INC-202510 · Issue 695889
SOAP connector supports OAuth2 profile
Resolved in Pega Version 8.7.1
Support has been added for using an OAuth2 profile as one of the allowed profiles for SOAP connector.
INC-204897 · Issue 696163
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.7.1
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-134932 · Issue 578544
Timeout for node to join cluster increased and made configurable
Resolved in Pega Version 8.5.1
Hazelcast timeouts were causing application restart failures. This was traced to a rare case scenario of heavy processing on the primary node causing the new node to not be able to join the cluster within the designated 5 minute threshold. To compensate for this, the default time to join has been increased to 9 minutes and a prconfig setting has been added to configure the time setting.
INC-133270 · Issue 581839
Automatic agent restart added for temporary connection issues
Resolved in Pega Version 8.5.1
An agent that was stopped due to an issue with the database connection did not recover when the connection was reestablished. To resolve this, updates have been made that will handle an automatic restart of the agents when there are temporary connection issues.
INC-135359 · Issue 587038
CORS header configuration added for Stream tier
Resolved in Pega Version 8.5.1
An enhancement has been added that allows setting the CORS header (Access-Control-Allow-Origin) to allow *.DOMAIN.com on Stream tier (/stream/view & /stream/click) calls by way of the setting /stream/httpHeaders .
INC-134069 · Issue 583024
Added Kafka logging
Resolved in Pega Version 8.5.1
In order to help diagnose issues encountered during Kafka background processing, additional logging has been added to QueueProcessorDatasetHandler.
INC-142792 · Issue 594499
Modified thread data page cleanup
Resolved in Pega Version 8.5.1
Some cases were becoming stuck at a particular stage and not proceeding further even though the task in the backend was complete. Investigation traced this to work done that removed declarative pages at the thread level to optimize performance while other clipboard pages were retained, and the issue has been resolved by deleting all thread data pages after every item processed by the agent.
INC-125122 · Issue 581255
JMX authentication added
Resolved in Pega Version 8.5.1
Support has been added for JMX authentication through user and password.
INC-130886 · Issue 590374
Bad Stream error after passivation resolved
Resolved in Pega Version 8.5.1
A "Bad Stream" error was seen when attempting to reassign a case to the Workbasket, and a save of the work object failed. This was caused by a corruption of the work object during passivation, and has been resolved.
INC-130265 · Issue 580309
Cross-site scripting updates
Resolved in Pega Version 8.5.1
Additonal Cross-site scripting protections have been added to pyActivity processing and pzTransformAndRun.