Fixed Issues In Release 108.0.0
Fixed Issues In Release 108.0.0
Here is the list of fixed issues in this release.
| Issue Number | Category | Description |
|---|---|---|
| 293400 | API Data Protection | Fixed an issue in Google Drive retroactive scan where a restrict action to remove public link did not work under specific scenarios such as rate limits. |
| 287111 | API Data Protection | Fixed an issue with CASB-API Salesforce integration, where tombstone files did not get correctly updated into Salesforce for quarantine action. |
| 288721 | API Data Protection | Fixed an issue where API Data Protection IRM Protect policy action failed to apply a Netskope policy defined MIP labels when MIP auto-labeling was enabled within the Azure AIP environment. |
| 293386 | CASB Real-time Protection | Added a new block template to cover 403 response code scenarios in MS SharePoint/OneDrive real-time policies. |
| 299983 | CASB Real-time Protection | Executable file type support added for downloading Zoom installers. |
| 297431 | CASB Real-time Protection | Updated base64 decode method in PowerBI App connector to display the correct Instance ID. |
| 291084 | CASB Real-time Protection | Added synthetic request trigger to obtain from_user and extract instance_id if DB lookup fails. This helps in improved instance ID and From user detection. |
| 279681 | CASB Real-time Protection | Added Login Attempt activity support for federated login( Login with Google, etc.). This is detected when traffic redirects to chatGPT after Google Login is successful. After "Login Attempt" block we can view chatGPT home page but cannot access it. |
| 298562 | CASB Real-time Protection | Fixed the logic to calculate the cookie expiry on the domain authentication. This issue was impacting Private Access re-authentication feature with user domain authentication. |
| 295928, 298674 | CASB Real-time Protection | Due to a traffic change on Microsoft end "Viva connections" app along with few functionalities of O365 like archives were not loading from MS Teams. This issue was fixed by taking care of backend traffic. |
| 300591 | Endpoint Data Loss Protection(EPDLP) | Fixed an issue wherein if the Endpoint DLP was disabled in the management console and then re-enabled before the endpoint has restarted, the device control functionality will not function correctly. |
| 295514 | Endpoint Data Loss Protection(EPDLP) | Fixed a defect that caused DLP content scan failures when the file paths exceeded 254 characters. |
| 289251 | Endpoint Data Loss Protection(EPDLP) | Resolved an issue related to alternate data streams, which previously led to policy evaluation failures and resulted in multiple fallback events. This issue was notably evident in zone.identifier streams. |
| 286899 | Endpoint Data Loss Protection(EPDLP) | Fixed an issue where upgrading from older Endpoint DLP versions to release 107.0.0 occasionally required two reboots for device control to function. |
| 299147 | Netskope Private Access (NPA) | Fixed an issue where a NS Client switches from other steering method such as IPSec/GRE/SF back to the normal steering, the NPA on-prem status was not updated real time. |
| 283898 | Next Gen Secure Web Gateway(NG SWG) | Fixed an issue where File Download in isolation was blocked in certain situations when the File Download setting was enabled in the corresponding RBI template. When the user tried to download a file inside an RBI session after having File Download control enabled in RBI template, they were presented with the Downloads are Disabled warning pop-up. |
| 285858 | Next Gen Secure Web Gateway(NG SWG) | Fixed an issue in Skope IT application events and alerts, where the Action = Isolate field for activities performed inside the RBI session which is not a valid action type for these activities. |
| 290155 | Next Gen Secure Web Gateway(NG SWG) | Fixed an issue in Skope IT application events and alerts, where the From Isolation field was not set to the value yes or no for all activities performed inside of RBI session, for example Create or View activities. Prior to this fix, only Download and Upload activities had the right value set in the From Isolation field. |
| 295409 | Next Gen Secure Web Gateway(NG SWG) | When using an On-Prem proxy to steer traffic over a tunnel to Netskope along with the Trust XFF header, an issue with the proxy caused the user's long poll connection to be terminated. This issue is now fixed. |
| 296627 | Next Gen Secure Web Gateway(NG SWG) | The dest-ip-policy feature was enabled by default in release version 103.0.0. Fixed an issue where Netskope appliance proxy configuration wasn't updated to handle SSL bypass traffic, and SSL bypassed domains were inaccessible through Netskope appliance. |
| 290134 | Next Gen Secure Web Gateway(NG SWG) | Fixed a bug where some email notifications were incorrectly applied to a malsite alert, resulting in duplicate email notifications. Prior to this update, if a transaction matched a Real-time Protection policy with email notification and also generated a malsite alert, then the email notification was applied to both the policy alert and the malsite alert. This resulted in multiple notifications generated for the same transaction. Malsite alerts no longer generate an email notification in this scenario. |
| 297122 | Next Gen Secure Web Gateway(NG SWG) | SSL chain construction behavior was modified to allow non-self-signed certificates to be considered as trust anchors when building a chain of trust. OpenSSL refers to this as a "partial chain". This allows adding an intermediate certificate to the custom trust store that explicitly allows leaf certificates (signed by the intermediate) to be trusted. It's unrequired to add the intermediate issuer to the custom trust store. To learn more, view Trust Anchors |
