SR-A87291 · Issue 255631
JDBC password encryption check logic updated
Resolved in Pega Version 7.2.2
When using a Database instance with a JDBC connection URL, the specified password is encrypted. An issue was occurring where multiple saves of the instance caused the encrypted password to be encrypted again, causing the agent to lose access to the DB due to an authentication failure. The problem was traced to a logic flaw in the method used to check whether the password was already encrypted, and has been fixed.
SR-A91802 · Issue 260001
Apache Struts JARS updated to improve security
Resolved in Pega Version 7.2.2
The Apache Struts JARs have been updated to resolve the following potential security vulnerabilities: The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.
SR-A76252 · Issue 253236
String filter values treated consistently
Resolved in Pega Version 7.2.2
Attempting to schedule a report with a string value in the filter condition caused a parsing error even when the report ran correctly in DesignerStudio. To resolve this and make the behavior consistent, the logic has been updated such that If filter value is string but not a property reference, then do not resolve it.
SR-A85953 · Issue 254446
Fixed Export to Excel
Resolved in Pega Version 7.2.2
Export to Excel from report definition generated the sporadic error "Unable to read file." This was traced to the browser attempting to open the file before it was downloaded, and code has been added to check the browser and handle the download/open appropriately.
SR-A76558 · Issue 253570
Date/time data fixed for sub-report filter
Resolved in Pega Version 7.2.2
It was not possible to select filter value for the sub report date column value in main report filter condition due to the sub report date time column value not being populated correctly. This has been fixed.
SR-A24877 · Issue 250548
Widget title localization corrected
Resolved in Pega Version 7.2.2
Sporadic issues were seen with proper localization for the label of items inside any widget of the widget library. A step has been added to explicitly set the pyDescription fix this.
SR-A76162 · Issue 251024
Widget title localization corrected
Resolved in Pega Version 7.2.2
Sporadic issues were seen with proper localization for the label of items inside any widget of the widget library. A step has been added to explicitly set the pyDescription fix this.
SR-A67716 · Issue 251384
Updated ruleset determination for saving copied reports
Resolved in Pega Version 7.2.2
When a new report was made from a copy, it was not properly assigned to the ruleset it should be saved in (the "design time" ruleset configured on the operators Access Group). Instead, it was residing in the same ruleset as the template report definitions (Pega-Reporting), causing property validations to fail if they were in the subset of rulesets which were in the design time ruleset's stack but not in Pega-Reporting until the report was saved successfully once. This has been fixed by adding a step to Rule-Obj-Report-Definition!pxShowReport that sets the ruleset name and version of a new report to match the Access Group's configured design time ruleset.
SR-A21741 · Issue 250251
Filtering and drill down fixed for encrypted values
Resolved in Pega Version 7.2.2
When one of the fields on a drill down report was encrypted, filtering would show the encrypted value but the drill down would not. This was an issue with the encoding attached to the encrypted element not being handled consistently, and has now been fixed.
SR-A69740 · Issue 250228
Scheduled Reporting Review harness refresh updated
Resolved in Pega Version 7.2.2
When saving a scheduled report task, sometimes the changes were not applied correctly in the landing page. This has been resolved by updating the Pega-ScheduledTask-Reporting.Review harness so a save action will refresh a section rather than refreshing the harness twice.