Release 3.19.0

On top of bug fixing this release brings you the following:

• Account Reviews (Enterprise): brand new documentation at the learning portal, we included out-of-the-box connectors for AWS and LDAP so you can test accounts on those type of systems pretty quickly, no need for custom scripts. corrected minor bugs here and there.
• Awareness Programs (Enterprise): brand new documentation, we identified a few things we want to improve on the module in the coming releases too.
• Top Ten Risks (Enterprise and Community): we restored a “Top Ten Risk” chart in the Risk module and also included Risk Score values on the filters so you can sort by score or search risks with lower or higher risk score than, Etc.
• Comments/Attachments (Enterprise): we wanted have a dynamic status that triggers if “John” provides a comment with the word “Approve”. This is used by some people to document approvals and send emails/API REST calls when the trigger.
• Online Assessments (Enterprise): we updated the entire documentation, included a couple of same template questionnaires (for ISO and Privacy), included APIs and some minor bug fixing.
• Project Management (Enterprise): we expanded APIs to the Project Section.
• APIs now have Macros (Enterprise): you can now use macro’s on the body of your API calls.

Our next release we have the following plans in mind:

• Templates: migrate opensourcegrc.org to eramba.org with a completely new interface. We are also working on expanding the existing templates to include the latest version of 27001.
• User Interface: we will provide, to enterprise customers alone, an interface in eramba to use templates directly from eramba interface.

Features:

• Feature-Top 10 risks by analysis and treatment scores

• Github (internal): https://github.com/eramba/eramba/issues/4108

• *Feature-Make risk score fields as sortable in filter settings of all risks sections *

  • Github (internal): https://github.com/eramba/eramba/issues/4107

• Feature - Account review feed pull via service api

  • Github (internal): https://github.com/eramba/eramba/issues/4085

• Feature - expand comments dynamic status options

  • Github (internal): https://github.com/eramba/eramba/issues/4052
  • Forum (public): Feature - expand comments dynamic status options

• Feature-OA calculated fields must be adjusted based on hidden or not hidden

  • Github (internal): https://github.com/eramba/eramba/issues/4051
  • Forum (public): Bug - hidden questions should not count towards reporting (OA)

• Feature-Adjust OA feedback default filter column

  • Github (internal): https://github.com/eramba/eramba/issues/4045

• Feature-Check questionnaire OA default sorting if its chapter id / item id

  • Github (internal): https://github.com/eramba/eramba/issues/4044

• Feature-OA number formatting on filters (feedback and questionnaire)

  • Github (internal): https://github.com/eramba/eramba/issues/4043

• Feature-Update descriptions on the OA import template

  • Github (internal): https://github.com/eramba/eramba/issues/4040

• Feature-Explore projects APIs

  • Github (internal): https://github.com/eramba/eramba/issues/4020

• Feature-Macros on webhooks

  • Github (internal): https://github.com/eramba/eramba/issues/4017
  • Forum (public): Feature - Webhooks Macros on Endpoint URL

• Feature-Risk matrix on dashboard should not be cached

  • Github (internal): https://github.com/eramba/eramba/issues/3489
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/16436

• Feature-API for online assessments

  • Github (internal): https://github.com/eramba/eramba/issues/3449
  • Forum (public): Feature - API Online Assessment

• Feature-More user-friendly error when user does not have permission to upload attachement

  • Github (internal): https://github.com/eramba/eramba/issues/3280
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/15055

Bugs:

• Bug-webhook connection to localhost:8443 in docker

  • Github (internal): https://github.com/eramba/eramba/issues/4124

• *Bug-Asset related objects chart is missing compliance package name *

  • Github (internal): https://github.com/eramba/eramba/issues/4090
  • Forum (public): Question - Assets linked to Compliance Analysis - #4 by Ovidiu

• Bug-Update demo environments

  • Github (internal): https://github.com/eramba/eramba/issues/4089

• Bug - authentication LDAP settings are set to local after DB restore

  • Github (internal): https://github.com/eramba/eramba/issues/4084

• Bug-Cookie without secure flag set

  • Github (internal): https://github.com/eramba/eramba/issues/4067
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/19109

