Release Notes (Changelog)
Contents
Notice
When upgrading to a new version, it is necessary to follow the steps here: Upgrade notes (Instructions for upgrading to a new version)
Application versions
Version 2.4.0 (Preparing release)
New Features:
Packages now support folders and subfolders, meaning a tree structure is now available for organizing files in packages.
Folders can be created, deleted, renamed, and moved within the package details view. This functionality is available only after the package is created; folders cannot be created during the initial upload. Folder operations can be performed by the package's original author (sender) and contributors, if any.
Enhanced package detail view supporting folders. Users can customize the view to decide which files (and their states) are visible. Options include a unified tree view for all states or separate trees for each state (active, quarantined, deleted, shredded).
Compact view - a streamlined view is now available, displaying fewer metadata details to allocate more space for the folder and file tree.
Support for user groups (in Settings - User Groups).
Local and remote users can be grouped into named groups.
Automatic mapping - remote users can be automatically assigned to groups based on parameters from remote directories (e.g., AD / ADFS / OIDC). For users without mapping definitions (local or without mapping), default groups can be assigned.
Permissions managed by groups. User permissions are now set at the group level instead of individually for each user. During the upgrade to v2.4, groups replicating existing user permissions will be created automatically to maintain the current settings.
SFTP protocol support for package access. Both downloading and uploading package content via SFTP are supported.
Admins can specify which users are allowed to use SFTP for package access.
Users see a unique SFTP link for access in the package details view. A default package can be set to open after login if no specific package link is used.
SSH keys can be utilized for SFTP access, with public keys configured for users in OpenSSH authorized_keys format.
Implemented new API v2.
Significantly restructured and expanded API functions for extensive automation and integration with other systems. Administrator functions are now available, including user management via the API.
Documentation: https://docs.sofie.cloud/api/v2/cs/
Maximum depth of nested content (e.g., archives within archives) and the total number of nested objects (e.g., files within an archive) can now be restricted in the MIME types detection settings.
Bulk actions for users. Users can perform bulk actions on selected packages in the package list or on selected files in the package details view.
Enhanced sandbox detection settings. Filters can now be activated to restrict the types (extensions) of files sent to sandbox for checks.
Minor changes:
Local login deactivation. Added a setting to disable local login (Settings > Configuration > Users > Allow Direct User Login).
Account locking separated from login permission. Accounts can now be locked (active/inactive) independently of login permission, which is now derived from group membership.
Backend and frontend library updates, including transition from Ant Design 4 to 5 and JavaJDK from 1.8 to 21.
FortiSandbox license quota update - 1 credit now equals 180 seconds instead of the previous 300 seconds.
Stricter default password rules. Default password policies have been updated based on recent pentest findings.
Audit log enhancements. Added option to show component in Audit Log. Added all attributes to detailed audit log view.
- Added option to terminate running checks even for packages not in queue anymore. Checks can be running for these because a manual recheck was executed or because new files were added.
- Package size calculation adjustments: Users now see the size of "active" files (clean and quarantined, but not deleted "in the trash"). Admins see the total size of all stored files, showing how much space is occupied on the datastore (including deleted and archived items).
- Sped up the discovery of results of asynchronous detection engine checks (sandboxes).
CDR Changes Reminder: Refer to version 2.3.11 for details.
Fixes:
- Fixed an error, where attempts to run checks on already shredded files might have occurred.
- Corrected a problem that some CDR conversion failures resulted in incorrect output.
- Removed logging of "Invalid UUID" exceptions for example in package IDs.
Added timeouts to AV scans, so scans now terminate with errors instead of getting stuck during long or stuck antivirus checks.
- Fixed favicon display (modified Content-Security-Policy).
- Fixes in integrations for some AV versions: Kaspersky 12.1, FortiClient >7.0.3 and Sophos.
- Fixed order of check results in the package details.
- Fixed the possible occurrence of the "500 Internal server error" in some specific cases.
- Fixed expiration/shredding of files stuck in the uploading state.
- Fixed possible errors in files in a forwarded package, it the package was only partially encrypted/decrypted.
- Added missing attributes for some audit logs.
- Audit Log fixes for file shredding: Introduced a new audit log for physical deletion of auxiliary files from datastore and modified logs for shredding package files.
- Other fixes based on recent pentest findings:
- Fixed unexpected errors for login attempts with too long username or password. Maximum username length now set to 100 characters and password length to 300 characters.
- Fixed validations of length of other text fields.
- Upload request form now also displays the limit settings for maximum number and size of files in a package.
- Files larger than the size specified in metadata before uploading can no longer be uploaded.
- Web server requests directed at .map files now return a custom error message.
- Fixed possible error and an unexpected exception when approving packages and for approver access to package files.
- Other various fixes of design, texts and translations.
Version 2.3.11 (2024/10/03)
Minor changes:
- Support for CIDR ranges in trusted proxies setting (Settings - Configuration - Security - General). Only individual IP addresses were supported before.
- Improved stability and reliability of the CDR engine. Manual steps need to be performed, see Upgrade notes (Instructions for upgrading to a new version).
Fixes:
- Fixed recipient deduplication, so that if the same recipient is in both recipients and contributors, it stays only in contributors (worked the other way around before).
- In the e-mail configuration (Settings - Configuration - E-mail) the automatic filling in of password was suppressed (autoComplete off).
- Minor fix in status discovery of the Avast engine.
Version 2.3.10 (2024/06/05)
Minor changes:
- Option to use prefilled template of the form for sending packages by anonymous users based on URL parameters. (e.g. https://sofie.sonpo.cz/#/?template&recipient=sofie@sonpo.cz&password=false&expiration=false)
- Modified calculation of credits per time spent in FortiSandbox checks (for FSA as a service).
Version 2.3.9 (2024/04/24)
Minor changes:
- Introduced a new unique CSS class for the login form, so that it is possible to selectively hide the username and password login using custom CSS.
Fixes:
- A minor fix related to displaying of the favicon.
Version 2.3.8 (2024/04/19)
Fixes:
- Fixed a possible error (white page) when accessing a package, introduced by an interaction with another fix in version 2.3.7.
- Changed a version discovery method for the welcome message in the command line (to avoid a possible chaining of calls).
Version 2.3.7 (2024/04/17)
Fixes:
- Fixed display of settings for mandatory package password. When enabled and saved, the setting was applied, but still shown as disabled in the admin interface.
- Fixed some possible ways to skip mandatory multifactor authentication setup for users.
Version 2.3.6 (2024/04/16)
Fixes:
- Fixed displaying of English Terms of Use in the Slovak version and other minor glitches in SK translation.
- Fixed the appearance of the opening page from a mobile phone (including language switching).
- Improved the application mini icon for browsers (favicon) for displays with higher resolution.
Version 2.3.5 (2024/04/05)
Fixes:
- Fixed possible wrong automatic logout a minute early then configured and related error page.
Version 2.3.4 (2024/04/04)
Fixes:
- Slovak language automatically enabled for new installations (not for existing ones, where admin has to enable it).
- Fixed showing an error page after automatic logout.
- Misspelling fixes.
Version 2.3.3 (2024/04/04)
New features:
- Added support for Slovak language in user interface section (and for sent e-mails).
Minor changes:
- An error message is now displayed when accessing a non existent URL (instead of default entry page of the application).
Fixes:
- Fixed interface error when using translation in browser (Chrome and Edge). The parts that were broken by the translation are no longer translated.
- Fixed indication and discovery of the CDR engine status.
- Fixed behavior and settings of the CDR engine and its file extensions filter.
- Misspelling fixes.
Version 2.3.2 (2024/03/18)
Fixes:
- Added missing text for a limit in EN localization.
- Fix in displaying mass actions for packages.
- Updated some libraries.
Version 2.3.1 (2024/03/08)
Fixes:
- Changed the default encryption algorithm for new installations to the currently recommended one.
Version 2.3.0 (2024/03/07)
New features:
- Support for OpenID Connect (OIDC) for user login to the application. In addition to AD and ADFS, it is now possible to connect the application to Azure AD, Google, or another OIDC compatible source for user logins.
- Implementation of the CDR (Content Disarm and Reconstruction) feature - Support for converting compatible documents/files into a safe form (clean PDF without active elements).
- Support for new antivirus engines: Avast and Trellix.
- Option to block access to the application based on various properties of the access source:
- IP filter - blocking clients from specified IP ranges
- Reverse record - blocking clients with a reverse record lookup containing specified strings
- Country (GeoIP) - blocking access from specified countries, or allowing access only from specified countries
- User-Agent header - blocking clients whose User-Agent header contains one of the specified strings
- The administrator can set permanent users who are not subject to automatic locking or deletion of accounts due to inactivity (in the form of user permission - persistent account).
- The option to limit API usage to specified address ranges (similarly to users and administrators).
- Added a new permission for users: set a package as persistent, not subject to automatic expiration. Previously, only an administrator could do this.
- New user filter:
- by their permissions (ability to search for users with specific permissions)
- whether they are local or from an external source (AD/ADFS/OIDC)
- The ability to create a package request without sending the corresponding notification email. The user then passes the request's link by other means.
- When preparing a new package for sending, it is now possible to generate a random package password directly in the form in the password field.
- Support for offline installation. For environments without internet access, but with a functional yum/dnf for installing system packages, including epel or compatible repository. Only for perpetual licenses, not subscriptions.
Minor changes:
- Update of some cryptographic algorithms used in the application to match current recommendations, e.g., NÚKIB (Minimum requirements for cryptographic algorithms).
- Whether access to the application is from a closed or open environment is now clearly indicated in the top bar of the application (by an icon of an open or closed lock).
- Improvement of http security headers (Permission-Policy and Content-Security-Policy).
- Even not logged in anonymous users see an icon with a link to the documentation in the top bar.
- Improved design of the package detail screen, added padding and other minor adjustments for clarity.
- Administrators now have a creation and last login timestamp, similarly to users.
- Modified upgrade process:
- sofie upgrade - now updates only one step to a newer branch, e.g., from 2.1.x to 2.2.x, not directly to 2.3.x.
- If it is necessary to update across more major versions (branches), the upgrade must be run multiple times, and after each step, check and possibly perform necessary steps described in the Upgrade notes (Instructions for upgrading to a new version).
- Support for reading and logging the new header "Sec-Ch-Ua" (User agent client hint), which is generated by the browser and cannot be changed by the user.
- Minor API adjustments (added "fileId" attribute to the package status).
- When forwarding a package, the option to select/deselect all files at once.
- The administrator sees the total number of packages in the package lists (at the bottom right near pagination).
- Improved filter according to additional flags in the administrator's view of all packages.
- Added a new limit for maximum number of created packages or package requests in a set time interval.
- Improvements in cooperative packages:
- every contributor (and author) can now edit a cooperative package regardless of the setting enabling/disabling a modification of an already existing packages
- added a new button for inserting files to an existing package right above the list of files
Fixes:
- Implemented automatic restart in case of an application module crash, e.g., due to Java memory exhaustion. Now, in such cases, an automatic termination and restart will be performed, which minimizes the need for manual intervention by the administrator.
- Fixed problems discovered by a recent detailed pentest of the application.
- Added selinux rules for Diagnostics - Remote Access, to make it functional even when selinux is enabled.
- Improved behavior when failure occurs when sending email. A prolonged futile repetition of attempts to send is no longer performed, if the SMTP server returns a permanent error (e.g., 550 invalid recipient).
- Fixed possible exceptions and related errors in translations (occurring especially in the Hungarian localization).
- Fixed errors in some bulk actions over packages that are being scanned or are encrypted.
- Fixed a possible error during a user login and some other actions, which could occur under a special combination of circumstances and active limits on actions.
- The administrator does no longer see actions for decrypting/encrypting packages if he does not have the permission to do so.
- Fixed that the subject of the test email did not contain the prefix set in the configuration.
- Fixed the certificate change script for RHEL version 9 and compatible OS.
- Fix for a possible exception when expiring and deleting metadata of shredded packages.
- Adjusted the BitDefender script to not launch more than one scan instance. Multiple instances cause errors.
- Fixed a possible error when the package name is too long when forwarding a package.
- Updated used libraries.
- Fixed various typos, missing texts, or other minor graphical glitches.
Version 2.2.10 (2024/01/29)
Fixes:
- Updated some of the libraries used in the project.
Version 2.2.9 (2023/12/05)
Minor changes:
- Added an icon for opening the help documentation to the top bar even for anonymous users (before login).
Fixes:
- Fixed an unexpected "500 Internal server error" showing instead of a correct warning message, when a password violating a password policy was entered for a new package and interface was set to Hungarian language.
- Fixed a possible exception during final deletion of metadata of shredded packages.
Version 2.2.8 (2023/10/03)
New features:
- New antiviruses supported in Detection settings: Avast, Trellix.
Minor changes:
- In new installations the administrator has a random password. The administrator's password can be reset using the command "sofie reset-admin-password".
- Updated documentation to describe how to deploy and run the application from AWS Marketplace: SOFiE.
- Modifications for easier change of the FQDN and https certificate. (commands "sofie set-fqdn" and "sofie recreate-cert"). Changing FQDN will invalidate the license (it is bound to the FQDN), so it is necessary to contact us and arrange a license update (ideally before the change).
Version 2.2.7 (2023/06/20)
Minor changes:
- Modified the API (added a fileId attribute for files in the response with package status).
Fixes:
- Fixed a possible error when running repeated checks of files/packages through the detection engines. The error might have occurred under specific combination of settings and timings and resulted in a premature check termination with error.
Version 2.2.6 (2023/05/23)
Minor changes:
- Modified and improved the "sofie" script for the command line. Preparations for easier installations, for example from AWS Marketplace.
Version 2.2.5 (2023/04/20)
Fixes:
- Fixed an exception that might have sometimes occurred during communication with FortiSandbox. It was caused by an unexpected value returned from the API in the latest versions of FortiSandbox.
Version 2.2.4 (2023/04/12)
Minor changes:
- Modified the upgrade process and script, so that "sofie upgrade" always goes up only by one major version (2.1 → 2.2) and not more (2.0 → 2.2). Resolves future problems with upgrades from versions older then the direct previous one.
Version 2.2.3 (2023/04/05)
Minor changes:
- Modified backup task parameters (lower compression and more parallel processes) to increase speed. Affects also updates and upgrades (which include a backup).
Fixes:
- Fixed an exception when processing package recipients, if there were multiple than one and some of them from configured domain, but had never logged in yet, so their accounts had not been created.
- Fixed the display of used users in the license.
Version 2.2.2 (2023/03/02)
Fixes:
- Fixed a possible out of memory error for a process during moving of sandbox reports from the database to disk (occurs after starting version 2.2).
Version 2.2.1 (2023/03/02)
Fixes:
- Fixed a blocked contributor's access to a package if he is also an approver and under specific settings of the feature to approve sending of packages.
- Fixed some typo.
Version 2.2.0 (2023/02/27)
New features:
- New feature "Briefcase", intended for easy sending of packages "to myself". In combination with another new feature for "Closed environment" it simplifies controlled file exchange between the closed and open environments.
- New feature "Closed environment".
- Specified IP addresses or IP ranges are considered the closed environment. (also called "protected", "clean", "restricted", etc.)
- Transfers between this closed environment and the rest (open environment) can be forbidden. Specifically it can be set whether transfers are allowed between each environment combination (closed → closed, closed → open, open → closed, open → open).
- It can also be set whether uploads are allowed from the closed or open environment.
- Useful for securing and controlling transfers between a separated network and the rest of the world, where sometimes it might be needed to block transfers out (to prevent sensitive data leaks), or transfers in (because of a risk of dangerous content).
- In combination with another new feature, the "Briefcase", the application can very easily be used for secure, controlled and audited transfers of files between the environments by users.
- New feature "Cooperative packages":
- The administrator can enable or disable this feature for all users, or only for selected users.
- If a user has the feature enabled, he can create a cooperative package similarly like a normal package, just by adding "contributors" instead of or in addition to normal recipients.
- Contributors can then edit the package the same way as the sender (author). I.e. add, rename or delete files in the package.
- Useful for example for working together on some project, or for better substitutability of users.
- Support for e-mail aliases for users. It allows a users to have more than one e-mail, which might be useful for example after a wedding for including both the old and the new name for a user.
- Improvements in the feature for approving sending of packages (also called the 4 eyes mode):
- The support for "Preferred approvers" can be enabled. If a user or a package has preferred approvers set (one or more of them), these should be the ones approving the sending and so only these receive the notification about a package waiting for approval.
- It can be set, whether a user can set his preferred approvers himself, or whether the administrator must do so.
- It can be set, whether the user with permission to approve sending of packages (auditor) can approve any waiting packages, or only those, that he is the preferred approver for.
- Marking packages for users:
- Users can mark own packages by a star. It allows them to better orient themselves in their packages, particularly when there is more of them.
- New users' received packages are considered unread and marked bold. After opening these the unread marking disappears.
- Package list can be filtered according to the star and unread markings.
- The sender (author) of a package or the administrator has the option to resend notifications about the package to its recipients.
- A new "All packages" view for administrators introduced, which shows all packages in all states (active, quarantined, deleted, etc.). This simplifies searching for a specific package, if its state is not known.
- The administrator can edit package recipients. Until now only the sender (author) could do that.
- Improved the feature for automatically disabling or deleting inactive users. The affected users can now be previewed first. And from the preview the disable/delete action can be also immediately executed by the administrator.
- Detailed scan results of package files can now be also shown to users, similarly like to administrators. The administrator can set which users see this (anonymous, logged in, only selected, none).
- Modified defaults for new installations, so that new features are implicitly active (for example encryption, editing packages, briefcase, cooperative packages, etc.). This will not affect existing installations. In existing installations the new features must always be turned on by the administrator manually after consideration.
- The list of users can be exported/downloaded in the CSV format.
- Displayed audit logs (according to the current filter setting) can be exported/downloaded in the CSV format.
- It is now possible to limit the time for which audit logs and shredded packages' metadata are retained. Until now, these were stored forever and could excessively fill up the database. Also added automatic cleanup of other old (invisible for users or administrators) database records.
- Configuration export. The administrator can export the current configuration of the application. It can be used as a partial backup of the configuration. The export does not contain passwords and keys. Importing it back is not supported yet, so restoring the config must be done manually.
- Reworked the section Settings → Configuration for better clarity as many new options have beed added.
Minor changes:
- Forwarded packages now have a link in their detail to the original package, so it can be easily opened (by the administrator or the sender).
