INC-210059 · Issue 706892
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.5.6
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-211132 · Issue 706901
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.5.6
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-212729 · Issue 695024
ClusterAndDBCleaner updated to with with Oracle query limits
Resolved in Pega Version 8.5.6
The pzClusterAndDBCleaner job scheduler was not able to cleanup data in pr_op_data session table due to the delete query formed to clean up this table throwing "ora-01795 maximum number of expressions in a list is 1000 oracle 19c" exception. This has been resolved by splitting requestor IDs into batches of 1000.
SR-103429 · Issue 136984
Rule-Service-Java authentication in a stateless session re-enabled
Resolved in Pega Version 7.1.7
When exposing Rule-Service-Java through a service package, a proxy jar file is created. If the 'Requires Authentication' option was checked on the service package, the generated java did not contain the required code to pass through the username/password and authentication failed. This method of passing credentials via proxy method parameters was previously withdrawn for the stateless processing mode, but the java code has been reinstated to enable authentication for a stateless session if this method is desired.
SR-108346 · Issue 166436
Corrected purging for History and Attachments
Resolved in Pega Version 7.1.7
A problem was found with purging the History and Attachments for cover and folder items. This was traced to history tables using datetime columns as key properties: many databases round these values to less precision than PRPC uses, and the keys did not match. The purgeitems function has been updated to delete the instance specifically and bypass recalculating the InsKey.
SR-111889 · Issue 157259
Some SOAP calls with WSTRUST generated exceptions in customized environments
Resolved in Pega Version 7.1.7
In some heavily customized environments, a SOAP connect call using the WSTRUST element generated an exception. This was due to uneven handling of the local custom elements in the SOAP STS request, and has been resolved by adding a method to pick up all custom code based on the tag in policy document.
SR-112535 · Issue 164337
Portal rendering errors under z/OS
Resolved in Pega Version 7.1.7
Under z/OS, new installations were missing the login icon and the portal was not rendered correctly. This did not impact system performance. The problem was traced to an index setting in the DDL generation, and has been fixed.
SR-113384 · Issue 162788
Explicit schema mapping could cause migration script errors
Resolved in Pega Version 7.1.7
While running the migration script, the presence of a custom rule table that explicitly mapped the Data-Admin-DB-Table schema could cause the script to fail. This was caused by the GRANT statements in the SQL script not having the proper assignment for the user name with the "USER" keyword; a group name that is the same as the user name that we are trying to GRANT rights to was ambiguous. The workaround was to temporarily map the custom table to an empty schema, then manually copy this table to the RULES schema afterward, but this issue has been addressed by updating how privileges are granted for the table, procedure and function elements in a split schema.
SR-113703 · Issue 163067
Custom root certificate support added to Connect-REST
Resolved in Pega Version 7.1.7
Configuring a Connect-HTTP/REST rule that connects to a server using custom root certificates caused the error "javax.net.ssl.SSLPeerUnverifiedException". To remedy this, REST / HTTP now supports the merging of custom and jvm trust stores and runtime support for SSL in REST connectors.
SR-115779 · Issue 167907
Custom root certificate support added to Connect-REST
Resolved in Pega Version 7.1.7
Configuring a Connect-HTTP/REST rule that connects to a server using custom root certificates caused the error "javax.net.ssl.SSLPeerUnverifiedException". To remedy this, REST / HTTP now supports the merging of custom and jvm trust stores and runtime support for SSL in REST connectors.