgraded the internal storage used for GoDrive data to support newer and stronger cryptography.
  • Improved the cleanup process for accounts that don't complete the registration process.
  • Improved the startup process when there are multiple accounts.
  • Fixed an issue where, in rare cases, the device would continuously try to authenticate when the Web User was disabled.

Back to Top

 

IBM Partnership


Rational Developer for i

Version: 9.6.0.8
Enhancements
  • /copy and /include files now can be opened from source stored on IFS.
  • ACS now can be launched from RDi without requiring a separate Java Runtime Environment installation.
Other Fixes
  • Fixed option selection UI problem in the Add Procedure Parameter dialog.
  • SQL is no longer autoformatted. Formatting now occurs when the user invokes the format action (APAR SE68862).
  • Enabling LPEX preference "display whitespace characters" makes some terms in RDPLE source harder to see (APAR SE69572).
  • Screen designer may show an incorrect value in the properties view for a referenced field (APAR SE70098).
  • Embedded CRLF sequences in SQL are not handled by the Remote Systems LPEX editor (APAR SE70241).
  • Editing an RPGLE member that references a copy member with DBCS characters in a variable name results in a parser error (APAR SE70349).
  • Updating RDi to v9.6.0.5 may result in some web tooling views not displaying the correct information (APAR SE70532).
  • IllegalArgumentException observed after a second and subsequent attempts to verify source in an IFS file (APAR SE70867).
  • Restarting RDi with open members and no connection to the host causes an excessive number of connection dialogs (APAR SE71085).
  • Browse/Edit toggle not available for CBL source type in the Remote Systems LPEX editor (APAR SE71091).
  • ILE RPG EXTPROC defined with no arguments not handled correctly by the parser and content assist (APAR SE71230).
  • Extract constants can produce a constant name the same as a procedure name causing msgrnf7421 during compilation (APAR SE71501).
  • i Project changes not always pushed when "push selected resources if there are any changes" is selected (APAR SE72138).
  • Indicators are not properly represented in the outline view when editing ILE RPG source (APAR SE72250).
  • Source opened from the error list view opened in edit mode when preferences are set to open in browse mode (APAR SE72370).
  • Embedded SQL statements in ILE RPG continued from column 80 may result in an ArrayIndexOutOfBoundsException (APAR SE72392).
  • Unsupported syntax checking and program verify preferences for ILE RPG, RPG/400, and COBOL no longer show as enabled in macOS environments (APAR SE72449).
  • Field size not reported correctly in the Outline view (APAR SE72827).
  • Content assist will not insert a proposal if the inserted value would flow past column 80 in **free ILE RPG (APAR SE72840).
  • Column sensitive editing preference affects editing fully free RPG source (APAR SE72953) .
  • When editing SQLRPGLE source with the Remote Systems LPEX editor, the SQL FETCH statement does not format well (APAR SE73285).

Back to Top

 

Intermapper


Version: 6.4.3

Apl 14, 2020

Enhancements
  • Changes were made to enhance map loading time at startup with large numbers of maps and charts.

  • The ability to detect corrupted chart files and repair them has been improved significantly.

  • A number of improvements in memory management and CPU usage have been completed. Even with large numbers of maps and charts, memory and CPU usage have been signficantly reduced.

Other Fixes
  • When exporting a mix of old and new chart data to Intermapper Database, the export now completes reliably.

  • The WMI Logged-on Users probe now works properly with Windows Server 2012 R2.

Back to Top

 

