Secret Server Release Notes 10.6.000001
Release Date: 2019-03-20
Enhancements
Enhanced the Secret Server Login Assist plugin for Chrome browsers. Changed the mechanism that displays the Login Assist icon in the password field so that it is not obscured by other visible elements of the page. This update also reduced the size of the Login Assist downloaded package.
Download the updated version at https://chrome.google.com/webstore/detail/secret-server-login-assis/pbemhiacephlgacdahceanbbiokmgldb .
Bug Fixes
- Moving dependencies into groups more than once caused a JavaScript error. Fixed a bug where a JavaScript "page unresponsive" error occurred after editing many dependencies without leaving or reloading the page. To resolve this issue, we fixed a memory leak that slowed the page down and caused the error.
- Converting a single Unix Account (SSH Key Rotation) template to the same template type incorrectly populated the Private Key and Public Key File Type drop-down lists. Bulk operations doing the same thing worked fine. Fixed. Note: The customer needed the source and destination templates to be the same because they had a custom template based on it.
- Issues appeared with editing and creating administration scripts after upgrading from Secret Server 9.1.000001 to 10.5.000003. Fixed issue when upgrading from versions 9.1.000001 or earlier. Secret Server
- Fixed: Mac RDP Proxy did not work in Secret Server 10.6.
- Fixed: Custom proxied SSH process provided the wrong $HOST or $MACHINE field values.
- Fixed: An incorrect domain name appeared in the RDP launcher log on window.
- User and group "Send Email Alert for Accounts Found" drop-down did not display correctly on the Discovery Rules Alert page. Fixed an issue where the "Send Email Alert for Accounts Found" user and group "auto completion" drop-down did not display correctly. This occurred on the Discovery Rules Alert page when an SMTP server was configured for the instance.
- Fixed: Bulk 'Edit Share' option erroneously added additional users to share the secret with.
- Mac Custom launcher did not work. Fixed a bug where the Custom launcher failed to launch when configured to use the "Terminal" or "Text Edit" processes.
- Importing secrets into a folder the user owns or can edit erroneously required"Administer Folder" permission. Fixed an issue where a user without the "Administer Folder" permission was unable to import secrets into a folder that they had "Owner" or "Edit" permissions on.
- Mac Unix SSH Key launcher did not work with SSH proxy. Fixed a bug where an SSH proxy did not connect to server from a Mac launcher.
- Custom launchers incorrectly parsed the input prompt. Fixed an issue where Custom launchers (Process, PowerShell, or Batch) did not correctly parse the input prompt.
- Mac Custom proxied executable ran PuTTY instead of a process. Fixed a bug where a custom proxied launcher for Mac attempted to launch on PuTTY instead of SecureCRT.
- Mac launcher was unable to connect to some endpoints after trusting the server fingerprint. Fixed a bug where the Mac launcher was unable to connect to some endpoints due to an issue processing the target machine fingerprint.
- Session recording did not handle HSM encryption properly for video playback. Fixed a session recording issue where video decryption for playback and downloads was not handled correctly when using an HSM. Decryption was incorrectly attempting to use the HSM, rather than the master, key for decryption.
- Dependency group numbering was incorrect when adding dependencies to groups. Fixed. The dependency listing could display multiple dependencies with the same number. This could cause the incorrect impression that dependencies would be run in parallel.
- Copying a secret did not copy file attachments. Fixed an issue where file attachments were not copied when copying a secret or converting to a new secret template.
- When changing the parent folder, the API did not update the folder path for subfolders. Fixed an issue where changing the parent folder ID of a folder in the API did not update the folder path for subfolders.
- Assigning secret permissions to a group threw a secret template permissions "Bad Request" error in Secret Server 10.6. Fixed. Attempting to remove permissions from the All Vault Users group or assigning permissions to a different group threw the error. Assigning permissions to individual users still worked; however, any group-based assignment failed. Secret Server
- In Secret Server 10.6, Execute and other keywords were not filtered from custom reports, creating a security vulnerability. Fixed a security issue where some keywords were not filtered properly from custom reports. This allowed database modification by knowledgeable attackers.
- Hide Launcher Password setting did not work in all cases. Fixed an issue where the Display option was visible in the preview pane of the new UI when a user had Edit permissions on a secret, even with the Hide Launcher Password setting enabled. The password itself was never shown to users who did not have Edit permissions, so there was not a security issue.
- Web services session expired after upgrading to Secret Server 10.6. Fixed issue where the Session Timeout for Webservices setting was overridden by the Allow Remember Me setting for REST and SOAP sessions.