Changelog 4.2.5

Summary

This release includes 18 changes across 6 modules. The update focuses primarily on bug fixes (14), alongside 2 product updates, 1 new feature, and 1 translation fix. PAM Core received the highest number of changes, with 7 items across all types.

Release date: 2026-05-13
Patch: segura | v4.2.5-1

API

Bug fixes

Item	Description
SSGR-8466	Fixed an issue in A2A that prevented the correct display of the credential ID in the application authorization view.
SSGR-10389	Fixed an issue where the `/api/pam/credential` endpoint did not return personal credentials in search results, even when the query was performed by the same API user that created them.

DevOps Secret Manager

Bug fixes

Item	Description
SSGR-5843	Fixed an issue where the API failed to return the `environment` parameter when it contained special characters.
SSGR-10323	Fixed an issue where the error 500 was displayed when accessing the Secrets Management dashboard.

Executions

Bug fixes

Item	Description
SSGR-10242	Fixed an intermittent issue in PostgreSQL credential password changes that caused random failures during the initial connection to the database. The password rotation process now completes correctly even in scenarios involving transient connection failures.
SSGR-10573	Fixed an issue where a cURL template used to rotate passwords across two Segura® Platform clusters was not executed correctly, preventing both cluster passwords from being rotated.

Framework

Product Updates

Item	Description
SSGR-8502	Improved the flexibility in controlling MFA policies, so that administrators can manage the Authenticator Apps (TOTP) method as a configurable provider on the Settings > MFA > Providers screen. Administrators can now enable or disable the method to centralize policy enforcement, with protection mechanisms that prevent system lockup. See the documentation: - How to manage a multi-factor authentication (MFA) provider. - How to register authenticator applications for multi-factor authentication. - MFA providers.

Item

Description

SSGR-8502

Improved the flexibility in controlling MFA policies, so that administrators can manage the Authenticator Apps (TOTP) method as a configurable provider on the Settings > MFA > Providers screen. Administrators can now enable or disable the method to centralize policy enforcement, with protection mechanisms that prevent system lockup. See the documentation:
- How to manage a multi-factor authentication (MFA) provider.
- How to register authenticator applications for multi-factor authentication.
- MFA providers.

Bug fixes

Item	Description
SSGR-9911	Fixed an issue in the web interface authentication flow where configuring an invalid value in the minutes to expire session field under Settings > Security policies and network > Authentication security > User accounts maintenance caused login failures with an HTTP 500 response.
SSGR-10563	Fixed an issue where the Segura® Platform task executor would stop processing asynchronous tasks, leaving them pending and requiring manual restart of the service to resume the operation.

PAM Core

New Feature

Item	Description
SSGR-9857	Added a new Certificate section under the Connectivities tab on the Add/Edit Device screen, allowing administrators to upload a certificate and private key to enable TLS/SSL authentication for DB Proxy connections to PostgreSQL databases.

Product Updates

Item	Description
SSGR-9891	Added support for simultaneous JIT access for the same credential. With this enhancement, multiple users can use the same base credential in parallel, each receiving their own independent ephemeral account, with session isolation, individual auditing, and a separate expiration time per user. See the documentation: How to provision JIT local Windows accounts with Kerberos via Ansible.

Bug fixes

Item	Description
SSGR-10049	Fixed an issue in the PAM Core > Dashboards > Threat radar screen where clicking on an open session would not correctly display the livestream, showing squares in the upper-left corner.
SSGR-10211	Fixed an issue where access policies reprocessing was not executed correctly after the first run.
SSGR-10276	Fixed an issue in VNC sessions that affected rendering and interaction with the remote device.
SSGR-10562	Fixed an issue where, for invalid credentials, rotation requests generated two executions with the same ID (one marked as successful and the other as an error), resulting in a false positive success in logs.

Translation

Item	Description
SSGR-8260	Corrected the translation for the import log message on the PAM Core > Devices > Batch import > Batch import details screen when importing a spreadsheet with an empty field. Now, the message is displayed according to the language selected by the user.

Proxy

Bug fixes

Item	Description
SSGR-10382	Fixed a compatibility issue in the Proxy on SaaS Multitenant environments that prevented SSH connections to devices requiring legacy key exchange algorithms, ensuring that connections are established correctly through Web Proxy and Terminal Proxy.
SSGR-10430	Fixed an issue where sessions could take longer than expected to start.