Contents x
    2021.12.16 Release Notes
    • 28 Jan 2022
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    2021.12.16 Release Notes

    • Updated on 28 Jan 2022
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    2021.12.16 Release Notes

    Product Features and Enhancements

    Reference Number(s)SummaryComponents
    RIC-772Web SecurityWeb Security
     RIC-648OSS Security VulnerabilitiesSecurity Vulnerability
      RIC-647CVE-2017-5662 XML External Entity (XXE) InjectionSecurity Vulnerability
      RIC-646CVE-2021-28170 Improper Input ValidationSecurity Vulnerability
      RIC-645CVE-2021-41079 Denial of Service (DoS)Security Vulnerability
      RIC-644CVE-2020-28491 Denial of Service (DoS)Security Vulnerability
      RIC-643CVE-2020-13954 Cross-site Scripting (XSS)Security Vulnerability
      RIC-642CVE-2020-25638 SQL InjectionSecurity Vulnerability
      RIC-641[CVE-2016-1000031] Arbitrary Code ExecutionSecurity Vulnerability
    RIC-773SSO PortalSSO Portal
     RIC-599SSO Portal EnhancementsSSO Portal
      RIC-701Add Application Search to SSO Portal Home Page [BE]SSO Portal
      RIC-607Drag and drop applications in Persona ConfigurationSSO Portal
      RIC-606Launch applications from App Directory via single-clickSSO Portal
      RIC-604Add sort to application list in persona configSSO Portal
      RIC-602Add Application Search to SSO Portal Home PageSSO Portal
    RIC-838Studio JobsStudio
     RIC-412Higher-level Studio Job OrchestrationStudio
      RIC-428Decrease Job Runtime and Other Job Speed ImprovementsStudio
    RIC-491Studio ImprovementsStudio
     RIC-409Update Studio Application Look and feelStudio
      RIC-675Grey out Access Group list and add access group button when unrestricted access is enabledStudio
      RIC-670Remove title from pagesStudio
      RIC-669Use Chips for Linked SSO Apps Studio
      RIC-664Change Font from 'Roboto' to 'Inter'Studio

    Feature Improvements

    Reference Number(s)SummaryComponents
    RIC-632InCommon: Add timestamp to the date provided by Metadata RefreshInCommon
    RIC-659UI: Handle locale sortingRIC
    RIC-733BE: Improve GAL item validationGAL

    Resolved Issues

    Reference Number(s)SummaryComponents
    RIC-772Web SecurityWeb Security
     RIC-648OSS Security VulnerabilitiesSecurity Vulnerability
      RIC-759CVE-2019-17195: nimbus-jose-jwt information disclosureSecurity Vulnerability
      RIC-745CVE-2013-5960: OWASP ESAPI MAC Validation BypassSecurity Vulnerability
      RIC-744CVE-2019-17195: nimbus-jose-jwt improper check for unusual conditionsSecurity Vulnerability
      RIC-742CVE-2020-13956: Apache HTTP Components Improper Input ValidationSecurity Vulnerability
      RIC-741CVE-2020-28052: Bouncy Castle Comparison Using Wrong FactorsSecurity Vulnerability
      RIC-740CVE-2021-22118: Spring Framework Privilege EscalationSecurity Vulnerability
      RIC-739CWE-20: Logback insufficient hostname verificationSecurity Vulnerability
      RIC-738CVE-2020-8908: Guava information disclosureSecurity Vulnerability
      RIC-737CVE-2021-29425: Commons-IO directory traversalSecurity Vulnerability
    RIC-627Handle sorting on BE application-wideSorting
    RIC-629Can't Clear out 'DATE' attribute from delegation profilesPeople
    RIC-631Update Profile Date attribute to not have a valueDelegations
    RIC-658httpDELETE action should accept a request bodyConnect
    RIC-660History diff does not show new input parameter configurationConnect
    RIC-661On openLDAP servers, the Advanced Search Tool dropdown doesn't display all searchable options.Search
    RIC-662People: Change Password confirmation has unneeded "Save" buttonPeople
    RIC-691Permission errors in new architecture do not prevent loadingPortal
    RIC-727IDP Challenge Question Setup: Weird "X" image being used, different than before.IDP
    RIC-729People: Sponsored accounts failing to loadPeople
    RIC-732UI: Correctly handle type params for GAL itemsGAL
    RIC-754UI: need to URL encode path and query params for Connect file actionsConnect, Files
    RIC-763Studio Double sidebar when leaving an application via breadcrumb with unsaved changes.Studio
    RIC-765Studio: Credential type dropdown not updating title to chosen type - only in Firefox.Studio
    RIC-784Cleanup locale sortingConnect
    RIC-806SMS incorrectly prepends dial prefix to numbers that already have a + codeAuthentication
    RIC-809IDaaS: SMS ConfigurationConfiguration, SMS
    RIC-810Tenant Admin cannot update dialPrefixConfiguration, SMS


    Updated on Thu Jan 27 2022 08:02:13 GMT-0500 (Eastern Standard Time)

    Was this article helpful?
    What's Next
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence