SR-A22958 · Issue 247141
Mobile Client passivation fixed
Resolved in Pega Version 7.2.1
Data pages were not being properly passivated in the mobile client. This was traced to an exception generated by the isFromDictionaryFlag() function when navigating to or from PRE assignment to any other assignment in the flow after hitting unknown list and unknown group settings. As the isFromDictionary function is not necessary here, it has been removed.
SR-A22982 · Issue 249598
Resolved memory leak in ActionRequestRegistrarContainer cleanup
Resolved in Pega Version 7.2.1
A memory leak was traced to ActionRequestRegistrarContainer objects not being garbage collected. In the Tampering protection feature, an ActionRequest Registrar per HarnessID is still created in ALLOW mode, however it will not be removed as done in the cases of WARN and DENY modes. To resolve this, the system has been updated to not create containers in ''ALLOW" mode.
SR-A23012 · Issue 242327
pega.u.d.onViewUpdatecorrectly triggered from Master-Detail
Resolved in Pega Version 7.2.1
The "pega.u.d.onViewUpdate" function invocation was not being triggered as expected when the details screen was opened from a master list while offline. To fix this, the "actionInfo" pzInskey has been updated to obtain the Page Context on which the RDL is configured.
SR-A23178 · Issue 248200
Checkout to branch ruleset handling improved
Resolved in Pega Version 7.2.1
The Checkout to branch option was not able to find a list of branches in Pega Marketing after a minor ruleset migration. To resolve this, the system will make use of a non versioned ruleset name for showing branches if an application is referring a ruleset whose major or minor version is different from the Ruleset of the Rule that is being checked out.
SR-A23282 · Issue 245229
Checkout to branch ruleset handling improved
Resolved in Pega Version 7.2.1
The Checkout to branch option was not able to find a list of branches in Pega Marketing after a minor ruleset migration. To resolve this, the system will make use of a non versioned ruleset name for showing branches if an application is referring a ruleset whose major or minor version is different from the Ruleset of the Rule that is being checked out.
SR-A23862 · Issue 246796
VPD Data Page passes custom properties
Resolved in Pega Version 7.2.1
When trying to set up Oracle VPD custom properties as instructed in a PDN article, an exception was generated due to missing handling for custom class/property definitions. The new pyCustomProperties if PageList has been added to Code-Pega-DBApplicationContext .
SR-A23915 · Issue 247392
Apache Struts updated for security
Resolved in Pega Version 7.2.1
Apache Struts has been updated to version 2.3.28 to protect against potential security vulnerabilities exposed when Dynamic Method Invocation is enabled, removing the ability for remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
SR-A24402 · Issue 246696
Tuned scheduled reports start calculations
Resolved in Pega Version 7.2.1
In recurring schedule - daily pattern, if the start date was more than one day in the future, either the next scheduled run time was wrongly calculated as tomorrow with the right hour or if the start date was tomorrow, the next scheduled run time was wrongly calculated as today with the right hour. To fix this, the Next execution time calculation in DailyPattern.java now considers the mStartDateTime value.
SR-A24439 · Issue 247958
Operator ID always clickable link
Resolved in Pega Version 7.2.1
When the operator profile was opened from Operator menu drop down at the top right corner of Designer Studio or from the Case Manager portal, the ID link in the ?Operator Profile? popup was clickable in Microsoft Internet Explorer but not clickable in Google Chrome. The system will now present these as links regardless of browser.
SR-A24508 · Issue 247393
Apache Struts updated for security
Resolved in Pega Version 7.2.1
Apache Struts has been updated to version 2.3.28 to protect against potential security vulnerabilities exposed when Dynamic Method Invocation is enabled, removing the ability for remote attackers to execute arbitrary code via method: prefix, related to chained expressions.