Airlock Gateway 7.8 - Changelog

The following list shows the changes from Airlock Gateway 7.7 to 7.8.

NEW: AP-14037 Support for multiple back-end groups per mapping
NEW: AP-20533 Support output compression with Brotli algorithm
NEW: AP-30968 Log-only option for bot detection
NEW: AP-30979 Explicit allow and deny lists for request/response headers
NEW: AP-31912 Support for response attributes in anomaly shield
NEW: AP-31974 Extend range of supported data attributes in anomaly shield
NEW: AP-31966 Implement new machine learning models: ConnectionMetrics,     
              GraphMetricsCluster, IsolationForest, MultipleCountries, 
              StatusCodeMeta, TimingCluster
NEW: AP-32007 Confirm reverse DNS lookups with forward lookups for bot detection
NEW: AP-20985 Harden WebSocket handshake (CASE-30997)
NEW: AP-22714 Option for disabling JSON parsing in multipart file uploads 
NEW: AP-28539 Evaluate ICAP header 'X-Blocked' (CASE-30680)
SEC: AP-31987 Component updates for Log4Shell mitigation (CVE-2021-44228)
FIX: AP-20920 Don't break data URLs in location header
FIX: AP-32096 Remove legacy log4j libraries on system
FIX: AP-30580 Active node periodically sends gratuitous ARP packets for active 
              IPs (CASE-31180, CASE-31958, CASE-32261, CASE-32637, CASE-31658, 
              CASE-32242, CASE-32461, CASE-32541)
FIX: AP-32106 Make failover service more robust against unexpected termination 
              (CASE-32278, CASE-32461)
FIX: AP-31691 Improve deny rules: update keywords, fix false positives, address 
              insights from bug bounty program
FIX: AP-21611 Allow digits in protocol of location URLs (CASE-30939, CASE-26843)
FIX: AP-31267 Accept long, unsigned and double for type number in OpenAPI 
FIX: AP-31613 Omit '421 Misdirected Request' error with Safari and HTTP/2 
FIX: AP-31778 Correctly parse log message of the SOAP filter module
FIX: AP-32059 Case-insensitive handling of host names in cluster activations
              (CASE-32495, CASE-32531, CASE-32537, CASE-32607, CASE-32726)
FIX: AP-32092 Always show sysmon diagrams
FIX: AP-32139 Prevent double slashes in policy learning suggestions
FIX: AP-32225 Assign default gateways to correct interface with IPv6
FIX: AP-32322 Support certificates without CN (CASE-32720)
CHG: AP-32190 Log requests with early client aborts as 'rejected' (CASE-32473)
CHG: AP-31147 Close half-open back-end connections timely
CHG: AP-32112 Remove changelog from README file
CHG: AP-31450 Improve UX for enabling anomaly shield
CHG: AP-31611 Remove workaround for PDF download in old IE versions 
              (CASE-30037, CASE-32199, CASE-31766)
UPD: AP-32330 Update to OpenSSL 1.1.1n
UPD: AP-32093 Update to PCRE2 10.39
UPD: AP-32098 Update to libcurl 7.82.0
UPD: AP-31717 Update OS components
UPD: AP-29147 Update to collectd 5.12.0
UPD: AP-31732 Update to Redis 6.2.7
UPD: AP-31853 Update Elasticsearch and Kibana to 7.17.1
UPD: AP-31709 Update to httpd 2.4.53
UPD: AP-31713 Update to Tomcat 9.0.58
UPD: AP-31716 Update to syslog-ng 3.35.1
UPD: AP-31273 Update to Gem Engine 1.6
UPD: AP-31725 Update to jsoncons 0.168.3
UPD: AP-31727 Update to c-icap 0.5.10
UPD: AP-31736 Update to Kerberos 1.19.3
UPD: AP-31738 Update geolocation data (DB-IP)