Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: Symantec Encryption Management Server 3.4.2 MP2

Symantec heeft in het verleden twee verschillende bedrijven overgenomen die encryptiesoftware ontwikkelden, namelijk GuardianEdge en PGP. De software van deze twee acquisities werden lange tijd als twee verschillende encryptie productlijnen door Symantec uitgebracht, de GuardianEdge-lijn werd hernoemd naar Endpoint Encryption, en de PGP-lijn werd hernoemd naar Encryption Desktop samen met Encryption Management Server. Voor een buitenstaander is het verwarrend dat één bedrijf twee verschillende encryptie producten uitbracht die met elkaar concurreerden en die niet met elkaar konden samenwerken. Daar is met de uitgave van Endpoint Encryption 11 in 2014 grotendeels een einde aan gekomen. Aangezien er geen makkelijke weg beschikbaar is om te upgraden van SED en SEMS naar SEE worden er nog maintenance packs uitgebracht voor de oude PGP-lijn. De ontwikkelaars hebben Symantec Encryption Management Server 3.4.2 MP2 uitgebracht voorzien van de volgende veranderingen:

What’s changed in this release
  • TLS 1.0 is disabled by default; TLS 1.2 is the default protocol for client-to-server communication
  • Added CAPTCHA on the Symantec Encryption Web Email Protection logon page
Resolved issues
  • Symantec Encryption Management Server
    • A group that is created with a name that includes accented characters is now displayed correctly. [4175104]
    • Symantec Encryption Management Server is updated to use Content-Security-Policy and Strict-Transport-Security in the response header. [4202453]
    • When Symantec Encryption Management Server does not load properly, the HTTP Status 500 error message is now displayed without any other details.[4212611]
    • The pgpsysconf --helptext for the --restartall command is updated to exclude httpd. The httpd service does not restart when the --restartall command is run.[4189866]
    • When Symantec Encryption Management Server is unable to connect to an LDAP server, the warning message that is generated in the log files now includes the LDAP servername.[4166991]
    • Symantec Encryption Management Server is now updated to prevent any redirection to other web pages when administrators open the Online Help. [4193506]
    • Updated Symantec Encryption Management Server to prevent vulnerability scanners from providing false alerts on use of weak ciphers on the SSH port. [4001689]
    • Updated Symantec Encryption Management Server to set X-Content-Type-Options to nosniff to protect against MIME sniffing. [4119764]
    • Symantec Encryption Management Server no longer supports weak ciphers for communication.[4201920]
    • Updated Symantec Encryption Management Server to fully use the Cache-Control header.[4184785]
    • In response to the security vulnerabilities, CVE-2018-11784, CVE-2018-8034, CVE-2018-8014, CVE-2018-1336, CVE-2018-1305, and CVE-2018-1304, updated the Apache Tomcat package.[4209895][4209896][4201353]
    • In response to the security vulnerabilities, CVE-2018-7489 and CVE-2018-18066, updated the Jackson Databind package.[4216834]
    • The security vulnerability, CVE-2018-16509, does not affect Symantec Encryption Management Server. However, updated the ghost script package for greater security.[4221098]
    • In response to the security vulnerabilities, CVE-2018-14721 and CVE-2018-1000873, updated the Faster XML Jackson Databind package.[4221856]
    • The Red Hat security vulnerabilities, CVE-2018-10901, CVE-2018-3620, CVE-2018-3646, CVE-2018-3693, CVE-2018-7566, CVE-2017-15265, and CVE-2018-1000004, does not affect Symantec Encryption Management Server. However, updated the Kernel package for enhanced security. [4204121]
    • In response to the security vulnerability, CVE-2018-11212, updated the JDK packages.[4221927]
    • The security vulnerability, CVE-2018-12327, does not affect Symantec Encryption Management Server. However, updated the NTP packages for greater security. [4221096]
    • The security vulnerabilities, CVE-2019-2422, CVE-2019-2426, CVE-2019-2449, CVE-2019-2540, CVE-2018-14048, CVE-2018-13785, CVE-2018-3183, CVE-2018-3180, CVE-2018-3214, and CVE-2018-3149, do not affect Symantec Encryption Management Server. However, updated the JDK packages for greater security. [4210605][4221927]
    • The security vulnerability, CVE-2018-5740, does not affect Symantec Encryption Management Server. However, updated the BIND packages for greater security.[4204124]
    • When dictionary items containing non-breaking spaces are imported into a dictionary, the non-breaking spaces are now removed automatically. [4211213]
  • Keys and certificates
    • Administrators can now successfully create a self-signed external user root certificate using Symantec Encryption Management Server. [4182293]
    • Symantec Encryption Management Server is updated to use SHA-256(SecureHashAlgorithm) by default for signing PGP keys. [4102374]
    • Symantec Encryption Management Server is updated so that PGP CommandLine users can now successfully edit an existing Managed Encryption Key (MEK) series. Also, users can update the --validity-duration and --end-of-life values successfully.[4169781]
    • Symantec Encryption Management Server now sends the entire SSL certificate chain over the SMTP port. [4113406]
    • Administrators can now successfully export the following certificates from Symantec Encryption Management Server:[4204877][4214663]
      • Private organization certificate
      • Private certificate of an internal user
      • Private SSL certificates
  • PGP Messaging
    • Symantec Encryption Management Server successfully verifies signature for clear-signed email messages with trailing tabs in the content that are sent using version 3.4.2 or earlier.[4191877]
    • Active Directory internal users with a User Principal Name (UPN) of over 64 characters can now successfully send email messages using Symantec Encryption Management Server. [4156308]
    • Reference to the PGP website is now removed from the page that appears when external users click a link in SmartTrailer messages.[4202584]
Versienummer 3.4.2 MP2
Releasestatus Final
Besturingssystemen Linux
Website Symantec
Download https://fileconnect.symantec.com/
Licentietype Betaald

Reacties


Er zijn nog geen reacties geplaatst


Om te kunnen reageren moet je ingelogd zijn


Apple iPhone XS Red Dead Redemption 2 LG W7 Google Pixel 3 XL OnePlus 6T (6GB ram) FIFA 19 Samsung Galaxy S10 Google Pixel 3

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank, Intermediair en Independer de Persgroep Online Services B.V.
Alle rechten voorbehouden © 1998 - 2019 Hosting door True