The HotFix generates an error when manually updating the Artica version, it is normal.
It can be applied only for Artica 4.50.00000
New Hotfix erase modifications of old applied HotFixes.
¶ Official Hotfix Manual update procedures
- 20241105-01 (released on 2024 Nov 5 )
- 20241029-17 (released on 2024 Oct 29 )
- 20241023-00 (released on 2024 Oct 23 )
- 20241020-21 ( released on 2024 Oct 20 )
¶ Issues resolved by The Hotfix
- 20241114-21: Fix : LDAP SSL issues on Debian 12
- 20241114-13: Fix: Action “Rebuild full configuration” on the Proxy service destroy the Active Directory keytab
- 20241114-13: Fix: Enter/exit into emergency mode did not restore the full proxy configuration
- 20241114-13: Add: Improve status of the Webfiltering Proxy connectors
- 20241114-13: Add: Web-filtering Rule status if it is in production or not in the rules main table
- 20241114-13: Add: Specific secure Firewall rules for local Proxy service
- 20241114-13: Add: Possibility to filter Web-filtering events by IP address and/or categories
- 20241110-21: Add: Possibility to use GeoIP Maxmind in firewall rules
- 20241110-16: Add: Possibility to replicate Maxmind GeoIP databases accross multiple Artica servers
- 20241109-13: Fix: Unable to start OpenVPN server on Debian 12 system
- 20241104-17: Add: Possibility to create mirror rules to target address in the Artica Firewall
- 20241031-14: Fix: Web error page always use the error page rule that have no filter.
- 20241031-00: Fix: Missing libpython3.7 python3-memcache to make the RDS Proxy AuthHook running on Debian 10
- 20241030-22: Add: More IDS rules when updating
- 20241030-22: Add: Automatic watchdog for the “GENSEC login failed: NT_STATUS_LOGON_FAILURE” error when using NTLM.
- 20241030-18: Fix: Unable to scan the legal log repository when the repository is a symbolic link
- 20241030-16: Fix: Installing Active Directory feature stuck at 50% on Debian 12
- 20241030-16: Fix unable to set Proxy Reply Access acls using Debian 12
- 20241030-16: Fix unable to make the Local DNS Cache running.
- 20241030-16: Fix Unable to see privileges list using Debian 12
- 20241030-00: Add possibility to send all traffic to a remote address
- 20241029-16: Add possibility to query domains under Newly registered domains database
- 20241025-01: Fix: Unable to install Proxy eCAP antivirus on Debian 12
- 20241021-19: Fix: Web console crash on license section
- 20241021-19: Fix: Unable to generate SSL certificate clients on Reverse-Proxy.
- 20241021-11: Fix: Web page console crash on Debian 12 when viewing HaCluster backends and Web-filtering time slots
- 20241020-21: Add: Fingerprinting Web Access feature for the Artica Web console
- 20241020-21: Add: Debian 12 support
- 20240724-19: Add: New feature Persistent network interfaces
- 20240702-17: Add: Fix for the CVE-2024-6387: OpenSSH regreSSHion RCE
- 20240609-10: Add: Possibility to move all log directories to an another location.
- 20240607-01: Add: DNSTAP support for LogSink
- 20240607-01: Fix: Corrupted formatted proxy events to LogSink.
- 20240607-01: Fix: LogSink did not open UDP port correctly
- 20240605-14: Add: EDNS support when using Artica DNS Cache service in backends and Front-ends
- 20240601-17: Add: MicroDHCP service status, leases and events
- 20240531-18: Fix: Some malformatted Policies Zones make the local DNS cache service unavailable.
- 20240531-17: Add: New bell notification when a new DNS Cache version is available.
- 20240531-17: Fix: PostgreSQL table modsecurity_linked_tags increase dramatically when using Web Application Firewall
- 20240531-17: Fix: Improve performance of the Local DNS Cache Service.
