Skip to main content

Snow Extender 2

Here you can find the release notes for Snow Extender 2.

2.5.0 latest

Release date: 2024-11-06

Corrections

(SIT-3950)

  • The security of the Snow Inventory API endpoint has been improved by updating the Content Security Policy (CSP) headers with the following changes:
    • Removed the 'unsafe-inline' keyword from the 'style-src' directive.
    • Eliminated the 'img-src' directive.
    • Added the 'default-src' directive with the 'self' keyword for enhanced control over content sources. (04794923)

(CDC-5437)
The end users will now receive clear, user-friendly messages in the following scenarios:

  • When invalid proxy settings are detected
  • When SLM or Inventory endpoints are configured with incorrect SSL or non-SSL API settings
  • When Active Directory (AD) Discovery connections are incorrectly set up
  • When Data Forwarder connections are incorrectly configured

2.4.0

Release date: 2024-09-12

Enhancements

Snow Extender
Enhanced logging mechanism
(CDC-5191)

  • Additional logging has been added to help diagnose issues while transmitting data to Snow Atlas.

Corrections

(SIT-3890)

  • We have introduced additional security headers, "Permission-Policy: none" and "Referrer-Policy: same-origin", to our API responses. These updates are designed to strengthen security and enhance user privacy. (04789573)

(SIT-3845)

  • Fixed an issue where after a Snow Extender upgrade, the platform-extender loses its connection to Snow Atlas until the token expires and a new one is requested. (04785274)

2.3.0

Release date: 2024-06-19

New

Snow Extender
Custom Encryption Keys support in Snow Extender
(CDC-5151)
We are excited to introduce the support for custom encryption keys in Snow Extender. This highly-requested feature empowers customers to enhance data security by securely transferring snowpack data from the Snow Inventory Agents to Snow Atlas and Risk Monitor using their own custom encryption keys. With this capability, customers can ensure the utmost security and confidentiality of their data throughout the data transfer process.

Enhancements

Snow Extender
Enhanced communication handling
(CDC-5228)

  • We have improved the communication flow between Snow Atlas, Snow Extender, and Snow Inventory Agents. Specifically, the error handling has been enhanced to ensure proper forwarding of failed HTTP messages and status codes back to the agents.
    This enhancement equips the agents to effectively diagnose issues with requests made to Snow Atlas, facilitating a smooth operation and troubleshooting.

Enhancement of the DLL hijacking prevention mechanisms
(CDC-5298)

  • We have strengthened the Dynamic Link Libraries (DLLs) loading mechanism within the Snow Extender Service to mitigate DLL preloading attacks. This proactive enhancement safeguards against potential security vulnerabilities, ensuring the integrity and reliability of the application.

Enhancement of the DLL loading mechanisms
(CDC-5238)

  • The Snow Extender configurator now employs enhanced mechanisms to load Dynamic Link Libraries (DLLs), effectively mitigating potential DLL preloading attacks.

2.2.0

Release date: 2024-04-17

Corrections

(SIT-3581)

  • The AD Discovery no longer fails to query the RootDSE object while using LDAPS protocol. (04767193)

(SIT-3364)

  • The AD Discovery now uses the protocols LDAP or LDAPS based on the provided user input. (04749407)

(CDC-5153)

  • The AD Discovery module now correctly logs the device aggregation.

2.1.2

Release date: 2024-01-24

Enhancements

Security
(CDC-4966)
To enhance the security of Snow Extender, service path executables are now enclosed within quotes. This measure is a proactive step to prevent potential privilege escalation vulnerabilities and ensure the integrity of our software.

Corrections

(SIT-3197)

  • Users can now seamlessly test the AD Discovery connection during the configuration process, eliminating the previous constraint of requiring SSL for testing. (04738933)

(SIT-3343)

  • Resolved an issue within the Data Forwarder module that previously prevented it from utilizing the configured proxy settings. (04748071)

(CDC-5019)

  • The Data Forwarder module now properly validates the configured proxy when clicking on the Test button.