- In the detail of an audit log related to a package there is a new link to the related package, so its detail can be easily opened. Also in reverse a package detail contains a new icon near its ID, which can be used to open a filtered view on the audit logs related to this package.
- A floating Save button in Settings → Configuration, so it is always visible on the screen, even when the settings section is longer and does not fit on the screen.
- Improved search in package lists:
- it is possible to search by a package name
- it is possible to search by a file name or a SHA256 hash of a file contained in a package
- Improved search in the audit log:
- Logs can be searched for a text in attributes (e.g. logs containing "ESET"). Does not work for audit log's text message, just for attributes (because text is dynamically generated during view, including translation).
- Event type can be displayed in the list for each audit log. Makes searching by type easier.
- Unified the placement of Package ID in search filters, so using it is more convenient.
- Added some missing items to the mass action menu (retest, encryption, integrity check, etc.).
- Added some actions for a package in the package list and in the package detail, so that actions in the list and in the detail match if possible.
- Moved detailed reports from sandboxing checks from the database directly to the disk, next to package files. The reports excessively increased the database size and extended the time needed for DB backup (and therefore also the time for an update or upgrade of the application).
- Added links to appropriate settings sections in the "Dashboard" screen for administrators.
- The MIME detections for files or types with a long name did not fit completely on screen and therefore is was impossible to get detailed info about those. Now the detections can be displayed in full in a table after clicking the magnifying glass.
- Files in the package can be additionally renamed. Until now files could be only added or deleted.
- The list of contact and group hints from the address book is now sorted alphabetically.
- An e-mail to which a package request is sent is also stored in contacts in user's address book, if the collect contacts feature is enabled.
- A new flag (icon) is shown in the list of administrators for the administrators who have a multi-factor authentication set.
- The "Notify package recipients if a package is quarantined" feature modified, so that only registered (not anonymous) recipients are notified, so it works same as for senders.
- Hidden additional sensitive values in the audit log records (keys, salt, passwords).
- Introduced new audit log types. For details see: List and description of Audit Log event types.
Fixes:
- Fixed a problem where under some circumstances checks by a sandboxing engine could have been terminated by mistake because of a timeout.
- When viewing a package with limited number of accesses the language cannot be changed anymore, because it used up another access from the limit.
- Fixed the duplicity of delete actions for packages where the user is both sender and recipient.
- The form for a new package after sending a package and selecting send another is now correctly reset.
- Fixed the option to forward a package as internal without recipients.
- After forwarding a package the link for the new package is shown correctly.
- Fixed a possible error when forwarding a package with a package password.
- Fixed an unexpected state when the password for a package request was entered incorrectly multiple times.
- Fixed a possible exception when a file was deleted from a package before its checks had been finished.
- The package title is shown in the caption of the package detail also for the administrator, if it exists, instead of the package ID.
- Removed unwanted notifications about a package being removed from the quarantine, if the package is not in an active state (deleted, archived).
- Fixed errors in the admin access to some parts of settings with certain admin permission combinations.
- Fixed possible incorrect values in information counters in encrypted packages statistics.
- Fixed the action to remove the last encryption key (KEK) from encrypted packages so that it is not available.
- Fixed that the limit for number of authentication attempts in a time interval was not working for specific Active Directory configuration.
- Various fixes of texts, formatting and appearance.
- Added missing audit log (CONFIG_ADDED), which rarely can occur.
Version 2.1.4 (2023/04/12)
Minor changes:
- Modified the upgrade process and script, so that "sofie upgrade" always goes up only by one major version (2.1 → 2.2) and not more (2.0 → 2.2). Resolves future problems with upgrades from versions older then the direct previous one.
Version 2.1.3 (2023/02/21)
Fixes:
- Fixed an error which prevented enabling or disabling detection engines under Settings → Detection settings or changing their mandatory state.
Version 2.1.2 (2022/12/02)
Fixes:
- Fixed an error when accessing a package protected by a password containing national or other special characters.
- Fixed a possible exception during password reset for a user or admin using a non existent or expired password reset link.
Version 2.1.1 (2022/09/13)
Fixes:
- Minor fix in the "sofie" script for upgrades (to new major version branches like 2.0 → 2.1). In installations with manually created or edited yum repository for sofie (should not be manually modified) an error could occur during the upgrade.
Version 2.1.0 (2022/09/05)
New features:
- Option to create packages with a limited number of accesses. Additionally, for public packages, this limit can be enforced by the administrator.
- The administrator can enforce the use of multi-factor authentication for users (in Settings - Configuration - User settings - Multifactor authentication).
- Improved the functionality of (e-mail) templates:
- It is possible to insert and use a salutation of a recipient (by name, and if not known, by e-mail) in the e-mail templates. For better personalization of messages and improved phishing prevention.
- A common prefix / suffix can be configured in templates. It will be always inserted before / after the text of the e-mail message. Using this all sent e-mails can be easily updated to include for example a common company footer at the end or recipient's salutation in the beginning.
- The notification about a package being quarantined can now include details with the results of the checks of the problematic files. The built-in template for notifications to administrators was modified to use this, so the administrator can easily discover the reason for the quarantine directly in the e-mail notification, without the need to log in and open the package detail in the application.
- Support for displaying terms of use on the login screen. According to the administrator's setting it can either be voluntary, by clicking on a link, or mandatory, in a modal pop up window after accessing the login screen.
- The users can be now restricted according to the IP ranges:
- Users can be allowed to log in only from selected IP ranges and forbidden to log in from elsewhere. Either same IP ranges for all users (common company addresses) or additionally individually for each user (public static home IPs).
- Users can be forbidden to send packages anonymously (without login) from the IP ranges from which they are allowed to log in (see above). So to send packages from these IP ranges they must log in.
- Implemented new security limits (new section in Settings - Configuration - Security limits), including:
- Improved protection against brute-force user's password guessing. While failed attempts are limited in time and then blocked, legitimate login from the same IP can proceed successfully without interfering with the protection.
- Limit for number of attempts for password reset. Prevents DoS attack or spam.
- Limit for number of failed password attempts for a package or a package request.
- Limit for number of attempts to access a non existent package.
- The administrator can now change the type (accessibility) of a package (to public, internal or private) at will. Before it was only possible to publish a private package.
- The administrator can enforce a password for new packages (separately for anonymous and logged in users). Including the rules for password's strength.
- The administrator can enable the auditor (user with permission to approve packages waiting to be sent) to access password protected packages without entering the password (like the administrator). Does not work for packages encrypted with the package's password, because these cannot be decrypted without the password.
- The administrator can disable supported languages for users or administrators (except English, which cannot be disabled). Disabled languages will not be shown or offered anywhere to be set and used.
- Support for server side sessions of logged in users (in addition to the jwt tokens). This allows the user to be logged out from the server side and a valid jwt token will not be enough to restore the login.
- Support for a quota for the number of files sent to be checked by the FortiSandbox, if it is operated as a service. The quota is set inside the license and after being exceeded it either only sends a warning or the files will stop being sandboxed.
- Introduced an administrator configurable limit for a maximum number of objects recorded during a MIME check. Before it was possible, for example with a zip file with a huge number of files, to excessively load the application and browser while displaying such a huge number of MIME types.
Minor changes:
- Changed the process of updating to a new version (like now 2.0 → 2.1). It is necessary to proceed according to the instructions in Upgrade notes (Instructions for upgrading to a new version)
- Introduced steps for better automation of the upgrade process to future versions (changed nginx config structure so it can be changed more automatically).
- When changing own password or own autheticators for multi-factor authentication the current password must be entered first. For both users and administrators.
- The password reset using a link from an e-mail initiated by the administrator will enforce a password change (the existing password will not be accepted). For security reasons, for example after password leak incident, when the administrator requests the password reset.
- In the settings for password strength rules the minimum supported password length was increased to 8 characters. In addition we recommend to always enable different character types and using the database of leaked passwords.
- Changed display of users permissions in the list of users. Hovering the mouse over a new icon below the user's name in the list will show a pop up listing all his permission settings.
- The administrator with "administrator management" permission will have all the other permissions assigned automatically and they cannot be revoked. This reflects the fact, that the "administrator management" permission enables to set all the permissions of administrators (including self) at will, so he could add any permissions anytime anyway and it would be misleading to assume such an administrator is somehow limited.
- When the administrator uploads a custom logo in the SVG format, a better check of the file is performed, so that it does not contain executable code.
- The API was extended to support new features (of the package) introduced in version 2.0 and 2.1 (eg. encryption with a password, limited numbed of accesses, etc.).
- The audit log for an unauthorized package access split into two separate audit logs (for anonymous users: PACKAGE_DOWNLOAD_UNAUTHORIZED_ACCESS, for logged in users: PACKAGE_DOWNLOAD_USER_UNAUTHORIZED_ACCESS).
- The unique password reset token is no longer present in the audit log, so the administrator does not see it.
- Improved http headers, including added CSP (Content-Security-Policy) header and headers preventing unwanted indexing and crawling by search engines and similar robots.
- Modified the error page shown for invalid http requests.
- Improved output of the sofie status command and expanded the diagnostic logs.
- Various other modifications based on minor pentest findings.
- Various minor modifications and optimizations of the application interface.
Fixes:
- User with a disabled login cannot request a password reset (it did not work anyway and got stuck).
- A password reset link cannot be used from IP ranges outside of those allowed for login (if login is limited to selected IP ranges).
