CSSCurrent en:Version 7.0.0: Unterschied zwischen den Versionen

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche
K (removing duplicate heading)
Keine Bearbeitungszusammenfassung
 
(40 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:


Release Date: 13.02.2024
Release Date: 21.05.2024
=Important Update Notes=
=Important Update Notes=
==Language Packages==
==Language Packages==
{{NoteBox|title=|content=Due to structural changes in the language packages, all supported server language packages will be updated automatically, customized language packages will be removed during the update process (a backup is done before). If more language packages are needed, it is required to download and install them again.
{{NoteBox|title=|content=Due to structural changes in the language packages, all supported server language packages will be updated automatically, customized language packages will be removed during the update process (a backup is done before). If more language packages are needed, it is required to download and install them again.
}}In case your language packages have been modified, the attached delta-file [[:Datei:Delta english lp 6.1.0 to 6.2.0.txt|delta_english_lp_6.1.0_to_6.2.0.txt]] can help you to locate the changes in this update and re-apply the modifications. The structure of this file is explained in [[{{NAMESPACE}}:Language Pack Changes|Language Pack Changes.]]
}}In case your language packages have been modified, the attached delta-file [[:Datei:Delta english lp 6.2.0 to 7.0.0.txt]] can help you to locate the changes in this update and re-apply the modifications. The structure of this file is explained in [[{{NAMESPACE}}:Language Pack Changes|Language Pack Changes.]]
 
== Cryptshare Update Process Enhancements ==
== Changes in Cryptshare Update process ==
We have updated the Cryptshare update process to improve clarity and functionality.
 
* '''Flexible Update Paths:''' Direct updates to the most current version are possible, regardless of the currently installed version. Conditional Manual Updates: For versions that require manual intervention, the update process halts, ensuring all necessary configurations are properly handled.
* '''Rollback on Failure:''' Automated rollbacks preserve system integrity if an update fails at any step.
* '''Smart Update Checks:''' The system displays the most advanced version that can be installed unattended.
 
 
'''Enhanced Automatic Update Features'''
 
* '''Update Warnings for Manual Steps:''' Alerts users when the latest version cannot be updated automatically due to required manual steps.
* '''Alternative Version Notification:''' If a lower version is available for automatic update, this will be mentioned in the warning.
* '''Optimized Unattended Installation:''' The system automatically selects the highest version available for unattended updates.
* '''Admin Notifications:''' Emails notify administrators of available updates, differentiating between manual and automatic options.
 
 
'''Advanced Post-Update Automation'''
 
* '''Non-Interactive Post-Update Steps:''' If no administrator action is required, post-update steps run automatically and non-interactively.
* '''Automatic Return to Operation:''' After an update, the Cryptshare Server automatically returns to a usable state.
* '''Critical Failure Handling:''' In case of critical failures during post-update steps, an automatic rollback to the previous state is triggered.
* '''Non-Critical Failure Notifications:''' Non-critical failures are displayed on the "Status" page, visible only to users with "Administrator" or "Config Admin" roles. These messages remain until confirmed by one of these users.
* '''Update Success Notification:''' After a successful update, a success message and a link to the release notes are displayed on the "Status" page.
* '''Backup Restoration Option:''' Information about the possibility to restore the pre-update backup is mentioned post-update.
 
 
 
== '''Enhanced Transfer Policy Configuration through csv''' ==
Administrators can now fully configure transfer policies by importing a CSV file. With this update, every configuration input available through the admin web application's wizard can also be set via CSV import. This enhancement provides a comprehensive and efficient method for managing transfer policy settings, ensuring greater flexibility and control.
 
== '''Improved Password Generation Validation''' ==
We have resolved an issue where generated passwords could inadvertently trigger dictionary word filters, leading to their rejection. To address this, we have implemented a dictionary check for all generated passwords. This ensures that passwords containing common words are identified as invalid before they are used. As a result, transfers cannot proceed with an invalid password, enhancing security and compliance.
 
== '''Legacy Archiving Update''' ==
Legacy archiving functionality, which has been prone to issues and is no longer maintained, has undergone significant changes:
 
* '''Feature Flag Introduction''': A new feature flag has been introduced in the properties settings to control the enabling of legacy archiving. (Please contact our support if you need the feature flag to enable Legacy archiving).
* '''Admin Interface Visibility''': Legacy archiving options are now only displayed in the Admin Interface if the feature is actively enabled.
* '''Default Setting''': The feature flag for legacy archiving is disabled by default, reflecting our move towards file based archiving solutions.
* '''Post-Update Notification''': If legacy archiving is configured, information will be displayed on the Post-Update screen. This includes a link to documentation for Local File Archiving, guiding administrators on transitioning to newer, supported archiving methods.
 
 
5. Additional chages
 
<nowiki>----</nowiki>
 
ipv6 and ipv4 can set CSS-13131
 
JRE update for permissions -CSS-13970
 
Fixed CSS-14229
 
Fixed update check issue -CSS-14307
 
Rest api changes to include - CSS-14340
 
Long file names are within box- CSS-14342


Xss- vulnerability fixes CSS-14371/CSS-14530
With this update, it is possible for the updates to be installed unattendedly, streamlining the upgrade process to the latest available version through multiple intermediate releases. The update process is automatic, eliminating the need for manual interaction unless specific configurations require administrative attention.


JRE/Spring library updates - CSS-14447 / CSS-14445
The system now intelligently determines the most suitable update path, considering whether updates can proceed automatically or require manual intervention, and whether they are attended or unattended.


Broken custom links fix - CSS-14526
The update process is documented [[{{NAMESPACE}}:Updates|in this article.]]


== Enhanced Transfer Policy Configuration through CSV ==
Administrators can now fully configure transfer policies by importing a CSV file. This update ensures that all settings available through the administration interface policy wizard are now configurable via CSV import. The CSV export now also contains all parameters that can be configured in the policy wizard. This enhancement simplifies e.g. the process of transferring fully configured policies from a test server to a production server.


== Improved Validation of Generated Passwords ==
An issue has been resolved that caused (in rare cases) generated passwords to be rejected because they did not match the configured password policies. As part of the solution, the password policy is now checked on saving, to ensure that it allows a sufficient number of secure random passwords.


The password policy is also checked during the update process and may need to be adjusted.


==Accessibility (WCAG 2.1 Conformance Level AA) of the Web App improved==
== Discontinuation of "Legacy Archiving" connector ==
With this release, the outdated "Legacy Archiving" connector has been disabled by default to align with our transition towards the more modern and powerful "Local File System" archiving connector.


* The Cryptshare Web App now fulfils the WCAG 2.1 (Web Content Accessibility Guidelines) in conformance level AA by default.
Before performing an update, you can check the menu "Transfer Processing" -> "Archiving" if there is a Legacy Archiving connector configured. More information about the archiving feature can be found [[{{NAMESPACE}}:Activating_the_Archiving_Feature|in this article]]. If legacy archiving is currently configured, please refer to the [[{{NAMESPACE}}:Migration of legacy archiving connector|migration guide from the Legacy Archiving to the Local File System archiving]]. In case, a Legacy Archiving connector is detected during the Post Update, a reminder hint message of the continuation will be presented in the Post Update screen.
* The contrast of the standard colours of a new installation has been improved.
* Long texts such as file names are now displayed in full.


== Network Patterns for Policy Rules ==
Policy configurations now support simultaneous IPv4 and IPv6 address inputs, applicable to both direct settings and CSV imports.  Previous issues with IPv6 compatibility have been resolved, ensuring all valid IPv6 addresses are now accepted. Additionally, an issue in the policy wizard regarding network matchers was resolved.


Please note that custom changes to the advanced CSS or the choice of low-contrast colours (e.g. white text on a light blue button) can have a negative impact on accessibility.
= Additional Changes =
* Resolved an issue where downloaded log files might have been cached by the browser.
* Resolved an issue that prevented sending of notifications during update check task.


