Resolved issues

These are cumulative release notes. If a release does not appear in this section, then there were no associated new resolved issues.

  • 1381634: Previously, Ivanti Standalone Sentry has a grub error when you upgrade from 9.20.0 to 10.0.1 in some instances. This is now resolved.

  • CVE-2024-6387: This CVE is fixed as part of this release.

  • 1355151: Previously, Ivanti Standalone Sentry VHD image for fresh deployment on Microsoft Azure is not available in version 10.0.0. However, Azure-based Sentry can be upgraded from 9.20.0 to 10.0.0. This issue is now fixed.

  • 1388386: Previously, in Ivanti Standalone Sentry, the upgrade progress bar does not show the download status in real time. This is now resolved.

  • 1199255: Previously, Ivanti Standalone Sentry 9.17.0 displayed an error message when you enable SMBv3 to connect to CIFS file server from Ivanti Docs@work. This is now resolved.

  • 1199099: An Ivanti Standalone Sentry that is heavily loaded may run out of internal buffer space. To reduce the chances of this, the limit has been raised with the fix. Additionally, it has been parametrized allowing for additional increases in the field if necessary.

  • 1375857: Previously, Ivanti Tunnel for Android erroneously used to disconnect every two minutes after upgrading to 9.20.0 in some instances. This issue is now fixed.

  • CVE-2024-6387: This CVE is fixed as part of this release.

  • 1382055: Previously, Ivanti Tunnel for Android erroneously used to disconnect every two minutes after upgrading to 9.20.0 in some instances. This issue is now fixed.

  • AL-16442: When you attempted to save the email configuration on the Sentry MICS portal, previously, the message No message error displayed. After the fix, you must save the configuration, and you can view the message Email settings configured successfully.
  • AL-16207: After an upgrade to Sentry 9.17.0, Sentry connections to some CIFS servers (likely CIFS server clusters) can fail.
  • AL-16019: Previously, the Sentry OAuth feature's conditional access policy was failing. Starting from the Ivanti Standalone Sentry 9.20.0 release, the conditional access policy is operating as intended, and the sentry IP displays in the Azure portal rather than the device IP.

  • CVE-2024-6387: This CVE is fixed as part of this release.

  • AL-16386: Previously, Android Tunnel erroneously used to disconnect every two minutes after upgrading from 9.16.0 to 9.18.0 in some instances. This issue is now fixed.
  • AL-16132: Previously, Advanced Traffic Control server name rule matching failed when a port specification was included in the server’s name header entry for an HTTP request. This caused the default rule to be used instead of the expected ATC rules.
    This issue is now fixed.
  • AL-15927: Previously, Sentry threw a RemoteAccessException error on synchronizing and reporting AppTunnel status data to Core if the number of active entries in the device cache was large. The error occurs as the request body exceeds the maximum size of the SSL buffer and thus cannot buffer the message body to allow SSL renegotiation to continue. The LimitRequestFieldSize is changed to 8190. This issue is now fixed.
  • AL-15767: In Standalone Sentry, when you enter privileged mode, you are redirected to the password prompt, and there is no time out. Starting from the current release, you can see that the timeout is set to 120 seconds for the password prompt.
  • AL-15978: Previously, Sentry mutual authentication was not enabled automatically.
    This issue is now fixed.

  • AL-16052: Previously, Sentry MICS portal was not accessible after generating the Sentry self-signed certificate from the MICS portal.
    This issue is now fixed.

  • AL-16015: With the mutual authentication change made at the core, the systemconfig.xml file should be permanently stored in the CVS repository.
    This issue is now fixed.

  • AL-15624: Previously, icons directory listing was enabled on Sentry.
    This issue is now fixed.

  • AL-15930: Previously, Sentry syslog did not display the hostname for all the entries in Android Tunnel.
    This issue is now fixed.

  • AL-15931: Previously, Android devices could not connect to VPN and use the applications.
    This issue is now fixed.

  • AL-15951: Previously, Sentry did not recognize the <enter> key on password prompts on a serial port.
    This issue is now fixed.

  • AL-15636: Previously, an error occurred with Sentry MICS portal with smbios_entry_point permission.
    This issue is now fixed.
    A notification is provided in the log file.

  • AL-15015: Previously, missing hostname on AWS Sentry instances caused the export configuration and showtech generation to fail on the system manager portal.
    This issue is now fixed.

  • AL-15747: Previously, Sentry certificate based authentication fails to work for signing in system manager.
    This issue is now fixed.

  • AL-15679: Previously, the 'install rpm url' CLI command failed during the clean up of old files before downloading the rpm.
    This issue is now fixed.

  • AL-15642: Previously, upgrading Sentry 9.13.0 to 9.15.0 caused an exception if an older version of Ivanti EPMM was used. Update Ivanti EPMM to 11.5.0.0 and newer versions to fix this issue.

  • AL-15613: The Apache HTTPD rpms affected by CVE-2021-40438 is now upgraded. The installation of the security fixes through the command line "install rpm url https://support.mobileiron.com/https/mi-update-httpds-1.0.0-3.noarch.rpm" is not required for Sentry 9.15.0.

  • AL-15694: Log4j is now updated to 2.17.1 on Sentry 9.15.0. Installation of the log4j jndi vulnerability fixes through the command line install rpm mi-workaround-sentry-log4j-jndi-vulnerability-2.0.0-2.noarch.rpm is not needed for Sentry 9.15.0.

  • AL-15433: Previously, in Sentry System Manager, the administrator log in session was not canceled when the user was deleted.
    This issue is now fixed.

  • AL-15168: Previously, Sentry was sending the network traffic to www.teracotta.org that was triggered by the quartz library update once every week.
    This issue is now fixed.

  • AL-14997: Previously, when HSTS was enabled through CLI, the preload attributes was enabled automatically and there was no option to disable the preload option.
    This issue is now fixed.
    A new CLI command is added to enable or disable the preload attribute. For more information, see "Enabling and disabling SSL HSTS" in the Sentry Guide.

General resolved issues for Standalone Sentry 9.14.0

The following issues are resolved in this release:

  • AL-15481: Previously, monitoring Sentry with GET request https://<sentryname>/Microsoft-Server-ActiveSync did not receive 501 HTTP response code.
    This issue is now fixed.
    Server details are not published in monitoring and also alerts the tab with invalid GET request alert.

  • AL-15475: Previously, iOS 14.6 broke the OAuth functionality.
    This issue is now fixed.

  • AL-15405: Delegated IDP for ADFS set up is not working correctly after upgrading sentry from 9.8.1 to 9.9 version of the sentry. Authentication fails with ADFS.

  • AL-15017: Previously, HSTS settings did not have transport security header enabled on port 9090.
    This issue is now fixed.
    After upgrading, disable HTTPD HSTS and enable it again in the CLI.

Standalone Sentry resolved issues for Access

There are no new resolved issues found in this release.

Standalone Sentry resolved issues for Ivanti EPMM

There are no new resolved issues found in this release.

Standalone Sentry resolved issues for Ivanti Neurons for MDM

There are no new resolved issues found in this release.