Gateway 4.3.14
Gateway 4.3.14 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| LDAP group search parameter (ENG-21922) | Added ldap_search_for_groups parameter for LDAP settings to improve LDAP login speed. |
Bug fixes (2)
| Feature | Description |
|---|---|
| Blank gNMI set task thread hang (ENG-22591) | Fixed an issue where executing a gNMI set task with an empty config caused threads to hang indefinitely. Gateway now returns a 200 response with a “nothing to do” message when update, replace, and delete are all absent or empty. |
| LDAP permission retention (ENG-19101) | Fixed an issue where users logging in via LDAP retained group permissions from a previous session when the bind account lacked permission to search groups. Also fixed an unhandled error caused by LDAP user search filters referencing attributes not defined in the server’s schema. |
Security fixes (5)
| Feature | Description |
|---|---|
| Uncontrolled recursion (ENG-23053) | Updated axios to resolve an uncontrolled recursion security vulnerability. |
| Unintended proxy behavior in axios (ENG-22709) | Updated axios to resolve a security vulnerability related to unintended proxy behavior. |
| Sensitive information exposure (ENG-22696) | Updated follow-redirect to resolve a security vulnerability related to improper removal of sensitive information before storage or transfer. |
| Arbitrary code injection in lodash (ENG-22383, ENG-22382) | Updated lodash-related packages to resolve arbitrary code injection security vulnerabilities. |
Component version
| Component | Version |
|---|---|
| automation_gateway | 4.3.71 |