Changelog v3.27
  • 10 minutes to read
  • Dark
    Light
  • PDF

Changelog v3.27

  • Dark
    Light
  • PDF

Release date: Monday, January 30, 2023

Check below the new features, improvements, and errors fixed in this version of senhasegura.


Release highlights

One Identity Manager integration

The integration of senhasegura with the IGA One Identity Manager solution aims to centralize access control and release within our platform. Based on the concept of Identity Governance and Administration (IGA), it unifies privileged information, mitigating the risks related to the authorization of users to enter different environments.

Therefore, such incorporation allows for greater control of the expansion of identity and, consequently, the strengthening of the cybersecurity posture.


HSM Entrust nShield integration

Hardware Security Modules (HSMs) are used for generating and storing keys for encrypting sensitive and privileged data. The integration of the senhasegura vault with Entrust's nShield HSM, the leading global supplier of this product, aims to offer even more security to users and their information, following regulatory cybersecurity standards and improving business standards.


AWS Certificate Manager integration

The integration of senhasegura Certificate Manager with AWS Certificate Manager (ACM) brings with it the solution for signing, provisioning, managing and deploying public SSL/TLS certificates, also known as electronic identities. Focused on security and traffic protection, this incorporation aims to make keys compatible and automate such processes, guaranteeing the legitimacy of the lifecycle of public certificates.


Changelog per module

PAM Core

Web Application Sessions

Due to a security issue scenario, web application sessions (VNCHTTP) with SSL certificate errors currently require an automation macro to navigate through the invalid certificate and authenticate normally.
Please follow the troubleshooting guide - Link.

A new solution will be implemented in future versions.

Bugfix

Item Description
Bugfix
5058
Fixed scenario when access group approval has two approvers confirmation at the same time, would only recognize one, not both.
Bugfix
4489
Fixed bug in tygervnc type TCP connections that were activating even after the firefox container was terminated.
Bugfix
623
Fixed conflicting information in the Desktop Dashboard.
Bugfix
4927
Fixed an error in the device that was not being listed when registering a credential with a user related to a particular tenant.
Bugfix
4926
Fixed bug that was not allowing permission "PAM.PrivilegedAccounts.Credentials.View" access to credential details PAM Core ➔ Credentials ➔ All ➔ Detail.
Bugfix
4698
Fixed bug that was not finding the credential by IP or hostname.
Bugfix
4565
Fixed bug that was allowing a device without connectivity to see the option to start a session.
Bugfix
4530
Added message to inform that the user inside two access groups uses the settings from the most restrictive group.
Bugfix
4777
Fixe in reports to improve the visualization of grouping information in CSV.
Bugfix
4411
Added Russian strings to the vault.
Bugfix
3810
Fixed a language bug when generating a General Use dashboard report.
Bugfix
4940
Fixed display so that when the device lacks registered connectivity, the login action will not show on the home screen.
Bugfix
5140
Improvement in the content of the session video approval notification.
Bugfix
5013
Adjustment in the RDP and SSH download shortcuts.

Improvement

Item Description
Improvement
4524
Added: selecting multiple credentials to enable, disable or edit in bulk.
Improvement
3797
Added more information to the Audit tracking and Syslog reports about access groups.
Improvement
5015
Change French language from Beta to official language.
Improvement
4924
Changed where PAM.Devices.View does not give access to "Review and Certification" PAM Core ➔ Settings ➔ Access ➔ Review and certification anymore, and "PAM.Settings.List" give access to "Review and Certification".
Improvement
4742
Change to improve the user experience when making a session request to wait for approval with the screen open.
Improvement
4713
Change in item "View unusual credential" so that a string "View unusual credential" can be applied.
Improvement
4627
Fixed string translated in the vulnerability analysis section.
Improvement
4529
Added message to confirm if the user wants to create a credential without a password.
Improvement
4509
Added: the status 'In Progress' only for the domain credentials being used in domain devices.
Improvement
3893
Changed Syslog messages to distinguish logs between emergency access or default approval.
Improvement
4208
Added the rule for access groups to require approval based on the days of the week.
Improvement
4201
Improved the naming standards in Desktop application and Macros for a better definition of each entity.
Improvement
5106
Adjustment in the alphabetical ordering of the group list presentation when registering AD Group synchronization.
Improvement
4894
Update the behavior of the "Enable password change after session open?" function.
Improvement
5107
Usability improvements in the SSH key details screen.
Improvement
4573
Added the [host_ip] tag to the Web session parameters.
Improvement
4948
Added the option to change the password via LDAP/LDAPS for FreeIPA users.
Improvement
4813
Added a proxy for transparent OAuth 2.0 support over IMAP/POP/SMTP protocols.

