12. Release notes

MetaDefender Core v4.19.2

Released on 07 Dec 2020

This is a release focused on bug fixes.

New features / Behavior changes

 

Non-persistent scan mode

A stateless scanning solution to improve performance. When triggered, MetaDefender Core will not write any scan result into its database.

Note: Webhook scanning fashion must be used from client side to retrieve scan result back from MetaDefender Core.

Details: Using dbmode=3 setting described at 3.2.1. Startup Core Configuration

Interactive engine removal on UI

Any engine module could be removed on the management console (instead of using CLI tool). No service restart is required, no command to run.

Details: 7.2.2. Modules (Remove engines)

New Identity Provideres (IDP) supported and verified for Single Sign On (SSO)

  • Microsoft Azure AD Connect

  • Ping Identity

  • Idaptive

  • Xecurity

  • OneLogin

Data retention supported for statistics

Data stored in statistics warehouse could be configured to clean up.

Details: 3.5. Data retention

Minor supports / changes

  • File type processing time included in final JSON response

  • DLP image cropping feature support (Only available starting Proactive DLP version 2.6.0)

  • Remove BETA from Statistics page

  • UI clarity with scan result page

  • Unicode characters better support for DB migration (product upgrade)

  • Better performance for statistics page

  • Support package to include engine logs (only available when engines start writing it)

  • Workflow rule setting values validation

  • Case sensitive support in header "filepath" for POST /file request

Bug fixes

Performance degradation issue mitigation

  • Archive scanning performance

  • Hash lookup slow response

  • Batch close request potential bottleneck

  • Database dynamic query optimization

Memory leak

Both could happen on ometascan and ometascan-node processes under certain circumstances.

Incompatible Nginx cipher algorithm

Default acceptance cipher algorithm list modified to be less strict.

Missing vulnerability detailed result

Vulnerability detailed result could be missing from final scan report in some cases.

Very high CPU continuous usuage occupied by node process

Might happen when extraction failed and then affecting to the completion of hash calculation process, result in high CPU usuage continously.

Potential service crash

  • While cancelling archive scanning

  • Engine package download

Issues with scan result report

  • Wrong AV and Deep CDR result

  • Missing Proactive DLP section

  • User right issue (i.e. who is allowed to download the scan report)

Proactive DLP setting issue with unicode characters

The unicode setting value could be malformed after Core / Proactive DLP upgrade

Other product functional issues

  • Blocked files was not stored in quarantine with local file path scan, or scan from link fashion.

  • Wrong data calculation on statistics page