HCL Software is pleased to announce an update to BigFix WebUI.
This release delivers important security updates, and it upgrades NodeJS library to version 18.
As a result, BigFix WebUI Server is no longer supported on Windows Server 2012, Windows Server 2012 R2 and RHEL 7.
For more information and help on upgrading your WebUI Server if needed, please refer to:
Important BigFix WebUI update - RHEL 7 and Windows 2012/R2 to no longer be available as WebUI operating systems - Release Announcements - BigFix Forum
This release also includes:
Patch and Patch Policies:
A new feature is available to optimize the Patch Policies performances by increasing the target hit rate.
This new functionality is by default turned off, and must be enabled by setting the following webui server setting:
_WebUIAppEnv_PP_CONTENT_STRATEGY_OVERRIDE='targetā
By default, when a Patch Policy runs, the MAG (Multiple Action group) will include all fixlets that are relevant to any endpoint the operator has visibility of, regardless if the endpoint is actually targeted by the policy. This potentially creates a high number of unnecessary actions. The new setting changes this behaviour; once enabled, when the Patch Policy schedule runs, the MAG will only include the fixlets that are in that moment relevant for the endpoints targeted by the policy.
This new behavior will only apply to the Patch Policy schedules that use the following targeting methods:
- Target by Property
- Target by Group
- Target by Device
Schedules that use āTarget by Relevanceā will continue to work as before.
In order to use this new functionality, BigFix Web Reports must be installed, running, and reachable via the REST API. If it is unreachable, the system will use the the original behavior.
Added support for Ubuntu 22.04, Rocky Linux 8, Amazon Linux 2 on Graviton in Patch and Patch Policies
Insights:
Improvement to ETL management
Failure in ETL sometimes caused the next ETL to show a past date in some environements. The issue has been fixed so that if an ETL fails, the next ETL date would show correct future date.
The WebUI release addresses the following Security Vulnerabilities:
(CVE-2023-26117, CVE-2023-26116, CVE-2023-26118) XLTS for AngularJS
(CVE-2022-23539, CVE-2022-23540, CVE-2022-23541) jsonwebtoken
(CVE-2022-43441) sqlite3
This release addresses the following Defect Articles:
KB0102980: Non-Master Operators are unable to deploy custom contents
KB0103755: Non-Master Operator cannot delete computers
KB0103734: Slow response time for WebUI > Device > Deploy - Patch
KB0102119: WebUI baseline deployment time deducts 1 min start/end time
KB0102274: WebUI Common 75 update causes SAML login failure
KB0102515: WebUI may not honor the predefined settings when deploying custom content
KB0102976: WebUI stored procedures can create long SQL Server blockings
KB0094270: Insights Deviceinventory report: inconsistency in the Total Devices
KB0102419: BigFix IVR Published dates show āInvalid DateTimeā when Browser language is not English
How to update
WebUI will update automatically by default, unless configured otherwise.
Please note that updates for BigFix Insights must be done manually via the Application Updates page on WebUI. For more information, please see https://help.hcltechsw.com/bigfix/10.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html.
Published WebUI Site Versions
Application Administration 29
Common 77
Custom 39
Patch 37
Patch Policies 33
Profile Management 22
Query 32
Software Distribution 44
WebUI API 14
WebUI CMEP 11
WebUI SCM 6
WebUI Content App 18
WebUI Data Sync 22
WebUI Extensions 3
WebUI Insights 15
WebUI IVR 4
WebUI Framework 24
WebUI MDM 16
WebUI Permissions and Preferences 17
WebUI Reports 12
WebUI Take Action 25
WebUI Documentation link:
https://help.hcltechsw.com/bigfix/10.0/webui/index.html
HCL BigFix - WebUI Team