==Changes of CSS Selectors==
* Resolved an error that occurred during appliance settings adjustments.
In this version, some HTML structures have been revised due to the changes for accessibility. This can lead to incompatibilities in the case of individually implemented adjustments using the "advanced CSS" functionality. Before updating, please check in the menu item [[{{NAMESPACE}}:Web Application Designer|Customization-> Web Application Designer -> Advanced]] whether advanced CSS has been stored and check after the update whether all individually implemented adjustments are still effective.
* Resolved an issue in the REST API where the sender notification flag was not applied correctly.
=Additional Changes=
* Resolved an issue where large file names disrupted UI styling.
*The creation of the automatically generated [[RESTAPI:Open API Documentation Endpoint|Open API documentation of the REST API]] has been adjusted.
* Resolved an XSS issue in notification messages.
*The calculation of values on the statistics page has been accelerated.
* Resolved various issues with the administration of notification email subjects and signatures. They now require unique names, and can be detached from policy rules.
*The time required for the Cryptshare server to shut down has been reduced.
* Resolved an issue where the order of Custom Links was not reflected in the configuration menu. Changes to Custom Links are now reflected directly in the Web App, without starting a new session.
*The Cryptshare product logo has been updated.
* Upgraded Java Runtime Environment (JRE) and Spring libraries.
*The Java runtime environment has been updated to version 17.0.10.
*Several included third-party components have been updated.

Aktuelle Version vom 17. Mai 2024, 06:41 Uhr

Release Date: 21.05.2024

Important Update Notes

Language Packages

Due to structural changes in the language packages, all supported server language packages will be updated automatically, customized language packages will be removed during the update process (a backup is done before). If more language packages are needed, it is required to download and install them again.

In case your language packages have been modified, the attached delta-file Datei:Delta english lp 6.2.0 to 7.0.0.txt can help you to locate the changes in this update and re-apply the modifications. The structure of this file is explained in Language Pack Changes.

Cryptshare Update Process Enhancements

We have updated the Cryptshare update process to improve clarity and functionality.

With this update, it is possible for the updates to be installed unattendedly, streamlining the upgrade process to the latest available version through multiple intermediate releases. The update process is automatic, eliminating the need for manual interaction unless specific configurations require administrative attention.

The system now intelligently determines the most suitable update path, considering whether updates can proceed automatically or require manual intervention, and whether they are attended or unattended.

The update process is documented in this article.

Enhanced Transfer Policy Configuration through CSV

Administrators can now fully configure transfer policies by importing a CSV file. This update ensures that all settings available through the administration interface policy wizard are now configurable via CSV import. The CSV export now also contains all parameters that can be configured in the policy wizard. This enhancement simplifies e.g. the process of transferring fully configured policies from a test server to a production server.

Improved Validation of Generated Passwords

An issue has been resolved that caused (in rare cases) generated passwords to be rejected because they did not match the configured password policies. As part of the solution, the password policy is now checked on saving, to ensure that it allows a sufficient number of secure random passwords.

The password policy is also checked during the update process and may need to be adjusted.

Discontinuation of "Legacy Archiving" connector

With this release, the outdated "Legacy Archiving" connector has been disabled by default to align with our transition towards the more modern and powerful "Local File System" archiving connector.

Before performing an update, you can check the menu "Transfer Processing" -> "Archiving" if there is a Legacy Archiving connector configured. More information about the archiving feature can be found in this article. If legacy archiving is currently configured, please refer to the migration guide from the Legacy Archiving to the Local File System archiving. In case, a Legacy Archiving connector is detected during the Post Update, a reminder hint message of the continuation will be presented in the Post Update screen.

Network Patterns for Policy Rules

Policy configurations now support simultaneous IPv4 and IPv6 address inputs, applicable to both direct settings and CSV imports. Previous issues with IPv6 compatibility have been resolved, ensuring all valid IPv6 addresses are now accepted. Additionally, an issue in the policy wizard regarding network matchers was resolved.

Additional Changes

  • Resolved an issue where downloaded log files might have been cached by the browser.
  • Resolved an issue that prevented sending of notifications during update check task.
  • Resolved an error that occurred during appliance settings adjustments.
  • Resolved an issue in the REST API where the sender notification flag was not applied correctly.
  • Resolved an issue where large file names disrupted UI styling.
  • Resolved an XSS issue in notification messages.
  • Resolved various issues with the administration of notification email subjects and signatures. They now require unique names, and can be detached from policy rules.
  • Resolved an issue where the order of Custom Links was not reflected in the configuration menu. Changes to Custom Links are now reflected directly in the Web App, without starting a new session.
  • Upgraded Java Runtime Environment (JRE) and Spring libraries.