INC-184964 · Issue 705932
TextMask_Encrypted rule added for use with Oracle
Resolved in Pega Version 8.8
When a property was being encrypted by propertyEncrypt access control policy and masked by propertyRead access control policy, it showed a "@@getMaskedValueOfText" error. This has been resolved with the addition of a new rule pxTextMask_Encrypted for Oracle product type which will remove extra spaces from the SOURCE string to handle ORACLE specific usecases.
INC-186897 · Issue 681030
DSS DisableAutoComplete setting honored
Resolved in Pega Version 8.8
Setting DisableAutoComplete DSS was not working as expected. This was traced to the system not being able to read the DSS value due to timing related to database startup, and has been resolved by directing the system to read the setting in PREnvironment.java instead of from the prconfig.
INC-191404 · Issue 689095
Tracer settings made configurable for queue processor
Resolved in Pega Version 8.8
An enhancement has been added to allow configuring tracer settings for the Queue Processor module.
INC-200030 · Issue 698955
Handling added for external Kafka authorization exception
Resolved in Pega Version 8.8
When using external Kafka for stream service, the dataflow was failing with the error 'QueueProcessorDataSubscriberException' when topic create permission was missing. As a workaround, the topics could be pre-created, though a "Topic already exists" warning was generated. To resolve this, the cluster-wide right that a producer needs, IdempotentWrite, has been added. For more information please refer to the link https://docs.confluent.io/platform/current/kafka/authorization.html
INC-202865 · Issue 709921
Shared partition operations performance improvements
Resolved in Pega Version 8.8
A significant performance degradation was seen in queue processor overhead related to maintaining the partition table. This has been resolved by adding an update which will improve partition operations in a shared context.
INC-205938 · Issue 721198
Improved handling for heavy use of PushDailyUserData
Resolved in Pega Version 8.8
The PushDailyUserData agent was causing utility node performance issues due to the amount of data it was fetching from pr_hourly table. To resolve this, an update has been made which will run the agent once per day and chunk large data.
INC-206288 · Issue 705267
Addressed intermittent Issues with OAuth2
Resolved in Pega Version 8.8
Issues with logging in to a node by way of the access token endpoint were related to the error "JSON web token is rejected during signature verification due to bad signature". This has been resolved by adding clock skew value to the JWT processor bean during validation.
INC-207307 · Issue 709716
Corrected OAuth jar version for custom Keystore rule
Resolved in Pega Version 8.8
Attempting to create a custom JKS and Keystore rule so it could be pointed to the Pega cipher and use the encrypt and decrypt functionalities failed with an error indicating it was not a valid KMS keystore. This was traced to an issue with a jar version mismatch: upon checking the dependencies for the nimbus-oauth-sdk jar, even though version 6.18.1 was specified the system picked the 8.27 version through transitive dependencies, and the 8.27 version doesn't have the needed CommonContentTypes class. This has been resolved by reducing the version to 6.18.1 in conflicting build.gradle.
INC-209387 · Issue 706150
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.8
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability
INC-210059 · Issue 712588
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.8
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability