Monthly Release Notes - July 2021

Jump to:

 

Clearswift


Secure Email Gateway

Version 5.3.0

Jul 29, 2021

New Features
  • Sandboxing allows the execution of email attachments in a controlled environment to check for any suspicious activity such as attempting to modify the registry or a file on the system. Sandboxing uses the Sophos sandboxing service and works in tandem with Sophos Anti-Virus. All sandboxing activity is conducted in the cloud and not on-premise.

Enhancements
  • An extra two rows have been added to the Product Information table on Cockpit Clearswift page to show whether Red Hat or Clearswift online updates are enabled.

Other Fixes
  • Fixed an issue where the "Upgrade is available" alarm would never be raised if using a non-English system locale.

  • If you change the gateway branding text and add multiple lines, they all display on a single line. This has now been fixed.

  • Fixed an issue where new SCOM servers could not always be added in the "Monitoring Services" page in Cockpit.

  • The 5.2 upgrade overwrote the keystore, reverting the custom UI certificate back to the Clearswift self-signed cert. This has now been fixed.

Secure Exchange Gateway

Version 5.3.0

Jul 29, 2021

Enhancements
  • An extra two rows have been added to the Product Information table on Cockpit Clearswift page to show whether Red Hat or Clearswift online updates are enabled.

Other Fixes
  • Fixed an issue where the "Upgrade is available" alarm would never be raised if using a non-English system locale.

  • If you change the gateway branding text and add multiple lines, they all display on a single line. This has now been fixed.

  • Fixed an issue where new SCOM servers could not always be added in the "Monitoring Services" page in Cockpit.

  • The 5.2 upgrade overwrote the keystore, reverting the custom UI certificate back to the Clearswift self-signed cert. This has now been fixed.

Back to Top

 

Core Security


Core Impact

Version: 21.1

Jul 13, 2021

New Features
  • Network Map View. This view provides you with a real-time overview of attack chains, pivoting and any other activities completed during testing. This increased insight allows security teams to better determine the best path forward in the testing engagement.
  • Automated Updates. Minor updates to Core Impact and new exploits can now be automatically installed, allowing you to enjoy new features as soon as they are available. This new feature is available through Tools -> Options -> Software Updates section.
Enhancements
  • Searching within Core Impact modules has been enhanced, with search results now featuring additional context making it easier to find what you’re looking for.
  • Modules search keep the folder's structure while displaying the results.
  • Reorganized some sections in the Tools -> Options menu to make them easier to understand and find.
  • Dependencies updates:
    • OpenSSL 1.1.1k
    • NMap 7.90
    • Impacket
    • mimikatz 2.2.0-20210512
Other Fixes
  • Added ability to run Remediation Validation on work spaces created in previous versions.
  • Added ability to install an agent using SSH on modern Linux distros.
  • Identities Verifier can now run without limitations on the number of lines of the password file.
  • Nessus vulnerability scanner integration is now working with the latest version.
  • WMI modules have been updated to work with the latest Windows 10 versions.
  • PCAP Plugin has been updated to support the latest Debian and Red Hat 64 bits versions.
  • Enumerate User Accounts with SPNs module has been updated to support the latest Windows 2019 Server versions.

Visual Identity Suite (VIS)

Version 2.7.0

July 30, 2021

New Features
  • Data Collection from Microsoft Azure AD available to VIS customers when using a licensed connector.
  • Data Connector ease of use features automate connector deployment and use:
    • Automated Data Connector installation. The Data Connectors available to the customer automatically install when selected for use.
    • VIS informs customers when Data Connectors available to the customer have updates. Users can update their connector with the One-Click Data Connector upgrade feature.
    • New types of Data Connectors to be made available to customers automatically as they are released.
  • Collected entitlements can be displayed in catagories under the Entitlement Types view in Role Designer.
  • Search and add entitlements feature available for use while designing roles with Role Designer.
  • Nested Entitlements discovery in Certify and Role Designer:
    • The Matrix can display all the entitlements that are contained within a single entitlement with the Nested Entitlements view allowing users to view the full range of access items a specific entitlement provides when added into a role.
    • Nested Entitlements toggle button in Role Designer and Certify displays to users working with a specific entitlement all nested entitlements contained within that entitlement.
Enhancements
  • After the VIS installation, the first user to access the instance is required to agree to the EULA terms. After selecting the agreement check box, users will have access to their instance of VIS.

Back to Top

 

Document Management (RJS)


Webdocs Forms Management

Version: 10.0.16

Jul 27. 2021

New Features
  • New Form & Workflow Guided Designers
    • Form and workflow designers now have a Guided Designer navigation bar that steps you efficiently through the design process.
    • Workflow design canvas provides a more appealing visual wireframe for the workflow, including step icons and visibility of Email and Webhook Activity Doc Actions in the outline.
    • Easily add Steps, Preconditions, or Activity Doc Actions at any eligible point in your workflow. Workflows are no longer built using drag and drop from a palette. Instead the workflow design canvas has
    • ”insertion points” marked with a clickable plus icon at which steps may be added.
    • Added ability to copy (alt-drag) Precondition, Email, and Web Hook steps.
    • View and edit Workflow Step Properties wizard on the Workflow Canvas, with the workflow diagram in view for reference.
    • Shift between workflow steps while remaining on the same Properties Wizard tab, without extra save/submit clicks.
    • Quickly shift between forms in a workflow while editing form or business rules - no need to return to workflow canvas.
    • Precondition Wizard size expanded for improved user experience.
    • Form Name on Workflow Step can now be edited using Print Name property.
    • Form and Workflow Settings appear on the canvas and are responsive to window or device size changes.
Enhancements
  • Form/Workflow Design
    • Option to Save and remain in Form/Workflow added.
    • Property Validation will only occur if the designer has made a change, making it easier to leave and return later to correct errors.
    • Popup confirmation message appears when deleting a step to prevented unintentional deletion.
    • Disable Task notification emails on any Workflow Step.
    • Rich Text Editor (RTE) for Message Controls: New RTE popup accessible from Properties Panel or Message Control allows smooth RTE editing and resolves bugs that could cause the RTE to close or disallow edits.
    • Hide the Submit button on tablet and mobile devices.
  • Visual Rule Builder
    • Implemented modern User Interface for rules list and action menu consistent with other screens.
    • Designers can now reorder the rules in rule editor.
    • The form outline is always opened and expanded to one level.
    • A control that is selected in the form will appear expanded in the Rules: Form Outline panel when the designer clicks "Rules". This view allows the designer to quickly access the control's properties when writing business rules. The Control properties panel on Rules Page has been removed.
  • Security: Cross Site Request Forgery (CSRF) Protection implemented across all resources, preventing potential security breaches via malicious links.
  • frevvo is now certified with MySQL v8.
  • Sort Schemas, Spaces, and Styles lists alphabetically.
  • On Premise customers can configure whether Email Subject is masked in logs.
  • Added debugging support for SAML attribute mapping.
  • Quartz lock settings updated for improved performance of workflows with escalations.
  • Task List Search now features a Search bar (which replaces the dropdown menu), to help users more quickly and easily find the forms/workflows they have access to.
  • New JDBC driver for SQL Server 2k19
  • New dataOnly parameter to provide access to response headers when making http calls from rules
  • Redesigned Login Page
  • Arabic font options added for PDF snapshot and generated PDFs.
Other Fixes
  • Form & Workflow Designers
    • Workflow Designer: While page is loading, workflow outline shows prior step names instead of current step names.
    • Unhelpful application error message with exception details displayed in UI when errors occur.
    • Template validation error appears but cannot be corrected when there is an invalid template in the Quick Approval tab and Quick Approval is disabled.
    • Escalations set to a date control template incorrectly fires the escalation early when the date control resolves to the last day of the month.
    • Escalation fails in a screenflow with Save on Navigate enabled.
    • Controls with built-in patterns, such as the Phone Control, are flagged as invalid when not filled and not required. This is due to having a default value of empty string instead of null.
    • Default values, visible in the UI, are not present in the submitted XML document when initializing form from XML.
    • Tab control label text appears wrapped and overlaps other controls in generated PDF.
    • Cannot upload attachments after upgrade to 9.0.12
    • Cancel button Document Action Send to Sharepoint wizard does not show "Are you sure you want to cancel changes?" warning, and saves instead of cancels changes.
    • Adding 200+ steps in the Workflow Design Wizard causes a '504 Gateway Timeout' error.
    • Workflow Design Wizard: Using special characters in the Workflow Step Name causes test window to hang with "Initializing Form" message.
    • A Workflow Step Precondition that uses an Upload Control as criteria produces error message "Precondition evaluation failed."
    • Workflow Step Precondition toggle automatically switches to "off" position after user enters Description.
    • Task Info Message displays an unhelpful id string when a template used in the Task Info Message resolves to null.
  • Security
    • Resolved security issue with Google Connector password being exposed in query URL parameters.
    • Security: Resolved security issue with forms filled out anonymously where a session identifier could be leaked in the URL and used in a different session to see what data the user is entering.
  • Windows cannot stop the frevvoforms service.
  • Workflow Tasks can get into an erroneous state of being both assigned to a user and saved or submitted by the current owner.
  • Edit User page: Cannot clear Reports To field.
  • Initializing a form from XML is not updating the single row repeat values rendered as part of the default form.
  • Incorrect Session Expired message appears when attempting to modify again a recently modified task.
  • Incorrect browser tab icon shown in popup test window.
  • Upgrading from from v7.1 or v7.0 to v9.2+does not set UUID on user and does not load or upgrade linked applications/projects.
  • Default Space does not work if there are two spaces in the same tenant with the same Space ID.
  • Confluence: Error message "Could not get locale strings" occurs when creating a new form.
  • Task List Search: Form/workflow dropdown is no longer in alphabetical order.
  • Task search screen for Tenant Admin times out and does not show forms/workflows in dropdown list if there are a large number of forms and workflows in the query.
  • Error message "500 - Internal Server Error" on User Profile page in scenarios where users have 100+ roles and an IIS server is used with frevvo.
  • A workflow is generating invalid xml documents causing submissions to fail to load.
  • Error when starting frevvo caused by double quotes in server.xml file: address=”YOUR_TOMCAT_IP_ADDRESS” requiredSecret=”YOUR_TOMCAT_AJP_SECRET”/
  • Tenants with LDAP Security Manager incorrectly see "Max user limit reached" error and "500 - Internal Server Error" even when Manage Sessions screen shows sessions within limit.
  • XML Parsing Error seen in browser debug console while editing forms & workflows.
  • The embedded url for a flow generated using API causes null pointer exception when that embedded url is used by an internal or external application.
  • PDF Embedded in Message Control not showing in a space on Chrome & Edge browsers.
  • Rejection sends email configured in the "Reject To" step, instead of the "Reject From" step.
  • A Script Error occurs when changing label of certain controls.
  • Error in logs "Data truncation: Data too long for column 'type' at row 1" when file uploaded with long filename.
  • Designer is unable to delete table rows in workflow design mode.
  • Combobox does not populate when validation is set and there are more than 1,000 items in the query (i.e. users).
  • API Submissions Errrors after Cloud upgrade 10.0.2
  • Template thumbnails are not visible.
  • Tab Control: Tabs title doesn't appear in Red on submit when required fields are empty.
  • API Submissions Errrors after Cloud upgrade 10.0.1
  • Clicking Save & Close on some workflows shows Application Error in UI.
  • Cannot upload attachments when performing a task from task list.
  • Error in logs for tenants using API where User-Agent is null after upgrade to 10.0.0
  • Print, Cancel, Form Viewer and Link buttons, and Upload file links in for forms accessed from a space and HTML links in space homepage are not clickable.
  • The top 5 lines of rule code in maximized view are blocked by form header and cannot be viewed or edited.
  • Using an empty _data query parameter causes the form to not render and shows a 400 error.
  • OEM Customization - The tomcat site fails to start when including ${servlet.path} variable.
  • SAML tenant - uploading users without any roles turns off the users' email notifications and does not allow immediate login
  • Money control: large numbers are converted to exponential (scientific notation) in submission XML
  • Results with ampersand appear as '&amp' when selected in Combobox
  • Some workflows created on older version display "Form save failed" error when editing and saving in v10.0.x.
  • Security: Users who performed previous steps can access tasks in later steps of the workflow.
  • Azure Security Manager: Task List Workflow Admin search allows form/workflow access to users with a role that contains an apostrophe
  • Session Expired message shown when Cancel button is clicked after upload a file (Upload Control) on a saved form.
  • SyntaxError, Null Point Exception in frevvo logs while using Task Search as Workflow Admin
  • Typo in frevvo Pending Message - place vs. placed.
  • Project/application downloaded in v9.2 or prior is not upgraded when uploaded to v9.2+
  • The rejection email is sending the email set up on the step rejected to, not the step rejected from.
  • The login in screen provided when user clicks Task Notification link in an email is only partially visible; the user cannot enter password or click Login.

