CSSCurrent en:Update from v4.0.0 to v4.1.3

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche


Important Update Notes

Compatibility

Please check the Compatibility of your add-on products.

For technical reasons, version 4.0.0 will be updated directly to version 4.1.3. All changes of the intermediate versions are included.

Language Packs

Due to structural changes in the language packages, all server language packages will be removed and new language packages for German and English only will be installed again automatically. If more language packs are needed, it is required to download and install them again.

Cryptshare for Office 365 & Outlook compatibility

Cryptshare for Office 365 & Outlook v2.3.1 or higher required
This version of Cryptshare Server is no longer compatible with Cryptshare for Outlook versions prior to v2.3.1.

Database optimization 

Note for Installations with active database optimization
With Cryptshare v4.1.x, database optimization (see Advanced Cryptshare Configuration) is currently not required and should therefore be deactivated, as it unnecessarily consumes your system's resources.

If you have not removed the entry in the file "cryptshare.properties" before the update, please perform the following steps to disable database optimization:

  1. Delete the folder "new\_cryptshare\_db" in the program directory "orientDB/databases".
  2. Remove the entry "com.befinesolutions.cryptshare.db.optimize=true" from the file "cryptshare.properties".

File checksum algorithm changed from SHA-1 to SHA-256

File checksums, which can be obtained from the download section, are now created using SHA-256 instead of SHA-1.

Note for installations with active archiving connectors
Please note, that the meta information about the used algorithm (SHA-256 instead of SHA-1) will not be updated automatically for existing configurations. Please refer to the updated documentation regarding the changed template and Velocity Context.

Updating existing Archiving Connectors

Please follow the instructions in 'Updating Archiving Meta-Data' in order to add the algorithm type to your archiving meta information.

Improved Update and Restore mechanisms

Future updates will not require manual intervention any longer. The update and restore process will not need a manual server restart or manual intervention, i.e. the manual replacement of the Cryptshare Launcher.

Update to v4.1 on Linux
Please note that if your Cryptshare Daemon Script is not located under the default path ' /etc/init.d/cryptshare ' the Daemon Script may not be working properly after the update. If you haven't made a manual installation or changes you can ignore this hint.

Introduced 'Maximum Validity Term' for Verification Cookies

A new 'Maximum Validity Term' setting has been introduced for verification cookies. If the term is exceeded, the verification cookie will become invalid.

What's the difference between idle time and the maximum validity?

51971646.png

> 'Validity term for verifications' has been changed to 'Idle validity term'

The idle term is updated with every use. If a user does not use Cryptshare, the idle term expires and the verification becomes invalid. The maximum validity term describes the time a verification remains valid irrelevant if it has been used in the meantime or not. The verification becomes invalid in any case after that time.

Introduced Distribution Upgrade to openSUSE 42.3

The administration interface offers the possibility to upgrade openSUSE 42.2 hosts to openSUSE 42.3.

Removed default configuration for TLS 1.0

As TLS 1.0 is not considered a secure protocol any longer it has been removed from the Cryptshare default configuration.

Protocol and cipher suite definitions are overwritten by the update
Please note that the Cryptshare update will write new Jetty configuration files in order to comply with the latest security standards. If certain protocols or cipher suites are used for compatibility with older browsers, please check and adjust the configuration accordingly after the update.

Additional Changes

Features

  • Added the possibility to change the positioning of the logo in the UI Designer. Possible positions are:
    • Left (Default)
    • Center
    • Right
  • Introduced the possibility to customize the title for the Terms of Use. This way the requirements of GDPR can be fulfilled by adding a privacy policy to the terms of use and re-naming the link that is displayed to the users accordingly.
  • Introduced a banner in recipient notifications that informs the users that they accept the Terms of Use by clicking the "Download Files" button.
  • Changed the label of the "Next" button on the download screen to "Exit".
  • Updated the language packs to version 8.0.
  • Updated the Cryptshare for Office 365 & Outlook language packs to version 11.0.
  • Updated the default wildcard certificate which is pre-installed at delivery.
  • Adjusted the default Jetty WebServer configuration for new installations to perform better under high loads (please see detailed update instructions in our Wiki).
  • Added option to configure verification code validity term to the Administration Interface.
  • Several performance improvements.
  • Improved stability of uploads on slow connections.
  • Optimized overall memory usage of the web application.
  • Several improvements have been made on the update screen.

Bugfixes

  • Resolved an issue where the date for the Transfer Log CSV Export could not be changed.
  • Resolved an issue in the webservice interface where the password validation indicated an existing alphabetical sequence although no characters were specified.
  • Resolved an issue where a custom logo for email templates was not used.
  • Resolved an issue where the calendar for date pickers was not at the correct position in the Administration Interface.
  • Resolved an issue where changes to image alignments in the UI Designer were not applied to the User Interface.
  • Resolved a security issue concerning the EML viewer.
  • Resolved an issue where generated passwords were longer than expected. Generated passwords now always have the minimum length that was setup in the Administration Interface.
  • Resolved an issue in datepickers causing problems with certain localizations in browsers. Please refer to the documentation concerning language packages for further details.
  • Resolved an issue where the language names in the selector for the recipient language were shown in the wrong language.
  • Resolved an issue where the deletion of the a server language package removed all other server packages under certain circumstances.
  • Resolved an issue where the link for the Terms of Use were shown although the feature was not enabled.
  • Resolved an issue where custom links were not shown although being activated.
  • Resolved an issue with the database that could lead to sporadic unexpected behaviour of the server.
  • Resolved a security issue in the context of verification.
  • Resolved a security issue concerning the display of EML files in the content viewer. Items that potentially pose a security risk are not displayed, which may lead to the content viewer not showing all formatting and contents of the original message.
  • Resolved an issue where signatures and subjects defined in policy rules were not saved.
  • Resolved an issue where date pickers (e.g. for the log export) in the Administration Interfaces were not usable.
  • Resolved an issue where transfers sent via API or Cryptshare for Office 365 & Outlook where not retrievable under certain circumstances.
  • Resolved an issue where parts of the message where cut off if it contained certain special characters.
  • Resolved an issue where embedded content was missing and a text was appended to the message in the EML content viewer for certain types of embedded content.
Abgerufen von „https://documentation.cryptshare.com/w/index.php?title=CSSCurrent_en:Update_from_v4.0.0_to_v4.1.3&oldid=30191