RELEASE NOTES

Version 1.2

Release Date

22 March 2019

[Important Notes]

The release focuses on security and application stability.

 

[New Feature]

  • Refresh tokens are introduced to allow active user to continuously work on the web portal.

  • Session ideal timeout of 60 minutes in introduced.

  • New export report layout. This layout allows import of data to other systems.

  • Stricter CORS policies are applied to enhance security.

  • Improved Authentication scheme applied to enhance security.

  • X-Frame options introduced to enhance security.
     

[Fixed Issues]

  • Intermittent “Invalid Barcode” error come up even after valid scans.

  • JQuery library 1.1 used on the web frontend update to the latest 3.3.1 version.

  • Bootstrap version upgraded from 3.3.2 to 3.4.1.

  • Product Name now populating on the exported reports.

  • NMVS password renewal process updated as per NMVS guidelines.

  • Serialisation – “Product Management” EMVO call-backs updated.

  • Serialisation – “Create Pack” call-backs are now presented to the user.

  • Serialisation – “Create Pack” job review time-stamp fixed.

  • Serialisation – “Create Pack” job review of product commission fixed.
     

[Known Issues]

  • Initial user login takes long time.
     

Version 1.1.1

Release Date

25 February 2019

[Important Notes]

  • Patch release to enhance the barcode logic to cover “NMVS_FE_LOT_12” error code. FMVerify is not affected by this issue but further validation checks are introduced.
     

[New Feature]

  • Added newly supported GS1 barcode patterns as per the EMVS guidelines.

 

 [Fixed Issues]

  • Added checks to verify Expiry date consistency to cover the “00” in the pattern.

  • Functionality updated for the Product Barcode scan box under “Monitor” page.
     

[Known Issues]

  • Intermittent “Invalid Barcode” error come up even after valid scans.

  • Initial user login takes long time.
     

Version 1.1

Release Date

07 February 2019

[Important Notes]

  • This version is a first production ready version with LTS.
     

[New Feature]

  • Serialisation module is fully integrated with the system.

  • AWS Web Application Firewall enhanced with the support of UK Geolocation checks.

  • Manual re-submit of Bulk transaction is introduced in the monitor section.

  • Session Authorisers are introduced to further secure the environment.
     

[Fixed Issues]

  • User session management data is fully encrypted.

  • The inactive “Report” menu item is removed.

  • Browser page refresh does not break the user session.

  • Bulk transaction auto submission does not happen when aggregation code is used.
     

[Known Issues]

  • Intermittent “Invalid Barcode” error come up even after valid scans.

  • Initial user login takes long time.
     

Version 1.0

Release Date

22 January 2019

[Important Notes]

  • This version is a quick release and not part of LTS (Long term support).

  • The environment is linked with the Production UK NMVS endpoints.

  • Environment is part of secure AWS production setup with no customer data access to Codesplice Ltd.
     

[New Feature]

  • New Barcode check logic: The new logic is based on GS1 Datamatrix standards released by European Medicines Verification Organisation (EMVO)

  • 30 minute ideal session timeout introduced.

  • AWS Web Application Firewall implemented with below checks:

    • Honeypot: This component creates a honeypot to lure and deflect content scrapers and bad bots. A discrete API Gateway endpoint (embedded in the web application) triggers a custom AWS Lambda function, which intercepts the suspicious request and adds the source IP address to the AWS WAF block list.

    • SQL injection and cross-site scripting protection: The solution automatically configures two native AWS WAF rules that protect against common SQL injection or cross-site scripting (XSS) patterns in the URI, query string, or body of a request.

    • Log parsing: A custom AWS Lambda function automatically parses access logs to identify suspicious behaviour and add the corresponding source IP addresses to an AWS WAF block list.

    • Manual IP lists: This component creates two specific AWS WAF rules that allow you to manually insert IP addresses that you want to block (blacklist) or allow (whitelist).

    • IP-list parsing: A custom AWS Lambda function automatically checks IP reputation list “emergingthreats” hourly for malicious IP addresses to add to an AWS WAF block list.

    • HTTP flood protection: This component configures a rate-based rule that automatically blocks web requests from a client once they exceed a configurable threshold.

  • A pop-up message is introduced to prompt users to close current transaction before navigating away from the current page with an open transaction.
     

[Fixed Issues]

  • “Upload Certificate” under “Administrator” menu item is enabled.

  • “NMVS Password Renewal” under “Administration” menu item is enabled.

  • Inter-market packs are tested successfully.

  • Rapid Scan random unsubmitted data presented as “white row” fixed.

  • Support for TLS v1.1 removed to enhance security.
     

[Known Issues]

  • The “Report” menu item is disabled.

  • Bulk transaction is auto-submitted when aggregation code is used.

  • Serialisation Module is not completely integrated in the environment.

  • Browser page refresh breaks the session.

  • Initial user login takes long time.

  • Web Application Firewall – Geolocation checks are not implemented: Geolocation checks are used to confirm the client source IP is based inside UK.

  • User session management data is not encrypted.
     

Small Logo.png

 Address. 37 Chestnut Drive, Harrow, Middlesex HA3 7DL, UK

Tel. +44 (0)333 444 3150

  • LinkedIn Social Icon

© 2019 by Codesplice Ltd. | Privacy Policy