Webdocs Windows

Version: 2.1.8

Jul 29, 2021

New Features
  • Added ability to administer document field data types from the document type definition screen.
  • Added Document Field Types feature to Document Type definitions. Users can use this feature to apply automatic field validation on data input of newly added documents.
  • Automatic Document Type Expiration Options of Move, Orphan and Route have been added and allows administrators to define actions a document will take when the expiration period is reached.
    • Move action moves the expired document to a selected folder.
    • Orphan action moves the expired document to the orphaned folder.
    • Route action places the expired document on a selected route for review.
  • Created new Routing Report which displays 12 week rolling route usage data on the Webdocs home screen.
  • Created new Usage Report and ReportView role which displays 12 month rolling usage data on the Webdocs home screen.
  • Document Expiration Actions added to Document Type configuration to provide automation to Webdocs by performing an action on a document when it expires.
  • REST Based Document and Route Events added to allow custom event methods to be written in any technology that supports REST APIs.
  • Updated Check In screen to show Field Type validation errors to the user
  • Users can now define the number of days to delete orphaned documents in the document type edit screen. When set to a value greater than zero, the new Expiration Service will automatically delete those orphaned documents from Webdocs and from disk.
Enhancements
  • Document In-browser viewer on the document details screen is now re-sizeable.
  • Users can now navigate back to the previous screen (Search Results, Document Folders, or Inbox) from the Email Message Preview screen.
  • Added new database setting MaxPageSize for the maximum document pages allowed for the document viewer to display a document. Improved user displayed error messages when the document is too large to be displayed.
  • Set document original file name when adding documents from the REST API.
  • When editing a document after performing a search on the search results screen, users saving or canceling those edits shall be returned to the correct page of the search results, with the correct sort applied and edited document highlighted in yellow for reference.
  • When editing a document from the folder list screen, users saving or canceling those edits shall be returned to the correct page of the folder results, with the correct sort applied and edited document highlighted in yellow for reference.
  • Document Viewer now supports redaction.
  • PDFs, PNG, JPEG, TIFF page rotation can now be saved via the document viewer.
  • Added Link to Routing Inbox to route notification email body.
  • Added the ability to reorder PDF pages in the Document Viewer
  • Administrators can now hide specific routes from displaying in the user inbox. Useful for routes used by external systems.
  • Added Save and Close button to edit document details.
  • Added Submit and Close button to edit workflow document page.
Other Fixes
  • Fixed issue with PUT Document request and exit point integration that could cause unexpected behavior.
  • Fixed issue in REST API Users endpoint where the default Admin user could not return their own record.
  • Fixed issue in full text indexing where a DLL would sometimes not be found at runtime.
  • Improved rendering of PDFs in viewer
  • Updated column headers on search to match document types when a type is selected and fields have been skipped in the document type.
  • Corrected issue where annotations could sometimes not be deleted by users in the document viewer.
  • Fixed issue where bad data in user permissions could cause a search to fail unexpectedly.
  • Fixed issue where Scan Workstation would not show the correct error message returned from Webdocs on a denied check-in of a new document.
  • Improved font rendering of PDFs in Document Viewer
  • Starts-With searching now only utilizes the entire phrase and not each word in the phrase.
  • Document Checkin Loading Icon sometimes staying on display when loading completed.
  • Document Checkout occasionally doesn't show CheckIn button after completion.
  • Document Checkout and Checkin actions now properly set the Cancel button action.
  • REST API for document put will now set document to be indexed automatically
  • Fixed issue where Inbox would not sort by Route Name
  • Folder Add screen now allows spaces in the folder name.
  • Fixed issue where Client Proxy was not always closing connections to Webdocs.
  • Fixed issue where workflow approval screen may not show exit point and event error messages to users.
  • Starts-With and Exact Match searching is now available via the REST API and only utilizes the entire phrase and not each word in the phrase.
  • Fixed issue where the folder path displayed in the document details would be blank for items in the root folder, and also would not show the correct folder name if the root folder was renamed.
  • Fixed issue where documents would not be re-indexed for searching when moved to another folder.

