Wickr Enterprise - Release Notes

added Backend

• Aligned version release with client numbering scheme (ie 1.XX to 6.xx)

added Desktop

• Optimizations to improve application startup time on initial login
• Initial updates for coming Guest User functionality currently scheduled for mid-June

added Android

• Added new force update UI
• Added force update background notification when new messages come in

added iOS

• No change

added Bot

• No change

fixed Backend

• Updated container images to mitigate security vulnerabilities

fixed Desktop

• ‘\n’ seen in Recover your account window in non-English languages
• Call doesn’t hang up by pressing Esc key
• Occasionally user cannot paste a copied image/screenshot to chats on desktop clients,
• Non-SSO room recovery triggered erroneously on subsequent logins AFTER reset device
• Cannot upload files on desktop after new update on server for upload endpoint

fixed Android

• Fixed bug to support multiple network invites with the same network name
• Fixed issue with tinting of password visibility toggle
• Fixed issue where user is redirected to wrong emoji after one is removed
• Fixed issue where out of network globe icon is cut off on some devices
• Adjusted @ mentions to not use custom names (security fix)
• Adjusted dashboard message preview to show @ mention names
• Fixed issue with keyboard closing after sending messages
• Fixed editing messages so @ mentions are persisted during editing and sending
• Fixed bug with showing reset/suspend dialogs caused by invalid passwords during AWS registration flow
• Networking improvements (updated some network calls, e.g. convo/contact backup, getting user profiles, etc)
• Some 3p library updates, removed some 3p libraries
• Updated default call audio mode to earpiece instead of speaker (when available) and gray it out if toggling it is not supported
• Highlight @ mentions in message edit preview
• Updated some colors and copy in registration for accessibility
• Show error message if no compatible browser is found for SSO auth

fixed iOS

• Hide name when anonymous notifications enabled
• Added fix for badge count
• Added crash fix on registration screen recording
• Improved global search

fixed Bot

• Updated bots and documentation to use new support email wickr-support@amazon.com from support@wickr.com.
• Start transition of bot images from DockerHub to AWS Elastic Container Registry (ECR).
• Move from Forever process manager to WPM2 manager for improved handling of bot processing (e.g. stop, start, restart).
• Performance improvement for large broadcasts in the broadcast bot.
• ISO format timestamp has been added for message JSON.
• Mutex lock enhancements have been made to reduce the possibilities of database lockups.

added Backend

• Adding feature for force upgrade.
• Added support for certificate revocation.
• Add metrics for keyframe requests.
• Add metrics for audio and video latency breakdown.

added Android

• Emoji Reactions
• App Force Update
• Optional Certificate Pinning
• Added support for BSON network calls to the networking library
• Updated build process to create AABs instead of APKs
• Added support for plaintext bytes network calls to the networking library
• Updated NPL to 2.84.0
• Back-ported force update UI and notification updates
• Updated signing key process
• Print SSL cert chain after SSL handshake errors when cert pinning is disabled
• Updated translations

added iOS

• Emoji Reactions

App Force Update

Optional Certificate Pinning

Added support for certificate revocation

added Desktop

• Copy changes for on-boarding
• Optional cert pinning
• Enhanced emoji reactions
• Improve the UX for forced update
• Added support for certificate revocation

fixed Backend

• Adding user id in the APNS message
• Remove 60 participants limit on 4+ years old clients

fixed Android

• Fixed crash when trying to show coachmarks while authentication is enabled
• Updated onboard flow to properly handle enter key to submit forms
• Updated check email screen copy
• Fixed email entry to prevent spaces
• Updated libraries to address CVEs in some libraries
• Adjusted switchboard retries to debug scenario where retry didn’t happen
• Added fix and guard against crash during message expiration on convo screen
• Added fix and guard against crash when updating unread floating action buttons on convo screen
• Dismiss message reaction screen after last reaction is removed
• Updated fingerprint library to fix 2 crashes
• Fixed issue with toolbar titles not updating when swiping between dashboard tabs
• Updated NPL to 2.84.1
• Fixed call message text color on dashboard
• Fixed missing translations
• Fixed home screen shortcut icons

