Bug Fixes (2.1.1)

2.1.1

Version	Case ID	Internal ID	Components	Summary
2.1.1	32586	XE-6533	Access Control	Workflow User Permission Is Not Working on MZ Online Description User without execute permission in Workflow still able to view and execute the workflow on MZOnline. Resolution Permissions have now been added in MZOnline for configuring that a user without execution permission in Workflow would not able to access workflow.
2.1.1		XE-6558	Core	Database Connection Pool Size Has No Strict Maximum Limit Description When configuring the pool size of a database used in a workflow, the execution context creates additional temporary connections even if a maximum limit is specified. Resolution A new system property connectionpool.strict.pool.size has been added which will turn the database connection pool into a Blocking Queue implementation with a strict maximum limit.
2.1.1		XE-6771	Ultra	Problems with udrDecode and udrEncode APL Functions Description The {{udrDecode}} and {{udrEncode}} commands have a number of problems introduced in Usage Engine PE 2.1.0 due to thread model changes. {{udrDecode}} can cause memory leaks when used in the {{initialize}} block and {{udrEncode}} can somtimes cause workflow aborts when used in standalone workflows. Resolution The implementation of the udrDecode and {{udrEncode}} commands has now been revised and the detected problems fixed.
2.1.1	32356	XE-6624	MZSH	Logging Level Does Not Work as Expected in ConnectionFactoryHelper Class Description In the class ConnectionFactoryHelper, changing the logging level does not stop you from getting a specific log message even when the logging level is not critical. Resolution Logger in ConnectionFactoryHelper is fixed.
2.1.1		XE-6642	Docker	nginx Vulnerability Description A vulnerability was detected in the nginx version. Resolution The nginx version has now bee upgraded and the vulnerability removed.
2.1.1		XE-6699	Operator	Golang Vulnerability Description A vulnerability was detected in the Golang version. Resolution The Golang version has now bee upgraded and the vulnerability removed.
2.1.1	33128	XE-6732	Aggregation Inspector	Aggregation Sessions for Aggregation Profile Using External References Not Displayed in Inspector Description If an aggregation profile has storage path configured with external reference, then session inspector is not showing contents of that aggregation storage. Resolution Function reading aggregation profile configuration for session inspector was changed to the one handling external references properly.
2.1.1		XE-6570	MZOnline	Link to Kubernets Dashboard Broken Description When clicking on the Kubernetes Dashboard in MZOnline, you are redirected back to the login page, even though when entering the URL to the dashboard directly, you are directed to the right location. Resolution This problem has now been fixed, and clicking on Kubernetes Dashboard will take you to the right location.
2.1.1	32923	XE-6697	Aggregation Inspector	Changing EC Execution of the Workflow Results in Incorrect Session Count Description If the Platform and ECs do not share the storage, then the session count will be incorrect after changing the ec for the profile. Resolution Property {{mz.aggregation.storage.file.shared}} for every EC needs to be set to false . Also aggregation session lock mechanism is fixed for profile with separate storage per workflow settings.
2.1.1	32942	XE-6661	External References	Users Without Read/Write Permissions Can Edit and Save External Reference Profiles Description When working in MZOnline, users that are in groups without read or write permission are still able to edit and save External Reference profiles, while in Desktop this is not possible. Resolution This has now been fixed and users without read or write permission cannot edit and save External Reference profiles in MZOnline or Desktop.
2.1.1	32219	XE-6545	Access Control	Auto Unlock User Account Feature Broken Description When using the auto unlock feature for users, a locked user account is still not unlocked after the stated number of minutes. Resolution This problem has not been fixed and a locked user account is automatically unlocked after the stated number of minutes.

