General vulnerabilities ▪Optional validation created to avoid Host Header Attack. Refer to the Installation Guide (Windows and Linux) and the Update Guide (Linux) for the details of the configuration necessary for the environment. ▪An additional validation has been created in the user authorization token in PHP for the access to only be authorized for the same domain to which the token was generated, adding another layer to ensure the security of active sessions and used resources. ▪PHP Composer (dependency manager) version updated to avoid a vulnerability that allowed downloading unofficial codes from the used libraries. ▪Moment.js library version updated to avoid a denial of service vulnerability (DoS - Denial of Service) found in previous versions. ▪Sensible database data from the PHP Cache encrypted to avoid leaks. |
Reinforcing SoftExpert's commitment to the success of its customers and the evolution of the SoftExpert Excellence Suite platform, we notify the end of support to Windows Server 2012 / 2012 R2 to customers in advance, so there is time to plan any updates.
In addition to the warnings in the Release Notes and the Requirement guide, we have added a warning in the system notifying administrators.
These changes are aligned with the EOL (end of life) of the Microsoft product, as well as the SoftExpert strategy to evolve its processes and architecture, so that we begin using a new installation model in Windows servers, using the container technology, available only in the more recent versions of this operating system.
From version 2.1.6 onwards, the new installation in Windows Server 2012 / 2012 R2 servers will no longer be supported. Product updates will still be supported until the end of the first semester of 2022.
According to Microsoft, the Microsoft 365 (previously Office 365) applications and services will no longer support Internet Explorer 11 from August 17, 2021 onwards.
Although IE11 will continue to exist and have support as a component of the Windows operating system, SoftExpert Excellence Suite will follow the Microsoft 365 guidelines not to provide further support to IE11 from the second semester of 2021 onwards, valid from this new version, in order to prioritize more modern browsers such as Google Chrome (which is already supported) and Microsoft Edge.
It is also worth noting that Microsoft has stopped supporting Microsoft Edge Legacy on March 09, 2021, and it will no longer receive security updates.
Microsoft recommends using the "new Microsoft Edge", which is based in the open-code project "Chromium", and they have announced that future Windows updates must already install this new application automatically.
For that reason, support to Microsoft Edge Legacy has also been ended to be replaced with the "new Microsoft Edge".
References:
The rich text edition field has been updated to provide new text formatting options. Among the most requested features, there are:
▪Source code formatting;
▪Advanced table formatting, such as painting the entire cell;
Some screens may display the old field as they have yet to be made compatible, but all screens will slowly be updated to use the new field. |
The Czech language is available only for environments with UTF-8 encoding.
Administrator users of the account can access the alert screen (CM034) to understand the health of the main SoftExpert Suite services, such as e-mail server, full text search, and data sources, among others. In addition to being able to configure which systems have their alerts turned on and the analysis recurrence, the screen will explain what to do when a service has problems.
From this version onwards, the full text search filters respect the user language.
The number of attributes available for full text search has been increased from 10 to 30.
It is no longer necessary to create an import scheduling; the creation takes place automatically once the Identity provider (IdP) sends the employee information. Moreover, it is now possible to synchronize employee attributes with SoftExpert Suite through the SCIM protocol.
From this version onwards, support will no longer be provided to the NTLMv2 SSO and KERBEROS protocols.
It is now possible to create analyses in the access group screen to generate permission/user reports.
It is now possible to customize the attributes of links between users and directory service groups in the domain configuration, for synchronization via LDAP.
View also the improvements made to this component in previous versions: