INC-219627 · Issue 715994
InvokeHTTPConnector security updated
Resolved in Pega Version 8.7.2
"Allow invocation from browser" has been disabled for InvokeHTTPConnector, and "Require authentication to run" has been enabled. In addition, an unsafe reflection used to load JCIFS libraries for NTLM operations has been removed, which removes support for custom JCIFS libraries in Connect HTTP.
INC-219995 · Issue 717159
Security update enhanced to support custom implementations of InvokeAxis2
Resolved in Pega Version 8.7.2
The QueueProcessor activity indirectly invokes a Connect-SOAP. After installing the Security A22 patch, custom implementations on InvokeAxis2 reported runtime failure. This has been resolved by replacing reflection library use with explicit type checking and casting to get the array length in step 14 of InvokeAxis2.
INC-220031 · Issue 717168
Security update enhanced to support custom implementations of InvokeAxis2
Resolved in Pega Version 8.7.2
The QueueProcessor activity indirectly invokes a Connect-SOAP. After installing the Security A22 patch, custom implementations on InvokeAxis2 reported runtime failure. This has been resolved by replacing reflection library use with explicit type checking and casting to get the array length in step 14 of InvokeAxis2.
INC-220137 · Issue 715266
UpdateDateTime casing corrected in filters
Resolved in Pega Version 8.7.2
When using Job Scheduler with MS/SQL, the error "Cannot find either column 'mktdata' or the user-defined function or aggregate 'mktdata.pr_read_from_stream', or the name is ambiguous." This was traced to a casing issue and has been resolved by updating the pxupdatedatetime property to pxUpdateDateTime in Filters F1 and F2.