Itential Automation Gateway changelog

Subscribe to our RSS Feed or by email to receive automatic notifications when new releases are published. Get notified when we ship new features and improvements.

IAG 4.3.14

IAG 4.3.14 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (1)

Feature	Description
LDAP group search parameter (ENG-21922)	Added `ldap_search_for_groups` parameter for LDAP settings to improve LDAP login speed.

Bug fixes (2)

Feature	Description
Blank gNMI set task thread hang (ENG-22591)	Fixed an issue where executing a gNMI set task with an empty config caused threads to hang indefinitely. IAG now returns a 200 response with a “nothing to do” message when update, replace, and delete are all absent or empty.
LDAP permission retention (ENG-19101)	Fixed an issue where users logging in via LDAP retained group permissions from a previous session when the bind account lacked permission to search groups. Also fixed an unhandled error caused by LDAP user search filters referencing attributes not defined in the server’s schema.

Security fixes (5)

Feature	Description
Uncontrolled recursion (ENG-23053)	Updated axios to resolve an uncontrolled recursion security vulnerability.
Unintended proxy behavior in axios (ENG-22709)	Updated axios to resolve a security vulnerability related to unintended proxy behavior.
Sensitive information exposure (ENG-22696)	Updated follow-redirect to resolve a security vulnerability related to improper removal of sensitive information before storage or transfer.
Arbitrary code injection in lodash (ENG-22383, ENG-22382)	Updated lodash-related packages to resolve arbitrary code injection security vulnerabilities.

Component version

Component	Version
automation_gateway	4.3.71