Back to Top

 

Intermapper


Version: 6.5.3

July 15, 2021

Features
  • Upgraded Intermapper Splunk App with Python 3.

Enhancements
  • Enhanced maintenance processing, warning users that they need available disk space to be at least double the size of the database.

  • Improved the database migration process, added a progress bar, and added more informational and error messages.

  • Updated License Key Dialog with new text and links.

  • Updated the Intermapper Migration Guide to reflect the latest updates in migrating from PostgreSQL 8.3 to 10.14.

  • Improved PostgreSQL database upgrades on slow systems.

Other Fixes
  • Resolved the issue where the Intermapper Datacenter does not start if the Intermapper Server is installed on a non-C drive.

  • Resolved the failure to apply scaling and display units for Gauge32 in on-demand tables.

  • Resolved the failure when applying a retention policy when deleting old data in IMDC.

  • Resolved daily and weekly maintenance issues related to the Intermapper Datacenter database; significantly reducing time spent on those operations.

  • Resolved the delay in the startup of Intermapper on Microsoft Windows and Linux systems.

  • Resolved the issue where LDAP Authentication does not work.

  • Resolved a fault in the IM server's response to the IE and Edge browsers that was introduced while making the server fully TLS conformant in IM-v6.5.2.

  • Resolved an inconsistency (specific to Linux systems) between the default path for the settings directory using a command to configure the Intermapper server.

Back to Top

 

Powertech


Powertech Encryption for IBM i

Version 3.63

Jul 13, 2021

Enhancements
  • An Intermediate (*INT) value has been added to the Auth. List Caching (AUTLCACHE) parameter for field encryption entries. The new setting caches authorization lists, but checks them every 60 seconds between decryption operations. Previous versions offered a choice between full caching, which never picked up changes to authorization lists, and no caching, which carried a distinct performance penalty. The new setting offers the flexibility of the no-cache option, combined with a pronounced performance advantage over the no-cache setting.
  • A new "Decryption Accelerator" option has been added to the field encryption entries. Setting this new option to *YES can provide performance improvements for jobs that use native I/O (RPG, Cobol) to read data from encrypted fields.

    NOTE: Fields that have already been encrypted do not benefit from this setting automatically. For those fields, deactivating and reactivating any field can provide the performance improvement for all encrypted fields in that file.
  • Certain system values must be configured properly in order for IFS encryption to perform as intended (indicated in the User Guide). If IFS encryption is attempted without the appropriate system values set, Powertech Encryption now issues a warning message that indicates the system values that have not been properly configured.
  • Enhancements to the PRTFLDENCE report now allow the encryption status for all field encryption entries to be reported.
  • The language in the High Availability instructions was updated for clarity, and instructions were added to include the product's own authorization lists in the objects to replicate.
  • The configuration report that, once generated, is saved to /tmp is now set to *PUBLIC *EXCLUDE for improved security.
  • Instructions that describe the RLA Sort Utility STRRLASRT, and its recommended usage, have been added to the User Guide.
Other Fixes
  • An issue causing a zero-length file size after copying an encrypted sub-folder has been resolved.
  • Issues with activating fields of specific data types (VARCHAR, GRAPHIC, BLOB, CLOB) that were causing an SQL0681 error have been resolved.
  • A single quotation mark (') in the message text for CRYPTO/CRMSGF msgID CRE4036 that interfered with dynamic command execution has been removed.
  • A pointer issue in the CHGLFLDKEY command has been resolved.