2.1.0

Version	Case ID	Internal ID	Components	Summary
2.1.0	32133	XE-6351	Desktop Launcher	Detected Vulnerabilities Description A number of vulnerabilities were detected. Resolution The following fixes have now been made: * X-Frame-Options header included in the HTTP response to prevent ClickJacking attacks * Anti-MIME-Sniffing header X-Content-Type-Options set to 'nosniff' to prevent older versions of Explorer and Chrome to sniff MIME sniffing on the response body * Signing of Desktop Launcher * Upgrading of 3pps
2.1.0	31446	XE-6222	Data Veracity	Export/import of Dataveracity Masked Fields not Possible Description When using data masking with data veracity it is not possible to export the configured masked fields when performing a configuration export. Resolution This has now been fixed, and it is possible to export and import the Dataveracity masked fields.
2.1.0	31110	XE-5970	Security	OS Vulnerability in Docker Images Description A vulnerability was detected in the OS in the Docker images. Resolution This issue has now been fixed and the vulnerability removed.
2.1.0	30875	XE-5920	Logging	Log Forwarding Does not Forward Group Message Description When using log forwarding, group messages are not forwarded. Resolution This problem has now been fixed and group messages are forwarded.
2.1.0	30262 26077	XE-5645	UDR File Editor	UDR File Editor Open Dialog Shows Incorrect Button Text Description When you click Open to select UDR file, the button shows as Save instead of Open. Resolution This issue is fixed, and the button shows the text Open.
2.1.0	29494	XE-5631	5G Profile	Encoded Null Nested Values In 5G Profile Description 5G profiles containing null nested values, encoded and sent in HTTP2 requests will result in bad requests being returned as response. Resolution Null nested values in the 5G profile are no longer included in the encoded value that is sent in HTTP2 requests.
2.1.0	29505	XE-5558	IBM MQ	Host and Port Fields not Set Correctly in IBM MQ UDR Description Setting the fields host and port in the MQQueueManagerInfo UDR does not work as expected. Resolution This has now been fixed, and configuration of the host and port fields will work as intended.
2.1.0	30425	XE-5713	Installation Documentation	Recommendations when Bootstrapping System Certificates and Secrets for Private Cloud Description During the TLS certificate provision, when the keystore is stored in a Kubernetes Secret, it is a common misconception that the platform.tls.key and platform.tls.key.alias in the values.yaml are to be removed/commented considering they might be used for the disk based keystore. Resolution Do not remove/comment the platform.tls.key and platform.tls.key.alias fields in the values.yaml file. This issue is fixed by providing a note on InfoZone to inform the user about the same.
2.1.0	32222	XE-6394	Data Veracity	Data Veracity View UDR Nested UDR Value is not Masked Description When there is a nested UDR, the masking fields will not work and will display the nested UDR value. Resolution To properly mask the nested UDR, a refactor will be required on the backend code. As of now a workaround is provided where you will have to declare the nested UDR fields in the parent UDR itself when choosing the fields to data mask.
2.1.0		XE-5936	Workflow Packages	Workflow Packages do not Work for Batch Workflows Description Workflow package sometimes aborts trying to find decoder outside the package. Resolution This has now been fixed, so workflow packaged supports both batch and realtime workflows.
2.1.0		XE-5802	APL	udrEncode and udrDecode Functions are Single Threaded Description The two APL functions udrDecode and udrEncode are single threaded which can cause performance issues. Resolution The implementation has been updated to use thread local decoders and encoders to avoid this problem.Note This fix takes effect when the workflow is saved or configuration implementations are regenerated by using the "regenerateconfigs" mzsh command.
2.1.0		XE-4400	mzcli	Group Information from mzcli Description The two APL functions udrDecode and udrEncode are single threaded which can cause performance issues. Resolution The Group information from mzcli has changed its format so the output says Enabled/Disabled instead. You can also see a list with all the members of a group.
2.1.0		XE-6001	Postgres	Postgres Vulnerability Description A vulnerability was detected in the Postgres version used. Resolution Postgres has now been updated and the vulnerability removed.
2.1.0		XE-5980	Kubernetes	Platform not Shutdown Gracefully Description The entrypoint for the platform pod has no sigterm handling which means the platform will not gracefully terminate when the pod is deleted. This could lead to resources not being released properly, files not being synced and other non-deterministic effects. Resolution This problem has now been fixed, and a sigterm handler has been added in the entrypoint.sh.
2.1.0		XE-4988	Aggregation MZOnline	Aggregation Session Records Are Not Deleted From The Web Interface Description A prompt with a warning that the Aggregation Profile is locked will occur when you try to delete a single aggregation session or when using the Delete All function. Resolution The issue is due to an incorrect handling on the backend code for the aggregation session storage. With a better handling now in place, you can delete the aggregation session once more.
2.1.0	30719	XE-5895	HTTP/2	HTTP/2 Server Agent Produces Incorrect Decoding Issues Description When the HTTP/2 Server agent is included in a workflow that also contains the HTTP/2 Client agent, the HTTP/2 Server agent produces incorrect decoding issues which do not appear if the same payload is run in the workflow after the HTTP/2 Client agent has been removed. Resolution This problem has now been fixed and the HTTP/2 Server agent decoding provides the same result regardless of the presence of the HTTP/2 Client agent.

