Security |
- Introduced the HMAC SHA384 system to enhance security and
include stronger encryption for SCM packets so that the hash
cannot be easily hacked or changed by a malicious
actor.
- Introduced the ability to allow SCM installer to configure
SSL by default, and be accessed in https mode only. Users
can either use an existing SSL certificate or create a new
self-signed certificate during SCM installation.
- Fixed security issues related to Stored Cross Site scripting
(XSS), SQL injection, Reflected XSS, Cross Site request
forgery (CSRF), Path traversal/Directory traversal, Insecure
Data storage, Insecure cookie, Parameter tampering,
Upgradation of existing library, and Password
encryption.
|
Removal of hardcoded public and private keys |
Removed the existing hardcoded public and private keys from the
code and configuration files. |
.Net Framework |
- Upgraded to .NET Framework 4.8 for both SCM installer and
SCM Web application.
- SCM Installer is also upgraded to check for .NET 4.8 as a
prerequisite before installation.
- Removed dependency of .NET 3.5 from runtime / hosting
environment for SCM installer and the Web application.
|
Platform |
- SCM now supports Windows Server 2022
- SCM now supports Windows 11
|