Fixed Issues In Release 112.0.0
Fixed Issues In Release 112.0.0
Here is the list of fixed issues in this release.
| Issue Number | Category | Description |
|---|---|---|
| 369107 | Advanced Analytics | Fixed an issue where the Scheduled page was unable to load due to dashboards configured with a legacy feature. |
| 357192 | API Data Protection | Corrected an issue where ‘case sensitivity’ impacted the validation of the administrator email address for instance setup under Classic API Protection for Box. |
| 295234 | API Data Protection | Policy action for Introspection in malware incidents is fixed to show quarantine or restore action instead of detection. |
| 388437 | CASB Real-time Protection | Copy Link to Post navigation is not supported as part of Share activity for LinkedIn. |
| 383892 | CASB Real-time Protection | In real-time protection policies for Dropbox, policy actions when copying an existing shared link is not be supported. Only an event for the Copy link action will be generated in SkopeIT. |
| 355595 | CASB Real-time Protection | Fixed an issue by adding support for a new domain,”imanage.work”. |
| 318963 | CASB Real-time Protection | Fixed an issue where mail body cannot contain limit more than 16k characters, due to which DLP could not be done. This fix increases the limit to accommodate bigger payloads. |
| 353451 | CASB Real-time Protection | Fixed incorrect domain mapping for Doodle app. |
| 387561 | CASB Real-time Protection | Fixed an issue by adding support for new traffic changes in Edit activity using Live Excel. |
| 351623 | Cloud Confidence Index (CCI) | Added twimg.com to Cloud App ‘X’ for discovery. |
| 347409 | Data Protection | Fixed a cosmetic bug displaying incorrect ‘Action’ on certain API based Incidents generated from cache-based verdicts. |
| 356850 | Netskope Private Access (NPA) | Fixed an issue on a Citrix Server where the NPA Client retries connection very frequently causing high CPU usage. The fix checks the current condition which prevents NPA client from retry. |
| 333539 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where now IPS will not miss HTTP clear requests with different destination hosts when client device reuses the same TCP connection. Also fixed Dedicated Egress IP not being assigned due to above scenario. |
| 355350 | Netskope Secure Web Gateway (NG SWG) | When send-policy-alerts flag is set for a tenant, an application event is sent for the alert policy. No extra events will be sent for the given application post that. |
| 365489 | Netskope Secure Web Gateway (NG SWG) | Rules with both alert-and-continue and email notifications enabled, now properly sends additional email notifications when matched. |
| 337822 | Netskope Secure Web Gateway (NG SWG) | Fixed a rare case where proxy failed to load app related data like app instance, tag, and CCI. |
| 344447 | Netskope Secure Web Gateway (NG SWG) | Support custom notification block template for CLI based requests. |
| 333149 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where Access Method selection of IDP configuration was ignored. With this release, only selected Access Methods will be authenticated by the configured IDP. |
| 335348 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where RTP with User criteria was not getting applied for traffic subjected to SSL DND in EPoT mode. |
| 370272 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where the presence of a root label (that is, trailing dot) in a domain caused a different URL lookup result from the result when the trailing dot was omitted. |
| 358173 | Netskope Secure Web Gateway (NG SWG) | Fixed an error message “Invalid Group Selection”, that appeared on reviewing suggestions for old file type to new file type conversion in Real time policies page, and saving these policies from Review suggestions. |
| 361351 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where Cors request was redirected to SAML auth due to which Outlook webmail signature settings were not saved. |
| 351841 | Netskope Secure Web Gateway (NG SWG) | If an admin does not want page events to include such information from child transactions if the main page itself does not match an Isolate or Forward to Proxy policy then they can request that the feature flag page_events:ignore-child-trxn-json be enabled for the tenant. Previously this feature flag only affected page events marked as “User Generated”, not background traffic not marked as “User Generated”. Now the feature flag will apply to all page events regardless of the value of the “User Generated”. With this feature enabled then page events will only include Forward to Proxy or RBI information if the main page matches a Forward to Proxy or Isolate policy. |
| 17940 | Remote Browser Isolation (RBI) | Solved a bug that happened in macOS when the user was trying to scroll down using the laptop trackpad or mouse scroll gesture, in which the scroll bar repeatedly went to the top of the page, making the scroll unusable. The bug was fixed after updating a component that was using an envirnment variable pointing to an outdated binary. After the fix has been deployed users scrolling experience in macOS works seamlessly. |
| 15120 | Remote Browser Isolation (RBI) | Fixed a bug in RBI that pushed extra entries in the browser history that did not reflect exactly the URL address changes while browsing in isolation. With this fix, the user’s browsing history reflects correctly the user browsing history of navigated URLs. |
| 17953 | Remote Browser Isolation (RBI) | RBI rejects any website that has an incomplete certificate trust chain. Admins may want to open such websites in isolation rather than their production environment, as a precaution. With this fix, when the system encounters an incomplete certificate trust chain, the component validating the certificate of RBI forwards the request to the RBI browser. The RBI browser in turn can pull the rest of the certificate into the chain. |
| 9449 | SaaS Security Posture Management (SSPM) | Upon removal or disabling of a rule from an existing policy, all existing findings for the particular rule will now be removed from API-Enabled Protection > Findings (Security Posture SaaS). |
| 301344 | Traffic Steering | Fixed dynamic steering On/Off prem firewall configuration that caused empty firewall exception in config API. |
| 349504 | Traffic Steering | Fixed timestamp mismatch issue where the previous two event timestamps were not aligned in one device entry and caused confusion. |
| 350411 | Traffic Steering | In the previous releases, the Netskope Client Configuration webUI can display long email and long device classification in Windows configuration UI. This caused an issue where the user cannot use the Configuration Update link to trigger an update. As a workaround, users encountering this issue can use the command nsdiag.exe -u to download configuration instead. |
| 345264 | Traffic Steering | Fixed an issue on Windows hardware supporting modern standby machines, where NS Client auto upgrade failed after reboot. It was caused by auto-upgrade triggered by the power change system event before the service finish was initialized. |
| 361139 | Traffic Steering | Fixed an issue where Java App process name was not detected due to the Java app’s IPV4 packet using IPv4-mapped-on-IPv6 format on the “/proc/net/tcp6″. |
| 349219 | Traffic Steering | The DEM context used for sending out cached DME messages can be corrupted due to a timing issue. In this fix, added logic to prevent this DEM context corruption issue and thereby preventing the Netskope Client crash issue. |
| 368890 | Traffic Steering | The initial sleep mode battery saving feature for Android has a logic hole when Netskope tunnel flip-flopping with screen on/off. Fixed this issue and the screen on event now properly restores pre-screen off tunnel status. |
| 384041 | Traffic Steering | Earlier, when the Client is configured with Dynamic Steering On-prem traffic method set to None along with Fail Close mode, Netskpe Client Configuration webUI is supposed to show the status as “Netskope Client disabled – Traffic Steering set to None” but instead it showed “Netskope Client fail closed.” Fixed this issue to display the status as “Netskope Client disabled – Traffic Steering set to None” whenever the Dynamic Steering On-Prem traffic method is set to None along with Fail Close. |
| 378514 | Traffic Steering | Fixed an issue where the nsbranding.json configuration file is deleted on MAC whenever a user is deleted. |
| 369598 | Traffic Steering | Fixed an issue where the Client crashed whenever a user enabled SNI Check on the webUI. |
| 370428 | Traffic Steering | Fixed an inconsistent traffic bypassing performance on the OS DNS by enabling a feature flag disableJavaDnsCache. This disables Java DNS caching whenever the Netskope tunnel is in connected state. Currently this is supported only on Windows. |
| 376995 | Traffic Steering | Updated client status nsdeviceuid according to the latest client configuration downloaded. |
| 369663 | Traffic Steering | Fixed duplicate exception handling in driver and service. |
| 343344 | Traffic Steering | Fixed the XSS encoding issue for URL on the User Notification page. Prior to this fix, if the user contains a link with an encoded text like `https://test.com/Access%20Control`, the non-encoded part is also encoded after it is saved (`https%3A%2F%2test.com/Access%20Control`). This fix keeps the original user input if the link pass the XSS check. |
| 351853 | Traffic Steering | With this fix, whenever RBAC V2 is enabled, the Cert Pinned Application tab under App Definition is displayed for Web and Cloud App when their access control is enabled. |
| 360719 | Traffic Steering | Earlier, if admin configures “&” as part of the User Notification dialog button, Windows did not render it properly. This issue is now fixed and ‘&’ character is displayed correctly on the notification dialog. |
| 294257 | Traffic Steering | Earlier, in a multi-user deployment, non provisioned users were able to access protected application even when the Netskope Client is in Fail Close mode. This issue is now fixed and non-provisioned users are blocked access to protected applications in fail close mode. |
| 372092 | Traffic Steering | The Netskope Client was using machine ID as the serial number on Linux devices. This fix will add the system serial number and is displayed on the tenant WebUI Device page. |
| 367773 | Traffic Steering | Earlier, the admin could not pin the gateway when prc_dp_geofence feature flag was enabled. This issue is now fixed and the admin can pin the gateway by making this entry 127.0.0.1 gateway.gslb.goskope.com along with x.x.x.x gateway-tenant.goskope.com in hosts file. |
| 398387 | Traffic Steering | With this fix, Netskope Client now classifies the non-web traffic as firewall traffic from a cert-pinned app with bypass by tunnel setting. |
| 398819 | Traffic Steering | If proxy is configured on the machine and if the GSLB POP list was obtained directly from the GSLB service, then preference must be given to connecting directly to the gateway list before connecting through the proxy. |
| 339052 | Traffic Steering | Improve the iOS bypass performance by conducting system level bypass. However, if NPA is enabled, local private IPv4 ranges are still being bypassed via app-bypass. |
| 345274 | Traffic Steering | Fixed wrong gateway hostname when there is a network change. |
