Genian ZTNA 6.0.20 Release Notes (2024-03-04)
Last Updated: 2024-04-01
Security Vulnerability
| Revision | Key | Components | Description | Affects Versions | CVSS Score |
|---|---|---|---|---|---|
| 125406 | GN-27107 | WebUI | Service disabled by executing a Tomcat restart command by an unauthorized administrator | 5.0.41 | 2.7 |
New Features and Improvements
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 125148 | GN-27973 | Center, macOS Agent, Sensor, Windows Agent | OpenSSL 3.0.13, 1.1.1w upgrade - excessive resource usage during X.509 policy constraint checking | 4.0.0, 5.0.0, 6.0.0 |
| 124647 | GN-27699 | WebUI | Improved so that when entering a WEBUI 2-step verification code, it is masked and displayed | |
| 124647 | GN-27694 | WebUI | Improved so that only xxx.xxx.xxx.1 to 254 is possible when setting the WEBUI management connection IP | |
| 124647 | GN-27651 | macOS Agent | Development of a macOS off-line log (audit record) transmission function | |
| 124647 | GN-27645 | Center, Sensor | Improved so that server connection timeout time can be set during FTP/SFTP backup | |
| 124647 | GN-27626 | Center, procmond | Improved the process inspection daemon (procmond) to make the center daemon SOAP API HealthCheck | |
| 124647 | GN-27620 | Center, Sensor | Improved so that a timeout can be set when downloading a file | 5.0.42, 6.0.3 |
| 124647 | GN-27551 | WebUI | New login page button UI improvements | |
| 124647 | GN-27544 | WebUI | Change the error message that is displayed when a timeout occurs on the new login page | |
| 124647 | GN-27537 | VRRPD | Improved to enable HA through VRRP Unicast mode in environments where multicast packet operation is not possible | |
| 124647 | GN-27524 | macOS Agent | Save debugging information to analyze the cause of the macOS agent's abnormal shutdown | |
| 124647 | GN-27518 | WebUI | JIT provisioning function support when linking the management console with SAML authentication | |
| 124647 | GN-27501 | Center, Sensor | Improved function so that nodes are registered as IP when using sensor inline mode | |
| 124647 | GN-27487 | Center, Sensor | Application domain regular expression/httpMethod condition added | |
| 124647 | GN-27450 | Linux Agent | Linux Agent, program removal plug-in development | |
| 124647 | GN-27444 | Center, gnlogin | Improved so that backup files can be restored on the Docker Compose policy server | |
| 124647 | GN-27441 | WebUI | Improved the File Upload API to provide a response to the file if it is a Cert file | |
| 124647 | GN-27372 | WebUI | Improved structure for retrieving the number of applied nodes in the node group list | |
| 124647 | GN-27065 | Center | Add an audit log when verification of the authentication code fails and add by information when the password is modified | |
| 124647 | GN-26946 | WebUI | Add Azure Collector | |
| 124647 | GN-26937 | Linux Agent | Linux Agent adds a feature to separate logs for individual actions | |
| 124647 | GN-26877 | Center | Added the ability to use macros in nodegroup conditions | |
| 124647 | GN-26847 | WebUI | Enhanced description of CWP Settings > Confirm button URL | |
| 124647 | GN-26595 | WebUI | Warning message output including the number of nodes applied when the policy was modified | |
| 124647 | GN-26182 | Linux Agent | Linux Agent, program information, and agent deletion UI developed with ZTNA's new UI design | |
| 124647 | GN-25587 | WebUI | App development to migrate the administrator's dashboard to match the new dashboard when upgrading from 5.0 to 6.0 |
Issues Fixed
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 125366 | GN-27983 | Center | An issue where event packets sent from the 5.0/6.0 policy server are not handled by the 4.0.1 sensor | 5.0.42, 6.0.16 |
| 125348 | GN-27968 | WebUI | An issue where certificate-related uploads cannot be saved or modified in Certificate Management Settings | 6.0.19, 5.0.59 |
| 125291 | GN-27972 | An issue where an SSL certificate is generated with an expiration date of 10 years | 6.0.15, 5.0.55 (LTS) | |
| 125275 | GN-28003 | Windows Agent | A problem where the distribution file verification method is Sigstore Keyless Signing in the file distribution plug-in V2 fails | 5.0.42, 4.0.155, 6.0.15, 5.0.56 |
| 125238 | GN-28009 | WebUI | A problem where input is not possible if the last value is 0 when entering, such as 255.255.255.0 in the subnet mask input UI | 6.0.20 |
| 125166 | GN-27994 | Linux Agent | Linux Agent A problem where the distribution file verification method is Sigstore Keyless Signing in the file distribution plug-in V2 fails | 5.0.50, 5.0.53, 5.0.54, 6.0.15 |