JAMS


Version: 7.1.557

Apr 13, 2020

Enhancements
  • Installer
    • Updated the installer to improve upgrades from JAMS V6.X to JAMS V7.1.557. The changes include:
      • When converting a JAMS V6.X Menu Definition to JAMS V7.1.557, the installer now includes Jobs if the V6.X Menu had "Include Setups" selected.
      • Enhanced the installer to identify and log potential inconsistencies before upgrading from JAMS V6.X to JAMS V7.1.557.
      • Updated to save the JAMS V6.X Job Override name as the Job name in the V7.1.557 History View.
      • Converted the SubmitDate and SubmitTime properties.
      • Assigned Setup Jobs that have different Agents to the Submit Job Tasks in the JAMS V7.1.557 Sequence.
      • Added a default user to a Root Folder, if no Credential was assigned to the Folder.
      • Converted Setup Job properties on Setup Definitions in JAMS V6 to Schedule Items and/or Properties on Sequence Tasks in JAMS V7.1.557.
      • Updated the Sample Jobs to use the Samples Credential.
      • Updated the Current Schedule Report in V6.X for JAMS V7.1.557.
  • Desktop Client
    • Added additional available columns to the History, Job, and Monitor Views for better visibility and usability.
    • Included a new PowerShell button to let a user open PowerShell ISE and edit the Job source.
    • Added the ability to create an Audit report.
    • Added right-click options for "Select All" and "Copy" to the Log File in the Monitor Detail.
    • Added the ability to change the Agent Type and Platform when editing an Agent Definition, if the Agent is not referenced by other JAMS Objects.
    • Added the ability to change the Connection Type when editing a Connection Definition, if the Connection Type is not referenced by other JAMS Objects.
    • Updated the Sequence Editor and Viewer to display inherited Properties and Schedule Items for a Submit Job Task and allow overriding of values.
    • Updated the Monitor View to add new right-click options to view Sequences and Workflows within the Entry Details screen.
    • Added a Monitor View query option to filter by Entries submitted by a user.
  • Scheduler
    • Added the Schedule for Date and Scheduled Time properties for Triggers.
    • Added support for AmazonS3 Connections on File Transfer Sequence Tasks.
  • Web Client
    • Added additional available columns to the History, Job Definition, and Monitor Views for better visibility and usability.

 

Other Fixes
  • API
    • Resolved an issue where Job properties were not updated properly when performing a POST to api/submit.

  • Desktop Client
    • Resolved an issue where the order of Parameters was not saved.

    • Resolved an issue where an error occurred when submitting a File Transfer Task on a SFTP Connection Store.

    • Updated the help text for the Success or Failure Trigger Parameter.

    • Resolved an issue where all columns could be removed from the Definitions screen.

    • Added a warning dialog when attempting to delete an Execution Method that is in use by existing Job Definitions.

    • Updated the Monitor View to display the row count for only the active tab.

    • Resolved an issue where renamed Agents were incorrectly displayed in Queues.

    • Updated the error description on the SQL Stored Procedure Task when it fails to retrieve stored procedures from the database.

    • Resolved an issue where the Pass Parameters value on the PowerShell and PowerShell32 Execution Methods were set incorrectly after upgrading from JAMS V7.0 to V7.1.

    • Resolved an issue with Informatica Cloud Jobs where edits to the selected Task may not be saved after closing and re-opening the Job.

    • Resolved an issue where moving a Sequence Task would display an error when using a JAMS V7.1 Client with a JAMS V7.0 Server.

    • Updated the descriptions for the Server Name and Node Name on the JAMS Agent Edit screen.

  • PowerShell
    • Resolved an issue where the Stop-JAMSEntry command was not properly using the -FolderName option.
    • Resolved an issue that prevented the folder's qualified name from being fully displayed.
    • Resolved an issue where the Variable Delete() method could only delete Variables in the Root Folder.
  • Scheduler
    • Resolved an issue with the Mail Watch Job property not converting from 7.0 IMAP Agents to 7.1 Connection Store objects.
    • Resolved an issue where inherited permissions were changed to explicit permissions after changes to folder security.
    • Resolved an issue with SSL mode in FTP Workflow activities.
    • Resolved an issue where the Debug mode did not disable recurrence options when the Job is submitted via PowerShell.
    • Optimized the Sequence editor to let a user view the Job properties by right-clicking on a Submit Job Task.
    • Optimized the memory usage in the JAMS Server for Projected Schedule with a large number of Jobs.
    • Resolved an issue where a Duplicate Interval Error was displayed for Jobs with a Retry and Interval Triggers.
    • Added support for the latest version of the Informatica API.
    • Added SCOM Notify objects to the Schedule tab.
    • Resolved an issue that could prevent Job log files from being copied to the common log location.
    • Resolved an issue that could cause the S3Session Activity for Workflow Jobs to display a System.NullReferenceException error.
    • Resolved an issue where Jobs or Sequences were failing with a final status of "Job was executing, sending missing event". The issue also caused Entries to stay in the "executing" state and Interval Triggers to stop executing.
    • Resolved an issue where a Job that was waiting on a precheck Job could not be released from its precheck requirement.
    • Resolved an issue where an FTP Job failed and displayed an error message indicating it was unable to get the file size.
    • Resolved an issue where Audit Trail Entries were duplicated in the Monitor Detail View.
    • Resolved an issue where a user without Submit access to all Jobs may see a "Submit access to this Job was denied" error when opening a Projected Schedule.
    • Restored the ability to manually cancel a Job Entry and override the CompletedKept value to remove the Entry from the Monitor View.
    • Added support for multiple Schedule Windows on Jobs.
    • Resolved an issue where the ScheduleMaxDownAction was not taken when the ScheduleMaxDowntime was exceeded.
    • Resolved an issue where date-specific Job Dependencies with Depend on Date = "today" would not look more than 5 hours in the past.
    • Resolved an issue where a Schedule Window action of No Action was not used for auto-submitted Jobs.
    • Updated support for Date/Time comparisons in Variable Triggers.
    • Improved the Monitor View performance by clearing all related and completed Entries when an Entry is restarted.
    • Updated to allow unattended installations of JAMS without specifying the path for the JAMS Database and log file.
    • Updated to remove precheck Jobs based on their retain settings to reduce the number of repeating Entries.
    • Improved the performance of large Sequence Jobs entering the Monitor View.
    • Resolved an issue with using private key Credentials in a File Transfer Job.
    • Improved error reporting on the JAMSConvertHistoryJob Job that is used to convert history records from JAMS V6.X to JAMS V7.1.557.
  • Web Client
    • Resolved an issue to correctly display the time between 12:00PM and 12:59PM.
    • Resolved an issue where days or months could not be changed in the calendar for the Audit Trail and Projected Schedule Views.

Back to Top

 

Powertech


BoKS Web Services Interface

Version 7.1.0.2

Apr 9, 2020

  • Added the ability to set a configurable timeout for calls to the BoKS admin server, BCCAS. You can configure the time for the timeout. If the call fails, an error is logged. Request timeout is configured using the parameter requesttimeout in the config.yaml file and is specified in seconds. The default is 60 seconds.

  • Added enhanced error logging capabilities for failed requests.

  • Fixed an issue where an incorrect content length setting for UTF-8 characters in combination with the system locale not being set to UTF-8 could cause the WSI server to stop responding.

  • Update of third-party dependencies.

Compliance Monitor

Version 4.1

Apr 27, 2020

  • Security information for the connection certificate is now encrypted for installations in which TLS is used to encrypt communication between the Consolidator and the browser-based user interface.

Exit Point Manager

Version 7.24

Apr 16, 2020

  • A problem causing incorrect hex-encoded SQL transaction data in reports has been resolved.
  • PTNSLOGEXT no longer omits *FTPSIGNON activity when the Include User Profile (USR) parameter is used.
  • A problem causing some reports to omit column headings from stream-file output has been resolved.
  • Errors in the help text for the PNSLOGEXT command have been corrected.
  • A problem that caused the PNSLOGEXT command to fail when processing failed journal entries has been resolved.
  • An issue that could cause missing QSOCONNECT transactions on reports has been corrected.
  • A problem causing functions to display as numeric values instead of text has been resolved.

Password Self Help

Version 3.004

Apr 27, 2020

  • An issue causing the "Same Answer Allowed" setting to fail in some configurations has been corrected.
  • The message "unsupported version of PSH installed" no longer incorrectly appears when creating a product connection to a supported version of Password Self Help from HelpSystems Insite. The correct product version is now displayed.

Risk Assessor

Version 3.1

Apr 14, 2020

  • A problem causing ‘/’ to be incorrectly listed in place of ‘/QOpenSys’ in the SKYASSESS document has been corrected.
  • An issue causing the SKYGRPPTF report to be empty when the IBM i does not have an Internet connection has been resolved. The report is now populated with the group PTFs that are currently installed.
  • In the System Value table of the SKYASSESS document, the QATNPGM value is no longer incorrectly flagged as deviating from the Recommended setting. (It is at the recommended setting.)
  • An issue causing the PTF Group SF99333 to be incorrect in the SKYGRPPTF report in some cases has been corrected.
  • A CPF3309 error caused by a large number of trigger programs on the system has been addressed, and no longer results in assessment failures.