2.1.1

Release date: 2023-08-30

Enhancements

Snow Extender
(SIT-2858)

  • Snow Extender HTTP error logs have been changed from log-level error to log-level warning, preventing the Extender status from showing Running with error on Snow Atlas. (04698007)

(CDC-4061)

  • The Snow Extender service .NET framework is upgraded to version 4.8.

Corrections

(SIT-2863)

  • Fixed an issue where the Snow Extender service would stop when using proxy connections due to memory consumption. (04698339)

(CDC-4561)

  • Fixed an issue by improving the file upload error handling for the extender Data Forwarder. In addition, the HTTP security headers have been changed to cater to larger file uploads.

(CDC-4580)

  • Renaming the Site Name works now as expected for the Data Forwarder module.

2.1.0

Release date: 2023-03-30

Upgrade information
(CDC-4392)
Version 2.1.0 is a part of the General Availability (GA) phase of Snow Extender (version 2.0.5 being the first GA version).

info

Customers on all Early Access phase versions (Snow Extender 2.0.3 or earlier) must now upgrade to version 2.0.5 or later. All changes from Snow-internal version 2.0.4 have been included in version 2.0.5.

New

Snow Extender
Data Forwarder
(CDC-4050)

  • A new feature Data Forwarder has been added to the Snow Extender configuration. This feature allows you to forward snowpacks to a secondary destination.

Corrections

(SIT-2682)

  • Fixed an issue where the digital signature was missing from the Snow Extender installer. (04679364)

(SIT-2435)

  • Improved handling of files in the upload queue to avoid unnecessary memory consumption. (04611934)

(CDC-4293)

  • Corrected an issue where the Snow Extender appears to disconnect from Snow Atlas while still forwarding snowpacks.

2.0.8

Release date: 2023-01-17

(CPV-15)
Download release notes here

Enhancements

(CPV-16)

  • Additional “Content-Security-Policy” has been added as an optional HTTP response header for Inventory API that can be enabled in the UI using the Use strict security checkbox. Note: This option can be enabled only when using HTTPS.

(CPV-17)

  • A Documentation link has been added for launching the Extender user guide on the Snow Docs site.

(CPV-18)

  • A button for testing the AD Discovery configuration has been added.

Corrections

(CPV-19)

  • Fixed an issue where file dates on active directory discovery objects could be out of range. (04606220)

(CPV-20)

  • The default retry wait time for Snow agents is now lowered to 5 seconds to increase connection reliability.

2.0.7

Release date: 2022-10-11

(CPV-23)
Download release notes here

Enhancements

(CPV-24)

  • Added a limit to how many log entries will be uploaded to SumoLogic for better performance.

(CPV-25)

  • The installer is now creating a log file to assist in troubleshooting.

(CPV-26)

  • The installer will now attempt to rollback an upgrade on failure.

Corrections

(CPV-27)

  • Fixed a memory leak that would occur if one or more modules repeatedly fail and are restarted. (04599017)

(CPV-28)

  • The status ‘Running with Warning’ will no longer be triggered by a single error but is set by reaching a threshold within a certain time frame. (04582958)

(CPV-29)

  • Added validation of the Active Directory Discovery LDAP path to prevent errors.

(CPV-30)

  • Fixed an issue where the snowpack upload would get stuck.

2.0.6

Release date: 2022-08-30

(CPV-33)
Download release notes here

Enhancements

(CPV-34)

  • Snowpack files are now uploaded in batches (not one-by-one), improving upload performance.

(CPV-35)

  • Removed the file receiver throttle to allow agents to deliver snowpacks faster.

Corrections

(CPV-36)

  • Fixed an issue where proxy is not used for heartbeats.

(CPV-37)

  • Removed an erroneous log statement during Active Directory Discovery.

2.0.5

Release date: 2022-06-29

(CPV-40)
Download release notes here

New

(CPV-41)

  • Added a self-test button that can be used to help diagnose issues in the configuration.

(CPV-42)

  • The extender will now automatically disable itself when it is no longer needed.

Enhancements

(CPV-43)

  • Added the ability to adjust the amount of information that is logged.

(CPV-44)

  • Added support for the new Inventory and SLM API endpoints.

Corrections

(CPV-45)

  • Fixed an issue where the extender failed to add the proper route prefix to some requests.

Flexera does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.