- 20240528-19: Fix: Cannot define correctly a subdirectory for backup snapshots
- 20240528-19: Fix: Unable to set a static HTML reverse Proxy website
- 20240528-19: Fix: Sometimes Proxy service lost max file descriptors value and return back to 4096
- 20240528-19: Fix: Unable to assign Active Directory privileges when there are quotes “'” in Active Directory group name
- 20240508-19: Add: Possibility to enable DoH service for the DNSBL/RBL service
- 20240508-19: Fix: Artica did not renew correctly the Active Directory Kerberos certificate
- 20240508-19: Add: Possibility to enable a Dedicated service for query DoH Cloudflare
- 20240427-13: Fix: Review the DNS Firewall GeoIP rule
- 20240426-17: Fix: Unable to upload ther kerberos Keytab in HaCluster server
- 20240426-17: Fix: Unable to restore a snapshot
- 20240426-10: Fix: License corrupted and deleted if license check is performed at startup.
- 20240426-01: Add: Possibility to populate Firewall rules from the DNS Firewall
- 20240329-10: Add: Possibility to enable/disable the Proxy Acls Active Directory groups recursive search
- 20240324-18: Add: Cache Exclusions rules for the reverse-proxy engine.
- 20240319-17: Fix CVE-2024-2054
- 20240317-12: Add: When creating server certificate, process take care if an IP address is added in domains.
- 20240317-12: Add: New Process for reconfiguring Proxy ports
- 20240317-12: Fix: Wrong permissions on the Postfix binaries
- 20240311-15: Add Possibility to manage VLAN interfaces via REST API
- 20240311-15: Add Possibility to reboot the system via REST API
- 20240309-01: Fix CVE-2024-2056
- 20240307-18: Add Possibility to create a dedicated Proxy instance section for debugging
- 20240306-20: Add New Feature: Artica Windows DNS Agent
- 20240223-03: Add Possibility to deny artica to build network configuration
- 20240222-20: Add new service for Reverse-Proxy “DoH Gateway”
- 20240222-18: Fix Unable to set the download/update rate in the Reverse-proxy service
- 20240222-18: Fix Unable to set the max connections by IP in the Reverse-proxy service
- 20240222-18: Add: Possibility to define an outgoing interface for the Reverse-proxy service
- 20240220-01: Add Possibility to setup specific DNS servers for the reverse-Proxy
- 20240220-01: Add More options for the Reverse-proxy backends keep Alive feature
- 20240220-01: Add Improve the Reverse-proxy backend load-balancing feature
- 20240220-01: Add Manage PowerDNS using REST API
- 20240213-00: Add Manage DNS Cache records using REST API
- 20240213-00: Add Improve DNS Cache records management
- 20240212-11: Add Restrict Artica login page by geolocation
- 20240211-16: Add SSH brute-force remediation
- 20240210-18: Add Possibilty to include Toulouse University blacklists
- 20240208-15: Add New statistics for the number of connected members to the Proxy service
- 20240208-15: Add New Artica Milter object ACLs Artica Deny reputation
- 20240201-16: Add REST API in order to Check if all Proxy Listen ports are available
- 20240131-13: Add New Artica Milter object ACLs URLs expression
- 20240131-13: Add New Artica Milter object ACLs Active Directory recipients
- 20240131-13: Add New Artica Milter object ACLs Active Directory sender
- 20240131-13: Add New Artica Milter object ACLs Attachments
- 20240130-02: Add automatic postrouting NAT when using VPN client
- 20240130-02: Fix unable to access to Unix console parameters trough the Artica Web Console parameters section.
- 20240130-02: Fix: Hostname is truncated after the installation wizard.
- 20240130-02: Fix: Unable to start PHP Web console when using VPN client
- 20240126-01:Add: Possibility to create multiple IPV6 addresses for a single network interface
- 20240124-15: Add: Possibility to tune Ciphers for the SMTP daemon in Artica SMTP Edition
- 20240123-13: Add: Possibility to enable the upgrade Artica with Hotfixes in developement mode
- 20240120-15: Add: AutoBackup feature for the Artica Reverse-Proxy edition
- 20240116-15: Add: ACLs method in the Artica Milter filter for Artica SMTP Edition
- 20240112-15: Add: API REST for DNS system settings
- 20240111-15: Add: Possibility to query the Proxy Parents status via API REST
- 20240111-13: Add: Possibility to query the proxy NTLM connection status via API REST
- 20240109-14: Add: Possibility to monitor Proxy File Descriptors status via API REST
- 20240108-22: Add: Possibility to disable Artica to manage OpenSSH service configuration
- 20240108-15: Add: Possibility to search proxy realtime events by time slot.
