Fixed Issues In Release 119.0.0
Fixed Issues In Release 119.0.0
Here is the list of fixed issues in this release
Issue Number | Category | Description |
---|---|---|
465148 | CASB Real-time Protection | Improved detection efficacy for image files in HubSpot. The object name for valid image files can be detected now. The filetypes belonging to background traffic will not be detected and the list of filetypes excluded are listed below:
|
489356 | CASB Real-time Protection | Fixed an issue where Microsoft Whiteboard cannot be accessed via Reverse Proxy. |
479134 | CASB Real-time Protection | Correct form post activity are triggered for “Ansarada” application. This was done by improving the content body traffic from the application. |
465844 | CASB Real-time Protection | The FormPost activity is meant for content inspection (DLP/TSS). However, it was noticed that the FormPost was getting generated even for the NON-DLP/TSS-based policies. As a fix, if the backend processing resulted in the FormPost activity with the NON-DLP/TSS policy invocation, the activity in the said application event is converted to Browse from FormPost. |
424066 | CASB Real-time Protection | Added tenant feature flag to apply traffic action if content Inspection is not enabled via connector. For example, Google Drive with couple characters might not enable Content Inspection. If the flag is disabled, traffic action of DLP won’t be enforced, else DLP rule is respected. Please reach out to support in case the flag needs to “enabled”. |
482185 | Cloud TAP | Fixed a crash in Cloud TAP Stitcher by enhancing validation of input data blobs. |
470596 | Cloud TAP | Enhanced Cloud TAP Stitcher to handle the scenario of multiple clients with same IP address and same port connecting to the same server simultaneously. |
493377 | Data Protection | Updated the following predefined Password Entities to reduce false positives:
|
488297 | Data Protection | Fixed an issue wherein the download of subfiles was unavailable in Incidents for non-container files because the file name of the scanned file was unknown. |
489395 | Data Protection | The validation criteria for file hashes within a File profile have been updated to be case-insensitive. |
490382 | Email DLP | Enhanced the MIME decoding logic for the email subject field in events, incidents, or alerts related to Email DLP, now supporting both UTF-8 and ISO-8859-1 encodings. |
488386 | Endpoint DLP (EPDLP) | For macOS, the visibility of the file-scanning progress dialog can now be controlled by the end-user (via a checkbox on the dialog), or by the administrator (via a backend option). If you would like to enable/disable this dialog across your entire organization, please contact the support team. |
461782 | Endpoint DLP (EPDLP) | Fixed an issue where EPDLP upgrades from old versions (R102-R108) failed to correctly install the new epdlp.exe. |
322097 | Netskope Private Access (NPA) | Fixed an issue when the traffic steering mode is set to None, the macOS users are unable to disable NPA tunnel since the option to disable Client gets disabled. |
322094 | Netskope Private Access (NPA) | Fixed an issue where the NPA Block notification was not displayed to the end users when Client was configured as NPA only mode, or traffic steering mode is set to ‘None’. |
459268 | Netskope Secure Web Gateway (NG SWG) | Cross-site request to RBI were failing with access method Explicit Proxy + SAML due to RBI “probe” requests not steered. This is fixed by properly identifying such requests and always forwarding those to RBI. |
493139 | Netskope Secure Web Gateway (NG SWG) | When the non-persistent connection feature is enabled for a domain, proxy sends a connection close header to signal the client to not use persistent connection. It was also sent for a 101 upgrade response. After the fix, it is not sent for informational messages. |
479184 | Netskope Secure Web Gateway (NG SWG) | Fixed a Page Events issue where the conn_endtime field failed to reflect correct endtime of the last transaction associated with the Page Event. This gave the illusion that the page event was completed earlier than it actually was. The conn_endtime field is now updated when any transaction associated with the page event completes. The conn_endtime field now accurately reflects the time as which the page event completed. |
479385 | Netskope Secure Web Gateway (NG SWG) | Netskope adds the ns.js into all HTML responses. After this fix, Netskope no longer adds the json file if the Content-Disposition header is present in the response with a value other than “inline”. |
457975 | Netskope Secure Web Gateway (NG SWG) | For transactions matching a Real-time Protection rule that includes a category condition, the “category” field in application events, alerts, and user notification messages is expected to be a category that is both associated with the transaction and part of the matched policy rule. Previously, when content inspection (DLP, threat scan, or file detection) is required to make the final policy determination, the category field would be one of the categories associated with the transaction but might not be one of the categories associated with the matched policy rule. The “category” field now reflects a category for the transaction that is also part of the matched policy rule. Note that this change does not apply to DLP alerts and the category field in DLP alerts will not necessarily reflect a category that is included in the matched policy rule. This limitation will be addressed in a future release. |
