Release Notes
| Version | 5.2.1 |
|---|---|
| Release date | 31Aug 2023 |
| Scope | Focused on My OPSWAT integration (basic level), product enhancement and other product bug fixes. |
Making sure to check out the Release Notes and documentation:
New Features, Improvements and Enhancements
| Details | |
|---|---|
| Integration with My OPSWAT portal | Get ready for My OPSWAT integration where MetaDefender ICAP Server can connect and be managed in My OPSWAT product inventory. Stay tuned for My OPSWAT further updates (end of September) to get hold of this integration on My OPSWAT. |
| Host-name based search for the processing history page | Allow users filtering the processing history by host name. Learn more at Enable/disable hidden column |
| Health check API based on MetaDefender Core workflow | Support new configurable health check rule based on MetaDefender Core workflow, see details at Health Check API Configuration |
| Other functionality updates |
|
| Oher UI updates | Some minor cosmetic UI updates for the processing history page. |
Bug Fixes
| Details | |
|---|---|
| PostgreSQL data missed in the support package on Windows | PostgreSQL data did not export correctly on Windows when generating the support package. |
| SYSTEM user directory was mistakenly removed | Unable connect to Central Management v7 due to SYSTEM user directory was removed. |
Known Limitations
| Details | |
|---|---|
| Stability issues on Red Hat / CentOS with its kernel version 372 | MetaDefender ICAP Server 5.1.0 or newer might not be able to work properly with Red Hat /Cent OS with its kernel 372. The vendor Red Hat has already fixed issues with latest kernel version 425 |
| MetaDefender ICAP Server's NGINX web server will not start if using weak cipher suites for HTTPS | On MetaDefender ICAP Server 5.1.0 or newer, OpenSSL 1.x is replaced by OpenSSL 3.x within the product and other dependencies (NGINX) as a security improvement, and prevent known vulnerabilities found on OpenSSL 1.x NGINX's OpenSSL 3.x on MetaDefender ICAP Server has the enforcement in place to reject all weak cipher suites. It only accepts "HIGH" encryption cipher suites https://www.openssl.org/docs/man1.1.1/man1/ciphers.html (MD5 and SHA1 hashing based will not be accepted as well). As a result, if you already configured MetaDefender ICAP Server for HTTPS connection, but using a weak SSL cipher with your certificate, then MetaDefender ICAP Server will not be able to start due to NGINX's OpenSSL 3.x enforcement. |
| no_proxy configuration | From MD ICAP Server 5.1.0, no_proxy setting must support CIDR for IP address, refer to No Proxy configuration |
| Connect with MD Core with TLS on Debian OS | MetaDefender ICAP Server v5.1.0 on Debian OS must execute 2 bellows command to connect with MetaDefender Core via TLS enable. sudo mkdir -p /etc/pki/tls/certs/ sudo ln -s /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt This issue has already fixed since MetaDefender ICAP Server v5.1.1 |
| TLS 1.3 does not support on Windows Server 2012 | Tls 1.3 will not work on Windows Server 2012 due to limitation of Schannel https://learn.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp- |