New Feature

Item Description
New feature
4937
Added Built-in roles in PAM Operator for Multitenant.
New feature
4540
Added: selecting multiple devices to enable, disable or edit in bulk.
New feature
4531
Added: integration with Entrust HSM nShield.
New feature
3547
Added integration with ITSM GLPI for ticket validation during Approval Workflow.
New feature
5000
Added Polish keyboard with the ability to change the language of sessions.

Security

Item Description
Security
4795
Fixed a bug in Multitenant where the access group "Full Access" allowed access to information for users of other tenants.

Discontinued

Item Description
Discontinued
4797
Discontinued the magnifying glass icon when viewing a session recording.

Discovery

Bugfix

Item Description
Bugfix
4741
Fixed an automatic device import bug in the Discovery module.
Bugfix
4799
Fixed error that returned with a double domain when performing a Domain Discovery.
Bugfix
4700
Fixed the form that prevented the cadastral update of a Container Scan.
Bugfix
4248
Fixed a string heading in the Discovery module.
Bugfix
4798
Fixed bug that associated disabled glossaries with new Discovery.
Bugfix
4792
Fixed the error generated when the configuration of a Discovery device was edited.

Improvement

Item Description
Improvement
4897
Added an action to reset Scan authentication cache.
Improvement
4896
Fixed translation texts when editing a glossary.
Improvement
4696
Added: scan deactivation for the corresponding Discovery.
Improvement
4477
Removed: the string 'imported' that was repeated as a filter.
Improvement
4326
Fixed string translation in Discovey module.

New Feature

Item Description
New feature
4889
Added orbit command to perform Discovery base cleanup procedure.
New feature
4805
Added complete support for Solaris devices in Discovery.

Certificate Manager

Bugfix

Item Description
Bugfix
4933
Fixed error when signing certificates in the Site Blindado.
Bugfix
4254
Fixed error in Certificate Manager when downloading a key imported via Discovery, where the user received a file with the ID instead of the file name in the warehouse.
Bugfix
4536
Fixed: bug hiding the collum grid titles when editing a certificate.
Bugfix
3967
Fixed a bug that downloaded certificates only in the .crt extension.
Bugfix
4780
Fixed the bug that considered unconventional e-mail domains invalid.

Improvement

Item Description
Improvement
4005
Added option to generate an instant password for the user to save a request.

New Feature

Item Description
New feature
4609
Added Integration AWS/ACM for Public Certificates.
New feature
4810
Added the ability to download the complete .pfx certificate chain.

Orbit

Bugfix

Item Description
Bugfix
3573
Fixed a bug that duplicated backup files.
Bugfix
4247
Fixed a blocklist bug where the FORWARD chain is no longer blocked after being unlocked.
Bugfix
4463
Added Portuguese translation for many words within the Orbit module.
Bugfix
3854
Fixed strings translation bug in the German language.

Improvement

Item Description
Improvement
3820
Added the possibility to register more than one monitoring server via the screen.
Improvement
4775
Improved the call to the URL "/flow/orbit/mntr/activate" and the recovery button that normalizes elasticsearch performing stop and start for incident scenarios where the user must assume the autonomous secondary instance.
Improvement
4568
Added possibility of string registration without informing the HTTPS protocol in the URL.
Improvement
4564
Added alert to inform administrator that CRON service is not running.
Improvement
4548
Changed text displayed on the System Updates page.
Improvement
4708
Added orbit command "orbit default-interface" for resetting network interfaces.
Improvement
4105
Added a 30 minute timeout to prevent an email sending bug.
Improvement
4632
Changed new design for the applicantion modules.
Improvement
4716
Changed the list of modules displayed on the permissions listing screen.
Improvement
3855
Added strings in the translation for the German language.