• Bug-Vulnerable Javascript Plugin In Use - jQuery 1.16.0

  • Github (internal): https://github.com/eramba/eramba/issues/4065
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/19109

• Bug-Security Headers missing

  • Github (internal): https://github.com/eramba/eramba/issues/4030
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18951

• Bug-Login form takes on value of any redirect parameter

  • Github (internal): https://github.com/eramba/eramba/issues/4029
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18949

• Bug-Forgot password from OA portal takes you to main portal

  • Github (internal): https://github.com/eramba/eramba/issues/4027
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18919

• Bug-Improve button accessible even if ACL is set to forbidden

  • Github (internal): https://github.com/eramba/eramba/issues/4016
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18815

• Bug-Saml redirection on OA portal

  • Github (internal): https://github.com/eramba/eramba/issues/4015
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18805

• Bug-Warning about advanced_filter_cron_result_items

  • Github (internal): https://github.com/eramba/eramba/issues/4014
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18818

• Bug-Expired staus can not trigger because of wrong conditions

  • Github (internal): https://github.com/eramba/eramba/issues/4005
  • Forum (public): Bug - dynamic status on audit section - #2 by david.schroth

• Bug-Two problems with account reviews

  • Github (internal): https://github.com/eramba/eramba/issues/3983
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18535

• Bug-Missing colours on report

  • Github (internal): https://github.com/eramba/eramba/issues/3973
  • Forum (public): Bug - Having a problem with downloading a certain report

• Vulnerability bug-Server-Side Request Forgery

  • Github (internal): https://github.com/eramba/eramba/issues/3466
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/16286

• Bug-Compliance package item description is missing in filter

  • Github (internal): https://github.com/eramba/eramba/issues/3459
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/16256

• Bug-Dropdown shows &

  • Github (internal): https://github.com/eramba/eramba/issues/3450
  • Forum (public): https://discussions.eramba.org/t/bug-dropdown-with-an-ampersand-special-character/2100
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18669

• Bug-Field related documents is missing

  • Github (internal): https://github.com/eramba/eramba/issues/3412
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/15979

• Bug - Non UTF-8 character in import is crashing object auto find with sql collation conflict

  • Github (internal): https://github.com/eramba/eramba/issues/3348

• Bug - Related item on policy portal missing scrollbar

  • Github (internal): https://github.com/eramba/eramba/issues/2877
  • Forum (public): https://discussions.eramba.org/t/bug-policy-portal/1825/2
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/12118

• Bug-Dashboard chart asset based risk score not calculated properly

  • Github (internal): https://github.com/eramba/eramba/issues/2832
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/11143

• Bug-Editing questionaire change also Chapter ID and title

  • Github (internal): https://github.com/eramba/eramba/issues/2831
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/11123

• Bug-Graph Policies by Mitigation not working

  • Github (internal): https://github.com/eramba/eramba/issues/2807
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/10669
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/10686

• Bug-Policy section chart has bugs

  • Github (internal): https://github.com/eramba/eramba/issues/2743
  • Forum (public): https://discussions.eramba.org/t/dashboard-policies-by-mitigation-risk-mitigation-not-in-counter/1666/3

• Bug-Compliance analysis finding import not working

  • Github (internal): https://github.com/eramba/eramba/issues/4125
  • Forum (public): https://discussions.eramba.org/t/bug-compliance-analysis-finding-import-file-not-ok/2835

• Bug-Account review portal answer submission is very slow

  • Github (internal): https://github.com/eramba/eramba/issues/4095

• Bug-Risk filters reset when you customize them for the first time

  • Github (internal): https://github.com/eramba/eramba/issues/4041

• Bug-Compliance analysis macro in dynamic status notification crashes

  • Github (internal): https://github.com/eramba/eramba/issues/3869
  • Zendesk (internal): https://eramba.zendesk.com/agent/tickets/18000

• Bug-Cannot delete a user who is the owner of goal audit or business continuity plan audit

  • Github (internal): https://github.com/eramba/eramba/issues/3192

20230426_Quick_https_acunetix_eramba_org_.pdf (161.8 KB)