INC-139300 · Issue 590273
Additional security for encrypted passwords
Resolved in Pega Version 8.3.5
Handling and cleanup has been updated for encrypted values to enhance security.
INC-141296 · Issue 592474
Log-access security updated
Resolved in Pega Version 8.3.5
Access control has been updated for Log-Usage class.
INC-139337 · Issue 595222
RefreshRequestors security update
Resolved in Pega Version 8.3.5
Security improvements have been added for RefreshRequestors.
INC-135349 · Issue 583004
Unit Test Ruleset rules do not count against Guardrails
Resolved in Pega Version 8.3.5
Although the documentation indicates that rules in a Unit Testing ruleset should not count against the guardrail score or unit test coverage, when branching a unit test ruleset, the branch did not carry the same unit test flag value as the source ruleset and the rulesets were counted as a result. This has been resolved with an update to ignore testrulesets in guardrail and pegaunit calculations.
INC-128923 · Issue 594162
Cross-site scripting security update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been added to OpenNoteDetails.
INC-143136 · Issue 604016
Cross-site scripting update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been updated in Designer Studio.
INC-148154 · Issue 602921
Hot Fix Manager updated to use installation order for schema import
Resolved in Pega Version 8.3.5
Schema changes were not being imported during the hot fix manager DL import process. Investigation showed this was due to hotfixes in the DL being iterated over from newest to oldest, causing older hotfixes to replace the value added to a map by the newer. To resolve this, the system has been updated to use hotfix install order, which considers selected and dependent hotfixes, rather than ordering newest to oldest. This ensures that newer table representations will override older rather than the other way around.
SR-D17987 · Issue 494485
Check added for backwards compatibility with Case Type when rules
Resolved in Pega Version 8.4
After upgrade, the When rules present on case type rules (used for skipping stages or showing/hiding stage-wide or case-wide actions) were not executing at run time. This was traced to the introduction of the pySkipOrAllowType property in recent versions, and was only reproducible when the ApplicationRuleset was locked and after upgrade irrespective of whether the condition for when was true or false. To resolve this and enhance backwards capability, a check has been added for the SkipOrAllowType property being empty.
SR-D24750 · Issue 501748
Resolved importing PublicFormat file using RuleFromFile Wizard
Resolved in Pega Version 8.4
When attempting to create a flow from a Public Format XML file using the Rule From File Wizard, the following error was seen: "Problem invoking function: pega_procom_harvest.performXSLT--(String,String,boolean,HashStringMap)". This was caused by a mapping failure related to the pyComments property in baseclass pega social functionality, and has been resolved with the addition of a new page group property pyComments of type "Data-MO-Annotation-Comment" which applies to "Embed-Rule-Obj-Flow-ProcessModel".
SR-D35734 · Issue 504481
Escalation updated to ensure assignee is notified of missed deadline
Resolved in Pega Version 8.4
The Passed Deadline SLA Actions to send email to the owner were not triggered as configured in SLA rule form. To correct that, pzMapEasyEscalationParams steps 3.4.10 and 3.4.11 have been modified to support "NotifyAssignee" for the passed deadline.