Skip to content

Release Notes

Host Access for the Cloud version 2.7.5 released November 2022. These release notes list the features, notable changes, and known issues in this release. Host Access for the Cloud provides terminal emulation for 3270, 5250, VT, ALC, UTS, and T27 host types, while requiring only an HTML 5-capable browser.

Management and Security Server

Host Access for the Cloud 2.7.5 released with Management and Security Server version 12.8.5

note

The End User License Agreement (EULA) is available in English, Spanish, French, Italian, and German in the <install location>\licenses directory.

What’s New

All releases are cumulative and contain the features introduced in earlier releases. For previous versions, see HACloud Documentation.

Features and fixes include

  • Apache Commons Text library updated to version 1.10.0 to mitigate CVE-2022-42889 (2.7.5)

  • Apache Shiro library updated to version 1.10.0 to mitigate CVE-2022-40664 (2.7.5)

  • Removed the JXPath library to mitigate CVE-2022-41852 (2.7.5)

  • Fixed bug that occasionally led to inconsistencies in user preference data in a clustered deployment. (2.7.4)

  • Fixed bug that occasionally resulted in SAML related errors on servers under high load. (2.7.4)

  • Applied security updates and additional bug fixes. (2.7.4)

  • Windows Authentication - Kerberos is available for end users launching sessions via the Assigned Sessions list. (2.7.3)

  • Automated Sign-On for Host Access is a new feature that allows an end user to receive a one time, time limited passcode to sign on to back-end host systems. The passcode is associated with the end user's host userid and only issued if the host has authorized the connection. Note: This feature requires some changes on the host. (2.7.2)

  • Host Access for the Cloud sessions can be exported and imported using the MSS Admin Console. (2.7.2)

  • Support added for IPv6 in dual stack (IPv6/IPv4) environments (2.7.2)

  • Thymeleaf library upgraded to mitigate a critical CVE. (2.7.2)

  • Users can now double-click to select a word in the Web Client terminal. (2.7.1)

  • Log4j library has been upgraded to version 2.17.1 to mitigate multiple CVEs. (2.7.1)

  • Information on how to run HACloud as a dedicated, non-administrative, user (2.7.1)

Changes in Behavior

  • Host Access for the Cloud is adopting new deployment models, a virtual appliance and Linux RPMs. This change will simplify deployment, security, scaling, high availability and ongoing maintenance. A preview will be provided before the official release.

    To ease into this change, Host Access for the Cloud will continue to support existing installation types. In our major release, Windows customers will have the option of migrating to the appliance or running the appliance along with their Windows-based MSS installations. In subsequent releases, older installation types will no longer be supported. All of our customers can be assured that Host Access for the Cloud will continue to provide all the support necessary to transition to the new virtual appliance.

  • The Java runtimes used in HACloud and MSS have been updated to Java 11. When using the "no JRE" installer, you must now provide a Java 11 JRE. (2.7.3)

  • Based on customer feedback, the Web Client paste settings Wrap to next field on current line and Wrap to next line are now enabled by default in newly created sessions. (2.7.3)

  • The updated MSS Administrative Console supports Chrome, Edge or Firefox. You can no longer access the Admin Console using Internet Explorer 11. (2.7.3)

  • The property name used to enable extensions is now called extensions_enabled, containing an underscore. The previous hyphenated value of extensions-enabled is deprecated and will be removed in an upcoming release. (2.7.2)

  • IP address SAN entries are no longer added to generated self signed certificates. This change was made to avoid problems resulting from dynamic IP addresses. IP addresses can still be explicitly added during install if necessary. (2.7.2)

  • All servers in an MSS cluster must now be running on the same platform, for example either all Windows servers or all Linux servers. (2.7.2)

  • Due to Microsoft continuing to retire Internet Explorer 11, our ability to resolve IE 11 browser specific issues will be limited after June 2022. We will continue to support IE 11 on versions of HACloud that currently support it, based on the Product Support Lifecycle, but will be removing support for IE 11 in HACloud 3 and greater. (2.7.1)

  • To help prevent cross-site request forgery attacks, the default SameSite attribute on the session server cookie has been updated from None to Lax. This change may affect the JavaScript SDK and SAML authentication behind a load balancer. You can edit this attribute if needed. See Setting the SameSite Attribute. (2.7.1)

Known Issues

Micro Focus Technical Support is always available to help you with any issues you may encounter in Host Access for the Cloud.

  • NTLM - Customers using Single Sign-on through Windows to authenticate to Host Access Management and Security Server (MSS) are subject to the Netlogon Elevation of Privilege Vulnerability (CVE 2020-1472). See the MSS Release Notes for more information. With the addition of Kerberos support, NTLMv2 support will be removed in an upcoming release.

Unresolved issues from previous releases are listed in Technical References.

Release Tracks

Host Access of the Cloud provides the following release tracks for you to choose from depending on your needs.

Long-Term Support Release

  • Recommended for all customers.

  • Only receives critical security updates. No new features.

  • Release cadence is approximately once per year.

  • Version numbering example: 2.7

Incremental Release

  • Recommended for customers interested in the latest features.

  • Contains major changes - new features and bug fixes.

  • No patches / updates will be provided.

  • Security updates are obtained by upgrading to the next Incremental or Long-Term Support Release.

  • Release cadence is approximately four to six times per year.

  • Each Incremental Release is a step toward the next Long-Term Support Release.

  • Version numbering example: 2.7.1

Contacting Micro Focus

For specific product issues, contact Micro Focus Support.

Additional technical information or advice is available from several sources:

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.microfocus.com/legal.

© Copyright 2022 Micro Focus or one of its affiliates

The only warranties for this product and any associated updates or services are those that may be described in express warranty statements accompanying the product or in an applicable license agreement you have entered into. Nothing in this document should be construed as creating any warranty for a product, updates, or services. The information contained in this document is subject to change without notice and is provided “AS IS” without any express or implied warranties or conditions. Micro Focus shall not be liable for any technical or other errors or omissions in this document. Please see the product’s applicable end user license agreement for details regarding the license terms and conditions, warranties, and limitations of liability.

Any links to third-party websites take you outside Micro Focus websites, and Micro Focus has no control over and is not responsible for information on third party sites.