- A user from ADFS does not have to enter his current password in the application when adding a new multi-factor authenticator (he does not have a password in the application).
- Fixed not requiring a password for upload of files into a password protected package request (if the uploader knows the URL and bypasses the standard process manually).
- Fixed an error in the filter in the package list for some combination of filtered flags.
- Fixed a repeated execution of a check/scan on old packages.
- Fixed an incorrect sending of a notification about an error during package check when shredding a file from a package containing files with errors during check.
- Fixed a DLP notification error (sending an empty one or sending a duplicate).
- Fixed that a logged in user was not able to open an internal package if the package had no recipient.
- Fixed incorrect indication of the sort ordering column in lists when transitioning between different screens.
- Fixed an incorrect resulting state when terminating a package checks, if meanwhile some of the checks completed (could happen in a very unlikely combination of events).
- Fixed updates and notifications in the application interface for long running tasks in the background (eg. encryption of files or integrity check).
- Fixed an exception when attempting to download a non-existent file.
- Fixed an exception that might have occurred under special circumstances during MIME check.
- Fixed an exception that might have occurred during some specific requests.
- Fixed logging for example for ADFS errors or for external API.
- Fixed the web interface getting stuck because of a non standard state of the localStorage.
- Other minor fixes of texts and design.
Version 2.0.9 (2022/09/13)
Fixes:
- Minor fix in the "sofie" script for upgrades (to new major version branches like 2.0 → 2.1). In installations with manually created or edited yum repository for sofie (should not be manually modified) an error could occur during the upgrade.
Version 2.0.8 (2021/06/09)
Fixes:
- Fixed broken Check Point SandBlast Cloud integration (minor API change).
- Fix in Fortinet FortiSandbox integration, where under some specific conditions an error might have occurred.
- Hidden the output of config parameters and their values during start in the production mode. Hidden the values of sensitive keys/passwords from the output of config parameters during start in the debug mode.
- Added a few missing texts in template descriptions and fixed a typo.
Version 2.0.7 (2021/04/13)
New features:
- Support for approving sending of packages by selected users before really sending the packages out. The function can be enabled in "Settings - Configuration - Basic settings - Users can send packages without approval" and by optionally selecting users through revoking their permission to "Send packages without additional approval". The approval can be performed by selected users (with permission to "Approve sending of packages") or by administrators (with permission "package management"). The function is intended to help prevent users from sending out data, which they should not. This is the first basic release of this functionality and will be improved and extended in the future.
- The posibillity to forbid users from sending out packages to themselves and also from downloading files from their own sent out packages. (In "Settings - Configuration - Basic settings - Users can send packages to themselves / Users can download files from their own sent packages" and by optionally revoking corresponding permissions from individual users.) This should further prohibit possible data leaks, where user does not send the data directly out as public package, but sends it to himself or other internal user and then logs in to his account from outside of the organization and downloads it from his account.
Fixes:
- Fixed the integration for FortiClient version 7.0.3 (minor changes in its output format).
- Added some missing texts for audit log messages (PACKAGE_REQUEST_ENTERED_VALID_PASSWORD, PACKAGE_REQUEST_ENTERED_INVALID_PASSWORD).
- Fixed several misspellings.
Version 2.0.6 (2021/02/23)
Fixes:
- Handled a possible unforseen action concurrency, where the administrator may have by mistake started the encryption of a package in the queue waiting for detection engine checks.That caused inaccessibility of the package files for detection engines and failure of the checks. Now the encryption of packages in queue will be skipped even if started by the administrator.
- New audit log introduced: PACKAGE_ENCRYPTION_SKIPPED.
Version 2.0.5 (2021/02/17)
Fixes:
- Fixed an error in integration with some AV engines (e.g. Kaspersky), if the installation was on a system with a different language version than English (e.g. German).
- Fixed an error in the situation, where a registered user after a login tries to send a package using the form for anonymous users (e.g. in another tab). It now works and the resulting package type will be private.
- Fixed an unexpected exception occurring when some non-existent URL is accessed (e.g. during scans by robots/crawlers).
Version 2.0.4 (2021/02/11)
Fixes:
- Fixed not working last login timestamp update for users logging in through ADFS without MFA. (Might affected automatic user locking/deletion, if those new features from v2.0 are turned on.)
- Fixed wrong indication of sorting column in some lists, if the view was switched away and back.
Version 2.0.3 (2021/02/07)
Fixes:
- Fixed possible logout of a user after long package upload and also a related package error. The fix in version 2.0.0 was not fully functional and the logout might have still occcured.
- Fixed possible interruption of downloads of bigger files after 1 GB when the download speed is slow. (Edit of the nginx configuration is required, see Upgrade Notes.)
- Increased the severity of the audit log EMAIL_SEND_FAILED from INFO to ERROR.
- Fixed typo in the HU translation.
Version 2.0.2 (2021/01/28)
Fixes:
- Fixed authorization error for requests to the API, which was introduced due to changes in version 2.0.0.
- Fixed an exception that might occur under specific conditions during content scans using MIME detection engine.
Version 2.0.1 (2021/01/20)
Fixes:
- Useless exclamation marks with warnings about not encrypted packages are no longer displayed in the package queue in the admin interface when the encrypt new packages feature is enabled.
- Faster viewing, sorting and some searches in the audit log (added database index).
Version 2.0.0 (2022/01/10)
New features:
- Support for encryption at rest (needs to be enabled in Settings - Configuration - Encryption). Enables encryption of package files on the storage volume after finishing checks by detection engines. For details see documentation.
- Support for individual package encryption by a key derived from a password set for the package by the sender (after finishing the encryption it is not stored anywhere). Without the knowledge of the password the package files cannot be decrypted and therefore downloaded, not even by the administrator.
- Data integrity verification. It is possible to initiate a data integrity check for whole packages or single files, which computes the current checksums (SHA256) and compares them to the original ones from the time of their upload. The result is stored and displayed for both individual files and whole packages. If the integrity is compromised (file is corrupted), a notification can be sent, according to the settings. An admin can set, whether the check can be initiated even by users for their packages and files, or not. An admin can also schedule an automatic regular integrity check, in Settings – Configuration – Data integrity.
- New antivirus supported in Detection settings – FortiClient (Fortinet antivirus).
- Options to edit an existing package by its sender (author) and admin, specifically:
- An admin can set, whether the author can add new files into his existing packages or delete them (both disabled by default).
- An admin can delete files from existing packages and restore deleted files (by admin or user). A user cannot restore deleted files.
- An admin can shred files from existing packages (and therefore free up the space on the storage volume).
- When a new file is added to an existing package a new notification is sent to the package recipients, similarly, like for a new package.
- Mass actions on packages. Multiple packages can be selected in the package lists and a mass action can be performed on all of those, for example delete them all at once.
- Mass change of permissions for selected users. Multiple users can be selected in the list of users and their permissions changed for all at once.
- An admin can manually run a (re)test of the whole package or individual files through the detection engines again. Useful for example to make sure, that after anti-virus signature update, the package/file is still safe or infected.
- Support for automatic deactivation and deletion of inactive users (Settings – Configuration – User settings). Inactive users can be disabled (unable to log in) or deleted after configured time.
- Temporary user accounts. An admin can set a user account expiration during the account creation. Such an account then expires after the set time and is automatically deleted.
- Better support for different languages:
- Separated setting of primary language for e-mail messages. (Until now, it was determined by the default language of the application.)
- Optional setting of secondary language for e-mail messages. If set, the e-mails will be bi-lingual, secondary language appended below the primary.
- Separated setting of the language for syslog. (Until now, it was determined by the default language of the application.)
- Logged in user can set his preferred language in his profile. This language will then be used in e-mails addressed to him, overriding the global settings of primary and secondary language, as described above.
- New notifications (written in audit log and optionally sent to e-mail) for events:
- Error during a package check. Because of a failure of one of the detection engines when checking a package, it was skipped.
- Detection engine not available. One of the detection engines stops being available. Can happen for example when an anti-virus licence expires, a sandbox connection fails, etc.
- Disk space running low. Happens if the free space drops below 10% on one of the package storage volumes and select system paths (/, /var/log, /var/lib/pgsql, /var/lib/kafka).
- An admin can move a package from active into quarantine. (Until now only the reverse was available, release from the quarantine.)
- The option to block usage of a known leaked passwords ("have i been pwned?" service). Can be enabled in Settings - Configuration - Security.
- When creating a new admin account, it is now possible to send an e-mail with the request to set a new password to the new admin, instead of setting the password directly. (Similarly like for users.)
- A download counter for each file and the archive of a package. The number of downloads of each file and the archive is displayed in the package detail view (for anonymous users, logged in users and administrators). It counts only finished downloads (the end of the file was sent from the server to the client).
Minor changes:
- Login names are no longer case sensitive. This is the same behavior like for example in Active Directory. ("test" and "Test" is now the same user, unlike before)
- An automatic refresh of displayed information occurs when viewing a package detail (for example encryption state, integrity check results, detection results, etc.).
- Changed how a package password is remembered:
- An admin can set the time the package password is remembered, in Settings - Configuration - Security: "Download JWT token lifetime".
- If no user is logged in, the token is not stored in the browser (in LocalStorage).
- If a user is logged in, a new option to "remember password for XX minutes" (according to settings) is offered and by defaulted is not enabled.
- There is a new overview of enabled detection engines and and their related information displayed on the Dashboard.
