CSSCurrent en:Update from v4.2.1 to v4.3.0
Important Update Notes
QUICK Technology
Compatibility
Please check the Compatibility of your add-on products.
General
QUICK Technology considerably simplifies the use of Cryptshare! Instead of having to exchange one-time passwords manually, QUICK will take over the management of passwords for your users so they don’t have to deal with passwords anymore but can send and receive information passwordless. For more information please use the following links:
It is therefore highly recommended to invalidate existing verifications during the post update.
Consequences:
- No invalidation:
- Cryptshare and QUICK Technology work without any constraints.
- QUICK does not work on the highest possible security level.
- Invalidation:
- QUICK will work on the highest possible security level.
- All users will need to perform a verification again.
Impact on performance
Please note that due to the technical complexity of the QUICK Technology an increased consumption of resources on the Cryptshare Server is expected. It is therefore recommended to check the general utilization of the system before updating and, if necessary, provide additional system resources in order to use QUICK. The average increase is approx. 15%.
Language Packages
Delta-File for changed passages
In case your language packages have been modified, the attached delta-file Datei:42274357.txt can help you to locate the changes in this update and re-apply the modifications.
Click here to see how the delta file for language packages is built.
\-------------------------------------------------------------------- REMOVED FILES --------------------------------------------------------------------<files>
\-------------------------------------------------------------------- NEW FILES --------------------------------------------------------------------<files>
- Keys have been removed
- Keys have been added
- Keys have been modified
\-------------------------------------------------------------------- MODIFIED FILES -------------------------------------------------------------------- ----------------------------------------------------------------- <path and file name> ----------------------------------------------------------------- ------------------ ---Removed keys--- ------------------ <keys> -------------- ---New keys--- -------------- <keys> ------------------- ---Modified keys--- ------------------- KEY: <affected key> OLD: <former key & value> NEW: <new key & value>In case of a modification, the affected key, its old value and its new value is shown.
Password Reset for administrative access After Cryptshare has been updated to v4.3.0, only users with administrative privileges will be able to login into the administration interface. During the post update procedure, all passwords for users with administrative access will be reset. This means:
- After the post update has been initiated, only the administrator who initiated the update will be able to login afterwards.
- Other administrators cannot login until the initiating administrator has triggered a password-reset for these users.
Three users with administrative setup exist:
- 'administrator': The default Cryptshare administrator account.
- 'johndoe': A user of type 'user' is only allowed to see the status-section.
- 'janedoe': A user of type 'administrator' who has full administrative access.
In this example, 'administrator' is the one who runs the post update.
Before the post update:
- 'administrator' and 'janedoe' may login.
- 'johndoe' is not allowed to login at all due to missing access permissions.
After the post update:
- 'administrator' is able to login.
- 'janedoe' and 'johndoe' cannot login. An error message will be shown.
To do for 'administrator': The user 'administrator' needs to navigate to the section 'User Administration' and initiate a password reset for 'janedoe' and 'johndoe'.

Changed Cipher Suites
<Set name="includeCipherSuites"> <Array type="java.lang.String"> <Item>TLS\_ECDHE.\*</Item> </Array> </Set> <Set name="excludeCipherSuites"> <Array type="java.lang.String"> <Item>.\*NULL.\*</Item> <Item>.\*RC4.\*</Item> <Item>.\*MD5.\*</Item> <Item>.\*DES.\*</Item> <Item>.\*DSS.\*</Item> <Item>TLS\_RSA.\*</Item> <Item>TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA</Item> <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA</Item> <Item>TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA</Item> <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA</Item> </Array> </Set>If you have adjusted your cipher suite configuration, please apply these changes after the update again. The update will not migrate changed settings.
Distribution Upgrade: openSUSE 42.3 to 15.0
Cryptshare Version 4.3.0 enables another upgrade of the underlying operating system. After the update to version 4.3.0 is finished, the Cryptshare Administration Interface will offer the possibility to initiate the upgrade process.
Changes in this version
Features
- Introduced the possibility to work with multiple users in the same browser while keeping existing verifications for each user.
- Introduced upgrade capabilities from openSUSE 42.3 to openSUSE 15.0.
- Introduced the possibility for administrators to reset a password for another administrator.
- Improved the process for administrators to change their own password.
- Resolved an issue where the download summary was not sent to the sender after a transfer expired.
- The summary page in the user interface now also shows sender information.
- The Java Runtime Environment has been updated to v11.0.3.
- The Jetty libraries have been updated to v9.4.17.
- Minor design improvements in the user interface.
Bugfixes
- Resolved a security issue in the content viewer when viewing RTF content.