Fixed a slow memory leak in database lookups of private IPs.Improve completeness of deny logs exported to S3.Support unrestricted file uploads within an application.Improved decoupling of monitoring components.API Support - including OpenAPI specification import.Generalized interface for managing client connection trust.Fix issue where caching of XML parse results can lead to subsequent similar XML payloads not being validated correctly.Set correct violation for requests with an unspecified protocol.Improvements to error message to read-only users attempting disallowed actions.Set correct permissions on some log files.Support ACL path regexes with curly brackets.Resolve an issue in UTF-8 detection in the WAF engine introduced in version 5.1.0.0 which could lead to a 500 Internal Server Error.Redact sensitive values in the config object sent to the backend.Several improvements to CAPTCHA capability.Update Web Session Anomaly Detection sensitivity definitions.Emit a "wsm-cert-monitor" log when certificates approach expiration dates.Update dependencies not already part of automatic updates.Send additional audit log to Fortra log backend.Support managing RFC1918 addresses as a separate Source Class in L7 Source IP and Geolocation based controls.Ensure strictest source IP controls combination is selected when multiple Source Control Groups apply in L7 Source IP and Geolocation based controls.Ensure XXE parsing state is properly preserved in all cases to prevent spurious violations.Normalize filenames in multipart file upload HTTP requests to prevent spurious decoding violations.URL decode software packaged filenames properly when looking for updates in S3 repos. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |