Bug Fixes

Description

When the "Reauthenticate Users After Inactivity" field in mzdesktop is set, sessions in Web UI are not terminated after a period of inactivity.

Resolution

Sessions are revoked after set period of time in "Reauthenticate Users After Inactivity" field in access control.

Description

If Pico config is updated form Web Pico Management UI then system log is not updated.

Resolution

System log is added with proper details for updates.

Description

Due to a previous bug fix, an exception is caused due to accessing an uninitialized list.

Resolution

This problem has now be sovled and a check for an empty null value of the list has been added.

Description

When encoding UDRs with the JsonEncodeUdr APL function, the UDRs containing field names starting with numbers or symbols are modified to satisfy Java class naming rules.

Resolution

Fix the encoding function to retain the original field name.

Description

Documentation for many System Tasks is missing.

Resolution

The documentation has now been updated to describe System Tasks.

Description

When user insert a wrong SAP CC login password, workflow can be start without abort, no authentication failed message at debug mode.

Resolution

When authentication failed it will immediately showing error and abort the workflow.

Description

A CVE regarding Netty, CVE-2022-41881, was detected.

Resolution

Netty has now been upgraded and this vulnerability is removed.

Description

Apache CXF contains vulnerabilities ( CVE-2022-46364 and CVE-2022-46363 ).

Resolution

Apache CXF have been upgraded to a non-vulnerable version.

Description

Some mzsh commands failures are not reported by the mzsh command line tool. Instead mzsh just silently fails, giving no feedback or error message.

Resolution

This problem has now been fixed and for any exceptions, an explicit message will be displayed.

Description

Commons-Net contain a vulnerability ( CVE-2021-37533 ).

Resolution

Commons-net have been upgraded to a non-vulnerable version.

Description

When using the Http agents with Open API Profile, the agent does not handle requests that contains array schema properly and throws null pointer exception.

Resolution

Fix the agent code to allow handling of array schema. Array schemas will be added to the open api class but will be skipped during decoding.

Description

A security vulnerability has been found in Netty versions 3.10.6.Final and 4.1.15.Final.

Resolution

Netty version is now upgraded to 4.1.73.Final to mitigate the reported vulnerability.

Description

Ultra doesn't support declaring bit_blocks in the prefix of a switched_set.

Resolution

Ultra has been updated to support bit_blocks in the prefix of a switched_set. The fields inside the bit_block can be used as any other field in the prefix.

Description

The Azure Libraries package contain a vulnerability ( CVE-2022-31684 ).

Resolution

The Azure Libraries package have been upgraded to a non-vulnerable version.

Description

The Postgres driver contain a vulnerability ( CVE-2022-41946 ).

Resolution

The Postgres driver has been upgraded to a non-vulnerable version.

Description

We do not support List and Map types for Data Veracity filter, repair and data masking. The documentation only mentions this fact in the Data Veracity search page.

Resolution

The note for unsupported data types for Data Veracity has now been added into the other parts of the documentation for Data Veracity. Namely in the filter, repair and data masking pages.

Description

When using the SFTP Collection Agent, the configured Sort Order criteria is not applied to subfolders when the SFTP collection agent setting is as follows: The Include Subfolder option under the Source tab is selected and the Enable Sort Order option under the Sort Order tab is selected and the specified Directory contains only the specified subfolder. The SFTP collection workflow run is expected to abort when the subfolder does not meet the Sort Order criteri. Instead, the workflow runs successfully without any error.

Resolution

This is fixed so that Sort Order criteria is applied when there is only 1 subfolder within the specified directory.

Description

Newer versions of bndlib has been released that we should upgrade to.

Resolution

bndlib has now been updated to 6.3.1.

Description

Despite Couchbase storage not being supported by batch workflows, Couchbase properties are still being displayed when configuring the Aggregation profile.

Resolution

Couchbase properties will not be displayed during configuration unless it is a real-time workflow.

Description

If a workflow stop fails, the workflow state may get into an unrecoverable state. It will then be running and can not be stopped unless the Execution Context is restarted.

Resolution

A workflow stop command will now always attempt to stop the workflow, even if the stop signal has already been sent.

Description

WebSwing contains vulnerabilities ( CVE-2022-42920 , CVE-2022-3171 , CVE-2022-42003 and CVE-2022-42004 ).

Resolution

WebSwing has been upgraded to a non-vulnerable version.

Description

The Jackson libraries contain vulnerabilities ( CVE-2022-42003 and CVE-2022-42004 ).

Resolution

Jackson and Jackson-databind have been upgraded to a non-vulnerable version.{color}

Description

The CometD Library contain a vulnerability ( CVE-2022-24721 ).

Resolution

The CometD library have been upgraded to a non-vulnerable version.

Description

When udrDecode or udrEncode is called from the initialize block, certain references held as ThreadLocal values are not be released properly which can cause the system to run out of memory.

Resolution

The references stored as ThreadLocal values are now cleared properly and the system will release memory when the garbage collector is called by the jvm.

Description

APL and Java handle numeric values in a different manner. Inappropriate value operation can result in an overflow.

Resolution

The relevant documentation has been updated to reflect the differences between Java and APL.

Description

The SystemTask.Statistics_Cleaner_grp workflow group is not possible to import.

Resolution

The issue is resolved and the workflow group can now be imported.

Description

Incorrect SAP RFC Agent Preparation Documentation

Resolution

The correct information has been added to the Container section of the documentation with the common.java.library.path property.

Description

The SAP CC Online Agent Preparations documentation is incorrectly placed in the documentation and the list of libraries is missing _core_admin.jar_.

Resolution

This issue has now been fixed.

Description

In the System Exporter UI, select a config that has circular reference by another config, StackOverflowError exception was thrown.

Resolution

This issue is fixed. Circular dependencies can now selected.

Description

Despite configuring _mz.name_ in the _install.xml_ file, the value doesn’t reflect in the _cell.conf_ file post installation.

Resolution

This issue is fixed. _mz.name_ value should now be populated correctly in _cell.conf_.

Description

When upgrading from MZ8 to MZ9, the ECs would start with errors.

Resolution

The issue has been fixed and the ECs start without any error.

Description

When user has failed to delete Data Veracity filter, there was error notification, however the error message did not contain any helpful information.

Resolution

When user fail to delete a Data Veracity filter, error notification will now contain useful information for user to troubleshoot further.

Description

The upgrade instructions for the Platform Container were not complete.

Resolution

The documentation is now updated under section [https://infozone.atlassian.net/wiki/spaces/MD9/pages/4849779/Upgrade+Platform+Container|https://infozone.atlassian.net/wiki/spaces/MD9/pages/4849779/Upgrade+Platform+Container|smart-link] .

Description

If MZ8.x platform has enabled property mz.security.user.password.reset.enabled, during MZ9 upgrade it failed due to incorrect password state was migrated.

Resolution

This issue is fixed. Platform should be upgraded successfully when mz.security.user.password.reset.enabled is set.

Description

3pp libraries using multi-version packaged jars could not be used. This was with the SAP HANA JDBC driver, which made it impossible to use the _Try connection_ button in the Database profile.

Resolution

Multi-version jars, including the SAP HAN JDBC driver, can now be used.

Description

When enabled external reference on REST Client, validation error was thrown even though the reference value are set correctly.

Resolution

This issue is fixed. External reference should now work on REST Client.

Description

When using the 5G profile with http2 agents, there were some inconsistent behaviour relating to the heartbeat timer, custom specification and response handling.

Resolution

We enhanced the 5G Profile and its response handling behaviour when used with the http2 agents to be more in line with details stated in the 3GPP documentation.

Description

Sometimes in the Conditional Trace UI, both the _Start_ and _Stop_ buttons may be disabled.

Resolution

The issue has now been corrected so that the _Start_ and _Stop_ buttons are always enabled depending on whether a trace is running.

Description

Conditional Trace UI may not correctly update the displayed parameters for the selected Trace Template.

Resolution

The issue has been fixed.

Description

When stored UDRs from earlier versions of MediationZone are deserialized, you may get a ClassCast Exception.

Resolution

This problem has now been fixed and deserialization should work as intended.

Description

During the upgrade from mz8.3 to mz9.0.0.0, _auth.properties_ failed to update into _mzdb_ if the table is empty.

Resolution

Add a checking if the table is empty skip the update, and proceed to insert into _mzdb_.

Description

The information about how to install the desktop or legacy desktop once the upgrade is done was missing from the documentation.

Resolution

The Post Upgrade section of the documentation is now updated with the relevant links.

Description

Legacy desktop launcher will not work with OpenJDK 17.

Resolution

This issue is fixed. Legacy desktop launcher is now compatible with the most recent JDK version.

Description

If system insight is enabled in the MZ 8.x installation by the property “mz.system.insight” being set, then upgrade to MZ 9.0 will fail. The system will not start up since the system insight packages are no longer available.

Resolution

The issue has now been fixed and the property will have no effect in the MZ 9 system after upgrade.

Description

Deadlock occurs in the SAP JCO RFC agent when the user stops the workflow whenever the UDR queue is full of UDRs.

Resolution

Removed lengthy loop logic waiting for the UDR queue to become empty when the user stops the workflow. Removed lengthy loop logic waiting for the RFCExecutor Thread to complete when the user stops the workflow. Added a try-catch handler for InteruptedException to exit the RFCExecutor Thread when the user stops the workflow

Description

Missing information on database related settings in the Upgrade Preparations document.

Resolution

The missing information is now updated in the document.

Description

In previous versions of MediationZone, some administrative commands were exposed to all users. This could potentially lead an unauthorized user to obtain information about the system.

Resolution

The verification of access rights has been fixed and sensitive commands are exposed only to authorized users as per design. Additionally, the interactive mode has been removed from mzsh.

Description

When receiving answers of timed out requests, the Diameter stack log one line for ever message. This can cause very excessive logging in some situations which can impact performance.

Resolution

When there many log messages like this, the logging is now throttled to a reasonable level

Description

When UDRs are generated from the Open API schema specification file, certain UDR fields used in the response body are marked as read-only. In some cases, the HTTP2 Server agent needs to initialize and set those fields to generate a proper response.

Resolution

Added a checkbox in the Open API profile to allow users to have the option to ignore the read-only tag for the selected schema specification file.

Description

Navigating system exporter back and forth cause UI pico out of memory when the system has a lot of configurations.

Resolution

System exporter memory leak issue has been fixed.

Description

When running really large UDR through a workflow, the Encoder may not have capacity enough and throw an error.

Resolution

The Encoder has now been redesigned to allow larger UDRs and the the problem with processing large amounts of data is fixed.

Description

The Subscription Client ID for the JMS Collector agent will fail the workflow validation although the field is optional as mentioned in the documentation.

Resolution

The Subscription Client ID Field is removed from the validation list.

Description

Specific fields or configuration save states are lost when importing the SQL forwarder from MediationZone 8.x to MediationZone 9.x.

Resolution

Added logic to handle imports from MZ 8.x to MZ 9.x.

Description

Certain fields or config save state is lost when importing the Open API Profile from MZ 8.x to MZ 9.x

Resolution

Add logic to handle imports from MZ 8.x to MZ 9.x

Description

When editing a workflow using Workflow Editor, an exception can be thrown.

Resolution

The issue has been fixed.

Description

The database forwarding agent was using two obsolete methods for Oracle's batch update functions. This causes performance issues when running toward Oracle 19c.

Resolution

The function calls have now been updated to no longer use deprecated implementations of the JDBC driver.

Description

Unsupported data types like Map and List are selectable in Data Veracity Restricted Field Edit/New dialog.

Resolution

Unsupported data types are hidden from a user in Data Veracity Restricted Field Edit/New dialog.

Description

The existing Data Veracity Search page has no option for Save New and Update. Users can only load a saved filter and modify the queries.

Resolution

This has been fixed by adding two new options added to Save, namely Save New and Update, allowing the user to save as new or update existing.

Description

5G Profile and workflows exported from MediationZone 8 not compatible with Private Edition and MediationZone 9. Some fields in the 5G Profile and workflow instance table columns have gone missing when imported into PE and MZ9.

