From 07bb0ffae687f27d75e4611ea370b6976d9efa88 Mon Sep 17 00:00:00 2001 From: neher-igel Date: Wed, 27 Nov 2024 10:19:36 -0700 Subject: [PATCH] 11.10.210 < 11.10.150 11.10.210 < 11.10.150 --- .../HOWTO-Setup-Lab-Sandbox-Environment.md | 8 +- docs/Docs/HOWTO-UCC-Guide.md | 36 +- .../ReleaseNotes/01-OS11/IGEL-News-Builds.md | 717 +++++ docs/Docs/ReleaseNotes/01-OS11/README.md | 2 + .../ReleaseNotes/01-OS11/readme11.10.210.txt | 2572 +++++++++++++++++ 5 files changed, 3314 insertions(+), 21 deletions(-) create mode 100644 docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt diff --git a/docs/Docs/HOWTO-Setup-Lab-Sandbox-Environment.md b/docs/Docs/HOWTO-Setup-Lab-Sandbox-Environment.md index 48b5b84a..30733f62 100644 --- a/docs/Docs/HOWTO-Setup-Lab-Sandbox-Environment.md +++ b/docs/Docs/HOWTO-Setup-Lab-Sandbox-Environment.md @@ -412,8 +412,8 @@ SELECT THINCLIENT.TCNAME, HW.BIOS_VENDOR, HW.BIOS_VERSION, HW.BIOS_DATE, FW.VERS | UMS 6 | UMS 6 for Linux Server | | OSC - OS 12 | OSC - OS 12 | | OSC - OS 12 PXE | OSC - OS 12 PXE | -| OSC - OS 11 | OSC - OS 11 | -| OS Update - OS 11 | OS Update Firmware - OS 11 | +| OSC - OS 11 | OSC - OS 11 | +| OS Update - OS 11 | OS Update Firmware - OS 11 | | ICG 12 | ICG 12 | | ICG 2 | ICG 2 | @@ -439,11 +439,11 @@ wget https://az743625.vo.msecnd.net/files/IGEL_CLOUD_GATEWAY/installer-12.06.100 #IGEL OS 11 / UMS 6 / ICG 2) #OSC 11: -wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/OSC/OSC_11.10.190.zip +wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/OSC/OSC_11.10.210.zip wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/OSC/OSC_11.09.310.zip #OS 11 Update: -wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/updates/lxos_11.10.190_public.zip +wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/updates/lxos_11.10.210_public.zip wget https://az743625.vo.msecnd.net/files/IGEL_OS_11/updates/lxos_11.09.310_public.zip #UMS 6: diff --git a/docs/Docs/HOWTO-UCC-Guide.md b/docs/Docs/HOWTO-UCC-Guide.md index 0569ad66..586ec769 100644 --- a/docs/Docs/HOWTO-UCC-Guide.md +++ b/docs/Docs/HOWTO-UCC-Guide.md @@ -5,6 +5,8 @@ UPDATE --> - IGEL UMS Version Base: [12.06.100](https://igel-community.github.io/IGEL-Docs-v02/Docs/ReleaseNotes/02-UMS/Readme-12.06.100.txt) +- IGEL OS Firmware Base: [11.10.210](https://github.com/IGEL-Community/IGEL-Docs-v02/blob/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt) + - IGEL OS Firmware Base: [11.10.195](https://github.com/IGEL-Community/IGEL-Docs-v02/blob/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.195.txt) - IGEL OS Firmware Base: [11.10.190](https://github.com/IGEL-Community/IGEL-Docs-v02/blob/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.190.txt) @@ -28,23 +30,23 @@ UPDATE - IGEL OS Firmware Base: [11.09.164](https://github.com/IGEL-Community/IGEL-Docs-v02/blob/main/docs/Docs/ReleaseNotes/01-OS11/readme11.09.164.txt) -| Clients | 11.10.100 | 11.10.190 | 11.10.195 | -|----------------------------------|----------------------|------------------------|------------------------| -| Cisco JVDI Client | 14.3.0 | 14.3.0 | 14.3.0 | -| Cisco Webex Meetings VDI plugin | 42.10.8.14 | 42.10.8.14 | 42.10.8.14 | -| Cisco Webex Meetings VDI plugin | 42.6.11.6 | 42.6.11.6 | 43.6.8.4 | -| Cisco Webex Meetings VDI plugin | 43.6.8.4 | 43.6.8.4 | 44.6.5.1 | -| Cisco Webex VDI plugin | 44.2.0.28744 | 44.4.0.29960 | 44.6.0.30048 | -| Citrix HDX Realtime Media Engine | 2.9.600 | 2.9.600 | 2.9.600 | -| Citrix Workspace App | 20.10.0.6 | 20.10.0.6 | 20.10.0.6 | -| Citrix Workspace App | 23.11.0.82 | 23.11.0.82 | 24.05.0.76 | -| Citrix Workspace App | 24.02.0.65 | 24.02.0.65 | 24.08.0.98 | -| IGEL AVD Client | 1.1.40igel1708088233 | 1.2.0igel1718803791 | 1.2.0igel1718803791 | -| IGEL RDP Client | 2.2igel1707744600 | 2.2igel1717589021 | 2.2igel1717589021 | -| VMware Horizon client | 2312-8.12.0-23149323 | 2312.1-8.12.1-23543969 | 2312.1-8.12.1-23543969 | -| Zoom Media Plugin | 5.16.10.24420 | 5.16.10.24420 | 5.14.10.23670 | -| Zoom Media Plugin | 5.17.5.24630 | 5.17.5.24630 | 5.17.13.25060 | -| Zoom Media Plugin | 5.17.6.24660 | 5.17.6.24660 | 6.1.12.25370 | +| Clients | 11.10.100 | 11.10.190 | 11.10.195 | 11.10.210 | +|----------------------------------|----------------------|------------------------|------------------------|------------------------| +| Cisco JVDI Client | 14.3.0 | 14.3.0 | 14.3.0 | 15.0.0 | +| Cisco Webex Meetings VDI plugin | 42.10.8.14 | 42.10.8.14 | 42.10.8.14 | 42.10.8.14 | +| Cisco Webex Meetings VDI plugin | 42.6.11.6 | 42.6.11.6 | 43.6.8.4 | 43.6.8.4 | +| Cisco Webex Meetings VDI plugin | 43.6.8.4 | 43.6.8.4 | 44.6.5.1 | 44.6.5.1 | +| Cisco Webex VDI plugin | 44.2.0.28744 | 44.4.0.29960 | 44.6.0.30048 | 44.8.1.30603 | +| Citrix HDX Realtime Media Engine | 2.9.600 | 2.9.600 | 2.9.600 | 2.9.600 | +| Citrix Workspace App | 20.10.0.6 | 20.10.0.6 | 20.10.0.6 | 20.10.0.6 | +| Citrix Workspace App | 23.11.0.82 | 23.11.0.82 | 24.05.0.76 | 24.02.0.65 | +| Citrix Workspace App | 24.02.0.65 | 24.02.0.65 | 24.08.0.98 | 24.05.0.76 | +| IGEL AVD Client | 1.1.40igel1708088233 | 1.2.0igel1718803791 | 1.2.0igel1718803791 | 1.2.0igel1729086829 | +| IGEL RDP Client | 2.2igel1707744600 | 2.2igel1717589021 | 2.2igel1717589021 | 2.2igel1730799204 | +| VMware Horizon client | 2312-8.12.0-23149323 | 2312.1-8.12.1-23543969 | 2312.1-8.12.1-23543969 | 2406-8.13.0-9995429239 | +| Zoom Media Plugin | 5.16.10.24420 | 5.16.10.24420 | 5.14.10.23670 | 5.17.13.25060 | +| Zoom Media Plugin | 5.17.5.24630 | 5.17.5.24630 | 5.17.13.25060 | 5.17.6.24660 | +| Zoom Media Plugin | 5.17.6.24660 | 5.17.6.24660 | 6.1.12.25370 | 6.1.12.25370 | | Clients | 11.09.260 | 11.09.261 | 11.09.269 | 11.09.310 | 11.09.313 | diff --git a/docs/Docs/ReleaseNotes/01-OS11/IGEL-News-Builds.md b/docs/Docs/ReleaseNotes/01-OS11/IGEL-News-Builds.md index 407b50f7..3d615dc2 100644 --- a/docs/Docs/ReleaseNotes/01-OS11/IGEL-News-Builds.md +++ b/docs/Docs/ReleaseNotes/01-OS11/IGEL-News-Builds.md @@ -13,6 +13,723 @@ Please keep in mind a Private Build is a fully supported firmware! ----- +## 2024-11-27 - [11.10.210](readme11.10.210.txt) + +``` +The new PUBLIC BUILD 11.10.210 for IGEL Workspace is ready. + +This build is based on 11.10.150. + +These are the release notes published with that release: + +New Features +-------------------------------------------------------------------------------- + +### Citrix + +* Updated Citrix Workspace App to version 2405. + Available Citrix Workspace Apps in this release: 2405 (default), 2402, and + 2010 +* Changed: +* The default value of the parameter ica.authman.kiosksfuienhanced has been + changed to true and thus corresponds to the value of Citrix. +* Added: +* [Technical Preview] Provision to manage multiple proxy servers + You can use multiple proxy servers that allow the HDX sessions to select + appropriate proxy servers for accessing specific resources. + ++------------+-----------------------------------------------------------------+ +| Parameter | ProxyAutoConfigURL | ++------------+-----------------------------------------------------------------+ +| Registry | ica.allregions.proxyautoconfigurl | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | "" | ++------------+-----------------------------------------------------------------+ + + > Extend parameter range ica.allregions.proxytype with "Script". + +* [Technical Preview] Multiple webcam resolutions support + Webcam streaming supports all webcam resolutions that are available on the + client side. + ++------------+-----------------------------------------------------------------+ +| Parameter | HDXWebcamEnablePnp | ++------------+-----------------------------------------------------------------+ +| Registry | ica.wfclient.hdxwebcamenablepnp | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +### Citrix NSGClient + +* Updated Citrix EPA Client to version 24.10.1 + +### RD Web Access + +* Added IGEL RDP3-based RD Web Access incl. support of seamless app(s). + +### VMware Horizon + +* Updated Horizon Client to version 2406 +* Added support for Horizon next-gen (v2) API + If server URL of Horizon session matches the host name pattern defined in + vmware.view.v2_host, next-gen API will be used for this session. + ++------------+-----------------------------------------------------------------+ +| Parameter | Next-gen host name pattern | ++------------+-----------------------------------------------------------------+ +| Registry | vmware.view.v2_host | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | .workspaceoneaccess.com�.workspaceair.com� | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.eu�.vmwareidentity.de� | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.co.uk�.vmwareidentity.com.au� | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.com�.vmwareidentity.ca� | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.asia�.vidmpreview.com _Default_ | ++------------+-----------------------------------------------------------------+ + +### Network + +* Added ACME client - for usage of HTTP-01 challenges +* Registry keys: +* This determines whether the feature is enabled as a whole: + ++------------+-----------------------------------------------------------------+ +| Parameter | Manage certificates with ACME | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.enable | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + +* The rest are members of instances of network.acmeclient.cert%. Instance 0 is + available from the start. +* This is the name of the subdirectory of /wfs/acme_certificates/ where data for + the respective instance is stored - only letters, digits, underscores, dashes + and dots are allowed: + ++------------+-----------------------------------------------------------------+ +| Parameter | Directory | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.directory | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | default _Default_ | ++------------+-----------------------------------------------------------------+ + +* The following are names (space-separated) for which a certificate shall be + requested. In the case of success each will appear as subject alt name, the + first one also as the common name (This is true at least with the Smallstep CA + with default settings). %H will be replaced by `hostname -f`, %h by `hostname + -s`. + ++------------+-----------------------------------------------------------------+ +| Parameter | Names | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.names | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | %H _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the ACME server URL (something like https://my- + stepca.example.com/acme/acme/directory): + ++------------+-----------------------------------------------------------------+ +| Parameter | ACME server URL | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.serverurl | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Account key length (bits) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.accountkeylength | ++------------+-----------------------------------------------------------------+ +| Range | [1024][2048][4096] | ++------------+-----------------------------------------------------------------+ +| Value | _4096_ | ++------------+-----------------------------------------------------------------+ + +* This is for verifying the ACME servers certificate (installing any such + certificate on the system is beyond the scope of the ACME client): + ++------------+-----------------------------------------------------------------+ +| Parameter | CA Bundle | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.cabundle | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + +* This may be necessary for creating an account on the ACME server: + ++------------+-----------------------------------------------------------------+ +| Parameter | Email address | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.email | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + +* The following is the length of the client key for which a certificate will be + requested. Those with ecc-prefix mean ellipic curve keys, the remaining ones + RSA keys. + ++------------+-----------------------------------------------------------------+ +| Parameter | Key length (bits) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.keylength | ++------------+-----------------------------------------------------------------+ +| Range | [1024][2048][4096][8192][ec-256][ec-384][ec-512] | ++------------+-----------------------------------------------------------------+ +| Value | _4096_ | ++------------+-----------------------------------------------------------------+ + +* This is the number of days between expiry checks: + ++------------+-----------------------------------------------------------------+ +| Parameter | Certificate expiry check interval (days) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.checkinterval | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 1 _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the period before the certificates' expiry in which renewal attempts + are performed: + ++------------+-----------------------------------------------------------------+ +| Parameter | Certificate renewal period (days) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.renewalperiod | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 30 _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the debug level for acme.sh: + ++------------+-----------------------------------------------------------------+ +| Parameter | Debug level | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.debuglevel | ++------------+-----------------------------------------------------------------+ +| Range | [0][1][2][3] | ++------------+-----------------------------------------------------------------+ +| Value | _0_ | ++------------+-----------------------------------------------------------------+ + +* The resulting client.cert and client.key can be used for EAP/TLS and + EAP/PEAP/TLS via Ethernet and WLAN. + Example: + Assume the above is configured with directory="default" and EAP/TLS is wanted. + On the respective setup panel the following should be configured then: + EAP Type: TLS + Validate Server Certificate/CA Root Certificate: for verifying the RADIUS + server's certificate, a separate topic + Manage certificates with SCEP (NDES): no + Client Certificate: /wfs/acme_certificates/default/client.cert + Private Key: /wfs/acme_certificates/default/client.key + Identity: , will be automatically derived from the client certificate's + subject + Private Key Password: +* Added Wake on LAN support via USB-C-to-LAN adapters +* Activated by enabling any of the Wake on LAN settings of LAN Interfaces +* Only Wake on LAN from Suspend is supported +* Updated Lenovo FCC Unlock Tool to version 2.4 + +### IGEL Agent for Imprivata + +* Updated iia to 0.6.2igel1728370169 (content of IAFI 1.1.0). + +### Imprivata + +* Updated Imprivata bootstrap loader to fix CVE-2022-37454. +* Updated PIE bootstrap loader to 23.2.0.711883 + +### HID + +* Added new registry keys to influence mouse acceleration settings: + ++------------+-----------------------------------------------------------------+ +| Parameter | Use new mouse accel variant | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.mouse.use_new_accel_variant | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Enable mouse acceleration (only for new accel variant) | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.mouse.enable_acceleration | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | _enabled_ (default) / disabled | ++------------+-----------------------------------------------------------------+ + +### Cisco JVDI Client + +* Updated Cisco JVDI to version 15.0.0 + +### Cisco Webex + +* Updated Webex VDI to version 44.8.1.30603 + Added support for AVD + Fixed two critical issues (Crash, Audio for Webex Calling) +* Updated Webex Meetings VDI to version 44.6.5.1, available versions: 44.6.5.1, + 43.6.8.4 and 42.10.8.14. + +### Base system + +* Removed support for BioSec BS Login Hand Vein Sensor due to technical reasons + (necessary removal of QT4). +* Updated grub bootloader to 2.12 version. +* Updated StepOver Client to version 2.4.3 + +### Firmware update + +* Added progress notification shown during migration from OS 11 to OS 12. + +### zoomvdi + +* Updated Zoom VDI Client to version 6.1.12. Available versions in this release: + 6.1.12.25370, 5.17.13.25060 and 5.17.6.24660. + +### Hardware + +* Improved hardware detection of supported LG devices. +* Validated support for Intel i226, 2.5Gbps ethernet card (copper and fiber) for + HP t755 devices. + Validated support for Allied Telesis 2914SP Gbps PCIe network adapter with SFP + Port for HP t755 devices. + +### TC Setup (Java) + +* Upgraded TC Setup to version 12.6.1 +* Added deviceTRUST and Cisco Webex VDI options to Sessions > AVD > AVD Sessions + > AVD Session > Plugins page. + +### Remote Management + +* Improved migration from OS 11 to OS 12. + Upgrade of the remote management protocols is invoked as a separate step + returning a specific reason in case of failure. + +### Fabulatech + +* Updated Fabulatech USB redirection to version 6.2.0.9 +* Added interfaces parameter to configure Fabulatech USB redirection to redirect + certain interfaces only. The value is a space separated list of interface + indices. The interfaces parameter is available in IGEL registry. After + creation of device rule with VID and PID for the