Description

When running the SFTP server with the default Maximum Asynchronous Requests from the SFTP collection agent, performance drops.

Resolution

It is now possible to configure Maximum Asynchronous Requests for SFT and SCP collection agents, which makes it possible to tune the workflow for maximum performance.

Description

EC Groups can be created in the web interface even though write permission has not been granted to the user.

Resolution

Write permission validation has now been added for creating, editing and deleting EC Groups.

Description

If a workflow group within another workflow group is configured with a prerequisite, it does not wait for the prerequisite workflow to finish.

Resolution

This problem has now been fixed.

Description

When collecting files with the SFTP collection agent, the workflow hangs if the client sends hundreds of requests which the server cannot handle.

Resolution

The 3pp used by the SFTP agents have been upgraded and the maximum number of requests to the server has been limited to 16.

Description

A NullPointerException is thrown when attempting to assign a null value to a primitive type of integer when trying to store the value to database.

Resolution

This problem has now been fixed, and a NullPointerException will not be thrown when assigning null values.

Description

An external reference value with escape characters, such as a new line, was literally taken, i.e. converted to a string as is when using External Reference Database or Kubernetes.

Resolution

Now the value field can contain a multi lined value. If escape characters are added these will be handled correct.

Description

The current limit of 1000 characters for an External Reference value is not enough to store values like private key.

Resolution

The limit has now been increased to 4000 characters.

Description

When a user that does not have a license for Data Veracity tries to open Workflow Properties, an error will be displayed.

Resolution

This issue has now bee fixed and users without Data Veracity licenses can open Workflow Properties.

Description

When trying to open the Salesforce agent in a workflow that was created in an earlier version, you get a Null Pointer Exception.

Resolution

This problem has now been fixed and workflows with Salesforce agents created in earlier versions of MediationZone can be opened without errors.

Description

When stored UDRs from earlier versions of MediationZone are deserialized, you may get a ClassCast Exception.

Resolution

This problem has now been fixed and deserialization should work as intended.

Description

The Apache Commons library contains a vulnerability (CVE-2023-24998).

Resolution

Apache Commons has been upgraded to a non-vulnerable version.

Description

The current default JVM args for the Platform: - XX:MaxDirectMemorySize=4096m 3 - XX:MaxMetaspaceSize=256m 4 - Xms256m 5 - Xmx512m is limiting and should be updated.

Resolution

The default values have now been updated to: - XX:MaxDirectMemorySize=4096m - XX:MaxMetaspaceSize=256m - Xms256m - Xmx512m

Description

The documentation regarding write locks for Aggregation is misleading regarding possible number of simultaneous locks.

Resolution

The documentation has now been updated to say that only one lock can exist in all bullet points in the Aggregation profile configuration description.

Description

Due to a previous bug fix, an exception is caused due to accessing an uninitialized list.

Resolution

This problem has now be sovled and a check for an empty null value of the list has been added.

Description

A CVE regarding goyaml, CVE-2022-28948, was detected in the operator.

Resolution

goyaml has now been upgraded and this vulnerability removed.

Description

Python vulnerabilities was detected in the Docker images.

Resolution

Python vulnerabilities was detected in the Docker images.

Description

A vulnerability was detected in the OS in the Docker images.

Resolution

This issue has now been fixed and the vulnerability removed.

Description

SCIM rest api does not handle Default Group. Incorrect information could be showed when get a user or group.

Resolution

Default group can now be added on POST, PUT, PATCH commands. Users and groups are always showing the correct information.

Description

SCIM rest api can not be used when parameter mz.security.user.restricted.login is set.

Resolution

SCIM can now be used with mz.security.user.restricted.login.

Description

It is not possible to use the PCC Proxy to access PCC REST APIs via the platform without setting up NodePort services for the EC web server, since you have to explicitly point out the EC host in the mz.pcc.restful.host property.

Resolution

The PCC proxy now dynamically detects registered clients. As long as you have any running ECD with PCC enabled no explicit configuration is needed.

Description

When encoding UDRs with the JsonEncodeUdr APL function, the UDRs containing field names starting with numbers or symbols are modified to satisfy Java class naming rules.