2.0.x

Bug Fixes for 2.0.x Releases

2.0.3

Version	Case ID	Internal ID	Components	Summary
2.0.3		XE-6278	Web Desktop	Java Version for Web Desktop Needs to be Upgraded Description The Web Desktop is still running on Java 11 while other images use Java 17. Resolution OpenJDK has now been upgraded to support Java 17 in Web Desktop.
2.0.3	31983	XE-6277	Docker	OpenJDK Vulnerability Description A vulnerability was detected in the OpenJDK version. Resolution The OpenJDK version has now bee upgraded and the vulnerability removed.
2.0.3		XE-6325	Core	esapi Vulnerability Description A vulnerability was detected in the esapi version. Resolution The esapi version has now bee upgraded and the vulnerability removed.
2.0.3	31960	XE-6268	System Log	Syslog Collection Agent does not Handle non-ASCII Messages Correctly Description The Syslog Collection Agent does not handle character encodings as described in RFC5424 correctly. Resolution The agent now decodes UTF-8 encoded messages correctly.

2.0.2

Version	Case ID	Internal ID	Components	Summary
2.0.2		XE-6217	Aggregation Couchbase	Old Couchbase Profile Fails Description New couchbase properties cause Aggregation agent to fail if using an older Couchbase profile. Resolution This problem has now been fixed, a warning is written in the execution context log, and default values will be used during execution.
2.0.2	31761	XE-6214	Web Desktop	Go Vulnerability Description A vulnerability was detected in the Go version. Resolution The Go version has now bee upgraded and the vulnerability removed.
2.0.2		XE-5999	Liquibase	Liquibase Vulnerability Description A vulnerability was detected in the Liquibase version. Resolution The Liquibase version has now bee upgraded and the vulnerability removed.
2.0.2		XE-6218	Couchbase	Issues When Using Parametrization in Couchbase Profile Description When using parametrized in a Couchbase profile, passwords need to be written in clear text, and it is not possible to use External References and parametrization at the same time in a Couchbase profile. Resolution These issues have now been solved, and passwords need to be encrypted, and it is possible to use external references and parametrization in combination in a Couchbase profile.

