Netsweeper is pleased to announce our 8.1.10 GA release. This release adds stability and security fixes to the 8.1 product. Customers who have not yet migrated to the EL8 platform should consider upgrading to the 7.2 EL6 GA release and migrate to the 7.2 EL8 based product prior to upgrading to the 8.1 GA release. Netsweeper continues development of the 8.2 release series which will be introducing many new product features and improvements. Netsweeper reminds customers EL6 extended support ends March 2024, so all customers should plan to migrate to EL8 before March 2024 for security related purposes.
If you have any questions or concerns about planning an upgrade to this release, please contact Netsweeper Technical Support (support@netsweeper.com)
See Also
Downloads
https://repo.netsweeper.com/netsweeper-el8-x86_64-8.1.9-1.iso (md5) (sha256)
Changelogs
Issue Type | Ticket | Summary |
---|---|---|
Bug |
NS-666 |
BGP templates with only '$URLS' would not work in any release. |
Improvement |
NS-669 |
Added the ability to have NSProxy send RST packets for 'non-decrypted' deny decisions, so the browser does not retry the HTTPS request. |
Bug |
NS-715 |
Customers transmitting old log files from "months" or "weeks" in the past could rotate out current logs depending on log file transmit ordering. |
Bug |
NS-759 |
All [apiname]_count queries would load the entire data structure into memory causing possible memory limit exceptions to be hit with large datasets. |
Bug |
NS-778 |
Client key in ClientHello can cause a fragmented ClientHello, which can cause the SNI name parsing to fail. Which can lead to the Policy Service to failing open, resulting in unfiltered requests. |
Bug |
NS-786 |
The RAS service did not properly clean up IP Address entries from deployments with multiple DNS servers. |
Improvement |
NS-788 |
Added the ability to run Search Keywords on the HTTP Referrer in order to enable keyword blocking with YouTube. |
Bug |
NS-794 |
RAS Service could create false 'address change' events for hosts that have both IPv4 and IPv6 addresses. |
Bug |
NS-796 |
The RAS Service uses the fixed size array when merges old and new IP addresses that can be insufficient for multiple DNS servers polling. |
Improvement |
NS-797 |
We now trigger a log-only event when we detect 'decrypt://denied' but we do not get a corresponding HTTP request and the client connection is closed, (which indicates our CA certificate is not installed). |
Bug |
NS-798 |
SysOps without Group General and Group Advanced permissions that allow for modifying a Group's information were still able to do so, due to the Group Lock feature added in the 8.1 release. |
Bug |
NS-801 |
Fixed Polaris Report issues for the RAS service. |
Bug |
NS-804 |
Exporting the Translation Catalog would include the WebAdmin HTML at the end of the file. |
Bug |
NS-805 |
Administration > Translations > Extract Catalog would display a blank screen when exporting. |
Improvement |
NS-810 |
The Policy Service must set a Client Filter cookie to indicate which protocol is used, allowing the nMonitor API to parse and use the appropriate username. |
Improvement |
NS-811 |
The nMonitor API can no longer use the 'request information' without performing a Policy Service lookup to validate the case and other information. |
Bug |
NS-816 |
Both Sysop and Admin Account users were unable to search the Groups list in the 8.1 release. |
Bug |
NS-827 |
Sysops without List Permissions are able to modify the list settings because of the changes to assume identity which include loading their last page and breadcrumbs. |
Bug |
NS-829 |
If you had the Category view set to both 'WebAdmin' and 'Reporter,' and you attempted to deselect one, your changes would not save. |
Bug |
NS-838 |
If you disable the Protocol Detection Engine some traffic will not go into passthru mode properly and no Unknown Event will be triggered. |
Improvement |
NS-839 |
The nMonitor API did not respond with the 'OK:' response when we properly processed the event, returning an empty page instead. |
Bug |
NS-842 |
NSUP2Date did not set the hostname for the service to send to the WebAdmin for improved validation. |
New Feature |
NS-845 |
Directory Sync will now only add the missing Accounts to the Groups and not replace all Accounts in the Groups during the Sync process. |
Bug |
NS-847 |
libwebdb was not validating Account type correctly, potentially allowing Accounts to download information it did not have permission to access. |
Bug |
NS-849 |
Report templates with custom Category filters added category numbers to the Report name errantly. |
Bug |
NS-850 |
Parsing the X-Forwarded-For header for Client Filter processing could cause the Policy Service to restart. |
Improvement |
NS-854 |
Improved the ability to process CNS requests without adding any latency. |
Bug |
NS-862 |
Profile Manager: When the user changes the categories for a profile, it won't set the category template, just changes the categories. |
Bug |
NS-872 |
The Client Filter Exceptions List now encodes spaces to %20 in the entry, as the file we export to is space encoded. |
Bug |
NS-873 |
Function iplist_ipv6_iprange_to_subnets could cause stack underflow when adding q. |
Bug |
NS-876 |
The weekly Report date-dropdown list was inconsistent between the Report dropdown and the Report instance views. |
Bug |
NS-879 |
Running the nsdctl chown nsd_* command could take a very long time to complete if the file sizes at the /usr/local/netsweeper/logs directory grew too large. |
Bug |
NS-884 |
CNS servers resolving to IPv6 addresses can cause 7.2, 8.1 and 8.2 releases to abort. Customers should upgrade to 7.2.15, 8.1.10, and 8.2.3 to avoid future stability issues. |
Improvement |
NS-893 |
Added a series of onGuard Permissions to the available Account Permissions. |
Copyright © 2024 Netsweeper Inc. All rights reserved.
Confidential and Private information. Distribution of the information contained herein is strictly prohibited.