- The list of files inside a package can be ordered by name, type, date and size of the files.
- The settings for password strength requirements is now separate for users and for admins.
- The package lists can be filtered by package flags. So it is possible for example to display only packages set as persistent.
- The filters above package lists can be collapsed into a single line bar, to preserve space on the screen if needed.
- The list of files inside a package is now split into multiple separate lists for: normal files, quarantined files, deleted files, shredded files.
- Search inside contacts and contact groups improved (can search for contained contacts or groups).
- Package requests can be deleted.
- The user can "delete" packages in his inbox. Technically they are only hidden in his view. Only the sender or admin can truly delete a package, or it is deleted automatically after expiration.
- Even a user can now see the flag if a package is public or not (only admin did until now).
- Changed the process for (re)setting a password by email with a password (re)set link. The email now contains a unique link with UUID, which when opened allows to (re)set the password directly. Unlike before, when it was necessary to manually copy a token from the email into a form field before the password (re)set.
- The related default email templates for these actions were updated accordingly. If an installation uses customized templates, these must be also manually updated in the same way as the default ones were.
- When activating TOTP multi-factor authentication, it is now required to input a valid code from the activated authenticator first, or the activation will not be done.
- Repeated password guessing protection (against bruteforce attacks) extended also to repeated multi-factor authentication (MFA) attempts.
- When changing expiration times in Settings - Configuration - Workflow it is now possible to optionally apply this change to existing packages, otherwise it only affects new ones.
- Support for new license states. The original "demo mode" is split into a new "no license" mode (new installs without even a trial license) and the now modified "demo mode" (special demo license) for demonstration purposes only.
- Support for FQDN aliases. Besides the main FQDN the license can now contain additional domains and will work for all of them, so the application can run under multiple domains.
- Support for alternative https port - the FQDN can now further contain a custom port specification, for example https://sofie.sonpo.cz:11443. Until now the application supported only native https port 443.
- The API token can be copied to the clipboard by a mouse click.
- Removed actions for shredded packages (like release from quarantine) as they are useless, the package content is already deleted.
- The current password in detection engine settings (for sandboxes) is no longer displayed, it can be only changed to a new one.
- Obfuscated the passwords contained in audit log records (replaced with *** string).
- JWT tokens modified:
- JWT tokens sent to and stored in browsers are now encrypted, so the client cannot read their contents. (Before the were only signed to prevent client manipulation.)
- Default expiration of JWT authentication tokens shortened from 60 to 30 minutes (= idle logout timeout).
- New setting introduced (Settings - Configuration - Security) "Authentication JWT token absolute lifetime", which specifies after what time the user is logged out even when active.
- New setting introduced (Settings - Configuration - Security) "Download JWT token lifetime", which specifies how long the password for password protected package can be remembered.
- Minor security improvements according to a pentest results, including:
- Better protection against session hijacking. Added IP address and User-Agent to the JWT token and if those do not match the current ones (they changed), the request is denied and logged.
- Added headers: Cache-Control "no-store", Pragma "no-cache", X-Content-Type-Options "nosniff" a Referrer-Policy "same-origin" to all responses.
- When an unexpected internal error/exception occurs, the java class details are no longer displayed, but a custom error page without unnecessary internal details is shown.
- Removed the final state of a package UPLOAD_CANCELED and replaced by a single common final state of "shredded" (CONTENT_DELETED).
- Changed the looks of some parts of the application for better clarity.
- New and modified audit logs, for details see: List and description of Audit Log event types.
Fixes:
- During a long package upload the logout timer is now regularly reset, so the automatic idle logout cannot happen during the upload and cause an upload failure.
- Fixed the sometimes strange behavior of the form when setting the administrator's permissions.
- Fixed the display of usernames and other strings in audit logs and other places, where the additional string of #timestamp was shown.
- The list of detection engine check results for files in package detail is now ordered alphabetically by the column "Detection engine".
- Fixed the color bar display for check results - yellow should now be consistent and always mean, that a detection did occur, but the result is not a quarantine, but just a notification (according to settings). Before it was sometimes red in such cases.
- Changed the "ADFS error" message to " Login error", if a user is successfully logged in by the ADFS, but does not have an access to SOFiE application.
- Fixed the license expiration parsing for Kaspersky 11.2 engine.
- Fixed the missing license state attribute in LICENSE_INVALID audit logs.
- Fixed possible duplication of audit logs when the license state changes.
- The logo preview in Settings - Configuration - Appearance now better matches how it will look in the top bar.
- Other various fixes of typos, texts, design, etc.
Version 1.6.3 (2021/12/20)
Fixes:
- Updated the log4j library to the latest version (2.17.0), which fixes the new security vulnerability (CVE-2021-45105). The specific conditions needed for exploiting this vulnerability are again not met in our application, so it cannot be triggered anyway. But for a complete peace of mind we are again releasing a new version with updated log4j library.
Version 1.6.2 (2021/12/15)
Fixes:
- Updated the log4j library to the latest version (2.16.0), which fixes the new security vulnerability (CVE-2021-45046). Originally this vulnerability was deemed much less serious, but later was reevaluated to critical again. But the specific conditions needed for its abuse are not met in our application, so it most likely cannot be triggered at all. But to be completely sure we are again releasing a new version with updated log4j library.
Version 1.6.1 (2021/12/11)
Fixes:
- Updated the log4j library to the latest version (2.15.0), which fixes the new critical security vulnerability (CVE-2021-44228). Considering the severity of the vulnerability, the update should be done as soon as possible. The SOFiE application however runs behind the nginx proxy and only some URL paths are passed through, which according to our current findings effectively filters out all the so far seen attempts at exploiting this vulnerability and so those exploits are terminated at the nginx proxy and do not reach the vulnerable component. An exploit targeting specifically the SOFiE application would be required to get through, unlike the mass automated attempts now spreading through the Internet.
Version 1.6.0 (2021/04/23)
New features:
- Support for Hungarian in the user interface and e-mail notifications (not in the admin interface).
- Multifactor authentication (MFA / 2FA) supported even for logins of users using AD and ADFS (only for local users before).
- In the package upload form the current configured limits for maximum sizes and number of files are shown.
- Support for the password reset functionality even for the administrators. Using an e-mail with instructions and unique token, similarly like for users. The administrator must have an e-mail address filled in for this to work.
- The PDF report with FortiSandbox check results can now be viewed directly in the browser window. It is no longer necessary to download, save and then open the file.
- Showing all (including nested) MIME types for files (if the MIME module is enabled in the Detection settings). For example archives (zips, etc.), Office documents, PDFs and others may contain nested content and files of various MIME types inside. This is now shown in the file details.
- Support for logging of the User Agent from the header of web requests into the audit logs. It can be enabled in Settings - Configuration - Logging - Log User-Agent header.
Minor changes:
- Added new columns "Created at" and "Last login" in the list of users, which can be used to sort the list. This helps when searching for unused or old accounts that can be deleted.
- New audit logs for events: LICENSE_INVALID, LICENSE_VALID, APP_VERSION_CHANGED, PACKAGE_DOWNLOAD_UNAUTHORIZED_ACCESS, PACKAGE_DOWNLOAD_PACKAGE_NOT_FOUND, PACKAGE_DOWNLOAD_PACKAGE_EXPIRED. For details see: List and description of Audit Log event types.
- Added the action to terminate the check in the package detail for packages in the queue (it already was available in the list, but not in the detail).
- Automatic rotation of Kafka module log files, so their number and size does not grow excessivelly.
- Improved the installer (updated components, LetsEncrypt certificate does not need e-email, fixed nginx version for CentOS8, OCSP stapling in nginx).
- Modified the parameters in the e-mail templates. Replaced the ${appTitle} parameter with the parameters ${appName} and ${subjectPrefix} (those are related to Settings - Configuration - Appearance and Settings - Configuration - E-mail prefix). An automatic replacement will be done in the existing templates, according to if the parameter is used inside the subject (->subjectPrefix) or in the body (→appName). Updated the texts, previews, help and related accordingly. Increased the maximum size of the subject in the templates from 100 to 200 characters.
- Modified the logging of changes (for better accuracy) of MIME types. Before it could happen twice, depending on if the change was done by "magic" or "content" MIME detector. Now it happens and is logged at most once, but with new attributes clarifying the change.
- The application web server (Tomcat) now listens for connections only on the localhost address (it communicates with local nginx).
- Multiple components updated (React, Ant Design, Tomcat, Meecrowave, etc.).
- Minor changes in graphics, icons, etc.
Fixes:
- Fixed the deletion of XSRF cookie when closing the browser, but not refreshing it after reopening again, unlike the login, which resulted in a logout after any performed action because of invalid XSRF cookie. Now it has the same lifetime as the login.
- Fixed the "jumping" calendar when editing package expiration. After a few seconds from the change of month it jumped back.
- Fixed the content deletion from the field for maximum size in the DLP settings after a few seconds.
- Other minor fixes of typos, texts, graphics, etc.
Version 1.5.5 (2021/03/18)
Minor changes:
- Updated Apache Tomcat to version 9.0.43 and Apache Meecrowave to version 1.2.10.
- Improved the script for sending of diagnostic logs - added an offline variant with manual handoff of logs.