Resolution

Fix the encoding function to retain the original field name.

Description

When having a package image defined for an ECD, the check for existing workflows is done before docker init, and since it is the docker init that does the import in the CI/CD pipeline, the workflows will not be present when the check is done and the ECD will never startup and return a 404 error.

Resolution

This problem has now been fixed, and ECDs with package images start up as expected.

Description

Documentation for many System Tasks is missing.

Resolution

The documentation has now been updated to describe System Tasks.

Description

When updating the cache, the system tries to update all the classes referred in the Workflow package import irrespective of whether the referred classes may or may not be present/used in the packages.

Resolution

Skip unused/unavailable classes and type info during cache update.

Description

A CVE regarding Netty, CVE-2022-41881, was detected.

Resolution

Netty has now been upgraded and this vulnerability is removed.

Description

Apache CXF contains vulnerabilities (CVE-2022-46364 and CVE-2022-46363).

Resolution

Apache CXF have been upgraded to a non-vulnerable version.

Description

The Debian version used by the operator has now reached end of support and needs to be upgraded.

Resolution

The Debian version has now been upgraded to Debian 11.

Description

Some mzsh commands failures are not reported by the mzsh command line tool. Instead mzsh just silently fails, giving no feedback or error message.

Resolution

This problem has now been fixed and for any exceptions, an explicit message will be displayed.

Description

When using Data Veracity Masking, UDR List type fields can be selected for masking but the values are not masked in view UDR.

Resolution

This problem has now been fixed, and the selected UDR List fields are now masked.

Description

Commons-Net contain a vulnerability (CVE-2021-37533).

Resolution

Commons-net have been upgraded to a non-vulnerable version.

Description

When using the Http agents with Open API Profile, the agent does not handle requests that contains array schema properly and throws null pointer exception.

Resolution

This issue has now been fixed and the agent can handle requests with array schemas. Array schemas will be added to the open api class but will be skipped during decoding.

Description

A security vulnerability has been found in Netty versions 3.10.6.Final and 4.1.15.Final.

Resolution

Netty version is now upgraded to 4.1.73.Final to mitigate the reported vulnerability.

Description

Ultra doesn't support declaring bit_blocks in the prefix of a switched_set.

Resolution

Ultra has been updated to support bit_blocks in the prefix of a switched_set. The fields inside the bit_block can be used as any other field in the prefix.

Description

The "mzsh mzadmin/dr help user" command returns an output that does not corroborate with the information specified in the documentation. It describes that the "command" and "command options" are optional. Also, when running the command without any argument like "help", a long java.lang.IndexOutOfBoundsException error is displayed.

Resolution

The issue is fixed by specifying the format of the command to be used on the console. When entering the command without any arguments like help, an "Invalid command was entered" error is displayed along with information on how to use the command.

Description

Unable to decode Avro if boolean data types exist in the middle of field definition.

Resolution

Fixed the boolean decode with the correct offset reading.

Description

If session files are corrupted in file storage aggregation then validate storage should fix corrupted files. In some cases it does not work.

Resolution

Full (raw and decoded) file reading is implemented for validate storage to identify invalid sessions and remove it make the file valid.

Description

When LDAP is configured for an MZ instance, the mzsh command does not work for users belonging to multiple non-MZ groups.

Resolution

A filter has been added to check only for users from MZ groups.

Description

The Azure Libraries package contain a vulnerability (CVE-2022-31684).

Resolution

The Azure Libraries package have been upgraded to a non-vulnerable version.

Description

The version of Golang used within the Operator is vulnerable to multiple CVEs.

Resolution

The Operator have been patched to use Golang 1.19.3.

Description

When using Usage Engine Private Edition 2.3, it is not possible to use Redis as storage for PCC as described.

Resolution

This problem has now been fixed and Redis can be used as storage for PCC.

Description

The Postgres driver contain a vulnerability (CVE-2022-41946).

Resolution

The Postgres driver has been upgraded to a non-vulnerable version.

Description

We do not support List and Map types for Data Veracity filter, repair and data masking. The documentation only mentions this fact in the Data Veracity search page.

Resolution

The note for unsupported data types for Data Veracity has now been added into the other parts of the documentation for Data Veracity. Namely in the filter, repair and data masking pages.