- 20240107-16: Add: Privileges by Web Sites on reverse-proxy
- 20240103-00: Add: WebDav Access on a reverse-proxy HTML Site rule
- 20231204-13: Fix: 502 Bad Gateway on the Artica Web console
- 20231122-15: Add: Option to change the "myorigin" on the Artica SMTP Appliance
- 20231122-15: Fix: postmaster address is not changed
- 20231122-15: Add: Possibility to enable/disable recursive LDAP search for the IT Charter with Active Directory filter
- 20231122-15: Add: Possibility to tune the PHP engine for the Web console
- 20231121-14: Add : Possibility to whitelist Web application Firewall rules according to targeted applications
- 20231120-00: Add : Stopping function take care about ghost processes in HaCluster
- 20231120-00: Add : Review the reverse-proxy rewrite rules
- 20231120-00: Add : Review the reverse-proxy default server in websites rules
- 20231120-00: Add : Possibility to create a reverse-proxy website default block rule
- 20231118-02: Add: Possibility to block uploaded files based on their file type on Artica for Reverse-Proxy
- 20231117-02: Add: Possibility to scan for viruses uploaded data with Artica for Reverse-proxy
- 20231114-23: Add: Default removal headers rules on the Artica for Reverse-Proxy.
- 20231114-13: Fix: Proxy HotSpot custom form is not displayed on the HotSpot Page
- 20231113-13: Add: Possibility to recover a corrupted certificates center database
- 20231113-13: Fix: missing privileges working necessaries directories on the Web application Firewall for building reports
- 20231113-13: Fix: Undefined function Tips_paragraph that turn looping some queries on the Web console
- 20231112-20: Add: Possibility to ban clients based on Client Certificate in Artica reverse-proxy
- 20231111-14: Add: Notification to restart reverse-proxy service when a new website is created
- 20231111-02: Add: Possibility to cache reversed websites directly in a in-memory cache
- 20231110-21: Add: Possibility to turn a reverse-proxy website into maintenance mode
- 20231109-15: Fix: Increase security levels reported by the ANSSI DAT-NT28 Average intermediate level 45
- 20231107-02: Add: Increase DNS cache performance according the version 1.18.0
- 20231107-02: Add: better search on CrowdSec current blocked IP list.
- 20231107-02: Fix: Artica did not kill correctly php-fpm ghost processes
- 20231106-02: Add: PageSpeed caches in monitor system cache on Artica reverse-Proxy service
- 20231106-00: Add: Possibility to monitor system cache on Artica reverse-Proxy service
- 20231105-12: Add: Possibility to disable totally the Web Application Firewall for a defined path in Artica Reverse-Proxy service
- 20231105-12: Add: Possibility to define mass Urls redirects in Artica Reverse-Proxy service
- 20231101-21: Add: Possibility to deny URLs in Artica Reverse-Proxy service
- 20231101-16: Add: Possibility to set Permissions Policy headers in Artica Reverse-Proxy service
- 20231031-16: Add: Possibility to filter access by countries in the Artica Reverse-Proxy service
- 20231031-16: Add: Possibility to enforce the SMTP Submission port in Artica SMTP gateway.
- 20231030-14: Fix: Missing lock for privileges for Proxy Monitor on the proxy acl categories object
- 20231030-14: Fix: Wrong descriptions in the system tasks table.
- 20231030-14: Fix: Reverse-proxy real-time logs are now splitted by web service name in order to avoid timeouts in the web interface
- 20231029-15: Fix: Missing lock privileges for Proxy Monitor
- 20231029-02: Add: Possibility to log Client Certificats CommonName inside real-time events
- 20231025-23: Fix: Unable to install and configure the DHCP Relay service
- 20231024-12: Add: Possibility to force direct mode for Office 365 sites in the Proxy.PAC service
- 20231024-00: Fix Self-Signed certificate generation did not create CA capability for Proxy service with SSL decryption feature.
- 20231024-00: Fix Computer TOP menu, stuck
- 20231019-17: Add: New v2 for generating Let's Encrypt Certificates
- 20231017-11: Fix: Error table constraint on creating a new port on the reverse-proxy
- 20231017-11: Add: Get Information of public IP addresses that connects to the reverse-proxy system.
- 20231017-11: Fix: Unable to save some OpenSSH parameters.
- 20231017-11: Fix: Issue when creating an ADFS reverse Proxy.
- 20231017-11: Fix: Unable to create a Certificate Request using Certificate center.
- 20231016-17: Add: Notice to install PostgreSQL on DHCP service section if it is not installed
- 20231016-01: Remove php yaml dependecy for failover service
- 20231016-01: Fix python dependecy for the RDS proxy service
- 20231016-01: Fix: SMTP routing per destination addresses using TLS.
- 20231016-01: Add: Possibility to check client certificate only for specified path in the reverse-proxy.
- 20231016-01: Add: Possibility to import a server certificate for Client-side certification verify
- 20231013-01: Add: When Artica Firewall is active, it takes care about interfaces and ports of the reverse-proxy and create necessaries allow rules
- 20231013-01: Add: Change the Web design on the Certificates Center.
- 20231013-01: Fix: Sometimes, after rebooting, the Web console lost new saved parameters
- 20231013-01: Add: Certificate validation before saving Artica Web console interface settings
- 20231011-02: Fix issues on the RDS proxy service authenticator
- 20231011-02: Fix issues on ITCharter feature when using FireFox
- 20231011-02: Fix typo that cause a fatal error on the Active Directory NTLM watchdog
- 20231011-02: Fix: Unknown parameter encountered: "client use kerberos" in the Proxy NTLM feature
- 20231011-02: Fix creation of /var/log/samba folder during the startup
- 20231011-02: Removed Squid 6.x from repository - too many unstable features.
- 20231011-02: Under Construction: Client Certificates, Web Application Firewall - do not update if you using this feature until a new hotfix release these features
- 20231010-15: Add: Graphs and charts each hour for reverse-proxy Web application firewall
- 20231010-15: Add: sub-certificates support in Artica SMTP feature
- 20231009-23: Fix: Multiple CPUs section and Filedescriptors section turn to red status.
- 20231009-23: Fix Artica is unable to run PHP-FPM for the Web Console that generates a 502 bad gateway on the Interface
- 20231009-15: Add SMTP(s) Protocol support in the Artica SMTP gateway for the TLS feature
- 20231009-15: Fix bug 412: Artica SMTP gateway is not compatible with sub-certificates generated in the Certificates Center
- 20231009-12: Add: Parsing Reverse-Proxy Web Application Firewall events and reports are now made in real-time
- 20231009-12: Add: Managing the php engine and the Web Console using Web API daemon that able to recover Web console is PHP engine is crashed.
- 20231009-12: Add: possibility to generate a Self-Signed certificate using Web-API
- 20231009-12: Improve Procedure to generate a Self-signed certificate
- 20231003-15: Add Enforce redirects option for ADFS support in reverse-proxy feature
- 20231003-15: Add metrics per web service in the Reverse-Proxy feature
- 20230912-18: Add ADFS support in reverse-proxy feature
- 20230529-13: Fix: Bungled proxy configuration when using Multiple Active Directory Groups object type and Active Directory is inactive.
- 20230529-13: Fix: Bungled proxy configuration on TCP/IP address typing error with 2 dots eg (192.168.1..0/24 instead of 192.168.1.0/24 )
- 20230529-13: Fix: Some databases are not correctly patched after an upgrade from 4.30x to 450x
- 20230529-13: Fix: Access ACLs group of rules status is always seen as "inactive"
- 20230529-13: Fix: System overloaded after FUSER_MGR(); alert ( improve the test ports function )
- 20230529-13: Fix: /var/log/charon.log is not cleaned by Artica.
- 20230529-13: Fix: Bug 387 - Too many events in proxy cache.log caused by the eCAP Clamav when surfing on HTTPS sites ( see http://bugs.articatech.com/show_bug.cgi?id=387 )
- 20230529-16: Fix: No such column rulevalue in DNS Firewall rule section.
- 20230603-09: Add new DNS Firewall rule “Active Directory Offloading”
- 20230603-09: Add: Possibility to change the domain to test inside the failover service
- 20230603-09: Fix: Unable to build Postfix configuration according to a fatal error ( a function postconf() not exist)
- 20230603-09: Fix: Load-balancing service and haCluster service stuck caused by a system open files limitation.
- 20230605-11: Fix: Too limited Open files for DNS Firewall.
