EN
Español
English
Português
    Release Notes Aranda Passs Recovery 2.1.0

    DESCRIPTION OF EACH BUG FIXED

    200860:

    Added the Strict-Transport-Security in the web.config of (APRAdmin – APRUsers – APRAPI) as a security enhancement to instruct the browser to only communicate over HTTPS.

    This tag will be disabled by default.


    To enable/disable the tag you must do the following:

    1. Enter Aranda Software Configurator (AWCF).
    2. Select the site (APRAdmin – APRUsers – APRAPI) check/uncheck the Check SSL connection, taking into account the following:

    • If Check is unchecked, the tag will be disabled. This configuration is recommended for environments over HTTP “default option”.

    • If Check is checked, the tag will be enabled. This configuration is recommended for environments over HTTPS, as it requires the use of a TLS/SSL certificate.


    200862:

    The Underscore.js library version is updated to 1.13.4 in the Aranda Pass Recovery User Console (APRUsers) to solve vulnerabilities presented in previous versions of Underscore.js.


    200863

    The Moment.js library version has been updated to 2.29.4 in the Aranda Pass Recovery User Console (APRUsers) and in the Aranda Pass Recovery Administration Console (APRAdmin) to address vulnerabilities presented in previous versions of Moment.js.

    ⚐ Note: This update requires that stored browsing data (cache and cookies) be deleted to avoid compatibility conflicts with the new version when using the console.


    Modern Authentication (OAuth 2.0) in the Mail Settings section:

    An adjustment is made in the Aranda Pass Recovery Administration Console (APRAdmin) in the (Domains) section (Mail Configuration), to support the Modern Authentication (OAuth 2.0) configuration, the configuration options will be presented as follows:


    For the necessary configuration information (OAuth 2.0 Token Endpoint - The refresh token you acquired in the first stage of the flow - Application ID (client) - Client secret value) refer to the following document Configuring for OAuth 2.0 Modern Authentication, which tells you how to get the data.

    Notes:
    - If basic authentication is continued to be used, do not enable Check (Enable OAuth2.0 Authentication).
    - For this update, it is essential to have Aranda Tools 8.8.1 or higher on the application server, prior to performing the APR product upgrade or installation.

    NOTES OR ADDITIONAL INSTRUCTIONS

    • Run the “Aranda.PassRecovery.Installer.exe” file and follow the instructions in the installer.
    • The executable file functions as both an installer and an update tool.
    • This update applies only to databases in version 8.0.150