2.0.1

Version	Case ID	Internal ID	Components	Summary
2.0.1	30875	XE-5920	Logging	Log Forwarding Does not Forward Group Messages Description When using log forwarding, group messages are not forwarded. Resolution This problem has now been fixed and group messages are forwarded.
2.0.1		XE-5776	Logging	Couchbase Profile Does not Support Parametrization Description When using the Couchbase profile it was not possible to set parameters for values in the Connectivity and Management tabs. Resolution This has been fixed and parametrization can be used in the Couchbase profile.
2.0.1	29576	XE-5760	Helm	Resources Cannot be Configured for Init Containers Description It is not possible to configure limits and requests for CPU and Memory resources in the values. yaml file for the initial container. Resolution This has now been fixed and Kubernetes resources can be configured for the platform and mzonline init containers. Please refer to the platform.init.resources and mzonline.initMyservice.resources values in the Usage Engine Private Edition helm chart for details.This has been fixed and parametrization can be used in the Couchbase profile.
2.0.1		XE-5060	ECDeployments MZOnline	Adding Custom Metrics Breaks ECDeployment Description The ECD wizard breaks when adding custom metrics. Resolution This issue has now been fixed and custom metrics can be added without breaking the UI.
2.0.1		XE-3820	Web Desktop	WebDesktop Allows HTTP Traffic When TLS is Enabled Description When using the Web Desktop, HTTP is still allowed after TLS has been enabled. Resolution This problem has now been fixed, and when TLS is enabled only HTTPS traffic is allowed when using the Web Desktop.
2.0.1	30832	XE-5844	HTTP/2	Http2 Server Agent Incorrectly Returns a RequestCycleUDR with Errors Description When the http2 server agent is used without OpenAPI profile enabled, the RequestCycleUDR returned will contain schema not found error message and the isError flag set to true. Resolution Fix the backend logic for the server to handle requests properly when OpenAPI profile is disabled. Also fixed the error messages wording to be more clear.
2.0.1		XE-5937	Azure	Jackson Vulnerability Description A vulnerability was detected in the Jackson version. Resolution The Jackson version has now bee upgraded and the vulnerability removed.
2.0.1		XE-6001	Postgres	Postgres Vulnerability Description A vulnerability was detected in the Postgres version used. Resolution Postgres has now been updated and the vulnerability removed.
2.0.1	31425	XE-6075	Helm	Helm Chart Enhancements for AWS Description Some configurations were not possible to make in the helm charts. Resolution The following enhancements have been made to the helm chart: * It is now possible to configure the region that the Kubernetes cluster belongs to. Meaning that the url:s used by the Usage Engine specific Kubernetes resources will automatically contain the correct region. This is done via the global.region value. * It is now possible to configure the annotations applied to the ingress-alb Ingress and and the platform Service resources. This is done via the aws.ingress.metadata.annotations and the aws.platform.service.metadata.annotations values respectively. If there is a need to exclude a default annotation for one reason or another, this can be done via the aws.excludeDefaultAnnotations value. See the values file for further details.
2.0.1		XE-6096	System Log	Log Forwarding Does not Forward Full Information to Syslog Description When using log forwarding to the Syslog collection agent, the full information visible in the System Log is not included. Resolution This problem has now been fixed, and the information sent to the Syslog agent is the same as in the System Log.
2.0.1		XE-5970	Security	OS Vulnerability in Docker Images Description A vulnerability was detected in the OS in the Docker images. Resolution This issue has now been fixed and the vulnerability removed.
2.0.1		XE-5532	Operator	Unnecessary ECD Restarts Description When updating a WFG in an ECD, the ECD is unnecessarily restarted. Resolution This problem has now been fixed and the ECD will only be restarted when attributes that affect the ECD have been changed.
2.0.1		XE-5777	Couchbase	Support for Encrypted Port in Couchbase Profile Description It was not been possible to set the encryption port in the Couchbase profile. Resolution There is now support to set port numbers and to enable security in the Couchbase profile.

