This patch update resolves specific previous issues. This document outlines why you should install this patch update.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the NetIQ Self Service Password Reset forum on Micro Focus Forums, our online community that also includes product information, blogs, and links to helpful resources.
The following sections outline the key features and functions provided by this version, as well as issues resolved in this release:
NetIQ Self Service Password Reset includes the following security improvement:
This patch resolves a potential authorization bypass issue as described in the CVE-2019-11652.
NetIQ Self Service Password Reset includes the following software enhancements and fixes for this release:
This patch resolves the issue where Self Service Password Reset returns the SSPR 5071 error if a user tries to reset password using the OAuth authentication and click Cancel. The only option a user has is to close the browser window. (Bug 1135823)
This patch resolves the issue where the external REST web service clients do not encode the HTTP requests using the UTF-8 character set. Therefore, non-English Unicode characters might get corrupted while sending the request. (Bug 1141937)
This patch resolves the issue where the People Search module, configured for public use, does not display the photos of the users. (Bug 1138328)
This patch updates the text in a health error that states the LDAP server not being available to a simple and understandable error message. When Self Service Password Reset can communicate with the LDAP server, the health monitor clears the error. (Bug 1137399)
This patch resolves the issue where if you select an LDAP Group instead of the default LDAP filter value in Settings > Password Expiration Notification > Expiration Notification > User Match, Self Service Password Reset does not send emails that contain password expiration notifications. Self Service Password Reset now sends these notifications if you apply this patch. (Bug 1140304)
NetIQ Self Service Password Reset includes support for the following operating system versions:
Appliance: You can deploy the Self Service Password Reset appliance in the following virtual systems:
Hyper-V version 2016 (version 10 with the latest patches)
VMware ESX 6.5 or later
Windows .msi File: You can deploy the Self Service Password Reset .msi file on the following platforms:
Windows Server 2016
Windows Server 2012
Microsoft Azure Marketplace Windows 2016
WAR File: You can deploy the Self Service Password Reset WAR file on the following platforms:
Red Hat Enterprise Linux Server 7.4 or later (64-bit)
SUSE Linux Enterprise Server or later (64-bit)
12 SP 3
11 SP 4
Amazon Web Service EC2 SUSE Linux Enterprise Server 12 SP 3
Red Hat Enterprise Linux 7.4
SUSE Linux Enterprise Server 12 SP 3
For detailed information on system requirements, supported operating systems, and browsers, see Deployment Requirements of Self Service Password Reset
in the Self Service Password Reset 4.4 Administration Guide.
To install Self Service Password Reset, see Installing Self Service Password Reset
in the Self Service Password Reset 4.4 Installation Guide.
To upgrade your current deployment of Self Service Password Reset to this version, see Upgrading or Migrating Self Service Password Reset
in the Self Service Password Reset 4.4 Installation Guide.
Complete the following steps to verify that the installation was successful.
To check the installed version:
Log in to the Self Service Password Reset administration console as an administrator.
In the toolbar, click your name, then click Administration.
Click the About tab, then verify that the SSPR Version is v 4.4.0.3 b380 r39786.
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information website.
For general corporate and product information, see the NetIQ Corporate website.
For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2019 NetIQ Corporation. All Rights Reserved.