fixed iOS

• Added notification fixes
• Added Force update UI
• Fix bug where verification was enabled for BOT user
• Fix leave, pin or delete room when there is only one device on account
• Added protection against empty room name.
• Enable New Emoji
• Fix badge count for app
• Fix camera permission on scan QR code view
• Fix app update manager getting dealloc early
• Fix room creation without valid name
• Included logs for cert pinning is on or off
• Fix layout issue on forgot password
• Fix large image icon on gov cloud app
• Added protection for key id being incorrect or lower
• Fix application badge
• Added protection for key id being incorrect or lower
• Emoji color Corrections.
• Added Notification changes to support non preview notification (In case message failed to download.)
• Updated code to support new field (UserID) in APNS Payload.
• Added fix for room recovery request not being sent out
• Added crash fix on app logout click
• Added fix for DM not getting deleted, when user has only one device
• Added initial changes for Typing Indicator and typing indicator accessibility changes.
• External member indicator not seen in reaction list
• Fixed Saved Link gesture on message bubble
• Sign-in button clickable multiple times
• Fixed User sorting to match other platforms
• Fixed Reaction List dynamic font size issues.
• Fix pin/unpin for convo without internet.

fixed Desktop

• Fix an issue where room recovery can repeat after restarting the app
• Fix an issue where file extensions in the file name are incorrect for saved files

• Updated OpenSearch to v1.3.9 to address CVEs in their software.

Added Desktop

• Adding support for “Performance Message Caching” option in production desktop builds.
• Adjust Push Config to honor new cert pinning flag

Added Android

• Migrated to new SQLCipher library.

fixed Desktop

• Fix remaining issues with performance message caching, to get production ready.
• Desktop SSO Device Sync Issues on Enterprise and AWS Wickr.
• macOS Client 6.8.1 Does Not Send All Characters When Typing Quickly.
• Bug: Decryption errors when trying to download attachments.
• Unread count and @ mention are getting disappeared once user navigates back from room/group/dm chat after reading some of the unread messages.

fixed Android

• Fixed duplicate Talkback scenarios around emojis.
• Fixed SQLCipher crashes.
• Added fix to prevent crash when downloading older messages.
• Fixed issue with fragment loading on the main dashboard.
• Fixed initialization of NPL libraries to support AAB builds.
• Fully log out of session when resetting app to cancel background tasks.
• Fixed issue with calling support detection related to new build process.
• Fixed infinite loop when trying to send location if OS location is off.
• Fixed regression with trying to load network directory on Messenger.
• Fixed issue with loading post-onboarding dialogs if user opened settings screen.
• Fixed copy when user is removed from a room while on the reactions list screen.
• Fixed issue with email polling during registration after backgrounding app.
• Fixed data retention bot data handling on first login due to not having self network ID yet.
• Fixed race condition causing directory contacts to load incorrectly after changing themes.
• Fixed scenario where API code error wasn’t being used on auth screen.
• Added handling for NPE when user validation network call fails when sending message.
• Fixed not updating out of network icon on dashboard when convo membership changed.
• Removed server randomization flag so servers always randomize (Server no longer sends this value).
• Removed White Label apps and settings.
• Removed unused Strings from the app.
• Save user domain value from getUserInfo.
• Updated Talkback text for quick emojis.
• Updated handling of data retention dialog.
• Updated NPL wrapper lib to latest plugins/libs.
• Updated calling lib to latest plugins/libs.
• Updated Gson to 2.8.9 to mitigate https://nvd.nist.gov/vuln/detail/CVE-2022-25647.
• Updated JSoup0 to 1.15.4 to mitigate https://nvd.nist.gov/vuln/detail/CVE-2022-36033 and https://nvd.nist.gov/vuln/detail/CVE-2021-37714.
• Updated Gif Drawable to 1.2.25 to mitigate https://nvd.nist.gov/vuln/detail/CVE-2022-23435.
• Updated SQLCipher to 4.4.3. -Updated Protobuf to 3.21.12 to mitigate https://nvd.nist.gov/vuln/detail/CVE-2021-22570, https://nvd.nist.gov/vuln/detail/CVE-2021-22569, https://nvd.nist.gov/vuln/detail/CVE-2022-3171, https://nvd.nist.gov/vuln/detail/CVE-2022-3509, and https://nvd.nist.gov/vuln/detail/CVE-2022-3510.