INC-148154 · Issue 602921
Hot Fix Manager updated to use installation order for schema import
Resolved in Pega Version 8.3.5
Schema changes were not being imported during the hot fix manager DL import process. Investigation showed this was due to hotfixes in the DL being iterated over from newest to oldest, causing older hotfixes to replace the value added to a map by the newer. To resolve this, the system has been updated to use hotfix install order, which considers selected and dependent hotfixes, rather than ordering newest to oldest. This ensures that newer table representations will override older rather than the other way around.
INC-161984 · Issue 638856
Web Tier busy threads released on timeout
Resolved in Pega Version 8.6.1
Tomcat Web Tier Busy Threads were not being correctly released, causing stability and performance problems that included health check pings not receiving a thread to service the request so the node was marked as bad, users were quiesced, and the node replaced. Investigation showed the 'put' on the blocking queue did not time out when the queue was full and waited indefinitely, keeping the thread blocked. To resolve this, the system will use 'offer' on the blocking queue instead of 'put' to force thread release on timeout. In addition, debug logs have been added to understand when the offer (or Put) does not succeed and the state of the queue that is causing this issue; the debug logs for class com.pega.pegarules.session.internal.serverpush.RoboticAutomationImpl should be enabled only if the thread busy issue is observed and for limited time window while actively debugging.
INC-164794 · Issue 637991
Apache Commons libraries updated
Resolved in Pega Version 8.6.1
Apache commons-codec has been updated to version 1.15 , and Apache commons-io has been updated to version 2.7.
INC-171587 · Issue 652191
Resolved Push Node Daily Information exception
Resolved in Pega Version 8.6.1
The "Push Nodes Info Daily" agent was generating an exception on each of the nodes. This has been resolved by enhancing the PegaAESRemote code to handle the exception and get the node info locally, then push it to the console when it is not able to get it via the cluster management API.
INC-173162 · Issue 650793
Certificate match will use Subject Distinguished Name
Resolved in Pega Version 8.6.1
Signature verification was failing due to the system not finding the matching root certificate for the chain. The root certificate was in the trust store, but the system found a different certificate first and that other certificate (an intermediate certificate) was not considered a valid certificate for validating the whole certificate chain. This was traced to filtering on the Issuer Distinguished Name (DN) instead of the Subject DN and was due to intermediate certificates potentially having the same Issuer as a root certificate (e.g. if that root certificate was used to create the intermediate certificate). To resolve this, an update has been made to check the Subject DN instead of Issuer DN.
INC-174298 · Issue 650257
Instance count logic updated
Resolved in Pega Version 8.6.1
A performance issue was seen during update that resembled an upgrade hang. This was caused by a combination of incorrect logic in DDLGenerator.getInstanceCountForClass() around counting instances of 'core' classes and all of the site history-data- tables being mapped to the same table that had 1.4+ billion rows. This behavior has been addressed with more correct query logic while performing instance counts. In addition, instance count will be supressed during command line invocations (prpcUtils, platform upgrade).
INC-180479 · Issue 659640
DSS partition count setting made backward compatible
Resolved in Pega Version 8.6.1
After update, the DSS to limit the number of partition counted was no longer working and instead used the default value of 20. This has been corrected and made backwards compatible.
SR-D46133 · Issue 534651
Colon in folder or file name will be replaced with underscore during unzip
Resolved in Pega Version 8.4.1
After creating a product file (zip), attempting to import the same file into an updated system resulted in an exception. Investigation showed that in this case the zip file was a Product rule form which had applications packaged with a colon(:) in the name of the application, a format that was allowed in 6.x versions. Because Windows machines restrict creating creating any folder or file with : in its name, the zip file could not be inflated as part of the import process. To resolve this, the system has been updated so that a colon(:) will be replaced by underscore(_) during inflate operations.
SR-D52604 · Issue 548062
Stream Registration deprecated and replaced
Resolved in Pega Version 8.4.1
Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.
SR-D64523 · Issue 545672
Stream Registration deprecated and replaced
Resolved in Pega Version 8.4.1
Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.