Resolution

Some fields in the 5G Profile and some fields in the workflow instance table column exported from MZ8 are given special handling when being imported into PE and MZ9.

Description

Sometimes workflow packages with long names would exceed the DB column limit of 64 characters for the workflow key. This would break the workflow handling.

Resolution

This issue has been fixed by adding a character limit check to workflow packages. Validation has been added to the export of workflow packages to prevent this from happening. A (dynamic) limit has been added to the workflow package name. This limit is dynamic and not a “hard” limit because the key itself is comprised of other dynamic parts besides the workflow package name, such as version, system name, and instance ID.

Description

The references to “mzsh keytool” are no longer valid.

Resolution

Documentation has been updated to replace these references with valid information on creating Keystore.

Description

The link to the Legacy Desktop section in the user documentation is broken.

Resolution

The link has now been fixed and points to the right place.

Description

Web Desktop installation documentation had instances of service context and some extraneous information.

Resolution

The documentation is now updated accordingly.

Description

CVEs detected in multiple Netty and JSON libraries used by Google Cloud components.

Resolution

The Netty and JSON libraries have now been upgraded and the vulnerability is mitigated.

Description

When a configuration with multiple dependencies is selected, unchecking one of the dependencies will still show the correct result. However, after an export is performed, some configurations that are selected are missing from the export file.

Resolution

This issue is fixed, the configuration dependencies are now exported as expected.

Description

It was not possible to install and run MZ with other username on JDBC user or pg.owner than the default ones.

Resolution

It is now possible to have other names for Postgres users.

Description

The current documentation does not mention Linux distributions required for Java installation.

Resolution

The ‘Operating Systems’ documentation in Infozone is now updated with the Linux versions supported for different Java versions.

Description

The install and upgrade notes contain unclear information of all properties in the install.xml.

Resolution

The documentation is updated with the information for all properties, including database related properties.

Description

MediationZone only calls the JDBC driver’s getErrorCode() method to retrieve the error code. It works for other databases except for PostgreSQL because the JDBC driver of PostgreSQL returns error codes in getSQLState(), not getErrorCode().

Resolution

If MediationZone is connected to a PostgreSQL database, the error code is retrieved via the JDBC driver’s getSQLState() method. The value is then set to the newly introduced “sqlState” property of DBErrorUDR which can be accessed from the APL code by calling DBErrorUDR.SqlState.

Description

Event notification for workflow state provides workflow group name ‘null’ for WF state ‘Waiting’ instead of the correct Workflow Group name.

Resolution

The group field is now set in the event when the workflow has been scheduled by a Workflow Group.

Description

When you have a realtime workflow with the Order Service configured as a workflow service, then no routing of bytearray data will work. This means for example that some agents such as the Encoder Agent are unusable.

Resolution

Now bytearray data is routed normally, even if the Order Service is enabled.

Description

A ClassNotFoundException is seen in the EC log when an HTTP2 server/client workflow run with OpenAPI Profile contains schema type Array.

Resolution

A checking mechanism for any OpenAPI scheme type before trying to retrieve its runtime class has been added to avoid retrieving runtime class of schema type Array.

Description

When using HTTPS, the APL plugin fails if the “https.apl.keystore_location” property has not been set. This property is not required unless the server requires 2-way authentication.

Resolution

If the properties are provided, they will be used. Otherwise, it will be ignored.

Description

The list of registered files that are used to check for duplication never gets updated. As the number of files to be collected is greater than the file list size, the Duplicate Filter fails to detect the files that have been collected in the previous workflow runs.

Resolution

Whenever new files are collected, the list of registered files must be updated to the most recent set of files dynamically. Hence the Duplicate Filter will be able to work correctly even if the number of files to be collected is greater than the file list size.

Description

Open API Schema objects using the discriminator keyword are not validated correctly during processing.

Resolution

Support for schemas containing the discriminator keyword has now been added.

Description

No validation done on container name during installation which will cause issues in retrieving the state of its picos.

Resolution

Add missing container name validation.

Description

In the documentation, there are several incorrect information on the Execution Container upgrade section.

Resolution

The issues have now been corrected in the documentation.

Description

When using the Amazon profile with IAM Role Selection it is not possible to access the AWS Bucket.

Resolution

This problem has now been fixed and AWS Buckets can be accessed when using IAM Role Selection.

Description

When the login user does not belong to the Administrator group, Vaadin System Exporter fails to load the page.

Resolution

This issue is resolved. The System Exporter page should now load properly.

Description

After upgrading from mz8.x to mz9.x in the Swing Desktop, the access groups created in mz8 are present but lack the execute/write permissions that were originally assigned.

Resolution

To optimize the time and technical effort, we have implemented a workaround by updating the documentation. It is now imperative to export users and access groups in the access controller before the upgrade and re-import them afterward.

Description

Description: The schema name's first character must be capitalized for the OpenAPI profile to work on the HTTP2 Client Agent. Resolution : Using lowercase for the schema name's first character is now allowed.

Resolution

Description

When restarting the platform during heavy execution, it is possible to end up in a scenario with several workflow server state threads spawning. This is not intended and may, in some cases, lead to resource starvation on the platform making the system unresponsive.

Resolution

The underlying issue has been fixed by introducing thread synchronization measures to critical parts of the workflow server startup code.

Description

The Apache Commons library contains a vulnerability (CVE-2023-34411).

Resolution

Apache Commons has been upgraded to a version where this vulnerability does not exist.

Description

When the SAP JCO Agent trace level is set to 8 or above, it will try to retrieve the session attributes to be output. This will cause a runtime exception if the session has not been initialized.

Resolution

A check to initialize a session, if it is not already initialized has been added in situation where the session attributes need to be read.

Description

When UDRs are generated from the Open API schema specification file, certain UDR fields used in the response body are marked as read-only. In some cases, the HTTP2 Server agent needs to initialize and set those fields to generate a proper response.

Resolution

Added a checkbox in the Open API profile to allow users to have the option to ignore the read-only tag for the selected schema specification file.

Description

When saving an invalid Vaadin OpenAPI profile it will be displayed as valid.

Resolution

This problem has now been fixed, and the correct status will be displayed when saving an OpenAPI profile.

Description

When upgrading to MediationZone 9 and the system database is SAP Hana, the install.xml generates some incorrect values.

Resolution

The values, install.admin.password, mz.jdbc.user, mz.jdbc.password, mz.jdbc.url, install.db.jdbc.user, install.db.jdbc.password, install.sap.ssl.encrypt, are now correctly updated from the old installation.

Description

The Ultra Format Converter does not inform the user when trying to add a duplicate key in the default value list of a UDR.

Resolution

This has been fixed by displaying a validation error pop-up with an appropriate message in case the user tries to add a duplicate key in the default value list of a UDR.

Description

The HTTP2 RequestCycle UDR only allows single value parameters even though the OpenAPI 3.0 spec allows multi-value parameters.

Resolution

A new field named “multiValuedParameters” which is of type Map<String, List<String>> has now been added to the HTTP2 Client RequestCycleUDR to support the addition of multi-value parameters. For backward compatibility and usage of the new field, see the user documentation of the HTTP2 Client RequestCycleUDR.

Description

When running a new platform installation, the installation process does not prompt for new admin password although the install.security was set to true in the install.xml.

Resolution

This issue is fixed, the installation process will now prompt for new admin password when install.security is set to true.

Description

If the Open API profile has an invalid yaml file, it becomes invalid when saved because some inner schema name under Properties contain invalid characters.

Resolution

This problem has now been fixed by adding a validation step for inner schema name under Properties. The validation dialog will be displayed to inform the user whenever invalid characters are detected.

Description

Removal of the ‘Branding’ entry from SDR caused the display of the wrong name and version on the Desktop.

Resolution

This is fixed now by adding a logic to check the product name and rebrand it accordingly.

Description

A vulnerability was detected in the version of clojure used.

Resolution

This is fixed now by upgrading Clojure.

Description

The Avro library included with the Ultra Avro support package is impacted by the vulnerability CVE-2023-39410. This could allow for Denial of Service attacks by manipulating the input data.

Resolution

Avro has been upgraded.