| 293812 | Next Gen Secure Web Gateway(NG SWG) | Fixed an issue where activities performed inside an isolated session generated alerts even when there was no matching policy for the activity performed in isolation, for they were matching RBI Real-time Protection policies. With this change, Nestkope only generates alerts for activities matching any DLP or TSS Real-time Protection policies. |
| 12863 | Remote Browser Isolation(RBI) | Netskope RBI has fixed an issue where cookies generated in previous RBI sessions and stored in the user's browser where not being pulled correctly from JSclient (private Navigation setting disabled in RBI template). RBI will now force the order to make them available and pull them correctly. |
| 13760 | Remote Browser Isolation(RBI) | Fixed an issue where RBI was not blocking the Copy link option present in web pages if the RBI template setting "Copy from isolated page" was disabled. This operation is now blocked and the user is presented with the corresponding warning messages. |
| 11949 | Remote Browser Isolation(RBI) | Fixed an issue that prevented isolation of URLs with the hash symbol (“#”). When a user leveraged the “Open in new tab” option of the RBI context menu for a link including the hash (#) RBI would remove part of the isolated URL leading to isolating an incorrect destination. “Open in new Tab” option is visible in the Context Menu only if the Pop Up setting is enabled in the applied RBI template. |
| 12177 | Remote Browser Isolation(RBI) | Fixed an issue that prevented users from downloading isolated PDFs incorporating the changes edited while browsing in isolation. When users clicked on the "download with your changes" button, no action was taken and the PDF was not downloaded. "download Without your changes" would download the original PDF correctly. Now it is possible to download isolated PDFs including the editions introduced by the end user. |
| 14057 | Remote Browser Isolation(RBI) | Fixed an issue which prevented RBI from displaying isolated DPFs correctly to the user. In certain situations, when a user requested to render a PDF file RBI generated a 0 pixel PDF file, therefore, impossible to read. With this fix, all isolated PDFs are displayed correctly by keeping track of the browser size of all affected objects in RBI. |
| 11990 | Remote Browser Isolation(RBI) | Fixed an issue where file download progress dialog for very large files was not reaching 100% and progress dialog removal, and file download to desktop was not triggered properly. Now the progress is tracked correctly, the dialog is removed and the file is sent to the user when the isolated download is completed. |
| 293339 | Threat Protection | Fixed an issue with SkopeIT events page displaying an error when encountering special characters in the site name when users navigate to View Alerts from Malicious Sites page. |
| 294268 | Traffic Steering | NS Client discontinued weak ciphers support from tunnel connection. If Netskope Client tunnel is established through a proxy, ensure that the proxy supports the latest ciphers. To refer the list of supported ciphers, view Disabling of weak ciphers. |
| 294596 | Traffic Steering | Fixed an issue where Netskope Client status was not updated due to incorrect format. |
| 298288 | Traffic Steering | Fixed an issue where the client status was not getting posted on the tenant under certain scenarios. The client status is sent when transition and last status to detect that transition is maintained. When a wrong status is detected, it is fixed to an appropriate state. |
| 287409 | Traffic Steering | Fixed an issue during IdP enrollment where the user navigates away from the IdP login page to perform MFA, such as, retrieving the OTP; the IdP page is dismissed unexpectedly. |
| 290649 | Traffic Steering | Fixed a bug on the Netskope Client for iOS devices that when enhanced the CertPinnedApplist feature flag is disabled, the domains exceptional list is not applied. |
| 291768 | Traffic Steering | Fixed an issue where the current user tunnel session id and “apt-get” comment session id was not matching that caused the NS Client to bypass the traffic on local. |
| 296195 | Traffic Steering | If the Customer App Domains of Certificate Pinned application contains wildcard domain `*` configured on the WebUI. The wildcard domain is not added to the domains exception list in the iOS VPN pac file generated. The reason being it will cause all traffic to bypass in the iOS device where the pac is installed. |
| 296395 | Traffic Steering | Fixed a bug on the Netskope Client for Windows devices where the Fail Close feature was not working when the admin disabled and then enabled the Netskope Client on the WebUI. |
| 295719 | Traffic Steering | Earlier, the disk_enc_check was not in the $OR format. This issue is now fixed. Once deployed, you can then change the second rule from ANY back to ALL again. |
| 223781 | Traffic Steering | Fixed an error caused by white space between comma for domain input in the steering configuration non-standard port setting. |
| 289490 | Traffic Steering | Fixed an issue on Netskope Client for iOS devices when flexible dynamic steering is enabled and switched to Off-Prem, the UI displayed wrong steering mode. |
| 283000 | Fixed an issue on Netskope Client for iOS devices when flexible dynamic steering is enabled with None mode in On-Prem, Off-prem, or both, toggling Wi-Fi loads the previous traffic mode. |
