How can we help?

Netsweeper 7.2.4 EA

Follow

Netsweeper 7.2.4 EA is now available for early adopters with major improvements to stability, security and advancements made for the Active-Active WebAdmin. Customers running 7.2 should upgrade to the 7.2.4 release as we continue to fix major defects and finalize features.


The Netsweeper 7.2 release is available on both EL6 and EL8. Over the course of the 7.2 release cycle, we will be finalizing the EL8 release. Moving forward to Netsweeper 8 releases, we will no longer be releasing new features for the EL6 builds. Netsweeper will continue to provide security fixes to the EL6 builds but will not provide new features to the EL6 based release. Customers are expected to plan a migration to EL8 between now and 2023 if they desire the new features we are introducing.

Netsweeper 7.2.4 New Features

Active-Active WebAdmin Support

  • Directory Sync can now be run on multiple Active-Active WebAdmin servers at the same time
  • Per domain Directory Sync Interval or Timing and logging level added
  • Directory Sync fields for Status, Sync Server, Sync Time, and Last Sync Date have been added to accommodate Multi Server Directory Sync
  • WebAdmin Backup allows the selection of WebAdmin servers based on the WebAdmin URL in Security Labels
  • Refactored to use the hostname of the server and not the IP Status
  • Status window (EL 8) shows the version, current time, and CA Certificate information

 

Change Log 7.2.4

Ticket Type Description
21456 FEATURE For Directory Sync, per server or domain Directory Sync Interval or Timing and logging level have been added.
21457 FEATURE DirSync is now able to run multiple syncs and have different domains sync at the same time.
24576 FEATURE WebAdmin Backup now supports Active-Active WebAdmin and allows the selection of WebAdmin servers based on the WebAdmin URL in Security Labels.
24965 SECURITY There is improved NGINX security based on the NGINX security report.
25089 SECURITY To prevent time-based user enumeration, Account signup emails are always sent and, if signing up for a specified email, it is not allowed, and a special message is sent instead of a signup link.
25116 SECURITY All logfile permissions are configured for CIS 4.2.3.
25138 SECURITY Reflected Cross-Site Scripting is fixed for view report API.
25140 SECURITY Time-Based SQL Injection is fixed for the Report API.
25144 FEATURE Security Labels are now refactored to use the hostname of the server and not the IP.
25145 FEATURE In El 8, the Administration > Status window now shows the version, current time, and CA Certificate information.
25148 FEATURE DirSync functionality is now available for the Active-Active WebAdmin.
25153 FEATURE Third party license file has been added to the release in /usr/local/netsweeper/etc/LICSENSE.MD.
25162 FEATURE New fields: Status, Sync Server, Sync Time, and Last Sync Date have been added to accommodate Multi Server Directory Sync.
25164 SECURITY Identical status codes and server responses have been implemented in the Reporter to prevent 'user enumeration'.
25165 SECURITY A permission check has been added to the Deny Page Editor.
25166 SECURITY The full path details are now hidden in Report error messages.
25167 SECURITY The 'Send Report by email' has been improved and the webserver address for links in the email are now not sent.
25168 SECURITY A security key check has been added to email reports to prevent unauthorized access.
25169 SECURITY Users can now only receive links to their own Reports.
25170 SECURITY Multiple limited reflected cross-site-scripting problems have been fixed.
25180 SECURITY Report export now limits Reports to the ones owned by the users that they can see.
25186 BUG Archived Log viewer for files would only show one kind of string from the whole file.
25188 BUG CC and BCC email selections were not working when emailing Reports.
25189 FEATURE NSProxy Client Filter compatibility fixes for SNMP library and OpenSSL 1.1 have been added.
25202 BUG The list_entry_delete_bulk API was not working correctly for type and part filtering when specifying bulk delete by item.
25210 BUG When the database password was wrong it caused a segfault.
25212 FEATURE You can now set up Sync Interval, Log Level and DisabledUser for each domain for  irectory Sync. The Settings button on the Directory Sync page has been removed and these settings can now be set when editing or adding a Search Base.
25216 DOCUMENTATION ssl_gen_key description has been updated in NS Proxy configuration and in documentation.
25224 UPDATE The Security Labels page has been updated to be clearer.
25225 BUG The El 6 7.2.3 release would not display inline images in the Deny Page due to the Content Security Policy header directive.
25235 FEATURE An error log has been added when failing to read directory entries from Azure or Google.
25240 BUG The El 6 Request Logs view would stop updating after the first page is full and the Apache web server would crash.
25241 BUG Memory leaks for the new Client fields have been fixed.
25251 BUG Adding Groups with @org, when there are Accounts with "manage all organizations" permission, did not work properly.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request