Netsweeper is pleased to announce the Client Filter 12.40 EA release. The 12.40 release adds several improvements and bug fixes to provide stability to the Chrome Mv3 Client. This release also updates many of the libraries that the Client product uses, improves on logging, and further refines the nUpdate service. Moving forward, all customers can use the Chrome Store version of our Client Filter for Chrome as all features will be available.
If you have any questions or concerns about planning an upgrade to this release, please contact Netsweeper Technical Support (support@netsweeper.com).
Changelogs
Issue Type | Ticket | Summary |
---|---|---|
New Feature |
CF-43 |
Added the ability for the Client Filter to lookup First Name, Last Name, and Email Address, as well as the ability to add these to the DUG message so the fields in the logging and nMonitor can be populated. |
Bug |
CF-192 |
Certain requests made with Android devices were incorrectly being logged as unknown protocols. |
Bug |
CF-304 |
The Client Filter Diagnostics 'Network Test' function would incorrectly return a 'Network works perfectly' result when a Policy Server was unavailable as long as the FQDN would resolve. |
Improvement |
CF-311 |
Removed unsafe-eval from the Chrome Extension Client in favour of wasm-eval. |
Bug |
CF-315 |
Changing the password from the Client Filter Settings GUI would cause log entry errors. |
Bug |
CF-319 |
Android GUI '-p servername' did not save the hostname. |
Improvement |
CF-326 |
The groupname cache for the group prefix search was per-workstation when the lookup is done per user. Both the cache and the lookup are now per-user. |
Improvement |
CF-331 |
nUpdate now logs to a different file when the config GUI runs. |
Bug |
CF-382 |
Uninstalling a MacOS MDM-based install would leave the system extension running, preventing the device from connecting to the internet. |
Bug |
CF-388 |
The Chrome Client Filter in all prior releases had no timeout value when trying to access an invalid policy server, which could cause 'fail open' fail close' and other dialogs to be prompted to the user. |
Improvement |
CF-389 |
Upgraded zlib from 1.2.13 to 1.3 to fix CVE-2023-45853 and CVE-2023-6992. |
Improvement |
CF-390 |
Upgraded openssl 1.1.1q to 1.1.1w to fix security concerns. |
Improvement |
CF-391 |
Upgraded sqllite from version 3.39.3 to 3.44.2. |
Improvement |
CF-392 |
Upgraded libtiff 4.4.0 to version 4.6.0. |
Bug |
CF-395 |
MacOS Client Filter Settings App could crash when loading in rare cases in versions 11.60 and 12.10. |
Bug |
CF-399 |
The iOS Client browser's nmonitor.php would get called with the compiled brand in the arguments instead of the configured brand. |
Improvement |
CF-402 |
Automated the iOS Browser upload in Jenkins. |
Bug |
CF-412 |
The MacOS Client Filter could get stuck in a non responsive state, as it would incorrectly think the VPN was errantly disabled. |
Improvement |
CF-421 |
Upgraded c-ares from 1.18.1 to cares-1_27_0. |
Improvement |
CF-422 |
Upgraded nghttp2 from 1.45.1 to 1.60.0. |
Improvement |
CF-423 |
Upgraded Chrome Client Filter libjpeg 9c to 9f. |
Improvement |
CF-432 |
The iOS Firefox Client Filter Browser would incorrectly log the workstation name as 'localhost' instead of the correct value. |
Improvement |
CF-437 |
We have improved detection of both automated and silent installs via MDM on the MacOS Client Filter. |
Bug |
CF-445 |
Resolved an issue where the MacOS nMonitor service would not restart after aborting. |
Improvement |
CF-454 |
Updated zlib to v1.3.1. |
Improvement |
CF-455 |
Updated libpng to v1.6.43. |
Improvement |
CF-456 |
Updated libwebp to v1.3.2. |
Improvement |
CF-457 |
Updated libtiff to v4.6.0. |
Improvement |
CF-458 |
Updated libuv to v1.48.0. |
Improvement |
CF-459 |
Updated mbedtls to v2.28.7. |
Improvement |
CF-460 |
Updated leptonica to 1.84.1. |
Improvement |
CF-461 |
The default nUpdate frequency has been reconfigured to one week (168 hours). |
Improvement |
CF-462 |
Updated tesseract to 5.3.4. |
Improvement |
CF-463 |
Updated libexpat R_2_6_2. |
Improvement |
CF-464 |
Updated wxWidgets to v3.2.4. |
Improvement |
CF-465 |
Updated libopenssl to OpenSSL_1_1_1w |
Improvement |
CF-466 |
Updated libcurl to curl-8_7_1. |
Improvement |
CF-467 |
Updated libpcap to libpcap-1.10.4. |
Improvement |
CF-468 |
Updated sqlite to 3.45.2, multiple ciphers to v1.8.4. |
Improvement |
CF-472 |
Switched the Chrome Client Filter to use wxWidiget Command Line parser for improved compatibility. |
Bug |
CF-473 |
Fixed high priority polaris scan issue. |
Bug |
CF-474 |
Resolved a rare Chrome MV3 issue where the Image Capture Code in chrome could crash. |
Improvement |
CF-477 |
Moved cookies into the new nscf databse. |
Bug |
CF-480 |
The diagnostics service could crash if the logfile grew too large. |
Improvement |
CF-481 |
The default download frequence for nUpdate is now once a week (604800 seconds). |
Improvement |
CF-482 |
Added the ability to adjust the default nUpdate download timeout. |
Improvement |
CF-483 |
Added more diagnostic information to the .json download and the .msi download. |
Bug |
CF-484 |
nUpdate will no longer reset timers that have not changed when a new configuration change is detected. |
Bug |
CF-485 |
Renamed JSONs queries_ocr_cats and queries_keylog_cats to be more consistent with other JSONs. |
Improvement |
CF-488 |
Disabling the Filter on the VPN-based Client Filter could stop packets from being sent to the SSL Decrypting proxy when filtering was disabled. |
Bug |
CF-490 |
Client Filter upgrades to the 12.10 and later release with the default 'Netsweeper' brand were attempting to download nMonitor data from the default https://cloud.netsweeper.com/webadmin URL even when nMonitor was disabled. |
Improvement |
CF-491 |
nMonitor will no longer try to download training data when it has a revision and will only update when a new revision is available. |
Improvement |
CF-492 |
We now skip ICMP User Module Lookups For Android devices. |
Bug |
CF-494 |
Fixed a minor typo in the generated Windows upgrade JSON. |
New Feature |
CF-495 |
The nUpdate for Windows will now resume the interval for checking based on the last check time when the service starts. |
Bug |
CF-497 |
When Decrypting SSL in the Client Filter, the new client disconnect event could cause NSProxy to abort, impacting Client Filter 12.10, 12.20, 12.30 releases on Windows, MacOS, iOS VPN, and Android VPN implementations. |
Copyright © 2024 Netsweeper Inc. All rights reserved.
Confidential and Private information. Distribution of the information contained herein is strictly prohibited.