INC-195580 · Issue 684491
Delay Factor updated to allow values < 1.0
Resolved in Pega Version 8.5.6
After modifying the "Delay factor" parameter on a queue processor rule and and clicking the "Save" button, refreshing the page caused the value of the "Delay factor" parameter to change. This has been resolved by updating the delay calculation strategy to support factors < 1.0.
INC-196447 · Issue 684643
Enhancements added for external Kafka Stream Service
Resolved in Pega Version 8.5.6
To ensure data privacy when using multi-tenant Stream Service hosted on a single Kafka cluster, access will be authorized based on ACLs when a tenant sends direct requests to Kafka. In addition, all Kafka resources (topics and consumer groups) are now able to contain a prefix naming convention which can be used for tenants. This is handled through using a <env name="services/stream/name/pattern" value="{tenant.name}-{environment}-{stream.name}"/> prconfig setting to set the stream name pattern. For example, if the tenant.name is resolved into "companyname", environment into "prod1", and the stream dataset name is pyFTSIncrementalIndexer, then the Topic name created on the external Kafka will be companyname-prod1-pyFTSIncrementalIndexer.
INC-199665 · Issue 692760
Logic added to handle upper/lower case for Content-Type header value
Resolved in Pega Version 8.5.6
After Integrating REST Service with a HTTP/2 header, pzExecuteRestService was throwing a null pointer exception. This was traced to headers not being treated in a case-insensitive manner: the header contained a lower-case 'content-type' while the system was looking for 'Content-Type' (upper-case). To resolve this, logic has been added to check for both 'content-type' and 'Content-Type' keys.
INC-207236 · Issue 706817
QueueProcessor timeout made configurable
Resolved in Pega Version 8.5.6
Queue Processor timeouts were causing thread interruptions, causing items to be processed more than once. To resolve this, the QueueProcessor kafka-write timeout has been made configurable via the DASS Pega-Engine:queueprocessor/dataset/write/timeoutMs
INC-212753 · Issue 707312
Log4j file security vulnerability issue addressed
Resolved in Pega Version 8.5.6
A zero-day vulnerability was identified in the Apache Log4j logging software which could potentially allow malicious actors to take control of organizational networks. Pega has immediately and thoroughly addressed this issue. More information can be found at https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability .
INC-163628 · Issue 660555
Corrected view generation logic for nested subsections
Resolved in Pega Version 8.5.6
Performing a save-as of the pyCaseMainInner work- section in the UIKit resulted in an infinite loop in the view generation logic. This was traced to the system recursively generating views from subsections, and has been resolved by updating the logic so a view is only generated for valid py prefixed sections on save of a section.
INC-164620 · Issue 640658
jQuery variable handling updated for mashup
Resolved in Pega Version 8.5.6
After upgrade, embedded mashup was not working. The browser console log showed the error "Uncaught TypeError: $ is not a function at pega.web.manager._initGadgets (PegaReg?pyActivity=pzIncludeMashupScripts:69)". The $ function belongs to the jQuery library, and investigation traced this to a difference in variable handling. This has been corrected by updating the referring jQuery to use the variable 'jQuery' instead of '$'.
INC-164775 · Issue 681238
Web page generation security updated
Resolved in Pega Version 8.5.6
Cross-site scripting protections have been enhanced around web page generation.
INC-165992 · Issue 657690
Table Filter save uses correct harness
Resolved in Pega Version 8.5.6
After creating a new view for table and then relaunching the portal or switching between tabs, the created views were not visible. Investigation showed that the views were saved under the incorrect pycaseworker harness on initial load, causing them to not be visible when returning from the switch and using the correct pyCWPortalContent harness. This has been resolved with the addition of the new parameter innerHarnessName to get the harness name when creating a personalization instance.
INC-167704 · Issue 671628
Email timing updated to ensure content captured
Resolved in Pega Version 8.5.6
Outbound email replies constructed using a pyReply section were intermittently blank if the 'Send' button was clicked immediately after adding text. This was traced to the blur not happening immediately on click of the submit button, and has been resolved by introducing window.blurDelay to ensure the data is captured. The delay time is configurable, and by default is set to 200ms.