Security
Release notes on Security-related tasks that apply to Trapeze applications..
| Version | Type | Description | ID |
|---|---|---|---|
| 19.10.0.0 | CORR | The issue of users being unable to continue to log on unless they change their password immediately after a warning that their password will expire in X days appears has been fixed. | DEVCORE3-5469 This task is related to DEVCORE-4301. |
| 19.10.0.0 | CORR | An issue where an error message appeared when saving attribute changes on built-in identity type users has been fixed. | DEVCORE3-5486 |
| 19.10.0.0 | ENH | Logging to report certificate verification failures was improved to show more detail. This addresses an issue where the Client Shell would not connect to the Service Shell over SSL when the certificate chain contained more than one trusted authority. | DEVCORE3-5435 |
| 19.10.0.0 | ENH | Security permissions granted to system administrators and Trapeze6 Client Shell
users for some operations have been configured to be always set to Deny for
Anonymous users. The security permissions granted system administrators are:
The security permissions granted Trapeze6 Client Shell users are:
|
DEVCORE3-5430 |
| 19.14.0.0 | ENH | A new option, None has been added to the Core/Security/Use SameSite Cookies switch. (Previously, the only options were: Lax and Strict.) | DEVCORE3-5516 |