SR-121429 · Issue 187948
Encoded handling for Chinese characters in SOAP
Resolved in Pega Version 7.1.8
Signature verification failed when a SOAP message contained multibyte Chinese characters. This was due to the engine passing platform specific request bytes instead of sending UTF bytes to the third party metro webservices code when signature is enabled. The JAR encoding has been modified to use the style it gets in the request in order to bypass third party platform decisions.
SR-121464 · Issue 182061
Editing privileges corrected for the clipboard
Resolved in Pega Version 7.1.8
An issue was found where it was possible to use the "Edit" option in the clipboard even when the clipboardViewerUpdate privilege is set "0" or blank. This has been resolved via rule check-in with a 'clipboardViewerUpdate on Edit' function to ensure proper privilege setting.
SR-121501 · Issue 183603
Enhanced security for SQL exceptions errors
Resolved in Pega Version 7.1.8
In order to avoid a potential security vulnerability, the error messages generated by database exceptions have been made consistent for DB2 and Oracle and do not display SQL information in the log.
SR-121623 · Issue 186850
Added WS-addressing UI check
Resolved in Pega Version 7.1.8
Connect SOAP calls were failing sporadically with a Message Addressing Property error while calling external services even when WS-Addressing was off. This happened when the WS setting was modified: the addressing module is engaged with first call of connector, and there was no cache clearing if the option was turned off for subsequent calls. Code has been added to check the addressing handler status and process it appropriately.
SR-121686 · Issue 183607
Email Listener timeout tuned for EAR deployments
Resolved in Pega Version 7.1.8
When the email listener encountered an error in installations with EAR deployments, it stopped processing emails until the listener was restarted manually. This was caused by the Timer variable being static in EAR deployments with no logic available to reset it, so it continued to grow over time and could result in sleep times of days. Logic has now been added to reset the timer. The default sleep time has also been set to increase 30 seconds each time an error is encountered to a max of 90 seconds (sleep times are 5 , 30 , 60, 90 seconds) at which point it will reset.
SR-121768 · Issue 182217
Improved locking for check-out-enabled rulesets
Resolved in Pega Version 7.1.8
If a specification with an attachment is defined to a work flow in a check-out-enabled ruleset, then the generated specification and binary file rules were set to the checked-out state and could not be checked in. This was caused by the previous method for lock checking not consistently being applied in custom environments, and the locking has been changed to use an added condition on the InstanceLockedByRuleSet property.
SR-121768 · Issue 182807
Improved locking for check-out-enabled rulesets
Resolved in Pega Version 7.1.8
If a specification with an attachment is defined to a work flow in a check-out-enabled ruleset, then the generated specification and binary file rules were set to the checked-out state and could not be checked in. This was caused by the previous method for lock checking not consistently being applied in custom environments, and the locking has been changed to use an added condition on the InstanceLockedByRuleSet property.
SR-121858 · Issue 183012
Added integration for Microsoft Azure Root Certificates
Resolved in Pega Version 7.1.8
Attempting to implement Single Sign On using MS AZURE AD was failing. This was due to the Microsoft Azure Root Certificates not being correctly configured/imported into the target Application Server. Microsoft Technical Support was engaged and recommended manually exporting the required certificate from Azure and importing into the target environment as a workaround, and this integration has now been addressed with updates to the XML Security ResourceBundle.
SR-121993 · Issue 181639
Fixed handling issues with substitutions enabled Parse XML rules
Resolved in Pega Version 7.1.8
Parse XML rules generated from an XML schema (xsd) saved in draft and "Not available" were generating Java errors when attempting to check out the rules and make them available. This happened when there were substitution elements and an embedded reference to the same element, and was caused by improper handling of the substitution helper method. This has been corrected.
SR-122191 · Issue 182679
Smoothed post-upgrade ApplicationSetup that uses previously generated LDAP configs
Resolved in Pega Version 7.1.8
An LDAP configuration created under a previous version of the software was generating an NPE after upgrading. This was traced to step2 of the ApplicationSetup activity where the system was expecting a page which was missing at that point due to the user not yet being fully identified. To avoid this, a step has been added to check if the page is available and avoid the NPE.