Fixes:
- Added compatibility with new ESET version 8. If auto-update is disabled (it is by default, if installed exactly as our install manual instructs), then the update can be performed by executing the command:
/opt/eset/efs/bin/upd --perform-app-update
Version 1.5.4 (2021/02/25)
Minor changes:
- Added a helper script "offline-license.sh" - useful for manual download and activation of a license from the command line.
- Improved debug logging for problems with license activation.
Fixes:
- Fixed the compatibility with FortiSandbox version 3.2.2+, which introduced changes to the API from Fortinet for upload of larger files.
- Fixed the integration with AD using SSL (LDAPS). The appropriate certificate authority must be added to the system trusted authority store.
- Updated sending of diagnostic logs - if the file with a license does not exist (it is created automatically during online license activation in the application), an attempt is made to read the license from the database - it contains information needed to send the logs.
- Improved the handling of errors during the download of a detailed report from a FortiSandbox file scan. Now if the report download fails, the whole scan does not, it finishes correctly, the error is logged and the report is not available.
Version 1.5.3 (2021/02/22)
Fixes:
- Fixed the behaviour when user deletes his sent package before all the content scans are finished. The remaining scans are canceled and if some mandatory ones failed, those are no longer repeating infinitelly.
- Fixed the audit log message for some unexpected FortiSandbox errors. (INVALID_JSON_DATA, INVALID_REQUEST, UNSUPPORTED_VER)
Version 1.5.2 (2020/11/20)
Fixes:
- Fixed minor issue with popup window size with additional information about FortiSandbox check results.
Version 1.5.1 (2020/11/20)
Fixes:
- Fixed errors in the FortiSandbox API behavior, where for some zip achives (containing files with special characters in their names) it does not return correct results. Modified to query the results by the SHA fingerprint, which is a workaround for the API error. Recommended FortiSandbox version is 3.2.1+.
- Fixed BitDefender integration, so it works again after the BitDefender update from aprox. 2020/11/12, which introduced incompatible changes.
- Fixed reading and saving of the FQDN from the license.
Version 1.5.0 (2020/07/14)
New features:
- Persistent packages. The admin can disable the expiration for a selected package, making it persistent, until the admin enables the expiration again.
- Support for discovering the IP addresses of clients when running behind a proxy. The address of the proxy must be entered in Settings - Configuration - Security - Trusted proxies and the proxy must add a X-Forwarded-For header.
- New permissions for users, specifying, whether they can send each type of the package (public, internal, private). Also new default setting for the package type, which is used for packages where the user does not change it.
- New permission for users, specifying, whether they can download package contents without reentering their login password. (Without it, the user must reenter his login password before each download.)
- Settings for default permissions of new users, in Settings - Configuration - User default settings.
Minor changes:
- For datastores, that cannot be deleted (because of being used), the trashcan icon is inactive.
- Administrator actions for packages moved to a sub menu, which can be displayed be clicking the ... icon.
- Modified the display of flags in package lists.
- New descriptions for package types are available to users directly inside the application.
Fixes:
- The administrator can now change his own password even if he does not have permission for administrator management.
- The audit log no longer displays empty "personalSettings" change when changing user's permissions.
- Sending of packages using API did not take user's permissions into account. Now it is no longer possible to send packages using API, if the user does not have the send package permission.
- Although a check of a package was canceled for a package in the queue, all the queued checks were performed anyway. Now the remaining checks, which are not already running, are correctly skipped.
- Minor fixes of some texts and design.
Version 1.4.4 (2020/06/24)
Fixes:
- Fixed blocking / allowing of content based on a MIME type, where some types were shown differently in the package detail, than how they needed to be entered to the blacklist / whitelist. (ie. "application/x-dosexec" vs. "application/x-msdownload")
Version 1.4.3 (2020/06/05)
Minor changes:
- Change in the installer: new installations have HSTS (HTTP Strict Transport Security) enabled by default. That means it is possible to access them only using https and with a valid certificate.
Fixes:
- Fixed error in matching an e-mail address of a recipient, if the case of the characters did not match (Test@sofie.cloud vs. test@sofie.cloud). E-mail address matching is no longer case sensitive.
- Fixed an error in the installer, which may caused new installations not to be able to start the remote diagnostic tunnel (missing /root/.ssh/authorized_keys file).
- Fixed minor cosmetic issue in user's and administrator's profile menu, where the last used item stayed incorrectly highlighted.
Version 1.4.2 (2020/04/30)
Fixes:
- Fixed an error when evaluating results of FortiSandbox detection engine checks, that might have occurred in some specific cases (like many files in an archive).
- It is no longer required to fill in recipients for "Internal" type packages. Now the behavior, concerning recipients, is similar to "Public" packages, not "Private" ones.
Version 1.4.1 (2020/04/24)
Fixes:
- Fixed TOTP multifactor key not working in some iOS apps (removed = character at the end).
- Fixed display of unfulfilled package requests in shredded packages.
- Fixed some typos in the texts.
Version 1.4.0 (2020/04/15)
New features:
- Implemented support for multi-factor authentication (2FA) for users and administrator. The following factors are supported:
- TOTP - supported for example by Google Authenticator
- FIDO2 (Webauthn) - supported for example by Yubico 5
- New application mode "by request only". Administrator can forbid upload of packages to anonymous (not logged in) users, unless they receive package upload request by logged in user. This mode can be set up in Settings - Configuration - Basic Settings.
- New "internal" mode for package accessibility added to existing "private" and "public" modes. Access to internal packages is allowed for all logged in users, who have the link to the package.
- Support for "blind copy" for logged in users. Like in e-mails, logged in users can send packages to hidden recipients, who will not be visible in the displayed package recipients.
- New address book for users, including the support for groups and optional automatic saving of package recipients.
- Support for editing of e-mail templates. Administrator can modify the contents of the notifications being sent out in Settings - E-mail templates.
- Support for multiple data stores (disks/volumes). Administrator can configure them in Settings - Datastores. Enables easy addition of another disk or volume, in case the current is running out of space.
- Administrator can grant (revoke) the following rights to the users:
- login (without it, the user cannot log in)
- receive packages (without it, a package cannot be sent to the user's address, like if he does not exist)
- send packages (without it, the user cannot send packages, only receive them)
- Remote application diagnostics support. The administrator can:
- send application logs to the technical support (no user data or package data are sent).
- enable / disable reverse SSH tunnel for remote SSH access of technical support.
- Support for Check Point SandBlast appliance. (before, only cloud version was supported, now both are)
- In FortiSandbox settings, it can be selected which of the results "high risk", "medium risk", "low risk", will be blocked.
Minor changes:
- Link to documentation added to the right part of the top bar.
- Official API documentation available here: https://docs.sofie.cloud/en/api/v1/user/
- Added some functions to the API, see API documentation.
- Administrator can restore the packages from the archive, similarly to restoring deleted packages (from trash).
- ZIP archive can be created even for archived packages (accessible only to the administrator).
- Added "severity" attribute to the audit logs, according to the syslog standard.
- New design of the Dashboard screen for administrators, including graphs of datastore usage.
- New loading page for the first opening of the application, so the anonymous part does not display briefly for logged in users.
- New info screen, which is displayed, when the backend is not working (upgrade, restart, etc.) and automatically disappears, when backend starts working again.
- Support for the new ESET version 7. Old ESET version 4 still works too, but will no longer be maintained and supported.
- Administrator can allow downloading of clean files from quarantined packages, in Settings - Configuration - Basic settings.
- If notifications to (registered) senders about their quarantined packages are enabled, they will also receive notifications when their packages are released from the quarantine.
- All files in packages released from quarantine will be marked as clean. Both packages and files, which were originally not clean, but quarantined, will be flagged as released from quarantine.
- List of files in package detail now shows the files with some detection, that cause the package to be quarantined, always on top of the list.
- Modified administrator's menu with packages: added menu items for some package states, which were mixed together before, and all the states moved to be a sub menu under main menu item Packages.
- FortiSandbox PDF report now also accessible under a magnifying glass icon, not just by double clicking.
- FortiSandbox without a valid license now considered as available, if it works otherwise. It was considered not available without a license before, even though it worked.
- Improved audit logs for forwarded packages, so it is easier to find the forwarded package origin and related logs.
- Improved audit logs for quarantined packages: added new attribute "detectionResults", which contains array of all the reasons for quarantining the package or file.
- Documented all audit log types, see: List and description of Audit Log event types
- Added internal SID attribute to users, for better pairing of AD and ADFS accounts. Useful for example when renaming users.
- The number of application users is sent to the license server during license verification and update.
- Some texts and captions modified for better understanding and unified across the application.
- Introduced 90 day application logs retention period. It was unlimited before and could fill up the disk in time.
- Modified sofie yum repository - changed to disabled. The sofie script enables it in case of need. General yum update will not unexpectedly update the application now.
- Modified (unified) the default values of detection engines after installation.
- New setting in Settings - Configuration - E-mail: Ignore certificate errors. It allows e-mails to be sent using TLS/SSL even if the configured mail server does not have a valid certificate.
- An Administrator can change his own password similarly like a user using the menu under the profile icon on the right side of the top bar.
- Maximum file size in ZIP archive in Settings - Configuration - Package size limits can be set to unlimited value. It was limited to 1 GiB before.
Fixes:
- Removed duplicated lines of encrypted content detection in some ZIP archives.
- Fixed error in internal detection engines when checking some types of archives (error in used library: https://issues.apache.org/jira/browse/COMPRESS-479).