related device, the IGEL + registry under rdp.usbredirection.devicepolicy.product_rule0.interfaces must + be used to configure the interface indices to redirect. Leave interfaces empty + to redirect the whole device. + ++------------+-----------------------------------------------------------------+ +| Registry | `rdp.usbredirection.devicepolicy.product_rule%.interfaces` | ++------------+-----------------------------------------------------------------+ +| Value | "" (default) / space separated list of interface indices to redirect, ie. "2 3" | ++------------+-----------------------------------------------------------------+ + +Security Fixes +-------------------------------------------------------------------------------- + +### Chromium + +* Updated Chromium browser to current mainline version 130.0.6723.91. +* Fixed Chromium security issues CVE-2024-10488, CVE-2024-10487, CVE-2024-10231, + CVE-2024-10230, CVE-2024-10229, CVE-2024-9966, CVE-2024-9965, CVE-2024-9964, + CVE-2024-9963, CVE-2024-9962, CVE-2024-9961, CVE-2024-9960, CVE-2024-9959, + CVE-2024-9958, CVE-2024-9957, CVE-2024-9956, CVE-2024-9955, CVE-2024-9954, + CVE-2024-9603, CVE-2024-9602, CVE-2024-9370, CVE-2024-9369, CVE-2024-9123, + CVE-2024-9122, CVE-2024-9121, CVE-2024-9120, CVE-2024-8909, CVE-2024-8908, + CVE-2024-8907, CVE-2024-8906, CVE-2024-8905, CVE-2024-8904, CVE-2024-8639, + CVE-2024-8638, CVE-2024-8637, CVE-2024-8636 and CVE-2024-7025. +* Fixed Chromium security issues CVE-2024-8362, CVE-2024-7970, CVE-2024-8198, + CVE-2024-8194, CVE-2024-8193, CVE-2024-8035, CVE-2024-8034, CVE-2024-8033, + CVE-2024-7981, CVE-2024-7980, CVE-2024-7979, CVE-2024-7978, CVE-2024-7977, + CVE-2024-7976, CVE-2024-7975, CVE-2024-7974, CVE-2024-7973, CVE-2024-7972, + CVE-2024-7971, CVE-2024-7969, CVE-2024-7968, CVE-2024-7967, CVE-2024-7966, + CVE-2024-7965 and CVE-2024-7964. + +### Firefox + +* Updated Mozilla Firefox to version 115.16.1 ESR +* Fixes for mfsa2024-30, also known as: + CVE-2024-7652, CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, + CVE-2024-6603, CVE-2024-6604. +* Fixes for mfsa2024-34, also known as: + CVE-2024-7519, CVE-2024-7521, CVE-2024-7522, CVE-2024-7524, + CVE-2024-7525, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, + CVE-2024-7531. +* Fixes for mfsa2024-41, also known as: + CVE-2024-8381, CVE-2024-8382, CVE-2024-8383, CVE-2024-8384. +* Fixes for mfsa2024-48, also known as: + CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9401. +* Fixes for mfsa2024-51, also known as: + CVE-2024-9680. + +### Imprivata + +* Updated Imprivata bootstrap loader to fix CVE-2022-37454. + +### Base system + +* Fixed bind9 security issues CVE-2024-4076, CVE-2024-1975, CVE-2024-1737, + CVE-2024-0760, CVE-2023-5679, CVE-2023-5517, CVE-2023-50868, CVE-2023-50387, + CVE-2023-4408, CVE-2023-4236 and CVE-2023-3341. +* Fixed python3.10 security issues CVE-2024-8088, CVE-2024-7592, CVE-2024-6923, + CVE-2024-6232, CVE-2023-27043, CVE-2024-0450 and CVE-2023-6597. +* Fixed openssl security issue CVE-2022-40735. +* Fixed wget security issue CVE-2024-38428. +* Fixed aom security issue CVE-2024-5171. +* Fixed cups security issues CVE-2024-47175 and CVE-2024-35235. +* Fixed krb5 security issues CVE-2024-37371 and CVE-2024-37370. +* Fixed openvpn security issues CVE-2024-5594 and CVE-2024-28882. +* Fixed wpa security issues CVE-2024-5290 and CVE-2023-52160. +* Fixed ghostscript security issues CVE-2024-29511, CVE-2024-29509, + CVE-2024-29508 and CVE-2024-29506. +* Fixed zulu17-ca security issues CVE-2024-21131, CVE-2024-21138, + CVE-2024-21140, CVE-2024-21145 and CVE-2024-21147. +* Fixed gtk+2.0 security issue CVE-2024-6655. +* Fixed gtk+3.0 security issue CVE-2024-6655. +* Fixed openvpn security issue CVE-2024-5594. +* Fixed qtbase-opensource-src security issue CVE-2024-39936. +* Fixed python-zipp security issue CVE-2024-5569. +* Fixed poppler security issue CVE-2024-6239. +* Fixed openssl1.1 security issues CVE-2024-5535, CVE-2024-4741 and + CVE-2024-2511. +* Fixed openssh security issue CVE-2024-39894. +* Fixed python3.10 security issues CVE-2024-4032 and CVE-2024-0397. +* Fixed openssl security issues CVE-2024-6119, CVE-2024-5535, CVE-2024-4741, + CVE-2024-4603 and CVE-2024-2511. +* Fixed mysql-8.0 security issues CVE-2024-21185, CVE-2024-21179, + CVE-2024-21177, CVE-2024-21173, CVE-2024-21171, CVE-2024-21165, + CVE-2024-21163, CVE-2024-21162, CVE-2024-21142, CVE-2024-21134, + CVE-2024-21130, CVE-2024-21129, CVE-2024-21127, CVE-2024-21125 and + CVE-2024-20996. +* Fixed gnome-shell security issue CVE-2024-36472. +* Fixed orc security issue CVE-2024-40897. +* Fixed postgresql-14 security issue CVE-2024-7348. +* Fixed bubblewrap security issue CVE-2024-42472. +* Fixed curl security issues CVE-2024-8096, CVE-2024-7264, CVE-2024-6874 and + CVE-2024-6197. +* Fixed vim security issues CVE-2024-43802, CVE-2024-43374 and CVE-2024-41957. +* Fixed webkit2gtk security issues CVE-2024-44187, CVE-2024-40866, + CVE-2024-27851, CVE-2024-27838, CVE-2024-27833, CVE-2024-27820, + CVE-2024-27808, CVE-2024-23271, CVE-2024-4558, CVE-2024-40794, CVE-2024-40789, + CVE-2024-40785, CVE-2024-40782, CVE-2024-40780, CVE-2024-40779, CVE-2024-40776 + and CVE-2024-27834. +* Fixed ffmpeg security issues CVE-2024-7272 and CVE-2024-7055. +* Fixed expat security issues CVE-2024-50602, CVE-2024-45492, CVE-2024-45491 and + CVE-2024-45490. +* Fixed tiff security issue CVE-2024-7006. +* Fixed setuptools security issue CVE-2024-6345. +* Fixed apparmor security issue CVE-2016-1585. +* Fixed libvirt security issue CVE-2024-8235. +* Fixed qemu security issues CVE-2024-8612, CVE-2024-4467, CVE-2024-7409 and + CVE-2024-6505. +* Fixed cups-filters security issues CVE-2024-47176 and CVE-2024-47076. +* Fixed nano security issue CVE-2024-5742. +* Fixed zulu17-ca security issues CVE-2023-42950, CVE-2024-25062, + CVE-2024-21235, CVE-2024-21217, CVE-2024-21210 and CVE-2024-21208. +* Fixed libheif security issues CVE-2024-25269, CVE-2023-49464, CVE-2023-49463, + CVE-2023-49462, CVE-2023-49460 and CVE-2023-0996. +* Fixed libvpx6 security issue CVE-2024-5197. +* Fixed xorg-server security issue CVE-2024-9632. +* Fixed python-urllib3 security issue CVE-2024-37891. + +Resolved Issues +-------------------------------------------------------------------------------- + +### Citrix + +* Fixed ica.module.EnableVolumeListener has an effect at EnableAudioListener of + file module.ini +* Fixed: Citrix processes does not run if no sessions are configured. The + processes are restarted with changed configuration. + +### AVD + +* Fixed PAUSE and Ctrl+PAUSE=BREAK keys to work as expected +* Fixed dynamic virtual channel initialization + +### RDP/IGEL RDP Client 2 + +* Added parameter to disable X11 autorepeat detection and handling: + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.winconnect%.option.disable-autorepeat-detection` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled**(default) | ++------------+-----------------------------------------------------------------+ + +* This fixes barcode reader dropping inputs when scanning labels with reoccuring + characters. +* Fixed generic USB redirection for some devices (ie. ID 046d:0825 Logitech, + Inc. Webcam C270) +* Fixed serial port redirection not working for COM10 and above. + +### RD Web Access + +* Fixed RDP desktop session not working when published as a remote app. +* Fixed Remote Desktop Web Access login not working reliably. +* Fixed display filters not working for Rd Web Access. +* Fixed disabling Verify Certificates not working for RD Web Access. + +### VMware Horizon + +* Fixed collection of logs. +* Fixed handling of audio preferences (vmware.view.audio-out-option) + +### Chromium + +* Fixed custom policy URLBlocklist not working properly if file access and using + IGEL Setup for configuration was disabled. +* Fixed system volume being automatically adjusted by Chromium Browser. + +### Firefox + +* Fixed on-screen keyboard auto show / hide functionality. + +### Network + +* Fixed SCEP: When the CA fingerprint or the CA identifier is changed, client + certificate and client key are not discarded anymore. Only new CA and RA + certificates will be downloaded. +* Added for SCEP: Content-Type: application/x-pki-message is sent according to + RFC 8894 if the following option is enabled: + ++------------+-----------------------------------------------------------------+ +| Parameter | Send Content-Type | ++------------+-----------------------------------------------------------------+ +| Registry | network.scepclient.cert%.sscep.send_content_type | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + +* Improved shutdown time by removing loopback interface from NetworkManager's + managed interfaces. +* Fixed sporadic no-link messages regarding a deactivated Ethernet interface + +### HID + +* Fixed auto-suspend of HID devices after reboot. +* Fixed touchscreen right click by using touchegg gesture recognition for two + finger tap. Further gestures are not supported. + Added registry key to enable touchegg multitouch gesture support. + ++------------+-----------------------------------------------------------------+ +| Parameter | Use touchegg for multitouch gestures handling. | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.touchscreen.touchegg | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + +### Base system + +* Fixed: Wrong assignment of socks proxy port +* Fixed issue with license is not detected on some devices. +* Fixed issue with not using 2.5 Gbit/s or 5 Gbit/s if it would be possible. +* Fixed not functional proxy if system-wide proxy was configured. +* Fixed: Taskbar items blinking several times. +* Removed QT4 libraries from firmware. +* Changed configuration of webcam priority. V4L Name is used for identifying the + webcam. If only one webcam is present, no entry is needed. If multiple webcams + are present without set priority, the first one is used. +* ## Added parameters in registry + ++------------+-----------------------------------------------------------------+ +| Parameter | Camera name | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.name | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | camera _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | priority | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.priority | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 0 _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | V4L2 name | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.v4lname | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | v4l2-string _Default_ | ++------------+-----------------------------------------------------------------+ + +* Lower number means higher priority. +* ## Obsolete Registry Parameters + ++------------+-----------------------------------------------------------------+ +| Parameter | Select how the webcam to use should be choosen. | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.choose_webcam_by | ++------------+-----------------------------------------------------------------+ +| Range | [Use first webcam][Choose by name] | +| | [Choose by vendor_id:product_id][Choose by number] | +| | [Choose by devicename][Choose by priority] | ++------------+-----------------------------------------------------------------+ +| Value | _Use first webcam_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by number (only valid if choose by number is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_number | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 1 _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by name (only valid if choose by name is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_name | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by vendor_id:product_id (only valid if choose by vendor_id:product_id is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_vendor_product | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by devicename for example /dev/video0 or video0 (only valid if choose by devicename is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_device | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by priority list for example dev=video0;name=HD_Webcam_C270 (only valid if choose by priority is used)}} | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_priority | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + +### Firmware update + +* Fixed disk size detection of 8 GB flash sizes for OS 12 migration. With this + fix migration works on UD Pockets again. +* Fixed OS11 to OS12 migration issue due to repartition not always working with + non GPT partition tables. +* Fixed FTP server configuration to properly reflect the configured maxim number + of connections. Please note that there's a hard limit of 100 concurrent + connections in the FTP server. +* Fixed migration dbus timeout on slower devices if migration prepare is needed. + +### X11 system + +* Fixed primary monitor configuration with new Display switcher implementation. + The panel appears on the proper monitor again. + +### Audio + +* Fixed USB headset support on LG CQ600i +* Added parameter to set output level of a headphone in ALSA to maximum at every + start. + ++------------+-----------------------------------------------------------------+ +| Parameter | Set headphone in alsa to maximum | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.alsa.headphone_max_volume | ++------------+-----------------------------------------------------------------+ +| Range | [auto][true][false] | ++------------+-----------------------------------------------------------------+ +| Value | _auto_ | ++------------+-----------------------------------------------------------------+ + +### Hardware + +* Fixed issue with Intel and additional graphic cards: +* All graphic cards are now detected properly, +* All screens attached to all graphic cards are active. +* Fixed WiFi on Lenovo Ideapad devices. The last ON/OFF state of the WiFi is + restored on each boot or reboot. +* Changed: Disabled suspend on HP t240. + +### Remote Management + +* Fixed rmagent device registration. +* Added setup parameter to set connect timeout + ++------------+-----------------------------------------------------------------+ +| IGEL Setup | system > remotemanager | ++============+=================================================================+ +| Parameter | `IGEL Remote Management Connect Timeout` | ++------------+-----------------------------------------------------------------+ +| Registry | `system.remotemanager.connect_timeout` | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | timeout in sec / **45** (default) | ++------------+-----------------------------------------------------------------+ +``` + +----- + ## 2024-11-20 - [11.10.195](readme11.10.195.txt) ``` diff --git a/docs/Docs/ReleaseNotes/01-OS11/README.md b/docs/Docs/ReleaseNotes/01-OS11/README.md index 16ed5adc..2469b535 100644 --- a/docs/Docs/ReleaseNotes/01-OS11/README.md +++ b/docs/Docs/ReleaseNotes/01-OS11/README.md @@ -40,6 +40,7 @@ flowchart LR ```mermaid flowchart LR + 11.10.150-- 2024-11-27 -->11.10.210((11.10.210)) 11.10.190-- 2024-11-20 -->11.10.195 11.10.190-- 2024-11-15 -->11.10.194 11.10.190-- 2024-10-28 -->11.10.192 @@ -79,6 +80,7 @@ flowchart LR 11.10.100-- 2024-06-03 -->11.10.104 11.10.100-- 2024-05-28 -->11.10.103 11.10.100((11.10.100)) + click 11.10.210 "https://github.com/IGEL-Community/IGEL-Docs-v02/tree/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt" _blank click 11.10.195 "https://github.com/IGEL-Community/IGEL-Docs-v02/tree/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.195.txt" _blank click 11.10.194 "https://github.com/IGEL-Community/IGEL-Docs-v02/tree/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.194.txt" _blank click 11.10.192 "https://github.com/IGEL-Community/IGEL-Docs-v02/tree/main/docs/Docs/ReleaseNotes/01-OS11/readme11.10.192.txt" _blank diff --git a/docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt b/docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt new file mode 100644 index 00000000..317e7ac4 --- /dev/null +++ b/docs/Docs/ReleaseNotes/01-OS11/readme11.10.210.txt @@ -0,0 +1,2572 @@ +IGEL OS Creator +=============== + +Firmware version 11.10.210 +Release date 2024-11-22 +Last update of this document 2024-11-26 + + +Supported Devices +------------------------------------------------------------------------------- + +UD2-LX 52, UD2-LX 51 +UD3-LX 60 +UD7-LX 20 + +[> Supported IGEL OS 11 thirdparty devices](https://kb.igel.com/os11-supported-hardware) + + +Component Versions +------------------------------------------------------------------------------- + ++-------------------------------------------+----------------------------------+ +| Clients | | ++===========================================+==================================+ +| Zulu JRE | 17.0.13-1 | ++-------------------------------------------+----------------------------------+ + + ++-------------------------------------------+----------------------------------+ +| System Components | | ++===========================================+==================================+ +| OpenSSL | 1.0.2n-1ubuntu5.13igel1686114423 | ++-------------------------------------------+----------------------------------+ +| OpenSSL | 1.1.1f-1ubuntu2.23 | ++-------------------------------------------+----------------------------------+ +| OpenSSL | 3.0.2-0ubuntu1.18 | ++-------------------------------------------+----------------------------------+ +| Bluetooth Stack (bluez) | 5.77-1igel1727077136 | ++-------------------------------------------+----------------------------------+ +| MESA OpenGL Stack | 24.2.4-1igel1728045443 | ++-------------------------------------------+----------------------------------+ +| VDPAU Library Version | 1.5-2igel1677954724 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver INTEL | 2.99.917+git20210115-1igel1654609037 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver ATI/RADEON | 22.0.0-1igel1704966675 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver ATI/AMDGPU | 23.0.0-1igel1705669076 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver Nouveau (Nvidia Legacy) | 1.0.17-2igel1654608979 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver Nvidia | 525.147.05-0ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver VMware | 13.3.0-3igel1654607153 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver QXL (Spice) | 0.1.6-1igel1687782644 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver FBDEV | 0.5.0-2igel1654609009 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver VESA | 2.6.0-1igel1704966930 | ++-------------------------------------------+----------------------------------+ +| Input Driver Evdev | 2.10.6-2+b1igel1647004239 | ++-------------------------------------------+----------------------------------+ +| Input Driver Elographics | 1.4.3-1igel1678083379 | ++-------------------------------------------+----------------------------------+ +| Input Driver Synaptics | 1.9.2-1+b1igel1683803726 | ++-------------------------------------------+----------------------------------+ +| Input Driver VMMouse | 13.1.0-1ubuntu2igel1628499891 | ++-------------------------------------------+----------------------------------+ +| Input Driver Wacom | 1.2.2-3igel1726741272 | ++-------------------------------------------+----------------------------------+ +| Kernel | 6.6.22 #mainline-lxos-g1731325402 | ++-------------------------------------------+----------------------------------+ +| Xorg X11 Server | 21.1.14-1igel1730266598 | ++-------------------------------------------+----------------------------------+ +| Lightdm Graphical Login Manager | 1.30.0-0ubuntu5igel1685475374 | ++-------------------------------------------+----------------------------------+ +| XFCE4 Window Manager | 4.14.5-1~18.04igel1643191202 | ++-------------------------------------------+----------------------------------+ +| ISC DHCP Client | 4.4.1-2.3ubuntu2.4 | ++-------------------------------------------+----------------------------------+ +| Python3 | 3.10.12 | ++-------------------------------------------+----------------------------------+ + ++-------------------------------------------+----------------------------------+ +| VM Guest Support Components | | ++===========================================+==================================+ +| Virtualbox Guest Utils | 7.0.20-dfsg-1igel1726735257 | ++-------------------------------------------+----------------------------------+ +| Virtualbox X11 Guest Utils | 7.0.20-dfsg-1igel1726735257 | ++-------------------------------------------+----------------------------------+ +| Open VM Tools | 12.3.5-3~ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Open VM Desktop Tools | 12.3.5-3~ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Xen Guest Utilities | 7.20.2-0ubuntu1~22.04.2 | ++-------------------------------------------+----------------------------------+ +| Spice Vdagent | 0.22.1-4+b1igel1704922460 | ++-------------------------------------------+----------------------------------+ +| Qemu Guest Agent | 9.1.1+ds-2igel1730101941 | ++-------------------------------------------+----------------------------------+ + + ++-----------------------------+--------+------------------+ +| Services | Size | Reduced Firmware | ++=============================+========+==================+ +| Java SE Runtime Environment | 53.2M | Included | ++-----------------------------+--------+------------------+ +| NVIDIA graphics driver | 370.8M | Included | ++-----------------------------+--------+------------------+ + + + + +Release Notes of installable IGEL OS 11 +================================================================================ + +Firmware version 11.10.210 +Release date 2024-11-22 +Last update of this document 2024-11-26 + + +Supported Devices +------------------------------------------------------------------------------- + +UD2-LX 52, UD2-LX 51 +UD3-LX 60 +UD7-LX 20 + +[> Supported IGEL OS 11 thirdparty devices](https://kb.igel.com/os11-supported-hardware) + + +Release Notes 11.10.210 (Based On 11.10.150) +-------------------------------------------------------------------------------- + + +New Features +-------------------------------------------------------------------------------- + + +### Citrix + +* Updated Citrix Workspace App to version 2405. + Available Citrix Workspace Apps in this release: 2405 (default), 2402, and + 2010 +* Changed: +* The default value of the parameter ica.authman.kiosksfuienhanced has been + changed to true and thus corresponds to the value of Citrix. +* Added: +* [Technical Preview] Provision to manage multiple proxy servers + You can use multiple proxy servers that allow the HDX sessions to select + appropriate proxy servers for accessing specific resources. + ++------------+-----------------------------------------------------------------+ +| Parameter | ProxyAutoConfigURL | ++------------+-----------------------------------------------------------------+ +| Registry | ica.allregions.proxyautoconfigurl | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | "" | ++------------+-----------------------------------------------------------------+ + + > Extend parameter range ica.allregions.proxytype with "Script". + +* [Technical Preview] Multiple webcam resolutions support + Webcam streaming supports all webcam resolutions that are available on the + client side. + ++------------+-----------------------------------------------------------------+ +| Parameter | HDXWebcamEnablePnp | ++------------+-----------------------------------------------------------------+ +| Registry | ica.wfclient.hdxwebcamenablepnp | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + + +### Citrix NSGClient + +* Updated Citrix EPA Client to version 24.10.1 + +### RD Web Access + +* Added IGEL RDP3-based RD Web Access incl. support of seamless app(s). + +### VMware Horizon + +* Updated Horizon Client to version 2406 +* Added support for Horizon next-gen (v2) API + If server URL of Horizon session matches the host name pattern defined in + vmware.view.v2_host, next-gen API will be used for this session. + ++------------+-----------------------------------------------------------------+ +| Parameter | Next-gen host name pattern | ++------------+-----------------------------------------------------------------+ +| Registry | vmware.view.v2_host | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | .workspaceoneaccess.com¼.workspaceair.com¼ | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.eu¼.vmwareidentity.de¼ | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.co.uk¼.vmwareidentity.com.au¼ | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.com¼.vmwareidentity.ca¼ | ++------------+-----------------------------------------------------------------+ +| | .vmwareidentity.asia¼.vidmpreview.com _Default_ | ++------------+-----------------------------------------------------------------+ + + +### Network + +* Added ACME client - for usage of HTTP-01 challenges +* Registry keys: +* This determines whether the feature is enabled as a whole: + ++------------+-----------------------------------------------------------------+ +| Parameter | Manage certificates with ACME | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.enable | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + +* The rest are members of instances of network.acmeclient.cert%. Instance 0 is + available from the start. +* This is the name of the subdirectory of /wfs/acme_certificates/ where data for + the respective instance is stored - only letters, digits, underscores, dashes + and dots are allowed: + ++------------+-----------------------------------------------------------------+ +| Parameter | Directory | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.directory | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | default _Default_ | ++------------+-----------------------------------------------------------------+ + +* The following are names (space-separated) for which a certificate shall be + requested. In the case of success each will appear as subject alt name, the + first one also as the common name (This is true at least with the Smallstep CA + with default settings). %H will be replaced by `hostname -f`, %h by `hostname + -s`. + ++------------+-----------------------------------------------------------------+ +| Parameter | Names | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.names | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | %H _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the ACME server URL (something like https://my- + stepca.example.com/acme/acme/directory): + ++------------+-----------------------------------------------------------------+ +| Parameter | ACME server URL | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.serverurl | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Account key length (bits) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.accountkeylength | ++------------+-----------------------------------------------------------------+ +| Range | [1024][2048][4096] | ++------------+-----------------------------------------------------------------+ +| Value | _4096_ | ++------------+-----------------------------------------------------------------+ + +* This is for verifying the ACME servers certificate (installing any such + certificate on the system is beyond the scope of the ACME client): + ++------------+-----------------------------------------------------------------+ +| Parameter | CA Bundle | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.cabundle | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + +* This may be necessary for creating an account on the ACME server: + ++------------+-----------------------------------------------------------------+ +| Parameter | Email address | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.email | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + +* The following is the length of the client key for which a certificate will be + requested. Those with ecc-prefix mean ellipic curve keys, the remaining ones + RSA keys. + ++------------+-----------------------------------------------------------------+ +| Parameter | Key length (bits) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.keylength | ++------------+-----------------------------------------------------------------+ +| Range | [1024][2048][4096][8192][ec-256][ec-384][ec-512] | ++------------+-----------------------------------------------------------------+ +| Value | _4096_ | ++------------+-----------------------------------------------------------------+ + +* This is the number of days between expiry checks: + ++------------+-----------------------------------------------------------------+ +| Parameter | Certificate expiry check interval (days) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.checkinterval | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 1 _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the period before the certificates' expiry in which renewal attempts + are performed: + ++------------+-----------------------------------------------------------------+ +| Parameter | Certificate renewal period (days) | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.renewalperiod | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 30 _Default_ | ++------------+-----------------------------------------------------------------+ + +* This is the debug level for acme.sh: + ++------------+-----------------------------------------------------------------+ +| Parameter | Debug level | ++------------+-----------------------------------------------------------------+ +| Registry | network.acmeclient.cert%.debuglevel | ++------------+-----------------------------------------------------------------+ +| Range | [0][1][2][3] | ++------------+-----------------------------------------------------------------+ +| Value | _0_ | ++------------+-----------------------------------------------------------------+ + +* The resulting client.cert and client.key can be used for EAP/TLS and + EAP/PEAP/TLS via Ethernet and WLAN. + Example: + Assume the above is configured with directory="default" and EAP/TLS is wanted. + On the respective setup panel the following should be configured then: + EAP Type: TLS + Validate Server Certificate/CA Root Certificate: for verifying the RADIUS + server's certificate, a separate topic + Manage certificates with SCEP (NDES): no + Client Certificate: /wfs/acme_certificates/default/client.cert + Private Key: /wfs/acme_certificates/default/client.key + Identity: , will be automatically derived from the client certificate's + subject + Private Key Password: +* Added Wake on LAN support via USB-C-to-LAN adapters +* Activated by enabling any of the Wake on LAN settings of LAN Interfaces +* Only Wake on LAN from Suspend is supported +* Updated Lenovo FCC Unlock Tool to version 2.4 + +### IGEL Agent for Imprivata + +* Updated iia to 0.6.2igel1728370169 (content of IAFI 1.1.0). + +### Imprivata + +* Updated Imprivata bootstrap loader to fix CVE-2022-37454. +* Updated PIE bootstrap loader to 23.2.0.711883 + +### HID + +* Added new registry keys to influence mouse acceleration settings: + ++------------+-----------------------------------------------------------------+ +| Parameter | Use new mouse accel variant | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.mouse.use_new_accel_variant | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Enable mouse acceleration (only for new accel variant) | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.mouse.enable_acceleration | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | _enabled_ (default) / disabled | ++------------+-----------------------------------------------------------------+ + + +### Cisco JVDI Client + +* Updated Cisco JVDI to version 15.0.0 + +### Cisco Webex + +* Updated Webex VDI to version 44.8.1.30603 + Added support for AVD + Fixed two critical issues (Crash, Audio for Webex Calling) +* Updated Webex Meetings VDI to version 44.6.5.1, available versions: 44.6.5.1, + 43.6.8.4 and 42.10.8.14. + +### Base system + +* Removed support for BioSec BS Login Hand Vein Sensor due to technical reasons + (necessary removal of QT4). +* Updated grub bootloader to 2.12 version. +* Updated StepOver Client to version 2.4.3 + +### Firmware update + +* Added progress notification shown during migration from OS 11 to OS 12. + +### zoomvdi + +* Updated Zoom VDI Client to version 6.1.12. Available versions in this release: + 6.1.12.25370, 5.17.13.25060 and 5.17.6.24660. + +### Hardware + +* Improved hardware detection of supported LG devices. +* Validated support for Intel i226, 2.5Gbps ethernet card (copper and fiber) for + HP t755 devices. + Validated support for Allied Telesis 2914SP Gbps PCIe network adapter with SFP + Port for HP t755 devices. + +### TC Setup (Java) + +* Upgraded TC Setup to version 12.6.1 +* Added deviceTRUST and Cisco Webex VDI options to Sessions > AVD > AVD Sessions + > AVD Session > Plugins page. + +### Remote Management + +* Improved migration from OS 11 to OS 12. + Upgrade of the remote management protocols is invoked as a separate step + returning a specific reason in case of failure. + +### Fabulatech + +* Updated Fabulatech USB redirection to version 6.2.0.9 +* Added interfaces parameter to configure Fabulatech USB redirection to redirect + certain interfaces only. The value is a space separated list of interface + indices. The interfaces parameter is available in IGEL registry. After + creation of device rule with VID and PID for the related device, the IGEL + registry under rdp.usbredirection.devicepolicy.product_rule0.interfaces must + be used to configure the interface indices to redirect. Leave interfaces empty + to redirect the whole device. + ++------------+-----------------------------------------------------------------+ +| Registry | `rdp.usbredirection.devicepolicy.product_rule%.interfaces` | ++------------+-----------------------------------------------------------------+ +| Value | "" (default) / space separated list of interface indices to redirect, ie. "2 3" | ++------------+-----------------------------------------------------------------+ + + +Security Fixes +-------------------------------------------------------------------------------- + + +### Chromium + +* Updated Chromium browser to current mainline version 130.0.6723.91. +* Fixed Chromium security issues CVE-2024-10488, CVE-2024-10487, CVE-2024-10231, + CVE-2024-10230, CVE-2024-10229, CVE-2024-9966, CVE-2024-9965, CVE-2024-9964, + CVE-2024-9963, CVE-2024-9962, CVE-2024-9961, CVE-2024-9960, CVE-2024-9959, + CVE-2024-9958, CVE-2024-9957, CVE-2024-9956, CVE-2024-9955, CVE-2024-9954, + CVE-2024-9603, CVE-2024-9602, CVE-2024-9370, CVE-2024-9369, CVE-2024-9123, + CVE-2024-9122, CVE-2024-9121, CVE-2024-9120, CVE-2024-8909, CVE-2024-8908, + CVE-2024-8907, CVE-2024-8906, CVE-2024-8905, CVE-2024-8904, CVE-2024-8639, + CVE-2024-8638, CVE-2024-8637, CVE-2024-8636 and CVE-2024-7025. +* Fixed Chromium security issues CVE-2024-8362, CVE-2024-7970, CVE-2024-8198, + CVE-2024-8194, CVE-2024-8193, CVE-2024-8035, CVE-2024-8034, CVE-2024-8033, + CVE-2024-7981, CVE-2024-7980, CVE-2024-7979, CVE-2024-7978, CVE-2024-7977, + CVE-2024-7976, CVE-2024-7975, CVE-2024-7974, CVE-2024-7973, CVE-2024-7972, + CVE-2024-7971, CVE-2024-7969, CVE-2024-7968, CVE-2024-7967, CVE-2024-7966, + CVE-2024-7965 and CVE-2024-7964. + +### Firefox + +* Updated Mozilla Firefox to version 115.16.1 ESR +* Fixes for mfsa2024-30, also known as: + CVE-2024-7652, CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, + CVE-2024-6603, CVE-2024-6604. +* Fixes for mfsa2024-34, also known as: + CVE-2024-7519, CVE-2024-7521, CVE-2024-7522, CVE-2024-7524, + CVE-2024-7525, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, + CVE-2024-7531. +* Fixes for mfsa2024-41, also known as: + CVE-2024-8381, CVE-2024-8382, CVE-2024-8383, CVE-2024-8384. +* Fixes for mfsa2024-48, also known as: + CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9401. +* Fixes for mfsa2024-51, also known as: + CVE-2024-9680. + +### Imprivata + +* Updated Imprivata bootstrap loader to fix CVE-2022-37454. + +### Base system + +* Fixed bind9 security issues CVE-2024-4076, CVE-2024-1975, CVE-2024-1737, + CVE-2024-0760, CVE-2023-5679, CVE-2023-5517, CVE-2023-50868, CVE-2023-50387, + CVE-2023-4408, CVE-2023-4236 and CVE-2023-3341. +* Fixed python3.10 security issues CVE-2024-8088, CVE-2024-7592, CVE-2024-6923, + CVE-2024-6232, CVE-2023-27043, CVE-2024-0450 and CVE-2023-6597. +* Fixed openssl security issue CVE-2022-40735. +* Fixed wget security issue CVE-2024-38428. +* Fixed aom security issue CVE-2024-5171. +* Fixed cups security issues CVE-2024-47175 and CVE-2024-35235. +* Fixed krb5 security issues CVE-2024-37371 and CVE-2024-37370. +* Fixed openvpn security issues CVE-2024-5594 and CVE-2024-28882. +* Fixed wpa security issues CVE-2024-5290 and CVE-2023-52160. +* Fixed ghostscript security issues CVE-2024-29511, CVE-2024-29509, + CVE-2024-29508 and CVE-2024-29506. +* Fixed zulu17-ca security issues CVE-2024-21131, CVE-2024-21138, + CVE-2024-21140, CVE-2024-21145 and CVE-2024-21147. +* Fixed gtk+2.0 security issue CVE-2024-6655. +* Fixed gtk+3.0 security issue CVE-2024-6655. +* Fixed openvpn security issue CVE-2024-5594. +* Fixed qtbase-opensource-src security issue CVE-2024-39936. +* Fixed python-zipp security issue CVE-2024-5569. +* Fixed poppler security issue CVE-2024-6239. +* Fixed openssl1.1 security issues CVE-2024-5535, CVE-2024-4741 and + CVE-2024-2511. +* Fixed openssh security issue CVE-2024-39894. +* Fixed python3.10 security issues CVE-2024-4032 and CVE-2024-0397. +* Fixed openssl security issues CVE-2024-6119, CVE-2024-5535, CVE-2024-4741, + CVE-2024-4603 and CVE-2024-2511. +* Fixed mysql-8.0 security issues CVE-2024-21185, CVE-2024-21179, + CVE-2024-21177, CVE-2024-21173, CVE-2024-21171, CVE-2024-21165, + CVE-2024-21163, CVE-2024-21162, CVE-2024-21142, CVE-2024-21134, + CVE-2024-21130, CVE-2024-21129, CVE-2024-21127, CVE-2024-21125 and + CVE-2024-20996. +* Fixed gnome-shell security issue CVE-2024-36472. +* Fixed orc security issue CVE-2024-40897. +* Fixed postgresql-14 security issue CVE-2024-7348. +* Fixed bubblewrap security issue CVE-2024-42472. +* Fixed curl security issues CVE-2024-8096, CVE-2024-7264, CVE-2024-6874 and + CVE-2024-6197. +* Fixed vim security issues CVE-2024-43802, CVE-2024-43374 and CVE-2024-41957. +* Fixed webkit2gtk security issues CVE-2024-44187, CVE-2024-40866, + CVE-2024-27851, CVE-2024-27838, CVE-2024-27833, CVE-2024-27820, + CVE-2024-27808, CVE-2024-23271, CVE-2024-4558, CVE-2024-40794, CVE-2024-40789, + CVE-2024-40785, CVE-2024-40782, CVE-2024-40780, CVE-2024-40779, CVE-2024-40776 + and CVE-2024-27834. +* Fixed ffmpeg security issues CVE-2024-7272 and CVE-2024-7055. +* Fixed expat security issues CVE-2024-50602, CVE-2024-45492, CVE-2024-45491 and + CVE-2024-45490. +* Fixed tiff security issue CVE-2024-7006. +* Fixed setuptools security issue CVE-2024-6345. +* Fixed apparmor security issue CVE-2016-1585. +* Fixed libvirt security issue CVE-2024-8235. +* Fixed qemu security issues CVE-2024-8612, CVE-2024-4467, CVE-2024-7409 and + CVE-2024-6505. +* Fixed cups-filters security issues CVE-2024-47176 and CVE-2024-47076. +* Fixed nano security issue CVE-2024-5742. +* Fixed zulu17-ca security issues CVE-2023-42950, CVE-2024-25062, + CVE-2024-21235, CVE-2024-21217, CVE-2024-21210 and CVE-2024-21208. +* Fixed libheif security issues CVE-2024-25269, CVE-2023-49464, CVE-2023-49463, + CVE-2023-49462, CVE-2023-49460 and CVE-2023-0996. +* Fixed libvpx6 security issue CVE-2024-5197. +* Fixed xorg-server security issue CVE-2024-9632. +* Fixed python-urllib3 security issue CVE-2024-37891. + + +Resolved Issues +-------------------------------------------------------------------------------- + + +### Citrix + +* Fixed ica.module.EnableVolumeListener has an effect at EnableAudioListener of + file module.ini +* Fixed: Citrix processes does not run if no sessions are configured. The + processes are restarted with changed configuration. + +### AVD + +* Fixed PAUSE and Ctrl+PAUSE=BREAK keys to work as expected +* Fixed dynamic virtual channel initialization + +### RDP/IGEL RDP Client 2 + +* Added parameter to disable X11 autorepeat detection and handling: + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.winconnect%.option.disable-autorepeat-detection` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled**(default) | ++------------+-----------------------------------------------------------------+ + +* This fixes barcode reader dropping inputs when scanning labels with reoccuring + characters. +* Fixed generic USB redirection for some devices (ie. ID 046d:0825 Logitech, + Inc. Webcam C270) +* Fixed serial port redirection not working for COM10 and above. + +### RD Web Access + +* Fixed RDP desktop session not working when published as a remote app. +* Fixed Remote Desktop Web Access login not working reliably. +* Fixed display filters not working for Rd Web Access. +* Fixed disabling Verify Certificates not working for RD Web Access. + +### VMware Horizon + +* Fixed collection of logs. +* Fixed handling of audio preferences (vmware.view.audio-out-option) + +### Chromium + +* Fixed custom policy URLBlocklist not working properly if file access and using + IGEL Setup for configuration was disabled. +* Fixed system volume being automatically adjusted by Chromium Browser. + +### Firefox + +* Fixed on-screen keyboard auto show / hide functionality. + +### Network + +* Fixed SCEP: When the CA fingerprint or the CA identifier is changed, client + certificate and client key are not discarded anymore. Only new CA and RA + certificates will be downloaded. +* Added for SCEP: Content-Type: application/x-pki-message is sent according to + RFC 8894 if the following option is enabled: + ++------------+-----------------------------------------------------------------+ +| Parameter | Send Content-Type | ++------------+-----------------------------------------------------------------+ +| Registry | network.scepclient.cert%.sscep.send_content_type | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + +* Improved shutdown time by removing loopback interface from NetworkManager's + managed interfaces. +* Fixed sporadic no-link messages regarding a deactivated Ethernet interface + +### HID + +* Fixed auto-suspend of HID devices after reboot. +* Fixed touchscreen right click by using touchegg gesture recognition for two + finger tap. Further gestures are not supported. + Added registry key to enable touchegg multitouch gesture support. + ++------------+-----------------------------------------------------------------+ +| Parameter | Use touchegg for multitouch gestures handling. | ++------------+-----------------------------------------------------------------+ +| Registry | userinterface.touchscreen.touchegg | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + + +### Base system + +* Fixed: Wrong assignment of socks proxy port +* Fixed issue with license is not detected on some devices. +* Fixed issue with not using 2.5 Gbit/s or 5 Gbit/s if it would be possible. +* Fixed not functional proxy if system-wide proxy was configured. +* Fixed: Taskbar items blinking several times. +* Removed QT4 libraries from firmware. +* Changed configuration of webcam priority. V4L Name is used for identifying the + webcam. If only one webcam is present, no entry is needed. If multiple webcams + are present without set priority, the first one is used. +* ## Added parameters in registry + ++------------+-----------------------------------------------------------------+ +| Parameter | Camera name | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.name | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | camera _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | priority | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.priority | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 0 _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | V4L2 name | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.camera%.v4lname | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | v4l2-string _Default_ | ++------------+-----------------------------------------------------------------+ + +* Lower number means higher priority. +* ## Obsolete Registry Parameters + ++------------+-----------------------------------------------------------------+ +| Parameter | Select how the webcam to use should be choosen. | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.choose_webcam_by | ++------------+-----------------------------------------------------------------+ +| Range | [Use first webcam][Choose by name] | +| | [Choose by vendor_id:product_id][Choose by number] | +| | [Choose by devicename][Choose by priority] | ++------------+-----------------------------------------------------------------+ +| Value | _Use first webcam_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by number (only valid if choose by number is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_number | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | 1 _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by name (only valid if choose by name is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_name | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by vendor_id:product_id (only valid if choose by vendor_id:product_id is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_vendor_product | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by devicename for example /dev/video0 or video0 (only valid if choose by devicename is used) | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_device | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | Select webcam by priority list for example dev=video0;name=HD_Webcam_C270 (only valid if choose by priority is used)}} | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.webcam.virtual_background.webcam_priority | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + + +### Firmware update + +* Fixed disk size detection of 8 GB flash sizes for OS 12 migration. With this + fix migration works on UD Pockets again. +* Fixed OS11 to OS12 migration issue due to repartition not always working with + non GPT partition tables. +* Fixed FTP server configuration to properly reflect the configured maxim number + of connections. Please note that there's a hard limit of 100 concurrent + connections in the FTP server. +* Fixed migration dbus timeout on slower devices if migration prepare is needed. + +### X11 system + +* Fixed primary monitor configuration with new Display switcher implementation. + The panel appears on the proper monitor again. + +### Audio + +* Fixed USB headset support on LG CQ600i +* Added parameter to set output level of a headphone in ALSA to maximum at every + start. + ++------------+-----------------------------------------------------------------+ +| Parameter | Set headphone in alsa to maximum | ++------------+-----------------------------------------------------------------+ +| Registry | multimedia.alsa.headphone_max_volume | ++------------+-----------------------------------------------------------------+ +| Range | [auto][true][false] | ++------------+-----------------------------------------------------------------+ +| Value | _auto_ | ++------------+-----------------------------------------------------------------+ + + +### Hardware + +* Fixed issue with Intel and additional graphic cards: +* All graphic cards are now detected properly, +* All screens attached to all graphic cards are active. +* Fixed WiFi on Lenovo Ideapad devices. The last ON/OFF state of the WiFi is + restored on each boot or reboot. +* Changed: Disabled suspend on HP t240. + +### Remote Management + +* Fixed rmagent device registration. +* Added setup parameter to set connect timeout + ++------------+-----------------------------------------------------------------+ +| IGEL Setup | system > remotemanager | ++============+=================================================================+ +| Parameter | `IGEL Remote Management Connect Timeout` | ++------------+-----------------------------------------------------------------+ +| Registry | `system.remotemanager.connect_timeout` | ++------------+-----------------------------------------------------------------+ +| Type | integer | ++------------+-----------------------------------------------------------------+ +| Value | timeout in sec / **45** (default) | ++------------+-----------------------------------------------------------------+ + + +Component Versions +------------------------------------------------------------------------------- + ++-------------------------------------------+----------------------------------+ +| Clients | | ++===========================================+==================================+ +| Amazon WorkSpaces Client | 4.1.0 | ++-------------------------------------------+----------------------------------+ +| Chromium | 130.0.6723.91-2igel1730698067 | ++-------------------------------------------+----------------------------------+ +| Cisco JVDI Client | 15.0.0 | ++-------------------------------------------+----------------------------------+ +| Cisco Webex VDI plugin | 44.8.1.30603 | ++-------------------------------------------+----------------------------------+ +| Cisco Webex Meetings VDI plugin | 42.10.8.14 | ++-------------------------------------------+----------------------------------+ +| Cisco Webex Meetings VDI plugin | 43.6.8.4 | ++-------------------------------------------+----------------------------------+ +| Cisco Webex Meetings VDI plugin | 44.6.5.1 | ++-------------------------------------------+----------------------------------+ +| Zoom Media Plugin | 5.17.13.25060 | ++-------------------------------------------+----------------------------------+ +| Zoom Media Plugin | 5.17.6.24660 | ++-------------------------------------------+----------------------------------+ +| Zoom Media Plugin | 6.1.12.25370 | ++-------------------------------------------+----------------------------------+ +| Citrix EPA Client | 24.10.1 | ++-------------------------------------------+----------------------------------+ +| Citrix HDX Realtime Media Engine | 2.9.600 | ++-------------------------------------------+----------------------------------+ +| Citrix Secure Access Client | 24.10.1 | ++-------------------------------------------+----------------------------------+ +| Citrix Workspace App | 20.10.0.6 | ++-------------------------------------------+----------------------------------+ +| Citrix Workspace App | 24.02.0.65 | ++-------------------------------------------+----------------------------------+ +| Citrix Workspace App | 24.05.0.76 | ++-------------------------------------------+----------------------------------+ +| deviceTRUST Citrix Channel | 23.1.200 | ++-------------------------------------------+----------------------------------+ +| Crossmatch DP Citrix Channel | 0125 | ++-------------------------------------------+----------------------------------+ +| Conky System Monitor | 1.12.2-1 | ++-------------------------------------------+----------------------------------+ +| ControlUp Agent | 8.1.5.500 | ++-------------------------------------------+----------------------------------+ +| deskMate Client | 2.1.3 | ++-------------------------------------------+----------------------------------+ +| DriveLock Agent | 22.2.2.42489 | ++-------------------------------------------+----------------------------------+ +| EPOS connect | 7.7.0.44352 | ++-------------------------------------------+----------------------------------+ +| Ericom PowerTerm | 14.0.3.71814 | ++-------------------------------------------+----------------------------------+ +| Evidian AuthMgr | 1.5.8825 | ++-------------------------------------------+----------------------------------+ +| Evince PDF Viewer | 42.3-0ubuntu3.1 | ++-------------------------------------------+----------------------------------+ +| FabulaTech Plugins | 4.0.0.2 | ++-------------------------------------------+----------------------------------+ +| FabulaTech USB for Remote Desktop | 6.2.0.9 | ++-------------------------------------------+----------------------------------+ +| FabulaTech Scanner for Remote Desktop | 3.6.1.3 | ++-------------------------------------------+----------------------------------+ +| FabulaTech Webcam for Remote Desktop | 2.8.11 | ++-------------------------------------------+----------------------------------+ +| Firefox | 115.16.1 | ++-------------------------------------------+----------------------------------+ +| IBM i Access Client Solutions | 1.1.9.2 | ++-------------------------------------------+----------------------------------+ +| IGEL RDP Client | 2.2igel1730799204 | ++-------------------------------------------+----------------------------------+ +| IGEL AVD Client | 1.2.0igel1729086829 | ++-------------------------------------------+----------------------------------+ +| deviceTRUST RDP Channel | 23.1.200 | ++-------------------------------------------+----------------------------------+ +| Imprivata OneSign ProveID Embedded | onesign-generic-bootstrap-loader_23.2.0.711883_amd64 | ++-------------------------------------------+----------------------------------+ +| IGEL Agent for Imprivata | 0.6.2igel1728370169 | ++-------------------------------------------+----------------------------------+ +| Lakeside SysTrack Channel | 9.0 | ++-------------------------------------------+----------------------------------+ +| Login VSI Enterprise | 4.8.6 | ++-------------------------------------------+----------------------------------+ +| NCP Secure Enterprise Client | 6.00_rev29368 | ++-------------------------------------------+----------------------------------+ +| NX Client | 7.8.2-4igel1685535669 | ++-------------------------------------------+----------------------------------+ +| Open VPN | 2.6.12-1igel1721712256 | ++-------------------------------------------+----------------------------------+ +| Zulu JRE | 17.0.13-1 | ++-------------------------------------------+----------------------------------+ +| Parallels Client | 19.2.0.23906 | ++-------------------------------------------+----------------------------------+ +| Spice GTK (Red Hat Virtualization) | 0.42-2+b1igel1709635434 | ++-------------------------------------------+----------------------------------+ +| Remote Viewer (Red Hat Virtualization) | 11.0-3igel1704876668 | ++-------------------------------------------+----------------------------------+ +| Usbredir (Red Hat Virtualization) | 0.14.0-1igel1726733873 | ++-------------------------------------------+----------------------------------+ +| SpeechWrite | 1.0 | ++-------------------------------------------+----------------------------------+ +| Stratusphere UX Connector ID Key software | 6.6.2-3 | ++-------------------------------------------+----------------------------------+ +| Systancia AppliDis | 6.1.4-17 | ++-------------------------------------------+----------------------------------+ +| HP Anyware PCoIP Software Client | 23.08.1-22.04 | ++-------------------------------------------+----------------------------------+ +| ThinLinc Client | 4.16.0-3389 | ++-------------------------------------------+----------------------------------+ +| ThinPrint Client | 7-7.6.126 | ++-------------------------------------------+----------------------------------+ +| Parole Media Player | 4.16.0-3igel1686304269 | ++-------------------------------------------+----------------------------------+ +| VNC Viewer | 1.13.1+igel-1igel1697962544 | ++-------------------------------------------+----------------------------------+ +| VMware Horizon client | 2406-8.13.0-9995429239 | ++-------------------------------------------+----------------------------------+ +| Voip Client Ekiga | 4.0.1-9build1igel1685429059 | ++-------------------------------------------+----------------------------------+ + ++-------------------------------------------+----------------------------------+ +| Dictation | | ++===========================================+==================================+ +| Diktamen driver for dictation | 2017/09/29 | ++-------------------------------------------+----------------------------------+ +| Grundig Business Systems dictation driver | 0.12/21-12-21 | ++-------------------------------------------+----------------------------------+ +| Nuance Audio Extensions for dictation | B308 | ++-------------------------------------------+----------------------------------+ +| Olympus driver for dictation | 4.0.4 | ++-------------------------------------------+----------------------------------+ +| Philips Speech driver | 13.2.3 | ++-------------------------------------------+----------------------------------+ + + ++-------------------------------------------+----------------------------------+ +| Signature | | ++===========================================+==================================+ +| Kofax SPVC Citrix Channel | 3.1.41.0 | ++-------------------------------------------+----------------------------------+ +| signotec Citrix Channel | 8.0.10 | ++-------------------------------------------+----------------------------------+ +| signotec VCOM Daemon | 2.0.0 | ++-------------------------------------------+----------------------------------+ +| StepOver TCP Client | 2.4.3 | ++-------------------------------------------+----------------------------------+ + + ++-------------------------------------------+----------------------------------+ +| Smartcard | | ++===========================================+==================================+ +| PKCS#11 Library A.E.T. SafeSign | 3.6.0.0-AET.000 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library Athena IDProtect | 7-20210902 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library cryptovision sc/interface | 8.0.13 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library Thales SafeNet | 10.8.1050 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library OpenSC | 0.25.1-2igel1726736707 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library Pointsharp NetID Enterprise | 6.9.1.17 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library Pointsharp NetID Client | 1.1.4.38 | ++-------------------------------------------+----------------------------------+ +| PKCS#11 Library 90meter | 3.0.0.45 | ++-------------------------------------------+----------------------------------+ +| Reader Driver ACS CCID | 1.1.11-1igel1715329126 | ++-------------------------------------------+----------------------------------+ +| Reader Driver HID Global Omnikey | 4.3.3 | ++-------------------------------------------+----------------------------------+ +| Reader Driver Identive CCID | 5.0.35 | ++-------------------------------------------+----------------------------------+ +| Reader Driver Identive eHealth200 | 1.0.5 | ++-------------------------------------------+----------------------------------+ +| Reader Driver Identive SCRKBC | 5.0.24 | ++-------------------------------------------+----------------------------------+ +| Reader Driver MUSCLE CCID | 1.6.1-1igel1726723739 | ++-------------------------------------------+----------------------------------+ +| Reader Driver REINER SCT cyberJack | 3.99.5final.sp17-0.1igel1727417566 | ++-------------------------------------------+----------------------------------+ +| Resource Manager PC/SC Lite | 2.3.0-1igel1726729422 | ++-------------------------------------------+----------------------------------+ +| Cherry USB2LAN Proxy | 3.2.0.3 | ++-------------------------------------------+----------------------------------+ + + ++-------------------------------------------+----------------------------------+ +| System Components | | ++===========================================+==================================+ +| OpenSSL | 1.0.2n-1ubuntu5.13igel1686114423 | ++-------------------------------------------+----------------------------------+ +| OpenSSL | 1.1.1f-1ubuntu2.23 | ++-------------------------------------------+----------------------------------+ +| OpenSSL | 3.0.2-0ubuntu1.18 | ++-------------------------------------------+----------------------------------+ +| OpenSSH Client | 9.9p1-2igel1729583438 | ++-------------------------------------------+----------------------------------+ +| OpenSSH Server | 9.9p1-2igel1729583438 | ++-------------------------------------------+----------------------------------+ +| Bluetooth Stack (bluez) | 5.77-1igel1727077136 | ++-------------------------------------------+----------------------------------+ +| MESA OpenGL Stack | 24.2.4-1igel1728045443 | ++-------------------------------------------+----------------------------------+ +| VDPAU Library Version | 1.5-2igel1677954724 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver INTEL | 2.99.917+git20210115-1igel1654609037 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver ATI/RADEON | 22.0.0-1igel1704966675 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver ATI/AMDGPU | 23.0.0-1igel1705669076 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver Nouveau (Nvidia Legacy) | 1.0.17-2igel1654608979 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver Nvidia | 525.147.05-0ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver VMware | 13.3.0-3igel1654607153 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver QXL (Spice) | 0.1.6-1igel1687782644 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver FBDEV | 0.5.0-2igel1654609009 | ++-------------------------------------------+----------------------------------+ +| Graphics Driver VESA | 2.6.0-1igel1704966930 | ++-------------------------------------------+----------------------------------+ +| Input Driver Evdev | 2.10.6-2+b1igel1647004239 | ++-------------------------------------------+----------------------------------+ +| Input Driver Elographics | 1.4.3-1igel1678083379 | ++-------------------------------------------+----------------------------------+ +| Input Driver eGalax | 2.5.8825 | ++-------------------------------------------+----------------------------------+ +| Input Driver Synaptics | 1.9.2-1+b1igel1683803726 | ++-------------------------------------------+----------------------------------+ +| Input Driver VMMouse | 13.1.0-1ubuntu2igel1628499891 | ++-------------------------------------------+----------------------------------+ +| Input Driver Wacom | 1.2.2-3igel1726741272 | ++-------------------------------------------+----------------------------------+ +| Input Driver ELO Multitouch | 4.3.0.0 | ++-------------------------------------------+----------------------------------+ +| Input Driver ELO Singletouch | 5.2 | ++-------------------------------------------+----------------------------------+ +| Kernel | 6.6.22 #mainline-lxos-g1731325402 | ++-------------------------------------------+----------------------------------+ +| Xorg X11 Server | 21.1.14-1igel1730266598 | ++-------------------------------------------+----------------------------------+ +| Xorg Xephyr | 21.1.14-1igel1730266598 | ++-------------------------------------------+----------------------------------+ +| CUPS Printing Daemon | 2.4.10-2igel1727672599 | ++-------------------------------------------+----------------------------------+ +| PrinterLogic | 25.1.0.637 | ++-------------------------------------------+----------------------------------+ +| Lightdm Graphical Login Manager | 1.30.0-0ubuntu5igel1685475374 | ++-------------------------------------------+----------------------------------+ +| XFCE4 Window Manager | 4.14.5-1~18.04igel1643191202 | ++-------------------------------------------+----------------------------------+ +| ISC DHCP Client | 4.4.1-2.3ubuntu2.4 | ++-------------------------------------------+----------------------------------+ +| NetworkManager | 1.42.4-1igel1692869696 | ++-------------------------------------------+----------------------------------+ +| ModemManager | 1.22.0-3igel1705908135 | ++-------------------------------------------+----------------------------------+ +| GStreamer 1.x | 1.24.8-1igel1727077652 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo aacdec | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo asfdemux | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo h264dec | 1.0.4 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo mp3dec | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo mpeg4videodec | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo vadec | 1.0.2 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo wmadec | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| Gstreamer 1.0 Fluendo wmvdec | 1.0.1 | ++-------------------------------------------+----------------------------------+ +| WebKit2Gtk | 2.46.0-2~deb12u1igel1729060771 | ++-------------------------------------------+----------------------------------+ +| WebKit2Gtk | 2.40.5-1igel1700725614 | ++-------------------------------------------+----------------------------------+ +| Python3 | 3.10.12 | ++-------------------------------------------+----------------------------------+ + ++-------------------------------------------+----------------------------------+ +| VM Guest Support Components | | ++===========================================+==================================+ +| Virtualbox Guest Utils | 7.0.20-dfsg-1igel1726735257 | ++-------------------------------------------+----------------------------------+ +| Virtualbox X11 Guest Utils | 7.0.20-dfsg-1igel1726735257 | ++-------------------------------------------+----------------------------------+ +| Open VM Tools | 12.3.5-3~ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Open VM Desktop Tools | 12.3.5-3~ubuntu0.22.04.1 | ++-------------------------------------------+----------------------------------+ +| Xen Guest Utilities | 7.20.2-0ubuntu1~22.04.2 | ++-------------------------------------------+----------------------------------+ +| Spice Vdagent | 0.22.1-4+b1igel1704922460 | ++-------------------------------------------+----------------------------------+ +| Qemu Guest Agent | 9.1.1+ds-2igel1730101941 | ++-------------------------------------------+----------------------------------+ + ++-------------------------------------------+----------------------------------+ +| Features with Limited IGEL Support | | ++===========================================+==================================+ +| Mobile Device Access USB (MTP) | 1.1.21-3.1igel1709728407 | ++-------------------------------------------+----------------------------------+ +| Mobile Device Access USB (imobile) | 1.3.0-7.1igel1704836660 | ++-------------------------------------------+----------------------------------+ +| Mobile Device Access USB (gphoto) | 2.5.31-2.1igel1709726214 | ++-------------------------------------------+----------------------------------+ +| VPN OpenConnect | 9.12-1+b1igel1709637921 | ++-------------------------------------------+----------------------------------+ +| Scanner support | 1.1.1-5 | ++-------------------------------------------+----------------------------------+ +| VirtualBox VM within IGEL OS | 7.0.20-dfsg-1igel1726735257 | ++-------------------------------------------+----------------------------------+ +| Virtual Background for Webcam | | ++-------------------------------------------+----------------------------------+ + + ++---------------------------------------------+--------+------------------+ +| Services | Size | Reduced Firmware | ++=============================================+========+==================+ +| Asian Language Support | 21.8M | Included | ++---------------------------------------------+--------+------------------+ +| Java SE Runtime Environment | 53.2M | Included | ++---------------------------------------------+--------+------------------+ +| Citrix Workspace app | 791.2M | Included | +| Citrix StoreFront | | | +| Citrix Appliance | | | ++---------------------------------------------+--------+------------------+ +| Ericom PowerTerm InterConnect | 10.0M | Included | ++---------------------------------------------+--------+------------------+ +| Media Player | 256.0K | Included | ++---------------------------------------------+--------+------------------+ +| Citrix Appliance | 86.2M | Included | +| Local Browser (Firefox) | | | ++---------------------------------------------+--------+------------------+ +| RDP | 4.5M | Included | +| VMware Horizon | | | ++---------------------------------------------+--------+------------------+ +| Cendio ThinLinc | 10.8M | Included | ++---------------------------------------------+--------+------------------+ +| Printing (Internet printing protocol CUPS) | 18.5M | Included | ++---------------------------------------------+--------+------------------+ +| NoMachine NX | 26.0M | Included | ++---------------------------------------------+--------+------------------+ +| VMware Horizon | 228.5M | Included | ++---------------------------------------------+--------+------------------+ +| Voice over IP (Ekiga) | 6.0M | Included | ++---------------------------------------------+--------+------------------+ +| Citrix Appliance | 768.0K | Included | ++---------------------------------------------+--------+------------------+ +| NCP Enterprise VPN Client | 11.5M | Not included | ++---------------------------------------------+--------+------------------+ +| Fluendo GStreamer Codec Plugins | 3.0M | Included | ++---------------------------------------------+--------+------------------+ +| IBM i Access Client Solutions | 134.8M | Not included | ++---------------------------------------------+--------+------------------+ +| Red Hat Enterprise Virtualization | 2.8M | Included | ++---------------------------------------------+--------+------------------+ +| Parallels Client | 5.8M | Included | ++---------------------------------------------+--------+------------------+ +| NVIDIA graphics driver | 370.8M | Not included | ++---------------------------------------------+--------+------------------+ +| Imprivata Appliance | 32.5M | Included | ++---------------------------------------------+--------+------------------+ +| AppliDis | 256.0K | Included | ++---------------------------------------------+--------+------------------+ +| Evidian AuthMgr | 2.8M | Included | ++---------------------------------------------+--------+------------------+ +| Hardware Video Acceleration | 10.8M | Included | ++---------------------------------------------+--------+------------------+ +| Extra Font Package | 1.0M | Included | ++---------------------------------------------+--------+------------------+ +| Fluendo GStreamer AAC Decoder | 768.0K | Included | ++---------------------------------------------+--------+------------------+ +| x32 Compatibility Support | 4.2M | Included | ++---------------------------------------------+--------+------------------+ +| Cisco JVDI client | 61.2M | Included | ++---------------------------------------------+--------+------------------+ +| PrinterLogic | 35.8M | Not included | ++---------------------------------------------+--------+------------------+ +| Login VSI Login Enterprise | 28.0M | Not included | ++---------------------------------------------+--------+------------------+ +| Stratusphere UX CID Key software | 5.2M | Not included | ++---------------------------------------------+--------+------------------+ +| Elastic Filebeat | 35.2M | Not included | ++---------------------------------------------+--------+------------------+ +| AVD | 39.8M | Included | ++---------------------------------------------+--------+------------------+ +| Local Browser (Chromium) | 116.2M | Not included | ++---------------------------------------------+--------+------------------+ +| Amazon WorkSpaces Client | 32.2M | Included | ++---------------------------------------------+--------+------------------+ +| deskMate Client | 5.5M | Included | ++---------------------------------------------+--------+------------------+ +| Cisco Webex VDI | 102.2M | Not included | ++---------------------------------------------+--------+------------------+ +| Cisco Webex Meetings VDI | 206.5M | Not included | ++---------------------------------------------+--------+------------------+ +| Zoom Media Plugin | 197.0M | Not included | ++---------------------------------------------+--------+------------------+ +| DriveLock | 12.2M | Included | ++---------------------------------------------+--------+------------------+ +| SpeechWrite Client | 256.0K | Included | ++---------------------------------------------+--------+------------------+ +| IGEL Agent for Imprivata | 768.0K | Included | ++---------------------------------------------+--------+------------------+ +| LRS Output Management | 256.0K | Included | ++---------------------------------------------+--------+------------------+ +| Fluendo Browser Codec Plugins | 9.2M | Included | ++---------------------------------------------+--------+------------------+ +| HP Factory deployment documentation | 88.0M | Included | ++---------------------------------------------+--------+------------------+ +| BIOS Tools | 2.0M | Included | ++---------------------------------------------+--------+------------------+ +| HP Anyware Client | 34.5M | Included | ++---------------------------------------------+--------+------------------+ +| 90meter Smart Card Support | 512.0K | Included | ++---------------------------------------------+--------+------------------+ +| Scanner support / SANE (Limited support) | 256.0K | Not included | +| Limited Support Features | | | +| Mobile Device Access USB (Limited support) | | | +| Virtualbox (Limited support) | | | +| VPN OpenConnect (Limited support) | | | +| Virtual Background for Webcam (Limited IGEL | | | +| Support) | | | ++---------------------------------------------+--------+------------------+ +| Mobile Device Access USB (Limited support) | 256.0K | Not included | ++---------------------------------------------+--------+------------------+ +| VPN OpenConnect (Limited support) | 1.0M | Not included | ++---------------------------------------------+--------+------------------+ +| Scanner support / SANE (Limited support) | 7.8M | Not included | ++---------------------------------------------+--------+------------------+ +| Virtualbox (Limited support) | 73.8M | Not included | ++---------------------------------------------+--------+------------------+ +| Virtual Background for Webcam (Limited IGEL | 45.5M | Included | +| Support) | | | ++---------------------------------------------+--------+------------------+ + + +Known Issues +-------------------------------------------------------------------------------- + + +### Citrix + +* Keyboard sync mode selection once/dynamic/off results in unexpected behavior. +* Adding smartcard readers during running / active session does not work. The + reader is visible, but cannot be used due to unknown reader status. Only + relevant for CWA versions earlier than 2112. +* Browser Content Redirection (BCR) does not work if DRI3 and hardware + accelerated H.264 deep compression codec is enabled. +* Citrix H.264 acceleration plugin does not work with **enabled** server policy + "Optimize for 3D graphics workload" in combination with server policy "Use + video codec compression" -> *"For the entire screen"**. +* To launch multiple desktop sessions with Citrix HDX RTME and Citrix H.264 + acceleration plugin, the following registry key needs to be enabled: + ++------------+-----------------------------------------------------------------+ +|Parameter |`Activate workaround for dual RTME sessions and H264 acceleration` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.workaround-dual-rtme` | ++------------+-----------------------------------------------------------------+ +|Range |enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +* This workaround is not applicable when "Enable Secure ICA" is active for the + specific delivery group. +* Currently H.264 for Citrix sessions cannot be used in parallel with video + input acceleration. +* While starting Self-Service, it is possible that process ServiceRecord + segfaults -> Self-Service cannot be started afterwards. + A cache cleanup with reboot is needed. In addition, the following parameters + should set to true. + ++------------+-----------------------------------------------------------------+ +|Parameter |`Clean up UI cache after Self-Service termination` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.selfservice.cleanupwebui` | ++------------+-----------------------------------------------------------------+ +|Value |**false** (default)/true | ++------------+-----------------------------------------------------------------+ +|Parameter |`Clean up Store cache after Self-Service termination` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.selfservice.cleanupstore` | ++------------+-----------------------------------------------------------------+ +|Value |**false** (default)/true | ++------------+-----------------------------------------------------------------+ + +* Browser Content Redirection (BCR) may not work with Chrome version 105.0.* or + later. See https://support.citrix.com/article/CTX473065/hdx-browser-content- + redirection-broken-with-google-chrome-browser-version-105-or-higher +* White / green fragments may appear during desktop launch if JPEG graphical + codec is used. +* MS Teams calls may stop if blurred background is enabled. This affects Citrix + Workspace App 2305 and later. +* ZoomVDI version 5.16 or newer is no longer supported with Citrix Workspace app + 20.10 +* Browser Content Redirection (BCR) may not work with Citrix workspace app 23.11 + and current Chrome versions. +* If Self-Service is closed when the credential window is active, it may happen + that the session cannot be restarted. A reboot is necessary. + +### OSC Installer + +* OSC not deployable with IGEL Deployment Appliance: Version 11.3 or later is + required for deploying IGEL OS 11.06. and following. + +### AVD + +* When closing the AVD client while audio input (microphone redirection) is in + use, the client might crash. This will be fixed in future versions. +* Webcam redirection support is preliminary / experimental and may not work with + all webcams yet. +* AVD is not running on devices that don't support SSE4.1 at least. Use older + IGEL OS firmware versions like 11.09.xxx or older! +* H.264 hardware decoding for MS-Teams optimization is currently limited to non- + AMD devices due to stability issues on AMD devices. + +### Remote Desktop (RDP3) + +* RDP3 is not running on devices that don't support SSE4.1 at least. Use the + legacy RDP client instead. + +### RD Web Access + +* RdWebAccess with RDP3 is not running on devices that don't support SSE4.1 at + least. Use RdWebAccess with the legacy RDP client instead. + +### VMware Horizon + +* Horizon session uses the configured system proxy, even if "Direct connection + to the Internet" is set for the session +* After disconnect of an RDP-based session, the Horizon main window which + contains the server or sessions overview, cannot be resized anymore. +* Copying text from Horizon Blast sessions is not possible. +* The on-screen keyboard in Horizon appliance mode does not work correctly with + local logon. + It is necessary to switch off local logon and enable the following two keys + via IGEL registry: + userinterface.softkeyboard.autoshow + userinterface.softkeyboard.autohide +* With usage of PCoIP protocol, the virtual channel provided by VMware used for + serial port and scanner redirection could freeze on logout from remote + session. +* This happens only with enabled scanner or serial port redirection. + The freeze does not occur if both redirection methods are enabled or none of + them. The Blast Protocol is not affected by this bug. +* The respective settings can be found in the IGEL Registry: + vmware.view.enable-serial-port-redir + vmware.view.enable-scanner-redir +* Keyboard Input Source Language Synchronization works only with usage of local + layout and deadkeys enabled. + If a keyboard layout is used which has deadkeys disabled (which is the default + on IGEL OS), Horizon client falls back to en-US layout. +* PCoIP sessions may crash in some cases, switch to Blast Protocol is + recommended then. H.264/HEVC encoding can be disabled when overall performance + is too low. +* Client drive mapping and USB redirection for storage devices can be enabled at + the same time, but this could lead to sporadic problems. + Horizon Client tracks the drives which are dynamically mounted and adds them + to the remote session using client drive mapping, means USB redirection is not + used for theses devices then. + However, in case of devices like USB SD card readers, Horizon does not map + them as client drives but forcefully uses USB-redirection which results in an + unclean unmount. + As a work-around, the IDs of these card readers can be added to IGEL USB + access rules and denied. + +### Parallels Client + +* Attached storage devices appear as network drives in the remote session +* USB device redirection is considered as experimental for the Parallels client + for Linux + +### Chromium + +* Hardware accelerated video decoding is currently not supported. + +### Firefox + +* With enabled Citrix Browser Content Redirection, Firefox has no H.264 and AAC + multimedia codec support. Means, when codec support is needed in Firefox, BCR + needs to be disabled. Citrix Browser Content Redirection is disabled by + default. + +### Network + +* Wakeup from system suspend fails on DELL Latitude 5510 + +### IGEL Agent for Imprivata + +* Filter horizon apps on chooser does not work, apps will show in any case. The + recommendation is to set "iia.hide_horizon_apps_on_chooser" to "False" + +### Cisco JVDI Client + +* Citrix Workspace App 2010 may cause problems with Cisco JVDI. Newer ZoomVDI + versions and App Protection are no longer supported with CWA 2010. + +### Base system + +* After updating the BIOS on the HP mt645 G7 or HP mt645 G8, the device shuts + down instead of rebooting. +* Update from memory stick requires network online state (at least when multiple + update stages are triggered / necessary) +* It is not possible to perform an unattended OS12 migration to base system + 12.2.0 as an additional / manual reboot is necessary. The recommended upgrade + version for unattended migration is base system 12.2.1. +* Due to suspend/resume issues of a Innodisk NVME we disabled the suspend + support for systems where this NVME is present. The issue otherwise will lead + to a complete loose of the storage device as the NVME will not work after + resume. + +### Conky + +* The right screen when using multiscreen environment may not be shown + correctly. + Workaround: The horizontal offset should be set to the width of the monitor + (e.g. if the monitor has a width of 1920, the offset should be set to 1920) + +### Firmware update + +* A firmware update started on 11.10.100 can sporadically block, so that the + device must be rebooted manually. The update continues without problem after + reboot. +* On devices with 4 GB flash storage or smaller it could happen that there is + not enough space for updating all features. In this case, a corresponding + error message occurs. Please visit https://kb.igel.com/igelos-11.09/en/error- + not-enough-space-on-local-drive-when-updating-to-igel-os-11-08-or- + higher-101059051.html for a possible solution and additional information. + +### Appliance Mode + +* When ending a Citrix session in browser appliance mode, the browser is + restarted twice (instead of once). +* Appliance mode RHEV/Spice: spice-xpi firefox plugin is no longer supported. + The "Console Invocation" has to allow 'Native' client (auto is also possible) + and should be started in fullscreen to prevent any opening windows. +* Browser Appliance mode can fail when the Web URL contains special control + characters like ampersand (& character). + Workaround: Add quotes at the beginning and the end of an affected URL. E.g.: + 'https://www.google.com/search?q=aSearchTerm&source=lnms&tbm=isch' + +### Audio + +* Audio jack detection on Advantec POC-W243L does not work. Therefore, sound + output goes through a possibly connected headset and also the internal + speakers. +* UD3-M340C: Sound preferences are showing Headphone & Microphone, although not + connected. +* IGEL UD2 (D220) fails to restore the volume level of the speaker when the + device used firmware version 11.01.110 before. +* Microphone (TRRS headset) is broken on LG 27CN650 + +### Multimedia + +* Multimedia redirection with GStreamer could fail when using Nouveau GPU + driver. + +### Hardware + +* Some HP devices will shut down instead of restarting during the BIOS update + procedure. After manual boot of the devices, it may take up to three minutes + before anything is displayed on the screen (the only indicator is the power + LED). Wake on LAN (e.g. via UMS) does not seem to work in this state, either. + The BIOS is still updated successfully. This is currently known for HP mt645 + G7 and mt645 G8. +* Some newer Delock 62599 active DisplayPort to DVI (4k) adapters only work on + INTEL-based devices. +* Wake up from suspend via UMS does not work on HP mt645 devices. Workaround: + Disable system suspend and use shutdown instead. +* Built-in fingerprint sensor is not supported on HP mt440 G3 and mt645 G7/G8. +* MAC-Address Passthrough not supported on Lenovo USB-C Hybrid Docking Station. +* Wake-on-Lan via docking stations is not supported. +* In some rare cases it is possible that connecting or booting Lenovo USB-C + Hybrid Docking station over USB-C results in non working / faulty display + output. +** It may help to (re-)connect via USB-A. If this is the case, USB-C should be + also functional then. +* Display configuration of displays connected to HP G5 Docking Station may fail + with HP t655. + +### Remote Management + +* AIT feature with IGEL Starter License is only supported by UMS version + 6.05.100 or newer. + + +Release Notes 11.10.150 (Based On 11.10.100) +-------------------------------------------------------------------------------- + + +New Features +-------------------------------------------------------------------------------- + + +### AVD + +* Updated IGEL AVD to version 1.2.0 +* Based on the latest RdClientSDK from Microsoft +* UI update for AVD sessions +* Added UDP shortpath + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.udp-short-path` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* Added smartcard support + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.enable-smartcard` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +* Added network status + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.network-status-in-toolbar` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.network-status-on-startpage` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* Added battery status (if battery exists) + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.battery-status-in-toolbar` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.battery-status-on-startpage` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* Added hidden login + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.hidden-login` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.hidden-login-timeout` | ++------------+-----------------------------------------------------------------+ +| Value | **5000** (default) | ++------------+-----------------------------------------------------------------+ + +* Added preliminary / experimental webcam redirection + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.enable-webcam-redirection` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +* Added FPS (frames per second) indicator + ++------------+-----------------------------------------------------------------+ +| Registry | `sessions.wvd%.options.show-fps` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + + +### VMware Horizon + +* Updated VMware Horizon Client to version 2312.1-8.12.1-23543969. + +### IGEL Agent for Imprivata + +- Added teardown screensaver on badge event + - Added showing computername in lockscreen's upper right corner + - Added support for cookieinsert method for Citrix virtual server on + NetScaler. + + ++------------+-----------------------------------------------------------------+ +| Parameter | `NetScalerÿCOOKIEINSERT` | ++------------+-----------------------------------------------------------------+ +| Registry | `iia.cookieinsert` | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | ""(default) | ++------------+-----------------------------------------------------------------+ + +- Fixed Device Control Button's visibility not in sync with Computer Policy + +### Smartcard + +* Updated Pointsharp Net iD Client to version 1.1.4.38. Detailed release notes + via https://docs.pointsharp.com/net-id-client/latest/nic-release- + notes/nic-114-release-notes.html +* Net iD user service now is configurable and disabled by default - set / enable + via following registry parameter: + ++------------+-----------------------------------------------------------------+ +| Parameter | Net iD Client user service | ++------------+-----------------------------------------------------------------+ +| Registry | scard.pkcs11.netid-client.userservice | ++------------+-----------------------------------------------------------------+ +| Value | false (default) / true | ++------------+-----------------------------------------------------------------+ + +* Fixed AD/Kerberos login with username and password when login with Net iD + Client smartcard is active. For this, Net iD SessionToken was disabled by + default. It can be enabled via the following registry parameter: + ++------------+-----------------------------------------------------------------+ +| Parameter | SessionToken | ++------------+-----------------------------------------------------------------+ +| Registry | scard.pkcs11.netid-client.sessiontoken | ++------------+-----------------------------------------------------------------+ +| Value | false (default) / true | ++------------+-----------------------------------------------------------------+ + + +### Cisco Webex + +* Updated Cisco Webex VDI to version 44.4.0.29960 + +### Base system + +* Added HP BIOS tools to update the BIOS version, BIOS settings and BIOS + password on supported HP mobile devices HP Pro mt440 G3, HP Elite mt645 G7 and + HP Elite mt645 G8. IGEL supports the BIOS update mechanism only - all BIOS + updates are performed / executed at own risk! +* Added option to set hardware clock. The default, Auto, will look for Windows + partitions and, if present, assume that Windows is installed and the real time + clock is set to local time. + ++------------+-----------------------------------------------------------------+ +| Parameter | `HW clock timezone` | ++------------+-----------------------------------------------------------------+ +| Registry | `system.time.hwclock_timezone` | ++------------+-----------------------------------------------------------------+ +| Range | [Auto (default)] [UTC] [localtime] | ++------------+-----------------------------------------------------------------+ + + +### X11 system + +* Added alternative Display Switcher implementation to solve issues with + multiscreen setups on docking stations. This alternative implementation must + be enabled by following parameter: + ++------------+-----------------------------------------------------------------+ +| Parameter | `Use new user_display_xrandr` | ++------------+-----------------------------------------------------------------+ +| Registry | `x.new_user_display_xrandr` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +* The alternative implementation is only used if "Smart display configuration" + parameter is enabled: + ++------------+-----------------------------------------------------------------+ +| IGEL Setup | `Accessories / Display Switch / Options` | ++------------+-----------------------------------------------------------------+ +| Parameter | `Smart display configuration` | ++------------+-----------------------------------------------------------------+ +| Registry | `x.auto_associate` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* This implementation can not yet be used in multi GPU scenarios. + +### IgelDesktop + +* Replaced IGEL company logo with new design in wallpaper and Setup Assistant. +* Replaced IGEL company logo with new design in screensaver. + +### Audio + +* Added parameter to enable or disable audio overamplification: + ++------------+-----------------------------------------------------------------+ +| Parameter | `Output overamplification` | ++------------+-----------------------------------------------------------------+ +| Registry | `userinterface.sound.overamplification` | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | _enabled_ (default) / disabled | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | `Input overamplification` | ++------------+-----------------------------------------------------------------+ +| Registry | `userinterface.sound.input_overamplification` | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | _enabled_ (default) / disabled | ++------------+-----------------------------------------------------------------+ + + +### Evidian + +* Updated Evidian's rsUserAuth to version 1.5.8825. + - Added RFIDeas PC/SC Mixed-Mode. + Set "RFIDMixMode=on" in rsUserAuth.ini configuration file and handle + RFIDeas badges as PC/SC one. + - Added support for Read-only protection on the domain field. + Set "GreyOutDomainField=on" in rsUserAuth.ini configuration file to set + Domain field uneditable. + - Fixed welcome screen not properly displayed with different DPI Settings. + Homogenization of the entire interface. + + +### Hardware + +* IGEL UD7 H850C (UD7-LX 10, UD7-LX 11): Removed hardware support. +* Added support for Intel EC1000R network device. +* Added hardware support for HP Elite mt645 G8 Mobile Thin Client. +* Added hardware support for Lenovo Thinkpad L14 Intel Gen 5. +* Updated fwupd to version 1.9.19 +* Updated IGEL LVFS bios tools to allow controlling CapsuleOnDisk updates via + the new parameter: fwtools.bios-tools.disable_capsule_on_disk (default: true) +* Improved hardware detection of supported LG devices. +* Added support for Quectel CAT16 WW SKU - EM160R-GL Gen2 and Quectel CAT 6 WW + SKU - EM061K-GL on Lenovo ThinkPad L14 Intel Gen5 + +### Fabulatech + +* Updated FabulaTech plugins to version 4.0.0.2 +* Updated FabulaTech Scanner for Remote Desktop to version 3.6.1.3 +* Updated FabulaTech USB for Remote Desktop to version 6.2.0.0 + + +Security Fixes +-------------------------------------------------------------------------------- + + +### Chromium + +* Fixed Chromium security issues CVE-2024-6103, CVE-2024-6102, CVE-2024-6101, + CVE-2024-6100, CVE-2024-5847, CVE-2024-5846, CVE-2024-5845, CVE-2024-5844, + CVE-2024-5843, CVE-2024-5842, CVE-2024-5841, CVE-2024-5840, CVE-2024-5839, + CVE-2024-5838, CVE-2024-5837, CVE-2024-5836, CVE-2024-5835, CVE-2024-5834, + CVE-2024-5833, CVE-2024-5832, CVE-2024-5831, CVE-2024-5830, CVE-2024-5499, + CVE-2024-5498, CVE-2024-5497, CVE-2024-5496, CVE-2024-5495, CVE-2024-5494, + CVE-2024-5493, CVE-2024-5274, CVE-2024-5160, CVE-2024-5159, CVE-2024-5158, + CVE-2024-5157, CVE-2024-4950, CVE-2024-4949, CVE-2024-4948, CVE-2024-4947, + CVE-2024-4761, CVE-2024-4671, CVE-2024-4559, CVE-2024-4558, CVE-2024-4368 and + CVE-2024-4331. +* Updated Chromium browser to version 126.0.6478.114. + +### Firefox + +* Updated Mozilla Firefox to version 115.12 ESR +* Fixes for mfsa2024-26, also known as: + CVE-2024-5702, CVE-2024-5688, CVE-2024-5690, CVE-2024-5691, + CVE-2024-5693, CVE-2024-5696, CVE-2024-5700. +* Fixes for mfsa2024-22, also known as: + CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, + CVE-2024-4770, CVE-2024-4777. +* Fixes for mfsa2024-19, also known as: + CVE-2024-3852, CVE-2024-3854, CVE-2024-3857, CVE-2024-2609, + CVE-2024-3859, CVE-2024-3861, CVE-2024-3302, CVE-2024-3864. + +### Base system + +* Fixed glibc security issues CVE-2024-33602, CVE-2024-33601, CVE-2024-33600, + CVE-2024-33599 and CVE-2024-2961. +* Fixed gnutls28 security issues CVE-2024-28835 and CVE-2024-28834. +* Fixed nghttp2 security issue CVE-2024-28182. +* Fixed pillow security issue CVE-2024-28219. +* Fixed less security issue CVE-2024-32487. +* Fixed tpm2-tss security issue CVE-2024-29040. +* Fixed libvirt security issues CVE-2024-4418 and CVE-2024-2494. +* Fixed qemu security issues CVE-2024-3567, CVE-2024-3447, CVE-2024-3446, + CVE-2024-26328 and CVE-2024-26327. +* Fixed tpm2-tools security issues CVE-2024-29039 and CVE-2024-29038. +* Fixed xorg-server security issues CVE-2024-31083, CVE-2024-31082, + CVE-2024-31081 and CVE-2024-31080. +* Fixed glib2.0 security issue CVE-2024-34397. +* Fixed zulu17-ca security issues CVE-2024-21012, CVE-2023-41993, + CVE-2024-21011, CVE-2024-21005, CVE-2024-21004, CVE-2024-21003, + CVE-2024-21002, CVE-2024-21094 and CVE-2024-21068. +* Fixed webkit2gtk security issues CVE-2024-27834, CVE-2024-23284, + CVE-2024-23280, CVE-2024-23263, CVE-2024-23254, CVE-2024-23252, + CVE-2023-42956, CVE-2023-42950 and CVE-2023-42843. +* Fixed python-idna security issue CVE-2024-3651. +* Fixed libxml2 security issue CVE-2024-34459. +* Fixed postgresql-14 security issue CVE-2024-4317. +* Fixed iperf3 security issue CVE-2024-26306. +* Fixed libarchive security issue CVE-2024-26256. +* Fixed aom security issue CVE-2024-5171. +* Fixed gdk-pixbuf security issue CVE-2022-48622. +* Fixed giflib security issues CVE-2022-28506 and CVE-2021-40633. +* Fixed tiff security issue CVE-2023-3164. +* Fixed cups security issue CVE-2024-35235. +* Fixed mysql-8.0 security issues CVE-2024-21102, CVE-2024-21096, + CVE-2024-21087, CVE-2024-21069, CVE-2024-21062, CVE-2024-21060, + CVE-2024-21054, CVE-2024-21047, CVE-2024-21013, CVE-2024-21009, + CVE-2024-21008, CVE-2024-21000, CVE-2024-20998 and CVE-2024-20994. +* Fixed libndp security issue CVE-2024-5564. +* Fixed ntfs-3g security issue CVE-2023-52890. +* Fixed ffmpeg security issues CVE-2023-50010, CVE-2023-51793, CVE-2023-51794, + CVE-2023-51795, CVE-2023-51798 and CVE-2024-31585. +* Fixed ghostscript security issues CVE-2024-33871, CVE-2024-33870, + CVE-2024-33869, CVE-2024-29510 and CVE-2023-52722. +* Fixed privilege escalation in network management. +* Fixed openssh security issue CVE-2024-6387. + + +Resolved Issues +-------------------------------------------------------------------------------- + + +### Citrix + +* Fixed not working HDX webcam redirection for Citrix 2203 and later. +* Fixed Browser Content Redirection. + +### AVD + +* Fixed AVD session when driven from IGEL Imprivata Agent + +### RDP/IGEL RDP Client 2 + +* Fixed RDP Session dropping characters when input occurs too fast. + +### RD Web Access + +* Fixed Passthrough and Kerberos Authentication for RD Web Access. +* Added block for keyboard shortcuts containing windows key for RD Web Access + apps. Can be disabled in IGEL Setup + ++------------+-----------------------------------------------------------------+ +| Registry | `rdp.rd_web_access.suppress-windows-key-shortcuts` | ++------------+-----------------------------------------------------------------+ +| Value | **enabled** (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* Fixed RD Web Access failing with Error 400 by providing a new RD Web Tool. A + switch back to the old tool is possible via IGEL Setup Registry: + ++------------+-----------------------------------------------------------------+ +| Registry | `rdp.rd_web_access.options.legacy_rdweb` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + + +### Chromium + +* Fixed still being able to download files if file access was disabled - occured + in combination with empty download directory. + +### Network + +* On devices that support mobile broadband and eSim an automatic switch to the + physical sim slot is now performed if eSim has no profile assigned + +### Base system + +* Fixed Post Session Command 'Shutdown'. +* Fixed wrong assignment of socks proxy port + +### Hardware + +* Fixed missing firmware file for Intel 9462NGW Wi-Fi. +* Fixed LVFS BIOS update on Lenovo ThinkCentre M70q Gen3. +* Fixed microphone mute function key on HP mt645 G8. + +### Remote Management + +* Fixed resource leak in ICG reconnect mechanism. +* Fixed: All connections / device connectors are used during OS 12 migration + now. +* Fixed ICG reconnecting - now it reliably invokes a reconnect whenever a device + is not connected to configured ICG server. +* Fixed UMS registering via UMS registration tool in IGEL OS - if device is + registered to root directory in UMS. + + +Release Notes 11.10.100 +-------------------------------------------------------------------------------- + + +New Features +-------------------------------------------------------------------------------- + + +### Citrix + +* Updated Citrix Workspace App to version 2402. + Available Citrix Workspace Apps in this release: 2402 (default), 2311 and 2010 +* New features: +* Synchronize multiple keyboards at session start. All available keyboards on + client are synchronized with VDA after the session starts in full-screen mode. + ++------------+-----------------------------------------------------------------+ +|Parameter |`Synchronize multiple keyboards at session start` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.wfclient.SyncKbdLayoutList` | ++------------+-----------------------------------------------------------------+ +|Value | false (default) / true | ++------------+-----------------------------------------------------------------+ + +* Support for Audio volume synchronization. Synchronize audio volume between the + VDA and connected audio devices. + ++------------+-----------------------------------------------------------------+ +|Parameter |`Support for Audio volume synchronization` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.module.EnableVolumeSync` | ++------------+-----------------------------------------------------------------+ +|Value | true (default)/ false | ++------------+-----------------------------------------------------------------+ + +* Default values of the following have been changed as per Citrix. +* Enable Packet Loss Concealment to improve audio performance. + "ica.module.PacketLossConcealmentEnabled = True" +* Loss tolerant mode for audio. "ica.module.EdtUnreliableAllowed = True" +* Use system Audio in MS Teams while screen sharing. + ++------------+-----------------------------------------------------------------+ +|Parameter |`Use system Audio in MS Teams while screen sharing` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.module.EnableVolumeListener` | ++------------+-----------------------------------------------------------------+ +|Value | false (default)/ true | ++------------+-----------------------------------------------------------------+ + +* Enhanced Desktop Viewer toolbar [Technical Preview] + ++------------+-----------------------------------------------------------------+ +|Parameter |`Enhanced Desktop Viewer toolbar` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.wfclient.ToolbarVersion` | ++------------+-----------------------------------------------------------------+ +|Value | 0 (default)/ 1 | ++------------+-----------------------------------------------------------------+ + +* Customize toolbar [Technical Preview]. From this version onwards, it is + possible to activate or deactivate each button individually instead of the + entire toolbar. + ++------------+-----------------------------------------------------------------+ +|Parameter |`Show USB device button` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.module.DevicesButtonVisible` | ++------------+-----------------------------------------------------------------+ +|Value | true (default)/ false | ++------------+-----------------------------------------------------------------+ + +* Note: Similarly, you can activate or deactivate the following buttons in the + toolbar. They are all activated by default. + ica.module.CloseButtonVisible + ica.module.FullscreenButtonVisible + ica.module.MinimizeButtonVisible + ica.module.PinButtonVisible + ica.module.PreferencesButtonVisible + ica.module.ShortcutsButtonVisible + ica.module.SwitchDesktopButtonVisible +* Include system audio while screen sharing in MS Teams + ++------------+-----------------------------------------------------------------+ +|Parameter |`Share system audio` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.teams.sharesystemaudio` | ++------------+-----------------------------------------------------------------+ +|Value | false (default)/ true | ++------------+-----------------------------------------------------------------+ + +* Specify the minimum and maximum range of UDP ports for Microsoft