Symantec Encryption Server 3.3.2 - Resolved Issues

Article:TECH164863  |  Created: 2011-07-18  |  Updated: 2014-06-25  |  Article URL http://www.symantec.com/docs/TECH164863
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution


Subject

Issue



This article details a list of resolved issues in Symantec Encryption Server 3.3.2 including all Maintenance Packs (MP).

 


Solution



Symantec Encryption Management Server 3.3.2 MP2 Resolved Issues

General

  • Resolved an issue so that when Universal Services Protocol (USP) requests fail, the Symantec Encryption Management Server now logs the user name of the requester. [3422888]
  • Resolved an issue so that Symantec Encryption Management Server now does not create duplicate dictionary entries for the literal or pattern terms when you import the text or the text file. [3433564]
  • In response to CVE-2014-0224, updated the version of OpenSSL to openssl-0.9.8e-27.el5_10.3. [3529315]
     

Administrative Interface

  • Resolved an issue so that Active Directory objects that have an ampersand symbol (&) in their name can be expanded and collapsed in the Active Directory navigation dialog box, when administrators try to create a new Group Key from the Keys tab of the Symantec Encryption Management Server Console. [3458433]
     

Messaging

  • Resolved an issue so that .gpg files that are received as email attachments are now decrypted successfully. [3411793]
  • Resolved an issue so that the correct product name is now displayed in the confirmation message that appears after users reset their passphrase in the German version of the Symantec Web Email Protection. [3454344]
     

Symantec Encryption Web Email Protection

  • Resolved an issue so that nightly data replication scans no longer terminate unexpectedly. [3460668]
     

Upgrade and Migration

  • Resolved an issue so that the mail policy chain rule conditions or actions are now successfully displayed in the administrative interface after users upgrade PGP Universal Server version 3.1.2 to Symantec Encryption Management Server 3.3.2. [3485485]
     

Symantec Encryption Desktop

  • Resolved incompatibilities with Apple Mac OS X 10.9.3 systems

     

 

Symantec Encryption Management Server 3.3.2 MP1 Resolved Issues

General

  • Resolved an issue so that unwanted completion reports for cron jobs in the /etc/crontab directory are not sent to the root user. [3323981]
  • Resolved a vulnerability issue so that confidential information about the server is not displayed. [3395130, 3192882]
     

Administrative Interface

  • Resolved an issue so that administrators with the Full Administrator role can now manage keys as expected in the administrative interface. [3212029]
     

Keys and Certificates

  • Resolved an issue so that administrators can successfully import network certificates through the administrative interface as well as the command line interface of the Symantec Encryption Management Server. [3377131]
     

Messaging

  • Resolved an issue so that users can now successfully send outbound emails that contain 30+ non-ASCII characters in the From field. [2474869]
  • Resolved an issue so that multiple signature packets are no longer added to cached keys when users send S/MIME encrypted email messages that contain the same certificate, which improves email performance. [3331068]
     

Symantec Encryption Desktop

  • Resolved incompatibilities with Apple Mac OS X 10.9.2 systems.
  • Resolved incompatibilities with Red Hat Enterprise Linux 6.5 (32- and 64-bit versions).
  • Resolved an issue so that Symantec Encryption Desktop now logs only one event when Symantec Endpoint Encryption Removable Storage is also installed on the same computer. [3153572]
  • Resolved an issue so that Symantec Encryption Management Server administrators can now prevent users from disabling the logging function on managed clients through Consumer Policy settings. [3202174]
     

Symantec Encryption Web Email Protection

Upgrade and Migration

  • Resolved an issue so that all of the required preferences are listed in the prefs.xml configuration file after users upgrade PGP Universal Server version 3.0.0 or 3.1.2 to Symantec Encryption Management Server 3.3.2. [3180216]
  • Resolved an issue so that the pgprep service now works correctly and enables server clusters to function after administrators perform a PUP update. [3089685]
  • Resolved an issue so that backup and restore completes successfully from a terminal when using the pgpbackup.pl script. [3415457, 3415463]
     

 