- Fixes and improvements of the installer and its documentation.
- Fixes and changes in the package filters for users (if no state is selected, states are ignored by the filter, correct filtering of requests).
- Added missing texts and display corrections for FILE_CHECK_REPORT_ADDED audit log.
- Fixed swapped audit log messages for FILE_ARCHIVE_ADDED and FILE_ARCHIVE_UPDATED.
- Fixed diskusage in sofie script, so it works even when data directory is a symlink.
- Fixed very long time when rebooting the server (added missing dependencies in systemd scripts).
- Fixes in parallel task processing implementation (AV scans for example). Parallel processing is not used by default.
- Fixes in helper AV scripts (used by detection engines) for some specific situations. Added debug application logs for AV detection engines.
- Fixed unhandled exception if datastore is not writable.
- Fixed exception blocking login, if the protection against repeated login failures had been disabled, multiple invalid logins were attempted and then the protection was enabled again.
- Fixed various minor bugs in some forms (not working closing cross, contents of filled in form field being deleted, etc.).
- Added some missing texts and fixed errors in existing ones.
- Other minor fixes in design and formatting.
Version 1.3.10 (2019/12/10)
Fixes:
- Fixed the failure of some file checks on FortiSandbox (usually in case the file name contained certain national or special characters).
- Fixed publishing of package by admin not working for packages from anonymous users (not logged in). The package looked like public, but was not.
Version 1.3.9 (2019/11/20)
Minor changes:
- Added the following to the API for third party applications:
- get details about a package (including results of package's checks, i.e. which viruses were found in files)
- when sending a package using the API a new flag "delete after check" can be set, which causes that immediately after finishing the checks the package's files will be deleted - useful for third party applications using SOFiE only for file security checks (document management and archival applications, etc.)
- API documentation updated - available here: https://docs.sofie.cloud/en/api/v1/user/
Version 1.3.8 (2019/11/15)
Fixes:
- Fixed validation of typed in recipients' emails (national characters in e-mail addresses).
- Recovery from a state, where a package was stuck in the queue because of an invalid recipient's address.
Version 1.3.7 (2019/11/15)
Fixes:
- Fixed incorrect behavior, when downloading a report from FortiSandbox - handling of PDF_REPORT_NONEXIST state.
- Fixed logging for very long file names (limit increased from 100 to 255 characters).
Version 1.3.6 (2019/11/07)
Minor changes:
- Improved logging of FortiSandbox communication for better tracing and debugging of problems.
Fixes:
- Fixed a problem resulting in infinite repeating of file checks against FortiSandbox in some specific cases, where FortiSandbox returned unexpected error.
- Added recognition of a new possible error code returned by a FortiSandbox.
Version 1.3.5 (2019/11/06)
Fixes:
- Fixed parsing of output from BidDefender AV, which changed its output in the last update. So reading of information about the detection engine in Settings - Detection settings - BitDefender is now working again.
Version 1.3.4 (2019/10/25)
Minor changes:
- Improved logging for better tracing of some potential problems.
Version 1.3.3 (2019/10/17)
Minor changes:
- Changed authentication of users in Active Directory, so the membership in groups is now checked recursively. User now no longer needs to be direct member of the entered group, but can be in a sub-group which is in the group, at unlimited nesting depth.
Fixes:
- Added missing audit log text for FILE_CHECK_REPORT_ADDED.
Version 1.3.2 (2019/10/16)
Minor changes:
- New setting in Settings - Configuration - Security for turning off the protection against repeated guessing of passwords, which delays each further login attempt.
Fixes:
- Fixed user authentication when using Active Directory and modified the form for its configuration (added default domain).
- Fixed display of user UI for sending of package and package request in a very narrow windows and other minor UI optimizations.
Version 1.3.1 (2019/10/03)
Fixes:
- Fixed an error when deleting users with very long user name.
- Fixed display of an icon for PDF reports from FortiSandbox checks (on the line with details about file checks under each file).
- Availability status of FortiSandbox in Detection settings is no longer affected by license state of the FSA (even FSA without a valid license may perform checks).
- Fixed typo in texts.
Version 1.3.0 (2019/10/01)
New features:
- Installer and install manual for self installations on own dedicated server.
- Documentation available HERE.
- New installations automatically obtain a 30 day and 50 user trial license.
- Detection engines have a new feature for status discovery. The status shows, whether the detection engine is working in particular application installation and therefore can be used. For example if AV ESET is not installed, the status will be not available and so it cannot be enabled and used. A set of information about each detection engine is also displayed to the administrator (ie. license expiration, last signature update, etc.).
- New AV detection engine supported: BitDefender.
- New API for third party usage available, which enables automated sending of packages. API documentation can be viewed here: http://sofie-api-docs.s3-website.eu-central-1.amazonaws.com
Minor changes:
- For FortiSandbox file check results a PDF report with details can be downloaded.
- ReCaptcha score threshold and results logging can be set in Settings - Configuration - Security.
- In Settings - Configuration - Notifications it can now be set, whether to send notifications about a package placed in quarantine to the recipient and/or the sender (registered only) of the package. Notification messages are different for each.
- For better clarity, the detection engines in Settings - Detection settings are now split into categories: "Internal nodules", "Antiviruses" and "Sandboxes".
- Message-ID in generated e-mails now contains @FQDN. May lower a chance of e-mails being tagged as spam.
- File MIME type refinement when using MIME detection engine is now recorded in audit log.
- Changes and improvements in the UI (package recipients, sliding side windows with details, recipients in audit log, etc.).
- sAMAccountName attribute from Windows AD added to audit log messages concerning users, if available (AD/ADFS integration active and attribute being passed on).
- User password reset notifications split into three different cases, where each has a different text contents:
- user himself requests password reset
- administrator requests password reset for the user
- administrator creates a new user and requests initial password setup
- Notification e-mail templates now contain separately the original default text and optional modified version for each installation (in preparation for future template edit UI for admins).
- Modified display of valid license expiration. The date up to which the licence is really issued by the license server is now displayed. In case of subscription licenses, the license may expire sooner, if it is not possible to contact the license server for more than 30 days.
- License information is now also display on administrator's "Dashboard".
- Public packages are marked by an icon in package lists.
- Admin may change the package from private to public.
- Support for parallel processing of multiple file checks (ie. AV file scans) at the same time. Enabled by a special setting parameter in configuration file only.
- Removed the FQDN setting, which is now automatically taken from the license / installer, because it must match the license.
- Added check for used FQDN in (Host) header of an http request. If it does not match the license, application behaves as in a demo mode (mostly read only).
- Removed audit log record for LICENSE_CACHED changes (which occur automatically and regularly and filled the audit log).
- The shell script "sofie update" prints out the result of a successful update.
- Raised the limit for a maximum open files (descriptors) by the application in the system from default value (4 thousand) to 32 thousand. Reaching this limit during normal application run should not happen now.
Fixes:
- Fixed detection of MIME types containing a charset in the name (ie. ffc.bat=application/x-bat; charset=ISO-8859-1).
- Fixed mangled filenames during saving, if the filenames contained national characters.
- Fixed various UI glitches and text errors.
- If the declared file size during file upload differs from the real uploaded size, error is returned (was not checked before).
- Increased the time messages can wait in internal processing queue, which should prevent lock ups in the wrong state in some special cases.
- Fixed results in case of AV error.
- Fixed malformed JSON output from AV scripts in some specific cases.
- Fixed execution of post-install script "sofie.sh".
- Added missing dependencies of sofie rpm package.
- Database migration should no longer skip any steps during update to a new version.
- Fixed access rights checking when downloading files from package.
- Fixed possible error during upload of files to the package under specific circumstances (combination of canceling of upload at a certain point and retrying again).
- Added closing of files after finishing MIME checks, so it no longer continuously exhausts open file handles.
Version 1.2.3 (2019/06/28)
Fixes:
- Fixed migration to version 1.2, where the newly introduced setting of own email prefix is taken from the custom application title. Result of which is that after the migration to version 1.2 the email prefix is not changed, if own custom application title was being used.
Version 1.2.2 (2019/06/26)
Fixes:
- Fixed user access control check when accessing a package, where in specific cases (whole domain allowed in settings and recipients containing not yet existing user) it resulted in exception and en error message "500 Internal server error" being displayed to the user.
Version 1.2.1 (2019/06/21)
Fixes:
- Fixed migration of administrator rights, where in version 1.2.0 only administrator "admin" had all the rights and other admins had none. Now all the admins have all the rights (which means same behavior as before version 1.2).
- Fixed parsing of boolean value "disallowedAdminDataAccess" from the license.
- Modified Check Point API - handling of exceptions.
- Fixed minor errors in texts and added some missing EN texts.
Version 1.2.0 (2019/06/12)
New features:
- Licensing integration. Since this version the application requires a valid license. License is issued for FQDN of specific installation. Without valid license application runs in limited mode (demo, mostly read only).
- Protection from "phishing" by anonymous users - anonymous user can no longer enter existing e-mail address of registered user as his own, or e-mail address from domain added in settings.
- Added minimum password strength requirements to the settings.
- New sandboxing detection engine added: Check Point SandBlast Cloud (through cloud API).
- New AV detection engine added: Sophos.
- Private and public packages - registered user can choose, whether the package he is sending is private (accessible only to listed recipients) or public (accessible to anyone who has the link). Packages from anonymous users are automatically private.
