Aspera Console 2.3.2 Release Notes
Product Release: June 30, 2014 (Linux), Jul 9, 2014 (Windows)
Release Notes Updated: Jul 15, 2014
The Aspera Console 2.3.2 release provides the following updates:
• Console now reports per-file md5 checksums on the Session Detail page if checksum reporting is enabled for server products and Point-to-Point 3.4.5 or 3.4.6.
• Various security enhancements and bug fixes. Console has also been fully verified through third-party security audits.
• OpenSSL has been updated to 1.0.1h (fix for OpenSSL security vulnerability).
• Improved checking of SAML mandatory fields. Console now verifies the mandatory field Name ID or SAML subject and email is present and has valid values when a new user is added through SAML.
• Licensing: If the Console license expires or is invalid, the admin is still allowed to log in, but is taken directly to the license page. Admins can no longer use the product until a valid license is entered.
• Licensing: Console On Demand now uses the automatic entitlement system like Enterprise Server.
• Console On Demand offers a new user management option which allows both the node API user and system transfer user accounts to be created whenever a new user account is added.
• Added validation of simple and smart transfer email settings.
• Console Apache configuration for SSL cipher security.
Fixed issue where encryption setting was not consistently passed on session retry.
#21037 - No error is returned when TransferList is called and the "from" date is more recent than "to" date
#25408 - Database creation error when MySQL password starts with an exclamation point.
#25732 - Vulnerability to cross-site request forgery (CSRF) scripting attacks.
#25734 - Vulnerability to cross-frame (XFS) scripting attacks.
#25991 - Cannot enter an email address for a user with a web domain longer than four characters.
#26014 - Cookie rule is incorrectly applied (Configuration > Cookies: New Rule).
#26015 - After a Faspex package whose name includes a dollar sign is sent, custom fields stop being calculated.
#26055 - Security: XSS scripting attack on session detail page.
#26056 - Security: URL escape codes are executed on session detail > advanced search page.
#26059 - Elapsed time not consistent with started/stopped when both nodes reporting.
#26116 - Security: XSS scripting attack on background process log page.
#26117 - Bad records in the transfer nodes table can prevent page auto-fresh.
#26286 - Navigation subtabs are incorrect when a license has a one-user limit and the username is not 'admin'.
#21099 - When adding a Windows node to Console, if the administrative credentials provided are for a user who has never logged in to the machine, Console is unable to detect the node's product version. As a result, the node cannot be configured to use SSH Tunneling and a message is displayed: "SSH Tunneling only supported on nodes running Aspera Enterprise Server 2.7 or higher.” WORKAROUND: The issue can be solved by either logging in to the machine once as the administrator user, or changing the administrative credentials to those of a user who has previously logged in. This enables the checkbox for using SSH Tunneling.
#22303 - Scheduled smart transfers that were created before upgrading continue to use old behavior, displaying dates/times using the timezone of the transfer requester rather than trying to look up the recipient's time zone. WORKAROUND: To force an upgrade to the new behavior, edit the smart transfer, remove the email notifications, save, then re-edit and add the email notifications back in.
#22396 - If email notifications are configured for specific transfer paths on a user’s Preferences > Email Notifications page, these settings are not honored when the user clicks the Rerun link on the Activity page on a transfer that started before upgrading Console. WORKAROUND: To avoid this problem, start the transfer again instead of using the Rerun link.
Windows XP (32- and 64-bit)
Windows 2003 R2 (64-bit)
Windows 2008 R2 (64-bit)
Linux RHEL 4 and above (32- and 64-bit)
CentOS 4 and above (32- and 64-bit)
(Linux only) Aspera Common Components 1.2.10
Firefox 4+, Safari 5.1+, IE 7+, or Google Chrome
PREVIOUS RELEASE NOTES
Console 2.3.1 Release Notes (Windows only)
Linux 64-bit:: aspera-console-220.127.116.11413-0.x86_64.rpm
Linux 32-bit:: aspera-console-18.104.22.168413-0.i386.rpm
Aspera Common Components 1.2.10 for Console 2.3.2
Linux 64-bit:: aspera-common-22.214.171.124405-0.x86_64.rpm
Linux 32-bit:: aspera-common-126.96.36.199405-0.i386.rpm
For online support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of Aspera’s regional support centers.