SR-A4279 · Issue 210830
Added handling for unknown UpdateDateType property
Resolved in Pega Version 7.1.9
Saving a Flow stream triggers the pzTrackChangesForFlow activity call, which then reads the pxUpdateDateTime property and converts it to Big Decimal for comparison. This conversion requires mode of the property (i.e. DateTime (?M?) in this case) to be known, which is specified in blob as encoded format. When using a PCI framework where the mode of the pxUpdateDateTime property is unknown(???), a NumberFormatException was generated. This has been fixed.
SR-A469 · Issue 210020
Reworked config file search to prevent WebSphere looping
Resolved in Pega Version 7.1.9
During server startup, the engine tries to populate the environment properties by reading the config files for the application server. A problem was found in some installations with WebSphere where trying to locate the XML file containing the information on the server port created an infinite loop that caused the engine startup to hang. To resolve this, the search function call now has been replaced by another method that tries to obtain the same information from config service without having to locate the XML file.
SR-A903 · Issue 204609
Removed primary page requirement for link-object activity
Resolved in Pega Version 7.1.9
When using the link-object activity method with the history checkmark and the specified step page without providing a primary page, the link-object activity method caused a null-pointer-exception when it attempted to fetch data from the pxRequestor page. This was caused by an unnecessary reference to the primary page, and the method to retrieve the value of pyUserIdentifier has been updated.
SR-A92 · Issue 203202
Removed extra slash character being appended in prconfig
Resolved in Pega Version 7.1.9
When configuring prconfig settings, an extra slash was getting appended when the sethtmlbasecontext had trailing slash in the URL. This has been corrected.
SR-A955 · Issue 204118
Fixed typo in error message
Resolved in Pega Version 7.1.9
A typo in an HA status message written to the log has been corrected.
INC-139300 · Issue 590273
Additional security for encrypted passwords
Resolved in Pega Version 8.3.5
Handling and cleanup has been updated for encrypted values to enhance security.
INC-141296 · Issue 592474
Log-access security updated
Resolved in Pega Version 8.3.5
Access control has been updated for Log-Usage class.
INC-139337 · Issue 595222
RefreshRequestors security update
Resolved in Pega Version 8.3.5
Security improvements have been added for RefreshRequestors.
INC-135349 · Issue 583004
Unit Test Ruleset rules do not count against Guardrails
Resolved in Pega Version 8.3.5
Although the documentation indicates that rules in a Unit Testing ruleset should not count against the guardrail score or unit test coverage, when branching a unit test ruleset, the branch did not carry the same unit test flag value as the source ruleset and the rulesets were counted as a result. This has been resolved with an update to ignore testrulesets in guardrail and pegaunit calculations.
INC-128923 · Issue 594162
Cross-site scripting security update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been added to OpenNoteDetails.