Back to Top

 

Titus


Data Detection Engine

Version 2021.07

July 23, 2021

Enhancements
  • The Personal Data Detection (PDD) task and resources are removed from the GDPR catalog.

  • Data Detection Engine leverages the new flexible type "Results" property that can contain a sub property of any data type from any data category in a catalog. This facilitates deeper configurability.

  • GDPR Catalog has capability to detect phone numbers from a specific list of countries.

Other Fixes
  • When the content is detected as "PressRelease" category, the sensitivity score needs to be attenuated. The positive value weight assigned to the PressRelease category in the GDPR catalog resulted in no attenuation of the Sensitivity score. This issue is fixed now with a negative weight assigned to the PressRelease category.

  • The Data Detection Engine did not report the detected sensitive data if the Category cannot be detected. This issue is fixed now.

Policy Manager

Version 2021.07

July 23, 2021

New Features
  • The new Targeting feature provides capability to assign Configurations to specified user groups in a domain. When launching Policy Manager for the first time after the new release (or after being onboarded), the consent and permissions dialog may appear to request permission to read group data for the user targeting feature. The user may be asked if they want to use the targeting feature.

Enhancements
  • The Data Detection Engine Custom Condition leverages the new flexible type "Results" property that can contain a sub property of any data type from any data category in a catalog.

Titus Console

Version 2021.07

July 23, 2021

New Features
  • When accessing Titus Console for the first time after the new release (or after being onboarded), the consent and permissions dialog may appear to request permission to access Titus Console.

Titus Classification for Google Workspace

Version 2021.07

July 23, 2021

New Features
  • The new Targeting feature enables assigning targeted Configurations to user groups in a domain. When launching Titus Classification for the first time after the new release (or after being onboarded), the consent and permissions dialog may appear to request permission to read user and group information for the user targeting feature.

    NOTE: With the new changes introduced by the Targeting feature, the Configurations that were created and published in a previous release, and are used by Titus Classification for Google Workspace users need to be republished.
Enhancements
  • Titus Classification for G Suite is now re-branded as Titus Classification for Google Workspace.

  • Titus Classification for Google Workspace extension is now hosted in Titus cloud and the URL for installation of update.xml file can be retrieved from the Titus cloud URL.

  • Titus Classification for Google Workspace now supports Fail Open behavior as the default failure behavior, allowing users to send emails without applying classification if a service error is encountered.

Other Fixes
  • Content detection by Data Detection Engine was not available for Google Calendar Events. This issue is fixed now.

Titus Office Add-in for Outlook Online

Version 2021.07

July 23, 2021

New Features
  • The new Targeting feature enables assigning targeted Configurations to user groups in a domain. When launching Office Add-in for the first time after the new release (or after being onboarded), the consent and permissions dialog may appear to request permission to read user and group information for the user targeting feature.

Enhancements
  • Office Add-in now supports Fail Open behavior as the default failure behavior, allowing users to send emails without applying classification if Titus Classification Service encounters an error.

Other Fixes
  • When you click Send button in Outlook Online for a New message, or in Reply/Forward of a message, the message pops out in a window and you need to click Send again to send the message. Any triggered Policy Alerts will be displayed after the pop out window. This issue can be fixed by following the instructions in Google Workspace documentation. See "Classification user experience > Disable pop out behavior for on send Event of Outlook Online (optional)" section.

  • Sensitivity for Credit Card number is not detected in the Office Add-in if the credit card number is on a line by itself. This issue is fixed now.

Titus Office Add-in for Word/Excel Online

Version 2021.07

July 23, 2021

New Features
  • The new Targeting feature enables assigning targeted Configurations to user groups in a domain. When launching Office Add-in for the first time after the new release (or after being onboarded), the consent and permissions dialog may appear to request permission to read user and group information for the user targeting feature.

Enhancements
  • Office Add-in now supports Fail Open behavior as the default failure behavior, allowing users to send emails without applying classification if Titus Classification Service encounters an error.

Back to Top