Resolved issues
Transcription
Resolved issues
Release Notes Revision A McAfee Data Loss Prevention 9.3.3 Contents About this release Enhancements Resolved issues Installation instructions Known issues Find product documentation About this release Thank you for choosing McAfee® Data Loss Prevention (McAfee DLP). This document contains important information about the current release. We strongly recommend that you read the entire document. McAfee DLP version 9.3.3 introduces feature enhancements and resolves issues present in the previous release. You must have version 9.2.0 or later installed on your target system before installing version 9.3.3. Version 9.3.3 does not support coexistence with previous versions; therefore, in a managed environment, all appliances must be upgraded to version 9.3.3 at the same time. For virtual appliance installation instructions, see the McAfee Data Loss Prevention Virtual Appliance Installation Guide. Supported McAfee DLP products This release supports these McAfee DLP product versions: • McAfee DLP Manager 9.3.3 • McAfee DLP Monitor 9.3.3 • McAfee DLP Discover 9.3.3 1 • McAfee DLP Prevent 9.3.3 • McAfee DLP Endpoint Agent 9.3.300.31 These host extensions are supported: • 9.3.1.4 — For use with a unified McAfee DLP policy • 9.3.300.16 — For use only with incident management in McAfee® ePolicy Orchestrator® Supported systems The following platform versions and operating systems are supported: • McAfee DLP 4400/5500 appliances — McAfee Linux Operating System 1.1.5 (McafeeNDLPmlos-1.1.5-1.x86_64.rpm) • McAfee DLP 1650/3650 appliances — Fedora-3 Linux Operating System • Virtual appliances — VMware vSphere ESX 4.x, ESXi 5.x ® Compatible McAfee products The following McAfee product versions were tested for compatibility with McAfee DLP 9.3.3 software: • ePolicy Orchestrator 4.6, 5.0, 5.1.0, 5.1.1 • McAfee Web Gateway 6.x, 7.x • McAfee Email Gateway 7.x • McAfee® Logon Collector 2.0, 2.1, 2.2 ® ® Supported repositories McAfee DLP Discover supports the following. Database repositories File systems and servers • DB2 — 5x iSeries, 6.1 iSeries, 7.x–9.x • EMC Celerra 5.6 • Microsoft SQL Server 2000, 2005, 2008, 7.0, MSDE 2000, 2012 • EMC Documentum 5.3, 6.0, 6.5 • Microsoft SharePoint 2007, 2010, 2013 • FTP • MySQL (Enterprise) 5.0.x, 5.1 • HTTP/HTTPS • Oracle 8i, 9i, 10g, 11g • NFS (Network File System) • CIFS (Common Internet File System) • Microsoft Windows Server 2003, 2008, 2008 R2 cluster • Microsoft Windows XP Professional SP3 or later (32-bit) • Microsoft Windows Vista SP1 or later Enterprise and Business editions (32-bit) • Microsoft Windows 7 SP1 or later (32- and 64-bit) • NetApp 7.2, 7.3 Supported browsers McAfee DLP supports the following third-party browsers. These versions were tested for compatibility with the software: 2 • Microsoft Internet Explorer 7, 8, 9, 10 • Mozilla Firefox 17, 33 Supported languages In scanned content, McAfee DLP supports the following languages: • English • Italian • Chinese (Traditional) • Japanese • Chinese (Simplified) • Korean • Hebrew • Russian • Arabic • Dutch • French • Greek • German • Hungarian • Spanish • Czech • Portuguese • Turkish Enhancements This release includes these enhancements. Concepts — Updates these concepts: • CREDIT-CARD-NUMBER • CREDIT-CARD-NUMBER-GENERAL • CREDIT-CARD-NUMBER-THRESHOLD Content types — Adds content type MSOfficeEncryptedDoc for Microsoft Office 2007 encrypted documents Resolved issues These issues are resolved in this release of the product. For a list of issues fixed in earlier releases, see the release notes for the specific release. Backup and restore • Resolves an issue where a backup could not be configured if the selected share contained an accent mark in the folder name, such as "é" (965736) • Resolves an issue where a scan task timeout error resulted in a failed backup (977682) 3 Concepts • Resolves an issue where an algorithm in a custom concept might not function correctly if any concept was deleted and re-added (961985) • Resolves an issue where validating a test string containing a space would result in no match, even if the string matched the concept (972158) • Resolves an issue where concepts using hexadecimal strings did not correctly match scanned content after upgrading to version 9.3.2 (1006106) Incidents and cases • Adds a Publish Configuration link to the device System Utilities page to resolve an issue where incident attachments could not be opened due to an "unknown task" error (938146) • Resolves an issue where filtering incidents using "UserID = domain\username" did not display the correct results (962362) • Resolves an issue where Korean characters in a file name were not correctly displayed in the incident (966184) • Resolves an issue where McAfee DLP reported the wrong sender address when SMTP traffic contained an anti-spam X-Header (984653) • Resolves an issue where selecting filters on multiple rules did not display any Data in Use incidents (1016624) McAfee DLP Discover • Resolves a memory leak when scanning a CIFS share of 1 terabyte or larger (953870) • Resolves an issue where a scheduled scan ran several hours beyond the scheduled end time (955410) • Resolves an issue where scanning an Oracle Database with Oracle Advanced Security enabled would fail (963020) Scanned content • Resolves an issue where encrypted Microsoft Word and Excel files were incorrectly classified as PowerPoint files (956585) • Resolves a system process failure when scanning corrupt XLSX files (958264, 960930, 986055) Searches 4 • Resolves an issue where a search limited to specified devices displayed results from all managed devices (984036, 992754) • Resolves an issue where search results were not processed when selecting all appliance types (1007804) Vulnerabilities — Common Vulnerabilities and Exposures (CVE) • Addresses these OpenSSH vunerabilities (961926): • Resolves an issue with forwarded X connections (CVE-2008-1483) • Resolves an issue with using a block cipher algorithm in Cipher Block Chaining mode (CVE-2008-5161) • Removes the fixed time limit between establishing a TCP connection and completing a logon (CVE-2010-5107) • Resolves an issue where sendmail did not correctly handle a '\0' character in the Common Name field of an X.509 certificate (963587, CVE-2009-4565) • Resolves an issue where OpenSSL did not properly restrict ChangeCipherSpec message processing (976967, CVE-2014-0224) • Addresses the Shellshock vulnerability (1010538, CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187) • Addresses the POODLE vulnerability (1015169, CVE-2014-3566) Other • Resolves a system process failure due to a memory leak, causing the appliance to core dump (940644, 942204) • Resolves an issue where setting the syslog server entry to localhost by removing the existing entry would fail (982324) • Resolves a sendmail TLS issue after installing hotfix 976967_47171 (1019496) Installation instructions For installation and upgrade instructions, see the McAfee Data Loss Prevention Product Guide, version 9.3.2. The installation procedure for version 9.3.3 is the same as version 9.3.2. If your product is at version 9.2.0 or later, you can upgrade directly to 9.3.3. Known issues For known issues in this product release, refer to KnowledgeBase article KB82368. 5 Find product documentation After a product is released, information about the product is entered into the McAfee online Knowledge Center. Task 1 Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com. 2 In the Knowledge Base pane, click a content source: • Product Documentation to find user documentation • Technical Articles to find KnowledgeBase articles 3 Select Do not clear my filters. 4 Enter a product, select a version, then click Search to display a list of documents. Copyright © 2015 McAfee, Inc. www.intelsecurity.com Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others. A00