Aspera Console 2.3.2 Release Notes
Console_2.3.2_relnotes_v3

Aspera Console 2.3.2 Release Notes

 

Product Release: June 30, 2014 (Linux), Jul 9, 2014 (Windows)

Release Notes Updated: Jul 15, 2014

What’s New

The Aspera Console 2.3.2 release provides the following updates:

         Console now reports per-file md5 checksums on the Session Detail page if checksum reporting is enabled for server products and Point-to-Point 3.4.5 or 3.4.6.

         Various security enhancements and bug fixes. Console has also been fully verified through third-party security audits.  

         OpenSSL has been updated to 1.0.1h (fix for OpenSSL security vulnerability).

         Improved checking of SAML mandatory fields. Console now verifies the mandatory field Name ID or SAML subject and email is present and has valid values when a new user is added through SAML.

         Licensing: If the Console license expires or is invalid, the admin is still allowed to log in, but is taken directly to the license page. Admins can no longer use the product until a valid license is entered.

         Licensing: Console On Demand now uses the automatic entitlement system like Enterprise Server.

         Console On Demand offers a new user management option which allows both the node API user and system transfer user accounts to be created whenever a new user account is added.

         Added validation of simple and smart transfer email settings.

         Console Apache configuration for SSL cipher security.

FIXED ISSUES

Fixed issue where encryption setting was not consistently passed on session retry.

#21037 - No error is returned when TransferList is called and the "from" date is more recent than "to" date

#25408 - Database creation error when MySQL password starts with an exclamation point.

#25732 - Vulnerability to cross-site request forgery (CSRF) scripting attacks.

#25734 - Vulnerability to cross-frame (XFS) scripting attacks.

#25991 - Cannot enter an email address for a user with a web domain longer than four characters.

#26014 - Cookie rule is incorrectly applied (Configuration > Cookies: New Rule).

#26015 - After a Faspex package whose name includes a dollar sign is sent, custom fields stop being calculated.

#26055 - Security: XSS scripting attack on session detail page.

#26056 - Security: URL escape codes are executed on session detail > advanced search page.

#26059 - Elapsed time not consistent with started/stopped when both nodes reporting.

#26116 - Security: XSS scripting attack on background process log page.

#26117 - Bad records in the transfer nodes table can prevent page auto-fresh.

#26286 - Navigation subtabs are incorrect when a license has a one-user limit and the username is not 'admin'.

KNOWN ISSUES

#21099 - When adding a Windows node to Console, if the administrative credentials provided are for a user who has never logged in to the machine, Console is unable to detect the node's product version. As a result, the node cannot be configured to use SSH Tunneling and a message is displayed: "SSH Tunneling only supported on nodes running Aspera Enterprise Server 2.7 or higher.” WORKAROUND: The issue can be solved by either logging in to the machine once as the administrator user, or changing the administrative credentials to those of a user who has previously logged in. This enables the checkbox for using SSH Tunneling.

#22303 - Scheduled smart transfers that were created before upgrading continue to use old behavior, displaying dates/times using the timezone of the transfer requester rather than trying to look up the recipient's time zone. WORKAROUND: To force an upgrade to the new behavior, edit the smart transfer, remove the email notifications, save, then re-edit and add the email notifications back in.

#22396 - If email notifications are configured for specific transfer paths on a user’s Preferences > Email Notifications page, these settings are not honored when the user clicks the Rerun link on the Activity page on a transfer that started before upgrading Console. WORKAROUND: To avoid this problem, start the transfer again instead of using the Rerun link.

SYSTEM REQUIREMENTS

Windows
Windows XP (32- and 64-bit)
Windows 2003 R2 (64-bit)
Windows 2008 R2 (64-bit)

Linux
Linux RHEL 4 and above (32- and 64-bit)
CentOS 4 and above (32- and 64-bit)

(Linux only) Aspera Common Components 1.2.10

Firefox 4+, Safari 5.1+, IE 7+, or Google Chrome

PREVIOUS RELEASE NOTES

Console 2.3.1 Release Notes (Windows only)

Console 2.3.0 Release Notes 

Console 2.0.1 Release Notes 

Console 2.0.0 Release Notes 

Console 1.7.3 Release Notes 

Console 1.7.2 Release Notes 

Console 1.6.0 Release Notes 

Console 1.5.6 Release Notes 

PACKAGE INFORMATION

Console 2.3.2

Windows: AsperaConsole-2.3.2.88890-windows-32.exe

md5: 5c71374aa12cbef4f5a1968ce1b309d1

sha1: 995aaed1219f7d3c215f0ef15eb610e5aa2be5fb

Linux 64-bit:: aspera-console-2.3.2.88413-0.x86_64.rpm

md5: 9eaa79367b515f5b4a8ad0328e416a71

sha1: 0843e1894f681ccf8e9848b029ef158462b0c147

Linux 32-bit:: aspera-console-2.3.2.88413-0.i386.rpm

md5: 28b91a199a6cb78324dd3e118b7124ab

sha1: a4224680c9d8c09238b1a495aa075ca5e0b8e5ab

Aspera Common Components 1.2.10 for Console 2.3.2

Linux 64-bit:: aspera-common-1.2.10.88405-0.x86_64.rpm

md5: 3a0395c8e7aceb947b6564f3eb04e9f8

sha1: cd1a3c199778c6c5522a58f2842ca80442ab02db

Linux 32-bit:: aspera-common-1.2.10.88405-0.i386.rpm

md5: 992aadb22850fa7b763f314c8993a7de

sha1: 5d1ab544dc91b5f718ae987a4aca97e791adbce9

OTHER RESOURCES

Aspera Console 2.3.2 Admin Guide (Windows) 

Aspera Console 2.3.2 Admin Guide (Linux) 

Aspera Console 2.3.2 User Guide 

PRODUCT SUPPORT

For online support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of Aspera’s regional support centers.