- 20230605-11: Fix: Unable to correctly update Filtering daemon service. ( see http://bugs.articatech.com/show_bug.cgi?id=388 )
- 20230605-13: increase the the overload notification limit to number of CPU + 2 ( see http://bugs.articatech.com/show_bug.cgi?id=389 )
- 20230606-12: Fix the Update section page stuck when there is no versioning information ( see http://bugs.articatech.com/show_bug.cgi?id=390 )
- 20230606-22: Fix Filtering service in left menu was hidden.
- 20230607-12: Add better back-ends status in HaCluster backends status section.
- 20230609-14: Fix typo in Fail-Over configuration
- 20230609-14: Add option to disable curl test on Fail-Over method
- 20230609-14: Add option to enable recursive search on Hotspot
- 20230609-14: Add option to deny members authentication on Hotspot
- 20230609-14: Add integration with Active Directory Agent
- 20230609-14: Add support for recursive search
- 20230609-17: Add: If only the register by email method is defined, the HotSpot web page redirects automatically to the redirect page.
- 20230609-19: Fix unable to change the register button text in the HotSpot configuration
- 20230610-21: Fix Ticketing and possibility to release a denied blocked page with the Web error page service did not show the button when there is no filter in rule
- 20230611-01: Add a search engine in the HotSpot vouchers section and enhancements for a more robust code in the Vouchers section.
- 20230611-19: Add possibility to turn the Proxy-PAC web service service into SSL method.
- 20230612-14: Add possibility to set Denied Active Directory groups in the HotSpot system.
- 20230613-23: Fix reflect some rules equation in web error page service
- 20230614-11: Fix sometimes, the user information is not saved in Web error page ticket system
- 20230614-15: Add automatic watchdog incident when the proxy watchdog need to restart service.
- 20230615-01: Add some DNS setting in the cluster replication package
- 20230616-13: Fix unblock websites from ticket page did not send correctly information
- 20230616-13: Fix: Invalid ACL: acl UfdbgUnblock3 proxy_auth xxx when there is no authentication enabled on proxy service
- 20230623-00: Fix: Issues on accents on the HotSpot Skins features and ability to change the title of “Terms & Conditions”
- 20230624-01: Add: possibility to import global proxy blacklist from a text file and replace the full content
- 20230625-19: Change: Real-time connections as been totally modified in order to accept huge data.
- 20230625-19: Add: Possibility to add categories by family ( non-productive, dangerous.. ) in ACLs and Web-filtering
- 20230625-19: Add: Possibility to remove all added categories in ACLs and Web-filtering.
- 20230625-19: Add: Possibility to export Proxy blacklists into CSV mode.
- 20230627-02: Add: Possibility to route domain's prefix dynamically in the reverse-proxy section
- 20230627-13: Fix: Unable to save the “No Cache” option inside Transparent Proxy ports section.
- 20230627-13: Fix: Synchronize time with the NTP client uninstall the feature.
- 20230627-13: Add: Possibility to redirect connections to a defined URL in proxy acls.
- 20230627-13: Fix: Some encoding characters issues in HotSpot skin section
- 20230627-16: Fix: Access log for reverse proxy did not log correctly hostname when using dynamic domains routing feature.
- 20230627-18: Fix: Typo code on the IDS service main script.
- 20230630-02: Fix: Unable to create an LDAP user
- 20230630-02: Add: Possibility to update Artica using Unix console or by command-line
- 20230630-13: Add: Possibility to import all web-filtering categories inside a web-filtering rule or ACL.
- 20230702-1: Fix loop on reverse-proxy main sites table
- 20230702-1: Add : A limit of 50,000 records when compiling personal categories in the Web-filter daemon.
- 20230705-16: Fix accents are corrupted in the web-error page.
- 20230705-16: Limit 500,000 records in personal categories with the go-shield.
- 20230705-16: Add: new domain checker inside proxy service real-time monitor
¶ List of available Hot Fixes
Get the Hot Fixes here:
https://www.articatech.com/hotfixes.php?main=4.50.000000&sp=0
¶ Apply the HotFix
- On the left menu, click on “
Your System” > “Update” - Click on the button “Manual update” and upload the artica-4.50.000000.tgz downloaded file
- Click on the Artica tab
- You will find a “Current Hotfix" row with the applied version.