Teams + optimization. If the UDP Port cannot be allocated for any reason, the WebRTC + falls back to TCP. Minimum range of UDP ports for Microsoft Teams + optimization. + ++------------+-----------------------------------------------------------------+ +|Parameter |`UDP Port range minimum` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.teams.PortRangeMin` | ++------------+-----------------------------------------------------------------+ +|Value | 3000 | ++------------+-----------------------------------------------------------------+ + +* Maximum range of UDP ports for Microsoft Teams optimization. + ++------------+-----------------------------------------------------------------+ +|Parameter |`UDP Port range max` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.teams.PortRangeMax` | ++------------+-----------------------------------------------------------------+ +|Value | 3100 | ++------------+-----------------------------------------------------------------+ + + +### Firefox + +* Fixed lock of browser in kiosk mode, when URL or navigation bar are blocked: + Firefox asks the user using a dialog to query for permissions of the current + website for location access, microphone and camera use, notifications and + auto-play of media streams. + In recent Firefox versions this locks the browser in case the URL-input or + even the whole navigation bar are not shown. +* To prevent, following policies / parameters are added: +* If permissions are needed, these must be granted for the specific websites in + advance. Note that wild-cards in the URLs cannot be used. + These websites, depending on the type of permission, must be added here: + browserglobal.app.permissions.microphone.allowed%.origin + browserglobal.app.permissions.webcam.allowed%.origin + browserglobal.app.permissions.location.allowed%.origin + browserglobal.app.permissions.notification.allowed%.origin + browserglobal.app.permissions.autoplay.allowed%.origin + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website with microphone access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.microphone.allowed%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website without microphone access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.microphone.blocked%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Block new requests for microphone access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.microphone.blocknew}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Microphone access settings locked}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.microphone.locked}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website with webcam access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.camera.allowed%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website without webcam access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.camera.blocked%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Block new requests for webcam access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.camera.blocknew}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Webcam access settings locked}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.camera.locked}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Allow Website to send notifications}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.notification.allowed%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Deny Website to send notifications}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.notification.blocked%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Block new notification requests}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.notification.blocknew}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Notification settings locked}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.notification.locked}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Allow autoplay on Website}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.autoplay.allowed%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Block autoplay on Website}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.autoplay.blocked%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Autoplay Default}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.autoplay.default}} | ++------------+-----------------------------------------------------------------+ +| Range | [Allow Audio and Video][Block Audio][Block Audio and Video] | ++------------+-----------------------------------------------------------------+ +| Value | _Block Audio_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Autoplay settings locked}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.autoplay.locked}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website with location access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.location.allowed%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Website without location access}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.location.blocked%.origin}} | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | empty _Default_ | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Block new location requests }} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.location.blocknew}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Location settings locked}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{browserglobal.app.permissions.location.locked}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | enabled / _disabled_ (default) | ++------------+-----------------------------------------------------------------+ + + +### IGEL Agent for Imprivata + +* Updated IGEL Agent for Imprivata to version 1.0.0. +* Added Features: +* Changed FUS (Fast User Switching) to be a standalone IGEL Session. +* Removed 'rfideas-only barrier' for virtual channel. +* Changed running text to show only the username. +* Improved logging. +* Introduced new parameter to insert command to execute on FUS user switch or + logout: + ++------------+-----------------------------------------------------------------+ +| Registry | `iia.fus_user_change_cmd` | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | "" (default) | ++------------+-----------------------------------------------------------------+ + +* Introduced new reg key to configure the LockScreen shortcut: + ++------------+-----------------------------------------------------------------+ +| Registry | `iia.lockscreen_shortcut` | ++------------+-----------------------------------------------------------------+ +| Type | string | ++------------+-----------------------------------------------------------------+ +| Value | ""(default) | ++------------+-----------------------------------------------------------------+ + +* + + +Security Fixes +-------------------------------------------------------------------------------- + + +### Chromium + +* Updated Chromium browser to version 124.0.6367.78. (ISN 2024-11) + +### Base system + +* Fixed aom security issues CVE-2021-30475, CVE-2021-30474, CVE-2021-30473, + CVE-2020-36135, CVE-2020-36133, CVE-2020-36131 and CVE-2020-36130. +* Fixed openssl security issues CVE-2024-0727, CVE-2023-5678, CVE-2023-3817 and + CVE-2023-3446. +* Fixed zlib security issues CVE-2022-37434 and CVE-2018-25032. +* Fixed pipewire security issue CVE-2022-4964. +* Fixed libuv1 security issue CVE-2024-24806. +* Fixed libwebp security issue CVE-2023-4863. +* Fixed iwd security issue CVE-2024-28084. +* Fixed qemu security issue CVE-2023-6683. +* Fixed opensc security issues CVE-2024-1454 and CVE-2023-5992. +* Fixed libde265 security issues CVE-2023-49468, CVE-2023-49467, CVE-2023-49465, + CVE-2023-47471, CVE-2023-43887, CVE-2023-27103, CVE-2023-27102, + CVE-2023-25221, CVE-2023-24758, CVE-2023-24757, CVE-2023-24756, + CVE-2023-24755, CVE-2023-24754, CVE-2023-24752, CVE-2023-24751, + CVE-2022-47665, CVE-2022-43250, CVE-2022-43249, CVE-2022-43245 and + CVE-2022-43244. +* Fixed postgresql-14 security issue CVE-2024-0985. +* Fixed tiff security issues CVE-2023-6277, CVE-2023-6228 and CVE-2023-52356. +* Fixed dnsmasq security issues CVE-2023-50868 and CVE-2023-50387. +* Fixed python-cryptography security issue CVE-2023-50782. +* Fixed less security issue CVE-2022-48624. +* Fixed expat security issue CVE-2024-28757. +* Fixed libxml2 security issue CVE-2024-25062. +* Fixed texlive-bin security issues CVE-2024-25262 and CVE-2023-32668. +* Fixed vim security issues CVE-2024-22667 and CVE-2023-2426. +* Fixed unixodbc security issue CVE-2024-1013. +* Fixed bash security issue CVE-2022-3715. +* Fixed util-linux security issue CVE-2024-28085. +* Fixed curl security issues CVE-2024-2398 and CVE-2024-2004. +* Fixed libvirt security issue CVE-2024-1441. +* Updated intel-microcode to version 20240312. +* Removed custom command selection from application start dialog of file manager + to prevent execution of arbitrary commands by user. (ISN 2024-09) +* Fixed a privilege escalation issue in the starter license. Acknowledgements to + Zack Didcott for responsible disclosure. (ISN-2014-12) + + +Resolved Issues: +* Fixed display of German Umlauts (non-ascii chars). +* Fixed password change after 2nd factor is submitted. + +### Base system + +* Changed initial default device name and hostname of UD Pockets to + "UDP". Systems already in use will only be affected after reset to + factory defaults. +* Updated OpenVPN client to version 2.6.9. +* Updated GStreamer to version 1.24.1. +* Updated Virtualbox guest tools to version 7.0.14. +* Updated MESA OpenGL Stack to version 24.0.4 +* Updated ATI/RADEON Graphics Driver to version 22.0.0 +* Updated NVIDIA Graphics Driver to version 525.147.05 +* Updated VESA Graphics Driver to version 2.6.0 +* Updated ModemManager to version 1.22.0. +* Updated kernel to version 6.6.22. + +Resolved Issues +-------------------------------------------------------------------------------- + + +### Citrix + +* Added registry key ica.chrome-double-download to control flock feature at + wfica_wrapper. 'Enable flock' blocks double app starts (due to double + downloads by Chromium browser). + ++------------+-----------------------------------------------------------------+ +|Parameter |`Control download mechanic for Citrix applications for Chrome web access` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.chrome-double-download` | ++------------+-----------------------------------------------------------------+ +|Range | [Enable Lock][Disable Lock] | ++------------+-----------------------------------------------------------------+ +|Value |enable / **disable** (default) | ++------------+-----------------------------------------------------------------+ + +* After connecting to Citrix VDA, support for multiple audio devices sometimes + may not work. This problem has been fixed. +* New parameter since CWAL-2402: Availability of Credential Insertion SDK for + cloud stores (see: https://docs.citrix.com/en-us/citrix-workspace-app-for- + linux/sdk-and-api.html) + ++------------+-----------------------------------------------------------------+ +|Parameter |`CredentialInsertionEnabled` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.authman.CredentialInsertionEnabled` | ++------------+-----------------------------------------------------------------+ +|Value | false (default) / true | ++------------+-----------------------------------------------------------------+ + +* Changed / corrected parameter name from KioskFUIEnhanced to KioskSFUIEnhanced + ++------------+-----------------------------------------------------------------+ +|Parameter |`KioskSFUIEnhanced` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.authman.KioskSFUIEnhanced` | ++------------+-----------------------------------------------------------------+ +|Type |bool | ++------------+-----------------------------------------------------------------+ +|Value |enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + +* Added parameter ica.authman.longLivedTokenSupport. Previously the value was + set to constant "false", now it is possible to set / configure. "true" enables + re-login with Selfservice. + ++------------+-----------------------------------------------------------------+ +|Parameter |`longLivedTokenSupport` | ++------------+-----------------------------------------------------------------+ +|Registry |`ica.authman.longLivedTokenSupport` | ++------------+-----------------------------------------------------------------+ +|Value | false (default) / true | ++------------+-----------------------------------------------------------------+ + + +### RD Web Access + +* Fixed RD Web Access failing with Error 400 by providing a new RD Web Tool. A + switch back to the old tool is possible via IGEL Setup Registry: + ++------------+-----------------------------------------------------------------+ +| Registry | `rdp.rd_web_access.options.legacy_rdweb` | ++------------+-----------------------------------------------------------------+ +| Value | enabled / **disabled** (default) | ++------------+-----------------------------------------------------------------+ + + +### Chromium + +* Fixed blocking file access was not working if URLBlocklist was defined as + custom policy. +* Fixed RDP sessions did not properly start from Chromium Browser. + +### Firefox + +* Fixed automatic restart of Firefox sessions. +* Fixed microphone pop-up. + +### Network + +* Added configuration for PKCS#7 encryption and signature algorithms (see sscep + options -E and -S) + ++------------+-----------------------------------------------------------------+ +| Parameter | {{PKCS#7 encryption algorithm}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{network.scepclient.cert%.encalg}} | ++------------+-----------------------------------------------------------------+ +| Range | [automatic][des][3des][blowfish][aes128][aes192][aes256] | ++------------+-----------------------------------------------------------------+ +| Value | __ (automatic) | ++------------+-----------------------------------------------------------------+ + ++------------+-----------------------------------------------------------------+ +| Parameter | {{PKCS#7 signature algorithm}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{network.scepclient.cert%.signalg}} | ++------------+-----------------------------------------------------------------+ +| Range | [automatic][md5][sha1][sha224][sha256][sha384][sha512] | ++------------+-----------------------------------------------------------------+ +| Value | __ (automatic) | ++------------+-----------------------------------------------------------------+ + +* Fixed sporadic network connection problems on Lenovo L14/L15 Gen4 AMD if + ethernet cable is un- and re-plugged. + +### Open VPN + +* Added configuration to enable legacy cryptographic algorithms for openssl. + ++------------+-----------------------------------------------------------------+ +| Parameter | `Enable legacy cryptographic algorithms` | ++------------+-----------------------------------------------------------------+ +| Registry | `system.openssl.legacy-cryptographic-algorithms` | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | **disabled** (default) / enabled | ++------------+-----------------------------------------------------------------+ + + +### OpenConnect VPN + +* Removed dependency on ipsec-tools + +### HID + +* Fixed touchpad activation/deactivation via hotkey. + +### CUPS Printing + +* Fixed PrinterLogic startup. + +### Base system + +* Fixed OS12 migration issues. + +### X11 system + +* Fixed crash with HP t655 and two monitors connected to G5 docking station. +* Added registry key to change the connector order of intel GPUs. Newer kernels + changed the order, this can be used to revert it to former state. + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Reverse the connector enumeration.}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{x.drivers.intel.reverse_connector_enumeration}} | ++------------+-----------------------------------------------------------------+ +| Range | [Default][No][Yes] | ++------------+-----------------------------------------------------------------+ +| Value | _Default_ | ++------------+-----------------------------------------------------------------+ + + +### Audio + +* Fixed audio on HP t240: Removed internal speaker and microphone devices as not + supported. Fixed hotplug of external headsets. +* Added new entry in registry to prevent automatic switching of bluetooth + profile. + ++------------+-----------------------------------------------------------------+ +| Parameter | {{Set pulseaudio auto switching headset to A2DP}} | ++------------+-----------------------------------------------------------------+ +| Registry | {{multimedia.pulseaudio.daemon.module-bluetooth-autoswitch-to-a2dp}} | ++------------+-----------------------------------------------------------------+ +| Type | bool | ++------------+-----------------------------------------------------------------+ +| Value | _enabled_ (default) / disabled | ++------------+-----------------------------------------------------------------+ + +* Changed: On first boot (after installation) all devices are set to 50% volume. +* Fixed headset at LG CK500 + +### Licensing + +* Fixed IGEL license detection on hardware where network interface + initialization takes more time. + +### Hardware + +* Fixed missing firmware file for intel 9462ngw WiFi. +* Added hardware recognition to include LG 24CN670IK6N for fixing related audio + issues. +