INC-202183 · Issue 699681
ClusterAndDBCleaner updated to with with Oracle query limits
Resolved in Pega Version 8.5.6
The pzClusterAndDBCleaner job scheduler was not able to cleanup data in pr_op_data session table due to the delete query formed to clean up this table throwing "ora-01795 maximum number of expressions in a list is 1000 oracle 19c" exception. This has been resolved by splitting requestor IDs into batches of 1000.
INC-202743 · Issue 697113
Cleanup added for disabled/deleted operator passivation data
Resolved in Pega Version 8.5.6
In some scenarios, a passivated session for a non-active operator was able to be resumed after cluster restart. This has been resolved by adding a check for disabled or deleted operators which will then delete any lingering passivated data.
INC-204998 · Issue 705631
Data page definition reload made more robust
Resolved in Pega Version 8.5.6
The data page was intermittently being removed from the cache. This was traced to the use of a thread from ThreadContainer to reload the data page definition: a null thread could be returned if the request came from a master agent, which would then cause the definition reload to fail. This has been resolved by updating the system to use the current thread in context to reload the data page definition.
INC-210059 · Issue 706892
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.5.6
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-211132 · Issue 706901
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.5.6
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-212729 · Issue 695024
ClusterAndDBCleaner updated to with with Oracle query limits
Resolved in Pega Version 8.5.6
The pzClusterAndDBCleaner job scheduler was not able to cleanup data in pr_op_data session table due to the delete query formed to clean up this table throwing "ora-01795 maximum number of expressions in a list is 1000 oracle 19c" exception. This has been resolved by splitting requestor IDs into batches of 1000.
INC-239902 · Issue 628577
Handling added for multi-file upload of duplicated files
Resolved in Pega Version 8.7
Attaching the same file multiple times during a single upload caused some of the duplicated files to not be included. The issue was not seen when attaching the same file multiple times but in different attempts. The exception "Can't continue with file attachment. FileData.xlsx is missing and might have been quarantined by anti-malware software" was logged. This was caused by the files being uploaded without updating filenames to have a unique ID, so multiple files with the same name were overwriting the previous file. This has been resolved by setting the appendUniqueIdToFileName parameter to true in the upload request so each copy of the filename is treated as an individual file.