22378, 17170 | Remote Browser Isolation (RBI) | Fixed an issue with RBI isolation indicators (visual cues) presented to the user. These indicators were rendered before the isolated webpage was fully loaded, which could lead to some of these indicators disappearing after the isolated page was fully loaded and the page title set. Isolation indicators are now rendered after the isolated webpage is fully available. |
21885 | Remote Browser Isolation (RBI) | Fixed an issue with Read-Only feature where users could type in certain webpage elements when RBI could not get their properties and determine if they were editable. With this fix, Read-only is now applied to all editable elements and elements where the properties could not be evaluated. |
20421 | Remote Browser Isolation (RBI) | Fixed an issue around cookie handling when Private navigation is disabled. Expired cookies were not properly deleted from storage at user’s browser, so wrong cookies were being retrieved by RBI in the next session, incorrect cookie parsing and login details lost. |
447177 | SaaS Security Posture Management (SSPM) | Fixed errors faced when filtering by rule names with comma (,) in it. |
482990 | Traffic Steering | With this fix, Netskope Client Captive Portal feature now supports meta refresh element HTTP redirection. |
492545 | Traffic Steering | Fixed an issue where the UI logs were missing in Netskope Client for macOS log bundle if collected remotely. |
489520 | Traffic Steering | Fixed Netskope Client for macOS crash issue caused by the Client trying to bypass IPv6 mDNS packets. |
487939 | Traffic Steering | Fixed an issue where the Netskope Client cannot auto upgrade when self-protection and per user mode are both enabled. |
470467 | Traffic Steering | Fixed an issue where the Docker pull failed as the Docker proxy process is unable to handle a force reset in a closing connection. The fix is released as part of mainstream release version 119.0.0 and is back ported to versions such as 114, 117, and 118. |
495212 | Traffic Steering | Fixed a crash issue by enhancing DEM exception handling. |
351919 | Traffic Steering | Fixed an issue where installation time was not getting displayed on Mac device installed with IDP mode. |
392768 | Traffic Steering | Fixed an issue where Device Posture change event always displayed Client Status as disabled. |
473189, 465601 | Traffic Steering | Fixed an issue where the Netskope Client failed to establish a tunnel due to the Client cert validation issue in OpenSSL for Chromebook devices running ChromeOS version 125. |
486408, 351919 | Traffic Steering | Fixed an issue where the Netskope Client installed in IDP mode did not display the correct Installation Time on the Device webUI. |
492785 | Traffic Steering | Fixed an outer packet capture issue where it took longer time to stop the packet capture. With this fix, the outer packet capture stops immediately for Netskope Client for Windows. |
504328 | Traffic Steering | Fixed an issue on the macOS devices that resulted in the Netskope Client to crash on a network change. |
453717 | Traffic Steering | After the”TLS 1.3 hybridized Kyber support” feature was enabled by Google Chrome in version 124, the “Client Hello” packet of the TLSv1.3 negotiation became bigger than the normal MTU, and required fragmentation. Netskope Client failed to fetch the hostnames when SNI check is enabled in Client Configuration. This issue is now fixed. With this fix, the Netskope Client can fetch the SNI from the packets when the SNI Check feature is enabled. You will have to enable a feature flag to enable this fix. Contact Netskope Support to enable this feature flag. If the feature flag is disabled and the SNI Check feature is enabled, Netskope Client instead gets the hostname from DNS query. |
503501 | Traffic Steering | Fixed an issue where if the Netskope Client fails to establish DTLS connection and did not fallback to TLS. |
467283 | Traffic Steering | Fixed an issue where deleting certificate-pinned applications in App Definitions > Certificate Pinned Apps did not remove the corresponding certificate pinned exceptions under the Steering Exceptions page. With this fix, Netskope deletes related app exceptions in Steering Configuration while deleting custom cert-pinned apps. |
493685 | Traffic Steering | Fixed an issue that caused losing the tenant name configured by the MDM server. |
484812 | Traffic Steering | With this fix, Client automatically reloads when system reports irrecoverable kernel memory errors. |
492851 | Traffic Steering | Fixed an issue where traffic is getting bypassed for off-premises mode after enabling dynamic steering in the steering configuration and removing all category exceptions. |