Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please update your bookmarks. This site will be discontinued in Dec 2024.

Pega Platform Resolved Issues for 8.1 and newer are now available on the Support Center.

SR-A93015 · Issue 260000

Apache Struts JARS updated to improve security

Resolved in Pega Version 7.2.2

The Apache Struts JARs have been updated to resolve the following potential security vulnerabilities: The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.

SR-A93024 · Issue 259995

Apache Struts JARS updated to improve security

Resolved in Pega Version 7.2.2

The Apache Struts JARs have been updated to resolve the following potential security vulnerabilities: The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.

SR-A23603 · Issue 258204

ADP alert messages updated for security

Resolved in Pega Version 7.2.2

To improve security, ADP alert messages have been changed to include only data page name rather than the cache key used to identify the data page in the async service manager cache.

SR-A86384 · Issue 258433

Diagnostic logging added for "No stream to display" error

Resolved in Pega Version 7.2.2

Diagnostic logging has been added to better address the "No stream to display" error on the UI. When enabled, the logger will capture the postDataBytes and corresponding postDataString that are returned.

SR-A21743 · Issue 256234

Support added for WebLogic 12.2.1

Resolved in Pega Version 7.2.2

Support has been added for WebLogic 12.2.1, which introduces a new Class Loader between the application and System Class Loader.

SR-A76628 · Issue 255871

Forced logging type changed to avoid incorrect alerts from WebLogic

Resolved in Pega Version 7.2.2

When using PRPC with WebLogic, server restarts were generating the notice that Emergency messages were present in the Server console log file. This was due to WebLogic treating logs with level greater than 1000 as emergency while PRPC was using level greater than 1000 for forced logs (infoForced and warnForced) to ensure that forced logs were not skipped in any log level setting except for level OFF. As WebLogic does not have any equivalent for forced logging, it interpreted this as an emergency. This behavioral conflict has been resolved by changing the PRPC logs from infoForced to info.

SR-A96149 · Issue 262711

Forced logging type changed to avoid incorrect alerts from WebLogic

Resolved in Pega Version 7.2.2

When using PRPC with WebLogic, server restarts were generating the notice that Emergency messages were present in the Server console log file. This was due to WebLogic treating logs with level greater than 1000 as emergency while PRPC was using level greater than 1000 for forced logs (infoForced and warnForced) to ensure that forced logs were not skipped in any log level setting except for level OFF. As WebLogic does not have any equivalent for forced logging, it interpreted this as an emergency. This behavioral conflict has been resolved by changing the PRPC logs from infoForced to info.

SR-A87928 · Issue 255640

Fixed cataloging for v5 hotfixes

Resolved in Pega Version 7.2.2

Recent modifications to obtaining catalogs for supporting additional products (i.e. frameworks) caused a regression in being able to check dependency information on v5 hotfixes, preventing DL files from being created for them. This has been fixed.

SR-A98244 · Issue 266698

Extract rules updated to handle BIX changes

Resolved in Pega Version 7.2.2

After upgrade, BIX was not extracting work objects with multiple child cases. Work objects without child objects were being picked up with no issues, and the child objects themselves were being extracted without issue as well. This was caused by a bug in a previous version of BIX which should have been doing a LIKE query only for class groups and not for individual classes which belong to a classgroup. BIX has now fixed the behavior and the application which was leveraging this bug as a feature is now only getting the instances of the class the extract was written against since the class is not a class group. Similar to other areas of the product (like List Views, Report Definitions etc.), when a rule is defined at the classgroup level, BIX will include its subclasses by using a LIKE query. But for classes which themselves are not a classgroup but belong to one, then BIX does not generate a LIKE query. Because of this changed behavior, Extract rule executions have been modified to keep the behavior consistent with other rules.

SR-B2033 · Issue 272929

Help doc corrected for Clipboard save location

Resolved in Pega Version 7.2.2

An error in the help file indicated the Save feature in the Clipboard Viewer should save to the database. In Pega 7, the Save feature in Clipboard Viewer only saves the page in memory and does not perform any database transactions, and the documentation has been updated to reflect this.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us