News Categories
507PaperCut
News
PaperCut MF 17.3.3 (Build 41828)
Posted on 12 September 2017 09:46 AM

Important Notice: If after upgrading, a CSRF validation error message (HTTP ERROR 403: Problem accessing /app. Reason: CSRF validation) is displayed while attempting to log into the Admin or User web interface, then some additional actions are required. This is related to the CSRF HTTP header origin checks introduced in 17.3.2, in line with OWASP recommendations.

Enhancements:

  • Branding customization: Report headers can now be customized with a logo, from the Options > General page.
  • User client:
    • The color of negative credit balances displayed on the balance window can now be customized.
    • Improved the User Client start-up time after a computer has gone to sleep.
  • Google Cloud Print: Added support to configure Google Cloud Print via a Proxy Server.
  • Standard Release Station: Re-positioned the login fields to prevent them from being obstructed when using an on-screen keyboard.
  • Card self-association: A username and PIN can now be used to self-associate cards at the device.
  • Added the ability to sync a user's PIN from AD/LDAP to PaperCut MF (ldap.schema.userpin-field, ldap.2.schema.userpin-field, user-source.ad.user-pin-field).
  • User and group sync: Users who are pending deletion are now displayed in the Test Sync Settings window.
  • Direct Printing: Significantly reduced the size of the Windows Direct Print Monitor installer for customers using PaperCut without a print server.
  • PaperCut MF installer: Added template custom server configuration files (service.conf / launch-app-server.conf) to help customers wanting to change server settings.
  • Reports: Users to be included in an User Ad-hoc Report can now be selected from the "User name" drop-down.
  • Shared Accounts: Added new methods to the web services API to set the Overdraft mode and value.
  • Personal Accounts: Added new methods to the web services API to set the Individual Overdraft mode and value.
  • The way in which diagnostics files are provided to PaperCut Support has been improved with an "Upload diagnostics file to PaperCut Support" option on the Options > Advanced page.
  • Updated the bundled Java SE Runtime Environment to version 8, update 131, to incorporate the latest security fixes from Oracle.
  • Payment Gateway module: The advanced API for on-demand payment now fully supports charging and balance inquiries for shared accounts.
  • Security enhancements:
    • Improved coverage of HTTP header origin checks in both the Admin and User web interface, in line with OWASP recommendations.**
    • Removed unnecessary system and operating environment data (for example, OS version, web server resources, database type) from error messages.

Fixes:

  • Windows: Fixed an issue that caused custom memory allocation settings to be ignored. As a result, the Application Server used the standard memory allocation, which is insufficient for some large sites (since 17.3.2).
  • Shared Accounts: A warning message is now displayed on the Users > User Details page if the user does not have permission to access the assigned "Default shared account".
  • Novell iPrint: Fixed an occasional issue causing print errors when enforcing grayscale or duplex print job settings.
  • Direct Printing with Email to Print: Fixed an issue preventing the Printer Details page from being saved during Direct Print setup.
  • Epson SureColor large format printers: Fixed a page count issue when using roll paper.
  • Web Print: Fixed an issue in the Admin web interface that did not display the number of documents in the Web Print queue.
  • Fixed an issue that occasionally caused an error on the Printers > Jobs Pending Release page for non built-in PaperCut Administrator accounts.
  • Provided a workaround for a rare issue that caused grayscale conversions to not be applied. A config key has been added to force grayscale conversion for all jobs on a specific print queue.
  • Fixed an issue that prevented the PRTG Template Generator from working with the SSL protocol (URLs with HTTPS).
  • Improved the layout of the Printers > Charts page.
  • Minor usability improvements to the Admin web interface, such as changed button colors and field sizes.
  • Fixed an issue when modifying fields on the Devices > Scan Actions > Details page that generated an incorrect warning message (since 17.2.4).

Copier / Device Integration:

HP (FutureSmart):

      • Added support for single-function printers (SFPs) and most small screen devices (except Pro devices and devices with 4-line displays).
      • Reduced the progress spinner animation to prevent lockups on single-CPU devices.

HP (OSA):

      • Added Integrated Scanning support on devices with 8.5" or smaller screens.
      • Added a config key to set the default native device screen that is displayed, when the user presses Access Device from the PaperCut Home screen. (ext-device.hp_osa.login.select-function).

Konica Minolta (OpenAPI):

      • Fixed an issue to ensure the Open API 4.0+ connector embeds with DEVELOP devices (i.e. Konica Minolta Business Solutions Europe GmbH).

Lexmark (LeSF):

      • Added Single Sign On (SSO) support for the native scanning solution, Scan Center.

Sharp (OSA):

      • Added Integrated Scanning support on devices with 8.5" or smaller screens.
      • Added a config key to set the default native device screen that is displayed, when the user presses Access Device from the PaperCut Home screen. (ext-device.sharp_osa.login.select-function).

Toshiba eConnect:

      • Added Integrated Scanning support on devices with 8.5" or smaller screens.
      • Added a config key to set the default native device screen that is displayed, when the user presses Access Device from the PaperCut Home screen. (ext-device. toshiba_econnect.login.select-function).

Toshiba (eSF):

      • Added Single Sign On (SSO) support for the native scanning solution, Scan Center.

Toshiba (MDS):

      • Support for branding customization (header, logo, background, and text color).
      • Added a config key to display a "Job Status" button on the PaperCut MF Print Release page to allow users to view the status of Print/Copy/Fax jobs (ext-device.toshiba.show-job-status-button).
      • Added a config key to configure the display of the user's account details and balance on the PaperCut MF Home screen (ext-device.home-screen.show-balance).
      • Fixed an issue that prevented a user from being able to log out using a swipe card when the "Auto Change Login User" setting on the device's web interface (TopAccess) was disabled.
      • Fixed an issue on the Devices > External Device List > Device Details page that displayed an incorrect Device Status, "Inactive - Waiting for user to log in", when the device was idle for 6 minutes.

Toshiba (v2):

      • Fixed an issue on the Devices > External Device List > Device Details page that displayed an incorrect Device Status, "Inactive - Waiting for user to log in", when the device was idle for 6 minutes.

Xerox (EIP):

    • EIP 3.0+:
      • Added a config key to suppress the display of the PaperCut MF Home screen after login (ext-device.xerox.register-papercut-as-default-app).
      • Fixed an issue when using Integrated Scanning that incorrectly reported number of scanned pages as "0 pages scanned".
      • Added a config key to configure the display of the user's account details and balance on the PaperCut MF Home screen (ext-device.home-screen.show-balance).
    • EIP 1.5+: Fixed an occasional issue that prevented users from viewing the Print Release screen.
    • Fixed an issue that incorrectly displayed low resolution application icons on some devices.

Other Notes:

  • **Additional actions are required to retain the CSRF HTTP header origin checks and avoid the CSRF validation error message while attempting to log into the Admin or User web interface. This is based on the way the PaperCut web server has been setup to redirect users to new pages (i.e. the way the proxy configuration handles host headers overrides):
    • either the proxy (IIS or Apache) is configured to run in front of PaperCut and override the host header, or
    • the proxy is configured to override the host header using the config key server.force-host-header in the server.properties file.
  • If you are running v17.2.1 or later, there is NO database upgrade.
  • Devices marked with * require installing an updated version of the embedded software to access new features and fixes.