D237: Duo Release Notes for April 1, 2022

Hello everyone! Here are the release notes for the most recent updates we’ve made to Duo.

You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below.

What’s in this release?

New features, enhancements, and other improvements

New and updated applications

Bug fixes

See all bug fixes


New features, enhancements, and other improvements

Improvements to Administrator Actions log entries

  • Multiple improvements in the Administrator Actions log related to managing AD and Azure AD Syncs:
    • The Duo Authentication Proxy configuration download log for Active Directory Sync, created when an administrator downloads an Authentication Proxy configuration file, now names the associated connection and lists any directory syncs that use that connection.
    • Viewing a secret key will log a more specific message of “Viewed Directory Sync Connection secret key”, replacing the more general phrase, “Viewed secret key”.
    • Resetting a secret key will log a more specific message of “Reset Directory Sync Connection secret key”, replacing the more general phrase, “Modified application”.
    • Added an Administrator Actions log entry when an administrator authorizes or reauthorizes an Azure AD Sync in the Admin Panel. Log details will include: tenant name, tenant ID, UPN (the user that authenticated), authentication date, and directories that currently use the connection.
  • Improvements related to administrator logging:
    • The date an administrator was created will now be included in CSV and JSON exports of the Administrator Actions log, as well as in Duo Admin API objects.
    • Administrators created before Duo started tracking creation timestamps in October 2021 will return an empty string in these exports, and None for the Admin API.

Additional information now displayed on Endpoints page in Admin Panel

  • Trusted Endpoints devices listed on the Endpoints page in the Admin Panel now show the Trust Type and Management System Name to provide more information about trust established by the Duo Device Health application.

Added information to Authentication Proxy details pages used with Duo Single Sign-On

  • Authentication Proxies used with Duo Single Sign-On now include a Details section in the Admin Panel that includes more information about the proxy, including display name, hostname, status, and version. Note: Hostname is only displayed for versions 5.2.0 and newer of the Authentication Proxy.
  • The Details section will appear after the proxy has successfully connected to Duo’s SSO service.

Duo Admin Panel performance improvements for User details pages

  • Removed the display of user counts from associated user groups on the User details page in the Admin Panel in order to improve page load performance.

New and updated applications

Duo Authentication Proxy version 5.6.1 released

We encourage all customers to upgrade to the latest Duo Authentication Proxy release to receive security updates.

  • OpenSSL has been updated to include the fix for CVE-2022-0778.
  • The Authentication Proxy Manager now correctly recognizes error return codes for unparseable configuration files.
  • The Authentication Proxy Manager now correctly recognizes api_host entries with multiple hyphens as valid.

Duo Mobile for iOS version 4.12.0 released

  • Various behind-the-scenes improvements and minor bug fixes.

Duo Mobile for Android version 4.12.1.1 released

  • Added language support for Indonesian, Italian, Korean, Simplified Chinese, Polish, and Thai.
  • Other behind-the-scenes improvements and minor bug fixes.

Bug fixes

  • Fixed a bug that prevented two directory syncs per day from taking effect as the new default for all customers.
  • Fixed a bug in which an unknown error that occurred when checking a connection to Azure for a Directory Sync will no longer prevent attempts to reauthorize the connection.
  • Fixed a UI bug in which the Company Details fields on the Settings page in the Admin Panel appeared editable but changes were not saved because that section was read-only.