- Introduced roles and rights for administrators. Each administrator can have any of the following rights granted or removed:
- "administrator management" = can create, modify and delete administrators, including changing their passwords and righs - default administrator "admin" always has this right granted and it cannot be removed.
- "user management" = can create, modify and delete users.
- "access to list of packages and it's metadata" = can list all the packages and view details for each one, but cannot download their contents
- "access to files of packages" = can download package contents (files) - requires the above right (access to packages)
- "package management" = can remove the packages from quarantine, delete and undelete packages, and all other actions related to packages - requires the above right (access to packages)
- "access to logs" = can view audit logs and modify the syslog settings
- "application settings" = can perform all remaining actions except those mentioned in the above rights, that means especially all the remaining settings
- New mode, in which no administrator has access to package contents (files) and it also cannot be granted in any way. This special mode is activated by a license attribute from licensing server (= after arrangement with Sonpo).
- Package "forwarding" - package can be forwarded, similarly to e-mails. No new files can be added to the forwarded package.
- Packages waiting for scan results have a new expiration in settings and also can be removed from the queue manually by administrator. The package is then moved forward (clean or quarantined) according to already completed scan results and detection engine settings (mainly according to if the detection engine is mandatory). Also added new admin view "Queued packages", where these waiting packages can be seen.
- New search field in user list - admin can search the list of users.
- New encapsulating rpm package "sofie" (other rpm packages, like "sofie-web", "sofie-worker", "sofie-scheduler", are its dependencies) - it contains a systemd skript for managing the application and services (can start, stop, restart, show status, show version, do backup, perform update to latest version, etc.). It simplifies the installation or update of the application directly by the customer or partner.
Minor changes:
- Improved handling of administrator logout in the background (displays "loading").
- If the number of users exceeds the licensed amount, application switches into limited mode (demo, mostly read only).
- Added option to set own e-mail subject prefix in e-mail settings, so it can now be different than own title of windows in appearance settings.
- Added option to set own optional text header, which will be shown in the middle of the top application bar.
- When administrator is creating a new local user, an e-mail containing link for setting up user's initial password is sent by default to the user. This can be disabled by the administrator in the user creation dialogue.
- New settings: expiration times for password reset tokens sent during new user creation and also sent by administrator's request.
- Actions from list of packages are now also available in package detail view (in the top right corner).
- It is now possible to remove recipients from private packages, which revokes their access to the package.
- Administrator with granted package file access right can now download a package contents in all package states.
- Administrator with granted package management right can now delete a package in all states - which for example enables him to free up the space occupied by a large package.
- Total size of a package and a number of files in a package is shown in package lists.
- Validation of length of text fields, so the web UI will not allow a longer string to be entered, than which is correct for each of the fields.
- Administrator can create and download ZIP archives for deleted clean packages ("in trashcan").
- Added time zone setting for e-mails. Times included in the e-mail messages (ie. password reset token expiration) will be in this time zone and not in UTC like before.
Fixes:
- Fixed text in settings for clean package expiration.
- Fixed display of long "change log" records in audit log.
- Added limit on message length in application log for very long configuration parameters (ie. logo).
- Fixed audit log message for failed file checks.
- Fixed ordering of files in package detail - files are now ordered alphabetically.
- Fixed/added messages for unexpected errors of server backend (including timeouts) in web interface.
- Forbidden iframe insertion.
- Reworked/fixed how size values with units are entered in form fields.
- Fixed MIME, DLP and encrypted content detection - advanced parser error (ie. doc file not containing real doc structure) is no longer considered as failed check.
- The fonts are now integral part of the application and are not downloaded online from the Internet. Web interface will therefore work well even if opened in a browser without internet connectivity.
- Passwords entered and saved in settings can no longer be displayed again during next edits.
- Fixed package upload form, so that if some proxy in the path blocks the upload, the upload will not get stuck indefinitely and an error will be displayed to the user.
- Changes to the upload form, so it works faster and better even with very large number of files in one package.
- Fixed failed checks in some cases, where large files were sent to FortiSandbox and waiting for the result timed out.
- Fixed failed checks of large files on FortiSandbox because of low memory.
- Removed invalid actions for AD/ADFS user accounts (password change, sending password reset token).
- Fixed incorrect behavior in case of combined settings of detection engine not mandatory and disabled treat oversize as clean (fixed package being treated as clean when exceeding the size limit).
- Change in syslog setting will be in effect immediately and not until after a restart. Too long strings (>1000) are shortened for syslog, so reasonable message size will not be exceeded.
- Various fixes and changes in texts, including e-mails.
- Suppressed creation of audit log records for changes, when actually no change has happened (ie. during editing, when the new saved values are are the same as the old ones).
- User does not need to enter a password for a package or package request, he himself created.
- Fixed sending of multiple duplicate notification emails and audit logs about package check results.
- Some fixes when adding recipients.
- Removed setting of admin URL path. This setting was not enough for changing the admin access URLs, some nginx configuration is still needed. So by changing it, admin cloud have broken the application. The modification is still possible, but it is an advanced manual process which should be consulted with Sonpo.
- Fixed password reset token expiration being 5 minute shorter than advertised (technically expiration is now 5 minute longer than advertised, to compensate for some delays or time inconsistencies).
Version 1.1.7 (2019/06/06)
Minor changes:
- New setting in Appearance section: choice of a welcome page content between anonymous upload form and a login form.
- Login form modified.
Version 1.1.6 (2019/05/01)
Minor changes:
- The notification email informing about a new received package for users from ADFS now contains a modified link, which triggers auto-redirect of the user through ADFS login.
Fixes:
- Fixed redirect of the view to package details after opening a link for a package without being logged in and then logging in.
- Fixed error text in a dialog informing about package inaccessibility for anonymous users. Added hint about required login and a link to login form.
Version 1.1.5 (2019/04/23)
Minor changes:
- Added an eye icon which triggers the visibility of entered passwords.
Fixes:
- Fixed the UI design of the form for package request (on narrow displays, like mobile, it did not show up correctly).
Version 1.1.4 (2019/04/23)
Fixes:
- Fixed the generated link for ADFS login (which some times used http instead of https).
Version 1.1.3 (2019/03/20)
Fixes:
- Fixed the change of logo picture not working.
Version 1.1.2 (2019/03/17)
Minor changes:
- Removed option to check user existence only and not password during login in AD configuration.
- Better design of fields for setting of sizes (introduced units kiB, MiB, GiB).
- Added missing sender of package request to email notification and to web form of opened package request.
Fixes:
- Fixed ZIP archive download not working in new installations.
- Fixed package archive enabled/disabled setting.
- Fixed validation messages when invalid values are entered in settings.
- Check if package expiration ("Valid For") is between min and max value allowed in settings.
- When editing a package, it is possible to set the expiration up to to maximum value allowed in settings, counting from the original package send date.
- Fixed display and processing of notes, including the possibility of a package being stuck in a waiting for checks state under specific circumstances.
- Forced logout of both user and admin on the server side, if the account was deleted in settings.
- Fixed design of table with package list in admin view.
- Fixed the first and last bar being cut out in the graph on the admin Dashboard.
- Fixed missing audit log messages for some unsuccessful user logins.
- Oprava vyrovnávací paměti hodnot nastavení, kdy nové nastavení se díky ní nějakou dobu neprojevilo.
- Fixed cache of setting's values, causing that the new settings may have not been applied for some time.
- Fixed new settings of size values with units not working in IE11.
- Other minor UI design fixes.
- Fixed other minor bugs in settings.
Note: First fully tested version since the start of the versioning and therefore suitable for production use. (which should hold true for all future versions from this point)
Version 1.1.1 (2019/03/08)
Fixes:
- Fixed sending a package not working correctly.
Version 1.1.0 (2019/03/07)
New features:
- Reworked "Settings" for the administrators so it has better usability and can be understood without extensive documentation study.
Minor changes:
- UI design changes - packages are marked with flags for different states.
- Version number integrated (in Settings - Basic settings).
Fixes:
- Fixed possible harvesting of existing accounts during login.
- Fixed possibility to upload empty package, or files with negative size, by using REST API directly.
- Oprava stavu, kdy chybná přihlášení uživatelů z AD nebyla omezena na množství v čase, jako ostatní.
- Fixed number of login attempts of users from AD not being limited in time, like for other users.
- Fields in reCaptcha settings are not mandatory but optional.
- Modified configuration default values.
- Added missing user in some audit logs.
- Fixed audit logging of some not performed actions during failed logins.
- Fixed some texts and translations.
- Other minor fixes.
Version 1.0.0 (2019/02/25)
First version marked with version number. Was never publicly released. Used as a starting mark for version changes. Not suitable for production deployment.
How to find out current version of the application
The administrator can see the current running version of the application in: Settings → Configuration (former Settings) → Basic settings → Application version: 1.2.2-545.
The version tag is also present in the header of all pages (can be displayed by showing the page source code) in the meta tag with name Build, like: <meta name="Build" content="1.2.2-545 (2019-06-26 11:32:20)"/>.
Info about versioning
The version number is composed of three numbers separated by dot: X.Y.Z (ie. 1.28.5). Each number has the following meaning:
- The last number (Z) is incremented during fixes or minor changes in already released production version (so called hotfix).
- The middle number (Y) is incremented during release of new version with new features from development. (so called release).
- The first number (X) is rarely incremented and is reserved for special occasions (major changes).