Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Download resolved issues

Go to download resolved issues by patch release.

See Platform Release Notes

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

Platform Version

Capability

Security 8.7.3 8.4.6 8.3.6 8.3.5
(Clear filters)

INC-185362 · Issue 668827

Keystore update properly revises the cache

Resolved in Pega Version 8.4.6

A keystore updated with the latest certificate was not getting reflected in the runtime and the old certificate was getting picked. In a multi-node environment when the new JKS is uploaded in one node, the changes are expected to be communicated to other nodes so that the cache can be cleaned up. In this case, investigation showed that the keystore label was in uppercase and the cache entry was not correctly removed. This has been resolved by adding an update that will convert the cache key to lowercase and maintain uniformity to ensure proper cleanup.

INC-186512 · Issue 669380

Password security enhanced

Resolved in Pega Version 8.4.6

Security and authentication have been enhanced for password handling.

INC-188889 · Issue 675582

New application wizard security updated

Resolved in Pega Version 8.4.6

Security around displaying and running the new application wizard has been enhanced.

INC-227878 · Issue 727855

UPDATE IMPACT FOR PEGA CALL

Resolved in Pega Version 8.7.3

Log4j-1.2.14.jar and Log4j-1.2.17.jar have been removed to address the security concerns with these versions, and logger jars have been upgraded to 12.7.2 version (from 12.7.1 version) to make Pega Call compatible. This change will impact Pega Call customer environments due to Avaya or Genesys, which are part of Pega Call, having an internal dependency on Log4j1.x version jars. As a result, the SDK logging for Avaya or Genesys will not be available in the 8.7.3 release unless the Log4j-1.x jar files are reimported locally.

INC-173596 · Issue 673089

Apache Commons HttpClient dependency removed

Resolved in Pega Version 8.7.3

As part of moving from the Apache Commons HttpClient project (which is at end of life and no longer being developed) to the Apache HttpComponents project, openws dependencies on the commons-httpclient jar have been removed.

INC-228169 · Issue 729187

Login error messages updated

Resolved in Pega Version 8.7.3

Exception response messages have been updated in order to improve security around attempts to bypass operator authentication.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us