2.0.0

Version	Case ID	Internal ID	Components	Summary
2.0.0	30156	XE-5628	IBM MQ Documentation	Update Classpath Documentation for MQ Server and MQ Client Description For IBM MQ Server and IBM MQ Client, you need only one jar file and that must be installed from the mvn repository. Resolution The documentation now includes the updated jar file and the link from where the jar file can be downloaded from. It is recommended to use the jar version relevant to the MQ service that is being used.
2.0.0		XE-5531	Operator	Old and New Workflow Members Cannot be Mixed Description When mixing new and and existing workflow members in a workflow group in an ECD, the operator goes into an error loop. Resolution This problem has now been fixed.
2.0.0		XE-5504	HTTP/2	Monitoring Functionality Missing in HTTP/2 Client Description The HTTP/2 Client is missing the ability to monitor connection status. Resolution Monitoring connection status is now possible, and two new MIM parameters called Available Servers and Unreachable Servers have been added.
2.0.0		XE-5414	SFTP	SFTP key value not working in MZ10 workflow instance table Description When a user pastes the SFTP private key directly into the workflow table, the value is not readable by the system and the private key is shown as plain text. Resolution This problem has now been fixed. The private key can be entered by clicking on the button with the three dots in the Private Key field in the workflow table and pasting the key into the text area.
2.0.0		XE-5156	HTTP/2 Security Profile	Error While Importing Exports Including HTTP/2 Agents and Security Profile Description Some classes related to Security Profile, HTTP/2 Client, and Server have the wrong version ID. Because of that, importing exported workflows and configurations prepared in the MediationZone 8-track can lead to a faulty import. Resolution Version IDs are now correct and the import logic is improved to handle MediationZone 8 imports properly.
2.0.0		XE-4606	HTTP/2	APL httpRequest - PATCH Request Body not Supported Description While using the APL function httpRequest, the body of PATCH request is not supported. Resolution Support for PATCH request with body is now added.
2.0.0		XE-4905	mzcli User Management	mzcli Can Disable/Enable System Users Description When using mzcli it is possible to disable/enable the system admin users mzadmin and mzk8soperator. Resolution This problem has now been fixed.
2.0.0		XE-5386	Desktop Framework External References	Adding Keys for Empty Properties File in External References Generates Exception Description When configuring External References with a blank Properties File, and adding keys, you get an infinite exception. Resolution This problem has now been fixed, and you will not get an infinite exception.
2.0.0		XE-4420	Diameter Documentation	Information About Diameter in Kubernetes is Missing Description Instructions for how to handle Diameter in Kubernetes clusters is missing from the user documentation. Resolution This problem has now been fixed and this has been described.
2.0.0		XE-4923	PosgreSQL	Postgres Vulnerability Description A vulnerability was discovered in the PostgreSQL JDBC Driver. Resolution The driver has now been upgraded and the vulnerbility removed.
2.0.0		XE-4925	CXF	CXF Vulnerability Description A vulnerability was detected in the CXF version. Resolution CXF has now been upgraded and the vulnerability removed.
2.0.0		XE-5007	3pp	xmlsec Vulernability Description A vulnerability was detected in the xmlsec version. Resolution xmlsec has now been upgraded and the vulnerability removed.
2.0.0		XE-5413	ECS	Oracle Insert ECS_BATCH Has Incorrect Parameter Type Description The recently added insert_time parameter order messes with the errorudr parameter. Resolution The order has been corrected.
2.0.0		XE-5412	SAP CC	SAP CC Client Does Not Handle Failover Of Cluster Nodes Description When using SAPCC cluster if the first node in the profile gets a connection error then the rest of the clusters nodes fail to connect. This was due to an error a connection being cached and then checked if we had a connection. This lead to the application beveling it had a connection when it did not. Resolution Rebuild the connection logic to handle this case.
2.0.0		XE-5329	Access Control	User Group Logging Missing from System Log Description Details logging is missing for user groups add/remove. Resolution It is now have the details logging add/remove user group.
2.0.0		XE-5217	HTTP/2	HTTP/2 Server Unable to Retrieve Header Username of a Request Description The username in the header of a request to the HTTP/2 server could not be retrieved by the server. Resolution This problem is now fixed.
2.0.0		XE-5416	Workflow Bridge	Workflow Bridge in Batch Workflows can not Terminate Due to Deadlock Description Workflow bridge in batch workflows can not terminate due to deadlock, since disconnect is invoked twice. Resolution The extra disconnect is now removed.
2.0.0		XE-4702	ECDeployments	Incorrect ECD Patch Service Behavior Description When apply a service patch, the patch node port overrides the existing entries node port result in wrong behavior. Resolution This issue is fixed, the patch should only apply to the corresponding entry based on port number.