11. Release notes

MetaDefender Core v4.16.2

Release Date: 10 Sep 2019

This is a maintenance release primarily focused on bug fixes

New features / Behavior changes

 

Restrict APIs based on user roles (configurable)

Added new feature to configure user privileges on file submission, processing result visibility and processed (sanitized) file download access on both front-end and API level.

Support displaying and filtering username on processing history UI

Username info will be displayed on processing history when available, process history can also be filtered on username.

Enhance logging with Yara matched rules appended

All Yara rules matched will be displayed in the associated scan history record in the logs.

Upgraded nginx web server component to latest version 1.16.0

Nginx upgrading helps fix some security vulnerabilities and improve web server performance.

Add new scan result - Unsupported file type

New scan result is applicable to engines which have processing logic that distinguishes file types (e.g. CrowdStrike).

Refined JSON output when users want to quarantine items which are already in quarantined folder

If a processed file is already in the quarantine folder, and an user wants to quarantine it again with another scan submission, Core can assume that file is quarantined already, and return quarantined successfully in JSON result.

Updated UI (minors)

Updated logo, renamed default workflow rule for Email, fixed broken support link.

Bug fixes

In-progress files could be deleted mistakenly, causing failures when scanning

Fixed the issue on cleanup the mechanism to avoid removing in-progress files.

Engines repeatedly disable and re-enable

While upgrading Core or updating engines, symlink in engine folder could not be created properly causing protobuf error message on Node. This caused engines to be crashed repeatedly.

File processing could be stuck until archive timeout value reached

When the archive extraction timeout was reached on a file inside original archive file, sometimes the final scan result of the original archive was not returned in a timely manner.

Non UTF-8 characters were not displayed correctly when exporting process history via UI

When using non UTF-8 characters on a filename, the exported file from the process history returned meaningless data.

Dependency installation issue on Ubuntu 18 & Debian 9

Packed the libssl library into Core installation to help users avoid installing a dependency separately.