INC-139300 · Issue 590273
Additional security for encrypted passwords
Resolved in Pega Version 8.3.5
Handling and cleanup has been updated for encrypted values to enhance security.
INC-141296 · Issue 592474
Log-access security updated
Resolved in Pega Version 8.3.5
Access control has been updated for Log-Usage class.
INC-139337 · Issue 595222
RefreshRequestors security update
Resolved in Pega Version 8.3.5
Security improvements have been added for RefreshRequestors.
INC-135349 · Issue 583004
Unit Test Ruleset rules do not count against Guardrails
Resolved in Pega Version 8.3.5
Although the documentation indicates that rules in a Unit Testing ruleset should not count against the guardrail score or unit test coverage, when branching a unit test ruleset, the branch did not carry the same unit test flag value as the source ruleset and the rulesets were counted as a result. This has been resolved with an update to ignore testrulesets in guardrail and pegaunit calculations.
INC-128923 · Issue 594162
Cross-site scripting security update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been added to OpenNoteDetails.
INC-143136 · Issue 604016
Cross-site scripting update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been updated in Designer Studio.
SR-D44942 · Issue 518353
Guided tour popups handling added for right-to-left language locales
Resolved in Pega Version 8.1.8
Guided Tour Popups were still appearing in the default EN location after switching to the ar_AR locale. This was traced to a missed use case for locales using a right-to-left mode such as Arabic or Hebrew, and has been resolved by updating the guided tour engine openPopOver function to account for the HTML tag dir attribute for value of "rtl". This will anchor the pop over to rightBottom / and display the arrow on the rightTop instead of leftBottom / leftTop.
SR-D79266 · Issue 544531
pyStatusWork for parent case correctly resolved
Resolved in Pega Version 8.1.8
pyStatusWork was not getting updated for the parent case even though the case passed through the resolution stage. This was an unintended side effect of work done regarding resolving a subcase if it was opened from the review harness, and has been resolved by updating the findPageByHandle activity to return the correct page when there are multiple pages with the same key.
SR-D54963 · Issue 524113
Updated Decision Table validation for multiple OR conditions
Resolved in Pega Version 8.1.8
When the Decision Table had multiple OR conditions, the table was verified as consistent even when two rows had the same value. Analysis showed that when Show Conflicts encountered multiple 'or' conditions in a row that matched the same conditions in other rows, it considered them to be different rows. This has been corrected.
SR-D54984 · Issue 529208
Resolved ruleset save issue for Google Chrome/IE
Resolved in Pega Version 8.1.8
When using particular versions of Google Chrome or IE, the intermittent error "pyComponentInterfaceClass: <user> does not exist or is not a valid entry for this ruleset and its prerequisites" appeared when attempting to validate an application, and the ruleset could not be saved. This was traced to changes made in the browser around password handling, and has been resolved by explicitly clearing out the pyComponentInterfaceClass if that value is not in use.