Netsweeper 7.2.6 EA is now available for early adopters with major security improvements and advancements made for Client Filter, Upgrade and Directory Sync.
Customers running 7.2 should upgrade to the 7.2.6 release as we continue to fix major defects and finalize features. Netsweeper is continuing to address security issues while finalizing the last remaining features of the 7.2 release and actively moving the 7.2 release towards a GA during the next few development and release cycles.
The Netsweeper 7.2 release is available on both EL6 and EL8. Over the course of the 7.2 release cycle, we will be finalizing the EL8 release. Moving forward to Netsweeper 8 releases, we will no longer be releasing new features for the EL6 builds. Netsweeper will continue to provide security fixes to the EL6 builds but will not provide new features to the EL6 based release. Customers are expected to plan a migration to EL8 between now and 2023 if they desire the new features we are introducing.
Change Log 7.2.6
|The EL8 release now includes php-apcache to improve performance of the WebAdmin interface.
|11 high security issues have been resolved for the Directory Service.
|55 critical security issues have been resolved in the Netsweeper Library used in the policy service, reporter, nsup2d, client filter, and command line tools.
|6 critical security items for liblogmod5 logging framework have been resolved.
|1 high security item for libnsef protocol engine has been resolved.
|4 critical issues resolved in the libsearch engine.
|1 critical security issue was resolved in the libwebdb library.
|8 critical security items were resolved for the List Tools.
|55 DOM based Cross Site Scripting problems have been resolved in the WebAdmin.
|libwebdb in EL8 did not always download the configuration due to libcurl library timeout processing. Connect timeout and IO timeout processing has been resolved in EL8 releases for the policy service and nsup2d.
|A webdb_io_timeout setting has been added to NSUp2Date for the maximum time to wait for a download to occur.
|4 medium security issues have been resolved in the directory sync service.
|Directory Service now stores all passwords in the database encrypted.
|4 SQL escaping issues have been resolved in the WebAdmin that could not be remotely exported.
|There was a potential memory leak in the logging code when compiled for the Windows operating system and the Client Filter.
|The nsppde protocol engine could leak small amounts of memory when the system is out of memory. The edge case has been resolved.
|Directory Sync now supported encrypted password in the database for directory sync systems. Passwords are encrypted on upgrade, and the Directory Sync service will decrypt passwords in memory when used.
|In some cases, the Netsweeper 7.1.4 to 7.2.5 and Client Filter 7.49 to 8.17 releases could miss detection of IPv6 traffic.
|Icons are not visible in the dropdown when creating or editing a Group in the Simple Group interface. This issue impacts 7.2.4 and 7.2.5.
|Searching in Reports did not work in the 7.2.5 release.
|6 critical security issues have been resolved in the remote report loading web interface.
|We have added a robots.txt has been added to the secure https default path as customers have noticed external systems trying to access this file on publicly accessible systems.
|We do not stop data on flows being processed and flows that have been denied in Netsweeper 7.1.4 to 7.2.5. This impacts customers who do not send complete flows to the Netsweeper filtering system, and customers that have systems that will reuse a flow tuple in under 10 seconds. This only impacts the NFQUEUE based implementation of the Netsweeper filtering system.