SIEM Agent for IBM i

Version 4.1

Apr 2, 2020

  • Outputs can no longer be created without specifying a Format.
  • A problem causing incorrect data to be added to T:SV (System Value change) transactions has been resolved.
  • A rules processing improvement removes the requirement to create catch-all rules in certain scenarios, improving the user experience.
  • The inability to resolve the IP address when a fully qualified domain name is set as the Location for an Output has been corrected.
  • A journal monitor performance issue has been resolved.
  • The inability to create Output files in some scenarios has been corrected.
  • A problem causing the field values in Conditions to not be included in copied rules has been resolved.

Back to Top

 

Robot


Robot Reports

Version 7.72

Apl 13, 2020

  • Fixed issue with extended subject line compatibility for Alert 6 and above.

Back to Top

 

Sequel


Viewpoint 11

Version: 11.20.093

Apr 7, 2020

Other Fixes
  • Improved visualization of the join relationships in the View Designer File & Field tab.

  • The Excel Add-in supports views with *SERVER syntax.

Back to Top

 

Showcase


Viewpoint 10

Version: 10.20.093

Apr 7, 2020

Other Fixes
  • Improved visualization of the join relationships in the View Designer File & Field tab.

  • The Excel Add-in supports views with *SERVER syntax.

C&DS Migration Utility

Version: 10.20.093

Apr 7, 2020

  • No updates for this release.

Back to Top

 

Titus


Titus Classification Suite for Mac

Version 2020.0

April 2020

Enhancements
  • The product now provides sufficient logs generated at all levels to help to trace activities as well as diagnose any problems through Apple’s native logging system. Administrators can troubleshoot on the client machine with the native logging system Apple provides without third party applications.

  • EWS dependencies have been removed in order to unblock enterprise deployment and to improve the send process efficiency in Outlook. The product can be distributed easier through an MDM solution without use of App Password. Also, product performance has been improved.

Other Fixes
  • When the TMC add-in is not installed in TCS for Mac and Outlook is unchecked in automation setting, TCS for Mac still flags the error - "Automation (disabled) must be enabled for Office Apps to use TCS for Mac"

  • A custom property is interpreted to numbers in Word while Excel and PowerPoint represent this value accurately in the custom property tab.

  • When Titus Add-in is installed, the Add- in UI is not loaded in Word/Excel/PowerPoint, and the “Developer Add-ins” dialog remains open.

Titus Classification Suite for Windows

Version 2020.1

April 2020

New Features
  • Titus Classification for Desktop allows a user to apply Titus metadata to a file which could automatically trigger VERA protection to secure files.

Enhancements
  • Improvements were made for accessibility, usability, user experience, and to handle display scale factor changes dynamically.

  • Titus has ensured the color icons and Field Values in the Ribbon and the Select dialog align properly.

Other Fixes
  • Configuration files did not download to client systems when using HTTPS if only Transport Layer Security (TLS) 1.2 was enabled. If TLS 1.0 or 1.1 was enabled, configuration files downloaded as expected.

  • When replying to emails received with a First Line of Text (FLOT), only one condition value was shown when there were multiple. During FLOT parsing, multiple values were being selected for classification.A trusted label icon appeared on some emails even though the Trusted Labels functionality was not enabled in the configuration.

  • Rich text formatting in Policy Alerts were not showing with the proper format.

  • Non-Titus watermarks were removed when Titus metadata and markings were updated on Microsoft Word documents that were already classified.

  • The FLOT parser was only considering first line from patterns when finding a match.

  • Australian Email Protective Marking Standard parser evaluated namespace from Sender’s email instead of gov.au namespace.

  • If a user activated the "TITUS Software License Agreement", the focus was not in the scrollable area of the text window.

  • When trying to open http://www.titus.com link from the About dialog box using a keyboard, users had to go through several keystrokes to activate the link.

  • Ribbon Help/Select text was not shown when opening classified messages.

  • Schema Downgrade rules could be bypassed by canceling the Select dialog.

  • Long (multi-line) schema field name text was truncated in the Select dialog.

  • Drop-down fields containing numerous (100+) values sometimes displayed with blank entries in the Select dialog.

Version 2020.0 SP1 HF2

April 2020

Other Fixes
  • If the ‘Suggested’ field in a schema value to ‘No’ then Patrol will not detect an unclassified file if the rule in the policy uses “” as the condition when checking File.Metadata.Classification.

Back to Top