New Feature

Item Description
New feature
4222
Comando Orbit criado que permite desbloquear IPs ICMP.
New feature
4749
Adicionado ao Orbit Web Interface, uma opção para liberar o acesso ao Balancer VIP.
New feature
2735
Added AD/LDAP integration tab to add users in Domum module when registering synchronization groups.
New feature
3232
Added the audit tracking process to configuration changes in the ITSM integration.
New feature
5135
Added API Endpoits to manage related users.

Discontinued

Item Description
Discontinued
4615
Discontinued the options "Event log" and "Access denied" located inside the Access to the system item.

GO Endpoint Manager

Improvement

Item Description
Improvement
4019
Changed senhasegura Go dashboard to report only active and authorized users.
Improvement
4913
Translation fix in Go Enpoint Manager.
Improvement
4912
Fixed the string with the wrong message in the Go Endpoint Manager module.

GO Endpoint Manager Windows

Improvement

Item Description
Improvement
4923
Windows User is now registry during agent instalation.
Improvement
4446
Added independet approval workflow to GO Endpoint Manager.
Improvement
4335
Added: application version column inside the applications list.
Improvement
4900
Added the option to change PEDM Windows agent language in the agent interface.

New Feature

Item Description
New feature
4784
Added impersonation elevation in senhasegura.go for Windows.

GO Endpoint Manager Linux

Improvement

Item Description
Improvement
4745
Improved user experience in PEDM Linux client installation process.

Domum Remote Access

Bugfix

Item Description
Bugfix
4748
Added a validation when creating a user that checks if the entered username does not already exist in Domum.
Bugfix
5017
Fixed scenario when prevented access using a macro (RemoteApp) through Domum.

Authentication

Improvement

Item Description
Improvement
4890
Improved user experience by changing the "Token" name to "Configure MFA".

New Feature

Item Description
New feature
4910
Added AuthID icon when using as SSO option.
New feature
4782
Added AuthID to OpenID provider list.
New feature
3302
Added new integration through SCIM with the One Identity Manager.

A2A

Bugfix

Item Description
Bugfix
4773
Fixed the names of the PAM Core and Certificate Manager products.
Bugfix
5013
Fixed the Get and Post paramaters in the A2A.

New Feature

Item Description
New feature
4772
Added option to export report logs with Elasticsearch data.
New feature
4895
New API method for credential serach added to PAM.

DevOps Secret Manager

Bugfix

Item Description
Bugfix
4381
Fixed bug that was changing info about Oauth 1.0 authorization tokens.

Improvement

Item Description
Improvement
4414
Added read only/read&write options for authorizations.
Improvement
4781
Added auto-renewal fields in Secret APIs.

Security

Item Description
Secuirty
4929
Improvement in control credential permission when accessed through API. Added an extra verification step for the API situations.
Secuirty
4930
Password from credentials in Secrets can now only be viewed in PAM Core.
Secuirty
4931
Changed APIs and Secret endpoint permission for security improvement.
Secuirty
4932
Fixed an error when new users without access group could have access to DSM applications.

Executions

Bugfix

Item Description
Bugfix
4242
Fixed a string translation bug when changing password through Windows RM.

Improvement

Item Description
Improvement
4251
Added template category in credential change report.
Improvement
4060
Improved ssh key exchange to work in SH type shell.
Improvement
3869
Added the "Requester" field to filter the list of operations in the Executions module.

Discontinued

Item Description
Discontinued
4638
Removed SMB executor plugin.

Task Manager

Bugfix

Item Description
Bugfix
4664
Fixed: bug inside the 3.24 version that was authenticating a task with the wrong credential in the Task Manager module.

MySafe

Bugfix

Item Description
Bugfix
5082
Fixed error where approval workflow is activated when editing Access Group in MySafe, going through all steps, and saving without any change.

Improvement

Item Description
Improvement
4754
Added license consumption reports in Dashboards ➔ System Consumption ➔ General MySafe. Licensing

Protected Information

Bugfix

Item Description
Bugfix
4901
Fixed error in sending protected information emails to users registered in the special notification list. Protected Info [Deprecated]

Network Connector

No changes to Network Connector.


Translation

Bugfix

Item Description
Bugfix
5033
Fixed translation strings not translated in Settings section.
Warning

Here you will find the changes to the entire senhasegura platform. Targeting by Part Number is not considered in this document. Consult your sales representative to purchase other features.


Other versions

You can see the older documentation versions here.


Was this article helpful?