Description

The startup time for the Platform and ECDs have increased gradually between the last three releases.

Resolution

This problem has now been addressed and the startup time reduced considerably.

Description

If there is a issue when fetching information about which EC group has been used with an Aggregation profile, the Aggregation Inspector returns an error instead of displaying information about any aggregation profiles that can be procured. This was caused by incorrect checking of EC group names by the Aggregation Inspector.

Resolution

The Aggregation Inspector code has been fixed to perform a proper search for EC groups that an Aggregation profile uses.

Description

JMX-exporter contains vulnerabilities (CVE-2022-38752).

Resolution

JMX-exporter have been upgraded to a non-vulnerable version.

Description

When using the SFTP Collection Agent, the configured Sort Order criteria is not applied to subfolders when the SFTP collection agent setting is as follow:Include Subfolder option under Source tab is selected andEnable Sort Order option under Sort Order tab is selected andthe specified Directory contains only 1 subfolder (the said subfolder)The SFTP collection workflow run is expected to abort when the said subfolder does not meet the Sort Order criteria but instead the workflow runs successfully without error.

Resolution

This is fixed so that Sort Order criteria is applied when there is only 1 subfolder within the specified Directory.

Description

Newer versions of bndlib has been released that we should upgrade to.

Resolution

bndlib has now been updated to 6.3.1.

Description

Postgres schema name may be something else other than username. When using Postgres DB with Data Veracity, it was not possible to edit table names in Data Veracity Profile to include schema name with a dot '.', e.g.: schemaName.dvTableName. Any dots in the specified table name simply gets replaced with underscores "_".

Resolution

This fix allows schema name to be specified for Data Veracity table names. Data Veracity interprets the portion of name before the 1st dot '.' as schema name.

Description

SAP CC Online agent ignored the timeout value.

Resolution

Revert the refactor implementation code, SAP CC Online agent timeout function is working as before.

Description

SFTP Collection agent displays an ugly path containing extra dot and slash in exception message.

Resolution

Before the program throws out an exception which displays an ugly path, it requires normalization to get rid of the unwanted dot and slash.

Description

Using relative paths on the Directory field in SFTP collection agent causes workflows to abort because the absolute path is constructed incorrectly.

Resolution

Avoid changing the the working directory as the program traverses into different folders and subfolders. Instead, construct the absolute path dynamically each time as it tries to find the list of files and folders available in the current folder.

Description

Despite Couchbase storage not being supported by batch workflows, the Couchbase properties were still displayed when configuring the Aggregation profile.

Resolution

Couchbase properties will not be displayed during configuration unless it is a real-time workflow.

Description

If a workflow stop fails, the workflow state may get into an unrecoverable state. It will then be Running and can not be stopped unless the Execution Context is restarted.

Resolution

A workflow stop command will now always attempt to stop the workflow, even if the stop signal has already been sent.

Description

WebSwing contains vulnerabilities (CVE-2022-42920, CVE-2022-3171, CVE-2022-42003 and CVE-2022-42004).

Resolution

WebSwing have been upgraded to a non-vulnerable version.

Description

The Jackson libraries contain vulnerabilities (CVE-2022-42003 and CVE-2022-42004).

Resolution

Jackson and Jackson-databind have been upgraded to a non-vulnerable version.

Description

The documentation for EC Properties was missing a database property, connectionpool.strict.pool.size.

Resolution

The missing parameter is now added to the Infozone under the section of EC properties.

Description

The CometD Library contain a vulnerability (CVE-2022-24721).

Resolution

The CometD library have been upgraded to a non-vulnerable version.

Description

Sometimes the ResponseBody of an kubernetes ApiException can be null, which results in a null pointer exception in the EC Deployment API.

Resolution

This problem has now been fixed and if the ResponseBody is null, an error message will be displayed.

Description

When user insert a wrong SAP CC login password, workflow can be start without abort, no authentication failed message at debug mode.

Resolution

When authentication failed it will immediately showing error and abort the workflow.

Description

The mzcli script is unable to substitute environment variables in a command.

Resolution

This issue has now been fixed and the environment variables are substituted successfully.