What’s New

This chapter describes enhancements implemented in AccuRev 25.4.

Password policy implemented for all AccuRev user interfaces

This release enforces a password policy across all AccuRev user interfaces, including CLI, Desktop UI, WebUI, and Git-Server. The policy uses a username-password authentication mechanism that mandates strong and complex passwords to enhance the security.

    Note:
  • The password policy applies only when both the server and clients are updated to version 25.4.
  • The new password policy does not apply to the clients who use a version earlier than 25.4, even if the server is updated to version 25.4.

Password guidelines

The following table lists the password policy guidelines. Before upgrading, administrators must make sure that all AccuRev users reset their existing password based on the password policy.

Note: There might be issues when you log in if the old password does not comply with the new password policy guidelines. OpenText recommends that you reset your password based on the password policy guidelines before you log in.

Password guideline Details
Password length

Minimum of 8 characters, and maximum of 128 characters.
Requirements

A password must contain at least one uppercase letter, one lowercase letter, one number, and any one of the special characters ( underscore (_), hyphen (-), period (.), question mark (?), pound sign (#), at sign (@), percent sign (%), exclamation mark (!), asterisk (*), ampersand (&), and dollar sign ($) ).
Restrictions
  • Password cannot be the same as the username.
  • New password cannot be the same as the old password.
  • Password must not contain space.

Password policy configuration

When you upgrade to version 25.4, the password policy feature is enabled by default. Administrators can use the following parameters in the acserver.cnf file to configure the password policy:

  • To disable the password policy feature, set the ENFORCE_PASSWORD_POLICY parameter to false.
  • To disable the password expiry feature, set the ENFORCE_PASSWORD_POLICY_EXPIRATION parameter to false.

Password expiration and reset

If both the ENFORCE_PASSWORD_POLICY and ENFORCE_PASSWORD_POLICY_EXPIRATION parameters are set to true, you will be notified about password expiration every 90 days. While the 90-day cycle is not explicitly listed in the configuration file, you will receive password expiry warnings starting from the 80th day until the 90th day. If you do not reset your password within this time period, the account will be locked on the 91st day. However, administrators can reset your account using the maintain chpasswd command.

Back to top

PulseUno updated to version 24.2

PulseUno has been upgraded to version 24.2.

Following are some of the enhancements in PulseUno:

  • UI look and feel have been changed.
  • Security fixes.

Back to top

Git-Server enhancements

Git-Server has the following enhancements:

  • UI look and feel have been changed due to library updates.
  • Security fixes.

Back to top

Third-party component and security upgrades

The following third-party components have been upgraded in AccuRev 25.4:

  • The AccuRev JRE for server installer and client installer has been upgraded to 17.0.15.
  • Tomcat has been upgraded to 9.0.109.

  • OpenSSL has been upgraded to 3.1.7.

  • To ensure AccuRev remains a secure SCCM solution, OpenText performs internal security testing using industry-standard security scanning and static code analysis tools, including OpenText Fortify. In this release, we updated several third-party libraries and underlying frameworks to enhance security posture and stability.

  • PostgreSQL Database has been upgraded to 17.2.

Note: When upgrading from version 7.x to 25.x, enter the current PostgreSQL database parent path followed by 17.2 in the Please Choose a Folder dialog box that appears during installation. For example, if your current database path is C:\Program Files\AccuRev\DB\9.5, then you should enter C:\Program Files\AccuRev\DB\17.2 in the dialog box.

Back to top

See also: