INC-184964 · Issue 705933
TextMask_Encrypted rule added for use with Oracle
Resolved in Pega Version 8.7.2
When a property was being encrypted by propertyEncrypt access control policy and masked by propertyRead access control policy, it showed a "@@getMaskedValueOfText" error. This has been resolved with the addition of a new rule pxTextMask_Encrypted for Oracle product type which will remove extra spaces from the SOURCE string to handle ORACLE specific usecases.
INC-193485 · Issue 695640
REST authentication settings use fully qualified name for resolution
Resolved in Pega Version 8.7.2
The application setting used in REST connectors for authentication was resolving to similarly-named rules instead of matching the exact name of the rule. This has been resolved by enhancing pzGetSettingID to use both parts of the fully qualified name (name and category) provided by the pzSettingsORA control when determining which setting from the report to return.
INC-209387 · Issue 706151
Security updates
Resolved in Pega Version 8.7.2
Security updates have been made relating to rulesets using allow lists, checks for Java code injections, SAML-based SSO code, and supporting SFTP as part of the validation in the pxValidateURL rule.
INC-208424 · Issue 707614
Custom header character encoding for Subject added
Resolved in Pega Version 8.7.2
Case correspondence that contained a Subject with accent characters such as "Invitation à être" was being rejected by MailJet on the basis of encoding issues on the "Thread-Topic" when using custom headers. The error "BAD HEADER SECTION, Non-encoded non-ASCII data (and not UTF-8)" was generated. This was traced to the Send Email Smart Shape handling when using custom headers, and has been resolved by encoding the Subject before appending it to the Thread-topic header while adding custom headers.
INC-184798 · Issue 703269
PRconfig added for JVM user/password
Resolved in Pega Version 8.7.1
The setting Dcom.sun.management.jmxremote.local.only=true has been added for use when JMX authentication is enabled by providing jmxuser/password through prconfig.
INC-198029 · Issue 695562
Check added for empty SendAs in MSGraph
Resolved in Pega Version 8.7.1
When using MSGraph, logging showed the errors "Could not parse the address into InternetAddress Objects, falling back to parse with the regex" and "Unable to use the configured "Send As" email address from Records. Will fall back to 'first' recipient of incoming email." This has been resolved by adding a check for a blank SendAs field.
INC-199341 · Issue 694712
Content-type values made consistent
Resolved in Pega Version 8.7.1
The content-type for service APIs was returned as 'text' for 401 errors when using a custom authentication type instead of the parent-type/child-type format such as text/plain, text/html, application/json, etc. This has been corrected.
INC-200030 · Issue 719228
Handling added for external Kafka authorization exception
Resolved in Pega Version 8.7.2
When using external Kafka for stream service, the dataflow was failing with the error 'QueueProcessorDataSubscriberException' when topic create permission was missing. As a workaround, the topics could be pre-created, though a "Topic already exists" warning was generated. To resolve this, the cluster-wide right that a producer needs, IdempotentWrite, has been added. For more information please refer to the link https://docs.confluent.io/platform/current/kafka/authorization.html
INC-199192 · Issue 689037
Check added to ensure StepPage generation for Top keyword
Resolved in Pega Version 8.7.2
A ClassCastException was thrown when top page is used, indicating "com.pega.pegarules.data.internal.clipboard.ClipboardPropertyImpl cannot be cast to com.pega.pegarules.pub.clipboard.ClipboardPage". This has been resolved by adding a check which will generate a myStepPage for Keyword "Top" as necessary.
INC-201991 · Issue 692860
Explicit connectivity close added to Queue Manager error handling
Resolved in Pega Version 8.7.1
Performing a connectivity test on the MQ Connector page with an invalid queue name aborts the test connectivity but the MQ connection was not closing. This can become an issue when using IBM MQaaS (MQ as a service) where only a limited number of connections are allowed. This has been resolved by adding an explicit Queue Manager close in the error handling block.