Release Notes
Abstract
Product Release Notes v30.2
Content
The V30.2 release of the Resilient Incident Response Platform introduces a number of new features and enhancements. All changes and bug fixes from the previous V30.0 and 30.1 releases are included.
The following lists the new features and enhancements:
- Audit: For on-premises customers only. Creates audit logging messages for the login, logout and administrative create, update, and delete actions. Please see the Installation and Configuration Guide for V30.2 for details.
- Malware Patrol threat source removed: The Malware Patrol threat service has been removed.
- Ciphers. For on-premises customers only. You can manage the ciphers used to encrypt information sent to and from the Resilient platform.
- Privacy: The following changes have been made to the privacy module in this release
- GDPR data response widget has been added as an optional System Section in Incident Reports.
- The following jurisdictions have been added or updated in this release
- Minor changes to GDPR task and Resource Library language
- Iceland, Liechtenstein and Norway have been modified to reflect implementation of GDPR in these countries which is scheduled for July. Existing customers will need to make minor updates to their layouts to support these changes. See this article on the Success Hub for details.
- South Dakota
- Optional packages: For on-premises customers only. A new install script contains an optional Linux rsync package that you might want to install on your appliance. You use rsync to sync files on remote and local machines, as well as copy files to remote systems and back again, or to create backups to locally mounted hard drives. Please see the installation guide or the release announcement for details on how to install this package.
- API Changes
- A version field has been added to the DataTableRowDataDTO. This is used to detect and report attempts to concurrently edit a data table row. If you attempt to modify a data table row and the current version does not match the version in your DTO, you will get an HTTP 409 return code indicating a conflict. This is done so that API users do not inadvertently overwrite another user's changes.
CORRECTED ISSUES
Tracking Code | Issue |
RES-5542 | Performance issue posting data table rows. Performance no longer degrades as new rows are added and the data table row count gets large. |
RES-6179 | Quartz scheduler worker threads stuck while sending email notifications, creating errors with outbound email notifications. |
RES-8035 | Filter result is incorrect when filtering on Owner, using the “has one of” operator, and selecting an LDAP user who has not yet logged in. |
RES-8641 | An artifact in a Pending state may be rescanned and cause the following error: ERROR: duplicate key value violates unique constraint "incidents_artifacts_pending_pkey" |
RES-8766 | Elasticsearch errors in the client log: "Unrecognized field of "principal_id"" |
RES-8773 | QRadar integration receives "Action Configuration check failed" error. |
RES-8918 | Use of Insecure Ciphers Reported |
RES-8924 | Search results should return from all incidents, not just open incidents. This is now the default. |
RES-9030 | Without the Resilient Action Module, users can create workflows but cannot define rules that trigger them. |
RES-9116 | The version of python installed is updated to 2.7.14 to address a reported security vulnerability: https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/version_id-222926/Python-Python-2.7.13.html
|
RES-9171 | User with the "Manage Wiki Pages" permission via group role cannot see the "+New Page" button from the Wiki. |
RES-9331 | Resilient vulnerable to STRIPTLS attack |
RES-9344 | Loading a data table fails due to a single-valued field having multiple values in the database. |
Was this topic helpful?
Document Information
Modified date:
19 April 2021
UID
ibm11161724