Symantec Encryption Management Server 3.3.2 Resolved Issues

General

  • Resolved the CVE-2013-1862 vulnerability related to the RewriteLog directive by using the updated version of httpd.conf configuration file of the Apache HTTP Server. [3275147]
  • Resolved the CVE issues (CVE-2013-2407, CVE-2013-2451, CVE-2013-2457, and CVE-2013-2461) related to vulnerabilities in the Oracle Java 6 SDK that allow remote attackers to affect confidentiality, integrity and availability of the Java platform through various vectors by using the Java SE Development Kit 7, Update 25 release. [3297839]
  • Resolved multiple CVE issues related to the FreeType font engine that allow remote attackers to cause an application to crash or, potentially, execute arbitrary code with the privileges of the user running the application with the updated FreeType RPM package. [3315192]
  • Resolved the CVE-2013-0153 vulnerability related to the handling method of interrupt remapping entries by the hypervisor driver with a kernel RPM package update. [3315231]
  • Resolved the CVE-2002-2443 vulnerability related to denial-of-service attacks by using an updated Kerberos version 5 RPM package. [3315236]
  • Resolved multiple CVE issues that allow a local, unprivileged user to leak kernel memory to user space by using the updated kernel RPM package. [3315248]
  • Resolved the CVE issues (CVE-2013-0791 and CVE-2013-1620) related to remote user gaining access to plain text data with a Network Security Services (NSS) and Netscape Portable Runtime (NSPR) RPM package update. [3315271]
  • Resolved the CVE-2012-3417 vulnerability, which allows remote attackers to bypass intended access restrictions, with a quota RPM package update. [3325302]
  • Resolved the CVE issues (CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, and CVE-2013-2237) that allow remote attackers to crash a system, trigger denial-of-service attacks, gain improper privileges, and leak kernel memory to user space with a kernel RPM package update. [3315289]
  • Resolved an issue so that Symantec Encryption Management Server does not disclose the version number of the Apache HTTP Server on Red Hat Enterprise Linux/CentOS when the echo -e "GET / HTTP/1.0\n\n" | openssl s_client -quiet-ign_eof -connect | grep Server command is executed. [3212797]
  • Resolved an issue with Symantec Encryption Management Server so that encryption or decryption works properly when multiple ignition keys are added or removed in a clustered environment. [3304712/3312658]
  • Resolved the CVE-2007-6750 vulnerability related to denial-of-service attacks with the implementation of the mod_reqtimeout module in the Apache HTTP Server. [3318302/3299196]
  • Resolved the vulnerability on Linux systems related to Internet Control Message Protocol (ICMP) redirection so that only gateways can redirect messages. [3318280]
  • Resolved the vulnerability related to world-writable files by implementing controlled file permissions. [3318281]
  • Resolved a possible partition mounting weakness in Symantec Encryption Management Server by including the 'nodev' hardening option for the boot partition. [3318279]
  • Obsolete tables for the PGP Remote Disable and Destroy feature, which is no longer supported in Symantec Encryption Management Server, have been removed from the Symantec Encryption Management Server database. [3318267]
     

Administrative Interface

  • Resolved an issue so that the links in the (Consumers) Group tab of Symantec Encryption Management Server work properly and list the correct number of members when the number of groups added is large (more than eight, in addition to the “Everyone” and “Excluded” groups). [3318268] Keys and Certificates
  • Resolved an issue that occurred when searching for keys from a keyserver that uses SSL authentication (either LDAPS or USP). Symantec Encryption Management Server now verifies the validity of the certificate presented by the keyserver, and verifies that the server DNS name matches the DNS name in the presented certificate. [2735979]
  • Resolved an issue so that the Server Key Mode (SKM) key of a user is replicated properly, when it is created by sending email from one Symantec Encryption Management Server to another server within a cluster. [3274338]
     

Symantec Encryption Web Email Protection

  • Resolved an issue so that Symantec Encryption Web Email Protection users who close their browsers by clicking the Close button can now log on again immediately. However, if a user logs on using a different IP address, a message is displayed that the first session is terminated and the user is logged off from that session. [3318294]
  • Resolved an issue with Symantec Encryption Management Server so that correct variable names now appear in the Complete Customization template of Symantec Encryption Web Email Protection. [3318288]
     

Symantec Gateway Email

  • Resolved an issue so that users do not encounter the Invalid UTF-8 character error while replying to emails using an Apple iOS device, which is integrated with Lotus Protector for Mail Encryption Client 2.1.1 using IBM Notes Traveler. [3311598/3318296]
  • Resolved an issue so that Lotus Protector for Mail Encryption Server 2.1.1 no longer produces the Invalid UTF-8 character errors due to delivery failure codes received from the recipient mail server for outbound and bounced emails. [3318297/3311603]
     

Symantec Encryption Desktop

  • Resolved an issue with Symantec Drive Encryption so that when SSO is enabled on a Microsoft Windows 7 64-bit system that is using a simple PGP BootGuard log-in screen, SSO now works correctly for all enrolled users, not just for the first user. [3116309]



Legacy ID



1013


Article URL http://www.symantec.com/docs/TECH164863


Terms of use for this information are found in Legal Notices