Agent for SharePoint Release Notes › Changes to Existing Features
Changes to Existing Features
New Procedure for Configuring Log Files
Symptom:
I upgraded from a previous version. How do I enable logging on this new version?
Solution:
For more information, see the CA SiteMinder® Agent for SharePoint Guide.
Office Client Integration with Microsoft KB2563214 and KB2647954
Symptom:
My Office Client Integration (WebDAV) broke after I installed the following Microsoft hot fixes:
Solution:
A work-around is available. For more information, see the CA SiteMinder® Agent for SharePoint Guide.
More information:
403 Forbidden Message not Issued for WebDAV Requests After Microsoft Hotfixes Installed (159153, 157265)
Different File Location for Fixing Truncated Attributes in SharePoint
The CA SiteMinder® Agent for SharePoint uses the MaxUserAttributeLength setting to control the length of the attributes displayed in SharePoint.
For 12.0.3 and 12.5.0, this setting was in the following file:
policy_server_home\config\properties\wsfed.properties
For 12.52 SP1, the MaxUserAttributeLength is located in a different file:
policy_server_home\config\properties\EntitlementGenerator.properties
Update the MaxUserAttributeLength setting in the EntitlementGenerator.properties file so that it matches the one that you used in the older version of the CA SiteMinder® Agent for SharePoint.
Upgrade of OpenSSL
CA SiteMinder® Agent for SharePoint uses OpenSSL 0.9.8za to fix the following vulnerabilities:
- CVE-2014-0224: An SSL/TLS MITM vulnerability exists in OpenSSL 0.9.8y and earlier. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
- CVE-2014-0221: DTLS recursion flaw exists in OpenSSL 0.9.8y and earlier. By sending an invalid DTLS handshake to an OpenSSL DTLS client, the code can be made to recurse, eventually crashing in a DoS attack.
- CVE-2014-3470: Anonymous ECDH denial of service flaw exists in OpenSSL 0.9.8y and earlier. OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
- CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack".
For more information about the vulnerabilities, see the OpenSSL documentation set.
Copyright © 2014 CA.
All rights reserved.
|
|