Table of Contents
NetYCE 8.0.0 Build_20220719
Release notes
Date: 2022-07-20
Enhancement
Rename stored jobs
Command jobs can save jobs definitions for future re-use as 'stored jobs'. These jobs are created using a name as defined by the user, and when made public, other users can use and adapt them. To change the name of an existing 'stored job', the user has to first create a copy using the new name, and then delete the original. This sequence is not very practical for day-to-day use.
To simplify this operation, a 'Rename' button is added next to the 'Save' button. This will allow the user to update an existing stored job under a different name.
Clicking on their menu or navbar item now refreshes the cgi tool
When you click on the menu item or navbar item for an operating tool, this tool now gets refreshed, resetting the tool
Maximum file upload size
The maximum file upload size has been changed from 1Gig to 4Gig
Site State Field Widened
The Site state field was a bit too short for some of the states and provinces that the world supports. This has been enlarged now to 40 characters. The site address field has also been enlarged to support a maximum of 100 characters
Fix
Removed SQL Injection Vulnerability
There was a vulnerability where some backend urls were susceptible to sql injection attacks. This is fixed now.
Login ldap failure message is now the same as a regular login failure message
The message for a failed login for ldap and regular user accounts used to be different. This could be used by a malicious third party to harvest a list of usernames. This is now fixed and all login failed messages are the same now.
XSS fix
Cross-site scripting allows a malicious party to insert html text which will then get printed. A number of cgi tools were vulnerable to this exploit. This has been rectified.
Evpn form fix
There was a bug in javascript causing the Evpn form to fail when trying to submit. This has been fixed now
Compliance regex error fix
When you had a compliance condition with faulty regular expressions (for example, containing a misplaced '*'), the error you got was not handled properly by the daemon. Now it is, and you get a notification in the nccmd logs.
F5 Multiconfig Compliance ever-changing timestamp
A line in F5 configs was found that changes with every config that was not properly filtered out, leading to a mismatch in multiconfig compliance. This has now been fixed. The line in question was:
last-modified-time 2022-06-14:14:37:46
Sidebar menu loading bug fix
Once in a while, the sidebar menu would not load. This sometimes happened when visiting the site for the first time, or from a sleeping browser. This has been fixed.