Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-D90687 · Issue 560431

IOException handling improved to resolve broken pipe errors

Resolved in Pega Version 8.4.2

Frequent "connection reset by peers" exceptions were being generated and broken-pipe exceptions were seen in the logs. Investigation traced the issue to unhanded IOExceptions on the server side that were a result of the client application not always closing the TCP connection gracefully. To resolve this, error handling for IOExceptions has been improved.

SR-D67408 · Issue 554900

Directory traversal blocked in zip import

Resolved in Pega Version 8.4.2

One of the files contained in a zip archive was not deleted from the system after zip import. This was due to the file being created by a third-party archive that included of a directory traversal character that caused it to be inflated outside of the temp directory. To resolve this, a check has been added to that a file with directory traversal characters in its name will not be inflated.

SR-D81572 · Issue 551028

JDBC URL handling added for Oracle over TCPS

Resolved in Pega Version 8.4.2

While attempting to upgrade an environment over TCPS, the generateDDL.sh script was failing. The same environment ran without issue on Tomcat with the same URL. Investigation showed the JDBC url was not correctly generated while running the upgrade: in a standard scenario, there will be no spaces in the JDBC URL specified. However, because Oracle can send spaces as part of JDBC URL and cause this issue, an update has been made which will quote the JDBC URL argument for the ant target in setupDDL.xml.

SR-D84364 · Issue 551403

Check for circular references added to SearchInventoryImpl to prevent recursive call

Resolved in Pega Version 8.4.2

An out of memory error was traced to SearchInventoryImpl infinitely recursing over a clipboard property, where the child property referenced a parent property and resulted in an endless loop. This has been resolved with the addition of a depth check to ensure that the search does not recurse infinitely.

SR-D85100 · Issue 556262

ProductInfoReader updated to fetch only most recent version information

Resolved in Pega Version 8.4.2

After upgrade, running Hfix scanner on Pega Marketing 8.2 displayed missed critical Hfixes for Pega Marketing 8.1. This has been resolved by modifying ProductInfoReader.runQuery to fetch only latest version of DAPF instances during a scan.

SR-D98404 · Issue 558207

Handling added for hotfix Rule-Application instances

Resolved in Pega Version 8.4.2

A null pointer error during DL file expansion performed as part of the second phase of a hotfix installation caused the hotfix install to fail. The null-pointer exception was thrown because the code, primarily used for export, performed a database lookup of a Rule-Application and assumed the response would be non-null without checking the result. During export the Rule-Application would normally exist because the system would have interacted with it already during the export by identifying it and writing it to the archive. During phased hotfix installation, rules are staged to the database in a different table during the first phase and reconstituted during the second phase. The scenario for this error was a missed corner case specific to the unusual combination of including Rule-Application instances in a platform hotfix. To resolve this and prevent further issues, handling has been added for this use case.

SR-D46133 · Issue 534651

Colon in folder or file name will be replaced with underscore during unzip

Resolved in Pega Version 8.4.1

After creating a product file (zip), attempting to import the same file into an updated system resulted in an exception. Investigation showed that in this case the zip file was a Product rule form which had applications packaged with a colon(:) in the name of the application, a format that was allowed in 6.x versions. Because Windows machines restrict creating creating any folder or file with : in its name, the zip file could not be inflated as part of the import process. To resolve this, the system has been updated so that a colon(:) will be replaced by underscore(_) during inflate operations.

SR-D52604 · Issue 548062

Stream Registration deprecated and replaced

Resolved in Pega Version 8.4.1

Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.

SR-D64523 · Issue 545672

Stream Registration deprecated and replaced

Resolved in Pega Version 8.4.1

Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.

SR-D66521 · Issue 536140

Logout Redirect updated to handle special characters in IDP parameters

Resolved in Pega Version 8.4.1

When using "HTTP Redirect" in Authentication Service, the Logout Redirect service was failing due to the query parameter name containing "_" (underscore). This was traced to IDP sending parameters to assertion consumer service or logout request endpoint with names which contained any special characters, as the system was trying to put those key values on the parameter page for additional processing. To resolve this, the system has been updated to suppress exceptions when the parameters from IDP includes special characters.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us