This article details a list of resolved issues in PGP Universal Server 2.10.

 

General

 

• General improvements were made to the localized (German and Japanese) text in the PGP Desktop user interface and documentation. [16963, 19062]
• Improvements were made to the Apache configurations to prevent HTTP trace-related and TCP timestamp-related vulnerabilities. [18398]
• A new preference (archive-queue-timeout-hours) was added to the proxy section of the prefs.xml file. This preference controls how long mail messages can stay queued in the database. This setting used to be fixed. [18754]
• An issue was fixed where the pgpproxyd service crashes when messages from specific senders were processed. [18972]
• In policy chains, administrators can no longer configure a client rule with the condition "All of message is encrypted". [19001]
• An issue was fixed where whole disk recovery tokens (WDRTs) were not regenerated after forced re-enrollment. [19347]
• Login experience is improved when first accessing PDF Messenger messages. [19479]
• In previous versions of PGP Universal Server, a successful passphrase change notification was sent to external users regardless of whether the change attempt was successful. In version 2.10, a notification message is sent only if the passphrase change was successful. [19818]
• Handling of detached SMIME signatures being proxied through PGP Universal Server was improved. [19788]
• Proxying of malformed IMAP APPEND server responses, such as those sent by Exchange 2007, was improved. [19913]
• Searchability of the PGP Universal Server info object in LDAP directory was improved. [19968]
• Removed support for SSL cipher suites that utilize RC4. [20086]
• Universal Server now uses NSCD (Name Services Cache Daemon) for DNS caching. [17361]
• Integration with external certificate authority was improved. [18375]
• SSL library was upgraded to address potential security issues in Open SSL. [18892]

Keys and Certificates

 

• Small improvement made to handling keys in the verified directory that do not have properly formatted UTF-8 user keys. [19869]
• Key maintenance was improved by reducing the scope of database lookups on secondary servers of a PGP Universal Server cluster. [19887]
• Handling of expired X-509 certificates on internal user keys was improved. [20127]
• Handling of restricting key server access to a range of IP addresses was improved. [20021]
• Customized URLs (HTTP and LDAP) of CRL DP locations are now implemented correctly in the certificates. [16027]
• VKD server responsiveness is improved. [20399]

PGP Universal Web Messenger

 

• Web Messenger users can now re-access their mailbox after leaving it without clicking "Logout". [18238]
• Handling of mail messages composed in Web Messenger that contain multiple character sets was improved. [19725, 19805]
• Fixed bug were pausing the Web Messenger or Verified Directory service would lock administrators out of the administration console. [19902]
• Passphrase-length enforcement was improved for Web Messenger users. [20131]
• Error logging for Web Messenger replication was improved. [20158]

Logging

 

• Logging improvements ensure messages from the Postfix log file are sent to configured remote syslog servers. [17944]
• Logging on PGP Universal Server was improved for instances when message size is too large to send. [19858]
• Minor clarity improvements to update logging. [19886]
• Logging of users with empty display names in the external LDAP directory is improved. [19982]