| 125157 | GN-28005 | macOS Agent | A problem in macOS file distribution plug-in V2 that fails when the distribution file verification method is Sigstore Keyless Signing | 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 125043 | GN-27986 | GenianOS | Addressing compatibility issues due to SLSA TUF certificate renewals | 5.0.42, 5.0.50, 6.0.15, 4.0.156 |
| 125040 | GN-27989 | Genian Syncer | An issue where integrity verification fails when syncing GenianData with GenianSinker | 4.0.156, 6.0.16, 5.0.55 (LTS) |
| 124918 | GN-27958 | WebUI | A problem where an error warning occurs in the audit log because the file referenced in the frontend page does not exist | 6.0.20 |
| 124895 | GN-27932 | Center | Improved load issues caused by large Keep Alive debug logs when upgrading or rebooting the center | 6.0.19, 5.0.59 |
| 124880 | GN-27904 | MySQL | A problem where MySQL 8.0 fails to run on SSD-enabled devices | 6.0.18, 5.0.58 |
| 124870 | GN-27936 | RADIUSD | The problem of not being able to connect due to authentication failure when connecting wired/wireless to TLS 1.0 after upgrading the Radius daemon | 6.0.19, 5.0.59 |
| 124825 | GN-27933 | WebUI | An issue where each setting is not possible when the tag is removed from the tag settings pop-up | 6.0.20 |
| 124647 | GN-27726 | WebUI | An issue where the service cannot be used when accessing an invalid path from the new login page | 6.0.19 |
| 124647 | GN-27722 | macOS Agent | An issue where the blocking policy ID is displayed incorrectly in the log when blocking a macOS device | 6.0.3, 5.0.46 |
| 124647 | GN-27709 | Windows Agent | A problem where a “real-time test” is reported as not working when performing an engine update for a newly identified vaccine | 6.0.19, 5.0.59 |
| 124647 | GN-27682 | Linux Agent | An issue where some UI characters are not visible in Linux Agent or System Dark mode | 6.0.17 |
| 124647 | GN-27664 | WebUI | A problem where the DHCP pool usage status is output from only one sensor in the IP management sensor list | 5.0.42 |
| 124647 | GN-27632 | WebUI | Multilingual input device output issue when the management console language you are logged in to is not included in CWP supported languages | 5.0.31 |
| 124647 | GN-27622 | Sensor | An issue where earlyrole matching of permission policies does not work properly | 6.0.7 |
| 124647 | GN-27617 | Windows Agent | An issue where an AD account is locked due to an operating system information collection action to check whether an empty password is used on the AD server | 4.0.109, 5.0.6, 6.0.0 |
| 124647 | GN-27579 | CWP | Node Policy > A problem where the CWP user information confirmation screen does not work properly when the password usage option is turned off | 4.0.M8 |
| 124647 | GN-27576 | WebUI | An error where the nodegroup filter settings pop-up area leaves the screen | 5.0.31, 6.0.0 |
| 124647 | GN-27571 | WebUI | A phenomenon where the corresponding view item is increased when a new node view is created and used as an administrator with limited node views | 5.0.42 |
| 124647 | GN-27569 | WebUI | An issue where some dialog styles are displayed on the dashboard screen are different | 6.0.15 |
| 124647 | GN-27566 | WebUI | Fixed an issue where the agent OS icon was incorrect | 4.1.M5 |
| 124647 | GN-27543 | WebUI | Fixed an issue where an error occurred when using the CONF Update API | 5.0.20 |
| 124647 | GN-27536 | dbmigration | An issue where values are incorrectly converted when migrating data in registry settings | 6.0.5, 5.0.48 |
| 124647 | GN-27522 | WebUI | A problem where the name of the changed plug-in is not output when the policy is applied after changing the node action's plug-in | 5.0.45, 6.0.2 |
| 124647 | GN-27520 | WebUI | A problem where data is present when outputting a detailed CVE screen, but it is output on a blank screen | 5.0.50, 6.0.12, 5.0.53 |
| 124647 | GN-27498 | Windows Agent | An issue where the plug-in does not work according to the authentication status action check conditions | 5.0.0, 6.0.0 |
| 124647 | GN-27362 | WebUI | A problem where additional fields in the user and IP application form appear in a normal field format even when specified as a password form | 5.0.34 |
| 124647 | GN-27328 | ElasticSearch, WebUI | Added methods removed from Elasticsearch Export Utils | 6.0.11 |
| 124647 | GN-26376 | WebUI | The problem that when applying for general use of IP, results are not sent even if processing result reception information is entered on the application form | 5.0.13 |
| 124647 | GN-24361 | An issue where the hsecmod.sh script does not work on the Cloud Policy Server | 5.0.42 |