INC-199271 · Issue 699654
SAML-based SSO security updated
Resolved in Pega Version 8.5.6
Security updates have been made relating to SAML-based SSO code.
INC-155813 · Issue 629506
SAML SSO redirects to correct URL when application and authentication aliases match
Resolved in Pega Version 8.5.3
Whenever there was a match in the authentication service alias and the application alias, the application alias was replaced with empty after logoff instead of making the authentication service alias empty. For example, given an authentication service with the alias XYZ ("login with XYZ" alias option) and an application name XYZMyOps, the application alias was being changed from XYZMyOps to appMyOps after logoff. As a result, a blue screen error resulted when clicking on button "login with XYZ" again because it redirected to appMyOps, which didn't exist. This has been resolved by removing authservicealias and modifying AuthServiceAliasHelper.adjustPathIfAuthServiceAliasPresent() to change the method for calculating the pathinfo to string tokenizing
SR-133715 · Issue 204978
RTE <br> handling resolved when using pega:when = false
Resolved in Pega Version 7.2
Inconsistent behavior was seen when using rich text editor in paragraph rule if the pega:when was false. This was an issue with the handling of the
tags under this condition, and has been resolved.
SR-133715 · Issue 209655
RTE <br> handling resolved when using pega:when = false
Resolved in Pega Version 7.2
Inconsistent behavior was seen when using rich text editor in paragraph rule if the pega:when was false. This was an issue with the handling of the
tags under this condition, and has been resolved.
SR-A3803 · Issue 212217
Better handling for menus when using JAWS
Resolved in Pega Version 7.2
When accessibility was invoked, the Navigation menu did not indicate arrow up/down options in links with showmenu role='link' generated on them, and JAWS was not reading out that it was a link with a menu. This was an unintended side-effect of updates to avoid reading out a URL in a label/text, and corrections have been made to support accessibility so that navigational menus are read out more intuitively with JAWS.
SR-A8595 · Issue 218942
Security updated for SAML Rule keystores
Resolved in Pega Version 7.2
Password encryption has been updated for the Keystores records used by SAML Rule forms for signing and decryption in the auth service rule data.
SR-A7590 · Issue 216110
Corrected parameter page used when Flowproblems restarts
Resolved in Pega Version 7.2
Restarting the problem flow was not taking the mandatory parameters defined in the flow, instead generating the error "Required parameter Parameter_name." To correct this, the flow method body has been modified to populate the parameter page from the pyFlowParameters page before checking for mandatory parameters.
SR-A12684 · Issue 224534
Extracts count corrected when using XML as output
Resolved in Pega Version 7.2
While running an extract using XML as output, a difference was observed in the number of records being extracted when compared with 'Database Schema' as output. The Pega-BIX logs contained failed records with 'Index out of bounds' exceptions. This was traced to missing handling for the value group property references in this scenario, and has been corrected.
SR-A9773 · Issue 221357
Fixed repeating row focus when using Accessibility
Resolved in Pega Version 7.2
When Accessibility was enabled and the add icon was clicked to add a section to a row repeat, it was not possible to access the first item in first row with the keyboard. Additional added rows had the correct focus. This was traced to an issue where getFocusOnNewRow was not being called correctly, and as been resolved.
INC-160767 · Issue 628374
Email headers correctly mapped when using MSGraph
Resolved in Pega Version 8.5.3
The value of "Send Date" was not correctly populated when using MSGraph instead of IMAP, causing the Email Listener to fail. Microsoft populates the "sendDateTime" field in the JSON with the value of the RFC 822 email header "Date:", but this value was not being passed to Java object of type "Message" as part of the query. To resolve this, ReceivedDateTime and SentDatetime have been added in the select filter of getMessagebymessageID.